github/socket.io
1
1
Fork 0
mirror of https://github.com/socketio/socket.io.git synced 2026-04-30 03:00:39 -04:00
Code Issues Packages Projects Releases Wiki Activity
7,697 Commits 24 Branches 210 Tags
socket.io-parser@4.2.6
Commit Graph

7697 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
0a3b556de3 chore: bump path-parse from 1.0.6 to 1.0.7 (#108) 
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-17 07:18:40 +01:00
Gabba90
7f6b262ac8 fix: allow objects with a null prototype in binary packets (#114) 2022-02-17 07:18:11 +01:00
Jeffrey van Norden
a463d268ed fix(typings): allow CorsOptionsDelegate as cors options (#641) 
Reference: https://www.npmjs.com/package/cors#configuring-cors-asynchronously

Related: 54a59cd8f0
 2022-02-17 06:36:49 +01:00
dependabot[bot]
2b70ceee63 chore: bump ajv from 6.12.2 to 6.12.6 (#126) 
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.2 to 6.12.6.
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](https://github.com/ajv-validator/ajv/compare/v6.12.2...v6.12.6)

---
updated-dependencies:
- dependency-name: ajv
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-16 21:58:23 +01:00
dependabot[bot]
8e8346b706 chore: bump ajv from 6.12.2 to 6.12.6 (#115) 
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.12.2 to 6.12.6.
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](https://github.com/ajv-validator/ajv/compare/v6.12.2...v6.12.6)

---
updated-dependencies:
- dependency-name: ajv
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-16 21:57:15 +01:00
dependabot[bot]
00c673475a chore: bump ajv from 6.10.2 to 6.12.6 (#687) 
Bumps [ajv](https://github.com/ajv-validator/ajv) from 6.10.2 to 6.12.6.
- [Release notes](https://github.com/ajv-validator/ajv/releases)
- [Commits](https://github.com/ajv-validator/ajv/compare/v6.10.2...v6.12.6)

---
updated-dependencies:
- dependency-name: ajv
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-02-16 06:26:38 +01:00
Szegedi Ádám
2f96438952 chore: bump engine.io version to fix CVE-2022-21676 (#4262) 
Related: https://github.com/socketio/engine.io/security/advisories/GHSA-273r-mgr4-v34f
 2022-01-25 22:18:18 +01:00
Chris Swithinbank
02c87a8561 fix(typings): ensure compatibility with TypeScript 3.x (#4259) 
Labeled tuple elements were added in TypeScript 4.0.

Reference: https://www.typescriptlang.org/docs/handbook/release-notes/typescript-4-0.html#labeled-tuple-elements

Related: 44e20ba5bf
 2022-01-25 01:25:05 +01:00
Damien Arrachequesne
90fb0a99ac chore(release): 6.1.2 
Diff: https://github.com/socketio/engine.io/compare/6.1.1...6.1.2
 2022-01-18 18:00:23 +01:00
Damien Arrachequesne
e122e4be7b refactor: add additional types 
Merged from https://github.com/socketio/engine.io/pull/630
 2022-01-18 17:55:55 +01:00
Damien Arrachequesne
3f1e312a2c chore: bump package-lock.json file version 
Note to future self: URL for dependencies from GitHub must use
"git+https" instead of "git+ssh" to make the CI pass, else you will
encounter the following error:

```
npm ERR! Error while executing:
npm ERR! /usr/bin/git ls-remote -h -t ssh://git@github.com/uNetworking/uWebSockets.js.git
npm ERR!
npm ERR! Warning: Permanently added the RSA host key for IP address '140.82.112.3' to the list of known hosts.
npm ERR! git@github.com: Permission denied (publickey).
npm ERR! fatal: Could not read from remote repository.
npm ERR!
npm ERR! Please make sure you have the correct access rights
npm ERR! and the repository exists.
npm ERR!
npm ERR! exited with error code: 128
```
 2022-01-18 17:53:58 +01:00
Damien Arrachequesne
45112a30d1 fix(uws): fix HTTP long-polling with CORS 
When binding to an uWebSockets.js application, the server could crash
with the following error:

```
TypeError: res.onData is not a function
    at Polling.onDataRequest (build/transports-uws/polling.js:133:13)
    at Polling.onRequest (build/transports-uws/polling.js:47:18)
    at callback (build/userver.js:80:56)
```

Related: https://github.com/socketio/engine.io/issues/637
 2022-01-18 17:49:28 +01:00
Damien Arrachequesne
8096c122bb chore(release): 5.0.3 
Diff: https://github.com/socketio/engine.io-parser/compare/5.0.2...5.0.3
 2022-01-17 10:24:51 +01:00
Damien Arrachequesne
ad5bd7ddf5 refactor: add additional types 
Merged from https://github.com/socketio/engine.io/pull/630
 2022-01-17 10:23:16 +01:00
Damien Arrachequesne
25a4b2bbf5 chore: replace base64-arraybuffer by @socket.io/base64-arraybuffer 
The "base64-arraybuffer" package has been temporarily forked to [1],
until changes are merged upstream.

[1]: https://github.com/socketio/base64-arraybuffer

Related:

- https://github.com/niklasvh/base64-arraybuffer/issues/32
- https://github.com/socketio/socket.io-client/issues/1520
- https://github.com/socketio/socket.io-website/issues/313
- https://github.com/socketio/socket.io/discussions/4209
 2022-01-17 10:23:11 +01:00
dependabot[bot]
56af9c59b9 chore: bump engine.io from 4.0.2 to 4.1.2 (#685) 
Bumps [engine.io](https://github.com/socketio/engine.io) from 4.0.2 to 4.1.2.
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/4.1.2/CHANGELOG.md)
- [Commits](https://github.com/socketio/engine.io/compare/4.0.2...4.1.2)

---
updated-dependencies:
- dependency-name: engine.io
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-15 07:59:15 +01:00
Yosi Attias
49bb7cf665 fix(uws): expose additional uWebSockets.js options (#634) 
You can now pass additional options:

```js
const { App } = require("uWebSockets.js");
const { uServer } = require("engine.io");

const app = new App();
const server = new uServer();

server.attach(app, {
  compression: uWS.DEDICATED_COMPRESSOR_128KB, // defaults to none
  idleTimeout: 60, // defaults to 120
  maxBackpressure: 8 * 1024 // defaults to 1024 * 1024
});

app.listen(3000);
```

Related: https://github.com/socketio/engine.io/issues/633
 2022-01-14 08:57:46 +01:00
Damien Arrachequesne
8b4d6a8176 fix(uws): handle invalid websocket upgrades 
When binding to an uWebSockets.js App, there was an unhandled case that
could crash the server:

```
curl "http://localhost:3000/engine.io/?EIO=4&transport=websocket"
```

would result in:

```
Error: Returning from a request handler without responding or attaching an abort handler is forbidden!
terminate called without an active exception
```

Note: this does not apply to the default server based on ws, because
the error was caught elsewhere in the source code.

Related: https://github.com/socketio/socket.io/issues/4250
 2022-01-14 08:18:03 +01:00
dependabot[bot]
a84595a04e chore(deps): bump engine.io from 4.0.0 to 4.1.2 in /examples/latency (#636) 
Bumps [engine.io](https://github.com/socketio/engine.io) from 4.0.0 to 4.1.2.
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/4.1.2/CHANGELOG.md)
- [Commits](https://github.com/socketio/engine.io/compare/4.0.0...4.1.2)

---
updated-dependencies:
- dependency-name: engine.io
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-14 07:59:43 +01:00
Damien Arrachequesne
f3b761dc56 chore(release): 6.1.1 
Diff: https://github.com/socketio/engine.io/compare/6.1.0...6.1.1
 2022-01-11 16:08:20 +01:00
Damien Arrachequesne
c0e194d449 fix: properly handle invalid data sent by a malicious websocket client 
**IMPORTANT SECURITY FIX**

A malicious client could send a specially crafted HTTP request,
triggering an uncaught exception and killing the Node.js process:

> RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be clear
>   at Receiver.getInfo (/.../node_modules/ws/lib/receiver.js:176:14)
>   at Receiver.startLoop (/.../node_modules/ws/lib/receiver.js:136:22)
>   at Receiver._write (/.../node_modules/ws/lib/receiver.js:83:10)
>   at writeOrBuffer (internal/streams/writable.js:358:12)

This bug was introduced by [1], included in `engine.io@4.0.0`, so
previous releases are not impacted.

[1]: f3c291fa61

Thanks to Marcus Wejderot from Mevisio for the responsible disclosure.
 2022-01-11 15:52:15 +01:00
Damien Arrachequesne
37b6d8fff0 chore: update default label for bug reports 2022-01-10 08:55:56 +01:00
Damien Arrachequesne
eaf782c41b docs: remove broken badges 
Related: https://github.com/socketio/socket.io/issues/4242
 2022-01-10 08:05:04 +01:00
Damien Arrachequesne
af54565b2d docs: remove broken badges 
Related: https://github.com/socketio/socket.io/issues/4242
 2022-01-10 08:03:53 +01:00
Damien Arrachequesne
aa5312a4b6 chore: revert to lockfile v1 
Updating to v2 fails in the CI on Node.js 12 & 14 with the following
error:

> npm ERR! Error while executing:
> npm ERR! /usr/bin/git ls-remote -h -t ssh://git@github.com/uNetworking/uWebSockets.js.git
> npm ERR!
> npm ERR! Warning: Permanently added the RSA host key for IP address '140.82.113.3' to the list of known hosts.
> npm ERR! git@github.com: Permission denied (publickey).
> npm ERR! fatal: Could not read from remote repository.
> npm ERR!
> npm ERR! Please make sure you have the correct access rights
> npm ERR! and the repository exists.
> npm ERR!
> npm ERR! exited with error code: 128

So we will revert the change for now.
 2022-01-06 08:01:00 +01:00
Damien Arrachequesne
c82a4bdf1f chore(release): 4.4.1 
Diff: https://github.com/socketio/socket.io/compare/4.4.0...4.4.1
4.4.1 		2022-01-06 07:32:03 +01:00
Damien Arrachequesne
359d1e25e7 chore(release): 4.4.1 
Diff: https://github.com/socketio/socket.io-client/compare/4.4.0...4.4.1
 2022-01-06 07:24:53 +01:00
Orkhan Alikhanov
770ee5949f fix(types): make RemoteSocket.data type safe (#4234) 
Related:

- https://github.com/socketio/socket.io/issues/4229
- fe8730ca0f
 2022-01-06 07:14:55 +01:00
Damien Arrachequesne
3bf5d92735 refactor: add note about fetchSockets() for parent namespaces 
Related: https://github.com/socketio/socket.io/issues/4235
 2022-01-05 08:50:40 +01:00
Shayan Yousefi
fc82e44f73 refactor(typings): export Event type (#4215) 
So that it can be used by the end users:

```ts
const myMiddleware = ([eventName, ...args]: Event, next: (err?: Error) => void) => {
  console.log(eventName); // inferred as string
  next();
}

io.on("connection", (socket) => {
  socket.use(myMiddleware);
});
```
 2022-01-05 08:08:18 +01:00
Damien Arrachequesne
c840bad43a test: fix flaky tests 2022-01-05 08:00:55 +01:00
Damien Arrachequesne
f56fdd0f09 chore: remove duplicate package.json file 
The additional package.json file, which was copied to
build/cjs/package.json, did hide the parent one, leading to several
issues and providing no real feature. The other one, copied to
build/esm/package.json, is needed though, to enforce the module type.

Related:

- https://github.com/socketio/socket.io/issues/4194
- https://github.com/socketio/socket.io-client/issues/1513
 2022-01-04 09:57:43 +01:00
Orkhan Alikhanov
f2b8de7191 fix(typings): pass SocketData type to custom namespaces (#4233) 
The `SocketData` type was only available on the main namespace.

Related: https://github.com/socketio/socket.io/issues/4229
See also: fe8730ca0f
 2022-01-04 09:09:42 +01:00
Gray Zhang
51784d0305 chore: add types to exports field to be compatible with nodenext module resolution (#4228) 
See [1] for detail, in `nodenext` module resolution it requires a
`types` field in `exports` with full filename including extension.

[1]: https://github.com/microsoft/TypeScript/issues/46770#issuecomment-966612103
 2021-12-28 10:27:08 +01:00
Gray Zhang
19836d9abf chore: add types to exports field to be compatible with nodenext module resolution (#1522) 
See [1] for detail, in `nodenext` module resolution it requires a
`types` field in `exports` with full filename including extension.

[1]: https://github.com/microsoft/TypeScript/issues/46770#issuecomment-966612103

Reference: https://www.typescriptlang.org/tsconfig/#module
 2021-12-28 10:22:45 +01:00
Damien Arrachequesne
c196689545 docs: fix basic crud example 
Related: https://github.com/socketio/socket.io/issues/4213
 2021-12-16 23:00:20 +01:00
Jeff Winder
b04967b52e refactor: import Node's setTimeout & clearTimeout to prevent ambiguity (#632) 2021-12-14 09:09:23 +01:00
Mikhail Dudin
7a70f63499 docs: fix reconnection handling in the chat demo app (#4189) 2021-12-01 00:03:43 +01:00
anderslatif
e5897dd7dc docs: add usage with ES modules (#4195) 2021-12-01 00:02:13 +01:00
Damien Arrachequesne
2071a66c5a docs: simplify nginx cluster example 
- remove useless Dockerfile
- clean format
- migrate to @socket.io/redis-adapter
 2021-11-24 18:15:26 +01:00
Damien Arrachequesne
0f11c4745f chore(release): 4.4.0 
Diff: https://github.com/socketio/socket.io/compare/4.3.2...4.4.0
4.4.0 		2021-11-18 14:10:19 +01:00
Damien Arrachequesne
b839a3b400 fix: prevent double ack when emitting with a timeout 
The ack was not properly removed upon timeout, and could be called
twice.

Related: f0ed42f18c
 2021-11-18 14:03:07 +01:00
Damien Arrachequesne
71e34a3826 chore(release): 4.4.0 
Diff: https://github.com/socketio/socket.io-client/compare/4.3.2...4.4.0
 2021-11-18 13:51:36 +01:00
Damien Arrachequesne
1e1952b817 chore: bump engine.io-client version 
Diff: https://github.com/socketio/engine.io-client/compare/6.0.1...6.1.1
 2021-11-18 13:47:41 +01:00
Damien Arrachequesne
522ffbe7a8 fix: prevent double ack with timeout 
The ack was not properly removed upon timeout, and could be called
twice.

Related: ccf7998cc5
 2021-11-18 13:40:46 +01:00
Damien Arrachequesne
99c2cb8421 fix: fix socket.disconnect().connect() usage 
Previously, calling `socket.disconnect().connect()` could, if the
connection was upgraded to WebSocket, result in "disconnect" being
emitted twice, and an engine being leaked.

Here's what happened:

> socket.disconnect()

- calls `socket.destroy()` so the socket doesn't listen to the manager events anymore
- then calls `manager._close()` which closes the underlying engine but not the manager itself (it waits for the "close" event of the engine)

> socket.connect()

- calls `socket.subEvents()` so the socket does listen to the manager events
- calls `manager.open()` which creates a new engine

And then the first engine emits a "close" event, which is forwarded to
the socket, hence the second "disconnect" event.

Related: https://github.com/socketio/socket.io-client/issues/1014
 2021-11-18 13:39:40 +01:00
Damien Arrachequesne
f0ed42f18c feat: add timeout feature 
Usage:

```js
socket.timeout(5000).emit("my-event", (err) => {
  if (err) {
    // the client did not acknowledge the event in the given delay
  }
});
```
 2021-11-16 20:07:53 +01:00
Damien Arrachequesne
53d8fcafab fix: add package name in nested package.json 
Note: the version must be kept in sync when publishing a new release

Related: socketio/socket.io-client#1513
 2021-11-16 19:59:59 +01:00
Damien Arrachequesne
d54d12ce63 fix: prevent socket from reconnecting after middleware failure 
Related: https://github.com/socketio/socket.io/discussions/4150
 2021-11-16 19:57:47 +01:00
Damien Arrachequesne
ccf7998cc5 feat: add timeout feature 
Usage:

```js
socket.timeout(5000).emit("my-event", (err) => {
  if (err) {
    // the server did not acknowledge the event in the given delay
  }
});
```
 2021-11-16 19:56:44 +01:00