Releases: expressjs/session
Releases · expressjs/session
1.18.0
- Add debug log for pathname mismatch
- Add
partitioned
tocookie
options - Add
priority
tocookie
options - Fix handling errors from setting cookie
- Support any type in
secret
thatcrypto.createHmac
supports - deps: [email protected]
- Fix
expires
option to reject invalid dates - perf: improve default decode speed
- perf: remove slow string split in parse
- Fix
- deps: [email protected]
1.17.3
- Fix resaving already-saved new session at end of request
- deps: [email protected]
1.17.2
- Fix
res.end
patch to always commit headers - deps: [email protected]
- deps: [email protected]
1.17.1
- Fix internal method wrapping error on failed reloads
1.17.0
- deps: [email protected]
- Add
SameSite=None
support
- Add
- deps: [email protected]
1.16.2
- Fix restoring
cookie.originalMaxAge
when store returnsDate
- deps: parseurl@~1.3.3
1.16.1
- Fix error passing
data
option toCookie
constructor - Fix uncaught error from bad session data
1.16.0
- Catch invalid
cookie.maxAge
value earlier - Deprecate setting
cookie.maxAge
to aDate
object - Fix issue where
resave: false
may not save altered sessions - Remove
utils-merge
dependency - Use
safe-buffer
for improved Buffer API - Use
Set-Cookie
as cookie header name for compatibility - deps: depd@~2.0.0
- Replace internal
eval
usage withFunction
constructor - Use instance methods on
process
to check for listeners - perf: remove argument reassignment
- Replace internal
- deps: on-headers@~1.0.2
- Fix
res.writeHead
patch missing return value
- Fix
1.15.6
- deps: [email protected]
- deps: parseurl@~1.3.2
- perf: reduce overhead for full URLs
- perf: unroll the "fast-path"
RegExp
- deps: uid-safe@~2.1.5
- perf: remove only trailing
=
- perf: remove only trailing
- deps: [email protected]
1.15.5
- Fix
TypeError
whenreq.url
is an empty string - deps: depd@~1.1.1
- Remove unnecessary
Buffer
loading
- Remove unnecessary