faye 1.0.3 → 1.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 29e13f5b55842169a78f1c67e4a8b1368f68062d
4
- data.tar.gz: 3d305a73595d17c630055f452e20c883efef4aa1
2
+ SHA256:
3
+ metadata.gz: 75788ddfabe886ea54ef361093becae8966721c002d50f15cc73fdcc5e8d9989
4
+ data.tar.gz: ffed4468e7ee32ab131191edae3cca52f96cfacd7ae6680db73e6922471a464d
5
5
  SHA512:
6
- metadata.gz: e0dde7c09fc255bbbd691eef1cb9bfb7207b01c61d1726d3640eaf3c720bf7eeeb79be19299959252ccd55cb89a77a82ad9e27444df0c39fc8c24d02faebb836
7
- data.tar.gz: 39a44a98292e22beea35d10cc92837721fff05d3e8118d468130bdcbe63eb1fcfebcec92ad0ee8948809c9dd874f9cda93aab6227e766ff99867880cc4fa2f4e
6
+ metadata.gz: 6d2955083bd87e4c290f3331551d5ec477e57c401b9aadc75aa94f78b1a208962248238fdda186b99c317b4a5aacfc7707d262ea0465e3c8c31f6152f00d22bc
7
+ data.tar.gz: 92c68a4b89f3e730aa1e0ace1ec2ba2bf1640a7625ae2ab98f5625fbc4c2af9ec016e16410d03600ea41caad793f14429d1da5eb8ee18ca55617dffe5c3df73b
data/CHANGELOG.md CHANGED
@@ -1,7 +1,146 @@
1
+ ### 1.4.0 / 2020-07-31
2
+
3
+ - Implement TLS certificate verification and enable it by default in the Ruby
4
+ client class `Faye::Client`
5
+ - Add a `:tls` option to the Ruby client with sub-field `:verify_peer` for
6
+ configuring TLS verification
7
+ - Officially support the `tls` option in the Node.js client, whose contents are
8
+ forward to the `https` and `tls` modules as appropriate
9
+
10
+ ### 1.3.0 / 2020-06-08
11
+
12
+ - Support `user:pass@` authorization in URIs and send `Authorization` headers
13
+ from the Node HTTP transport
14
+ - Support IPv6 hostnames in URIs
15
+ - Allow credentials (cookies and `Authorization` headers) in cross-origin
16
+ requests, by:
17
+ - setting `Access-Control-Allow-Origin` to the value of the `Origin` header
18
+ (not `*`)
19
+ - enabling `Access-Control-Allow-Credentials`
20
+ - Enable credentials when sending cross-origin requests
21
+ - Don't disconnect WebSocket on page unload if `autodisconnect` is turned off
22
+ - Catch errors when creating a WebSocket, which happens when Content Security
23
+ Policy blocks it, allowing other transports to be tried
24
+ - Fix a bug in the client where it handles messages from other clients as though
25
+ they're the server's response to its own messages, based on the `id` field;
26
+ now we only treat messages as server responses if they contain `successful:
27
+ true`
28
+ - Stop sending an empty message list `[]` from the WebSocket client as a
29
+ keep-alive mechanism since CometD does not accept this message
30
+ - Fix deprecation warnings for using the `new Buffer()` constructor
31
+ - Switch to the Apache 2.0 license
32
+
33
+
34
+ ### 1.2.5 / 2020-04-28
35
+
36
+ - Fix `/meta/*` channel recognition bug in the server that enables
37
+ authentication bypass
38
+ - https://blog.jcoglan.com/2020/04/28/authentication-bypass-in-faye/
39
+
40
+
41
+ ### 1.2.4 / 2017-01-28
42
+
43
+ - Fix `RackAdapter#get_client` that was failing due to a URI error
44
+ - Define `Promise#catch` in a safe way for old browsers
45
+ - Log errors in the Node HTTP transport
46
+
47
+
48
+ ### 1.2.3 / 2016-10-11
49
+
50
+ - Return an error if the `data` field is missing on published messages
51
+ - Fix errors that occur in the new `websocket` util when the browser does not
52
+ support WebSocket
53
+
54
+
55
+ ### 1.2.2 / 2016-07-18
56
+
57
+ - Mitigate the HTTPoxy vulnerability: https://httpoxy.org/
58
+
59
+
60
+ ### 1.2.1 / 2016-06-29
61
+
62
+ - Fix a missing variable error in `NodeAdapter`
63
+
64
+
65
+ ### 1.2.0 / 2016-06-26
66
+
67
+ - Add `client.subscribe().withChannel()` to yield the message channel for
68
+ wildcard subscriptions
69
+ - Restructure the JavaScript codebase around Node modules (require/exports)
70
+ rather than globals
71
+ - Update the Promise shim to reflect the standard API, including `catch()` and
72
+ `all()`
73
+ - Support connecting to servers that use SNI in the Ruby client
74
+ - Make the JavaScript client work inside React Native and Web Workers
75
+ - Remove JSON2; you should import a JSON shim yourself if necessary
76
+ - Handle errors that occur when a message is partially delivered via EventSource
77
+ - Reject requests with invalid (non-array or -object) top-level JSON values
78
+ - Make local client requests asynchronous to avoid re-entrant request handling
79
+ errors
80
+ - Remove `Connection: Close` from HTTP responses to allow use of keep-alive
81
+ - Use `XMLHttpRequest` in preference to the ActiveX API in IE10
82
+ - Fix bug where flushing large message batches puts promises in an invalid state
83
+
84
+
85
+ ### 1.1.3 / 2020-04-28
86
+
87
+ - Fix `/meta/*` channel recognition bug in the server that enables
88
+ authentication bypass
89
+ - https://blog.jcoglan.com/2020/04/28/authentication-bypass-in-faye/
90
+
91
+
92
+ ### 1.1.2 / 2015-07-19
93
+
94
+ - Allow the `Authorization` header to be used on CORS requests
95
+ - Disallow unused methods like PUT and DELETE on CORS requests
96
+ - Stop IE prematurely garbage-collecting `XDomainRequest` objects
97
+ - Make sure messages can be sent if they overflow the request size limit and the
98
+ outbox is empty
99
+ - Don't send messages over WebSockets unless they are in the 'open' ready-state
100
+ - Fix a bug preventing use of the in-process transport in Ruby
101
+
102
+
103
+ ### 1.1.1 / 2015-02-25
104
+
105
+ - Make sure the client ID associated with a WebSocket is not dropped, so the
106
+ socket can be closed properly
107
+ - Handle cases where a JSON-P endpoint returns no response argument
108
+ - Stop trying to retry messages after the client has been disconnected
109
+ - Remove duplication of the client ID in EventSource URLs
110
+
111
+
112
+ ### 1.1.0 / 2014-12-22
113
+
114
+ - Allow the server and client to use WebSocket extensions, for example
115
+ permessage-deflate
116
+ - Support the `HTTP_PROXY` and `HTTPS_PROXY` environment variables to send all
117
+ client connections through an HTTP proxy
118
+ - Introduce the `Scheduler` API to allow the user to control message retries
119
+ - Add the `attempts` and `deadline` options to `Client#publish()`
120
+ - Let `RackAdapter` take a block that yields the instance, so extensions can be
121
+ added to middleware
122
+ - Allow monitoring listeners to see the `clientId` on publishd messages but
123
+ still avoid sending it to subscribers
124
+ - Return a promise from `Client#disconnect()`
125
+ - Fix client-side retry bugs causing the client to flood the server with
126
+ duplicate messages
127
+ - Send all transport types in the `supportedConnectionTypes` handshake parameter
128
+ - Don't close WebSockets when the client recovers from an error and sends a new
129
+ `clientId`
130
+ - Replace `cookiejar` with `tough-cookie` to avoid global variable leaks
131
+
132
+
133
+ ### 1.0.4 / 2020-04-28
134
+
135
+ - Fix `/meta/*` channel recognition bug in the server that enables
136
+ authentication bypass
137
+ - https://blog.jcoglan.com/2020/04/28/authentication-bypass-in-faye/
138
+
139
+
1
140
  ### 1.0.3 / 2014-07-08
2
141
 
3
- * Make some changes to JSON-P responses to mitigate the Rosetta Flash attack
4
- * http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/
142
+ - Make some changes to JSON-P responses to mitigate the Rosetta Flash attack
143
+ - http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/
5
144
 
6
145
 
7
146
  ### 1.0.2 -- removed due to error while publishing
@@ -9,62 +148,83 @@
9
148
 
10
149
  ### 1.0.1 / 2013-12-10
11
150
 
12
- * Add `Adapter#close()` method for gracefully shutting down the server
13
- * Fix error recover bug in WebSocket that made transport cycle through `up`/`down` state
14
- * Update Promise implementation to pass `promises-aplus-tests 2.0`
15
- * Correct some incorrect variable names in the Ruby transports
16
- * Make logging methods public to fix a problem on Ruby 2.1
151
+ - Add `Adapter#close()` method for gracefully shutting down the server
152
+ - Fix error recover bug in WebSocket that made transport cycle through
153
+ `up`/`down` state
154
+ - Update Promise implementation to pass `promises-aplus-tests 2.0`
155
+ - Correct some incorrect variable names in the Ruby transports
156
+ - Make logging methods public to fix a problem on Ruby 2.1
17
157
 
18
158
 
19
159
  ### 1.0.0 / 2013-10-01
20
160
 
21
- * Client changes:
22
- * Allow clients to be instantiated with URI objects rather than strings
23
- * Add a `ca` option to the Node `Client` class for passing in trusted server certificates
24
- * Objects supporting the `callback()` method in JavaScript are now Promises
25
- * Fix protocol-relative URI parsing in the client
26
- * Remove the `getClientId()` and `getState()` methods from the `Client` class
27
- * Transport changes:
28
- * Add request-size limiting to all batching transports
29
- * Make the WebSocket transport more robust against quiet network periods and clients going to sleep
30
- * Support cookies across all transports when using the client on Node.js or Ruby
31
- * Support custom headers in the `cross-origin-long-polling` and server-side `websocket` transports
32
- * Adapter changes:
33
- * Support the `rack.hijack` streaming API
34
- * Migrate to MultiJson for JSON handling on Ruby, allowing use of JRuby
35
- * Escape U+2028 and U+2029 in JSON-P output
36
- * Fix a bug stopping requests being routed when the mount point is `/`
37
- * Fix various bugs that cause errors to be thrown if we try to send a message over a closed socket
38
- * Remove the `listen()` method from `Adapter` in favour of using server-specific APIs
39
- * Server changes:
40
- * Use cryptographically secure random number generators to create client IDs
41
- * Allow extensions to access request properties by using 3-ary methods
42
- * Objects supporting the `bind()` method now implement the full `EventEmitter` API
43
- * Stop the server from forwarding the `clientId` property of published messages
44
- * Miscellaneous:
45
- * Support Browserify by returning the client module
46
- * `Faye.logger` can now be a logger object rather than a function
161
+ - Client changes:
162
+ - Allow clients to be instantiated with URI objects rather than strings
163
+ - Add a `ca` option to the Node `Client` class for passing in trusted server
164
+ certificates
165
+ - Objects supporting the `callback()` method in JavaScript are now Promises
166
+ - Fix protocol-relative URI parsing in the client
167
+ - Remove the `getClientId()` and `getState()` methods from the `Client` class
168
+ - Transport changes:
169
+ - Add request-size limiting to all batching transports
170
+ - Make the WebSocket transport more robust against quiet network periods and
171
+ clients going to sleep
172
+ - Support cookies across all transports when using the client on Node.js or
173
+ Ruby
174
+ - Support custom headers in the `cross-origin-long-polling` and server-side
175
+ `websocket` transports
176
+ - Adapter changes:
177
+ - Support the `rack.hijack` streaming API
178
+ - Migrate to MultiJson for JSON handling on Ruby, allowing use of JRuby
179
+ - Escape U+2028 and U+2029 in JSON-P output
180
+ - Fix a bug stopping requests being routed when the mount point is `/`
181
+ - Fix various bugs that cause errors to be thrown if we try to send a message
182
+ over a closed socket
183
+ - Remove the `listen()` method from `Adapter` in favour of using
184
+ server-specific APIs
185
+ - Server changes:
186
+ - Use cryptographically secure random number generators to create client IDs
187
+ - Allow extensions to access request properties by using 3-ary methods
188
+ - Objects supporting the `bind()` method now implement the full `EventEmitter`
189
+ API
190
+ - Stop the server from forwarding the `clientId` property of published
191
+ messages
192
+ - Miscellaneous:
193
+ - Support Browserify by returning the client module
194
+ - `Faye.logger` can now be a logger object rather than a function
195
+
196
+
197
+ ### 0.8.11 / 2014-07-08
198
+
199
+ - Make some changes to JSON-P responses to mitigate the Rosetta Flash attack
200
+ - http://miki.it/blog/2014/7/8/abusing-jsonp-with-rosetta-flash/
201
+
202
+
203
+ ### 0.8.10 -- removed due to error while publishing
47
204
 
48
205
 
49
206
  ### 0.8.9 / 2013-02-26
50
207
 
51
- * Specify ciphers for SSL on Node to mitigate the BEAST attack
52
- * Mitigate increased risk of socket hang-up errors in Node v0.8.20
53
- * Fix race condition when processing outgoing extensions in the Node server
54
- * Fix problem loading the client script when using `{mount: '/'}`
55
- * Clean up connection objects when a WebSocket is re-used with a new clientId
56
- * All JavaScript code now runs in strict mode
57
- * Select transport on handshake, instead of on client creation to allow time for `disable()` calls
58
- * Do not speculatively open WebSocket/EventSource connections if they are disabled
59
- * Gracefully handle WebSocket messages with no data on the client side
60
- * Close and reconnect WebSocket when onerror is fired, not just when onclose is fired
61
- * Fix problem with caching of EventSource connections with stale clientIds
62
- * Don't parse query strings when checking if a URL is same-origin or not
208
+ - Specify ciphers for SSL on Node to mitigate the BEAST attack
209
+ - Mitigate increased risk of socket hang-up errors in Node v0.8.20
210
+ - Fix race condition when processing outgoing extensions in the Node server
211
+ - Fix problem loading the client script when using `{mount: '/'}`
212
+ - Clean up connection objects when a WebSocket is re-used with a new clientId
213
+ - All JavaScript code now runs in strict mode
214
+ - Select transport on handshake, instead of on client creation to allow time for
215
+ `disable()` calls
216
+ - Do not speculatively open WebSocket/EventSource connections if they are
217
+ disabled
218
+ - Gracefully handle WebSocket messages with no data on the client side
219
+ - Close and reconnect WebSocket when onerror is fired, not just when onclose is
220
+ fired
221
+ - Fix problem with caching of EventSource connections with stale clientIds
222
+ - Don't parse query strings when checking if a URL is same-origin or not
63
223
 
64
224
 
65
225
  ### 0.8.8 / 2013-01-10
66
226
 
67
- * Patch security hole allowing remote execution of arbitrary Server methods
227
+ - Patch security hole allowing remote execution of arbitrary Server methods
68
228
 
69
229
 
70
230
  ### 0.8.7 -- removed due to error while publishing
@@ -72,281 +232,311 @@
72
232
 
73
233
  ### 0.8.6 / 2012-10-07
74
234
 
75
- * Make sure messages pushed to the client over a socket pass through outgoing extensions
235
+ - Make sure messages pushed to the client over a socket pass through outgoing
236
+ extensions
76
237
 
77
238
 
78
239
  ### 0.8.5 / 2012-09-30
79
240
 
80
- * Fix a bug in `URI.parse()` that caused Faye endpoints to inherit search and hash from `window.location`
241
+ - Fix a bug in `URI.parse()` that caused Faye endpoints to inherit search and
242
+ hash from `window.location`
81
243
 
82
244
 
83
245
  ### 0.8.4 / 2012-09-29
84
246
 
85
- * Optimise upgrade process so that WebSocket is tested earlier and the connection is cached
86
- * Check that EventSource actually works to work around broken Opera implementation
87
- * Emit `connection:open` and `connection:close` events from the Engine proxy
88
- * Increase size of client IDs from 128 to 160 bits
89
- * Fix bug with relative URL resolution in IE
90
- * Limit the JSON-P transport's message buffer so it doesn't create over-long URLs
91
- * Send `Pragma: no-cache` with XHR requests to guard against iOS 6 POST caching
92
- * Add `charset=utf-8` to response Content-Type headers
247
+ - Optimise upgrade process so that WebSocket is tested earlier and the
248
+ connection is cached
249
+ - Check that EventSource actually works to work around broken Opera
250
+ implementation
251
+ - Emit `connection:open` and `connection:close` events from the Engine proxy
252
+ - Increase size of client IDs from 128 to 160 bits
253
+ - Fix bug with relative URL resolution in IE
254
+ - Limit the JSON-P transport's message buffer so it doesn't create over-long
255
+ URLs
256
+ - Send `Pragma: no-cache` with XHR requests to guard against iOS 6 POST caching
257
+ - Add `charset=utf-8` to response Content-Type headers
93
258
 
94
259
 
95
260
  ### 0.8.3 / 2012-07-15
96
261
 
97
- * `Client#subscribe` returns an array of Subscriptions if given an array of channels
98
- * Allow different endpoints to be specified per-transport
99
- * Only use IE's `XDomainRequest` for same-protocol requests
100
- * Replace URL parser with one that treats relative URLs the same as the browser
101
- * Improve logging of malformed requests and detect problems earlier
102
- * Make sure socket connections are closed when a client session is timed out
103
- * Stop WebSocket reconnecting after `window.onbeforeunload`
262
+ - `Client#subscribe` returns an array of Subscriptions if given an array of
263
+ channels
264
+ - Allow different endpoints to be specified per-transport
265
+ - Only use IE's `XDomainRequest` for same-protocol requests
266
+ - Replace URL parser with one that treats relative URLs the same as the browser
267
+ - Improve logging of malformed requests and detect problems earlier
268
+ - Make sure socket connections are closed when a client session is timed out
269
+ - Stop WebSocket reconnecting after `window.onbeforeunload`
104
270
 
105
271
 
106
272
  ### 0.8.2 / 2012-04-12
107
273
 
108
- * Fix replacement of `null` with `{}` in `copyObject()`
109
- * Make EventSource transport trigger `transport:up/down` events
110
- * Supply source map for minified JavaScript client, and include source in gem
111
- * Return `Content-Length: 0` for 304 responses
112
- * Handle pre-flight CORS requests from old versions of Safari
274
+ - Fix replacement of `null` with `{}` in `copyObject()`
275
+ - Make EventSource transport trigger `transport:up/down` events
276
+ - Supply source map for minified JavaScript client, and include source in gem
277
+ - Return `Content-Length: 0` for 304 responses
278
+ - Handle pre-flight CORS requests from old versions of Safari
113
279
 
114
280
 
115
281
  ### 0.8.1 / 2012-03-15
116
282
 
117
- * Make `Publisher#trigger` safe for event listeners that modify the listener list
118
- * Make `Server#subscribe` return a response if the incoming message has an error
119
- * Fix edge case in code that identifies the `clientId` of socket connections
120
- * Return `Content-Length` headers for HTTP responses
121
- * Don't send empty lists of messages from the WebSocket transport
122
- * Stop client sending multiple `/meta/subscribe` messages for subscriptions made before handshaking
123
- * Stop client treating incoming published messages as responses to `/meta/*` messages
283
+ - Make `Publisher#trigger` safe for event listeners that modify the listener
284
+ list
285
+ - Make `Server#subscribe` return a response if the incoming message has an error
286
+ - Fix edge case in code that identifies the `clientId` of socket connections
287
+ - Return `Content-Length` headers for HTTP responses
288
+ - Don't send empty lists of messages from the WebSocket transport
289
+ - Stop client sending multiple `/meta/subscribe` messages for subscriptions made
290
+ before handshaking
291
+ - Stop client treating incoming published messages as responses to `/meta/*`
292
+ messages
124
293
 
125
294
 
126
295
  ### 0.8.0 / 2012-02-26
127
296
 
128
- * Extract the Redis engine into a separate library, `faye-redis`
129
- * Stabilize and document the Engine API so others can write backends
130
- * Extract WebSocket and EventSource tools into a separate library, `faye-websocket`
131
- * Improve use of WebSocket so messages are immediately pushed rather than polling
132
- * Introduce new EventSource-based transport, for proxies that block WebSocket
133
- * Support the Rainbows and Goliath web servers for Ruby, same as `faye-websocket`
134
- * Improve detection of network errors and switch to fixed-interval for reconnecting
135
- * Add `setHeader()` method to Client (e.g. for connecting to Salesforce API)
136
- * Add `timeout()` method to `Faye.Deferrable` to match `EventMachine::Deferrable`
137
- * Fix some bugs in client-side message handlers created with `subscribe()`
138
- * Improve speed and memory consumption of `copyObject()`
139
- * Switch from JSON to Yajl for JSON parsing in Ruby
297
+ - Extract the Redis engine into a separate library, `faye-redis`
298
+ - Stabilize and document the Engine API so others can write backends
299
+ - Extract WebSocket and EventSource tools into a separate library,
300
+ `faye-websocket`
301
+ - Improve use of WebSocket so messages are immediately pushed rather than
302
+ polling
303
+ - Introduce new EventSource-based transport, for proxies that block WebSocket
304
+ - Support the Rainbows and Goliath web servers for Ruby, same as
305
+ `faye-websocket`
306
+ - Improve detection of network errors and switch to fixed-interval for
307
+ reconnecting
308
+ - Add `setHeader()` method to Client (e.g. for connecting to Salesforce API)
309
+ - Add `timeout()` method to `Faye.Deferrable` to match
310
+ `EventMachine::Deferrable`
311
+ - Fix some bugs in client-side message handlers created with `subscribe()`
312
+ - Improve speed and memory consumption of `copyObject()`
313
+ - Switch from JSON to Yajl for JSON parsing in Ruby
314
+
315
+
316
+ ### 0.7.2 / 2013-01-10
317
+
318
+ - Patch security hole allowing remote execution of arbitrary Server methods
140
319
 
141
320
 
142
321
  ### 0.7.1 / 2011-12-22
143
322
 
144
- * Extension `added()` and `removed()` methods now receive the extended object
145
- * Detection of WebSockets in RackAdapter is more strict
323
+ - Extension `added()` and `removed()` methods now receive the extended object
324
+ - Detection of WebSockets in RackAdapter is more strict
146
325
 
147
326
 
148
327
  ### 0.7.0 / 2011-11-22
149
328
 
150
- * Provide an event API for monitoring engine events on the server side
151
- * Implement server-side WebSocket connections for improved latency
152
- * Fix WebSocket protocol bugs and expose APIs for developers to use
153
- * Make server-side HTTP transports support SSL and cookies
154
- * Allow clients to disable selected transports and autodisconnection
155
- * Add callback/errback API to `Client#publish()` interface
156
- * Add `socket` setting for the Redis engine for connecting through a Unix socket
329
+ - Provide an event API for monitoring engine events on the server side
330
+ - Implement server-side WebSocket connections for improved latency
331
+ - Fix WebSocket protocol bugs and expose APIs for developers to use
332
+ - Make server-side HTTP transports support SSL and cookies
333
+ - Allow clients to disable selected transports and autodisconnection
334
+ - Add callback/errback API to `Client#publish()` interface
335
+ - Add `socket` setting for the Redis engine for connecting through a Unix socket
336
+
337
+
338
+ ### 0.6.8 / 2013-01-10
339
+
340
+ - Patch security hole allowing remote execution of arbitrary Server methods
157
341
 
158
342
 
159
343
  ### 0.6.7 / 2011-10-20
160
344
 
161
- * Cache client script in memory and add `ETag` and `Last-Modified` headers
162
- * Fix bug in Node Redis engine where `undefined` was used if no namespace given
163
- * Flush Redis message queues using a transaction to avoid re-delivery of messages
164
- * Fix race condition and timing errors present in Redis locking code
165
- * Use `Cache-Control: no-cache, no-store` on JSON-P responses
166
- * Improvements to the CORS and JSON-P transports
167
- * Prevent retry handlers in transports from being invoked multiple times
168
- * Use the current page protocol by default when parsing relative URIs
345
+ - Cache client script in memory and add `ETag` and `Last-Modified` headers
346
+ - Fix bug in Node Redis engine where `undefined` was used if no namespace given
347
+ - Flush Redis message queues using a transaction to avoid re-delivery of
348
+ messages
349
+ - Fix race condition and timing errors present in Redis locking code
350
+ - Use `Cache-Control: no-cache, no-store` on JSON-P responses
351
+ - Improvements to the CORS and JSON-P transports
352
+ - Prevent retry handlers in transports from being invoked multiple times
353
+ - Use the current page protocol by default when parsing relative URIs
169
354
 
170
355
 
171
356
  ### 0.6.6 / 2011-09-12
172
357
 
173
- * Add `:key` and `:cert` options to the `Adapter#listen` methods for setting up SSL
174
- * Fix error detection of CORS transport in IE9 running IE8 compatibility mode
175
- * Fix dependency versions so that Rubygems lets Faye install
358
+ - Add `:key` and `:cert` options to the `Adapter#listen` methods for setting up
359
+ SSL
360
+ - Fix error detection of CORS transport in IE9 running IE8 compatibility mode
361
+ - Fix dependency versions so that Rubygems lets Faye install
176
362
 
177
363
 
178
364
  ### 0.6.5 / 2011-08-29
179
365
 
180
- * Fix UTF-8 encoding bugs in draft-75/76 and protocol-8 WebSocket parsers
181
- * Switch to streaming parser for WebSocket protocol-8
182
- * Remove an `SREM` operation that shouldn't have been in the Redis engine
183
- * Move `thin_extensions.rb` so it's not on the Rubygems load path
366
+ - Fix UTF-8 encoding bugs in draft-75/76 and protocol-8 WebSocket parsers
367
+ - Switch to streaming parser for WebSocket protocol-8
368
+ - Remove an `SREM` operation that shouldn't have been in the Redis engine
369
+ - Move `thin_extensions.rb` so it's not on the Rubygems load path
184
370
 
185
371
 
186
372
  ### 0.6.4 / 2011-08-18
187
373
 
188
- * Support WebSocket protocol used by Chrome 14 and Firefox 6
189
- * Fix handling of multibyte characters in WebSocket messages on Node
190
- * Improve message routing in Node memory engine to avoid false duplicates
374
+ - Support WebSocket protocol used by Chrome 14 and Firefox 6
375
+ - Fix handling of multibyte characters in WebSocket messages on Node
376
+ - Improve message routing in Node memory engine to avoid false duplicates
191
377
 
192
378
 
193
379
  ### 0.6.3 / 2011-07-10
194
380
 
195
- * Use sequential message IDs to reduce memory usage on the client side
196
- * Only send advice with handshake and connect responses
197
- * Stop trying to publish `/meta/*` messages - no-one is listening and it breaks `/**`
198
- * Fix bug causing invalid listeners to appear after a client reconnection
199
- * Stop loading `rubygems` within our library code
200
- * Make sure we only queue a message for each client once in the Redis engine
201
- * Use lists instead of sets for message queues in Redis
202
- * Improve clean-up of expired clients in Redis engine
381
+ - Use sequential message IDs to reduce memory usage on the client side
382
+ - Only send advice with handshake and connect responses
383
+ - Stop trying to publish `/meta/*` messages - no-one is listening and it breaks
384
+ `/**`
385
+ - Fix bug causing invalid listeners to appear after a client reconnection
386
+ - Stop loading `rubygems` within our library code
387
+ - Make sure we only queue a message for each client once in the Redis engine
388
+ - Use lists instead of sets for message queues in Redis
389
+ - Improve clean-up of expired clients in Redis engine
203
390
 
204
391
 
205
392
  ### 0.6.2 / 2011-06-19
206
393
 
207
- * Add authentication, database selection and namespacing to Redis engine
208
- * Clean up all client data when removing clients from Redis
209
- * Fix `cross-origin-long-polling` for `OPTIONS`-aware browsers
210
- * Update secure WebSocket detection for recent Node versions
211
- * Reinstate `faye.client` field in Rack environment
394
+ - Add authentication, database selection and namespacing to Redis engine
395
+ - Clean up all client data when removing clients from Redis
396
+ - Fix `cross-origin-long-polling` for `OPTIONS`-aware browsers
397
+ - Update secure WebSocket detection for recent Node versions
398
+ - Reinstate `faye.client` field in Rack environment
212
399
 
213
400
 
214
401
  ### 0.6.1 / 2011-06-06
215
402
 
216
- * Fix `cross-origin-long-polling` support in `RackAdapter`
217
- * Plug some potential memory leaks in `Memory` engine
403
+ - Fix `cross-origin-long-polling` support in `RackAdapter`
404
+ - Plug some potential memory leaks in `Memory` engine
218
405
 
219
406
 
220
407
  ### 0.6.0 / 2011-05-21
221
408
 
222
- * Extract core logic into the `Engine` class to support swappable backends
223
- * Introduce a Redis-backed engine to support clustered web front-ends
224
- * Use CORS for `cross-domain long-polling`
225
- * Make server more resilient against bad requests, including empty message lists
226
- * Perform subscription validation on the server and use errbacks to signal errors
227
- * Prohibit publishing to wildcard channels
228
- * Unsubscribing from a channel is now O(1) instead of O(N)
229
- * Much more thorough and consistent unit test coverage of both versions
230
- * Automatic integration tests using Terminus and TestSwarm
409
+ - Extract core logic into the `Engine` class to support swappable backends
410
+ - Introduce a Redis-backed engine to support clustered web front-ends
411
+ - Use CORS for `cross-domain long-polling`
412
+ - Make server more resilient against bad requests, including empty message lists
413
+ - Perform subscription validation on the server and use errbacks to signal
414
+ errors
415
+ - Prohibit publishing to wildcard channels
416
+ - Unsubscribing from a channel is now O(1) instead of O(N)
417
+ - Much more thorough and consistent unit test coverage of both versions
418
+ - Automatic integration tests using Terminus and TestSwarm
231
419
 
232
420
 
233
421
  ### 0.5.5 / 2011-01-16
234
422
 
235
- * Open a real socket to check for WebSocket usability, not just object detection
236
- * Catch server-side errors when handshaking with WebSockets
423
+ - Open a real socket to check for WebSocket usability, not just object detection
424
+ - Catch server-side errors when handshaking with WebSockets
237
425
 
238
426
 
239
427
  ### 0.5.4 / 2010-12-19
240
428
 
241
- * Add a `#callback` method to `Subscriptions` to detect when they become active
242
- * Add `:extensions` option to `RackAdapter` to make it easier to extend middleware
243
- * Detect secure WebSocket requests through the `HTTP_X_FORWARDED_PROTO` header
244
- * Handle socket errors when sending WebSocket messages from `NodeAdapter`
245
- * Use exponential backoff to reconnect client-side WebSockets to reduce CPU load
429
+ - Add a `#callback` method to `Subscriptions` to detect when they become active
430
+ - Add `:extensions` option to `RackAdapter` to make it easier to extend
431
+ middleware
432
+ - Detect secure WebSocket requests through the `HTTP_X_FORWARDED_PROTO` header
433
+ - Handle socket errors when sending WebSocket messages from `NodeAdapter`
434
+ - Use exponential backoff to reconnect client-side WebSockets to reduce CPU load
246
435
 
247
436
 
248
437
  ### 0.5.3 / 2010-10-21
249
438
 
250
- * Improve detection of `wss:` requirement for secure WebSocket connections
251
- * Correctly use default ports (80,443) for server-side HTTP connections
252
- * Support legacy `application/x-www-form-urlencoded` POST requests
253
- * Delete unused Channel objects that have all their subscribers removed
254
- * Fix resend/reconnect logic in WebSocket transport
255
- * Keep client script in memory rather than reading it from disk every time
256
- * Prevent error-adding extensions from breaking the core protocol
439
+ - Improve detection of `wss:` requirement for secure WebSocket connections
440
+ - Correctly use default ports (80,443) for server-side HTTP connections
441
+ - Support legacy `application/x-www-form-urlencoded` POST requests
442
+ - Delete unused Channel objects that have all their subscribers removed
443
+ - Fix resend/reconnect logic in WebSocket transport
444
+ - Keep client script in memory rather than reading it from disk every time
445
+ - Prevent error-adding extensions from breaking the core protocol
257
446
 
258
447
 
259
448
  ### 0.5.2 / 2010-08-12
260
449
 
261
- * Support draft-76 of the WebSocket protocol (FF4, Chrome 6)
262
- * Reduce `Connection::MAX_DELAY` to improve latency
450
+ - Support draft-76 of the WebSocket protocol (FF4, Chrome 6)
451
+ - Reduce `Connection::MAX_DELAY` to improve latency
263
452
 
264
453
 
265
454
  ### 0.5.1 / 2010-07-21
266
455
 
267
- * Fix a publishing problem in Ruby `LocalTransport`
456
+ - Fix a publishing problem in Ruby `LocalTransport`
268
457
 
269
458
 
270
459
  ### 0.5.0 / 2010-07-17
271
460
 
272
- * Handle multiple event listeners bound to a channel
273
- * Add extension system for adding domain-specific logic to the protocol
274
- * Improve handling of client reconnections if the server goes down
275
- * Change default polling interval to 0 (immediate reconnect)
276
- * Add support for WebSockets (draft75 only) as a network transport
277
- * Remove support for Ruby servers other than Thin
278
- * Make client and server compatible with CometD (1.x and 2.0) components
279
- * Improve clean-up of unused server-side connections
280
- * Change Node API for adding Faye service to an HTTP server
461
+ - Handle multiple event listeners bound to a channel
462
+ - Add extension system for adding domain-specific logic to the protocol
463
+ - Improve handling of client reconnections if the server goes down
464
+ - Change default polling interval to 0 (immediate reconnect)
465
+ - Add support for WebSockets (draft75 only) as a network transport
466
+ - Remove support for Ruby servers other than Thin
467
+ - Make client and server compatible with CometD (1.x and 2.0) components
468
+ - Improve clean-up of unused server-side connections
469
+ - Change Node API for adding Faye service to an HTTP server
281
470
 
282
471
 
283
472
  ### 0.3.4 / 2010-06-20
284
473
 
285
- * Stop local clients going into an infinite loop if a subscription block causes a reconnect
474
+ - Stop local clients going into an infinite loop if a subscription block causes
475
+ a reconnect
286
476
 
287
477
 
288
478
  ### 0.3.3 / 2010-06-07
289
479
 
290
- * Bring Node APIs up to date with 0.1.97
291
- * Catch `ECONNREFUSED` errors in Node clients to withstand server outages
292
- * Refactor the `Server` internals
480
+ - Bring Node APIs up to date with 0.1.97
481
+ - Catch `ECONNREFUSED` errors in Node clients to withstand server outages
482
+ - Refactor the `Server` internals
293
483
 
294
484
 
295
485
  ### 0.3.2 / 2010-04-04
296
486
 
297
- * Fix problems with JSON serialization when Prototype, MooTools present
298
- * Make the client reconnect if it doesn't hear from the server after a timeout
299
- * Stop JavaScript server returning `NaN` for `advice.interval`
300
- * Make Ruby server return an integer for `advice.interval`
301
- * Ensure EventMachine is running before handling messages
302
- * Handle `data` and `end` events properly in Node HTTP API
303
- * Switch to `application/json` for content types and stop using querystring format in POST bodies
304
- * Respond to any URL path under the mount point, not just the exact match
487
+ - Fix problems with JSON serialization when Prototype, MooTools present
488
+ - Make the client reconnect if it doesn't hear from the server after a timeout
489
+ - Stop JavaScript server returning `NaN` for `advice.interval`
490
+ - Make Ruby server return an integer for `advice.interval`
491
+ - Ensure EventMachine is running before handling messages
492
+ - Handle `data` and `end` events properly in Node HTTP API
493
+ - Switch to `application/json` for content types and stop using querystring
494
+ format in POST bodies
495
+ - Respond to any URL path under the mount point, not just the exact match
305
496
 
306
497
 
307
498
  ### 0.3.1 / 2010-03-09
308
499
 
309
- * Pass client down through Rack stack as `env['faye.client']`
310
- * Refactor some JavaScript internals to mirror Ruby codebase
500
+ - Pass client down through Rack stack as `env['faye.client']`
501
+ - Refactor some JavaScript internals to mirror Ruby codebase
311
502
 
312
503
 
313
504
  ### 0.3.0 / 2010-03-01
314
505
 
315
- * Add server-side clients for Node.js and Ruby environments
316
- * Clients support both HTTP and in-process transports
317
- * Fix ID generation in JavaScript version to 128-bit IDs
318
- * Fix bug in interpretation of `**` channel wildcard
319
- * Users don't have to call `#connect()` on clients any more
320
- * Fix timeout race conditions that were killing active connections
321
- * Support new Node APIs from 0.1.29.
506
+ - Add server-side clients for Node.js and Ruby environments
507
+ - Clients support both HTTP and in-process transports
508
+ - Fix ID generation in JavaScript version to 128-bit IDs
509
+ - Fix bug in interpretation of `**` channel wildcard
510
+ - Users don't have to call `#connect()` on clients any more
511
+ - Fix timeout race conditions that were killing active connections
512
+ - Support new Node APIs from 0.1.29.
322
513
 
323
514
 
324
515
  ### 0.2.2 / 2010-02-10
325
516
 
326
- * Kick out requests with malformed JSON as 400s
517
+ - Kick out requests with malformed JSON as 400s
327
518
 
328
519
 
329
520
  ### 0.2.1 / 2010-02-04
330
521
 
331
- * Fix server-side flushing of callback-polling connections
332
- * Backend can be used cross-domain if running on Node or Thin
522
+ - Fix server-side flushing of callback-polling connections
523
+ - Backend can be used cross-domain if running on Node or Thin
333
524
 
334
525
 
335
526
  ### 0.2.0 / 2010-02-02
336
527
 
337
- * Port server to JavaScript with an adapter for Node.js
338
- * Support Thin's async responses in the Ruby version for complete non-blocking
339
- * Fix some minor client-side bugs in transport choice
528
+ - Port server to JavaScript with an adapter for Node.js
529
+ - Support Thin's async responses in the Ruby version for complete non-blocking
530
+ - Fix some minor client-side bugs in transport choice
340
531
 
341
532
 
342
533
  ### 0.1.1 / 2009-07-26
343
534
 
344
- * Fix a broken client build
535
+ - Fix a broken client build
345
536
 
346
537
 
347
538
  ### 0.1.0 / 2009-06-15
348
539
 
349
- * Ruby Bayeux server and Rack adapter
350
- * Internally evented using EventMachine, web frontend blocks
351
- * JavaScript client with `long-polling` and `callback-polling`
352
-
540
+ - Ruby Bayeux server and Rack adapter
541
+ - Internally evented using EventMachine, web frontend blocks
542
+ - JavaScript client with `long-polling` and `callback-polling`