npm - axios - Versions diffs - 1.6.0 → 1.6.2 - Mend

axios 1.6.0 → 1.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of axios might be problematic. Click here for more details.

Files changed (25) hide show

package/CHANGELOG.md +44 -0
package/README.md +5 -2
package/dist/axios.js +222 -172
package/dist/axios.js.map +1 -1
package/dist/axios.min.js +1 -1
package/dist/axios.min.js.map +1 -1
package/dist/browser/axios.cjs +177 -180
package/dist/browser/axios.cjs.map +1 -1
package/dist/esm/axios.js +177 -180
package/dist/esm/axios.js.map +1 -1
package/dist/esm/axios.min.js +1 -1
package/dist/esm/axios.min.js.map +1 -1
package/dist/node/axios.cjs +240 -192
package/dist/node/axios.cjs.map +1 -1
package/index.d.cts +1 -0
package/index.d.ts +1 -0
package/lib/adapters/xhr.js +14 -12
package/lib/core/mergeConfig.js +1 -0
package/lib/env/data.js +1 -1
package/lib/helpers/cookies.js +39 -49
package/lib/helpers/isURLSameOrigin.js +2 -2
package/lib/platform/browser/index.js +0 -51
package/lib/platform/common/utils.js +47 -0
package/lib/platform/index.js +5 -1
package/package.json +2 -1

package/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,49 @@
 # Changelog
+## [1.6.2](https://github.com/axios/axios/compare/v1.6.1...v1.6.2) (2023-11-14)
+### Features
+* **withXSRFToken:** added withXSRFToken option as a workaround to achieve the old `withCredentials` behavior; ([#6046](https://github.com/axios/axios/issues/6046)) ([cff9967](https://github.com/axios/axios/commit/cff996779b272a5e94c2b52f5503ccf668bc42dc))
+### PRs
+- feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old &#x60;withCredentials&#x60; behavior; ( [#6046](https://api.github.com/repos/axios/axios/pulls/6046) )
+```
+📢 This PR added &#x27;withXSRFToken&#x27; option as a replacement for old withCredentials behaviour.
+You should now use withXSRFToken along with withCredential to get the old behavior.
+This functionality is considered as a fix.
+```
+### Contributors to this release
+- <img src="https://avatars.githubusercontent.com/u/12586868?v&#x3D;4&amp;s&#x3D;18" alt="avatar" width="18"/> [Dmitriy Mozgovoy](https://github.com/DigitalBrainJS "+271/-146 (#6081 #6080 #6079 #6078 #6046 #6064 #6063 )")
+- <img src="https://avatars.githubusercontent.com/u/79681367?v&#x3D;4&amp;s&#x3D;18" alt="avatar" width="18"/> [Ng Choon Khon (CK)](https://github.com/ckng0221 "+4/-4 (#6073 )")
+- <img src="https://avatars.githubusercontent.com/u/9162827?v&#x3D;4&amp;s&#x3D;18" alt="avatar" width="18"/> [Muhammad Noman](https://github.com/mnomanmemon "+2/-2 (#6048 )")
+## [1.6.1](https://github.com/axios/axios/compare/v1.6.0...v1.6.1) (2023-11-08)
+### Bug Fixes
+* **formdata:** fixed content-type header normalization for non-standard browser environments; ([#6056](https://github.com/axios/axios/issues/6056)) ([dd465ab](https://github.com/axios/axios/commit/dd465ab22bbfa262c6567be6574bf46a057d5288))
+* **platform:** fixed emulated browser detection in node.js environment; ([#6055](https://github.com/axios/axios/issues/6055)) ([3dc8369](https://github.com/axios/axios/commit/3dc8369e505e32a4e12c22f154c55fd63ac67fbb))
+### Contributors to this release
+- <img src="https://avatars.githubusercontent.com/u/12586868?v&#x3D;4&amp;s&#x3D;18" alt="avatar" width="18"/> [Dmitriy Mozgovoy](https://github.com/DigitalBrainJS "+432/-65 (#6059 #6056 #6055 )")
+- <img src="https://avatars.githubusercontent.com/u/3982806?v&#x3D;4&amp;s&#x3D;18" alt="avatar" width="18"/> [Fabian Meyer](https://github.com/meyfa "+5/-2 (#5835 )")
+### PRs
+- feat(withXSRFToken): added withXSRFToken option as a workaround to achieve the old &#x60;withCredentials&#x60; behavior; ( [#6046](https://api.github.com/repos/axios/axios/pulls/6046) )
+```
+📢 This PR added &#x27;withXSRFToken&#x27; option as a replacement for old withCredentials behaviour.
+You should now use withXSRFToken along with withCredential to get the old behavior.
+This functionality is considered as a fix.
+```
 # [1.6.0](https://github.com/axios/axios/compare/v1.5.1...v1.6.0) (2023-10-26)

package/README.md CHANGED Viewed

@@ -452,6 +452,9 @@ These are the available config options for making requests. Only the `url` is re
   // `xsrfHeaderName` is the name of the http header that carries the xsrf token value
   xsrfHeaderName: 'X-XSRF-TOKEN', // default
+  // `undefined` (default) - set XSRF header only for the same origin requests
+  withXSRFToken: boolean | undefined | ((config: InternalAxiosRequestConfig) => boolean | undefined),
   // `onUploadProgress` allows handling of progress events for uploads
   // browser & node.js
@@ -543,7 +546,7 @@ These are the available config options for making requests. Only the `url` is re
   // automatically. If set to `true` will also remove the 'content-encoding' header
   // from the responses objects of all decompressed responses
   // - Node only (XHR cannot turn off decompression)
-  decompress: true // default
+  decompress: true, // default
   // `insecureHTTPParser` boolean.
   // Indicates where to use an insecure HTTP parser that accepts invalid HTTP headers.
@@ -551,7 +554,7 @@ These are the available config options for making requests. Only the `url` is re
   // Using the insecure parser should be avoided.
   // see options https://nodejs.org/dist/latest-v12.x/docs/api/http.html#http_http_request_url_options_callback
   // see also https://nodejs.org/en/blog/vulnerability/february-2020-security-releases/#strict-http-header-parsing-none
-  insecureHTTPParser: undefined // default
+  insecureHTTPParser: undefined, // default
   // transitional options for backward compatibility that may be removed in the newer versions
   transitional: {