Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 18 commits
- 13 files changed
- 7 contributors
Commits on Oct 25, 2016
Commits on Nov 18, 2016
Commits on Nov 28, 2016
-
Merge pull request #83 from awaterma/public-suffix
Updates to public suffix list.
Commits on Sep 21, 2017
-
-
Merge pull request #97 from salesforce/spaces-ReDoS
Constrain spaces before = to 256
-
Commits on Sep 22, 2017
-
Parse cookie-pair part without regexp
Specifically to avoid any more hidden ReDoS in those regexes. Seems to run tests in 6.9s vs 7.0s so might be a bit of a speed bonus on some platforms!
-
Avoid unbounded Regexp parts in date parsing
Replaces a bunch of `[^\d]*$` with bounded `(?:[^\d]|$)` Double checked the RFC6265 spec: time cannot have non-digits beside the colons.
-
-
Convert date-time parser from regexp, expand tests
None of the regexps (at least, when they were removed) are vulnerable to ReDoS. However, took this opportunity to check that the RFC is being closer and more clearly documented where in the code. Another way to put this: "regexps are magic and hinder code analysis" Introduced some equivalence tests to ensure that certain "weird" dates are indeed parsing the same as their "canonical" RFC6265 counterpart.
-
Commits on Feb 24, 2018
-
Merge pull request #100 from salesforce/no-re-parser
No-RegExp parser. Integration tested with latest `jsdom` and `request`
-
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v2.3.2...v2.3.4