Merge remote-tracking branch 'upstream/master'

Sebastian.Just · Sebastian.Just · commit bf894bf2d908 · 2014-10-08T14:16:21.000-04:00
Conflicts:
	lib/uploadhandler.js
diff --git a/History.md b/History.md
@@ -1,3 +1,23 @@
+0.1.7 / 2014-10-09
+==================
+
+  * #58 improved support for IE9
+
+0.1.6 / 2014-10-04
+==================
+
+  * #56 avoid path traversal in DELETE requests
+
+0.1.5 / 2014-08-02
+==================
+
+  * #31 request and response objects passed to event handlers
+
+0.1.4 / 2014-07-06
+==================
+
+  * #53 documentation update
+
 0.1.3 / 2014-07-05
 ==================
 
diff --git a/README.md b/README.md
@@ -100,7 +100,7 @@ More sophisticated example - Events
         app.use('/upload', upload.fileHandler());
 
         // events
-        upload.on('begin', function (fileInfo) { 
+        upload.on('begin', function (fileInfo, req, res) { 
             // fileInfo structure is the same as returned to browser
             // { 
             //     name: '3 (3).jpg',
@@ -113,10 +113,10 @@ More sophisticated example - Events
             //     thumbnail_url: 'http://youhost/uploads/thumbnail/3%20(3).jpg' 
             // }
         });
-        upload.on('abort', function (fileInfo) { ... });
-        upload.on('end', function (fileInfo) { ... });
-        upload.on('delete', function (fileInfo) { ... });
-        upload.on('error', function (e) {
+        upload.on('abort', function (fileInfo, req, res) { ... });
+        upload.on('end', function (fileInfo, req, res) { ... });
+        upload.on('delete', function (fileInfo, req, res) { ... });
+        upload.on('error', function (e, req, res) {
             console.log(e.message);
         });
 ```
@@ -278,6 +278,9 @@ Other options and their default values:
 
    * [@soomtong](http://github.com/soomtong)
    * [@gsarwohadi](https://github.com/gsarwohadi)
+   * [@peecky](https://github.com/peecky)
+   * [@tonyspiro](https://github.com/tonyspiro)
+   * [@derjust](https://github.com/derjust)
 
 ## License
 Copyright (c) 2012 [Aleksandr Guidrevitch](http://aguidrevitch.blogspot.com/)
diff --git a/lib/filehandler.js b/lib/filehandler.js
@@ -21,19 +21,19 @@ module.exports = function (middleware, options) {
         });
 
         handler.on('begin', function (fileInfo) {
-            middleware.emit('begin', fileInfo);
+            middleware.emit('begin', fileInfo, req, res);
         });
         handler.on('end', function (fileInfo) {
-            middleware.emit('end', fileInfo);
+            middleware.emit('end', fileInfo, req, res);
         });
         handler.on('abort', function (fileInfo) {
-            middleware.emit('abort', fileInfo);
+            middleware.emit('abort', fileInfo, req, res);
         });
         handler.on('error', function (e) {
-            middleware.emit('abort', e);
+            middleware.emit('abort', e, req, res);
         });
         handler.on('delete', function (fileName) {
-            middleware.emit('delete', fileName);
+            middleware.emit('delete', fileName, req, res);
         });
 
         switch (req.method) {
diff --git a/lib/uploadhandler.js b/lib/uploadhandler.js
@@ -26,9 +26,16 @@ module.exports = function (options) {
     UploadHandler.prototype.noCache = function () {
         this.res.set({
             'Pragma': 'no-cache',
-            'Cache-Control': 'no-store, no-cache, must-revalidate',
-        //    'Content-Disposition': 'inline; filename="files.json"'
+            'Cache-Control': 'no-store, no-cache, must-revalidate'
         });
+        if ((this.req.get("Accept") || "").indexOf("application/json") != -1) {
+            this.res.set({
+                'Content-Type': 'application/json',
+                'Content-Disposition': 'inline; filename="files.json"'
+            });
+        } else {
+            this.res.set({ 'Content-Type': 'text/plain' });
+        }
     };
 
     UploadHandler.prototype.get = function () {
@@ -177,18 +184,12 @@ module.exports = function (options) {
         var filepath = path.join(options.uploadDir(), fileName);
         if (filepath.indexOf(options.uploadDir()) !== 0) {
             self.emit('delete', fileName);
-            self.callback({success: false});            
+            self.callback({success: false});
             return;
         }
         fs.unlink(filepath, function (ex) {
             _.each(options.imageVersions, function (value, version) {
-                var versionfilepath = path.join(options.uploadDir(), version, fileName);
-                if (versionfilepath.indexOf(options.uploadDir()) !== 0) {
-                    self.emit('delete', fileName);
-                    self.callback({success: false});            
-                    return;
-                }
-                fs.unlink(versionfilepath);
+                fs.unlink(path.join(options.uploadDir(), version, fileName));
             });
             self.emit('delete', fileName);
             self.callback({success: !ex});
diff --git a/package.json b/package.json
@@ -8,7 +8,7 @@
     "express",
     "middleware"
   ],
-  "version": "0.1.3",
+  "version": "0.1.7",
   "dependencies": {
     "formidable": ">=1.0.11",
     "imagemagick": ">=0.1.2",
@@ -29,6 +29,6 @@
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1"
   },
-  "_id": "jquery-file-upload-middleware@0.1.3",
+  "_id": "jquery-file-upload-middleware@0.1.7",
   "license": "MIT"
 }
