Changelog

#4473
Node 20 fixes
#4460
FIX add compressed to ResponseObject type
#4446
failAction loses stacktrace context
#4449
chore: use new statehood types
#4413
Pass ServerApplicationState to server extensions
21.3.0
breaking changes
#4425
Add option to limit maxParts in multipart payloads
#4417
chore: bump hoek
#4422
Update README.md
#4421
adding colin to tsc members
#4415
Correct the ResponseObject type
#4407
Add type for preflight status code in cors options
#4402
Updates to TypeScript definitions
#4401
update types for xss
#4400
Enhance plugin types
#4398
Move TypeScript definition from DT (as-is)
#4396
Fix handling of no remoteAddress available
#4391
Fix node version requirement
#4386
21.0.0 Release Notes
#4366
Allow matching prereleases when validating plugin version requirements
#4361
Upgrade production deps for hapi v21 and node v18
#4357
Change default host to be IPv6-friendly
#4352
Change XSS header default to '0'
#4351
Change default CORS preflight status code w/ configuration
#4350
Make default error available in validation failAction
#4349
Enforce that response streams are always Stream.Readable
#4348
Ignore return value from generateResponse() prepare method
#4346
Drop node v12 support
#4288
Add support for event loop utilization based load limit
#4271
Remove JSONP support
#4229
failAction: detailedError to log, defaultError to response
#4347
Update hapijs/statehood to 7.0.4 from 7.0.3
#4345
Fix memory leaks from teamwork long standing notes
#4314
Fix tests for node v17
#4302
Soft deprecate returning a new object from generateResponse()
#4295
Revised request / inject abort handling
#4294
Server crashes if a requested aborted during sending a response.
#4289
Update server load default options on documentation
#4286
Initialize server settings defaults
#4283
Fix tests for node@16 error format change
#4281
Fix handling of auth scheme/strategy realms
#4274
Add optional payload authentication skip on credentials injection
#4264
Fix req end during response transmission
#4262
Streaming uploads cause truncated responses in node 16
#4257
Add response lifecycle tracking and checks
#4256
inert + hapi may be leaking file descriptors
#4250
Update to mimos v6
#4239
Fix abort test timing to be consistent from node v12 through v16
#4231
Update dependencies version range
#4225
Future-proof hapi for node v16, rely on res close rather than req
#4095
Rely on stream.destroy() whenever available
#4234
Allow for res to have already closed during transmission
#4221
Fix tests for citgm
#4219
Add policy event
#4203
Add closing event
#4194
Add a 'closing' event
#4104
Track cache policies
#4191
Preserve original response status on error after write, fix status message
#4182
server.inject does not reflect actual HTTP response in case of stream error
#4167
upgrade to labv24
#4089
[default-scope] Accept default scope as a valid route scope
#4083
Default auth scope not compatible with route auth scope
#4162
Use response instead of request when marshalling
#4161
fix: check if _isPayloadSupported is set
#4156
update handlebars dependency version
#4140
update to travis templates
#4139
update most out of date dependencies
#4138
20.0.0 Release Notes
#4134
headers: avoid sending null content-type
#4133
Content-type header is null when empty response is returned
#4132
README needs this change to parse the slogan for site
#4130
fixed teamwork version
#4123
Removing the route timeout validation
#4122
Payload timeout must be shorter than socket timeout
#4117
Implement `isInjected` read-only request property to indicate request…
#4116
Improved injected request detection
#4115
Replace joi with validate
#4113
The future of the hapi project
#4077
Decorate response object
#4073
Add new ext onPostResponse
#4072
Response Event For Aborted Requests Has Status Code Of 200
#4051
Expose (likely?) Content-Type on response object
#4041
How to access catbox client instances through the framework?
#4043
Update deps
#4027
Problem with settings global request.payload.multipart to true in Hapi v19
#4034
request.info.remoteAddress / request.info.remotePort undefined after connection closed (request aborted)
#4026
Update deps
#4022
Revert #4021
#4021
Retain '' result in inject in 204 response
#4020
support JSON.stringify() of request.info
#4019
Feature request: custom toJSON() method for request.info
#4018
Override request.url in setUrl()
#4017
19.0.0 Release Notes
#4015
Do not override request.payload if set manually in onRequest
#4013
Use private class fields
#4012
Drop node 10
#4011
Change scoped plugins name handling
#4006
server.validator()
#4002
fix(auth): properly populate request.auth on failed auth
#4000
auth scheme artifacts are dropped when mode is not 'try'
#3996
Decorate requests with symbols with apply=true
#3995
Fix ? in fragment part
#3987
Support SameSite=None for cookies
#3977
Remove request queue (options.load.concurrent)
#3976
Update hapijs/joi to 16.0.1 from 15.1.1
#3920
Change routes.payload.multipart to false by default
#3919
Change emptyStatusCode to 204 by default
#3910
Drop support for node v8
#4110
Update deps
#4046
Update deps
#3975
Support joi v16
#3974
Handle errors thrown during error response transmit
#3971
Fix some corner case client errors
#3965
Multiple leading slashes in path causes hostname to be parsed incorrectly
#3964
Custom "content-encoding" without vary header
#3956
ETags behind gateway that compresses responses
#3946
Add support for Chrome Apps and WebExtensions
#3968
v18.3.2
#3967
Update deps
#3943
Revise list of hop-by-hop headers
#3945
Support ext method timeout
#3944
server.stop timeout does not apply to onPreStop extension point
18.2.0
breaking changes
#3941
Change module namespace
#3922
Update hapijs/bourne to 1.1.1 from 1.0.0
#3917
Expose bourne options
#3914
Update hapijs/statehood to 6.0.9 from 6.0.8
#3912
Update hapijs/subtext to 6.0.12 from 6.0.11
#3909
Route validation should throw AssertionError
#3908
Update hapijs/vise to 3.0.2 from 3.0.1
#3907
Update hapijs/teamwork to 3.0.3 from 3.0.2
#3906
Update hapijs/joi to 14.3.1 from 14.0.4
#3905
Update hapijs/boom to 7.3.0 from 7.2.2
#3904
Update hapijs/catbox to 10.0.6 from 10.0.5
#3901
Change request.info.responded to indicate success and add request.info.completed
#3900
fix(transmit test): add missing await on team.work
#3898
Error tag incorrectly set (node 11)
#3897
Return credentials and artifacts from server.auth.test()
#3891
No Content-Type header when returning a stream
#3887
Change inject auth to object and require strategy name
#3884
"Cannot set headers after they are sent to the client" after returning h.abandon
#3882
Add validation for cookies (alt impl)
#3879
Set cookie autoValue only when no value received
#3878
Aborted requests show status code 200 in response event
#3876
Rework cache provisioning apis
#3875
Update hapijs/bounce to 1.2.3 from 1.2.2
#3874
Update hapijs/hoek to 6.1.2 from 6.0.2
#3873
Update hapijs/podium to 3.2.0 from 3.1.4
#3871
18.0.0 Release Notes
#3870
Update hapijs/catbox-memory to 4.0.1 from 3.1.3
#3832
Feature: built in cookie validation
#3831
State autoValue function overwrites existing cookie value
#3822
Use WHATWG URL for request.url
#4226
v17 fails to include response payload in POST requests
#4109
Update deps
#4047
Update deps
#4025
Update deps
#3942
Change module namespace v17
#3903
Handle signals in onRequest. Closes #3884
#3921
Update hapijs/bourne to 1.1.1 from 1.0.0
#3915
Shrinkwrap typo
#3913
Update hapijs/statehood to 6.0.9 from 6.0.8
#3911
Update hapijs/subtext to 6.0.12 from 6.0.11
#3886
Protect against invalid strategy name in server.auth.verify()
#3885
Support credentials verficiation
#3867
Specify node, hapi, and plugin version requirements
#3863
Remove engines
#3860
Update hapijs/subtext to 6.0.10 from 6.0.9
#3857
Include shrinkwrap file in dist
#3856
Update hapijs/vise to 3.0.1 from 3.0.0
#3855
Update hapijs/topo to 3.0.2 from 3.0.1
#3854
Update hapijs/subtext to 6.0.9 from 6.0.7
#3853
Update hapijs/statehood to 6.0.7 from 6.0.6
#3852
Update hapijs/shot to 4.0.6 from 4.0.5
#3851
Update hapijs/podium to 3.1.4 from 3.1.2
#3850
Update jshttp/mime-db to 1.37.0 from 1.35.0
#3849
Update hapijs/nigel to 3.0.3 from 3.0.1
#3848
Update hapijs/mimos to 4.0.1 from 4.0.0
#3847
Update hapijs/joi to 14.0.3 from 13.5.2
#3846
Update hueniverse/iron to 5.0.5 from 5.0.3
#3845
Update hapijs/heavy to 6.1.1 from 6.1.0
#3844
Update hapijs/catbox-memory to 3.1.3 from 3.1.2
#3843
Update hapijs/catbox to 10.0.4 from 10.0.3
#3842
Update hapijs/call to 5.0.2 from 5.0.1
#3841
Update hapijs/bounce to 1.2.1 from 1.2.0
#3840
Update hapijs/boom to 7.2.1 from 7.2.0
#3839
Update hapijs/b64 to 4.1.1 from 4.0.0
#3838
Update hapijs/ammo to 3.0.2 from 3.0.1
#3837
Update hapijs/accept to 3.1.2 from 3.0.2
#3836
Update hapijs/wreck to 14.1.2 from 14.0.2
#3835
Update hapijs/pez to 4.0.4 from 4.0.2
#3834
Update hapijs/nigel to 3.0.3 from 3.0.1
#3827
Expose request active status
#3826
Update hapijs/catbox to 10.0.3 from 10.0.2
#3821
onPreResponse not called when error returned/rethrown from failAction of error resp validation
#3813
redirecting in onRequest throws Cannot read property 'isOriginMatch' of null
17.5.3
breaking changes
#3808
Update jshttp/mime-db to 1.35.0 from 1.33.0
#3807
Update hapijs/joi to 13.5.2 from 13.2.0
#3792
Global cors and security options not respected in 404
#3782
Content type on empty string payloads
#3728
request.response should be null when response failed to transmit
#3801
Update hapijs/cryptiles to 4.1.2 from 4.1.1
#3796
do not attach request decorations to a shared prototype, alternative approach.
#3718
Request decorations leak across server instances in same process
#3791
support symbol properties in server.decorate()
#3786
Update hapijs/joi to 13.2.0 from 13.1.2
#3785
Update hapijs/ammo to 3.0.1 from 3.0.0
#3784
Update arb/big-time to 2.0.1 from 2.0.0
#3775
Add support for Referrer-Policy header
#3766
Add PATCH to `created` status, better error msg
#3765
Respect a response status schema of true
#3772
Update hapijs/catbox-memory to 3.1.2 from 3.1.1
#3771
Update hapijs/nigel to 3.0.1 from 3.0.2
#3770
Update hapijs/pez to 4.0.2 from 4.0.1
#3769
Update hapijs/statehood to 6.0.6 from 6.0.5
#3768
Update hapijs/content to 4.0.5 from 4.0.4
#3767
server.control()
#3760
Fix checksums
#3758
Request log with function data sends incorrect data
#3741
Replace new Buffer()
17.2.1
breaking changes
#3756
Update hapijs/shot to 4.0.5 from 4.0.3
#3755
Update hapijs/joi to 13.1.2 from 13.0.1
#3754
Update jshttp/mime-db to 1.33.0 from 1.31.0
#3753
Update hapijs/hoek to 5.0.3 from 5.0.2
#3752
Update hapijs/content to 4.0.4 from 4.0.3
#3751
Update hueniverse/bounce to 1.2.0 from 1.0.3
#3750
Update hapijs/boom to 7.2.0 from 7.1.1
#3717
Prefer user added encoding over built-in
#3701
Enable registered encoders to have higher priority than built-in
#3715
Basic concurrent load queue
#3714
Update hapijs/heavy to 6.1.0 from 6.0.0
#3712
Missing return in dispatch()
#3711
Cache stop() errors are not handled
#3708
Errors in "onPostStart" ext leave listener active forever
#3702
Fix server method registered as object without options
#3688
Hapi v17.0.2 cors origin
#3691
Route rules
#3689
Include method name in error
#3125
Allow decoration overrides with parent access support
#3686
Log errors thrown in custom response close method
#3679
[enhancement] https accept-encoding header brotli for chrome
#3675
Optimize accept-encoding for the most common headers
#3674
Update hapijs/cryptiles to 4.1.1 from 4.1.0
#3668
Bypass authorization when authentication bypassed
#3665
Rename route 'config' with 'options'
#3663
Loosen sample and modify peer validator in the routeBase schema
#3662
prerequisite returning empty string yields null on the pre object of request
#3658
17.0.0 Release Notes
#3657
Update hapijs/vise to 3.0.0 from 2.0.2
#3656
Update hapijs/topo to 3.0.0 from 2.0.2
#3655
Update hapijs/podium to 3.1.2 from 1.3.0
#3653
Update hapijs/nigel to 3.0.0 from 2.0.2
#3652
Update hapijs/mimos to 4.0.0 from 3.0.3
#3651
Update jshttp/mime-db to 1.31.0 from 1.29.0
#3650
Update hueniverse/iron to 5.0.4 from 4.0.5
#3649
Update hapijs/hoek to 5.0.2 from 4.2.0
#3648
Update hapijs/cryptiles to 4.1.0 from 3.1.2
#3647
Update hapijs/content to 4.0.3 from 3.0.6
#3646
Update hapijs/catbox-memory to 3.1.1 from 2.0.4
#3645
Update hapijs/catbox to 10.0.2 from 7.1.5
#3644
Update hapijs/call to 5.0.1 from 4.0.2
#3643
Update hapijs/boom to 7.1.1 from 5.2.0
#3642
Update hapijs/b64 to 4.0.0 from 3.0.2
#3641
Update hapijs/ammo to 3.0.0 from 2.0.4
#3640
Update hapijs/accept to 3.0.2 from 2.1.4
#3639
Update hapijs/statehood to 6.0.5 from 5.0.3
#3638
Update hapijs/shot to 4.0.3 from 3.4.2
#3637
Update hapijs/heavy to 6.0.0 from 4.0.4
#3636
Update hapijs/wreck to 14.0.2 from 13.0.3
#3635
Expose payload and credentials to dynamic scopes
#3634
onCredentials ext point
#3633
Separate authorization (403) from authentication (401)
#3632
Add negative test on registering plugin twice without `once`
#3631
When event data is an error, field name is error
#4108
Support node 12
#4048
Update deps
#3960
Send 400 bad request on parse error
#3937
16.8.0-Commercial Release Notes
#3933
v16 commercial license version
#3932
Discontinued support for hapi v16
#3899
v16: look into compatibility with node 10
#3869
Specify node, hapi, and plugin version requirements (#3867)
#3866
Remove engines
16.6.4
breaking changes
#3862
Remove support for node 4
#3861
Remove shrinkwrap
#3586
Remove per-response events emitter validation
#3585
Update hapijs/joi to 11.1.0 from 10.6.0
#3582
Support joi 11 paths arrays. Fixes #3581.
#3570
Update hapijs/content to 3.0.6 from 3.0.5
#3560
fix response.message(httpMessage)
#3506
Add json escape option
#3561
Aborted responses return 200 code in inject
#3552
Updating from 16.4.3 to 16.5.0: Podium.decorate is not a function error
#3528
"disconnect" event on the "request" object is never emitted
#3551
Update hapijs/statehood to 5.0.3 from 5.0.2
#3550
Update hapijs/content to 3.0.5 from 3.0.4
#3548
Update hapijs/boom to 5.2.0 from 5.1.0
#3545
Update hapijs/joi to 10.6.0 from 10.5.2
#3544
Update jshttp/mime-db to 1.29.0 from 1.28.0
#3543
Update hapijs/catbox to 7.1.5 from 7.1.4
#3542
Update hapijs/podium to 1.3.0 from 1.2.5
#3541
Update hapijs/hoek to 4.2.0 from 4.1.1
#3539
Add payload fail action custom handler
#3533
Update hapijs/subtext to 5.0.0 from 4.4.1
#3532
Remove joi validation when creating request podium events
#3531
Return 413 when payload too large.
#3526
Consider wildcard filtering for debug options
#3523
Update lab and fix indentation
#3520
Fixed validation of server's Joi options
#3519
allow decoration of reply with non functions
#3516
Invalid cookie header despite strictHeader: false, ignoreErrors: true
#3483
Filename detecting problem on uploading file with apostrophes
#3480
RST packet instead of a FIN packet to close the response on Heroku
#3464
Throwing inside response event breaks new events
#3514
TypeError: Cannot set property 'hostname' of undefined
#3517
Restore npm-shrinkwrap.json file
#3512
Remove npm-shrinkwrap
#3511
Update hapijs/joi to 10.5.2 from 10.5.1
#3505
Remove isemail deps from shrinkwrap
#3486
Provide cover for unhandled rejections
#3429
Better support for async handlers
#3510
Update hapijs/shot to 3.4.2 from 3.4.0
#3507
Node 8 fixes
#3461
explicitly destroy sockets on clientError
#3441
Fix several request.url property issues on setUrl()
#3409
Adding server.inspect to list decorated framework interfaces
#3502
Update hapijs/wreck to 12.2.2 from 10.0.0
#3501
Update hapijs/subtext to 4.4.1 from 4.3.0
#3500
Update hapijs/statehood to 5.0.2 from 5.0.1
#3499
Update hapijs/pez to 2.1.5 from 2.1.4
#3498
Update jshttp/mime-db to 1.28.0 from 1.25.0
#3497
Update hapijs/joi to 10.5.1 from 10.1.0
#3496
Update hueniverse/iron to 4.0.5 from 4.0.4
#3495
Update hapijs/hoek to 4.1.1 from 4.1.0
#3494
Update hapijs/heavy to 4.0.4 from 4.0.3
#3493
Update hapijs/cryptiles to 3.1.2 from 3.1.1
#3492
Update hapijs/content to 3.0.4 from 3.0.3
#3491
Update hapijs/catbox to 7.1.3 from 7.1.4
#3490
Update hapijs/call to 4.0.2 from 4.0.0
#3489
Update hapijs/boom to 5.1.0 from 4.2.0
#3488
Update hapijs/ammo to 2.0.4 from 2.0.3
#3487
Update hapijs/accept to 2.1.4 from 2.1.3
#3472
Send connection close when there is unconsumed payload
#3470
Defer 100-continue signalling until payload parsing
#3451
Have access to request.app in Joi validation context
#3448
Bind request continuation methods to current domain
#3447
one server is always leaked
#3431
when failAction is log or ignored, the error is assigned to request.preResponse but not request.pre
#3427
reply.entity() will always return null for correct etags
#3466
Non-handling of accept-encoding header when the value does not conform to the specification
#3446
remove extra closure
16.1.0
breaking changes
#3416
Update hapijs/joi to 10.1.0 from 10.0.1
#3415
Allow creating multiple connections in a single server.connection() call
#3414
Connectionless plugin fails inside connection-full plugin
#3411
Falsey payload returns null
#3401
Attempt to fix #3399 where it crashes on route prerequisites when no domain is present
#3399
Regression on 16, lib/handlers.js
#3398
16.0.0 Release Notes
#3397
Update hapijs/ammo to 2.0.3 from 2.0.2
#3396
Update hapijs/call to 4.0.0 from 3.0.3
#3395
Update hapijs/catbox to 7.1.3 from 7.1.2
#3394
Update hapijs/heavy to 4.0.3 from 4.0.2
#3393
Update hapijs/podium to 1.2.5 from 1.2.3
#3392
Update hapijs/shot to 3.4.0 from 3.3.2
#3391
Update hapijs/statehood to 5.0.1 from 5.0.0
#3390
Update jshttp/mime-db to 1.25.0 from 1.23.0
#3389
Update hapijs/content to 3.0.3 from 3.0.2
#3388
Update hapijs/pez to 2.1.4 from 2.1.2
#3387
Update hapijs/accept to 2.1.3 from 2.1.2
#3386
Update hapijs/catbox-memory to 2.0.4 from 2.0.3
#3385
Update hapijs/joi to 10.0.1 from 9.0.4
#3384
Update hapijs/cryptiles to 3.1.1 from 3.0.2
#3383
Update hapijs/boom to 4.2.0 from 4.0.0
#3381
problems with Promise error handling in plugin registration
#3380
Ensure Boom objects can be reused - Fix for issue #3378
#3378
Server fails to reuse Boom object
#3372
Allow HTTPS long poll requests
#3369
Deprecation Warning in Node v7.0.0 for call to os.tmpDir
#3368
change deprecated os.tmpDir call to os.tmpdir
#3359
Shrinkwrap fails with hapi version 15.1.1
#3358
fix server not propagating errors on prehandler(promise) + handler error (#3242)
#3347
Major performance issue with hapi.js 15.x
#3242
Using promises in prehandlers causes exceptions to be swallowed in handlers.
#3366
Update hapijs/subtext to 4.3.0 from 4.2.2
#3355
Update hapijs/wreck to 10.0.0 from 9.0.0
#3354
Update hapijs/subtext to 4.2.2 from 4.2.1
#3352
npm shrinkwrap produces error with hapi
#3351
Fix subtext shrinkwrap
#3051
payload output inconsistent for single payload vs multipart
#3350
Conditional plugin connection-less mode
#3342
Update hapijs/shot to 3.3.2 from 3.3.1
#3341
Update hapijs/shot to 3.3.2 from 3.3.1
#3339
Restore npm-shrinkwrap.json to package. Closes #3338
#3338
`npm-shrinkwrap.json` not included in published `hapi` package
#3332
Update hapijs/podium to 1.2.3 from 1.2.1
#3330
Events not emitted when route handler throws
15.0.2
breaking changes
#3325
Allow initializing server without connections
#3324
Verify plugin dependencies for connections added after initialize() or start()
#3323
15.0.0 Release Notes
#3322
Bump hapijs/boom version to 4.0.0 from 3.2.2
#3320
Update hapijs/boom to 4.0.0 from 3.2.2
#3318
Update hapijs/statehood to 5.0.0 from 4.0.3
#3317
Update hueniverse/iron to 4.0.3 from 4.0.2
#3316
Update hapijs/wreck to 9.0.0 from 8.0.1
#3315
Update hapijs/call to 3.0.3 from 3.0.2
#3314
Update hapijs/ammo to 2.0.2 from 2.0.1
#3313
Expose request to server.encode() and decode() generators
#3308
Response validation custom handler
#3307
Update hapijs/shot to 3.3.1 from 3.1.1
#3306
Disable request getLog() by default
#3304
Errors when reply.continue() is called with an non-auth argument
#3303
Error when reply() is called with a third argument (non-auth)
#3302
Access to scope errors list from a Forbidden error
#3300
Support custom content-type payload decoders
#3299
Update hapijs/subtext to 4.2.0 from 4.0.5
#3298
Allow extending server encoding support
#3296
Custom events
#3295
server.register callback handling does not enforce process.nextTick
#3294
Replace node's EventEmitter interface
#3292
The "Vary: accept-encoding" header is not always set
#3291
Ensure that 206 responses are never compressed
#3275
Support for route authorization
#3243
Content type charset handling
#3237
Set response status message.
#3227
Set route validation bind context
#3214
Support failAction function on validation response failures
#3201
handle more types of promise rejection, for #3102
#3194
output validation error pass source along
#3286
Support unmodified early return
#3277
Route config function
#3272
14.0.0 Release Notes
#3271
hapi 13.5.1 (and 13.5.2) break if routes still use joi 8.x
#3249
Update hapijs/catbox to 7.1.2 from 7.1.1
#3270
Update hapijs/topo to 2.0.2 from 2.0.1
#3269
Update hapijs/wreck to 8.0.1 from 7.2.1
#3268
Update hapijs/vise to 2.0.2 from 2.0.1
#3267
Update hapijs/nigel to 2.0.2 from 2.0.1
#3266
Update hapijs/b64 to 3.0.2 from 3.0.1
#3265
Update hapijs/pez to 2.1.2 from 2.1.1
#3264
Update hapijs/context to 3.0.2 from 3.0.1
#3263
Update hapijs/subtext to 4.0.5 from 4.0.3
#3262
Update hapijs/statehood to 4.0.3 from 4.0.1
#3261
Update hapijs/shot to 3.1.1 from 3.1.0
#3260
Update hapijs/peekaboo to 2.0.2 from 2.0.1
#3259
Update hapijs/mimos to 3.0.3 from 3.0.2
#3258
Update hapijs/kilt to 2.0.2 from 2.0.1
#3257
Update moment/moment to 2.14.1 from 2.13.0
#3256
Update hapijs/isemail to 2.2.1 from 2.1.0
#3255
Update hapijs/joi to 9.0.4 from 8.1.0
#3254
Update hapijs/items to 2.1.1 from 2.1.0
#3253
Update hueniverse/iron to 4.0.2 from 4.0.1
#3252
Update hapijs/heavy to 4.0.2 from 4.0.1
#3251
Update hapijs/cryptiles to 3.0.2 from 3.0.1
#3250
Update hapijs/catbox-memory to 2.0.3 from 2.0.2
#3248
Update hapijs/call to 3.0.3 from 3.0.2
#3247
Update hapijs/ammo to 2.0.2 from 2.0.1
#3246
Update hapijs/hoek to 4.0.2 from 4.0.0
#3245
Update hapijs/boom to 3.2.2 from 3.2.0
#3244
Update hapijs/accept to 2.1.2 from 2.1.1
#3206
override default cache headers for error pages
#3178
Handle thrown error from res.setHeader() and res.writeHead()
#3174
Fixes #3155 - Calling reply without a payload on a JSONP route throws
#3228
Update hapijs/call to 3.0.2 from 3.0.1
#3216
Update hapijs/shot to 3.1.0 from 3.0.1
#3173
Update hapijs/nigel to 2.0.1 from 2.0.0
#3172
Update hapijs/b64 to 3.0.1 from 3.0.0
#3171
Update hapijs/pez to 2.1.1 from 2.1.0
#3170
Update hapijs/subtext to 4.0.3 from 4.0.1
#3169
Update hapijs/statehood to 4.0.1 from 4.0.0
#3168
Update hapijs/peekaboo to 2.0.1 from 2.0.0
#3167
Update hapijs/mimos to 3.0.1 from 3.0.0
#3166
Update hapijs/kilt to 2.0.1 from 2.0.0
#3165
Update hapijs/isemail to 2.1.0 from 2.1.2
#3164
Update hueniverse/iron to 4.0.1 from 4.0.0
#3163
Update hapijs/cryptiles to 3.0.1 from 3.0.0
#3162
Update hapijs/catbox-memory to 2.0.2 from 2.0.1
#3161
Update hapijs/catbox to 7.1.1 from 7.1.0
#3160
Update hapijs/call to 3.0.1 from 3.0.0
#3159
Update hapijs/boom to 3.2.0 from 3.1.3
#3158
Update hapijs/ammo to 2.0.1 from 2.0.0
#3157
Update hapijs/topo to 2.0.1 from 2.0.0
#3156
Update hapijs/wreck to 7.2.1 from 7.2.0
#3121
allow array as valid validate config on headers, params, query and payload
#3119
Support [] as payload validation
13.4.0
breaking changes
#3147
Pass original validation error if boom
#3146
Update hapijs/wreck to 7.2.0 from 7.0.2
#3145
Update hapijs/vise to 2.0.1 from 2.0.0
#3144
Update hapijs/content to 3.0.1 from 3.0.0
#3143
Update jshttp/mime-db to 1.23.0 from 1.22.0
#3142
Update moment/moment to 2.13.0 from 2.12.0
#3141
Update hapijs/joi to 8.1.0 from 8.0.4
#3140
Update hapijs/items to 2.1.0 from 2.0.0
#3139
Update hapijs/hoek to 4.0.0 from 3.0.4
#3138
Update hapijs/heavy to 4.0.1 from 4.0.0
#3137
Update hapijs/boom to 3.1.3 from 3.1.2
#3136
Update hapijs/accept to 2.1.1 from 2.1.0
#3115
Update hapijs/pez to 2.1.0 from 2.0.1
#3111
Update hapijs/subtext to 4.0.1 from 4.0.0
#3107
Permit validation on any payload type
#3068
Fast server shutdown
#3101
Auth entity error reports the wrong credential type used
#3044
Enable disabling cache-control headers
#2979
`.charset(charset)` doesn't work on its own in ext
#3083
Allow provisioning server cache after construction
#3082
Update hapijs/wreck to 7.0.2 from 7.0.0
#3081
Update hapijs/shot to 3.0.1 from 3.0.0
#3080
Update jshttp/mime-db to 1.22.0 from 1.20.0
#3079
Update moment/momemt to 2.12.0 from 2.11.0
#3078
Update hapijs/joi to 8.0.4 from 7.1.0
#3077
Update hapijs/boom to 3.1.2 from 3.1.1
#3069
Pass through cookie options when calling reply.unstate()
#3057
Don't re-initialize the server
#3042
Moment - Regular Expression Denial of Service
#3015
Can not change/remove the "accept-ranges" response header
#3014
Update JSON response stringify for better performance
#3040
13.0.0 Release Notes
#3039
Update hueniverse/iron to 4.0.0 from 3.0.1
#3038
Update hapijs/statehood to 4.0.0 from 3.1.0
#3018
Allow auth strategies to expose an api
#3013
Fix hapijs/shot dependency
#3012
Update hapijs/catbox to 7.1.0 from 7.0.0
#3011
Update hapijs/shot to 3.0.0 from 2.0.1
#3010
Update jshttp/mime-db to 1.20.0 from 1.19.0
#3009
Update moment/moment to 2.11.0 from 2.10.6
#3008
Update hapijs/isemail to 2.1.0 from 2.0.0
#3007
Update hapijs/joi to 7.1.0 from 7.0.0
#3006
Update hapijs/hoek to 3.0.4 from 3.0.0
#3005
Update hapijs/boom to 3.1.1 from 3.0.0
#3004
Update hapijs/accept to 2.1.0 from 2.0.0
#3002
Remove request.session and request.auth.session placeholders
#3001
Update hapijs/statehood to 3.1.0 from 3.0.0
#3000
Return a promise when callback missing
#2999
Support required scope with + prefix
#2998
Support multiple access combinations per route
#2994
Dynamic scope does not work with auth.default()
#2993
Support forbidden scope with ! prefix
#2992
Normalize auth scope and entity settings under new access option
#2988
Handle invalid date exceptions
#2985
12.0.0. Release Notes
#2983
Update hapijs/subtext to 4.0.0 from 3.0.1
#2972
Add validation check for stripUnknown route response option
#2966
request.raw.res.end() method is called twice
#2957
nameless cookie causing hapi fail parsing
#2936
Expose origin matching status
#2886
Add entire auth object to validation context options
#2990
Fix cors config cascade. Closes #2980
#2980
Route level CORS config overrides connection level defaults
#2987
Catch invalid date exceptions
#2953
Tests for issue #2950
#2950
Access-Control-Expose-Headers response header duplicate values
#2940
Fails to set a global route auth config
#2944
Update hapijs/subtext to 3.0.1 from 3.0.0
#2931
Lookup route during OPTIONS by using request.info.hostname. Closes #2930
#2930
Route not correctly looked up during CORS OPTIONS request when using vhost
#2929
Allow setting request app and plugins via inject
#2928
Support per-request decoration
#2894
CORS headers to include 'Origin'
#2923
Update hapijs/vise to 2.0.0 from 1.0.0
#2922
Update hapijs/nigel to 2.0.0 from 1.0.1
#2921
Update hapijs/pez to 2.0.1 from 1.0.0
#2920
Update hapijs/context to 3.0.0 from 1.0.2
#2919
Update hapijs/subtext to 3.0.0 from 2.0.2
#2918
Update hapijs/statehood to 3.0.0 from 2.1.1
#2917
Update hapijs/shot to 2.0.1 from 1.7.0
#2916
Update hapijs/qs to 6.0.0 from 5.2.0
#2915
Update hapijs/peekaboo to 2.0.0 from 1.0.0
#2914
Update hapijs/mimos to 3.0.0 from 2.0.2
#2913
Update hapijs/kilt to 2.0.0 from 1.1.1
#2912
Update hueniverse/iron to 3.0.1 from 2.1.3
#2911
Update hapijs/heavy to 4.0.0 from 3.0.1
#2910
Update hapijs/cryptiles to 3.0.0 from 2.0.5
#2909
Update hapijs/catbox-memory to 2.0.1 from 1.1.2
#2908
Update hapijs/isemail to 2.0.0 from 1.2.0
#2907
Update hapijs/topo to 2.0.0 from 1.1.0
#2906
Update hapijs/joi to 7.0.0 from 6.8.1
#2905
Update hapijs/catbox to 7.0.0 from 6.0.0
#2904
Update hapijs/call to 3.0.0 from 2.0.2
#2903
Update hapijs/ammo to 2.0.0 from 1.0.1
#2902
Update hapijs/accept to 2.0.0 from 1.1.0
#2901
Update hapijs/wreck to 7.0.0 from 6.2.0
#2900
Update hapijs/b64 to 3.0.0 from 2.0.1
#2899
Update hapijs/items to 2.0.0 from 1.1.0
#2898
Update hapijs/boom to 3.0.0 from 2.9.0
#2897
Update hapijs/hoek to 3.0.1 from 2.16.3
11.0.3
breaking changes
#2885
Update hapijs/subtext to 2.0.2 from 2.0.1
#2877
Replace all functions inside functions with arrow functions
#2875
Style change: replace for(i, il) with length in test
#2874
Replace var with let
#2873
Use const where possible
#2872
Add strict mode
#2870
Fix empty content-length handling for gzip and 204 responses
#2869
Gzip compression is skipped when content-length is unknown
#2868
CORS: Is 404 on OPTIONS request the right thing to do?
#2867
Skip extensions for notFound and badRequest
#2862
Update hapijs/subtext to 2.0.2 from 2.0.0
#2866
Fixed an issue with mixed-case headers not being matched correctly in CORS
#2852
request.params undefined when route not found
11.0.1
breaking changes
#2859
Add error messages to 404's caused by cors closes #2857
#2858
Add 'Accept' to default header per #2855
#2850
11.0.0 Release Notes
#2849
Add 204 to statuses cached by default
#2848
Allow response validation of non-objects
#2847
Update hapijs/qs to 5.2.0 from 4.0.0
#2845
Allow empty response to default to 204
#2840
CORS route-specific override can conflict with connection defaults
#2814
Remove server.after()
#2807
Remove id from request received event
10.5.0
breaking changes
#2844
Server new route event
#2829
Expanded `registrations` API. Added test. Updated docs.
#2491
CORS pre-fetch not respecting per-route config
#2836
Update hapijs/heavy to 3.0.1 from 3.0.0
10.4.0
breaking changes
#2828
Update hapijs/shot to 1.7.0 from 1.6.1
#2827
Enhance server.ext() to accept an array of event objects
#2826
Update hapijs/topo to 1.1.0 from 1.0.3
#2824
request.info.host - Host header wrong in server.inject
#2823
Skip empty extension points in request lifecycle
#2822
Plugin schema too restrictive
#2819
Replace single connection server decorations with assertions
#2818
Support plugin level once attribute
#2566
Lifecycle hooks on routes
#2754
Add connections inside a plugin
#2817
Multiple connectionless plugin exceptions
10.2.0
breaking changes
#2815
Cleanup after() options
#2813
Update server root methods when adding 2nd connection
#2812
Prevent adding server extensions once initialize() is called
#2811
Support connectionless plugins
#2809
Return plugin dependency errors via callback instead of throwing
#2808
Pass start() and initialize() errors via callback, not throw
#2806
Update hapijs/isemail to 1.2.0 from 1.1.1
#2805
Update hapijs/joi to 6.8.0 from 6.6.1
#2804
Apply arguments schema more consistently
#2796
don't duplicate accept-encoding in vary header
#2790
Add cache stats to server methods
#2788
Option to turn off domains
#2777
Public API for Registered Plugins
#2773
Detects and rejects malformed response headers
#2763
get cache stats for a server method?
#2761
Conditional register() for skipping already registered plugins
#2736
Stopping the server while starting it
#2733
CORS Headers
#2352
setting undefined headers on transmit
#1850
Set per-plugin registration options when registering an array of plugins
#2787
Update hapijs/wreck to 6.2.0 from 6.1.0
#2786
Update hapijs/b64 to 2.0.1 from 2.0.0
#2785
Update hapijs/shot to 1.6.1 from 1.6.0
#2784
Update jshttp/mime-db to 1.19.0 from 1.18.0
#2783
Update hapijs/hoek to 2.16.3 from 2.14.0
#2782
Update hapijs/cryptiles to 2.0.5 from 2.0.4
#2776
Add preload flag to HSTS header and fix casing for includeSubDomains.
#2505
request.state occasionally null
#2779
Flaky test? "Request does not return an error when server is responding when the timeout occurs"
#2765
node v4
#2764
10.0.0 Release Notes
#2989
Handle Date parsing error
#2835
hapi-lts requiring node 4 and no updates to hapi 9?
#2834
9.4.0 LTS
#2760
Decorators fail with nested require calls
9.3.0
breaking changes
#2757
Require allowInternals option on server.inject() to call isInternal routes
#2756
Expose route active authentication configuration
#2755
Update jshttp/mime-db to 1.18.0 from 1.17.0
#2750
Route config for internal access only routes
#2739
Updated error when calling server.start with no callback
#2727
Decorations not propagated to sibling plugins
#2725
Update hapijs/catbox-memory to 1.1.2 from 1.1.1
#2723
Tape and server.inject problem
#2717
Update jshttp/mime-db to 1.17.0 from 1.16.0
#2714
Setting server method cache generateTimeout to false results in error
#2699
npm install hapi misses wreck sub-dependency
#2718
Breaking change with query string validation from 8.6.0 to 9.0.2
#2698
Update hapijs/content to 1.0.2 from 1.0.1
#2697
Update moment/moment to 2.10.6 from 2.10.3
#2696
Update hapijs/joi to 6.6.1 from 6.4.1
#2695
Update hueniverse/iron to 2.1.3 from 2.1.2
#2694
Update hapijs/call to 2.0.2 from 2.0.1
#2693
Update hapijs/boom to 2.8.0 from 2.7.2
#2692
Update hapijs/ammo to 1.0.1 from 1.0.0
#2691
Update hapijs/accept to 1.1.0 from 1.0.0
#2689
Update hapijs/subtext from 1.1.1 to 2.0.0
#2688
Add server.initialize()
#2687
Set plugin options in realm
#2686
Require callback in start() and end()
#2685
Allow server.ext() to extend server actions (start, stop)
#2684
Update hapijs/catbox to 6.0.0 from 4.3.0
#2683
Update jshttp/mime-db to 1.16.0 from 1.14.0
#2682
9.0.0 Release Notes
#2681
Remove server files settings
#2675
Update hapijs/shot to 1.6.0 from 1.5.3
#2673
304 response sends: no-cache regardless of routes.cache settings
#2665
Server breaks when using cached server method
#2662
Added schema validation when creating a server method using object
#2661
No longer removing response validation from route object if sample = 0
#2645
Add failing test for #2628
#2641
Vary accept-encoding header not always set for compressible content
#2628
Multiple etag problems with directory handler causing browser use outdated cached content.
#2626
Remove inert, h2o2, and vision from core
#2616
Strange behaviour with throw in handlers
#2576
Parsing requests with no payload
#2520
API wart: server.dependency after method lacks options
#2671
Update hapijs/topo to 1.0.3 from 1.0.2
#2670
Update hapijs/topo to 1.0.3 from 1.0.2
#2664
allow for proto inherit with Server ("instanceof" instead of "===")
#2663
internals.Server does not allow proto inheritance
#2657
`server.ext` dependencies not ordered using `before` as array
#2642
Failing test for `server.ext` with complex deps.
#2631
Update hapijs/inert to 2.1.6 from 2.1.5
#2627
Update hapijs/subtext to 1.1.1 from 1.1.0
#2625
Update hapijs/wreck to 6.0.0 from 5.5.1
#2623
Update hapijs/qs to 4.0.0 from 2.4.2
#2622
Support qs options in payload and query parsing
#2613
Update jshttp/mime-db to 1.14.0 from 1.11.0
#2612
Update hapijs/vision to 2.0.1 from 2.0.0
#2480
Ability to pass options to qs for payload parsing
#2587
Update hapijs/catbox to 4.3.0 from 4.2.2
8.6.1
breaking changes
#2586
Update hapijs/shot to 1.5.1 from 1.5.0
#2584
Update jshttp/mime-db to 1.11.0 from 1.10.0
#2583
Update hapijs/statehood to 2.1.1 from 2.0.0
#2573
allow returning a response object inside a promise
#2570
Added "error" event listener
#2571
Update hapijs/h2o2 to 4.0.1 from 4.0.0
#2569
Make sure auth filter passes on request auth artifacts when injecting, too
#2564
Auth error log should not report missing or try as error
#2555
fix dynamic scopes
#2554
Dynamic scope uses undefined request.payload
#2553
Update hapijs/hoek to 2.14.0 from 2.13.0
#2552
Update hapijs/wreck to 5.5.1 from 5.2.0
#2551
Update jshttp/mime-db to 1.10.0 from 1.9.1
#2550
Update moment/moment to 2.10.3 from 2.9.0
#2549
Update hapijs/joi to 6.4.1 from 6.0.8
#2548
Update hapijs/hoek to 2.13.0 from 2.11.1
#2547
Update hapijs/boom to 2.7.2 from 2.6.1
#2546
Update hapijs/inert to 2.1.5 from 2.1.4
#2545
Update isaacs/node-lru-cache to 2.6.4 from 2.5.0
#2544
Retain content-length header for HEAD requests
#2538
closes #2480: Ability to pass options to qs for payload parsing
#2532
Dynamic authentication scopes
#2509
Update jshttp/mime-db to 1.9.1 from 1.7.0
#2503
Update hapijs/shot to 1.5.0 from 1.4.2
#2502
Fix Hapi Issue #2501, pass on auth artifacts object in server.inject
#2501
server.inject does not allow me to set auth artifacts, only auth credentials
#2481
Feature: server.decorate('request' ... )
#2472
Update hapijs/qs to 2.4.2 from 2.4.0
#2470
JSONP requests not always returning wrapped response
#2469
Update hapijs/qs to 2.4.0 from 2.3.3
#2468
Proxy handler not forwarding request payload
#2465
Update hapijs/catbox to 4.2.2 from 4.2.1
#2464
Update hapijs/joi to 6.0.8 from 6.0.5
#2463
Update shrinkwrap to joi 6.0.7
#2461
Missing dependency in 8.3
8.3.0
breaking changes
#2459
Fix for node 0.10 for changes in #2429
#2457
Update hapijs/inert to 2.1.4 from 2.1.3
#2455
Update hapijs/shot to 1.4.2 from 1.4.1
#2454
Update moment/moment to 2.9.0 from 2.8.4
#2453
Update hapijs/joi to 6.0.5 from 5.0.2
#2452
Update hapijs/hoek to 2.11.1 from 2.10.0
#2446
Update hapijs/wreck to 5.2.0 from 5.0.1
#2439
pass context to response schema validation
#2429
Fix for #2427
#2427
Issue uploading file with io.js or node > 0.11.6
#2423
Update mime-db to 1.7.0 from 1.6.1
#2420
Update hapijs/shot to 1.4.1 from 1.4.0
#2418
Add regex to allow leading $ and _
#2411
Update jshttp/mime-db to 1.7.0 from 1.6.1
#2405
Support inline dependencies on plugins
#2402
Improved validation of route method label
#2401
Method name RegExp
#2382
Return explicit error when trying to stream a non-Readable stream
#2368
response.streamify assumes stream has attribute _readableState
#2332
Replacing plugin.dependency() with attributes key
#2326
request-error logged before `onPostHandler` or `onPreResponse`
#2398
Update hapijs/inert to 2.1.3 from 2.1.2
#2397
throw when attaching route handlers without a connection
#2396
Inert 2.1.3 update
#2395
Update jshttp/mime-db to 1.6.1 from 1.5.0
#2392
No Payload Validation
#2374
Server methods context not available in route prerequisites
#2373
Update hapijs/inert to 2.1.2 from 2.1.0
#2372
inert 2.1.2
#2370
Add xss protection to validation response
#2367
Update hapijs/inert to 2.1.0 from 2.0.0
#2366
Update hapijs/catbox to 4.2.1 from 4.2.0
#2363
Refuse to handle incoming request after server is stopped
#2362
Don't respond to connections until listening is started
#2359
Remove '{}' payload from cors OPTIONS response
#2355
Fix table labels
#2354
Update API.md for inert 2.1.0
#2347
Improve error message when validation.payload is set but type is GET
#2309
Fixes #2308 by logging boom error object instead of just message
#2308
Logging boom errors from handlers should send boom error to log not just message
#2335
Expose the request object in inject()
#2331
Revise range tests to not depend on the inert module
#2324
Remove catch call for promise replies
#2323
Promise support
#2316
Update jshttp/mime-db to 1.5.0 from 1.3.1
#2302
allow replying with a stream as returned by node core http client methods
#2301
can't reply with stream returned by node core http client methods
#2300
Bumped mime-db version
#2291
external listener protocol issue
#2277
Fix invalid response for empty reply() (v8.x regression)
8.0.0
breaking changes
#2271
Update jshttp/mime-db to 1.3.0 from 1.2.0
#2270
Update hapijs/boom to 2.6.1 from 2.6.0
#2269
Update hapijs/shot to 1.4.0 from 1.3.5
#2268
Update hapijs/joi to 5.0.2 from 5.0.0
#2264
How to blacklist all routes to use a plugin config?
#2262
Change server.table() result from object to array
#2255
Throw when calling reply() with objectMode stream
#2249
Add 'uri' connection option
#2247
Split debug settings per event type
#2246
plugin dependencies error message changed
#2244
Fix reply.continue() in prerequisite. Closes #2243
#2243
Fix reply.continue() in prerequisite.
#2242
Uncaught error: Cannot read property 'isBoom' of null in hapi/lib/handler.js
#2241
Remove string notation method logging when cache not setup
#2240
Cached method in string notation bypasses cache
#2238
Conditional Validation Rules based on Auth
#2237
Support bare server (no files, proxy, views)
#2235
Expose realm as public interface
#2234
Support views in auth schemes
#2233
Populate connection.info.uri before start when port 0
#2231
Change request.route to a wrapper object containing settings
#2230
Replace server.config with server.realm.modifiers
#2229
plugin.expose() only sets server.plugins, not connection.plugins
#2228
Update hapijs/joi to 5.0.0 from 4.9.0
#2227
Update moment to 2.8.4
#2226
When using string shorthand in pre it does not provide reply interface
#2224
Cleanup connection.info settings and introduce 'address' config
#2220
A method to test a string against the routes table
#2219
Update hapijs/hoek to 2.10.0 from 2.9.0
#2217
Disable scope checking on a route
#2290
Update hapijs/inert to 1.1.1 from 1.1.0
#2123
Upgrade hoek to 2.9.0
#2120
TypeError: Cannot read property 'get' of undefined
#2105
Added ability to pass option into unstate.
#2068
it is not possible to unstate a cookie that was stated with options
#1916
Temp file is not deleted when request is aborted by client
#2108
Upgrade qs to version 2.3.2
#2107
Upgrade mime-db to 1.1.2
#2100
Global view context.
#2027
JPG vs jpg
#2098
Catbox 4.1
7.2.0
breaking changes
#2069
Isolate server in its own pack
#2061
Second phase of server/pack/plugin refactor
#2057
Pack refactor
#2056
Enhance Pack to have the full plugin API directly
#2055
Move plugin dependency validation to start()
#2054
Move composer logic to glue
#2046
Fix shrinkwrap
7.1.0
breaking changes
#2039
Added npm-shrinkwrap
#2038
Move cli logic to rejoice
#2036
Move lru-cache to inert
#2035
lab 5.0 features. Closes #2034
#2034
Lab 5.0
#2029
Fixes #2028. Updated error message for invalid scope to explain that any of the specified are sufficient
#2028
Improve error message when auth scope is insufficient
#2024
Resolve undefined environment variables to the empty string in the cli.
#2023
7.0.0 Release Notes
#2022
Spin off file and directory to inert
#2021
Override server files.relativeTo config per route
#2020
h2o2 2.0
#2019
Catbox 4.0
#2017
Initial 7.0 changes
#2016
Remove $env support from pack.compose()
#2011
Hapi should not override `cache-control` header if it's manually set by user's code
#2007
Remove server views config
#1960
Remove support for tos authentication setting
#1955
Use environment variables in CLI configuration json file
#1954
Remove support for catbox getOrGenerate()
#1941
Remove route from handler registration arguments
#1913
Change proxy localStatePassThrough setting default to false
#2010
Heavy
#2009
Setting event loop delay max lower than sample interval leads to false positive
#2008
Break load handler implementation into separate module
#2002
show route method in error message
#2005
Replace negotiator
#2004
Default accept-encoding '*' to 'identity', not 'gzip'
#2001
Keep the options of server.inject untouched #2000
#1995
Adding route with multiple methods overrides route config
#1984
All non 200 responses get cache-control=no-cache header
#1845
Replace negotiator
#1998
Migrate payload parsing to subtext with multipart support via pez
#1997
Allow payload parsing timeout override per route
#1996
Apply payload failAction to maxBytes and invalid content type
#1993
Replaced optimist with bossy
#1928
Handle empty or falsy charset in response
#1923
Replace multiparty
#1843
Replace optimist
#1973
Move proxy decorations to h2o2
#1972
Move view decorations to vision
#1969
Move mime to mimos
#1968
Vision / Mimos
#1967
Move views code to vision
#1959
Fix server/plugin ext views conflict
#1958
Move proxy handler to h2o2
#1957
Move proxy handler to h2o2
#1956
Fix Content-Type overriding
#1944
Move router to Call
#1943
Move routing login out to call
#1934
Fix non-spec compliant Last-Modified header in response
#1932
handle empty CORS expose-headers header response
#1924
Unable to provide views override in onPreResponse
6.8.1
breaking changes
#1922
Handle server methods without cache as special case
6.8.0
breaking changes
#1935
server.method breaking change
#1919
Log method pre string notation
#1917
Log cache info when using server method short hand calls
#1915
Issue/1911
#1914
catbox 3.2
#1911
Exclude configured cookies from proxy passthrough
#1905
Replaced mime-type with mime.
#1890
Use mime-db
#1889
Upgrade to wreck v5
#1888
Upgrade to Wreck v5
#1828
Disable compression on file types already compressed (png, jpg)
#1885
Handler timeout with onPreResponse asserts on bad protect
#1884
Improve protect logging
#1881
update qs dependency
#1878
Rename private route members
#1877
Move state.js to statehood module
#1875
Session scope does not match one to many auth.scope on route.
#1871
Switch to wreck
#1863
Allow agent to be set on proxy options and passed into Nipple.
#1858
Fix typo in defaults.js
#1856
Allow view options override on handler object
#1857
Manifest validation tests server config before defaults applies
#1851
Updated route documentation.
#1844
Replace async
#1842
Lab 4.00
#1840
No longer possible to load caches using CLI?
#1835
server.state ttl must be a number
#1832
Replace mime with mime-type
#1822
Added joi validation to manifest.
#1795
request.server._views in plugin
#1722
Validate compose manifest
6.4.0
breaking changes
#1831
Upgrade to qs 1.0.0
#1810
set X-Content-Type-Options to nosnif for jsonp responses
#1827
Cannot call setTimeout with non-integer msec value
#1826
Support cache generateTimeout setting
#1820
Rename spumko to hapijs
#1801
Stale dependencies
#1790
Expose authentication mode
#1767
plugin.location
#1788
Last-Modified comparison needs to account for 1 second precision
#1783
Change etag when content-encoding is used
#1782
server.inject() res.result does not reflect actual payload sent on 304/204
#1781
Send empty payload on 204
#1778
Do not create a duplicate Content-Type header on proxy passthrough
#1777
Duplicated "Content-Type" header on proxy requests
#1776
Proxy pass-through with onResponse fails to preserve vary header values
#1774
Style fixes
#1773
Windows path fails on trailing slash on view helpers
#1772
HEAD requests should retail etag header
#1771
Open open one file stream when using precompressed file
#1769
Plugin X missing dependency Y in server if manifest.plugins key order not carefully managed
#1766
prepend jsonp callbacks with a comment to prevent the rosetta-flash vulnerability
#1763
fixes #1755 - stripTrailingSlash doesn't work when query variables are used
#1762
fix content-type overriding issue #1760.
#1760
How can I set Content-Type header to the content generated from reply.view?
#1756
Follow coding conventions concerning semicolons; Don't initialize variab...
#1755
Server Options for Router: stripTrailingSlash doesn't work with query string
#1754
File handler to handle 206 Partial Content?
#1752
Adding helpful error message when pack.register is missing a callback
#1751
Calling pack.register without a callback has an unfriendly error
#1745
Add joi validation of pack options
#1733
log function should only emit once if _server object
#1728
6.x breaks plugin modules exporting functions
#1721
Validate pack options
#1676
Problem serving precompressed files with directory handler
#1407
Skip opening file or rendering view on head or 304
#1720
No way to handle root routes with `route: {prefix: '...'}`
#1719
Fixes undefined error in `plugin.dependency`
#1710
Buffer based passwords fail schema validation (6.0 regression)
#1841
Missing plugin error on migrating from 5.0 provides no useful information
#1708
Hapi 6.0 no longer invalidates auth strategy on registration of route
#1707
6.0.0 Release Notes
#1703
Catbox 3.0 and drop internal require support
#1701
MODULE_NOT_FOUND on Windows when requirePath is absolute
#1700
Change the order of actions when starting a pack
#1696
Non-Error auth err responses are ignored in try mode
#1695
Preserve auth error on try
#1694
Minor error tweaks
#1693
Enhance setting authentication defaults
#1692
Allow testing a request against any configured authentication strategy
#1691
V6.0
#1688
Bring back reply.redirect()
#1687
Don't log auth non-error responses with 'error' tag
#1679
Allow cookie-specific settings for failAction, strictHeader, and clearInvalid
#1678
Expose the location header logic
#1677
Enhance manifest format to support registration options (select, prefix, vhost)
#1675
Remove pack.list
#1674
Make plugin register() and dependency() selectable
#1673
Make plugin.events selectable
#1668
Delete 'Accept-Encoding' header on proxy requests
#1666
Allow loading different plugins (or same plugins) to different servers in pack
#1665
duplicate require calls in hapi/lib/views.js
#1664
Upgrading plugins to hapi 6.0 (preview)
#1663
Allow register to pre-select servers
#1662
Config clones bind, app, and plugins
#1661
View manager clones engines including modules
#1659
plugin.view() modifies options' basePath
#1658
Set route path prefix when loading plugin
#1656
Remove pack.require() and plugin.require()
#1581
Authentication throws are treated as valid reply()
#1579
Add option to remove trailing slashes to router
#1574
Document the best way to implement a 404 from the directory handler when using path callback
#1573
Server throttling controls do not log execution
#1508
Escaped error message with regex validation
#1477
proxy xforward option will set bad headers in some cases
#1645
5.0.0 Release Notes
#1644
request.params contains empty strings for missing optional params
#1643
Expose cross inputs as validation context
#1642
Cjihrig header validation
#1641
Upgrade to joi 4.x
#1640
Rename route `config.validate.path` to `config.validate.params`
#1639
Response validation modifies payload
#1622
Extend Hapi cli to enable loading a module before loading hapi
#1589
Added validation for request headers.
#1588
Validation for cookies and other headers
#1638
Unahndled Exception when a request is aborted
#1635
Remove reference to request in domain. Closes #1634
#1634
Request domain leaks request object
#1633
Rework domains to single entry
#1632
Clean response objects for aborted requests
#1619
Avoid async operations while protect is running
#1583
Support JSON-derived media types
#1461
Security headers
#1604
response emitter fails to retain custom event listeners once sent
#1597
Template helpers fail on relative paths
#1598
Throws when response does not have _close()
#1594
Can jsonp be optional?
#1591
Find better way to drain non file/socket stream than read()
#1590
RSS leak occurs when request does not read entire stream response
#1575
Precompile joi response validation
#1569
Move ext topo sort to its own module
#1567
allow defaultExtension
#1566
Precompile joi validation
4.0.0
breaking changes
#1560
4.0.0
#1559
joi 3.0
#1558
Change Hapi.utils.version() to Hapi.version and remove Hoek alias
#1554
coverage, closes #1524
#1551
add an insecureAgent when maxSockets is set, closes #1512
#1548
wip: fix windows bugs
#1547
Make certain that path is relative before joining it to relativeTo
#1524
Coverage after lab partial condition result coverage
#1521
Allow plugins to register handler types
3.1.0
breaking changes
#1541
Clarify that statusCode key of stream response passed in response
#1540
Pre-gzipped source stream not properly tested for being the active source
#1538
Passing Error objects can leak message in 500 response
#1536
maxEventLoopDelay fails to catch when load is too high to reach next sample interval
#1535
Cannot set maxSockets to node default
#1533
Proxy without passThrough fails to set cache-control header
#1532
Multipart payload to files with multiple files skips second file when large
#1531
pack.log() doesn't retain server debug false setting
#1530
plugin.method() should use method bind before plugin bind
#1525
expose filename and headers for streams in a multipart form
#1523
Question: How to validate payload with templated response properly ?
#1520
server.table() mis-documented, missing args, and route.table() is wrong
#1518
Server timeout config allows invalid values
#1517
Proxy handler payload config validation using incorrect variable
#1515
Coverage to 100% after lab logical statement support
#1514
Server allows duplicate lables
#1513
Authentication userland code not protected by domain
#1507
request.setUrl('') throws
#1503
plugin.method(name, fn, [options]) fails
2.5.0
breaking changes
#1440
Redirecting from within an Auth.Scheme generates a Circular Reference
#1439
proper etag formatting
#1434
Allow overriding the filename in content-disposition headers
#1432
Replace server helpers with server methods
#1418
normalise callback API usage OR outsmart callback API inconsistency
#1299
thrown errors inside server.inject does not propagate
2.3.0
breaking changes
#1341
Cookie validation does not respect the "strict" option
#1320
Add support for asynchronous view rendering
2.2.0
breaking changes
#1427
File descriptor leak can cause DoS vulnerability in v2.0 and v2.1
#1414
Sending incorrect status code (200) when file fails to open before transmit
#1413
File stream is opened before necessary (e.g. if replaced by another response in ext)
#1412
Missing file (404) not captured by onPreResponse
#1411
Wasteful encoder prep when response is 304 or head
#1410
passThrough statusCode overrides manual code value
#1409
Status code set from upstream without passThrough flag
#1408
precompressed file handle not closed when using head or 304
#1405
Call parseInt() for Joi-validated integers
#1404
Protect JSON.stringify from throwing.
#1401
route.payload.allow as Array never matches
#1400
Question: Can you get a log of requests that don't pass validation?
#1395
JSON circular structure error in authentication error logging
#1393
add `gunzip` as third option to `parse`; resolves #1391
#1391
Disable autoparsing without losing gzip
#1387
EMFILE error when hapi serves static files over period of time in hapi 2.1.2
#1382
Make joi optional for route validation
#1380
Allow bind context for view handler
#1379
plugin.bind does not apply to proxy handlers
#1378
add failureResponse option to proxy handler
#1372
test that handler isn't called when a request is interrupted
#1362
(cookies) TypeError: Cannot call method 'match' of undefined
#1357
specify hoek minor version
#1354
Use configuration objects to register helpers
#1333
Clarification on 'stream' changes from 1.20.x to 2.0.x
#1328
How to handle custom POST content-types
#1359
Ext reply(null).state() race condition
#1351
Prepare for node 0.12
#1347
Views should not use basePath when path is absolute
2.1.0
breaking changes
#1344
Use the plugin loader when configured to load view engines
#1336
Allow custom view layout folder
#1335
Allow view layout to contain a string and boolean
#1245
Replace request with nipple in tests
2.0.0
breaking changes
#1332
Payload always logging an error regardless of error state
#1331
Fix query(string) regression
#1327
Better debug support for object data
#1324
When no query params are sent, request.params is null instead of {}.
#1322
Does Hapi support multiple view templates?
#1317
Cannot Parse form-encoded arrays
#1314
Replace old payload try mode with failAction
#1313
Change redirectToSlash default value to true
#1312
Remove special values for server config 'files.relativeTo'
#1311
Implement saving payload to file when not using mutlipart
#1309
Migrate all the plugins to 2.0
#1304
Request 'peek' event
#1301
`querystring` => `qs`, adds support for nested objects
#1300
Do not overwrite Access-Control-Allow-Origin
#1297
Document validation option in settings
#1296
Possible to overwrite plugin options on a per server scope?
#1295
Replace route payload.mode with payload.output and payload.parse
#1294
Allow 'domain' option in cookie authentication scheme config
#1292
Skip loading entire multipart to memory and stream directly to multiparty
#1291
Remove server config normalizeRequestPath and default to true
#1290
Partial path param match /a{b}c does not apply isCaseSensitive
#1289
Problem in very large file upload
#1288
Move auth schemes to plugins
#1287
Split server.auth() into server.auth.scheme() and server.auth.strategy()
#1286
Expose response preview as public API
#1285
Change authenticate() callback to reply interface
#1284
Expose request.response and change it to direct ref from func
#1282
Security tests using reply().setState() which throws
#1281
Change authenticate() callback signature
#1280
Support node callback pattern (err, result) for reply()
#1175
Allow disabling CORS for individual route
#1174
Adjust CORS origin header options
#1171
Only emit vary origin for CORS wildcard mode
1.19.5
breaking changes
#1169
Remove load samples and add protection against interval sample falling behind
#1165
Switch benchmarks to use Hoek.Bench instead of Date.now()
#1163
CORS response doesn't set Vary header in all cases
#1161
Schema issues
#1160
Missing null test
#1159
Allow multiple provisions of the same segment per cache
#1157
route cache config does not allow specifying name
#1156
Honor upstream ttl when proxying
#1021
Configure proxy handlers to cache according to upstream policy
#1152
Load sampling and limits
#1151
Max load configuration
#1150
Support multiple cache instances
#1149
Allow multiple cache containers
#1148
Return 401 when allowEmptyUsername is false and username missing
#1147
Add request.reply.proxy()
#1146
Expose proxy functionality as a utility
#1145
Proxy errors should use 502 and 504 instead of 500 for most errors
#1144
Support pre-compressed files
#1142
Fix ext function plugin env binding
#1140
Not able to login after attempting without user name
#1139
Auth validator does not log useful information
#1138
Apply plugin views during onRequest phase when route is not yet setup
#1137
generateView at 'onRequest' extension point
#1126
serve pre-compressed files when available
#1102
How to exclude views from layout
#1070
TypeError when validate.* is set to false
#1136
Handlebars 1.1.x uses prototype for registerPartials which breaks its use in Hapi
#1135
Formatting problem in Reference.md
#1133
Joi 2.0
#1132
Migrate to joi 2.0
#1131
Debug mode should log thrown and returned errors similarly
#1129
support for iisnode and windows named pipes
#1128
Server fails ot start when debug is defined as array
#1127
Add ability to listen listen on windows named pipe
#1124
Use ALCE for manifest loading.
#1123
add ability to listen on unix domain socket
1.15.0
breaking changes
#1122
Turns multipart processing off by default
#1119
Would it be worth adding a pretty print option to all JSON payloads?
#1116
CORS origin bug fixes and enhancements
#1114
What is the best way to access request headers?
#1113
updates plugin.views Reference.md entry to a clear and working example
#1112
Too strict cookie parsing?
#1111
Allow safe CORS origins list
#1103
allow arrays of scopes on routes
#1101
Multipart configuration options (upload dir, hash)
#1094
404 not being caught by onPreResponse function
#1091
Only set access-control-allow-origin if the origin header value matches (or '*' is allowed)
1.14.0
breaking changes
#1098
Add criteria support to CLI
#1097
Initial (internal) confidence integration
#1092
Empty path parameter should have empty string value, not undefined
#1028
Expose requests content-type/mime & accept
#1024
Hapi.Composer.compose() requires "plugins" but won't warn if it's not there
#995
Block response.created() from methods other than POST and PUT
#1090
Support partial path segment parameter
#1061
POST requests with Content-Type=text/plain
#1012
Escaped error responses
#1000
Routing using file extensions
1.12.0
breaking changes
#1088
Plugin dependencies
#1086
Allow plugins to specify code executed once a plugin dependency has been loaded
#1085
Validation options
#1084
Restructure validation route configuration
#1083
Normalize response headers to lowercase field name
#1081
Migrate to Iron 1.0
#1077
Add compileMode to schema.js
#1076
Test for both formats of Content-Encoding header
#1074
Route-specific validation error handler
#1055
Migrate to new method of configuring joi
#1009
Validation fail response status code
#1004
validation fails when using Hapi.types.Object() at the root
#1067
Bug fix for loading ext auth scheme into multiple servers
#1065
plugin.auth fails to load the same ext into multiple servers
#1064
Helper cache drop interface
#1063
Provide interface to drop internal cache records for helpers
#1058
Closes #1056 and #1057
#1057
'/{p*}' is sorted ahead of '/{a}/b/{p*}'
#1056
Allow directory paths to include multiple params and use last for resource selection
#1054
Enhance prerequisites configuration options
#1030
Problems with routes
#1050
Memory leak due to missing stream destroy
#1044
Reverting changes to generic/stream responses
#1037
Stream responses emit response event
#1036
Stream responses don't emit response event
#1034
Upping shot dep version
#1033
Node 0.11 bug fixes
#1032
Updating boom version to 1.0.0
#1019
Depend on Joi v1.1.x
#1029
Using latest hoek and moved to AUTHORS file
#1017
Overrides Cache-Control in proxy even when no local policy is defined
#1016
Adding helper with cache to pack with multiple server crash
#1015
Undo #1014
#1014
plugin.helper should be selectable
#1005
Improve server constructor argument validation error reporting
#1003
Ensure request.response function exists before response event
#1001
Pack event handlers now support correct args
1.9.0
breaking changes
#998
Adding dtrace probes
#996
Remove Directory and View from cacheable responses
#994
Server level cache
#993
Plugin context
#991
Configurable shared context in plugins
#987
View routes caching empty payload (with redis)
#983
Response method terms - encoding() vs charset()
#980
Add interface to register local `require` function with plugin api
#979
Confusing error message when configuring auth using default strategy when none configured
#978
Change plugin `ext` permission default to true
#976
plugin.require support
#975
Allow plugins to require other plugins
#974
Pack start/stop events
#973
Expose pack start/stop events
#972
Add dtrace probes to hapi
#959
Adding foundation for dtrace probe support
#954
Question: Is it OK to use _cache as general purpose cache?
#971
Use instanceof Error + isBoom to replace instanceof Boom
#970
Removing complexity-report
#968
Changes to `plugin.hapi` and the `cookie` scheme
#967
Authentication defaultMode allowed invalid values
#966
Expose the hapi module on the request object
#965
Change parameter name pack to plugin to resolve #963
#963
Question: should pack.register's register pack parameter should be renamed to plugin?
#962
Server config schema does not allow single string labels
#960
Updates to case sensitive routing
#958
Path params are no longer lowercased in router
#955
Update Reference.md plugin.lenght to plugin.length
#953
Path Parameters case changed when setting isCaseSensitive to false
#952
Document the importance of using hapi.error over separate Boom module
#951
use .isBoom instead of instanceof Boom
#949
Error when hawk payload validation is required but the request contains no hash
#948
reference multiparty instead of formidable
#946
Updating example to be clearer
#944
Found some small typos/formatting issues in Reference.md
#940
Proxy response gets truncated
#943
Updating version
#942
Layouts work correctly in jade
#941
No longer destroying request socket
#939
JSON response body truncated
#938
Fixed the code example to get Hapi's version
#936
Allow omitting trailing slash when last segment is an optional parameter
#935
Path matching should allow omitting trailing slash before an optional path parameter
#926
'layout' option seems broken when using jade as template engine
#933
Updating version to 1.8.1
#928
Removing listeners on domain when exiting
#927
Removing global variable
#925
Fixing edge case where bad path can cause issues with url.parse
#924
Issue/922
#923
remove connection event listeners when server stops
#922
Handling directory routes that end both with and without a trailing slash
#920
Upping version to 1.7.3
#919
Client now handles downstreamRes close event
#918
Handle potential edge cases in client errors
#915
custom cache engine support
#913
Remove duplicated listener
#912
Fixing aborted causing duplicate res.ends issue with incoming request
#911
Allow client.request calls without a callback (ignoring response)
#910
Client does not destroy request on redirection error
#907
Adding test
#795
Request support for HEAD routes
#906
Proxy requests are closed when server response already sent
#904
Issue/902
#903
Fixing issue where timeout occurs after socket close in client
#902
Handle socket errors after done working with the socket
#901
Performance tweaks
#897
Hapi node_modules_path now supports symlinks
#896
resolve the real path of node_modules_path
#892
Expose internal Client to plugins
#891
Exposing rejectUnauthorized property on proxy
1.5.0
breaking changes
#889
Plugin view engine required from hapi's module path, not plugin
#887
Default auth scheme only works when scheme is added with 'default' name
#886
Cookie auth -- unknown auth strategy: default
#885
Fix plugin.path
#883
Cleanup pack requirePath
#876
Leading "."s should be removed before matching against domainLabelLenRegx in state.js
#873
using a plugin with a package in node_modules doesn't work if cwd other than the main directory
#872
Test for invalid incoming path without leading '/'
#870
Response treats objects as errors based on too trivial keys
#869
Request._replyInterface called twice but does not share wasProcessed state
#868
Potential leak when aborting reading a payload if max size reached
#857
pack.path sometimes not ending in a '/'
1.3.0
breaking changes
#880
Performance and hawk options
#879
Support all Hawk and Bewit options
#878
Adding Client request socket timeout
#871
* allowed in path but used as special character in route fingerprint
#863
Absolute paths now work correctly with hapi command
#862
Minor performance tweaks
#861
hapi -p argument no longer supports absolute path to node_modules
#860
Adding hapi bin test and fixing issue with no plugins
#859
Fixing test
#858
Added missing done() call in test
#856
Remove _log() wrapper
1.2.0
breaking changes
#854
Move to use multiparty
#853
New internal proxy handler
#852
Replace internal proxy implementation
#851
warning about formidable during npm install
#850
Increasing allowed sockets to 10 for client
#848
Template settings override fix
#847
POST to routes with payload 'parse' doesn't work with NODE 0.10.0 and 0.10.1
#846
Request: View configuration to autoload helepers
#845
Generic response fails to account for all possible res events
#844
Proxy to outside site fails due to request's old stream api and node 0.10 wrap()
#843
Allow setting custom headers via proxy mapUri
#839
Cleanup listeners
#838
Issue/808
#837
Issue/812
#835
`Pack`: Automatically resolve the `requirePath` if provided
#834
`Pack` throws an `AssertionError` if the `requirePath` is not absolute
#833
closes #832
#832
Allow route.payload config to be an object with `mode`
#831
Closes #830
#830
Add payload 'try' parsing mode
#828
Add HttpOnly support to cookie auth
#827
request debug printout format and condition
#824
Issue/821
#821
Allow to render templates asynchronously
#820
Clarified the format of payload in server.inject in the Reference doc
#812
Allow specifying the supported content-type of each route
#809
Error Stack Trace is not printed to the console
#808
Add an override config to route.payload
#807
Allow HttpOnly Flag for authentication cookies
#801
Switch view from using sync file ready to async
#823
Issue/822
#822
JSONP doesn't seem to be working
#818
Tiny composer documentation fix
#817
Payload bugfix for PATCH method
#814
Fixed jade compile issues and updated tests to verify fix.
#804
Remove restriction on params in path for static file handler
#815
Using TLS settings with Buffer
#813
text/* content-type always echo back the received content
#811
Does not work with formidable 1.0.14
1.0.0
breaking changes
#796
Allow unencoded double quote and backslash in the cookie value
#793
Use new assert with passed parameters instead of concat string
#792
Allow validation of any type, not just objects (except errors, still ignored)
#791
Test fails: Auth Hawk includes authorization header in response when the response is a stream
#789
Streams not properly being closed for static files when browser gets cache hit
#788
Need more detailed documentation for "next" callback for event handlers
#787
Expose Plugin File Path
#786
View handlers uses `request.querystring` instead of `request.query`
#784
Change server helper options.generateKey to receive the same arguments as the helper method
#782
Payload parsing should be based on request method, not path method
#781
Do not set request.state[name] when value is invalid regardless of failAction
#780
Relative path redirection should have vhost support
#779
Add server config `location` for Location header prefix
#776
Streamline request.reply()
#775
Log cookie errors when failAction set to 'error'
#771
Multipart upload issue
#769
View handler example
#768
Directory handler example
#767
Verify every example works with 1.0
#765
Refactor views manager configuration
#761
Hapi.Types is undefined
#759
Feature/misc
#758
cookie authentication example fails with 1.0.0
#755
Views now render without child path
#754
Allow server config to contain uri and not override it if set
#752
Shared config for plugins
#751
Cleanup Unmonitored error
#749
Debug stack trace
#748
request.reply.redirect going to '0.0.0.0'
#745
Basic Authentication callback with no username/password returns 500
#728
Hawk 0.11
#727
Fix hawk response header edge cases
#726
Misc features
#725
Debug enhancements
#724
Route validation is now using payload instead of schema
#721
Rename the route validate.schema to validate.payload
#720
Auth.responseHeader not called if error returned pre handler
#718
Automatically set a cookie if none present
#716
Errors when preparing a response now emit internalError correctly
#715
Auth api refactor
#714
Adding remote address and referrer information to request.info
#713
internalError event not emitted on view error.
#711
Add environment variable support when using composer
#707
internalError event returns error handler stack trace not thrown trace
#706
Hawk's Authorization Response Header
#705
Hawk's timestamp using Hapi
#703
taking a look at http data posted before 400 response
#702
Client IP Address
#701
A newbie question about Cookie Authentication example
#700
Adding security tests and fixing security bugs
#698
Reformat errors ability
#697
Protect all error responses from echo attacks
#696
Provide easier debugging defaults
#694
Normalize handler signature (always bind this, and pass same args)
#693
file handler includes internal information in the response
#692
Missing handler error should provide more debug information
#686
Pack auth api
#685
How to use State and Cookie Authentication?
#684
Enable plugin registration of auth schemes
#683
Pack and cache API refactor
#723
Global autoValue cookie overwrites other cookies
#722
Proxy shares cookies across different sessions
#717
Auto cookie value
#687
Proxy is double encoding gziped responses
#682
Bypass node http bug in writeHead
#681
CORS headers need to override proxy CORS headers
#679
Add test for proxy with passThrough and server caching
#678
Updating tutorials and adding a plugins list doc
#674
Adding missing branch tests
#677
Fix ext() with function array bug
0.15.2
breaking changes
#672
Emit 'internalError' on 500 responses
#671
Emit 'internalError' on 500 responses
#670
internalError event
#669
Optimize prerequisites and protect
#668
Run prerequisites inside a domain
#667
Ensure all assertions inside request handling result in 500 response
#666
Asserts throw instead of exit
#665
0.15.2 Breaking Changes
#644
Log but ignore cookie errors
#663
Full plugin deps
#662
Plugin deps
#659
handler interface api styles
#657
Route prerequisite detection for route handler request object.
#653
Add request defensive protection
#652
Plugin dependencies
#650
Document plugin API
#649
Migrate to lab (from mocha)
#646
Replace mocha with lab
#642
Adding hawk response auth header
#641
Question: generic internal error handler
#623
Hawk 0.10 server response authentication
#361
Node domains
#638
Event tags
#637
Parsing the request form-encoded payload using qs
#636
Add event tags object in callback
#635
Cleanup
#634
Domains
#633
pack interface cleanup
#632
Adding example of cookie failAction
#630
shot 0.1.0, Buffer response type, encoding
#628
Support text/* encoding for incoming payloads
#627
Allow unknown content-type when not parsing
#626
shot 0.1.0
#625
Buffer response type
#622
Document response object header method
#621
Setting charset to UTF-8
#619
hawk 0.10, payload cleanup, text/* parse support
#618
Support parsing text/* mime types
#617
Upgrade to Hawk 0.9.0
#616
Cookie Max-Age is in seconds, not msec
#615
Using path.join where possible
#614
Cookie MaxAge set incorrectly
#613
Fix proxy mapUri query bug, allow pack.api to specify key
#612
Remove monitor
#611
Adding vhost tests
#610
Cleaning up test and stream response
#609
Virtual hosts support
#608
Random test fails: Response Stream returns a deflated stream reply without a content-length header when accept-encoding is deflate
#607
Adding basic crumb CSRF information to reference guide
#606
Handling request and response errors
#604
Move good log utils back in, turn rest (monitor) to plugin
#603
Move batch to a plugin
#587
Composer config options
#577
Beef up file etag tests
#569
Minor: Is 'description' still a valid attribute of the 'config' object when doing route configuration?
#562
getRouteSourceFilePath doesn't work correctly on windows
#538
Show a color error on config snippet when invalid
#536
Support other encoding methods (deflate)
#378
Hawk bewit support as a new authentication scheme
#563
Using memory instead of redis for test
#561
Composer
#554
Support node server socket timeout override
#553
Pack server event and socket timeout override
#549
"Hello static server" sample does not working on windows
#543
Fix scoping bug when using multiple helper prerequisites
#537
Update docs/Reference.md
#535
Optimize Generic gzip to reduce memory copies of payload.join()
#533
Add make for generating complexity report
#532
Validate route config schema
#531
JSONP
#529
favicon example
#527
Support Buffer response
#523
Set CORS origin header to incoming request origin if allowed
#522
rename helmet to tv
#519
Add coverage for 304 response logic
#516
Auth scheme request extension interface
#515
Option to automatically clear invalid cookies
#514
Not found (404) handler method is case sensitive
#513
Add server.api and request.api for storing application-specific state
#512
Direct use of Boom (0.3.0)
#507
Fix incorrect use of applyToDefaults in server constructor
#506
Add route.config.plugins for plugin-specific config
#505
Allow Location header with custom URI schemes
#504
Refactor responses to make it easier to create external responses or manipulate
#503
Expose request private properties
#502
Remove server config format options
#501
Response refactor, bug fixes
#500
Cookie parsing fails if encoding set to 'none'
#499
Random test fails: Server Timeout doesn't return an error when server is responding when the timeout occurs
#474
0.13.2
#472
Fix matching of wildcard path param with trailing /
#471
/{p*} doesn't match /path/
#466
Directory listing at top level folders now link correctly
#465
directory list using the directory handler produces wrong URLs
#464
index option for directory module doesn't work on subdirs
#463
Typo: req.session.used -> req.session.user
0.13.1
breaking changes
#467
0.13.1 Change pack package.json version location
0.13.0
breaking changes
#457
Remove server creation log messages
#456
Bypass cache logic when not using cache around handler
#455
Reintroduce the removed request.reply.close() method
#454
Support wildcard HTTP method routing
#452
Test server format.error config option
#450
typo
#448
Fixed typos
#447
Replace config.ext with Server.ext()
#446
Replace setNotFound with wildcard method support
#445
Streamline Server API
#444
Server Packs
#443
Add a link to find breaking changes by release
#440
0.13.0 Breaking Changes
0.12.0
breaking changes
#442
0.12.0 Breaking Changes
#435
Prerequisite helper shortcut interface
#434
Bound handler to request, bump to 0.12.0
#431
Response validation fails on response errors
#427
CORS cleanup and Monitor defaults
#426
CORS off by default, using catch-all instead of synthetic route
#425
Route sorting rewrite
#422
Allow raw (direct) responses to bail if header fails
#421
onPostRoute called before response is sent
#420
Goodies
#416
Auth cleanup
#409
Error: listen EADDRNOTAVAIL when starting hapi server with foreman
#407
Adding support for basic auth password hashing
#406
Update auth dependencies
#405
For basic auth run password through hashPassword function first
#402
Use fixed time password comparison
#401
Enable more than one jade template file to be used in hapi.
#397
Arrange routes in descending order of specificity
#396
Accept cache mode 'client+server' as 'server+client'
#387
Create contributing guidelines
#377
Document and add examples for the authentication interface
#376
Switch all tests that listen on a port to use automatically allocated port
#374
Test Content-Length vs. actual payload size mismatch behaviour
#373
Add support for private cache-control flag
#367
Potential headers duplication when mixing sources due to case
#363
Adding server + client timeout feature
#360
Timeout server response if taking too long with 503 response
#359
Timeout client connections taking too long and return 408
#358
Support other view engines, including multiple engines per server
#357
Make Views cache usage configurable (per Manager)
#370
Support 'Access-Control-Allow-Credentials'
#366
Stream response not calling Headers.cors, location, or cache
#365
Stream response always passing proxy headers through
#364
Proxy handler doesn't set default value for passThrough settings
#310
Cross-platform monitor
#251
Support Content-Disposition header in File response
#242
Cookies support
#235
View response
#169
Add response validation settings
#329
Add redirection response
#326
Adding support for hapi-log
#322
Docs handler refactor
#319
Doc configuration should let you set the auth mode
#314
Multiple auth schemes
#309
Bring monitor/* to 100% test coverage
#303
Handle %-encoding of '/' in route and request paths
#302
Consider object key name sizes in calculating object memory usage in memory cache
#270
Multiple auth scheme support
#253
Support redirection responses
#317
Test helpers, mongo auth test
#312
Misc cleanup
#305
Hidden files can now optionally be served
#301
Merge, payload tests
#299
Fix issue with case-insensitive route conflic
#298
Prevent use of encoded non-reserved characters in path
#297
Refactor request path normalization
#296
Fix route path fingerprint when using cases-insensitive paths
#295
Prevent directory from showing or serving hidden files (configurable)
#294
Refactor responses, auth, payload
#293
Fix multipart parsing
#290
Improve batch example to include a request
#289
Add a unique request id for each incoming request
#287
Forbid using %encoded in route path of unreserved characters
#274
Add Hawk authentication support
#272
Normalize %-encoded paths to match incoming requests
#271
Strict cache mode
#254
Cleanup handling of response headers / options
#241
Add static files support
#277
Changed matching rule of {param*}, Oz tests
#275
Prevent basic routes collision
#268
Tests, extension auth schemes
#265
Document new path option {param*n}
#264
Bring all individual file test coverage to over 90%
#263
Add tests to /test/unit/route.js
#262
Support /path/{param*} syntax
#260
Extension auth schemes
#258
Adding support for etag and last-modified headers
#256
Don't cache responses other than 200
#255
Adding support for gzip responses
#232
Support sending gzip responses
#250
Direct response support
#245
Basic auth
#240
Basic auth scheme
#238
Document new request.reply interface
#237
Response refactor
#234
Oz
#233
Partial/streaming responses
#229
Initial 0.9.0
#168
Move query and schema into a single validation config
#167
Replace OAuth authentication with OZ
#222
Fix bug where /docs crashes if no POST routes are defined
#221
Adding parsing of multipart form-data content-type
#219
cannot bind ephemeral ports
#186
Unsupported content-type: multipart/form-data
#212
Adding proxy tests and doing a little refactoring
#211
Cache tests, Fix response processing header order
#201
Document proxy handler interface
#185
Turn cache memory strategy into a useful feature
#210
0.8.2
#209
Tests
#207
Error refactor, custom error support (passThrough)
#206
Fixing issue with error responses being cached + test
#204
Add postResponse method to proxy
#200
Fix tls config settings
#191
Pass all TLS options to createServer
#193
Support for gzip'd payloads
#183
Cache segment validation
#172
Check if Redis and MongoDB are ready before running tests
#165
Add route response validation to endpoint documentation
#164
Server helpers, initial response validation, Mongo support
#102
v0.6.0 merge
#101
modified new validation fns to use Utils.assert
#100
New Query Validation Fns Added
#99
Simplified request log interface
#96
Small utils
#94
debug interface, log interface
#93
fix error on subsequent url accesses for queryval
#92
Fix example
#91
QueryValidation fixes, add default behavior for unspecified params, added small tests
#63
Added in SSL cert passphrase to https server creation from settings.