Changelog
additional information
#4386
21.0.0 Release Notes
#4366
Allow matching prereleases when validating plugin version requirements
#4361
Upgrade production deps for hapi v21 and node v18
#4357
Change default host to be IPv6-friendly
#4352
Change XSS header default to '0'
#4351
Change default CORS preflight status code w/ configuration
#4350
Make default error available in validation failAction
#4349
Enforce that response streams are always Stream.Readable
#4348
Ignore return value from generateResponse() prepare method
#4346
Drop node v12 support
#4140
update to travis templates
#4139
update most out of date dependencies
#4138
20.0.0 Release Notes
#4134
headers: avoid sending null content-type
#4133
Content-type header is null when empty response is returned
#4132
README needs this change to parse the slogan for site
#4130
fixed teamwork version
#4123
Removing the route timeout validation
#4122
Payload timeout must be shorter than socket timeout
#4117
Implement `isInjected` read-only request property to indicate request…
#4034
request.info.remoteAddress / request.info.remotePort undefined after connection closed (request aborted)
#4017
19.0.0 Release Notes
#4015
Do not override request.payload if set manually in onRequest
#4013
Use private class fields
#4012
Drop node 10
#4011
Change scoped plugins name handling
#4006
server.validator()
#4002
fix(auth): properly populate request.auth on failed auth
#4000
auth scheme artifacts are dropped when mode is not 'try'
#3996
Decorate requests with symbols with apply=true
#3995
Fix ? in fragment part
#3975
Support joi v16
#3974
Handle errors thrown during error response transmit
#3971
Fix some corner case client errors
#3965
Multiple leading slashes in path causes hostname to be parsed incorrectly
#3964
Custom "content-encoding" without vary header
#3956
ETags behind gateway that compresses responses
#3946
Add support for Chrome Apps and WebExtensions
#3908
Update hapijs/vise to 3.0.2 from 3.0.1
#3907
Update hapijs/teamwork to 3.0.3 from 3.0.2
#3906
Update hapijs/joi to 14.3.1 from 14.0.4
#3905
Update hapijs/boom to 7.3.0 from 7.2.2
#3904
Update hapijs/catbox to 10.0.6 from 10.0.5
#3901
Change request.info.responded to indicate success and add request.info.completed
#3900
fix(transmit test): add missing await on team.work
#3898
Error tag incorrectly set (node 11)
#3897
Return credentials and artifacts from server.auth.test()
#3891
No Content-Type header when returning a stream
#3887
Change inject auth to object and require strategy name
#3884
"Cannot set headers after they are sent to the client" after returning h.abandon
#3882
Add validation for cookies (alt impl)
#3879
Set cookie autoValue only when no value received
#3878
Aborted requests show status code 200 in response event
#3876
Rework cache provisioning apis
#3875
Update hapijs/bounce to 1.2.3 from 1.2.2
#3874
Update hapijs/hoek to 6.1.2 from 6.0.2
#3873
Update hapijs/podium to 3.2.0 from 3.1.4
#3871
18.0.0 Release Notes
#3870
Update hapijs/catbox-memory to 4.0.1 from 3.1.3
#3832
Feature: built in cookie validation
#3831
State autoValue function overwrites existing cookie value
#3822
Use WHATWG URL for request.url
#3856
Update hapijs/vise to 3.0.1 from 3.0.0
#3855
Update hapijs/topo to 3.0.2 from 3.0.1
#3854
Update hapijs/subtext to 6.0.9 from 6.0.7
#3853
Update hapijs/statehood to 6.0.7 from 6.0.6
#3852
Update hapijs/shot to 4.0.6 from 4.0.5
#3851
Update hapijs/podium to 3.1.4 from 3.1.2
#3850
Update jshttp/mime-db to 1.37.0 from 1.35.0
#3849
Update hapijs/nigel to 3.0.3 from 3.0.1
#3848
Update hapijs/mimos to 4.0.1 from 4.0.0
#3847
Update hapijs/joi to 14.0.3 from 13.5.2
#3846
Update hueniverse/iron to 5.0.5 from 5.0.3
#3845
Update hapijs/heavy to 6.1.1 from 6.1.0
#3844
Update hapijs/catbox-memory to 3.1.3 from 3.1.2
#3843
Update hapijs/catbox to 10.0.4 from 10.0.3
#3842
Update hapijs/call to 5.0.2 from 5.0.1
#3841
Update hapijs/bounce to 1.2.1 from 1.2.0
#3840
Update hapijs/boom to 7.2.1 from 7.2.0
#3839
Update hapijs/b64 to 4.1.1 from 4.0.0
#3838
Update hapijs/ammo to 3.0.2 from 3.0.1
#3837
Update hapijs/accept to 3.1.2 from 3.0.2
#3836
Update hapijs/wreck to 14.1.2 from 14.0.2
#3835
Update hapijs/pez to 4.0.4 from 4.0.2
#3834
Update hapijs/nigel to 3.0.3 from 3.0.1
#3821
onPreResponse not called when error returned/rethrown from failAction of error resp validation
17.5.3
breaking changes
17.2.1
breaking changes
#3756
Update hapijs/shot to 4.0.5 from 4.0.3
#3755
Update hapijs/joi to 13.1.2 from 13.0.1
#3754
Update jshttp/mime-db to 1.33.0 from 1.31.0
#3753
Update hapijs/hoek to 5.0.3 from 5.0.2
#3752
Update hapijs/content to 4.0.4 from 4.0.3
#3751
Update hueniverse/bounce to 1.2.0 from 1.0.3
#3750
Update hapijs/boom to 7.2.0 from 7.1.1
#3717
Prefer user added encoding over built-in
#3701
Enable registered encoders to have higher priority than built-in
#3665
Rename route 'config' with 'options'
#3663
Loosen sample and modify peer validator in the routeBase schema
#3662
prerequisite returning empty string yields null on the pre object of request
#3658
17.0.0 Release Notes
#3657
Update hapijs/vise to 3.0.0 from 2.0.2
#3656
Update hapijs/topo to 3.0.0 from 2.0.2
#3655
Update hapijs/podium to 3.1.2 from 1.3.0
#3653
Update hapijs/nigel to 3.0.0 from 2.0.2
#3652
Update hapijs/mimos to 4.0.0 from 3.0.3
#3651
Update jshttp/mime-db to 1.31.0 from 1.29.0
#3650
Update hueniverse/iron to 5.0.4 from 4.0.5
#3649
Update hapijs/hoek to 5.0.2 from 4.2.0
#3648
Update hapijs/cryptiles to 4.1.0 from 3.1.2
#3647
Update hapijs/content to 4.0.3 from 3.0.6
#3646
Update hapijs/catbox-memory to 3.1.1 from 2.0.4
#3645
Update hapijs/catbox to 10.0.2 from 7.1.5
#3644
Update hapijs/call to 5.0.1 from 4.0.2
#3643
Update hapijs/boom to 7.1.1 from 5.2.0
#3642
Update hapijs/b64 to 4.0.0 from 3.0.2
#3641
Update hapijs/ammo to 3.0.0 from 2.0.4
#3640
Update hapijs/accept to 3.0.2 from 2.1.4
#3639
Update hapijs/statehood to 6.0.5 from 5.0.3
#3638
Update hapijs/shot to 4.0.3 from 3.4.2
#3637
Update hapijs/heavy to 6.0.0 from 4.0.4
#3636
Update hapijs/wreck to 14.0.2 from 13.0.3
#3635
Expose payload and credentials to dynamic scopes
#3634
onCredentials ext point
#3633
Separate authorization (403) from authentication (401)
#3632
Add negative test on registering plugin twice without `once`
#3631
When event data is an error, field name is error
#3551
Update hapijs/statehood to 5.0.3 from 5.0.2
#3550
Update hapijs/content to 3.0.5 from 3.0.4
#3548
Update hapijs/boom to 5.2.0 from 5.1.0
#3545
Update hapijs/joi to 10.6.0 from 10.5.2
#3544
Update jshttp/mime-db to 1.29.0 from 1.28.0
#3543
Update hapijs/catbox to 7.1.5 from 7.1.4
#3542
Update hapijs/podium to 1.3.0 from 1.2.5
#3541
Update hapijs/hoek to 4.2.0 from 4.1.1
#3539
Add payload fail action custom handler
#3533
Update hapijs/subtext to 5.0.0 from 4.4.1
#3532
Remove joi validation when creating request podium events
#3531
Return 413 when payload too large.
#3526
Consider wildcard filtering for debug options
#3523
Update lab and fix indentation
#3520
Fixed validation of server's Joi options
#3519
allow decoration of reply with non functions
#3516
Invalid cookie header despite strictHeader: false, ignoreErrors: true
#3483
Filename detecting problem on uploading file with apostrophes
#3480
RST packet instead of a FIN packet to close the response on Heroku
#3464
Throwing inside response event breaks new events
#3502
Update hapijs/wreck to 12.2.2 from 10.0.0
#3501
Update hapijs/subtext to 4.4.1 from 4.3.0
#3500
Update hapijs/statehood to 5.0.2 from 5.0.1
#3499
Update hapijs/pez to 2.1.5 from 2.1.4
#3498
Update jshttp/mime-db to 1.28.0 from 1.25.0
#3497
Update hapijs/joi to 10.5.1 from 10.1.0
#3496
Update hueniverse/iron to 4.0.5 from 4.0.4
#3495
Update hapijs/hoek to 4.1.1 from 4.1.0
#3494
Update hapijs/heavy to 4.0.4 from 4.0.3
#3493
Update hapijs/cryptiles to 3.1.2 from 3.1.1
#3492
Update hapijs/content to 3.0.4 from 3.0.3
#3491
Update hapijs/catbox to 7.1.3 from 7.1.4
#3490
Update hapijs/call to 4.0.2 from 4.0.0
#3489
Update hapijs/boom to 5.1.0 from 4.2.0
#3488
Update hapijs/ammo to 2.0.4 from 2.0.3
#3487
Update hapijs/accept to 2.1.4 from 2.1.3
#3472
Send connection close when there is unconsumed payload
#3470
Defer 100-continue signalling until payload parsing
#3451
Have access to request.app in Joi validation context
#3448
Bind request continuation methods to current domain
#3447
one server is always leaked
#3431
when failAction is log or ignored, the error is assigned to request.preResponse but not request.pre
#3427
reply.entity() will always return null for correct etags
16.1.0
breaking changes
#3398
16.0.0 Release Notes
#3397
Update hapijs/ammo to 2.0.3 from 2.0.2
#3396
Update hapijs/call to 4.0.0 from 3.0.3
#3395
Update hapijs/catbox to 7.1.3 from 7.1.2
#3394
Update hapijs/heavy to 4.0.3 from 4.0.2
#3393
Update hapijs/podium to 1.2.5 from 1.2.3
#3392
Update hapijs/shot to 3.4.0 from 3.3.2
#3391
Update hapijs/statehood to 5.0.1 from 5.0.0
#3390
Update jshttp/mime-db to 1.25.0 from 1.23.0
#3389
Update hapijs/content to 3.0.3 from 3.0.2
#3388
Update hapijs/pez to 2.1.4 from 2.1.2
#3387
Update hapijs/accept to 2.1.3 from 2.1.2
#3386
Update hapijs/catbox-memory to 2.0.4 from 2.0.3
#3385
Update hapijs/joi to 10.0.1 from 9.0.4
#3384
Update hapijs/cryptiles to 3.1.1 from 3.0.2
#3383
Update hapijs/boom to 4.2.0 from 4.0.0
#3381
problems with Promise error handling in plugin registration
#3380
Ensure Boom objects can be reused - Fix for issue #3378
#3378
Server fails to reuse Boom object
#3372
Allow HTTPS long poll requests
#3369
Deprecation Warning in Node v7.0.0 for call to os.tmpDir
#3368
change deprecated os.tmpDir call to os.tmpdir
#3359
Shrinkwrap fails with hapi version 15.1.1
#3358
fix server not propagating errors on prehandler(promise) + handler error (#3242)
#3347
Major performance issue with hapi.js 15.x
#3242
Using promises in prehandlers causes exceptions to be swallowed in handlers.
15.0.2
breaking changes
#3323
15.0.0 Release Notes
#3322
Bump hapijs/boom version to 4.0.0 from 3.2.2
#3320
Update hapijs/boom to 4.0.0 from 3.2.2
#3318
Update hapijs/statehood to 5.0.0 from 4.0.3
#3317
Update hueniverse/iron to 4.0.3 from 4.0.2
#3316
Update hapijs/wreck to 9.0.0 from 8.0.1
#3315
Update hapijs/call to 3.0.3 from 3.0.2
#3314
Update hapijs/ammo to 2.0.2 from 2.0.1
#3313
Expose request to server.encode() and decode() generators
#3308
Response validation custom handler
#3307
Update hapijs/shot to 3.3.1 from 3.1.1
#3306
Disable request getLog() by default
#3304
Errors when reply.continue() is called with an non-auth argument
#3303
Error when reply() is called with a third argument (non-auth)
#3302
Access to scope errors list from a Forbidden error
#3300
Support custom content-type payload decoders
#3299
Update hapijs/subtext to 4.2.0 from 4.0.5
#3298
Allow extending server encoding support
#3296
Custom events
#3295
server.register callback handling does not enforce process.nextTick
#3294
Replace node's EventEmitter interface
#3292
The "Vary: accept-encoding" header is not always set
#3291
Ensure that 206 responses are never compressed
#3275
Support for route authorization
#3243
Content type charset handling
#3237
Set response status message.
#3227
Set route validation bind context
#3214
Support failAction function on validation response failures
#3201
handle more types of promise rejection, for #3102
#3194
output validation error pass source along
#3270
Update hapijs/topo to 2.0.2 from 2.0.1
#3269
Update hapijs/wreck to 8.0.1 from 7.2.1
#3268
Update hapijs/vise to 2.0.2 from 2.0.1
#3267
Update hapijs/nigel to 2.0.2 from 2.0.1
#3266
Update hapijs/b64 to 3.0.2 from 3.0.1
#3265
Update hapijs/pez to 2.1.2 from 2.1.1
#3264
Update hapijs/context to 3.0.2 from 3.0.1
#3263
Update hapijs/subtext to 4.0.5 from 4.0.3
#3262
Update hapijs/statehood to 4.0.3 from 4.0.1
#3261
Update hapijs/shot to 3.1.1 from 3.1.0
#3260
Update hapijs/peekaboo to 2.0.2 from 2.0.1
#3259
Update hapijs/mimos to 3.0.3 from 3.0.2
#3258
Update hapijs/kilt to 2.0.2 from 2.0.1
#3257
Update moment/moment to 2.14.1 from 2.13.0
#3256
Update hapijs/isemail to 2.2.1 from 2.1.0
#3255
Update hapijs/joi to 9.0.4 from 8.1.0
#3254
Update hapijs/items to 2.1.1 from 2.1.0
#3253
Update hueniverse/iron to 4.0.2 from 4.0.1
#3252
Update hapijs/heavy to 4.0.2 from 4.0.1
#3251
Update hapijs/cryptiles to 3.0.2 from 3.0.1
#3250
Update hapijs/catbox-memory to 2.0.3 from 2.0.2
#3248
Update hapijs/call to 3.0.3 from 3.0.2
#3247
Update hapijs/ammo to 2.0.2 from 2.0.1
#3246
Update hapijs/hoek to 4.0.2 from 4.0.0
#3245
Update hapijs/boom to 3.2.2 from 3.2.0
#3244
Update hapijs/accept to 2.1.2 from 2.1.1
#3173
Update hapijs/nigel to 2.0.1 from 2.0.0
#3172
Update hapijs/b64 to 3.0.1 from 3.0.0
#3171
Update hapijs/pez to 2.1.1 from 2.1.0
#3170
Update hapijs/subtext to 4.0.3 from 4.0.1
#3169
Update hapijs/statehood to 4.0.1 from 4.0.0
#3168
Update hapijs/peekaboo to 2.0.1 from 2.0.0
#3167
Update hapijs/mimos to 3.0.1 from 3.0.0
#3166
Update hapijs/kilt to 2.0.1 from 2.0.0
#3165
Update hapijs/isemail to 2.1.0 from 2.1.2
#3164
Update hueniverse/iron to 4.0.1 from 4.0.0
#3163
Update hapijs/cryptiles to 3.0.1 from 3.0.0
#3162
Update hapijs/catbox-memory to 2.0.2 from 2.0.1
#3161
Update hapijs/catbox to 7.1.1 from 7.1.0
#3160
Update hapijs/call to 3.0.1 from 3.0.0
#3159
Update hapijs/boom to 3.2.0 from 3.1.3
#3158
Update hapijs/ammo to 2.0.1 from 2.0.0
#3157
Update hapijs/topo to 2.0.1 from 2.0.0
#3156
Update hapijs/wreck to 7.2.1 from 7.2.0
#3121
allow array as valid validate config on headers, params, query and payload
#3119
Support [] as payload validation
13.4.0
breaking changes
#3147
Pass original validation error if boom
#3146
Update hapijs/wreck to 7.2.0 from 7.0.2
#3145
Update hapijs/vise to 2.0.1 from 2.0.0
#3144
Update hapijs/content to 3.0.1 from 3.0.0
#3143
Update jshttp/mime-db to 1.23.0 from 1.22.0
#3142
Update moment/moment to 2.13.0 from 2.12.0
#3141
Update hapijs/joi to 8.1.0 from 8.0.4
#3140
Update hapijs/items to 2.1.0 from 2.0.0
#3139
Update hapijs/hoek to 4.0.0 from 3.0.4
#3138
Update hapijs/heavy to 4.0.1 from 4.0.0
#3083
Allow provisioning server cache after construction
#3082
Update hapijs/wreck to 7.0.2 from 7.0.0
#3081
Update hapijs/shot to 3.0.1 from 3.0.0
#3080
Update jshttp/mime-db to 1.22.0 from 1.20.0
#3079
Update moment/momemt to 2.12.0 from 2.11.0
#3078
Update hapijs/joi to 8.0.4 from 7.1.0
#3077
Update hapijs/boom to 3.1.2 from 3.1.1
#3069
Pass through cookie options when calling reply.unstate()
#3057
Don't re-initialize the server
#3042
Moment - Regular Expression Denial of Service
#3012
Update hapijs/catbox to 7.1.0 from 7.0.0
#3011
Update hapijs/shot to 3.0.0 from 2.0.1
#3010
Update jshttp/mime-db to 1.20.0 from 1.19.0
#3009
Update moment/moment to 2.11.0 from 2.10.6
#3008
Update hapijs/isemail to 2.1.0 from 2.0.0
#3007
Update hapijs/joi to 7.1.0 from 7.0.0
#3006
Update hapijs/hoek to 3.0.4 from 3.0.0
#3005
Update hapijs/boom to 3.1.1 from 3.0.0
#3004
Update hapijs/accept to 2.1.0 from 2.0.0
#3002
Remove request.session and request.auth.session placeholders
#3001
Update hapijs/statehood to 3.1.0 from 3.0.0
#3000
Return a promise when callback missing
#2999
Support required scope with + prefix
#2998
Support multiple access combinations per route
#2994
Dynamic scope does not work with auth.default()
#2993
Support forbidden scope with ! prefix
#2992
Normalize auth scope and entity settings under new access option
#2988
Handle invalid date exceptions
#2985
12.0.0. Release Notes
#2983
Update hapijs/subtext to 4.0.0 from 3.0.1
#2972
Add validation check for stripUnknown route response option
#2966
request.raw.res.end() method is called twice
#2957
nameless cookie causing hapi fail parsing
#2936
Expose origin matching status
#2886
Add entire auth object to validation context options
#2923
Update hapijs/vise to 2.0.0 from 1.0.0
#2922
Update hapijs/nigel to 2.0.0 from 1.0.1
#2921
Update hapijs/pez to 2.0.1 from 1.0.0
#2920
Update hapijs/context to 3.0.0 from 1.0.2
#2919
Update hapijs/subtext to 3.0.0 from 2.0.2
#2918
Update hapijs/statehood to 3.0.0 from 2.1.1
#2917
Update hapijs/shot to 2.0.1 from 1.7.0
#2916
Update hapijs/qs to 6.0.0 from 5.2.0
#2915
Update hapijs/peekaboo to 2.0.0 from 1.0.0
#2914
Update hapijs/mimos to 3.0.0 from 2.0.2
#2913
Update hapijs/kilt to 2.0.0 from 1.1.1
#2912
Update hueniverse/iron to 3.0.1 from 2.1.3
#2911
Update hapijs/heavy to 4.0.0 from 3.0.1
#2910
Update hapijs/cryptiles to 3.0.0 from 2.0.5
#2909
Update hapijs/catbox-memory to 2.0.1 from 1.1.2
#2908
Update hapijs/isemail to 2.0.0 from 1.2.0
#2907
Update hapijs/topo to 2.0.0 from 1.1.0
#2906
Update hapijs/joi to 7.0.0 from 6.8.1
#2905
Update hapijs/catbox to 7.0.0 from 6.0.0
#2904
Update hapijs/call to 3.0.0 from 2.0.2
#2903
Update hapijs/ammo to 2.0.0 from 1.0.1
#2902
Update hapijs/accept to 2.0.0 from 1.1.0
#2901
Update hapijs/wreck to 7.0.0 from 6.2.0
#2900
Update hapijs/b64 to 3.0.0 from 2.0.1
#2899
Update hapijs/items to 2.0.0 from 1.1.0
#2898
Update hapijs/boom to 3.0.0 from 2.9.0
#2897
Update hapijs/hoek to 3.0.1 from 2.16.3
11.0.3
breaking changes
#2885
Update hapijs/subtext to 2.0.2 from 2.0.1
#2877
Replace all functions inside functions with arrow functions
#2875
Style change: replace for(i, il) with length in test
#2874
Replace var with let
#2873
Use const where possible
#2872
Add strict mode
#2870
Fix empty content-length handling for gzip and 204 responses
#2869
Gzip compression is skipped when content-length is unknown
#2868
CORS: Is 404 on OPTIONS request the right thing to do?
#2867
Skip extensions for notFound and badRequest
#2862
Update hapijs/subtext to 2.0.2 from 2.0.0
11.0.1
breaking changes
#2850
11.0.0 Release Notes
#2849
Add 204 to statuses cached by default
#2848
Allow response validation of non-objects
#2847
Update hapijs/qs to 5.2.0 from 4.0.0
#2845
Allow empty response to default to 204
#2840
CORS route-specific override can conflict with connection defaults
#2814
Remove server.after()
#2807
Remove id from request received event
10.5.0
breaking changes
10.4.0
breaking changes
#2828
Update hapijs/shot to 1.7.0 from 1.6.1
#2827
Enhance server.ext() to accept an array of event objects
#2826
Update hapijs/topo to 1.1.0 from 1.0.3
#2824
request.info.host - Host header wrong in server.inject
#2823
Skip empty extension points in request lifecycle
#2822
Plugin schema too restrictive
#2819
Replace single connection server decorations with assertions
#2818
Support plugin level once attribute
#2566
Lifecycle hooks on routes
10.2.0
breaking changes
#2815
Cleanup after() options
#2813
Update server root methods when adding 2nd connection
#2812
Prevent adding server extensions once initialize() is called
#2811
Support connectionless plugins
#2809
Return plugin dependency errors via callback instead of throwing
#2808
Pass start() and initialize() errors via callback, not throw
#2806
Update hapijs/isemail to 1.2.0 from 1.1.1
#2805
Update hapijs/joi to 6.8.0 from 6.6.1
#2804
Apply arguments schema more consistently
#2796
don't duplicate accept-encoding in vary header
#2790
Add cache stats to server methods
#2788
Option to turn off domains
#2777
Public API for Registered Plugins
#2773
Detects and rejects malformed response headers
#2763
get cache stats for a server method?
#2761
Conditional register() for skipping already registered plugins
#2736
Stopping the server while starting it
#2733
CORS Headers
#2352
setting undefined headers on transmit
#1850
Set per-plugin registration options when registering an array of plugins
#2787
Update hapijs/wreck to 6.2.0 from 6.1.0
#2786
Update hapijs/b64 to 2.0.1 from 2.0.0
#2785
Update hapijs/shot to 1.6.1 from 1.6.0
#2784
Update jshttp/mime-db to 1.19.0 from 1.18.0
#2783
Update hapijs/hoek to 2.16.3 from 2.14.0
#2782
Update hapijs/cryptiles to 2.0.5 from 2.0.4
#2776
Add preload flag to HSTS header and fix casing for includeSubDomains.
#2505
request.state occasionally null
#2779
Flaky test? "Request does not return an error when server is responding when the timeout occurs"
9.3.0
breaking changes
#2757
Require allowInternals option on server.inject() to call isInternal routes
#2718
Breaking change with query string validation from 8.6.0 to 9.0.2
#2698
Update hapijs/content to 1.0.2 from 1.0.1
#2697
Update moment/moment to 2.10.6 from 2.10.3
#2696
Update hapijs/joi to 6.6.1 from 6.4.1
#2695
Update hueniverse/iron to 2.1.3 from 2.1.2
#2694
Update hapijs/call to 2.0.2 from 2.0.1
#2693
Update hapijs/boom to 2.8.0 from 2.7.2
#2692
Update hapijs/ammo to 1.0.1 from 1.0.0
#2691
Update hapijs/accept to 1.1.0 from 1.0.0
#2689
Update hapijs/subtext from 1.1.1 to 2.0.0
#2688
Add server.initialize()
#2687
Set plugin options in realm
#2686
Require callback in start() and end()
#2685
Allow server.ext() to extend server actions (start, stop)
#2684
Update hapijs/catbox to 6.0.0 from 4.3.0
#2683
Update jshttp/mime-db to 1.16.0 from 1.14.0
#2682
9.0.0 Release Notes
#2681
Remove server files settings
#2675
Update hapijs/shot to 1.6.0 from 1.5.3
#2673
304 response sends: no-cache regardless of routes.cache settings
#2665
Server breaks when using cached server method
#2662
Added schema validation when creating a server method using object
#2661
No longer removing response validation from route object if sample = 0
#2645
Add failing test for #2628
#2641
Vary accept-encoding header not always set for compressible content
#2628
Multiple etag problems with directory handler causing browser use outdated cached content.
#2626
Remove inert, h2o2, and vision from core
#2616
Strange behaviour with throw in handlers
#2576
Parsing requests with no payload
#2520
API wart: server.dependency after method lacks options
#2671
Update hapijs/topo to 1.0.3 from 1.0.2
#2670
Update hapijs/topo to 1.0.3 from 1.0.2
#2664
allow for proto inherit with Server ("instanceof" instead of "===")
#2663
internals.Server does not allow proto inheritance
#2657
`server.ext` dependencies not ordered using `before` as array
#2642
Failing test for `server.ext` with complex deps.
#2631
Update hapijs/inert to 2.1.6 from 2.1.5
#2627
Update hapijs/subtext to 1.1.1 from 1.1.0
#2625
Update hapijs/wreck to 6.0.0 from 5.5.1
#2623
Update hapijs/qs to 4.0.0 from 2.4.2
#2622
Support qs options in payload and query parsing
#2613
Update jshttp/mime-db to 1.14.0 from 1.11.0
#2612
Update hapijs/vision to 2.0.1 from 2.0.0
#2480
Ability to pass options to qs for payload parsing
8.6.1
breaking changes
#2552
Update hapijs/wreck to 5.5.1 from 5.2.0
#2551
Update jshttp/mime-db to 1.10.0 from 1.9.1
#2550
Update moment/moment to 2.10.3 from 2.9.0
#2549
Update hapijs/joi to 6.4.1 from 6.0.8
#2548
Update hapijs/hoek to 2.13.0 from 2.11.1
#2547
Update hapijs/boom to 2.7.2 from 2.6.1
#2546
Update hapijs/inert to 2.1.5 from 2.1.4
#2545
Update isaacs/node-lru-cache to 2.6.4 from 2.5.0
#2544
Retain content-length header for HEAD requests
#2538
closes #2480: Ability to pass options to qs for payload parsing
#2532
Dynamic authentication scopes
#2509
Update jshttp/mime-db to 1.9.1 from 1.7.0
#2503
Update hapijs/shot to 1.5.0 from 1.4.2
#2502
Fix Hapi Issue #2501, pass on auth artifacts object in server.inject
#2501
server.inject does not allow me to set auth artifacts, only auth credentials
#2481
Feature: server.decorate('request' ... )
#2472
Update hapijs/qs to 2.4.2 from 2.4.0
8.3.0
breaking changes
#2459
Fix for node 0.10 for changes in #2429
#2457
Update hapijs/inert to 2.1.4 from 2.1.3
#2455
Update hapijs/shot to 1.4.2 from 1.4.1
#2454
Update moment/moment to 2.9.0 from 2.8.4
#2453
Update hapijs/joi to 6.0.5 from 5.0.2
#2452
Update hapijs/hoek to 2.11.1 from 2.10.0
#2446
Update hapijs/wreck to 5.2.0 from 5.0.1
#2439
pass context to response schema validation
#2429
Fix for #2427
#2427
Issue uploading file with io.js or node > 0.11.6
#2423
Update mime-db to 1.7.0 from 1.6.1
#2420
Update hapijs/shot to 1.4.1 from 1.4.0
#2418
Add regex to allow leading $ and _
#2411
Update jshttp/mime-db to 1.7.0 from 1.6.1
#2405
Support inline dependencies on plugins
#2402
Improved validation of route method label
#2401
Method name RegExp
#2382
Return explicit error when trying to stream a non-Readable stream
#2368
response.streamify assumes stream has attribute _readableState
#2332
Replacing plugin.dependency() with attributes key
#2326
request-error logged before `onPostHandler` or `onPreResponse`
#2398
Update hapijs/inert to 2.1.3 from 2.1.2
#2397
throw when attaching route handlers without a connection
#2396
Inert 2.1.3 update
#2395
Update jshttp/mime-db to 1.6.1 from 1.5.0
#2392
No Payload Validation
#2374
Server methods context not available in route prerequisites
#2373
Update hapijs/inert to 2.1.2 from 2.1.0
#2372
inert 2.1.2
#2370
Add xss protection to validation response
#2367
Update hapijs/inert to 2.1.0 from 2.0.0
#2366
Update hapijs/catbox to 4.2.1 from 4.2.0
#2363
Refuse to handle incoming request after server is stopped
#2362
Don't respond to connections until listening is started
#2359
Remove '{}' payload from cors OPTIONS response
#2355
Fix table labels
#2354
Update API.md for inert 2.1.0
#2347
Improve error message when validation.payload is set but type is GET
#2309
Fixes #2308 by logging boom error object instead of just message
#2308
Logging boom errors from handlers should send boom error to log not just message
#2335
Expose the request object in inject()
#2331
Revise range tests to not depend on the inert module
#2324
Remove catch call for promise replies
#2323
Promise support
#2316
Update jshttp/mime-db to 1.5.0 from 1.3.1
#2302
allow replying with a stream as returned by node core http client methods
#2301
can't reply with stream returned by node core http client methods
#2300
Bumped mime-db version
#2291
external listener protocol issue
#2277
Fix invalid response for empty reply() (v8.x regression)
8.0.0
breaking changes
#2271
Update jshttp/mime-db to 1.3.0 from 1.2.0
#2270
Update hapijs/boom to 2.6.1 from 2.6.0
#2269
Update hapijs/shot to 1.4.0 from 1.3.5
#2268
Update hapijs/joi to 5.0.2 from 5.0.0
#2264
How to blacklist all routes to use a plugin config?
#2262
Change server.table() result from object to array
#2255
Throw when calling reply() with objectMode stream
#2249
Add 'uri' connection option
#2247
Split debug settings per event type
#2246
plugin dependencies error message changed
#2244
Fix reply.continue() in prerequisite. Closes #2243
#2243
Fix reply.continue() in prerequisite.
#2242
Uncaught error: Cannot read property 'isBoom' of null in hapi/lib/handler.js
#2241
Remove string notation method logging when cache not setup
#2240
Cached method in string notation bypasses cache
#2238
Conditional Validation Rules based on Auth
#2237
Support bare server (no files, proxy, views)
#2235
Expose realm as public interface
#2234
Support views in auth schemes
#2233
Populate connection.info.uri before start when port 0
#2231
Change request.route to a wrapper object containing settings
#2230
Replace server.config with server.realm.modifiers
#2229
plugin.expose() only sets server.plugins, not connection.plugins
#2228
Update hapijs/joi to 5.0.0 from 4.9.0
#2227
Update moment to 2.8.4
#2226
When using string shorthand in pre it does not provide reply interface
#2224
Cleanup connection.info settings and introduce 'address' config
#2220
A method to test a string against the routes table
#2219
Update hapijs/hoek to 2.10.0 from 2.9.0
#2217
Disable scope checking on a route
7.2.0
breaking changes
#2038
Move cli logic to rejoice
#2036
Move lru-cache to inert
#2035
lab 5.0 features. Closes #2034
#2034
Lab 5.0
#2029
Fixes #2028. Updated error message for invalid scope to explain that any of the specified are sufficient
#2028
Improve error message when auth scope is insufficient
#2024
Resolve undefined environment variables to the empty string in the cli.
#2023
7.0.0 Release Notes
#2022
Spin off file and directory to inert
#2021
Override server files.relativeTo config per route
#2020
h2o2 2.0
#2019
Catbox 4.0
#2017
Initial 7.0 changes
#2016
Remove $env support from pack.compose()
#2011
Hapi should not override `cache-control` header if it's manually set by user's code
#2007
Remove server views config
#1960
Remove support for tos authentication setting
#1998
Migrate payload parsing to subtext with multipart support via pez
#1997
Allow payload parsing timeout override per route
#1996
Apply payload failAction to maxBytes and invalid content type
#1993
Replaced optimist with bossy
#1928
Handle empty or falsy charset in response
#1923
Replace multiparty
#1843
Replace optimist
#1973
Move proxy decorations to h2o2
#1972
Move view decorations to vision
#1969
Move mime to mimos
#1968
Vision / Mimos
#1967
Move views code to vision
#1959
Fix server/plugin ext views conflict
#1958
Move proxy handler to h2o2
#1957
Move proxy handler to h2o2
#1956
Fix Content-Type overriding
#1944
Move router to Call
6.8.0
breaking changes
#1935
server.method breaking change
#1919
Log method pre string notation
#1917
Log cache info when using server method short hand calls
#1915
Issue/1911
#1914
catbox 3.2
#1911
Exclude configured cookies from proxy passthrough
#1905
Replaced mime-type with mime.
#1890
Use mime-db
#1889
Upgrade to wreck v5
#1888
Upgrade to Wreck v5
#1828
Disable compression on file types already compressed (png, jpg)
#1878
Rename private route members
#1877
Move state.js to statehood module
#1875
Session scope does not match one to many auth.scope on route.
#1871
Switch to wreck
#1863
Allow agent to be set on proxy options and passed into Nipple.
#1858
Fix typo in defaults.js
#1856
Allow view options override on handler object
6.4.0
breaking changes
#1788
Last-Modified comparison needs to account for 1 second precision
#1783
Change etag when content-encoding is used
#1782
server.inject() res.result does not reflect actual payload sent on 304/204
#1781
Send empty payload on 204
#1778
Do not create a duplicate Content-Type header on proxy passthrough
#1777
Duplicated "Content-Type" header on proxy requests
#1776
Proxy pass-through with onResponse fails to preserve vary header values
#1774
Style fixes
#1773
Windows path fails on trailing slash on view helpers
#1772
HEAD requests should retail etag header
#1771
Open open one file stream when using precompressed file
#1769
Plugin X missing dependency Y in server if manifest.plugins key order not carefully managed
#1766
prepend jsonp callbacks with a comment to prevent the rosetta-flash vulnerability
#1763
fixes #1755 - stripTrailingSlash doesn't work when query variables are used
#1762
fix content-type overriding issue #1760.
#1760
How can I set Content-Type header to the content generated from reply.view?
#1756
Follow coding conventions concerning semicolons; Don't initialize variab...
#1755
Server Options for Router: stripTrailingSlash doesn't work with query string
#1754
File handler to handle 206 Partial Content?
#1752
Adding helpful error message when pack.register is missing a callback
#1751
Calling pack.register without a callback has an unfriendly error
#1745
Add joi validation of pack options
#1733
log function should only emit once if _server object
#1728
6.x breaks plugin modules exporting functions
#1721
Validate pack options
#1676
Problem serving precompressed files with directory handler
#1407
Skip opening file or rendering view on head or 304
#1841
Missing plugin error on migrating from 5.0 provides no useful information
#1708
Hapi 6.0 no longer invalidates auth strategy on registration of route
#1707
6.0.0 Release Notes
#1703
Catbox 3.0 and drop internal require support
#1701
MODULE_NOT_FOUND on Windows when requirePath is absolute
#1700
Change the order of actions when starting a pack
#1696
Non-Error auth err responses are ignored in try mode
#1695
Preserve auth error on try
#1694
Minor error tweaks
#1693
Enhance setting authentication defaults
#1692
Allow testing a request against any configured authentication strategy
#1691
V6.0
#1688
Bring back reply.redirect()
#1687
Don't log auth non-error responses with 'error' tag
#1679
Allow cookie-specific settings for failAction, strictHeader, and clearInvalid
#1678
Expose the location header logic
#1677
Enhance manifest format to support registration options (select, prefix, vhost)
#1675
Remove pack.list
#1674
Make plugin register() and dependency() selectable
#1673
Make plugin.events selectable
#1668
Delete 'Accept-Encoding' header on proxy requests
#1666
Allow loading different plugins (or same plugins) to different servers in pack
#1665
duplicate require calls in hapi/lib/views.js
#1664
Upgrading plugins to hapi 6.0 (preview)
#1663
Allow register to pre-select servers
#1662
Config clones bind, app, and plugins
#1661
View manager clones engines including modules
#1659
plugin.view() modifies options' basePath
#1658
Set route path prefix when loading plugin
#1656
Remove pack.require() and plugin.require()
#1581
Authentication throws are treated as valid reply()
#1579
Add option to remove trailing slashes to router
#1574
Document the best way to implement a 404 from the directory handler when using path callback
#1573
Server throttling controls do not log execution
#1508
Escaped error message with regex validation
#1477
proxy xforward option will set bad headers in some cases
#1645
5.0.0 Release Notes
#1644
request.params contains empty strings for missing optional params
#1643
Expose cross inputs as validation context
#1642
Cjihrig header validation
#1641
Upgrade to joi 4.x
#1640
Rename route `config.validate.path` to `config.validate.params`
#1639
Response validation modifies payload
#1622
Extend Hapi cli to enable loading a module before loading hapi
#1589
Added validation for request headers.
#1588
Validation for cookies and other headers
#1594
Can jsonp be optional?
#1591
Find better way to drain non file/socket stream than read()
#1590
RSS leak occurs when request does not read entire stream response
#1575
Precompile joi response validation
#1569
Move ext topo sort to its own module
#1567
allow defaultExtension
#1566
Precompile joi validation
4.0.0
breaking changes
#1560
4.0.0
#1559
joi 3.0
#1558
Change Hapi.utils.version() to Hapi.version and remove Hoek alias
#1554
coverage, closes #1524
#1551
add an insecureAgent when maxSockets is set, closes #1512
#1548
wip: fix windows bugs
#1547
Make certain that path is relative before joining it to relativeTo
#1524
Coverage after lab partial condition result coverage
#1521
Allow plugins to register handler types
3.1.0
breaking changes
#1541
Clarify that statusCode key of stream response passed in response
#1540
Pre-gzipped source stream not properly tested for being the active source
#1538
Passing Error objects can leak message in 500 response
#1536
maxEventLoopDelay fails to catch when load is too high to reach next sample interval
#1535
Cannot set maxSockets to node default
#1533
Proxy without passThrough fails to set cache-control header
#1532
Multipart payload to files with multiple files skips second file when large
#1531
pack.log() doesn't retain server debug false setting
#1530
plugin.method() should use method bind before plugin bind
#1525
expose filename and headers for streams in a multipart form
#1523
Question: How to validate payload with templated response properly ?
#1520
server.table() mis-documented, missing args, and route.table() is wrong
#1518
Server timeout config allows invalid values
#1517
Proxy handler payload config validation using incorrect variable
#1515
Coverage to 100% after lab logical statement support
#1514
Server allows duplicate lables
#1513
Authentication userland code not protected by domain
#1147
Add request.reply.proxy()
#1146
Expose proxy functionality as a utility
#1145
Proxy errors should use 502 and 504 instead of 500 for most errors
#1144
Support pre-compressed files
#1142
Fix ext function plugin env binding
#1140
Not able to login after attempting without user name
#1139
Auth validator does not log useful information
#1138
Apply plugin views during onRequest phase when route is not yet setup
#1137
generateView at 'onRequest' extension point
#1126
serve pre-compressed files when available
#1133
Joi 2.0
#1132
Migrate to joi 2.0
#1131
Debug mode should log thrown and returned errors similarly
#1129
support for iisnode and windows named pipes
#1128
Server fails ot start when debug is defined as array
#1127
Add ability to listen listen on windows named pipe
#1124
Use ALCE for manifest loading.
#1123
add ability to listen on unix domain socket
1.15.0
breaking changes
#1122
Turns multipart processing off by default
#1119
Would it be worth adding a pretty print option to all JSON payloads?
#1116
CORS origin bug fixes and enhancements
#1114
What is the best way to access request headers?
#1113
updates plugin.views Reference.md entry to a clear and working example
#1112
Too strict cookie parsing?
#1111
Allow safe CORS origins list
#1103
allow arrays of scopes on routes
#1101
Multipart configuration options (upload dir, hash)
#1094
404 not being caught by onPreResponse function
#1091
Only set access-control-allow-origin if the origin header value matches (or '*' is allowed)
1.14.0
breaking changes
#1098
Add criteria support to CLI
#1097
Initial (internal) confidence integration
#1092
Empty path parameter should have empty string value, not undefined
#1028
Expose requests content-type/mime & accept
#1024
Hapi.Composer.compose() requires "plugins" but won't warn if it's not there
#995
Block response.created() from methods other than POST and PUT
1.12.0
breaking changes
#1088
Plugin dependencies
#1086
Allow plugins to specify code executed once a plugin dependency has been loaded
#1085
Validation options
#1084
Restructure validation route configuration
#1083
Normalize response headers to lowercase field name
#1081
Migrate to Iron 1.0
#1077
Add compileMode to schema.js
#1076
Test for both formats of Content-Encoding header
#1074
Route-specific validation error handler
#1055
Migrate to new method of configuring joi
1.9.0
breaking changes
#998
Adding dtrace probes
#996
Remove Directory and View from cacheable responses
#994
Server level cache
#993
Plugin context
#991
Configurable shared context in plugins
#987
View routes caching empty payload (with redis)
#983
Response method terms - encoding() vs charset()
#980
Add interface to register local `require` function with plugin api
#979
Confusing error message when configuring auth using default strategy when none configured
#978
Change plugin `ext` permission default to true
#971
Use instanceof Error + isBoom to replace instanceof Boom
#970
Removing complexity-report
#968
Changes to `plugin.hapi` and the `cookie` scheme
#967
Authentication defaultMode allowed invalid values
#966
Expose the hapi module on the request object
#965
Change parameter name pack to plugin to resolve #963
#963
Question: should pack.register's register pack parameter should be renamed to plugin?
#962
Server config schema does not allow single string labels
#960
Updates to case sensitive routing
#958
Path params are no longer lowercased in router
#955
Update Reference.md plugin.lenght to plugin.length
#953
Path Parameters case changed when setting isCaseSensitive to false
#952
Document the importance of using hapi.error over separate Boom module
#951
use .isBoom instead of instanceof Boom
#949
Error when hawk payload validation is required but the request contains no hash
#948
reference multiparty instead of formidable
#946
Updating example to be clearer
#944
Found some small typos/formatting issues in Reference.md
#940
Proxy response gets truncated
#943
Updating version
#942
Layouts work correctly in jade
#941
No longer destroying request socket
#939
JSON response body truncated
#938
Fixed the code example to get Hapi's version
#936
Allow omitting trailing slash when last segment is an optional parameter
#935
Path matching should allow omitting trailing slash before an optional path parameter
#926
'layout' option seems broken when using jade as template engine
1.5.0
breaking changes
#885
Fix plugin.path
#883
Cleanup pack requirePath
#876
Leading "."s should be removed before matching against domainLabelLenRegx in state.js
#873
using a plugin with a package in node_modules doesn't work if cwd other than the main directory
#872
Test for invalid incoming path without leading '/'
#870
Response treats objects as errors based on too trivial keys
#869
Request._replyInterface called twice but does not share wasProcessed state
#868
Potential leak when aborting reading a payload if max size reached
#857
pack.path sometimes not ending in a '/'
1.3.0
breaking changes
#880
Performance and hawk options
#879
Support all Hawk and Bewit options
#878
Adding Client request socket timeout
#871
* allowed in path but used as special character in route fingerprint
#863
Absolute paths now work correctly with hapi command
#862
Minor performance tweaks
#861
hapi -p argument no longer supports absolute path to node_modules
#860
Adding hapi bin test and fixing issue with no plugins
#859
Fixing test
#858
Added missing done() call in test
#856
Remove _log() wrapper
1.2.0
breaking changes
#854
Move to use multiparty
#853
New internal proxy handler
#852
Replace internal proxy implementation
#851
warning about formidable during npm install
#850
Increasing allowed sockets to 10 for client
#848
Template settings override fix
#847
POST to routes with payload 'parse' doesn't work with NODE 0.10.0 and 0.10.1
#846
Request: View configuration to autoload helepers
#845
Generic response fails to account for all possible res events
#844
Proxy to outside site fails due to request's old stream api and node 0.10 wrap()
#843
Allow setting custom headers via proxy mapUri
#839
Cleanup listeners
#838
Issue/808
#837
Issue/812
#835
`Pack`: Automatically resolve the `requirePath` if provided
#834
`Pack` throws an `AssertionError` if the `requirePath` is not absolute
#833
closes #832
#832
Allow route.payload config to be an object with `mode`
#831
Closes #830
#830
Add payload 'try' parsing mode
#828
Add HttpOnly support to cookie auth
#827
request debug printout format and condition
#824
Issue/821
#821
Allow to render templates asynchronously
#820
Clarified the format of payload in server.inject in the Reference doc
#812
Allow specifying the supported content-type of each route
#809
Error Stack Trace is not printed to the console
#808
Add an override config to route.payload
#807
Allow HttpOnly Flag for authentication cookies
#801
Switch view from using sync file ready to async
1.0.0
breaking changes
#796
Allow unencoded double quote and backslash in the cookie value
#793
Use new assert with passed parameters instead of concat string
#792
Allow validation of any type, not just objects (except errors, still ignored)
#791
Test fails: Auth Hawk includes authorization header in response when the response is a stream
#789
Streams not properly being closed for static files when browser gets cache hit
#788
Need more detailed documentation for "next" callback for event handlers
#787
Expose Plugin File Path
#786
View handlers uses `request.querystring` instead of `request.query`
#784
Change server helper options.generateKey to receive the same arguments as the helper method
#782
Payload parsing should be based on request method, not path method
#781
Do not set request.state[name] when value is invalid regardless of failAction
#780
Relative path redirection should have vhost support
#779
Add server config `location` for Location header prefix
#776
Streamline request.reply()
#775
Log cookie errors when failAction set to 'error'
#771
Multipart upload issue
#769
View handler example
#768
Directory handler example
#767
Verify every example works with 1.0
#765
Refactor views manager configuration
#761
Hapi.Types is undefined
#759
Feature/misc
#758
cookie authentication example fails with 1.0.0
#755
Views now render without child path
#754
Allow server config to contain uri and not override it if set
#752
Shared config for plugins
#751
Cleanup Unmonitored error
#749
Debug stack trace
#748
request.reply.redirect going to '0.0.0.0'
#745
Basic Authentication callback with no username/password returns 500
#728
Hawk 0.11
#727
Fix hawk response header edge cases
#726
Misc features
#725
Debug enhancements
#724
Route validation is now using payload instead of schema
#721
Rename the route validate.schema to validate.payload
#720
Auth.responseHeader not called if error returned pre handler
#718
Automatically set a cookie if none present
#716
Errors when preparing a response now emit internalError correctly
#715
Auth api refactor
#714
Adding remote address and referrer information to request.info
#713
internalError event not emitted on view error.
#711
Add environment variable support when using composer
#707
internalError event returns error handler stack trace not thrown trace
#706
Hawk's Authorization Response Header
#705
Hawk's timestamp using Hapi
#703
taking a look at http data posted before 400 response
#702
Client IP Address
#701
A newbie question about Cookie Authentication example
#700
Adding security tests and fixing security bugs
#698
Reformat errors ability
#697
Protect all error responses from echo attacks
#696
Provide easier debugging defaults
#694
Normalize handler signature (always bind this, and pass same args)
#693
file handler includes internal information in the response
#692
Missing handler error should provide more debug information
#686
Pack auth api
#685
How to use State and Cookie Authentication?
#684
Enable plugin registration of auth schemes
#683
Pack and cache API refactor
0.15.2
breaking changes
#672
Emit 'internalError' on 500 responses
#671
Emit 'internalError' on 500 responses
#670
internalError event
#669
Optimize prerequisites and protect
#668
Run prerequisites inside a domain
#667
Ensure all assertions inside request handling result in 500 response
#666
Asserts throw instead of exit
#665
0.15.2 Breaking Changes
#644
Log but ignore cookie errors
#663
Full plugin deps
#662
Plugin deps
#659
handler interface api styles
#657
Route prerequisite detection for route handler request object.
#653
Add request defensive protection
#652
Plugin dependencies
#650
Document plugin API
#649
Migrate to lab (from mocha)
#646
Replace mocha with lab
#642
Adding hawk response auth header
#638
Event tags
#637
Parsing the request form-encoded payload using qs
#636
Add event tags object in callback
#635
Cleanup
#634
Domains
#633
pack interface cleanup
#632
Adding example of cookie failAction
#630
shot 0.1.0, Buffer response type, encoding
#628
Support text/* encoding for incoming payloads
#627
Allow unknown content-type when not parsing
#626
shot 0.1.0
#625
Buffer response type
#622
Document response object header method
#621
Setting charset to UTF-8
#619
hawk 0.10, payload cleanup, text/* parse support
#618
Support parsing text/* mime types
#617
Upgrade to Hawk 0.9.0
#616
Cookie Max-Age is in seconds, not msec
#615
Using path.join where possible
#614
Cookie MaxAge set incorrectly
#613
Fix proxy mapUri query bug, allow pack.api to specify key
#612
Remove monitor
#611
Adding vhost tests
#610
Cleaning up test and stream response
#609
Virtual hosts support
#608
Random test fails: Response Stream returns a deflated stream reply without a content-length header when accept-encoding is deflate
#607
Adding basic crumb CSRF information to reference guide
#606
Handling request and response errors
#604
Move good log utils back in, turn rest (monitor) to plugin
#603
Move batch to a plugin
#587
Composer config options
#577
Beef up file etag tests
#569
Minor: Is 'description' still a valid attribute of the 'config' object when doing route configuration?
#562
getRouteSourceFilePath doesn't work correctly on windows
#538
Show a color error on config snippet when invalid
#536
Support other encoding methods (deflate)
#378
Hawk bewit support as a new authentication scheme
#563
Using memory instead of redis for test
#561
Composer
#554
Support node server socket timeout override
#553
Pack server event and socket timeout override
#549
"Hello static server" sample does not working on windows
#543
Fix scoping bug when using multiple helper prerequisites
#537
Update docs/Reference.md
#535
Optimize Generic gzip to reduce memory copies of payload.join()
#533
Add make for generating complexity report
#532
Validate route config schema
#531
JSONP
#529
favicon example
#527
Support Buffer response
#523
Set CORS origin header to incoming request origin if allowed
#522
rename helmet to tv
#519
Add coverage for 304 response logic
#516
Auth scheme request extension interface
#515
Option to automatically clear invalid cookies
#514
Not found (404) handler method is case sensitive
#513
Add server.api and request.api for storing application-specific state
#512
Direct use of Boom (0.3.0)
#507
Fix incorrect use of applyToDefaults in server constructor
#506
Add route.config.plugins for plugin-specific config
#505
Allow Location header with custom URI schemes
#504
Refactor responses to make it easier to create external responses or manipulate
#503
Expose request private properties
#502
Remove server config format options
#501
Response refactor, bug fixes
#500
Cookie parsing fails if encoding set to 'none'
#499
Random test fails: Server Timeout doesn't return an error when server is responding when the timeout occurs
#474
0.13.2
#472
Fix matching of wildcard path param with trailing /
#471
/{p*} doesn't match /path/
#466
Directory listing at top level folders now link correctly
#465
directory list using the directory handler produces wrong URLs
#464
index option for directory module doesn't work on subdirs
#463
Typo: req.session.used -> req.session.user
0.13.0
breaking changes
#457
Remove server creation log messages
#456
Bypass cache logic when not using cache around handler
#455
Reintroduce the removed request.reply.close() method
#454
Support wildcard HTTP method routing
#452
Test server format.error config option
#450
typo
#448
Fixed typos
#447
Replace config.ext with Server.ext()
#446
Replace setNotFound with wildcard method support
#445
Streamline Server API
0.12.0
breaking changes
#442
0.12.0 Breaking Changes
#435
Prerequisite helper shortcut interface
#434
Bound handler to request, bump to 0.12.0
#431
Response validation fails on response errors
#427
CORS cleanup and Monitor defaults
#426
CORS off by default, using catch-all instead of synthetic route
#425
Route sorting rewrite
#422
Allow raw (direct) responses to bail if header fails
#421
onPostRoute called before response is sent
#420
Goodies
#416
Auth cleanup
#409
Error: listen EADDRNOTAVAIL when starting hapi server with foreman
#407
Adding support for basic auth password hashing
#406
Update auth dependencies
#405
For basic auth run password through hashPassword function first
#402
Use fixed time password comparison
#401
Enable more than one jade template file to be used in hapi.
#397
Arrange routes in descending order of specificity
#396
Accept cache mode 'client+server' as 'server+client'
#387
Create contributing guidelines
#377
Document and add examples for the authentication interface
#376
Switch all tests that listen on a port to use automatically allocated port
#374
Test Content-Length vs. actual payload size mismatch behaviour
#373
Add support for private cache-control flag
#367
Potential headers duplication when mixing sources due to case
#363
Adding server + client timeout feature
#360
Timeout server response if taking too long with 503 response
#359
Timeout client connections taking too long and return 408
#358
Support other view engines, including multiple engines per server
#357
Make Views cache usage configurable (per Manager)
#329
Add redirection response
#326
Adding support for hapi-log
#322
Docs handler refactor
#319
Doc configuration should let you set the auth mode
#314
Multiple auth schemes
#309
Bring monitor/* to 100% test coverage
#303
Handle %-encoding of '/' in route and request paths
#302
Consider object key name sizes in calculating object memory usage in memory cache
#270
Multiple auth scheme support
#253
Support redirection responses
#305
Hidden files can now optionally be served
#301
Merge, payload tests
#299
Fix issue with case-insensitive route conflic
#298
Prevent use of encoded non-reserved characters in path
#297
Refactor request path normalization
#296
Fix route path fingerprint when using cases-insensitive paths
#295
Prevent directory from showing or serving hidden files (configurable)
#294
Refactor responses, auth, payload
#293
Fix multipart parsing
#290
Improve batch example to include a request
#289
Add a unique request id for each incoming request
#287
Forbid using %encoded in route path of unreserved characters
#274
Add Hawk authentication support
#272
Normalize %-encoded paths to match incoming requests
#271
Strict cache mode
#254
Cleanup handling of response headers / options
#241
Add static files support
#277
Changed matching rule of {param*}, Oz tests
#275
Prevent basic routes collision
#268
Tests, extension auth schemes
#265
Document new path option {param*n}
#264
Bring all individual file test coverage to over 90%
#263
Add tests to /test/unit/route.js
#262
Support /path/{param*} syntax
#260
Extension auth schemes
#258
Adding support for etag and last-modified headers
#256
Don't cache responses other than 200
#102
v0.6.0 merge
#101
modified new validation fns to use Utils.assert
#100
New Query Validation Fns Added
#99
Simplified request log interface
#96
Small utils
#94
debug interface, log interface
#93
fix error on subsequent url accesses for queryval
#92
Fix example
#91
QueryValidation fixes, add default behavior for unspecified params, added small tests
#63
Added in SSL cert passphrase to https server creation from settings.