Changelog

18.4.0
#3975
Support joi v16
#3974
Handle errors thrown during error response transmit
#3971
Fix some corner case client errors
#3965
Multiple leading slashes in path causes hostname to be parsed incorrectly
#3964
Custom "content-encoding" without vary header
#3956
ETags behind gateway that compresses responses
#3946
Add support for Chrome Apps and WebExtensions
18.3.2
#3968
v18.3.2
#3967
Update deps
18.3.1
#3943
Revise list of hop-by-hop headers
18.3.0
#3945
Support ext method timeout
#3944
server.stop timeout does not apply to onPreStop extension point
18.2.0
#3941
Change module namespace
18.1.0
#3922
Update hapijs/bourne to 1.1.1 from 1.0.0
#3917
Expose bourne options
18.0.1
#3914
Update hapijs/statehood to 6.0.9 from 6.0.8
#3912
Update hapijs/subtext to 6.0.12 from 6.0.11
#3909
Route validation should throw AssertionError
18.0.0
#3908
Update hapijs/vise to 3.0.2 from 3.0.1
#3907
Update hapijs/teamwork to 3.0.3 from 3.0.2
#3906
Update hapijs/joi to 14.3.1 from 14.0.4
#3905
Update hapijs/boom to 7.3.0 from 7.2.2
#3904
Update hapijs/catbox to 10.0.6 from 10.0.5
#3901
Change request.info.responded to indicate success and add request.info.completed
#3900
fix(transmit test): add missing await on team.work
#3898
Error tag incorrectly set (node 11)
#3897
Return credentials and artifacts from server.auth.test()
#3891
No Content-Type header when returning a stream
#3887
Change inject auth to object and require strategy name
#3884
"Cannot set headers after they are sent to the client" after returning h.abandon
#3882
Add validation for cookies (alt impl)
#3879
Set cookie autoValue only when no value received
#3878
Aborted requests show status code 200 in response event
#3876
Rework cache provisioning apis
#3875
Update hapijs/bounce to 1.2.3 from 1.2.2
#3874
Update hapijs/hoek to 6.1.2 from 6.0.2
#3873
Update hapijs/podium to 3.2.0 from 3.1.4
#3871
18.0.0 Release Notes
#3870
Update hapijs/catbox-memory to 4.0.1 from 3.1.3
#3832
Feature: built in cookie validation
#3831
State autoValue function overwrites existing cookie value
#3822
Use WHATWG URL for request.url
17.9.0
#3942
Change module namespace v17
17.8.5
#3903
Handle signals in onRequest. Closes #3884
17.8.4
#3921
Update hapijs/bourne to 1.1.1 from 1.0.0
17.8.3
#3915
Shrinkwrap typo
17.8.2
#3913
Update hapijs/statehood to 6.0.9 from 6.0.8
#3911
Update hapijs/subtext to 6.0.12 from 6.0.11
17.8.1
#3886
Protect against invalid strategy name in server.auth.verify()
17.8.0
#3885
Support credentials verficiation
17.7.0
#3867
Specify node, hapi, and plugin version requirements
17.6.4
#3863
Remove engines
17.6.3
#3860
Update hapijs/subtext to 6.0.10 from 6.0.9
17.6.2
#3857
Include shrinkwrap file in dist
17.6.1
#3856
Update hapijs/vise to 3.0.1 from 3.0.0
#3855
Update hapijs/topo to 3.0.2 from 3.0.1
#3854
Update hapijs/subtext to 6.0.9 from 6.0.7
#3853
Update hapijs/statehood to 6.0.7 from 6.0.6
#3852
Update hapijs/shot to 4.0.6 from 4.0.5
#3851
Update hapijs/podium to 3.1.4 from 3.1.2
#3850
Update jshttp/mime-db to 1.37.0 from 1.35.0
#3849
Update hapijs/nigel to 3.0.3 from 3.0.1
#3848
Update hapijs/mimos to 4.0.1 from 4.0.0
#3847
Update hapijs/joi to 14.0.3 from 13.5.2
#3846
Update hueniverse/iron to 5.0.5 from 5.0.3
#3845
Update hapijs/heavy to 6.1.1 from 6.1.0
#3844
Update hapijs/catbox-memory to 3.1.3 from 3.1.2
#3843
Update hapijs/catbox to 10.0.4 from 10.0.3
#3842
Update hapijs/call to 5.0.2 from 5.0.1
#3841
Update hapijs/bounce to 1.2.1 from 1.2.0
#3840
Update hapijs/boom to 7.2.1 from 7.2.0
#3839
Update hapijs/b64 to 4.1.1 from 4.0.0
#3838
Update hapijs/ammo to 3.0.2 from 3.0.1
#3837
Update hapijs/accept to 3.1.2 from 3.0.2
#3836
Update hapijs/wreck to 14.1.2 from 14.0.2
#3835
Update hapijs/pez to 4.0.4 from 4.0.2
#3834
Update hapijs/nigel to 3.0.3 from 3.0.1
17.6.0
#3827
Expose request active status
#3826
Update hapijs/catbox to 10.0.3 from 10.0.2
17.5.5
#3821
onPreResponse not called when error returned/rethrown from failAction of error resp validation
17.5.4
#3813
redirecting in onRequest throws Cannot read property 'isOriginMatch' of null
17.5.3
#3808
Update jshttp/mime-db to 1.35.0 from 1.33.0
#3807
Update hapijs/joi to 13.5.2 from 13.2.0
#3792
Global cors and security options not respected in 404
#3782
Content type on empty string payloads
#3728
request.response should be null when response failed to transmit
17.5.2
#3801
Update hapijs/cryptiles to 4.1.2 from 4.1.1
17.5.1
#3796
do not attach request decorations to a shared prototype, alternative approach.
#3718
Request decorations leak across server instances in same process
17.5.0
#3791
support symbol properties in server.decorate()
17.4.0
#3786
Update hapijs/joi to 13.2.0 from 13.1.2
#3785
Update hapijs/ammo to 3.0.1 from 3.0.0
#3784
Update arb/big-time to 2.0.1 from 2.0.0
#3775
Add support for Referrer-Policy header
17.3.1
#3766
Add PATCH to `created` status, better error msg
#3765
Respect a response status schema of true
17.3.0
#3772
Update hapijs/catbox-memory to 3.1.2 from 3.1.1
#3771
Update hapijs/nigel to 3.0.1 from 3.0.2
#3770
Update hapijs/pez to 4.0.2 from 4.0.1
#3769
Update hapijs/statehood to 6.0.6 from 6.0.5
#3768
Update hapijs/content to 4.0.5 from 4.0.4
#3767
server.control()
17.2.3
#3760
Fix checksums
17.2.2
#3758
Request log with function data sends incorrect data
#3741
Replace new Buffer()
17.2.1
#3756
Update hapijs/shot to 4.0.5 from 4.0.3
#3755
Update hapijs/joi to 13.1.2 from 13.0.1
#3754
Update jshttp/mime-db to 1.33.0 from 1.31.0
#3753
Update hapijs/hoek to 5.0.3 from 5.0.2
#3752
Update hapijs/content to 4.0.4 from 4.0.3
#3751
Update hueniverse/bounce to 1.2.0 from 1.0.3
#3750
Update hapijs/boom to 7.2.0 from 7.1.1
#3717
Prefer user added encoding over built-in
#3701
Enable registered encoders to have higher priority than built-in
17.2.0
#3715
Basic concurrent load queue
#3714
Update hapijs/heavy to 6.1.0 from 6.0.0
#3712
Missing return in dispatch()
#3711
Cache stop() errors are not handled
#3708
Errors in "onPostStart" ext leave listener active forever
#3702
Fix server method registered as object without options
17.1.1
#3688
Hapi v17.0.2 cors origin
17.1.0
#3691
Route rules
#3689
Include method name in error
#3125
Allow decoration overrides with parent access support
17.0.2
#3686
Log errors thrown in custom response close method
#3679
[enhancement] https accept-encoding header brotli for chrome
#3675
Optimize accept-encoding for the most common headers
#3674
Update hapijs/cryptiles to 4.1.1 from 4.1.0
17.0.1
#3668
Bypass authorization when authentication bypassed
17.0.0
#3665
Rename route 'config' with 'options'
#3663
Loosen sample and modify peer validator in the routeBase schema
#3662
prerequisite returning empty string yields null on the pre object of request
#3658
17.0.0 Release Notes
#3657
Update hapijs/vise to 3.0.0 from 2.0.2
#3656
Update hapijs/topo to 3.0.0 from 2.0.2
#3655
Update hapijs/podium to 3.1.2 from 1.3.0
#3653
Update hapijs/nigel to 3.0.0 from 2.0.2
#3652
Update hapijs/mimos to 4.0.0 from 3.0.3
#3651
Update jshttp/mime-db to 1.31.0 from 1.29.0
#3650
Update hueniverse/iron to 5.0.4 from 4.0.5
#3649
Update hapijs/hoek to 5.0.2 from 4.2.0
#3648
Update hapijs/cryptiles to 4.1.0 from 3.1.2
#3647
Update hapijs/content to 4.0.3 from 3.0.6
#3646
Update hapijs/catbox-memory to 3.1.1 from 2.0.4
#3645
Update hapijs/catbox to 10.0.2 from 7.1.5
#3644
Update hapijs/call to 5.0.1 from 4.0.2
#3643
Update hapijs/boom to 7.1.1 from 5.2.0
#3642
Update hapijs/b64 to 4.0.0 from 3.0.2
#3641
Update hapijs/ammo to 3.0.0 from 2.0.4
#3640
Update hapijs/accept to 3.0.2 from 2.1.4
#3639
Update hapijs/statehood to 6.0.5 from 5.0.3
#3638
Update hapijs/shot to 4.0.3 from 3.4.2
#3637
Update hapijs/heavy to 6.0.0 from 4.0.4
#3636
Update hapijs/wreck to 14.0.2 from 13.0.3
#3635
Expose payload and credentials to dynamic scopes
#3634
onCredentials ext point
#3633
Separate authorization (403) from authentication (401)
#3632
Add negative test on registering plugin twice without `once`
#3631
When event data is an error, field name is error
16.8.1
#3960
Send 400 bad request on parse error
16.8.0
#3937
16.8.0-Commercial Release Notes
#3933
v16 commercial license version
#3932
Discontinued support for hapi v16
#3899
v16: look into compatibility with node 10
16.7.0
#3869
Specify node, hapi, and plugin version requirements (#3867)
16.6.5
#3866
Remove engines
16.6.4
#3862
Remove support for node 4
#3861
Remove shrinkwrap
16.6.2
#3586
Remove per-response events emitter validation
16.6.1
#3585
Update hapijs/joi to 11.1.0 from 10.6.0
#3582
Support joi 11 paths arrays. Fixes #3581.
16.6.0
#3570
Update hapijs/content to 3.0.6 from 3.0.5
#3560
fix response.message(httpMessage)
#3506
Add json escape option
16.5.2
#3561
Aborted responses return 200 code in inject
16.5.1
#3552
Updating from 16.4.3 to 16.5.0: Podium.decorate is not a function error
#3528
"disconnect" event on the "request" object is never emitted
16.5.0
#3551
Update hapijs/statehood to 5.0.3 from 5.0.2
#3550
Update hapijs/content to 3.0.5 from 3.0.4
#3548
Update hapijs/boom to 5.2.0 from 5.1.0
#3545
Update hapijs/joi to 10.6.0 from 10.5.2
#3544
Update jshttp/mime-db to 1.29.0 from 1.28.0
#3543
Update hapijs/catbox to 7.1.5 from 7.1.4
#3542
Update hapijs/podium to 1.3.0 from 1.2.5
#3541
Update hapijs/hoek to 4.2.0 from 4.1.1
#3539
Add payload fail action custom handler
#3533
Update hapijs/subtext to 5.0.0 from 4.4.1
#3532
Remove joi validation when creating request podium events
#3531
Return 413 when payload too large.
#3526
Consider wildcard filtering for debug options
#3523
Update lab and fix indentation
#3520
Fixed validation of server's Joi options
#3519
allow decoration of reply with non functions
#3516
Invalid cookie header despite strictHeader: false, ignoreErrors: true
#3483
Filename detecting problem on uploading file with apostrophes
#3480
RST packet instead of a FIN packet to close the response on Heroku
#3464
Throwing inside response event breaks new events
16.4.3
#3514
TypeError: Cannot set property 'hostname' of undefined
16.4.2
#3517
Restore npm-shrinkwrap.json file
16.4.1
#3512
Remove npm-shrinkwrap
16.4.0
#3511
Update hapijs/joi to 10.5.2 from 10.5.1
#3505
Remove isemail deps from shrinkwrap
#3486
Provide cover for unhandled rejections
#3429
Better support for async handlers
16.3.1
#3510
Update hapijs/shot to 3.4.2 from 3.4.0
#3507
Node 8 fixes
16.3.0
#3461
explicitly destroy sockets on clientError
#3441
Fix several request.url property issues on setUrl()
#3409
Adding server.inspect to list decorated framework interfaces
16.2.0
#3502
Update hapijs/wreck to 12.2.2 from 10.0.0
#3501
Update hapijs/subtext to 4.4.1 from 4.3.0
#3500
Update hapijs/statehood to 5.0.2 from 5.0.1
#3499
Update hapijs/pez to 2.1.5 from 2.1.4
#3498
Update jshttp/mime-db to 1.28.0 from 1.25.0
#3497
Update hapijs/joi to 10.5.1 from 10.1.0
#3496
Update hueniverse/iron to 4.0.5 from 4.0.4
#3495
Update hapijs/hoek to 4.1.1 from 4.1.0
#3494
Update hapijs/heavy to 4.0.4 from 4.0.3
#3493
Update hapijs/cryptiles to 3.1.2 from 3.1.1
#3492
Update hapijs/content to 3.0.4 from 3.0.3
#3491
Update hapijs/catbox to 7.1.3 from 7.1.4
#3490
Update hapijs/call to 4.0.2 from 4.0.0
#3489
Update hapijs/boom to 5.1.0 from 4.2.0
#3488
Update hapijs/ammo to 2.0.4 from 2.0.3
#3487
Update hapijs/accept to 2.1.4 from 2.1.3
#3472
Send connection close when there is unconsumed payload
#3470
Defer 100-continue signalling until payload parsing
#3451
Have access to request.app in Joi validation context
#3448
Bind request continuation methods to current domain
#3447
one server is always leaked
#3431
when failAction is log or ignored, the error is assigned to request.preResponse but not request.pre
#3427
reply.entity() will always return null for correct etags
16.1.1
#3466
Non-handling of accept-encoding header when the value does not conform to the specification
#3446
remove extra closure
16.1.0
#3416
Update hapijs/joi to 10.1.0 from 10.0.1
#3415
Allow creating multiple connections in a single server.connection() call
16.0.3
#3414
Connectionless plugin fails inside connection-full plugin
16.0.2
#3411
Falsey payload returns null
16.0.1
#3401
Attempt to fix #3399 where it crashes on route prerequisites when no domain is present
#3399
Regression on 16, lib/handlers.js
16.0.0
#3398
16.0.0 Release Notes
#3397
Update hapijs/ammo to 2.0.3 from 2.0.2
#3396
Update hapijs/call to 4.0.0 from 3.0.3
#3395
Update hapijs/catbox to 7.1.3 from 7.1.2
#3394
Update hapijs/heavy to 4.0.3 from 4.0.2
#3393
Update hapijs/podium to 1.2.5 from 1.2.3
#3392
Update hapijs/shot to 3.4.0 from 3.3.2
#3391
Update hapijs/statehood to 5.0.1 from 5.0.0
#3390
Update jshttp/mime-db to 1.25.0 from 1.23.0
#3389
Update hapijs/content to 3.0.3 from 3.0.2
#3388
Update hapijs/pez to 2.1.4 from 2.1.2
#3387
Update hapijs/accept to 2.1.3 from 2.1.2
#3386
Update hapijs/catbox-memory to 2.0.4 from 2.0.3
#3385
Update hapijs/joi to 10.0.1 from 9.0.4
#3384
Update hapijs/cryptiles to 3.1.1 from 3.0.2
#3383
Update hapijs/boom to 4.2.0 from 4.0.0
#3381
problems with Promise error handling in plugin registration
#3380
Ensure Boom objects can be reused - Fix for issue #3378
#3378
Server fails to reuse Boom object
#3372
Allow HTTPS long poll requests
#3369
Deprecation Warning in Node v7.0.0 for call to os.tmpDir
#3368
change deprecated os.tmpDir call to os.tmpdir
#3359
Shrinkwrap fails with hapi version 15.1.1
#3358
fix server not propagating errors on prehandler(promise) + handler error (#3242)
#3347
Major performance issue with hapi.js 15.x
#3242
Using promises in prehandlers causes exceptions to be swallowed in handlers.
15.2.0
#3366
Update hapijs/subtext to 4.3.0 from 4.2.2
#3355
Update hapijs/wreck to 10.0.0 from 9.0.0
#3354
Update hapijs/subtext to 4.2.2 from 4.2.1
#3352
npm shrinkwrap produces error with hapi
#3351
Fix subtext shrinkwrap
#3051
payload output inconsistent for single payload vs multipart
15.1.0
#3350
Conditional plugin connection-less mode
#3342
Update hapijs/shot to 3.3.2 from 3.3.1
#3341
Update hapijs/shot to 3.3.2 from 3.3.1
#3339
Restore npm-shrinkwrap.json to package. Closes #3338
#3338
`npm-shrinkwrap.json` not included in published `hapi` package
15.0.3
#3332
Update hapijs/podium to 1.2.3 from 1.2.1
#3330
Events not emitted when route handler throws
15.0.2
#3325
Allow initializing server without connections
#3324
Verify plugin dependencies for connections added after initialize() or start()
15.0.0
#3323
15.0.0 Release Notes
#3322
Bump hapijs/boom version to 4.0.0 from 3.2.2
#3320
Update hapijs/boom to 4.0.0 from 3.2.2
#3318
Update hapijs/statehood to 5.0.0 from 4.0.3
#3317
Update hueniverse/iron to 4.0.3 from 4.0.2
#3316
Update hapijs/wreck to 9.0.0 from 8.0.1
#3315
Update hapijs/call to 3.0.3 from 3.0.2
#3314
Update hapijs/ammo to 2.0.2 from 2.0.1
#3313
Expose request to server.encode() and decode() generators
#3308
Response validation custom handler
#3307
Update hapijs/shot to 3.3.1 from 3.1.1
#3306
Disable request getLog() by default
#3304
Errors when reply.continue() is called with an non-auth argument
#3303
Error when reply() is called with a third argument (non-auth)
#3302
Access to scope errors list from a Forbidden error
#3300
Support custom content-type payload decoders
#3299
Update hapijs/subtext to 4.2.0 from 4.0.5
#3298
Allow extending server encoding support
#3296
Custom events
#3295
server.register callback handling does not enforce process.nextTick
#3294
Replace node's EventEmitter interface
#3292
The "Vary: accept-encoding" header is not always set
#3291
Ensure that 206 responses are never compressed
#3275
Support for route authorization
#3243
Content type charset handling
#3237
Set response status message.
#3227
Set route validation bind context
#3214
Support failAction function on validation response failures
#3201
handle more types of promise rejection, for #3102
#3194
output validation error pass source along
14.2.0
#3286
Support unmodified early return
14.1.0
#3277
Route config function
14.0.0
#3272
14.0.0 Release Notes
#3271
hapi 13.5.1 (and 13.5.2) break if routes still use joi 8.x
13.5.2
#3249
Update hapijs/catbox to 7.1.2 from 7.1.1
13.5.1
#3270
Update hapijs/topo to 2.0.2 from 2.0.1
#3269
Update hapijs/wreck to 8.0.1 from 7.2.1
#3268
Update hapijs/vise to 2.0.2 from 2.0.1
#3267
Update hapijs/nigel to 2.0.2 from 2.0.1
#3266
Update hapijs/b64 to 3.0.2 from 3.0.1
#3265
Update hapijs/pez to 2.1.2 from 2.1.1
#3264
Update hapijs/context to 3.0.2 from 3.0.1
#3263
Update hapijs/subtext to 4.0.5 from 4.0.3
#3262
Update hapijs/statehood to 4.0.3 from 4.0.1
#3261
Update hapijs/shot to 3.1.1 from 3.1.0
#3260
Update hapijs/peekaboo to 2.0.2 from 2.0.1
#3259
Update hapijs/mimos to 3.0.3 from 3.0.2
#3258
Update hapijs/kilt to 2.0.2 from 2.0.1
#3257
Update moment/moment to 2.14.1 from 2.13.0
#3256
Update hapijs/isemail to 2.2.1 from 2.1.0
#3255
Update hapijs/joi to 9.0.4 from 8.1.0
#3254
Update hapijs/items to 2.1.1 from 2.1.0
#3253
Update hueniverse/iron to 4.0.2 from 4.0.1
#3252
Update hapijs/heavy to 4.0.2 from 4.0.1
#3251
Update hapijs/cryptiles to 3.0.2 from 3.0.1
#3250
Update hapijs/catbox-memory to 2.0.3 from 2.0.2
#3248
Update hapijs/call to 3.0.3 from 3.0.2
#3247
Update hapijs/ammo to 2.0.2 from 2.0.1
#3246
Update hapijs/hoek to 4.0.2 from 4.0.0
#3245
Update hapijs/boom to 3.2.2 from 3.2.0
#3244
Update hapijs/accept to 2.1.2 from 2.1.1
13.5.0
#3206
override default cache headers for error pages
#3178
Handle thrown error from res.setHeader() and res.writeHead()
#3174
Fixes #3155 - Calling reply without a payload on a JSONP route throws
13.4.2
#3228
Update hapijs/call to 3.0.2 from 3.0.1
#3216
Update hapijs/shot to 3.1.0 from 3.0.1
13.4.1
#3173
Update hapijs/nigel to 2.0.1 from 2.0.0
#3172
Update hapijs/b64 to 3.0.1 from 3.0.0
#3171
Update hapijs/pez to 2.1.1 from 2.1.0
#3170
Update hapijs/subtext to 4.0.3 from 4.0.1
#3169
Update hapijs/statehood to 4.0.1 from 4.0.0
#3168
Update hapijs/peekaboo to 2.0.1 from 2.0.0
#3167
Update hapijs/mimos to 3.0.1 from 3.0.0
#3166
Update hapijs/kilt to 2.0.1 from 2.0.0
#3165
Update hapijs/isemail to 2.1.0 from 2.1.2
#3164
Update hueniverse/iron to 4.0.1 from 4.0.0
#3163
Update hapijs/cryptiles to 3.0.1 from 3.0.0
#3162
Update hapijs/catbox-memory to 2.0.2 from 2.0.1
#3161
Update hapijs/catbox to 7.1.1 from 7.1.0
#3160
Update hapijs/call to 3.0.1 from 3.0.0
#3159
Update hapijs/boom to 3.2.0 from 3.1.3
#3158
Update hapijs/ammo to 2.0.1 from 2.0.0
#3157
Update hapijs/topo to 2.0.1 from 2.0.0
#3156
Update hapijs/wreck to 7.2.1 from 7.2.0
#3121
allow array as valid validate config on headers, params, query and payload
#3119
Support [] as payload validation
13.4.0
#3147
Pass original validation error if boom
#3146
Update hapijs/wreck to 7.2.0 from 7.0.2
#3145
Update hapijs/vise to 2.0.1 from 2.0.0
#3144
Update hapijs/content to 3.0.1 from 3.0.0
#3143
Update jshttp/mime-db to 1.23.0 from 1.22.0
#3142
Update moment/moment to 2.13.0 from 2.12.0
#3141
Update hapijs/joi to 8.1.0 from 8.0.4
#3140
Update hapijs/items to 2.1.0 from 2.0.0
#3139
Update hapijs/hoek to 4.0.0 from 3.0.4
#3138
Update hapijs/heavy to 4.0.1 from 4.0.0
#3137
Update hapijs/boom to 3.1.3 from 3.1.2
#3136
Update hapijs/accept to 2.1.1 from 2.1.0
#3115
Update hapijs/pez to 2.1.0 from 2.0.1
#3111
Update hapijs/subtext to 4.0.1 from 4.0.0
13.3.0
#3107
Permit validation on any payload type
#3068
Fast server shutdown
13.2.2
#3101
Auth entity error reports the wrong credential type used
13.2.1
#3044
Enable disabling cache-control headers
#2979
`.charset(charset)` doesn't work on its own in ext
13.1.0
#3083
Allow provisioning server cache after construction
#3082
Update hapijs/wreck to 7.0.2 from 7.0.0
#3081
Update hapijs/shot to 3.0.1 from 3.0.0
#3080
Update jshttp/mime-db to 1.22.0 from 1.20.0
#3079
Update moment/momemt to 2.12.0 from 2.11.0
#3078
Update hapijs/joi to 8.0.4 from 7.1.0
#3077
Update hapijs/boom to 3.1.2 from 3.1.1
#3069
Pass through cookie options when calling reply.unstate()
#3057
Don't re-initialize the server
#3042
Moment - Regular Expression Denial of Service
#3015
Can not change/remove the "accept-ranges" response header
#3014
Update JSON response stringify for better performance
13.0.0
#3040
13.0.0 Release Notes
#3039
Update hueniverse/iron to 4.0.0 from 3.0.1
#3038
Update hapijs/statehood to 4.0.0 from 3.1.0
12.1.0
#3018
Allow auth strategies to expose an api
12.0.1
#3013
Fix hapijs/shot dependency
12.0.0
#3012
Update hapijs/catbox to 7.1.0 from 7.0.0
#3011
Update hapijs/shot to 3.0.0 from 2.0.1
#3010
Update jshttp/mime-db to 1.20.0 from 1.19.0
#3009
Update moment/moment to 2.11.0 from 2.10.6
#3008
Update hapijs/isemail to 2.1.0 from 2.0.0
#3007
Update hapijs/joi to 7.1.0 from 7.0.0
#3006
Update hapijs/hoek to 3.0.4 from 3.0.0
#3005
Update hapijs/boom to 3.1.1 from 3.0.0
#3004
Update hapijs/accept to 2.1.0 from 2.0.0
#3002
Remove request.session and request.auth.session placeholders
#3001
Update hapijs/statehood to 3.1.0 from 3.0.0
#3000
Return a promise when callback missing
#2999
Support required scope with + prefix
#2998
Support multiple access combinations per route
#2994
Dynamic scope does not work with auth.default()
#2993
Support forbidden scope with ! prefix
#2992
Normalize auth scope and entity settings under new access option
#2988
Handle invalid date exceptions
#2985
12.0.0. Release Notes
#2983
Update hapijs/subtext to 4.0.0 from 3.0.1
#2972
Add validation check for stripUnknown route response option
#2966
request.raw.res.end() method is called twice
#2957
nameless cookie causing hapi fail parsing
#2936
Expose origin matching status
#2886
Add entire auth object to validation context options
11.1.4
#2990
Fix cors config cascade. Closes #2980
#2980
Route level CORS config overrides connection level defaults
11.1.3
#2987
Catch invalid date exceptions
11.1.2
#2953
Tests for issue #2950
#2950
Access-Control-Expose-Headers response header duplicate values
#2940
Fails to set a global route auth config
11.1.1
#2944
Update hapijs/subtext to 3.0.1 from 3.0.0
#2931
Lookup route during OPTIONS by using request.info.hostname. Closes #2930
#2930
Route not correctly looked up during CORS OPTIONS request when using vhost
11.1.0
#2929
Allow setting request app and plugins via inject
#2928
Support per-request decoration
11.0.5
#2894
CORS headers to include 'Origin'
11.0.4
#2923
Update hapijs/vise to 2.0.0 from 1.0.0
#2922
Update hapijs/nigel to 2.0.0 from 1.0.1
#2921
Update hapijs/pez to 2.0.1 from 1.0.0
#2920
Update hapijs/context to 3.0.0 from 1.0.2
#2919
Update hapijs/subtext to 3.0.0 from 2.0.2
#2918
Update hapijs/statehood to 3.0.0 from 2.1.1
#2917
Update hapijs/shot to 2.0.1 from 1.7.0
#2916
Update hapijs/qs to 6.0.0 from 5.2.0
#2915
Update hapijs/peekaboo to 2.0.0 from 1.0.0
#2914
Update hapijs/mimos to 3.0.0 from 2.0.2
#2913
Update hapijs/kilt to 2.0.0 from 1.1.1
#2912
Update hueniverse/iron to 3.0.1 from 2.1.3
#2911
Update hapijs/heavy to 4.0.0 from 3.0.1
#2910
Update hapijs/cryptiles to 3.0.0 from 2.0.5
#2909
Update hapijs/catbox-memory to 2.0.1 from 1.1.2
#2908
Update hapijs/isemail to 2.0.0 from 1.2.0
#2907
Update hapijs/topo to 2.0.0 from 1.1.0
#2906
Update hapijs/joi to 7.0.0 from 6.8.1
#2905
Update hapijs/catbox to 7.0.0 from 6.0.0
#2904
Update hapijs/call to 3.0.0 from 2.0.2
#2903
Update hapijs/ammo to 2.0.0 from 1.0.1
#2902
Update hapijs/accept to 2.0.0 from 1.1.0
#2901
Update hapijs/wreck to 7.0.0 from 6.2.0
#2900
Update hapijs/b64 to 3.0.0 from 2.0.1
#2899
Update hapijs/items to 2.0.0 from 1.1.0
#2898
Update hapijs/boom to 3.0.0 from 2.9.0
#2897
Update hapijs/hoek to 3.0.1 from 2.16.3
11.0.3
#2885
Update hapijs/subtext to 2.0.2 from 2.0.1
#2877
Replace all functions inside functions with arrow functions
#2875
Style change: replace for(i, il) with length in test
#2874
Replace var with let
#2873
Use const where possible
#2872
Add strict mode
#2870
Fix empty content-length handling for gzip and 204 responses
#2869
Gzip compression is skipped when content-length is unknown
#2868
CORS: Is 404 on OPTIONS request the right thing to do?
#2867
Skip extensions for notFound and badRequest
#2862
Update hapijs/subtext to 2.0.2 from 2.0.0
11.0.2
#2866
Fixed an issue with mixed-case headers not being matched correctly in CORS
#2852
request.params undefined when route not found
11.0.1
#2859
Add error messages to 404's caused by cors closes #2857
#2858
Add 'Accept' to default header per #2855
11.0.0
#2850
11.0.0 Release Notes
#2849
Add 204 to statuses cached by default
#2848
Allow response validation of non-objects
#2847
Update hapijs/qs to 5.2.0 from 4.0.0
#2845
Allow empty response to default to 204
#2840
CORS route-specific override can conflict with connection defaults
#2814
Remove server.after()
#2807
Remove id from request received event
10.5.0
#2844
Server new route event
#2829
Expanded `registrations` API. Added test. Updated docs.
#2491
CORS pre-fetch not respecting per-route config
10.4.1
#2836
Update hapijs/heavy to 3.0.1 from 3.0.0
10.4.0
#2828
Update hapijs/shot to 1.7.0 from 1.6.1
#2827
Enhance server.ext() to accept an array of event objects
#2826
Update hapijs/topo to 1.1.0 from 1.0.3
#2824
request.info.host - Host header wrong in server.inject
#2823
Skip empty extension points in request lifecycle
#2822
Plugin schema too restrictive
#2819
Replace single connection server decorations with assertions
#2818
Support plugin level once attribute
#2566
Lifecycle hooks on routes
10.3.0
#2754
Add connections inside a plugin
10.2.1
#2817
Multiple connectionless plugin exceptions
10.2.0
#2815
Cleanup after() options
#2813
Update server root methods when adding 2nd connection
#2812
Prevent adding server extensions once initialize() is called
#2811
Support connectionless plugins
#2809
Return plugin dependency errors via callback instead of throwing
#2808
Pass start() and initialize() errors via callback, not throw
#2806
Update hapijs/isemail to 1.2.0 from 1.1.1
#2805
Update hapijs/joi to 6.8.0 from 6.6.1
#2804
Apply arguments schema more consistently
#2796
don't duplicate accept-encoding in vary header
#2790
Add cache stats to server methods
#2788
Option to turn off domains
#2777
Public API for Registered Plugins
#2773
Detects and rejects malformed response headers
#2763
get cache stats for a server method?
#2761
Conditional register() for skipping already registered plugins
#2736
Stopping the server while starting it
#2733
CORS Headers
#2352
setting undefined headers on transmit
#1850
Set per-plugin registration options when registering an array of plugins
10.1.0
#2787
Update hapijs/wreck to 6.2.0 from 6.1.0
#2786
Update hapijs/b64 to 2.0.1 from 2.0.0
#2785
Update hapijs/shot to 1.6.1 from 1.6.0
#2784
Update jshttp/mime-db to 1.19.0 from 1.18.0
#2783
Update hapijs/hoek to 2.16.3 from 2.14.0
#2782
Update hapijs/cryptiles to 2.0.5 from 2.0.4
#2776
Add preload flag to HSTS header and fix casing for includeSubDomains.
#2505
request.state occasionally null
10.0.1
#2779
Flaky test? "Request does not return an error when server is responding when the timeout occurs"
10.0.0
#2765
node v4
#2764
10.0.0 Release Notes
9.5.1
#2989
Handle Date parsing error
9.4.1
#2835
hapi-lts requiring node 4 and no updates to hapi 9?
9.4.0
#2834
9.4.0 LTS
9.3.1
#2760
Decorators fail with nested require calls
9.3.0
#2757
Require allowInternals option on server.inject() to call isInternal routes
9.2.0
#2756
Expose route active authentication configuration
#2755
Update jshttp/mime-db to 1.18.0 from 1.17.0
9.1.0
#2750
Route config for internal access only routes
9.0.4
#2739
Updated error when calling server.start with no callback
#2727
Decorations not propagated to sibling plugins
9.0.3
#2725
Update hapijs/catbox-memory to 1.1.2 from 1.1.1
#2723
Tape and server.inject problem
9.0.2
#2717
Update jshttp/mime-db to 1.17.0 from 1.16.0
#2714
Setting server method cache generateTimeout to false results in error
9.0.1
#2699
npm install hapi misses wreck sub-dependency
9.0.0
#2718
Breaking change with query string validation from 8.6.0 to 9.0.2
#2698
Update hapijs/content to 1.0.2 from 1.0.1
#2697
Update moment/moment to 2.10.6 from 2.10.3
#2696
Update hapijs/joi to 6.6.1 from 6.4.1
#2695
Update hueniverse/iron to 2.1.3 from 2.1.2
#2694
Update hapijs/call to 2.0.2 from 2.0.1
#2693
Update hapijs/boom to 2.8.0 from 2.7.2
#2692
Update hapijs/ammo to 1.0.1 from 1.0.0
#2691
Update hapijs/accept to 1.1.0 from 1.0.0
#2689
Update hapijs/subtext from 1.1.1 to 2.0.0
#2688
Add server.initialize()
#2687
Set plugin options in realm
#2686
Require callback in start() and end()
#2685
Allow server.ext() to extend server actions (start, stop)
#2684
Update hapijs/catbox to 6.0.0 from 4.3.0
#2683
Update jshttp/mime-db to 1.16.0 from 1.14.0
#2682
9.0.0 Release Notes
#2681
Remove server files settings
#2675
Update hapijs/shot to 1.6.0 from 1.5.3
#2673
304 response sends: no-cache regardless of routes.cache settings
#2665
Server breaks when using cached server method
#2662
Added schema validation when creating a server method using object
#2661
No longer removing response validation from route object if sample = 0
#2645
Add failing test for #2628
#2641
Vary accept-encoding header not always set for compressible content
#2628
Multiple etag problems with directory handler causing browser use outdated cached content.
#2626
Remove inert, h2o2, and vision from core
#2616
Strange behaviour with throw in handlers
#2576
Parsing requests with no payload
#2520
API wart: server.dependency after method lacks options
8.8.1
#2671
Update hapijs/topo to 1.0.3 from 1.0.2
#2670
Update hapijs/topo to 1.0.3 from 1.0.2
#2664
allow for proto inherit with Server ("instanceof" instead of "===")
#2663
internals.Server does not allow proto inheritance
#2657
`server.ext` dependencies not ordered using `before` as array
#2642
Failing test for `server.ext` with complex deps.
#2631
Update hapijs/inert to 2.1.6 from 2.1.5
8.8.0
#2627
Update hapijs/subtext to 1.1.1 from 1.1.0
#2625
Update hapijs/wreck to 6.0.0 from 5.5.1
#2623
Update hapijs/qs to 4.0.0 from 2.4.2
#2622
Support qs options in payload and query parsing
#2613
Update jshttp/mime-db to 1.14.0 from 1.11.0
#2612
Update hapijs/vision to 2.0.1 from 2.0.0
#2480
Ability to pass options to qs for payload parsing
8.7.0
#2587
Update hapijs/catbox to 4.3.0 from 4.2.2
8.6.1
#2586
Update hapijs/shot to 1.5.1 from 1.5.0
#2584
Update jshttp/mime-db to 1.11.0 from 1.10.0
#2583
Update hapijs/statehood to 2.1.1 from 2.0.0
8.6.0
#2573
allow returning a response object inside a promise
#2570
Added "error" event listener
8.5.3
#2571
Update hapijs/h2o2 to 4.0.1 from 4.0.0
#2569
Make sure auth filter passes on request auth artifacts when injecting, too
8.5.2
#2564
Auth error log should not report missing or try as error
8.5.1
#2555
fix dynamic scopes
#2554
Dynamic scope uses undefined request.payload
#2553
Update hapijs/hoek to 2.14.0 from 2.13.0
8.5.0
#2552
Update hapijs/wreck to 5.5.1 from 5.2.0
#2551
Update jshttp/mime-db to 1.10.0 from 1.9.1
#2550
Update moment/moment to 2.10.3 from 2.9.0
#2549
Update hapijs/joi to 6.4.1 from 6.0.8
#2548
Update hapijs/hoek to 2.13.0 from 2.11.1
#2547
Update hapijs/boom to 2.7.2 from 2.6.1
#2546
Update hapijs/inert to 2.1.5 from 2.1.4
#2545
Update isaacs/node-lru-cache to 2.6.4 from 2.5.0
#2544
Retain content-length header for HEAD requests
#2538
closes #2480: Ability to pass options to qs for payload parsing
#2532
Dynamic authentication scopes
#2509
Update jshttp/mime-db to 1.9.1 from 1.7.0
#2503
Update hapijs/shot to 1.5.0 from 1.4.2
#2502
Fix Hapi Issue #2501, pass on auth artifacts object in server.inject
#2501
server.inject does not allow me to set auth artifacts, only auth credentials
#2481
Feature: server.decorate('request' ... )
#2472
Update hapijs/qs to 2.4.2 from 2.4.0
8.4.0
#2470
JSONP requests not always returning wrapped response
#2469
Update hapijs/qs to 2.4.0 from 2.3.3
#2468
Proxy handler not forwarding request payload
#2465
Update hapijs/catbox to 4.2.2 from 4.2.1
#2464
Update hapijs/joi to 6.0.8 from 6.0.5
#2463
Update shrinkwrap to joi 6.0.7
8.3.1
#2461
Missing dependency in 8.3
8.3.0
#2459
Fix for node 0.10 for changes in #2429
#2457
Update hapijs/inert to 2.1.4 from 2.1.3
#2455
Update hapijs/shot to 1.4.2 from 1.4.1
#2454
Update moment/moment to 2.9.0 from 2.8.4
#2453
Update hapijs/joi to 6.0.5 from 5.0.2
#2452
Update hapijs/hoek to 2.11.1 from 2.10.0
#2446
Update hapijs/wreck to 5.2.0 from 5.0.1
#2439
pass context to response schema validation
#2429
Fix for #2427
#2427
Issue uploading file with io.js or node > 0.11.6
#2423
Update mime-db to 1.7.0 from 1.6.1
#2420
Update hapijs/shot to 1.4.1 from 1.4.0
#2418
Add regex to allow leading $ and _
#2411
Update jshttp/mime-db to 1.7.0 from 1.6.1
#2405
Support inline dependencies on plugins
#2402
Improved validation of route method label
#2401
Method name RegExp
#2382
Return explicit error when trying to stream a non-Readable stream
#2368
response.streamify assumes stream has attribute _readableState
#2332
Replacing plugin.dependency() with attributes key
#2326
request-error logged before `onPostHandler` or `onPreResponse`
8.2.0
#2398
Update hapijs/inert to 2.1.3 from 2.1.2
#2397
throw when attaching route handlers without a connection
#2396
Inert 2.1.3 update
#2395
Update jshttp/mime-db to 1.6.1 from 1.5.0
#2392
No Payload Validation
#2374
Server methods context not available in route prerequisites
#2373
Update hapijs/inert to 2.1.2 from 2.1.0
#2372
inert 2.1.2
#2370
Add xss protection to validation response
#2367
Update hapijs/inert to 2.1.0 from 2.0.0
#2366
Update hapijs/catbox to 4.2.1 from 4.2.0
#2363
Refuse to handle incoming request after server is stopped
#2362
Don't respond to connections until listening is started
#2359
Remove '{}' payload from cors OPTIONS response
#2355
Fix table labels
#2354
Update API.md for inert 2.1.0
#2347
Improve error message when validation.payload is set but type is GET
#2309
Fixes #2308 by logging boom error object instead of just message
#2308
Logging boom errors from handlers should send boom error to log not just message
8.1.0
#2335
Expose the request object in inject()
#2331
Revise range tests to not depend on the inert module
#2324
Remove catch call for promise replies
#2323
Promise support
#2316
Update jshttp/mime-db to 1.5.0 from 1.3.1
#2302
allow replying with a stream as returned by node core http client methods
#2301
can't reply with stream returned by node core http client methods
#2300
Bumped mime-db version
#2291
external listener protocol issue
#2277
Fix invalid response for empty reply() (v8.x regression)
8.0.0
#2271
Update jshttp/mime-db to 1.3.0 from 1.2.0
#2270
Update hapijs/boom to 2.6.1 from 2.6.0
#2269
Update hapijs/shot to 1.4.0 from 1.3.5
#2268
Update hapijs/joi to 5.0.2 from 5.0.0
#2264
How to blacklist all routes to use a plugin config?
#2262
Change server.table() result from object to array
#2255
Throw when calling reply() with objectMode stream
#2249
Add 'uri' connection option
#2247
Split debug settings per event type
#2246
plugin dependencies error message changed
#2244
Fix reply.continue() in prerequisite. Closes #2243
#2243
Fix reply.continue() in prerequisite.
#2242
Uncaught error: Cannot read property 'isBoom' of null in hapi/lib/handler.js
#2241
Remove string notation method logging when cache not setup
#2240
Cached method in string notation bypasses cache
#2238
Conditional Validation Rules based on Auth
#2237
Support bare server (no files, proxy, views)
#2235
Expose realm as public interface
#2234
Support views in auth schemes
#2233
Populate connection.info.uri before start when port 0
#2231
Change request.route to a wrapper object containing settings
#2230
Replace server.config with server.realm.modifiers
#2229
plugin.expose() only sets server.plugins, not connection.plugins
#2228
Update hapijs/joi to 5.0.0 from 4.9.0
#2227
Update moment to 2.8.4
#2226
When using string shorthand in pre it does not provide reply interface
#2224
Cleanup connection.info settings and introduce 'address' config
#2220
A method to test a string against the routes table
#2219
Update hapijs/hoek to 2.10.0 from 2.9.0
#2217
Disable scope checking on a route
7.5.3
#2290
Update hapijs/inert to 1.1.1 from 1.1.0
7.5.2
#2123
Upgrade hoek to 2.9.0
7.5.1
#2120
TypeError: Cannot read property 'get' of undefined
7.5.0
#2105
Added ability to pass option into unstate.
#2068
it is not possible to unstate a cookie that was stated with options
#1916
Temp file is not deleted when request is aborted by client
7.4.0
#2108
Upgrade qs to version 2.3.2
#2107
Upgrade mime-db to 1.1.2
#2100
Global view context.
#2027
JPG vs jpg
7.3.0
#2098
Catbox 4.1
7.2.0
#2069
Isolate server in its own pack
#2061
Second phase of server/pack/plugin refactor
#2057
Pack refactor
#2056
Enhance Pack to have the full plugin API directly
#2055
Move plugin dependency validation to start()
#2054
Move composer logic to glue
7.1.1
#2046
Fix shrinkwrap
7.1.0
#2039
Added npm-shrinkwrap
7.0.1
#2038
Move cli logic to rejoice
#2036
Move lru-cache to inert
#2035
lab 5.0 features. Closes #2034
#2034
Lab 5.0
#2029
Fixes #2028. Updated error message for invalid scope to explain that any of the specified are sufficient
#2028
Improve error message when auth scope is insufficient
#2024
Resolve undefined environment variables to the empty string in the cli.
7.0.0
#2023
7.0.0 Release Notes
#2022
Spin off file and directory to inert
#2021
Override server files.relativeTo config per route
#2020
h2o2 2.0
#2019
Catbox 4.0
#2017
Initial 7.0 changes
#2016
Remove $env support from pack.compose()
#2011
Hapi should not override `cache-control` header if it's manually set by user's code
#2007
Remove server views config
#1960
Remove support for tos authentication setting
#1955
Use environment variables in CLI configuration json file
#1954
Remove support for catbox getOrGenerate()
#1941
Remove route from handler registration arguments
#1913
Change proxy localStatePassThrough setting default to false
6.11.1
#2010
Heavy
#2009
Setting event loop delay max lower than sample interval leads to false positive
#2008
Break load handler implementation into separate module
#2002
show route method in error message
6.11.0
#2005
Replace negotiator
#2004
Default accept-encoding '*' to 'identity', not 'gzip'
#2001
Keep the options of server.inject untouched #2000
#1995
Adding route with multiple methods overrides route config
#1984
All non 200 responses get cache-control=no-cache header
#1845
Replace negotiator
6.10.0
#1998
Migrate payload parsing to subtext with multipart support via pez
#1997
Allow payload parsing timeout override per route
#1996
Apply payload failAction to maxBytes and invalid content type
#1993
Replaced optimist with bossy
#1928
Handle empty or falsy charset in response
#1923
Replace multiparty
#1843
Replace optimist
6.9.0
#1973
Move proxy decorations to h2o2
#1972
Move view decorations to vision
#1969
Move mime to mimos
#1968
Vision / Mimos
#1967
Move views code to vision
#1959
Fix server/plugin ext views conflict
#1958
Move proxy handler to h2o2
#1957
Move proxy handler to h2o2
#1956
Fix Content-Type overriding
#1944
Move router to Call
#1943
Move routing login out to call
#1934
Fix non-spec compliant Last-Modified header in response
#1932
handle empty CORS expose-headers header response
#1924
Unable to provide views override in onPreResponse
6.8.1
#1922
Handle server methods without cache as special case
6.8.0
#1935
server.method breaking change
#1919
Log method pre string notation
#1917
Log cache info when using server method short hand calls
#1915
Issue/1911
#1914
catbox 3.2
#1911
Exclude configured cookies from proxy passthrough
#1905
Replaced mime-type with mime.
#1890
Use mime-db
#1889
Upgrade to wreck v5
#1888
Upgrade to Wreck v5
#1828
Disable compression on file types already compressed (png, jpg)
6.7.1
#1885
Handler timeout with onPreResponse asserts on bad protect
6.7.0
#1884
Improve protect logging
#1881
update qs dependency
6.6.0
#1878
Rename private route members
#1877
Move state.js to statehood module
#1875
Session scope does not match one to many auth.scope on route.
#1871
Switch to wreck
#1863
Allow agent to be set on proxy options and passed into Nipple.
#1858
Fix typo in defaults.js
#1856
Allow view options override on handler object
6.5.1
#1857
Manifest validation tests server config before defaults applies
6.5.0
#1851
Updated route documentation.
#1844
Replace async
#1842
Lab 4.00
#1840
No longer possible to load caches using CLI?
#1835
server.state ttl must be a number
#1832
Replace mime with mime-type
#1822
Added joi validation to manifest.
#1795
request.server._views in plugin
#1722
Validate compose manifest
6.4.0
#1831
Upgrade to qs 1.0.0
#1810
set X-Content-Type-Options to nosnif for jsonp responses
6.3.0
#1827
Cannot call setTimeout with non-integer msec value
#1826
Support cache generateTimeout setting
6.2.2
#1820
Rename spumko to hapijs
6.2.1
#1801
Stale dependencies
6.2.0
#1790
Expose authentication mode
#1767
plugin.location
6.1.0
#1788
Last-Modified comparison needs to account for 1 second precision
#1783
Change etag when content-encoding is used
#1782
server.inject() res.result does not reflect actual payload sent on 304/204
#1781
Send empty payload on 204
#1778
Do not create a duplicate Content-Type header on proxy passthrough
#1777
Duplicated "Content-Type" header on proxy requests
#1776
Proxy pass-through with onResponse fails to preserve vary header values
#1774
Style fixes
#1773
Windows path fails on trailing slash on view helpers
#1772
HEAD requests should retail etag header
#1771
Open open one file stream when using precompressed file
#1769
Plugin X missing dependency Y in server if manifest.plugins key order not carefully managed
#1766
prepend jsonp callbacks with a comment to prevent the rosetta-flash vulnerability
#1763
fixes #1755 - stripTrailingSlash doesn't work when query variables are used
#1762
fix content-type overriding issue #1760.
#1760
How can I set Content-Type header to the content generated from reply.view?
#1756
Follow coding conventions concerning semicolons; Don't initialize variab...
#1755
Server Options for Router: stripTrailingSlash doesn't work with query string
#1754
File handler to handle 206 Partial Content?
#1752
Adding helpful error message when pack.register is missing a callback
#1751
Calling pack.register without a callback has an unfriendly error
#1745
Add joi validation of pack options
#1733
log function should only emit once if _server object
#1728
6.x breaks plugin modules exporting functions
#1721
Validate pack options
#1676
Problem serving precompressed files with directory handler
#1407
Skip opening file or rendering view on head or 304
6.0.2
#1720
No way to handle root routes with `route: {prefix: '...'}`
#1719
Fixes undefined error in `plugin.dependency`
6.0.1
#1710
Buffer based passwords fail schema validation (6.0 regression)
6.0.0
#1841
Missing plugin error on migrating from 5.0 provides no useful information
#1708
Hapi 6.0 no longer invalidates auth strategy on registration of route
#1707
6.0.0 Release Notes
#1703
Catbox 3.0 and drop internal require support
#1701
MODULE_NOT_FOUND on Windows when requirePath is absolute
#1700
Change the order of actions when starting a pack
#1696
Non-Error auth err responses are ignored in try mode
#1695
Preserve auth error on try
#1694
Minor error tweaks
#1693
Enhance setting authentication defaults
#1692
Allow testing a request against any configured authentication strategy
#1691
V6.0
#1688
Bring back reply.redirect()
#1687
Don't log auth non-error responses with 'error' tag
#1679
Allow cookie-specific settings for failAction, strictHeader, and clearInvalid
#1678
Expose the location header logic
#1677
Enhance manifest format to support registration options (select, prefix, vhost)
#1675
Remove pack.list
#1674
Make plugin register() and dependency() selectable
#1673
Make plugin.events selectable
#1668
Delete 'Accept-Encoding' header on proxy requests
#1666
Allow loading different plugins (or same plugins) to different servers in pack
#1665
duplicate require calls in hapi/lib/views.js
#1664
Upgrading plugins to hapi 6.0 (preview)
#1663
Allow register to pre-select servers
#1662
Config clones bind, app, and plugins
#1661
View manager clones engines including modules
#1659
plugin.view() modifies options' basePath
#1658
Set route path prefix when loading plugin
#1656
Remove pack.require() and plugin.require()
5.1.0
#1581
Authentication throws are treated as valid reply()
#1579
Add option to remove trailing slashes to router
#1574
Document the best way to implement a 404 from the directory handler when using path callback
#1573
Server throttling controls do not log execution
#1508
Escaped error message with regex validation
#1477
proxy xforward option will set bad headers in some cases
5.0.0
#1645
5.0.0 Release Notes
#1644
request.params contains empty strings for missing optional params
#1643
Expose cross inputs as validation context
#1642
Cjihrig header validation
#1641
Upgrade to joi 4.x
#1640
Rename route `config.validate.path` to `config.validate.params`
#1639
Response validation modifies payload
#1622
Extend Hapi cli to enable loading a module before loading hapi
#1589
Added validation for request headers.
#1588
Validation for cookies and other headers
4.1.4
#1638
Unahndled Exception when a request is aborted
4.1.2
#1635
Remove reference to request in domain. Closes #1634
#1634
Request domain leaks request object
4.1.1
#1633
Rework domains to single entry
#1632
Clean response objects for aborted requests
#1619
Avoid async operations while protect is running
4.1.0
#1583
Support JSON-derived media types
#1461
Security headers
4.0.3
#1604
response emitter fails to retain custom event listeners once sent
#1597
Template helpers fail on relative paths
4.0.2
#1598
Throws when response does not have _close()
4.0.1
#1594
Can jsonp be optional?
#1591
Find better way to drain non file/socket stream than read()
#1590
RSS leak occurs when request does not read entire stream response
#1575
Precompile joi response validation
#1569
Move ext topo sort to its own module
#1567
allow defaultExtension
#1566
Precompile joi validation
4.0.0
#1560
4.0.0
#1559
joi 3.0
#1558
Change Hapi.utils.version() to Hapi.version and remove Hoek alias
#1554
coverage, closes #1524
#1551
add an insecureAgent when maxSockets is set, closes #1512
#1548
wip: fix windows bugs
#1547
Make certain that path is relative before joining it to relativeTo
#1524
Coverage after lab partial condition result coverage
#1521
Allow plugins to register handler types
3.1.0
#1541
Clarify that statusCode key of stream response passed in response
#1540
Pre-gzipped source stream not properly tested for being the active source
#1538
Passing Error objects can leak message in 500 response
#1536
maxEventLoopDelay fails to catch when load is too high to reach next sample interval
#1535
Cannot set maxSockets to node default
#1533
Proxy without passThrough fails to set cache-control header
#1532
Multipart payload to files with multiple files skips second file when large
#1531
pack.log() doesn't retain server debug false setting
#1530
plugin.method() should use method bind before plugin bind
#1525
expose filename and headers for streams in a multipart form
#1523
Question: How to validate payload with templated response properly ?
#1520
server.table() mis-documented, missing args, and route.table() is wrong
#1518
Server timeout config allows invalid values
#1517
Proxy handler payload config validation using incorrect variable
#1515
Coverage to 100% after lab logical statement support
#1514
Server allows duplicate lables
#1513
Authentication userland code not protected by domain
3.0.2
#1507
request.setUrl('') throws
3.0.1
#1503
plugin.method(name, fn, [options]) fails
1.19.3
#1161
Schema issues
1.19.2
#1160
Missing null test
1.19.1
#1159
Allow multiple provisions of the same segment per cache
1.11.1
#1067
Bug fix for loading ext auth scheme into multiple servers
#1065
plugin.auth fails to load the same ext into multiple servers
1.9.1
#1014
plugin.helper should be selectable
#1005
Improve server constructor argument validation error reporting
#1003
Ensure request.response function exists before response event
#1001
Pack event handlers now support correct args
1.6.2
#906
Proxy requests are closed when server response already sent
1.0.3
#823
Issue/822
#822
JSONP doesn't seem to be working
#818
Tiny composer documentation fix
#817
Payload bugfix for PATCH method
#814
Fixed jade compile issues and updated tests to verify fix.
#804
Remove restriction on params in path for static file handler
1.0.2
#815
Using TLS settings with Buffer
#813
text/* content-type always echo back the received content
1.0.1
#811
Does not work with formidable 1.0.14
0.15.8
#723
Global autoValue cookie overwrites other cookies
#722
Proxy shares cookies across different sessions
0.15.7
#717
Auto cookie value
0.15.3
#677
Fix ext() with function array bug
0.13.2
#474
0.13.2
#472
Fix matching of wildcard path param with trailing /
#471
/{p*} doesn't match /path/
#466
Directory listing at top level folders now link correctly
#465
directory list using the directory handler produces wrong URLs
#464
index option for directory module doesn't work on subdirs
#463
Typo: req.session.used -> req.session.user
0.13.1
#467
0.13.1 Change pack package.json version location
0.11.2
#370
Support 'Access-Control-Allow-Credentials'
0.11.1
#366
Stream response not calling Headers.cors, location, or cache
#365
Stream response always passing proxy headers through
#364
Proxy handler doesn't set default value for passThrough settings
0.8.3
#212
Adding proxy tests and doing a little refactoring
#211
Cache tests, Fix response processing header order
#201
Document proxy handler interface
#185
Turn cache memory strategy into a useful feature
0.8.2
#210
0.8.2
#209
Tests
#207
Error refactor, custom error support (passThrough)
#206
Fixing issue with error responses being cached + test
0.8.1
#204
Add postResponse method to proxy
#200
Fix tls config settings
#191
Pass all TLS options to createServer
0.8.0
#193
Support for gzip'd payloads
#183
Cache segment validation
#172
Check if Redis and MongoDB are ready before running tests
#165
Add route response validation to endpoint documentation
#164
Server helpers, initial response validation, Mongo support
0.6.0
#102
v0.6.0 merge
#101
modified new validation fns to use Utils.assert
#100
New Query Validation Fns Added
#99
Simplified request log interface
#96
Small utils
#94
debug interface, log interface
#93
fix error on subsequent url accesses for queryval
#92
Fix example
#91
QueryValidation fixes, add default behavior for unspecified params, added small tests
#63
Added in SSL cert passphrase to https server creation from settings.