Faye v1.4.0 Release Notes

Release Date: 2020-07-31 // over 1 year ago
    • 0️⃣ Implement TLS certificate verification and enable it by default in the Ruby client class Faye::Client
    • ➕ Add a :tls option to the Ruby client with sub-field :verify_peer for configuring TLS verification
    • 👍 Officially support the tls option in the Node.js client, whose contents are forward to the https and tls modules as appropriate

Previous changes from v1.3.0

    • 👌 Support user:[email protected] authorization in URIs and send Authorization headers from the Node HTTP transport
    • 👌 Support IPv6 hostnames in URIs
    • 👍 Allow credentials (cookies and Authorization headers) in cross-origin requests, by:
      • setting Access-Control-Allow-Origin to the value of the Origin header (not *)
      • enabling Access-Control-Allow-Credentials
    • Enable credentials when sending cross-origin requests
    • Don't disconnect WebSocket on page unload if autodisconnect is turned off
    • 🔒 Catch errors when creating a WebSocket, which happens when Content Security Policy blocks it, allowing other transports to be tried
    • 🛠 Fix a bug in the client where it handles messages from other clients as though they're the server's response to its own messages, based on the id field; now we only treat messages as server responses if they contain successful: true
    • Stop sending an empty message list [] from the WebSocket client as a keep-alive mechanism since CometD does not accept this message
    • 🛠 Fix deprecation warnings for using the new Buffer() constructor
    • Switch to the Apache 2.0 license