The 4.14.0 minor release is a bunch of bug fixes, performance improvements, and minor feature additions. The most salient points are listed below.
This version onwards, Express supports Node.js 6.x.
res.sendFile
now accepts two new options, acceptRanges
and cacheControl
.
You can use acceptRanges
, which defauts to true
, to enable or disable accepting ranged requests. Disabling it will not send Accept-Ranges
and ignore the contents of the Range
request header.
cacheControl
, which defaults to true
, can be used to enable or disable setting Cache-Control
response header. Disabling it will ignore the maxAge
option.
res.sendFile
has also been updated to handle Range
header and redirections better.
res.location
and res.redirect
will now URL encode the URL, if it is not already.
You will notice great improvement in the performance of res.json
and res.jsonp
in most cases.
Apart from a number of improvements in the cookie module, it now adds a sameSite
option to let you specify the SameSite cookie attribute.
Note that, the SameSite
cookie attribute is an attribute that has not yet been fully standardized, and may change in the future. This also means many clients may ignore this attribute until they understand it.
The possible value for the sameSite
option are:
true
, which sets the SameSite
attribute to Strict
for strict same site enforcement.false
, which does not set the SameSite
attribute.'lax'
, which sets the SameSite
attribute to Lax
for lax same site enforcement.'strict'
, which sets the SameSite
attribute to Strict
for strict same site enforcement.Absolute path checking on Windows, which was incorrect for some cases, has been fixed now.
IP address(es) resolution with proxies has been greatly improved.
The req.range
options object now includes a combine
option (false
by default), which when true
, combines overlapping and adjacent ranges and return as if they were specified that way in the header.
For a complete list of changes in this release, you can refer to its entry in History.md.