ProHoster > Ibhulogi > iindaba ze-intanethi > Ukukhutshwa kwe-nginx 1.19.3 kunye ne-njs 0.4.4

Ukukhutshwa kwe-nginx 1.19.3 kunye ne-njs 0.4.4

Yakhiwe ukukhululwa phezulu XLUMX, apho uphuhliso lwezakhono ezitsha luqhubeka (ngokuhambelanayo oluxhaswayo oluzinzileyo isebe 1.18 Kuphela kutshintsho olunxulumene nokupheliswa kweempazamo ezinzulu kunye nobuthathaka olwenziwayo).

Siseko utshintsho:

  • Imodyuli ibandakanyiwe ngx_stream_set_modyuli, ekuvumela ukuba unikeze ixabiso kuguquko

    umncedisi {
    mamela 12345;
    misela i-$ 1;
    }

  • Umyalelo wongeziwe iiflegi_zecookie_yommeli ukucacisa iiflegi zeeKuki kuqhagamshelo lweproxied. Umzekelo, ukongeza iflegi "httponly" kwiCookie "enye", kunye ne "nosecure" kunye ne "samesite=strict" iflegi kuzo zonke ezinye iikuki, ungasebenzisa olu lwakhiwo lulandelayo:

    i-proxy_cookie_flags enye http kuphela;
    i-proxy_cookie_flags ~ nosecure samesite=ngqongqo;

  • Umyalelo ofanayo umsebenzisiid_iiflegi ukongeza iiflegi kwiCookie ikwaphunyeziwe kwimodyuli ye-ngx_http_userid.

Ngaxeshanye yathatha indawo ukukhululwa Njs 0.4.4, umtoliki weJavaScript yomncedisi wewebhu we nginx. Itoliki ye-njs yenza imigangatho ye-ECMAScript kwaye ikuvumela ukuba wandise ukukwazi kwe-nginx ukucubungula izicelo usebenzisa izikripthi kuqwalaselo. Izikripthi zinokusetyenziswa kwifayile yoqwalaselo ukuchaza ingqiqo ephambili yokucubungula izicelo, ukuvelisa uqwalaselo, ukuvelisa ngokuguquguqukayo ukuphendula, ukuguqula isicelo / impendulo, okanye ngokukhawuleza ukudala i-stubs ukusombulula iingxaki kwizicelo zewebhu. Kwinguqulelo entsha:

  • Inkxaso eyongeziweyo yokwahlulwa okubonwayo kwamanani ngamanani (umzekelo, β€œ1_000”).
  • Kuphunyezwe iindlela ezishiyiweyo ze%TypedArray%.prototype: zonke(), filter(), fumana(), findIndex(), forEach(), ibandakanya(), indexOf(), lastIndexOf(), map(), nciphisa(), ukunciphisaRight (), umva (), ezinye ().
  • Kuphunyezwe iindlela ezingekhoyo ze-%TypedArray%: ukusuka(), ye().
  • Into yokuJonga idatha ephunyeziweyo.

    : >> (Ujongo lweDatha entsha(buf.buffer)).getUint16()
    : 32974

  • Into yesithinteli ephunyeziweyo.

    : >> var buf = Buffer.from([0x80,206,177,206,178])
    : engachazwanga
    : >> buf.slice(1).toString()
    : 'abe'
    : >> buf.toString('base64')
    : 'gM6xzrI='

  • Inkxaso yento yeBuffer eyongeziweyo kwindlela ye "crypto" kunye ne "fs", kwaye yaqinisekisa ukuba fs.readFile(), Hash.prototype.digest() kunye ne Hmac.prototype.digest() ibuyise umzekelo we Buffer into.
  • Inkxaso yeArrayBuffer yongezwe kwi-TextDecoder.prototype.decode() indlela.

umthombo: opennet.ru

Yongeza izimvo