bcd5581d20
fix(http): fixed a regression that caused the data stream to be interrupted for responses with non-OK HTTP statuses; ( #7193 )
2025-10-28 20:44:08 +02:00
d000fbfd07
fix(http2): fix possible race condition when handling http2 stream on almost timed out session by improving timeout out algorithm; ( #7186 )
2025-10-27 00:46:40 +02:00
d676df7722
feat(http): add HTTP2 support; ( #7150 )
2025-10-19 15:06:36 +03:00
54a1fcc1b6
docs: fix typos ( #7046 )
...
Found via `typos --hidden --format brief`
2025-09-19 15:01:16 +02:00
cf78825e12
fix(fetch): use current global fetch instead of cached one when env fetch is not specified to keep MSW support; ( #7030 )
2025-09-13 23:24:16 +03:00
945435fc51
fix(node): enforce maxContentLength for data: URLs ( #7011 )
...
* fix(node): enforce maxContentLength for data: URLs (pre-decode size check)- CVE-2025-58754
* feat(utils): add estimateDataURLDecodedBytes helper and fix duplicate condition in base64 padding check
* feat: add estimateDataURLDecodedBytes helper with tests
2025-09-10 15:08:43 +02:00
c959ff2901
feat(fetch): add fetch, Request, Response env config variables for the adapter; ( #7003 )
...
* feat(fetch): add fetch, Request, Response env config variables for the adapter;
* feat(fetch): fixed design issue for environments without fetch API globals;
2025-08-30 22:02:24 +03:00
a9f47afbf3
fix(fetch-adapter): set correct Content-Type for Node FormData ( #6998 )
...
* fix(fetch-adapter): set correct Content-Type for Node FormData
* Update lib/helpers/resolveConfig.js
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
* test(fetch): replace chai expect with Node assert
* fix: define formHeaders for FormData to resolve no-undef error
* fix: filter headers to only update the target headers
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
Co-authored-by: Jay <jasonsaayman@gmail.com >
2025-08-25 20:46:53 +02:00
2a9763426e
feat: support reviver on JSON.parse ( #5926 )
...
* test: test to support reviver on JSON.parse
* feat: support reviver for JSON.parse on parse response data
#5924
---------
Co-authored-by: Jay <jasonsaayman@gmail.com >
2025-08-12 09:34:42 +02:00
78b290c57c
feat(adapter): surface low‑level network error details; attach original error via cause ( #6982 )
...
* feat(adapter): surface low‑level network error details; attach original error via `cause`
Node http adapter:
- Promote low-level `err.code` to `AxiosError.code`, prefixing message (e.g. `ECONNREFUSED – …`)
- Keep original error on standard `Error.cause`
XHR adapter:
- Preserve browser `ProgressEvent` on `error.event`
- Use event message when available
Tests:
- Add Node ESM tests under `test/unit/adapters` to assert `code` and `cause` behavior
Types:
- Ensure `AxiosError.cause?: unknown` and `event?: ProgressEvent` are present
* fix(adapter): use fs instead of fs/promises for sync file read in tests to fix GitHub Actions
2025-07-30 09:57:27 +02:00
a2214ca1bc
fix: prevent RangeError when using large Buffers ( #6961 )
2025-07-15 20:18:24 +02:00
f7a3b5e0f7
fix(headers): fixed support for setting multiple header values from an iterated source; ( #6885 )
2025-04-23 19:24:08 +03:00
6c5d4cd692
fix(core): fix the Axios constructor implementation to treat the config argument as optional; ( #6881 )
2025-04-18 02:22:31 +03:00
1b1f9ccdc1
fix(headers): allow iterable objects to be a data source for the set method; ( #6873 )
2025-04-14 21:55:27 +03:00
80ea756e72
feat(AxiosHeaders): add getSetCookie method to retrieve set-cookie headers values ( #5707 )
...
* feat(AxiosHeaders): add getSetCookie method to retrieve set-cookie header values
* refactor(AxiosHeaders.js): use logical OR instead of nullish coalescing operator in getSetCookie method
---------
Co-authored-by: Willian Agostini <willian.agostini@gmail.com.br >
Co-authored-by: Jay <jasonsaayman@gmail.com >
2025-03-25 21:30:23 +02:00
36a5a620be
fix(utils): move generateString to platform utils to avoid importing crypto module into client builds; ( #6789 )
...
* chore(ci): Add release-it script;
* fix(utils): move generateString util to platform utils to avoid importing crypto module into client build;
---------
Co-authored-by: Jay <jasonsaayman@gmail.com >
2025-02-26 10:30:55 +02:00
23a25af068
fix(utils): replace getRandomValues with crypto module ( #6788 )
2025-02-18 14:36:51 +02:00
cc3217a612
fix: updated stream aborted error message to be more clear ( #6615 )
2024-09-28 13:04:22 +02:00
364993f0d8
fix(http): fixed support for IPv6 literal strings in url ( #5731 )
2024-09-01 00:47:25 +03:00
df9889b83c
fix(fetch): optimize signals composing logic; ( #6582 )
2024-08-30 21:26:12 +03:00
7004707c41
fix(adapter): fix undefined reference to hasBrowserEnv ( #6572 )
2024-08-23 15:23:14 +03:00
6b6b605eaf
fix(sec): CVE-2024-39338 ( #6539 ) ( #6543 )
...
* fix(sec): cve-2024-39338 (#6539 )
* fix(sec): fix test
2024-08-13 20:43:05 +02:00
07a661a2a6
fix(sec): disregard protocol-relative URL to remediate SSRF ( #6539 )
...
* fix(sec): disregard protocol-relative URL to remediate SSRF
Signed-off-by: hainenber <dotronghai96@gmail.com >
* feat(test/unit/regression): add regression test to ensure SNYK-JS-AXIOS-7361793 fixed in future version
Signed-off-by: hainenber <dotronghai96@gmail.com >
* chore: add EoF newline + comments
Signed-off-by: hainenber <dotronghai96@gmail.com >
* chore: fix eslint issues
Signed-off-by: hainenber <dotronghai96@gmail.com >
* Update SNYK-JS-AXIOS-7361793.js
Co-authored-by: tom-reinders <tom-reinders@users.noreply.github.com >
---------
Signed-off-by: hainenber <dotronghai96@gmail.com >
Co-authored-by: tom-reinders <tom-reinders@users.noreply.github.com >
2024-08-13 17:03:25 +02:00
e3c76fc9bd
fix(adapter): fix progress event emitting; ( #6518 )
2024-08-01 16:59:58 +03:00
870e0a76f6
fix(fetch): fix headers getting from a stream response; ( #6401 )
2024-05-19 01:40:21 +03:00
bb5f9a5ab7
fix(fetch): treat fetch-related TypeError as an AxiosError.ERR_NETWORK error; ( #6380 )
2024-05-07 21:26:46 +03:00
81e0455b7b
fix(core/axios): handle un-writable error stack ( #6362 )
...
Co-authored-by: Dmitriy Mozgovoy <robotshara@gmail.com >
2024-05-07 20:57:03 +03:00
a3ff99b59d
feat(adapter): add fetch adapter; ( #6371 )
2024-04-28 22:33:49 +03:00
1a08f90f40
fix: capture async stack only for rejections with native error objects; ( #6203 )
2024-01-25 20:42:38 +02:00
a1938ff073
fix: fixed missed dispatchBeforeRedirect argument ( #5778 )
...
Co-authored-by: Dmitriy Mozgovoy <robotshara@gmail.com >
2024-01-25 00:57:06 +02:00
123f354b92
fix: wrap errors to improve async stack trace ( #5987 )
2024-01-25 00:21:12 +02:00
f4f2b039dd
fix(dns): fixed lookup error handling; ( #6175 )
2024-01-05 01:48:07 +02:00
75af1cdff5
fix(security): fixed security vulnerability in follow-redirects ( #6163 )
...
Co-authored-by: Jay <jasonsaayman@gmail.com >
2024-01-03 21:32:50 +02:00
7d45ab2e2a
chore(tests): fixed tests to pass in node v19 and v20 with keep-alive enabled; ( #6021 )
2023-10-22 18:20:44 +03:00
5aaff532a6
fix(dns): fixed lookup function decorator to work properly in node v20; ( #6011 )
2023-10-22 17:12:33 +03:00
e4107797a7
fix(adapters): improved adapters loading logic to have clear error messages; ( #5919 )
2023-09-26 19:43:25 +03:00
4c89f25196
fix(headers): allow content-encoding header to handle case-insensitive values ( #5890 ) ( #5892 )
2023-09-12 15:23:03 +03:00
d8b4ca0ea5
fix(headers): added support for setting header names that overlap with class methods; ( #5831 )
2023-08-25 21:07:51 +03:00
2701911260
feat(dns): added support for a custom lookup function; ( #5339 )
2023-04-26 02:04:59 +03:00
aa372f7306
fix(utils): make isFormData detection logic stricter to avoid unnecessary calling of the toString method on the target; ( #5661 )
2023-04-19 20:14:32 +03:00
a56c866120
fix(params): re-added the ability to set the function as paramsSerializer config; ( #5633 )
2023-04-05 19:44:36 +03:00
a3b246c9de
fix(http): fixed regression bug when handling synchronous errors inside the adapter; ( #5564 )
2023-02-22 21:50:31 +02:00
ea87ebfe6d
fix(headers): fixed the filtering logic of the clear method; ( #5542 )
2023-02-11 16:31:03 +02:00
96d336f527
fix(formdata): add hotfix to use the asynchronous API to compute the content-length header value; ( #5521 )
2023-02-02 00:55:05 +02:00
6ac574e00a
feat(fomdata): added support for spec-compliant FormData & Blob types; ( #5316 )
2023-01-31 01:10:39 +02:00
65e8d1e28c
fix(http): add zlib headers if missing ( #5497 )
2023-01-31 00:49:37 +02:00
9915635c69
fix(headers): fixed & optimized clear method; ( #5507 )
2023-01-31 00:35:06 +02:00
1e58a659ec
fix: fixed Brotli decompression; ( #5353 )
...
test: added decompression tests;
fix: added legacy `x-gzip` & `x-compress` encoding types;
2022-12-07 20:57:02 +02:00
9041c7d272
Fixed decompression for responses without Content-Length header ( #5306 )
...
* Fixed decompression for responses without `content-length` header;
* Add Brotli encoding to the `Accept-Encoding` header only if it is supported.
* `content-length` header transformation moved up;
Co-authored-by: Jay <jasonsaayman@gmail.com >
2022-12-01 16:22:20 +02:00
a3d901777b
Fixed Z_BUF_ERROR when content-encoding is set but the response body is empty; ( #5250 )
...
Fixed download progress capturing for compressed responses;
Co-authored-by: Jay <jasonsaayman@gmail.com >
2022-11-22 20:49:26 +02:00
Dmitriy Mozgovoy