#632)

**IMPORTANT SECURITY FIX**

A malicious client could send a specially crafted HTTP request,
triggering an uncaught exception and killing the Node.js process:

> RangeError: Invalid WebSocket frame: RSV2 and RSV3 must be clear
>   at Receiver.getInfo (/.../node_modules/ws/lib/receiver.js:176:14)
>   at Receiver.startLoop (/.../node_modules/ws/lib/receiver.js:136:22)
>   at Receiver._write (/.../node_modules/ws/lib/receiver.js:83:10)
>   at writeOrBuffer (internal/streams/writable.js:358:12)

This bug was introduced by [1], included in `engine.io@4.0.0`, so
previous releases are not impacted.

[1]: f3c291f

Thanks to Marcus Wejderot from Mevisio for the responsible disclosure.

Diff: 6.1.0...6.1.1

…636)

Bumps [engine.io](https://github.com/socketio/engine.io) from 4.0.0 to 4.1.2.
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/4.1.2/CHANGELOG.md)
- [Commits](4.0.0...4.1.2)

---
updated-dependencies:
- dependency-name: engine.io
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

When binding to an uWebSockets.js App, there was an unhandled case that
could crash the server:

```
curl "http://localhost:3000/engine.io/?EIO=4&transport=websocket"
```

would result in:

```
Error: Returning from a request handler without responding or attaching an abort handler is forbidden!
terminate called without an active exception
```

Note: this does not apply to the default server based on ws, because
the error was caught elsewhere in the source code.

Related: socketio/socket.io#4250

You can now pass additional options:

```js
const { App } = require("uWebSockets.js");
const { uServer } = require("engine.io");

const app = new App();
const server = new uServer();

server.attach(app, {
  compression: uWS.DEDICATED_COMPRESSOR_128KB, // defaults to none
  idleTimeout: 60, // defaults to 120
  maxBackpressure: 8 * 1024 // defaults to 1024 * 1024
});

app.listen(3000);
```

Related: #633

When binding to an uWebSockets.js application, the server could crash
with the following error:

```
TypeError: res.onData is not a function
    at Polling.onDataRequest (build/transports-uws/polling.js:133:13)
    at Polling.onRequest (build/transports-uws/polling.js:47:18)
    at callback (build/userver.js:80:56)
```

Related: #637

Note to future self: URL for dependencies from GitHub must use
"git+https" instead of "git+ssh" to make the CI pass, else you will
encounter the following error:

```
npm ERR! Error while executing:
npm ERR! /usr/bin/git ls-remote -h -t ssh://git@github.com/uNetworking/uWebSockets.js.git
npm ERR!
npm ERR! Warning: Permanently added the RSA host key for IP address '140.82.112.3' to the list of known hosts.
npm ERR! git@github.com: Permission denied (publickey).
npm ERR! fatal: Could not read from remote repository.
npm ERR!
npm ERR! Please make sure you have the correct access rights
npm ERR! and the repository exists.
npm ERR!
npm ERR! exited with error code: 128
```

Merged from #630

Diff: 6.1.1...6.1.2