Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

github.com/google/weasel

Package Overview
Dependencies
Alerts
File Explorer
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

github.com/google/weasel

  • v0.1.1
  • Source
  • Go
  • Socket score
Version published
Created
Source

yummy-weasel

A simple frontend (App Engine app) that serves content from a Google Cloud Storage (GCS) bucket, while allowing for:

  • HTTPS on custom domain
  • support for Service Worker (works only over HTTPS)
  • HTTP/2 push
  • more robust redirect from naked custom domain
  • serving directly from naked custom domain
  • keep the deployment/publishing flow using just the existing GCS bucket, which has proven to be fast and reliable, with partial content updates.
  • dynamic server-side logic

design

The design is simple. Suppose you have a static website www.example.com, served directly from a GCS gs://www.example.com.

A very simplified picture of the serving path can be shown as follows.

+-----+    GET http://www.example.com/dir/index.html
| GCS |  <-----------------------------------------+  visitor
+-----+                                                 :-/

Weasel enhancement consists of modifying the serving path to:

+-----+   (2) GET gs://www.example.com/dir/index.html
| GCS |  <------------------------------+--------+
+-----+                                 | yummy  |
                                        | weasel |
                                        +--------+
                                           ↑  |
                                      (1)  |  | (3)
         GET https://www.example.com/dir/  |  ↓ Link: <asset>; rel=preload

                                         visitor
                                           :-)

  1. A visitor requests the website page. Note that /index.html is now optional. Due to GCS restrictions, such suffixes were previously required for sub-folders, but with this approach they no longer need to be specified. Also, requests can (and will) be made over HTTPS.

  2. Weasel fetches the object content from the original GCS bucket and caches it locally. This step is necessary only if the object hasn't been cached already or the cache has expired. Cache expiration and invalidation is based on GCS object cache-control header settings.

  3. Weasel responds with the GCS object contents. Note that we can optionally push additional assets related to the requested file by using Link: <asset>; rel=preload header supported by GFE.

license

Apache License 2.0.

This is not an official Google product.

FAQs

Package last updated on 28 Jan 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries

Research

Security News

Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries

Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.

By Kirill Boychenko  -  Nov 22, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc