Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

github.com/honeycombio/urlshaper

Package Overview
Dependencies
Alerts
File Explorer
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

github.com/honeycombio/urlshaper

  • v0.0.0-20240715213722-6ba2583df080
  • Source
  • Go
  • Socket score
Version published
Created
Source

urlshaper

OSS Lifecycle

URL Shaper is a go library that takes a URL path and query and breaks it up into its components and creates a shape.

URL Shaper will generate a URL Shape by taking a URL and making a number of changes to it to make it easier to do analysis on URL patterns:

  • replaces query parameter values with a question mark
  • query parameters in the URL shape are alphabetized
  • based on patterns, variables in the URL path are replaced by the variable name

In addition to the URL shape, the Result object you get back from URL Shaper contains

  • the path, with any query parameters removed
  • the query, with the path removed
  • a url.Values object containing all the query parameters
  • a url.Values object containing all the path parameters

Parameters in the path portion of the URL are identified by matching the URL against a list of provided patterns. Patterns are matched in the order provided; the first match wins. Patterns should represent the entire path portion of the URL - include a "*" at the end to match arbitrary additional segments.

Examples

Query parameters:

input:

  • path: /about/en/books?isbn=123456&author=Alice

output:

  • uri: /about/en/books?isbn=123456&author=Alice
  • path: /about/en/books
  • query: isbn=123456&author=Alice
  • query_fields: {"isbn":["123456"],"author":["Alice"]}
  • path_fields: {}
  • shape: /about/en/books?author=?&isbn=?

REST:

input:

  • path: /about/en/books/123456
  • pattern: /about/:lang/books/:isbn

output:

  • uri: /about/en/books/123456
  • path: /about/en/books/123456
  • query: ""
  • query_fields: {}
  • path_fields: {"lang":["en"],"isbn":["123456"]}
  • shape: /about/:lang/books/:isbn

REST & Query parameters:

input:

  • path: /about/en/books?isbn=123456&author=Alice&isbn=987654
  • pattern: /about/:lang/books

output:

  • uri: /about/en/books?isbn=123456&author=Alice
  • path: /about/en/books
  • query: isbn=123456&author=Alice
  • query_fields: {"isbn":["123456", "987654"],"author":["Alice"]}
  • path_fields: {"lang":["en"]}
  • shape: /about/:lang/books?author=?&isbn=?

Unmatched:

input:

  • path /other/path
  • patterns: /about/:lang/books, /docs/:section

output:

  • uri: /other/path
  • path: /other/path
  • query: ""
  • query_fields: {}
  • path_fields: {}
  • shape: /other/path

Wildcard:

input:

-path /docs/quickstart/linux -pattern /docs/:section/*

output:

  • uri: /docs/quickstart/linux
  • path: /docs/quickstart/linux
  • query: ""
  • query_fields: {}
  • path_fields: {"quickstart":["linux"]}
  • shape: /docs/:section/*

FAQs

Package last updated on 15 Jul 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries

Research

Security News

Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries

Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.

By Kirill Boychenko  -  Nov 22, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc