Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@appolo/agent
Advanced tools
Fast and simple http server build with typescript and appolo-route
npm install @appolo/agent --save
import {Agent} from '@appolo/agent'
await new Agent()
.get("/test/:id/", (req: IRequest, res: IResponse) => {
res.json({query: req.query, params: req.params})
}).listen(3000);
Options
port
- port number to agent will listen default 8080
errorStack
- boolean print error stack on error default false
errorMessage
- boolean print error message default true
maxRouteCache
- max number of cached routes paths with lru cache default 1000
,useRouteCache
- boolean use route path cache default true
decodeUrlParams
- boolean use decodeURIComponent
on path params default false
qsParser
- module to use to parse querystring values qs
| querystring default
qs`viewEngine
- like express view wngineviewFolder
- view folder to search view paths default ``viewCache
- boolean cache viewviewExt
- views file ext default html
await new Agent({port:3000})
.get("/test/:id/", (req: IRequest, res: IResponse) => {
res.json({query: req.query, params: req.params})
}).listen();
get server(): http.Server | https.Server
get node http server
get router(): Router
get router instance
listen(port: number, cb?: Function): Promise<Agent>
bind the agent to port call callback if provided return the agent instance
close(): Promise<void>
close the agent connection to http server and clean everything
let app = new Agent()
.get("/test/test2", (req,res)=>res.send("working"));
.post("/test/test2", (req,res)=>res.send("working post"));
let router = new Agent()
.get("/test/:userId/:userName", (req,res)=>res.send("working"));
let router = new Agent()
.get("/*", (req,res)=>res.send("working"));
same syntax as path-to-regexp
let app = new Agent()
.get("/test/:file(^\\d+).png", (req,res)=>res.send("working"));
register new Route handler using Http.Get Method
register new Route handler using Http.Post Method
register new Route handler using Http.Put Method
register new Route handler using Http.Put Method
register new Route handler using Http.Patch Method
register new Route handler using Http.Delete Method
register new Route handler using Http.Delete Method
register new Route handler. multi methods supported
let agent = new Agent()
.add("POST","/test/:param", someMiddleware(),(req,res)=>res.send("working"));
the agent supports any express middleware or cusotom middalwares
import favicon = require('static-favicon');
import bodyParser = require("body-parser");
import {IRequest,IResponse,NextFn} from 'appolo-agent';
let agent = new Agent()
.use(bodyParser.json());
.use(function (req:IRequest, res: IResponse, next: NextFn) {
res.setHeader("Access-Control-Allow-Origin", "*");
next();
})
.use(favicon());}
.get("/test/:param", someMiddleware(),(req,res)=>res.send("working"));
the request object inherits from http.incomingmessage
req.query
query params object
req.body
body parser params object
req.params
route params object
req.hostname
host name of the request
req.path
path name of the request
req.secure
boolean true is the request is https
req.protocol
protocol of the request http
or https
req.app
instance of the agent
req.get(name:string)
req.header(name:string)
Returns the specified HTTP request header
req.get('content-type'); // => "text/plain"
req.is(type:string)
Returns the matching content type if the incoming request’s “Content-Type” HTTP header field matches the MIME type specified by the type parameter. If the request has no body, returns null. Returns false otherwise.
req.is('html'); // => 'html'
req.is('text/html'); // => 'text/html'
the response object inherits from http.ServerResponse
res.status(code: number): IResponse
set response status code
res.status(200).json({name:"value"});
res.contentType(type: string): IResponse
set response content type
res.header(key: string, value: string): IResponse
res.set(key: string, value: string): IResponse
set response header
set Cache-Control
header in seconds
res.gzip(): IResponse
compress the response with gzip and set Content-Encoding
header to gzip
res.redirect(path: string): void
redirect the request to new path
res.cookie(key: string, value: any, options?: cookie.CookieSerializeOptions): IResponse
sets cookie name to value. The value parameter may be a string or object converted to JSON.
res.cookie('name', 'test', { domain: '.example.com', path: '/admin', secure: true });
res.cookie('someName', '{someVal:1}', { expires: new Date(Date.now() + 900000), httpOnly: true });
res.clearCookie(key: string, options?: cookie.CookieSerializeOptions): IResponse
clears the cookie specified by name.
res.cookie('name', 'tobi', { path: '/admin' });
res.clearCookie('name', { path: '/admin' });
json(obj: object)
sends a JSON response.
res.json({name:"value"});
jsonp(obj: object)
Sends a JSON response with JSONP support. This method is identical to res.json(), except that it opts-in to JSONP callback support
res.jsonp({name:"value"});
render(params?: any): Promise<void>
render view html by path and params
res.render('index');
res.render('/path/to/view');
res.render('index',{some:"data"});
send(data?: string | Buffer| object)
res.send(new Buffer('some buffer'));
res.send({ some: 'data' });
res.send('<p>some html</p>');
res.status(404).send('not found');
res.status(500).send({ error: 'some error' });
MIT
FAQs
Fast and simple http server framework
We found that @appolo/agent demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.