Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@azure/core-http
Advanced tools
Isomorphic client Runtime for Typescript/node.js/browser javascript client libraries generated using AutoRest
@azure/core-http is a foundational library for making HTTP requests and handling responses in Azure SDKs. It provides a set of utilities and abstractions to simplify the process of interacting with HTTP services, including features like request and response handling, middleware support, and authentication.
Making HTTP Requests
This feature allows you to make HTTP requests using the DefaultHttpClient and WebResource classes. The code sample demonstrates how to make a GET request to a public API and log the response.
const { DefaultHttpClient, WebResource } = require('@azure/core-http');
async function makeRequest() {
const client = new DefaultHttpClient();
const request = new WebResource('https://jsonplaceholder.typicode.com/posts', 'GET');
const response = await client.sendRequest(request);
console.log(response.bodyAsText);
}
makeRequest();
Handling Middleware
This feature allows you to add middleware to the HTTP pipeline. The code sample demonstrates how to add a logging middleware that logs HTTP requests and responses.
const { DefaultHttpClient, WebResource, HttpPipelineLogger, HttpPipelineLogLevel } = require('@azure/core-http');
async function makeRequestWithMiddleware() {
const client = new DefaultHttpClient({
requestPolicyFactories: [
(nextPolicy, options) => new HttpPipelineLogger(nextPolicy, options, HttpPipelineLogLevel.INFO)
]
});
const request = new WebResource('https://jsonplaceholder.typicode.com/posts', 'GET');
const response = await client.sendRequest(request);
console.log(response.bodyAsText);
}
makeRequestWithMiddleware();
Authentication
This feature allows you to handle authentication by using TokenCredentials. The code sample demonstrates how to make an authenticated GET request by setting the Authorization header with a bearer token.
const { DefaultHttpClient, WebResource, TokenCredentials } = require('@azure/core-http');
async function makeAuthenticatedRequest() {
const token = 'YOUR_ACCESS_TOKEN';
const credentials = new TokenCredentials(token);
const client = new DefaultHttpClient();
const request = new WebResource('https://jsonplaceholder.typicode.com/posts', 'GET');
request.headers.set('Authorization', `Bearer ${credentials.token}`);
const response = await client.sendRequest(request);
console.log(response.bodyAsText);
}
makeAuthenticatedRequest();
Axios is a popular HTTP client for making requests in both Node.js and the browser. It provides a simple and easy-to-use API for making HTTP requests, handling responses, and managing interceptors. Compared to @azure/core-http, Axios is more general-purpose and widely used outside of the Azure ecosystem.
Node-fetch is a lightweight module that brings the Fetch API to Node.js. It is designed to be a minimalistic and straightforward way to make HTTP requests. Compared to @azure/core-http, node-fetch is simpler and more focused on providing a fetch-like experience in Node.js.
Request is a comprehensive and flexible HTTP client for Node.js. It supports a wide range of features, including streaming, form data, and OAuth. While request is more feature-rich, it is also more complex and has been deprecated in favor of more modern alternatives like Axios and node-fetch.
This is the core HTTP pipeline for Azure SDK JavaScript libraries which work in the browser and Node.js. This library is primarily intended to be used in code generated by AutoRest and autorest.typescript
.
See our support policy for more details.
This package is primarily used in generated code and not meant to be consumed directly by end users.
You can find an explanation of how this repository's code works by going to our architecture overview.
Examples can be found in the samples
folder.
Build this library (core-http
). For more information on how to build project in this repo, please refer to the Contributing Guide.
The code in samples\node-sample.ts
shows how to create a ServiceClient
instance with a test TokenCredential
implementation and use the client instance to perform a GET
operation from the Azure management service endpoint for subscriptions. To run the code, first obtain an access token to the Azure management service.
One easy way to get an access token is using Azure CLI
az login
az account set -s <subscription id>
az account get-access-token --resource=https://management.azure.com
Set values of subscriptionId
and token
variable in samples/node-sample.ts
Change directory to samples folder, compile the TypeScript code, then run the sample
cd samples
tsc node-sample.ts
node node-sample.js
subscriptionId
and token
variable in samples/index.js
If you run into issues while using this library, please feel free to file an issue.
If you'd like to contribute to this library, please read the contributing guide to learn more about how to build and test the code.
FAQs
Isomorphic client Runtime for Typescript/node.js/browser javascript client libraries generated using AutoRest
The npm package @azure/core-http receives a total of 1,525,001 weekly downloads. As such, @azure/core-http popularity was classified as popular.
We found that @azure/core-http demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.