Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@cerebral/http
Advanced tools
NPM
npm install @cerebral/http
The HTTP provider exposes the ability to do HTTP requests both in actions and directly in signals. It supports cors and file upload, with progress handling. It defaults to json, but you can configure it to whatever you want.
Read more about http in the Cerebral in depth - Http article.
import { set } from 'cerebral/factories'
import { httpGet } from '@cerebral/http/operators'
import { state, props, string } from 'cerebral/tags'
export default [
httpGet(string`/items/${props`itemKey`}`),
set(state`app.currentItem`, props`result`)
]
All factories of HTTP provider supports template tags.
import { Controller, Module } from 'cerebral'
import HttpProvider from '@cerebral/http'
const http = HttpProvider({
// Prefix all requests with this url
baseUrl: 'https://api.github.com',
// Any default headers to pass on requests
headers: {
'Content-Type': 'application/json; charset=UTF-8',
Accept: 'application/json'
},
// When talking to cross origin (cors), pass cookies
// if set to true
withCredentials: false,
// Provide a global request timeout for all calls
// which can be overwritten for request by providing
// a different timeout when doing a request
// in actions or operators
timeout: 5000
})
const app = Module({
providers: { http }
})
const controller = Controller(app)
You can update these default options in an action:
function updateDefaultHttpOptions({ http }) {
http.updateOptions({
// Updated options
})
}
You can abort any running request, causing the request to resolve as status code 0 and sets the type to abort on the error object.
function searchItems({ input, state, path, http }) {
http.abort('/items*') // regexp string
return http
.get(`/items?query=${input.query}`)
.then(path.success)
.catch((error) => {
if (error.type === 'abort') {
return path.abort()
}
return path.error({ error })
})
}
export default [
searchItems,
{
success: [],
error: [],
abort: []
}
]
Cors has been turned into a "black box" by jQuery. Cors is actually a very simple concept, but due to a lot of confusion of "Request not allowed", cors has been an option to help out. In HttpProvider we try to give you the insight to understand how cors actually works.
Cors has nothing to do with the client. The only client configuration related to cors is the withCredentials option, which makes sure cookies are passed to the cross origin server. The only requirement for cors to work is that you pass the correct Content-Type. Now, this depends on the server in question. Some servers allows any content-type, others require a specific one. These are the typical ones:
Note that this is only related to the request. If you want to define what you want as response, you set the Accept header, which is application/json by default.
import {HttpProviderError} from '@cerebral/http'
// Error structure
{
name: 'HttpProviderError',
type: 'http | abort | timeout',
message: 'Some error message or responseText',
response: {
result: {}, // Parsed responseText
headers: {},
status: 200
},
stack: '...'
}
This error is available in the following scenarios:
function someAction ({http}) {
return http.get('/something').catch(error => ...)
}
;[
httpGet('/something'),
{
success: [],
error: [
// {error: ...}
]
}
]
const errorCatched = [
// {error: ...}
displayError
]
Module({
catch: [[HttpProviderError, errorCatched]]
})
function someDeleteAction({ http }) {
const query = {}
const options = {}
return http
.delete('/items/1', query, options)
.then((response) => {
return { response }
})
.catch((error) => {
return { error }
})
}
import { httpDelete } from '@cerebral/http/operators'
import { state } from 'cerebral/tags'
export default [
httpDelete(string`/items/${state`currentItemId`}`)
/*
PROPS: {
response: {...}
}
*/
]
import { httpDelete } from '@cerebral/http/operators'
import { state } from 'cerebral/tags'
export default [
httpDelete(string`/items/${state`currentItemId`}`),
{
success: [
/* PROPS: {response: {...}} */
],
error: [
/* PROPS: {error: {...}} */
],
abort: [
/* PROPS: {error: {...}} */
],
timeout: [
/* PROPS: {error: {...}} */
],
// Optionally any status code, ex. 404: []
'${STATUS_CODE}': [
/* PROPS: {response/error: {...}} */
]
}
]
function someGetAction({ http }) {
const query = {}
const options = {}
return http
.get('/items', query, options)
.then((response) => {
return { someResponse: response }
})
.catch((error) => {
return { someError: error }
})
}
import { httpGet } from '@cerebral/http/operators'
export default [
httpGet('/items')
/*
PROPS: {
response: {...}
}
*/
]
On error this will throw to the signal or global catch handler.
import { httpGet } from '@cerebral/http/operators'
export default [
httpGet('/items'),
{
success: [
/* PROPS: {response: {...}} */
],
error: [
/* PROPS: {error: {...}} */
],
abort: [
/* PROPS: {error: {...}} */
],
timeout: [
/* PROPS: {error: {...}} */
],
// Optionally any status code, ex. 404: []
'${STATUS_CODE}': [
/* PROPS: {response/error: {...}} */
]
}
]
function somePatchAction({ http }) {
const data = {}
const options = {}
return http
.patch('/items/1', data, options)
.then((response) => {
return { response }
})
.catch((error) => {
return { error }
})
}
import { httpPatch } from '@cerebral/http/operators'
import { state, props, string } from 'cerebral/tags'
export default [
httpPatch(string`/items/${props`itemId`}`, state`patchData`)
/*
PROPS: {
response: {...}
}
*/
]
import { httpPatch } from '@cerebral/http/operators'
import { state, props, string } from 'cerebral/tags'
export default [
httpPatch(string`/items/${props`itemId`}`, state`patchData`),
{
success: [
/* PROPS: {response: {...}} */
],
error: [
/* PROPS: {error: {...}} */
],
abort: [
/* PROPS: {error: {...}} */
],
timeout: [
/* PROPS: {error: {...}} */
],
// Optionally any status code, ex. 404: []
'${STATUS_CODE}': [
/* PROPS: {response/error: {...}} */
]
}
]
function somePostAction({ http }) {
const data = {}
const options = {}
return http
.post('/items', data, options)
.then((response) => {
return { response }
})
.catch((error) => {
return { error }
})
}
import { httpPost } from '@cerebral/http/operators'
import { props } from 'cerebral/tags'
export default [
httpPost('/items', {
title: props`itemTitle`,
foo: 'bar'
})
/*
PROPS: {
response: {...}
}
*/
]
import { httpPost } from '@cerebral/http/operators'
import { props } from 'cerebral/tags'
export default [
httpPost('/items', {
title: props`itemTitle`,
foo: 'bar'
}),
{
success: [
/* PROPS: {response: {...}} */
],
error: [
/* PROPS: {error: {...}} */
],
abort: [
/* PROPS: {error: {...}} */
],
timeout: [
/* PROPS: {error: {...}} */
],
// Optionally any status code, ex. 404: []
'${STATUS_CODE}': [
/* PROPS: {response/error: {...}} */
]
}
]
function somePutAction({ http }) {
const data = {}
const options = {}
return http
.put('/items/1', data, options)
.then((response) => {
return { response }
})
.catch((error) => {
return { error }
})
}
import { httpPut } from '@cerebral/http/operators'
export default [
httpPut('/items', {
// data object
})
/*
PROPS: {
response: {...}
}
*/
]
import { httpPut } from '@cerebral/http/operators'
export default [
httpPut('/items', {
// data object
}),
{
success: [
/* PROPS: {response: {...}} */
],
error: [
/* PROPS: {error: {...}} */
],
abort: [
/* PROPS: {error: {...}} */
],
timeout: [
/* PROPS: {error: {...}} */
],
// Optionally any status code, ex. 404: []
'${STATUS_CODE}': [
/* PROPS: {response/error: {...}} */
]
}
]
There are two types of responses from the HTTP provider. A response and an error of type HttpProviderError. A response will be received on status codes 200-299. Everything else is an error.
{
result: 'the response body',
headers: {...},
status: 200
}
{
name: 'HttpProviderError',
type: 'http | abort | timeout',
message: 'Some potential error message',
result: 'Message or response body',
status: 500,
headers: {},
stack: '...'
}
function someGetAction ({http}) {
return http.request({
// Any http method
method: 'GET',
// Url you want to request to
url: '/items'
// Request body as object. Will automatically be stringified if json and
// urlEncoded if application/x-www-form-urlencoded
body: {},
// Query as object, will automatically be urlEncoded
query: {},
// If cross origin request, pass cookies
withCredentials: false,
// Any additional http headers, or overwrite default
headers: {},
// A function or signal path (foo.bar.requestProgressed) that
// triggers on request progress. Passes {progress: 45} etc.
onProgress: null
})
}
function someDeleteAction({ http, props }) {
return http
.uploadFile('/upload', props.files, {
name: 'filename.png', // Default to "files"
data: {}, // Additional form data
headers: {},
onProgress: 'some.signal.path' // Upload progress
})
.then((response) => {
return { response }
})
.catch((error) => {
return { error }
})
}
import { httpUploadFile } from '@cerebral/http/operators'
import { state, props } from 'cerebral/tags'
export default [
httpUploadFile('/uploads', props`file`, {
name: state`currentFileName`
}),
{
success: [
/* PROPS: {response: {...}} */
],
error: [
/* PROPS: {error: {...}} */
],
abort: [
/* PROPS: {error: {...}} */
],
// Optionally any status code, ex. 404: []
'${STATUS_CODE}': [
/* PROPS: {response/error: {...}} */
]
}
]
import { httpUploadFile } from '@cerebral/http/operators'
import { state, props } from 'cerebral/tags'
export default [
httpUploadFile('/uploads', props`file`, {
name: state`currentFileName`
})
/*
PROPS: {
response: {...}
}
*/
]
FAQs
HTTP provider for Cerebral 2
We found that @cerebral/http demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.