Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@dkx/http-server
Advanced tools
Super simple HTTP server with middlewares support for node.js.
$ npm install --save @dkx/http-server
or with yarn
$ yarn add @dkx/http-server
const {Server} = require('@dkx/http-server');
const {someRandomMiddleware} = require('some-random-middleware');
const app = new Server;
app.use(someRandomMiddleware);
app.run(8080, () => {
console.log('Server is running on port 8080');
});
Each middleware is just an ordinary async function.
Middleware must call the next
function with current response
.
const {Server} = require('@dkx/http-server');
async function appendHeaderMiddleware(request, response, next)
{
response = response.withHeader('X-My-custom-header', 'hello world');
return next(response);
}
const app = new Server;
app.use(appendHeaderMiddleware);
function writeResponseDataMiddleware(request, response, next)
{
response.getBody((body) => {
body.write('hello');
body.write(' ');
body.write('world');
});
return next(response);
}
function middlewareA(request, response, next, state)
{
state.message = 'hello world';
return next(response);
}
function middlewareB(request, response, next, state)
{
console.log(state.message); // output: hello world
return next(response);
}
use
Append middleware.
Arguments:
middleware: Middleware
: middleware to attach.
run()
Start the HTTP server.
Arguments:
port: number
: port where the HTTP server will be listening for new requests.
fn: () => void
: callback called when server is ready to handle requests.
close()
Stop running HTTP server.
Arguments:
fn: () => void
: callback called when server is completely shut down.
method
Contains request method (GET
, POST
, ...).
url
Contains requested URL.
headers
Contains request HTTP headers.
body
Readable stream for accessing request data.
The Response
is an immutable object.
statusCode
Response status code, default 200
.
statusMessage
Response status message, default is an empty string.
headers
Contains list of currently returned HTTP headers.
getBody()
Method used for accessing the ResponseBody
object, which can be used for writing the response data.
Arguments:
fn: (body) => void
: callback with ResponseBody
object.
withStatus()
Write response status.
Arguments:
code: number
: new response status code.
message: string
: new response status message, default is an empty string.
Return:
Response
: cloned Response
object with modified status.
hasHeader()
Check whether header exists.
Arguments:
name: string
: name of HTTP header to check.
Return:
boolean
getHeader()
Get HTTP response header.
Arguments:
name: string
: name of HTTP header.
defaultValue: undefined|string|number|Array<string>
: default value to return if HTTP header does not exists.
Return:
undefined|string|number|Array<string>
withHeader()
Write response header.
Arguments:
name: string
: name of the new header.
value: string
: value of the new header.
Return:
Response
: cloned Response
object with modified headers.
withVaryHeader()
Write vary HTTP response header.
Arguments:
field: string|Array<string>
: name of header you wish to add into vary header
Return:
Response
: cloned Response
object with modified headers.
removeHeader()
Remove response header.
Arguments:
name: string
: name of the removed header.
Return:
Response
: cloned Response
object with modified headers.
Writable stream for writing the response data.
write()
Write response chunk
Arguments:
chunk
: chunk of data to write.
FAQs
Minimalistic HTTP server
The npm package @dkx/http-server receives a total of 1 weekly downloads. As such, @dkx/http-server popularity was classified as not popular.
We found that @dkx/http-server demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.