Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@kiwicom/express-http-proxy
Advanced tools
This package is a thin and opinionated wrapper over `express-http-proxy`, to ensure we can safely proxy some paths transitively across several frontend servers, typically for static assets with base path `/scripts`.
Readme
This package is a thin and opinionated wrapper over express-http-proxy
, to ensure we can safely
proxy some paths transitively across several frontend servers, typically for static assets with base
path /scripts
.
It performs three roles:
Install @kiwicom/express-frontend-proxy
(and its peer dependency express-http-proxy
) with the
following command
yarn add @kiwicom/express-frontend-proxy express-http-proxy
To define a proxy, you need two pieces of information:
url
(string): the URL of the server to which requests should be proxied,module
(string): the name of the serverNote that module
should not contain a comma (,) and be "unique" across your proxied servers to
avoid short-circuiting the request in case it needs to go through several proxies.
Here's a basic example:
import express from "express";
import expressProxy from "@kiwicom/express-http-proxy";
const alphaProxy = expressProxy({
url: "https://alpha.domain.tld",
module: "alpha",
})
...
const app = express();
app.use("/alpha*", alphaProxy)
...
In the following example, we create three Express servers, alpha, beta and gamma.
Each server handles its own script route, and the proxies take over for the other ones, sometimes necessiting two proxy hoops. For example, with the code below:
To make sure we don't run into proxy loops, http://localhost:7891/scripts/eta will be in turn handled by alpha, proxied to beta, proxied to gamma and finally proxied back to alpha. Thanks to this package, we prevent the loop from continuing and let the catch all route from the alpha server to handle the request.
alpha -> beta -> gamma -> alpha [STOP]
import path from "path";
import express from "express";
import expressProxy from "@kiwicom/express-http-proxy";
// Helper function to create several express servers using the proxy
function createServer(module, moduleToProxy) {
const app = express();
app.get("/", (req, res) => {
res.send("Hello World!");
});
app.get(`/scripts/${module}`, (req, res) => {
res.send(`Hello from ${module}`);
});
app.use("/scripts/*", proxy(moduleToProxy));
app.use("*", (req, res) => {
res.status(404).send(`Not found from ${module}`);
});
return app;
}
const alpha = createServer("alpha", {
url: "http://localhost:7892",
module: "beta",
});
const beta = createServer("beta", {
url: "http://localhost:7893",
module: "gamma",
});
const gamma = createServer("gamma", {
url: "http://localhost:7891",
module: "alpha",
});
// Start the servers
alpha.listen(7891);
beta.listen(7892);
gamma.listen(7893);
FAQs
This package is a thin and opinionated wrapper over `express-http-proxy`, to ensure we can safely proxy some paths transitively across several frontend servers, typically for static assets with base path `/scripts`.
The npm package @kiwicom/express-http-proxy receives a total of 524 weekly downloads. As such, @kiwicom/express-http-proxy popularity was classified as not popular.
We found that @kiwicom/express-http-proxy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.