Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
@polka/url
Advanced tools
Readme
Super fast, memoized
req.url
parser; not limited to Polka!
Parses the url
from a IncomingMessage
request. The returned object will always only contain the following keys: search
, query
, pathname
, path
, href
, and _raw
.
Note: This library does not process
protocol
,hostname
,port
, etc.
This is because the incomingreq.url
value only begins with the path information.
Parsed requests will be mutated with a _parsedUrl
key, containing the returned output. This is used for future memoization, so as to avoid parsing the same url
value multiple times.
$ npm install --save @polka/url
const parse = require('@polka/url');
let req = { url: '/foo/bar?fizz=buzz' };
let foo = parse(req);
//=> { search: '?fizz=buzz',
//=> query: 'fizz=buzz',
//=> pathname: '/foo/bar',
//=> path: '/foo/bar?fizz=buzz',
//=> href: '/foo/bar?fizz=buzz',
//=> _raw: '/foo/bar?fizz=buzz' }
// Attaches result for future memoization
assert.deepEqual(foo, req._parsedUrl); //=> true
Returns: Object
or undefined
Important: The
req
must have aurl
key, otherwiseundefined
will be returned.
If no input is provided at all, aTypeError
will be thrown.
Type: IncomingMessage
or Object
The incoming HTTP request (req
) or a plain Object
with a url
key.
Note: In Node.js servers, the
req.url
begins with a pathname & does not include ahash
.
Running the
parseurl
benchmark suite on Node 10.9.0
Parsing: "/foo/bar?user=tj&pet=fluffy"
nativeurl x 3,496,593 ops/sec ±0.78% (194 runs sampled)
parseurl x 5,702,515 ops/sec ±0.59% (194 runs sampled)
@polka/url x 11,510,281 ops/sec ±1.93% (192 runs sampled)
REPEAT: "/foo/bar?user=tj&pet=fluffy"
nativeurl x 3,344,884 ops/sec ±0.13% (191 runs sampled)
parseurl x 20,386,848 ops/sec ±0.22% (192 runs sampled)
@polka/url x 21,088,923 ops/sec ±0.58% (191 runs sampled)
Parsing: "/foo/bar"
nativeurl x 9,808,119 ops/sec ±0.51% (190 runs sampled)
parseurl x 26,186,627 ops/sec ±0.16% (195 runs sampled)
@polka/url x 43,946,765 ops/sec ±0.55% (194 runs sampled)
Parsing: "/"
nativeurl x 15,698,746 ops/sec ±0.79% (192 runs sampled)
parseurl x 36,861,339 ops/sec ±0.19% (195 runs sampled)
@polka/url x 48,295,119 ops/sec ±0.51% (194 runs sampled)
Any issues or questions can be sent to the Polka repository.
However, please specify that your inquiry is about @polka/url
specifically.
MIT © Luke Edwards
FAQs
Super fast, memoized `req.url` parser
The npm package @polka/url receives a total of 6,592,103 weekly downloads. As such, @polka/url popularity was classified as popular.
We found that @polka/url demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.