Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@push.rocks/webrequest
Advanced tools
A module for making secure web requests from browsers with support for caching and fault tolerance.
securely request from browsers
To use @push.rocks/webrequest
in your project, install it using npm or yarn:
npm install @push.rocks/webrequest --save
# or with yarn
yarn add @push.rocks/webrequest
This package is designed to be used in an environment where ECMAScript Modules (ESM) and TypeScript are supported.
@push.rocks/webrequest
is a powerful module designed to simplify making web requests securely from browsers. It leverages modern JavaScript features and TypeScript for a type-safe development experience. Below are comprehensive examples demonstrating how to utilize the module effectively:
First, import WebRequest
from the module:
import { WebRequest } from '@push.rocks/webrequest';
Create an instance of WebRequest
. You can optionally pass configuration options:
const webRequest = new WebRequest({
logging: true // Optional: enables logging, defaults to true
});
To fetch JSON data:
// Fetch JSON data using GET request
async function fetchJsonData() {
const url = 'https://api.example.com/data';
try {
const jsonData = await webRequest.getJson(url);
console.log(jsonData);
} catch (error) {
console.error(error);
}
}
fetchJsonData();
Similarly, you can make POST, PUT, and DELETE requests to send or manipulate data:
// Example POST request to submit JSON data
async function postJsonData() {
const url = 'https://api.example.com/submit';
const data = { key: 'value' };
try {
const result = await webRequest.postJson(url, data);
console.log(result);
} catch (error) {
console.error(error);
}
}
postJsonData();
// PUT and DELETE can be similarly used
The library provides mechanisms to cache responses, which is useful for reducing network load and improving performance. Here’s how to fetch data with caching:
// Fetch with caching enabled
async function fetchDataWithCache() {
const url = 'https://api.example.com/data';
try {
// The second parameter enables caching
const jsonData = await webRequest.getJson(url, true);
console.log(jsonData);
} catch (error) {
console.error(error);
}
}
fetchDataWithCache();
@push.rocks/webrequest
supports querying multiple endpoints with fallbacks to handle the situation where some endpoints may fail or be unavailable:
// Attempt to request from multiple endpoints
async function requestFromMultipleEndpoints() {
const endpoints = [
'https://api.primary-example.com/data',
'https://api.backup-example.com/data'
];
try {
const response = await webRequest.requestMultiEndpoint(endpoints, {
method: 'GET'
});
const data = await response.json();
console.log(data);
} catch (error) {
console.error('Failed to retrieve data from any endpoint', error);
}
}
requestFromMultipleEndpoints();
For advanced scenarios, you can directly use the request
method to fully customize the request options including headers, request method, and body (for POST/PUT requests):
// Custom request with timeout
async function customRequest() {
const url = 'https://api.example.com/advanced';
try {
const response = await webRequest.request(url, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ custom: 'data' }),
timeoutMs: 10000 // Timeout in milliseconds
});
if (response.ok) {
const result = await response.json();
console.log(result);
} else {
console.error('Response error:', response.status);
}
} catch (error) {
console.error('Request failed:', error);
}
}
customRequest();
@push.rocks/webrequest
offers a streamlined, secure way to handle web requests from browsers, supporting various HTTP methods, response caching, and requests to multiple endpoints with fault tolerance. Its TypeScript integration ensures type safety and enhances developer productivity by enabling IntelliSense in supported IDEs.
This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the license file within this repository.
Please note: The MIT License does not grant permission to use the trade names, trademarks, service marks, or product names of the project, except as required for reasonable and customary use in describing the origin of the work and reproducing the content of the NOTICE file.
This project is owned and maintained by Task Venture Capital GmbH. The names and logos associated with Task Venture Capital GmbH and any related products or services are trademarks of Task Venture Capital GmbH and are not included within the scope of the MIT license granted herein. Use of these trademarks must comply with Task Venture Capital GmbH's Trademark Guidelines, and any usage must be approved in writing by Task Venture Capital GmbH.
Task Venture Capital GmbH
Registered at District court Bremen HRB 35230 HB, Germany
For any legal inquiries or if you require further information, please contact us via email at hello@task.vc.
By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.
FAQs
A module for making secure web requests from browsers with support for caching and fault tolerance.
We found that @push.rocks/webrequest demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.