Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@sayari/falcor-router
Advanced tools
A router DataSource constructor for falcor that allows you to model all your cloud data sources as a single JSON resource.
This release is a developer preview. We are looking for community help to track down and fix bugs. We are also looking for help porting the Router to other platforms.
You can check out a working example server for a Netflix-like application here right now. Alternately you can go through this short tutorial:
Let's use the Falcor Router to build a Virtual JSON resource on an app server and host it at /model.json. The JSON resource will contain the following contents:
{
"greeting": "Hello World"
}
Normally Routers retrieve the data for their Virtual JSON resource from backend data stores or other web services on-demand. However in this simple tutorial the Router will simply return static data for a single key.
First we create a folder for our application server.
mkdir falcor-app-server && cd !$
npm init
Now we install the Falcor Router.
npm i falcor-router -S
Then install express and falcor-express.
npm i express falcor-express -S
Support for Restify is also available (including a demo):
npm i restify falcor-restify -S
—as is support for Hapi:npm i hapi falcor-hapi -S
.
Now we create an index.js file with the following contents:
// index.js
var falcorExpress = require('falcor-express');
var Router = require('falcor-router');
var express = require('express');
var app = express();
app.use('/model.json', falcorExpress.dataSourceRoute(function (req, res) {
// create a Virtual JSON resource with single key ("greeting")
return new Router([
{
// match a request for the key "greeting"
route: "greeting",
// respond with a PathValue with the value of "Hello World."
get: function() {
return {path:["greeting"], value: "Hello World"};
}
}
]);
}));
// statically host all files in current directory
app.use(express.static(__dirname + '/'));
var server = app.listen(3000);
Now we run the server, which will listen on port 3000 for requests for /model.json.
node index.js
Now that we've built a simple virtual JSON document with a single read-only key "greeting", we will create a test web page and retrieve this key from the server.
Now create an index.html file with the following contents:
<!-- index.html -->
<html>
<head>
<!-- Do _not_ rely on this URL in production. Use only during development. -->
<script src="//netflix.github.io/falcor/build/falcor.browser.js"></script>
<script>
var model = new falcor.Model({source: new falcor.HttpDataSource('/model.json') });
// retrieve the "greeting" key from the root of the Virtual JSON resource
model.
get("greeting").
then(function(response) {
document.write(response.json.greeting);
});
</script>
</head>
<body>
</body>
</html>
Now visit http://localhost:3000/index.html and you should see the message retrieved from the server:
Hello World
For an example of a Router built for a Netflix-like application, see this repository.
For in-depth information on the Falcor Router, see the Router Guide in the Falcor Website.
For discussion please use Stack Overflow.
FAQs
A router DataSource constructor for falcor that allows you to model all your cloud data sources as a single JSON resource.
The npm package @sayari/falcor-router receives a total of 141 weekly downloads. As such, @sayari/falcor-router popularity was classified as not popular.
We found that @sayari/falcor-router demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.