Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
@segment/store
Advanced tools
Readme
store.js exposes a simple API for cross browser local storage
// Store 'marcus' at 'username'
store.set('username', 'marcus')
// Get 'username'
store.get('username')
// Remove 'username'
store.remove('username')
// Clear all keys
store.clear()
// Store an object literal - store.js uses JSON.stringify under the hood
store.set('user', { name: 'marcus', likes: 'javascript' })
// Get the stored object - store.js uses JSON.parse under the hood
var user = store.get('user')
alert(user.name + ' likes ' + user.likes)
// Get all stored values
store.getAll().user.name == 'marcus'
// Loop over all stored values
store.forEach(function(key, val) {
console.log(key, '==', val)
})
store.js uses localStorage when available, and falls back on the userData behavior in IE6 and IE7. No flash to slow down your page load. No cookies to fatten your network requests.
store.js depends on JSON for serialization to disk.
Just grab store.min.js or store+json2.min.js and include them with a script tag.
store.enabled
flagIf your product depends on store.js, you must check the store.enabled
flag first:
<script src="store.min.js"></script>
<script>
init()
function init() {
if (!store.enabled) {
alert('Local storage is not supported by your browser. Please disable "Private Mode", or upgrade to a modern browser.')
return
}
var user = store.get('user')
// ... and so on ...
}
</script>
LocalStorage may sometimes appear to be available but throw an error when used. An example is Safari's private browsing mode. Other browsers allow the user to temporarily disable localStorage. Store.js detects these conditions and sets the store.enabled
flag appropriately.
Introductory Screencast to Store.js by Jack Franklin.
Contributors: https://github.com/marcuswestin/store.js/graphs/contributors
Forks: https://github.com/marcuswestin/store.js/network/members
store.js works as expected in node.js, assuming that global.localStorage has been set:
global.localStorage = require('localStorage')
var store = require('./store')
store.set('foo', 1)
console.log(store.get('foo'))
Private mode Store.js may not work while browsing in private mode. This is as it should be. Check the store.enabled
flag before relying on store.js.
Saucelabs.com rocks Extensive browser testing of store.js is possible thanks to Saucelabs.com. Check them out, they're awesome.
Firefox 3.0 & 2.0: Support for FF 2 & 3 was dropped in v1.3.6. If you require support for ancient versions of FF, use v1.3.5 of store.js.
Important note: In IE6 and IE7, many special characters are not allowed in the keys used to store any key/value pair. With @mferretti's help, there's a suitable workaround which replaces most forbidden characters with "___".
localStorage, when used without store.js, calls toString on all stored values. This means that you can't conveniently store and retrieve numbers, objects or arrays:
localStorage.myage = 24
localStorage.myage !== 24
localStorage.myage === '24'
localStorage.user = { name: 'marcus', likes: 'javascript' }
localStorage.user === "[object Object]"
localStorage.tags = ['javascript', 'localStorage', 'store.js']
localStorage.tags.length === 32
localStorage.tags === "javascript,localStorage,store.js"
What we want (and get with store.js) is
store.set('myage', 24)
store.get('myage') === 24
store.set('user', { name: 'marcus', likes: 'javascript' })
alert("Hi my name is " + store.get('user').name + "!")
store.set('tags', ['javascript', 'localStorage', 'store.js'])
alert("We've got " + store.get('tags').length + " tags here")
The native serialization engine of javascript is JSON. Rather than leaving it up to you to serialize and deserialize your values, store.js uses JSON.stringify() and JSON.parse() on each call to store.set() and store.get(), respectively.
Some browsers do not have native support for JSON. For those browsers you should include JSON2.js (non-minified copy is included in this repo).
No. I believe there is no way to provide sessionStorage semantics cross browser. However, it is trivial to expire values on read on top of store.js:
var storeWithExpiration = {
set: function(key, val, exp) {
store.set(key, { val:val, exp:exp, time:new Date().getTime() })
},
get: function(key) {
var info = store.get(key)
if (!info) { return null }
if (new Date().getTime() - info.time > info.exp) { return null }
return info.val
}
}
storeWithExpiration.set('foo', 'bar', 1000)
setTimeout(function() { console.log(storeWithExpiration.get('foo')) }, 500) // -> "bar"
setTimeout(function() { console.log(storeWithExpiration.get('foo')) }, 1500) // -> null
FAQs
A localStorage wrapper for all browsers without using cookies or flash. Uses localStorage, globalStorage, and userData behavior under the hood
The npm package @segment/store receives a total of 79,082 weekly downloads. As such, @segment/store popularity was classified as popular.
We found that @segment/store demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.