Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@smithy/fetch-http-handler
Advanced tools
@smithy/fetch-http-handler is a package that provides an HTTP handler for making requests using the Fetch API. It is part of the AWS SDK for JavaScript v3 and is designed to work seamlessly with other Smithy components to handle HTTP requests and responses.
Basic HTTP Request
This feature allows you to make a basic HTTP GET request using the FetchHttpHandler. The request object specifies the method, hostname, and path for the request.
const { FetchHttpHandler } = require('@smithy/fetch-http-handler');
const handler = new FetchHttpHandler();
const request = {
method: 'GET',
hostname: 'example.com',
path: '/path'
};
handler.handle(request).then(response => {
console.log(response);
}).catch(error => {
console.error(error);
});
Custom HTTP Headers
This feature allows you to add custom HTTP headers to your request. The headers object within the request object specifies the custom headers.
const { FetchHttpHandler } = require('@smithy/fetch-http-handler');
const handler = new FetchHttpHandler();
const request = {
method: 'GET',
hostname: 'example.com',
path: '/path',
headers: {
'Custom-Header': 'value'
}
};
handler.handle(request).then(response => {
console.log(response);
}).catch(error => {
console.error(error);
});
Handling HTTP Responses
This feature demonstrates how to handle HTTP responses. The response object contains the body, which can be processed further, such as converting it to text.
const { FetchHttpHandler } = require('@smithy/fetch-http-handler');
const handler = new FetchHttpHandler();
const request = {
method: 'GET',
hostname: 'example.com',
path: '/path'
};
handler.handle(request).then(response => {
return response.body.text();
}).then(body => {
console.log(body);
}).catch(error => {
console.error(error);
});
Axios is a popular promise-based HTTP client for the browser and Node.js. It provides a simple API for making HTTP requests and handling responses. Compared to @smithy/fetch-http-handler, Axios offers more features out of the box, such as request and response interceptors, automatic JSON data transformation, and support for older browsers.
Node-fetch is a lightweight module that brings the Fetch API to Node.js. It is similar to @smithy/fetch-http-handler in that it uses the Fetch API for making HTTP requests. However, node-fetch is more focused on providing a minimal implementation of the Fetch API for Node.js environments, whereas @smithy/fetch-http-handler is designed to integrate with the AWS SDK for JavaScript v3.
Got is a human-friendly and powerful HTTP request library for Node.js. It supports promises, streams, retries, and many other features. Compared to @smithy/fetch-http-handler, Got offers a more extensive set of features and a more user-friendly API for making HTTP requests and handling responses.
This is the default requestHandler
used for browser applications.
Since Node.js introduced experimental Web Streams API in v16.5.0 and made it stable in v21.0.0,
you can consider using fetch-http-handler
in Node.js, although it's not recommended.
For the Node.js default requestHandler
implementation, see instead
@smithy/node-http-handler
.
FAQs
Provides a way to make requests
The npm package @smithy/fetch-http-handler receives a total of 14,897,346 weekly downloads. As such, @smithy/fetch-http-handler popularity was classified as popular.
We found that @smithy/fetch-http-handler demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.