Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
NeteaseCloudMusicApi
Advanced tools
NeteaseCloudMusicApi - npm Package Compare versions
Comparing version 2.9.3 to 2.9.5
@@ -188,2 +188,8 @@ const express = require("express"); | ||
| // 发送私信 | ||
| app.use("/send/text", require("./router/send_text")); | ||
| // 发送私信(歌单) | ||
| app.use("/send/playlist", require("./router/send_playlist")); | ||
| //simi ,相似歌单 | ||
@@ -190,0 +196,0 @@ app.use("/simi/playlist", require("./router/simi_playlist")); |
| # 更新日志 | ||
| ### 2.9.5 | 2018.05.08 | ||
| 新增发送私信相关接口 | ||
| ### 2.9.4 | 2018.05.04 | ||
| 新增热搜接口,更新 banner 接口 | ||
| ### 2.9.2 | 2018.02.28 | ||
@@ -3,0 +9,0 @@ 修复登录失败会崩溃的问题 |
| { | ||
| "name": "NeteaseCloudMusicApi", | ||
| "version": "2.9.3", | ||
| "version": "2.9.5", | ||
| "description": "网易云音乐 NodeJS 版 API", | ||
@@ -5,0 +5,0 @@ "scripts": { |
| const express = require("express"); | ||
| const router = express(); | ||
| const { createWebAPIRequest } = require("../util/util"); | ||
| const request = require("request"); | ||
| router.get("/", (req, res) => { | ||
| const cookie = req.get("Cookie") ? req.get("Cookie") : ""; | ||
| const data = { | ||
| timeStamp: 0 + new Date(), | ||
| csrf_token: "" | ||
| const options = { | ||
| url: "http://music.163.com/discover", | ||
| method: "GET", | ||
| headers: { | ||
| Referer: "http://music.163.com", | ||
| "User-Agent": | ||
| "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3380.0 Safari/537.36" | ||
| } | ||
| }; | ||
| createWebAPIRequest( | ||
| "music.163.com", | ||
| "/api/v2/banner/get", | ||
| "POST", | ||
| data, | ||
| cookie, | ||
| music_req => { | ||
| res.send(music_req); | ||
| }, | ||
| err => res.status(502).send("fetch error") | ||
| ); | ||
| request(options, (error, response, body) => { | ||
| if (error) { | ||
| res.status(502).send("fetch error"); | ||
| } else { | ||
| try { | ||
| const pattern = /<script[^>]*>\s*window\.Gbanners\s*=\s*([^;]+?);\s*<\/script>/g; | ||
| const banners = pattern.exec(body)[1]; | ||
| res.send(JSON.stringify(eval(`({code:200,banners:${banners}})`))); | ||
| } catch (error) { | ||
| res.status(502).send("fetch error"); | ||
| } | ||
| } | ||
| }); | ||
| }); | ||
| module.exports = router; |
New alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.35%
143692
- Number of package files
- increased by1.96%
104
- Lines of code
- increased by2.39%
2528
Worsened metrics
- Number of medium supply chain risk alerts
- increased by100%
2
No dependency changes