Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

arlib

Package Overview
Dependencies
Maintainers
1
Versions
36
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

arlib - npm Package Compare versions

Comparing version 0.2.3 to 0.2.4

11

lib/http_build_query.js

@@ -47,5 +47,6 @@ /**

case 'scalar':
case '[object Buffer]':
case 'Buffer':
case '[object Date]':
case '[object RegExp]':
// note: querystring.encode() encodes objects as "" empty string
if (string) string += sepchar;

@@ -55,2 +56,4 @@ string += (rawurlencode((num_prefix && isArray) ? num_prefix + i : i) + eq + rawurlencode(params[i]));

case '[object Array]':
// note: querystring.encode() encodes flat arrays [1,2,3] as a=1&a=2&a=3, and
// nested arrays [1,[2],3] as a=1&a=&a=3
case '[object Object]':

@@ -86,6 +89,6 @@ var npref = options.numeric_prefix;

if (str === true) return 1;
if (str === false) return 0;
else if (str === false) return 0;
// php omits field if value is null, must be handled in caller
if (str === null || str === undefined) return "";
return encodeURIComponent((typeof str === 'string') ? str : str + "");
else if (str === null || str === undefined) return "";
else return encodeURIComponent((typeof str === 'string') ? str : str + "");
}

@@ -92,0 +95,0 @@

32

lib/http_parse_query.js

@@ -25,3 +25,3 @@ /**

var name = urldecode(nameval);
params[name] = 1;
set_param_value(params, name, 1);
}

@@ -52,10 +52,3 @@ else {

}
else if (params[name]) {
// gather a=1&a=2 into array a=[1,2]
if (!Array.isArray(params[name])) params[name] = [ params[name] ];
params[name].push(value);
}
else {
params[name] = value;
}
else set_param_value(params, name, value);
}

@@ -75,1 +68,22 @@ }

}
function set_param_value( params, name, value ) {
if (params[name] !== undefined) {
if (!Array.isArray(params[name])) params[name] = [ params[name] ];
params[name].push(value);
}
else {
params[name] = value;
}
}
/**
Todo:
- limit max num parameters (to protect against malicious requests) (1000)
- limit max array depth (to protect against malicious requests) (5)
- parse a[]=1&a[]=2 as a=[1,2] (push items). Php works this way.
- speedup: gather name with a plain loop, not indexOf + regexp
**/

2

package.json
{
"name": "arlib",
"version": "0.2.3",
"version": "0.2.4",
"description": "Andras' library of handy utility functions",

@@ -5,0 +5,0 @@ "license": "Apache-2.0",

5

test/test-getrusage.js

@@ -11,6 +11,7 @@ var getrusage = require('../getrusage');

var usage = getrusage();
t.ok(usage.utime);
t.ok(usage.stime);
t.ok(usage.utime > 0);
t.ok(usage.maxrss > 0);
t.ok(usage.minflt > 0);
t.done();
},
};

14

test/test-http_build_query.js

@@ -107,2 +107,16 @@ var http_build_query = require('../http_build_query');

},
'should build query string from Buffer': function(t) {
var buf = new Buffer("test data");
var str = http_build_query({a: buf});
t.equal(str, "a=test+data");
t.done();
},
'should build query string from Date': function(t) {
var dt = new Date(0);
var str = http_build_query({a: dt});
t.ok(str.length > 20);
t.done();
},
};

18

test/test-http_parse_query.js

@@ -39,2 +39,20 @@ /**

'should decode blank params into arrays': function(t) {
var str = "a&b&a&b";
var params = http_parse_query(str);
t.deepEqual(params.a, [1, 1]);
t.deepEqual(params.b, [1, 1]);
t.done();
},
/**
TODO:
'should decode blank field names into arrays': function(t) {
var str = "a[]=1&a[]=2";
var params = http_parse_query(str);
t.deepEqual(params.a, [1, 2]);
t.done();
},
**/
'should decode hierarchical params into object': function(t) {

@@ -41,0 +59,0 @@ var str = "a[i][j][0]=1&a[i][j][1]=2";

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc