Security News
New Proposed CISA Mandate Would Require Critical Infrastructure to Report Ransom Payments Within 24 Hours
CISA has proposed a set of new rules that would require critical infrastructure to report cyber incidents and ransom payments.
assert-request
Advanced tools
Assert responses to HTTP requests
Weekly downloads
Readme
This is a tool to assert properties of responses to requests, such as the body, headers, and status code. This returns a promise with additional assertion methods builtin to it. It requires node 4 or higher to run (that's by design, and will not be changed even if you have a PR).
This example uses Mocha tests, which natively support promises.
However, assert-request
is not limited to Mocha.
let AssertRequest = require('assert-request');
let request = AssertRequest(app.listen()); // You can use a server or protocol and host
describe('/example', function () {
it('should return HTML', function () {
return request('/example')
.type('text/html')
.okay();
});
});
describe('/api', function () {
it('should return the correct JSON', function () {
return request.post('/api')
.type('application/json')
.status(200)
.json(json => json.foo && json.bar);
});
});
The returned value is a Promise.
Because of that, you can use .then
and .catch
.
.then
will be passed the response object.
Many Node.JS utilities such as Mocha will support promises.
Note: most mixins simply return this.then(res => assert(...))
.
This means that assertions are guaranteed to run in order.
While technically Promise.all
should be used here, this makes for a much simpler code base.
In addition, this should be the faster way as no mixins created so far return a Promise (i.e. do an asynchronous operation).
Calls the function with the response object, and asserts that the return value is truthy.
Asserts that the response status is equal to the one specified.
Expected can be a String, Number, Function, or RegExp.
Strings and Numbers will be checked without strict matching (==
not ===
) so the status will be cast to a String.
Asserts that the response status is 200. Equivalent to .status(200)
Asserts that the header is present, and if value is specified, asserts that it is equal to the value.
In some edge cases like Set-Cookie
, the header value is an array.
In this case, by default all headers must match the value.
However, if someHeaders is true, then only one must match the value.
Value can be a String, Function, or RegExp.
Asserts that the body is equal to the one specified. Expected can be a String, Function, or RegExp.
Asserts that the body is JSON and is equal to the JSON specified. If expected is a function, then it is passed the parsed JSON. Expected can be a String, Function, or RegExp.
This is a general mixin to check Content-Type
.
If the expected type is a string, it checkes if any part of the Content-Type is equal.
All of the following will match text/html; charset=utf-8
The following will NOT match that type:
Expected can be a String, Function, or RegExp. However, partial matching is only applied to strings as specified above.
This was made as a replacement for supertest. Inspiration was taken from that API. However, using it also showed how it could be improved, and pitfalls to avoid.
FAQs
Assert responses to HTTP requests
The npm package assert-request receives a total of 49 weekly downloads. As such, assert-request popularity was classified as not popular.
We found that assert-request demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA has proposed a set of new rules that would require critical infrastructure to report cyber incidents and ransom payments.
Security News
Redis is no longer OSS, breaking its explicit commitment to remain under the BSD 3-Clause License forever. This has angered contributors who are now working to fork the software.
Product
Socket AI now enables 'AI detected potential malware' alerts by default, ensuring users benefit from AI-powered state-of-the-art malware detection without needing to opt-in.