Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
axios-ntlm
Advanced tools
The axios-ntlm package is an HTTP client for Node.js that extends the popular axios library to support NTLM (NT LAN Manager) authentication. This is particularly useful for making HTTP requests to servers that require NTLM authentication, such as certain enterprise environments and legacy systems.
NTLM Authentication
This feature allows you to make HTTP requests with NTLM authentication. The code sample demonstrates how to configure an axios instance with NTLM credentials and make a GET request to a protected resource.
const axios = require('axios');
const axiosNtlm = require('axios-ntlm');
const ntlmOptions = {
username: 'your-username',
password: 'your-password',
domain: 'your-domain'
};
const instance = axios.create();
axiosNtlm(instance, ntlmOptions);
instance.get('http://example.com/protected-resource')
.then(response => {
console.log(response.data);
})
.catch(error => {
console.error(error);
});
The httpntlm package is another Node.js library that provides NTLM authentication for HTTP requests. Unlike axios-ntlm, which extends axios, httpntlm is a standalone library. It offers similar functionality but requires more manual setup for making requests.
The node-http-ntlm package is a lightweight library for making HTTP requests with NTLM authentication. It is similar to httpntlm but focuses on simplicity and ease of use. It does not integrate with axios, so it may require more effort to use in projects that already rely on axios.
This is a helper library for NTLM Authentication using the Axios HTTP library on Node. It attaches interceptors to an axios instance to authenticate using NTLM for any resources that offer it.
This example will create you a brand new axios instance you can utilise the same as any other axios instance
import { NtlmClient } from 'axios-ntlm';
(async () => {
let client = NtlmClient('username', 'password', 'domain')
try {
let resp = await client({
url: 'https://protected.site.example.com',
method: 'get'
});
console.log(resp.data);
}
catch (err) {
console.log(err)
console.log("Failed")
}
})()
This shows how to pass in an existing axios instance to have the NTLM Auth interceptors attached.
Note: If doing this, be aware that http(s)Agents need to be attached to keep the connection alive. If there are none attached already, they will be added. If you are providing your own then you will need to set this up.
import { NtlmClient } from 'axios-ntlm';
(async () => {
let client = axios.create(/*Your options here*/)
client = NtlmClient('username', 'password', 'domain', 'workstation', client)
try {
let resp = await client({
url: 'https://protected.site.example.com',
method: 'get'
});
console.log(resp.data);
}
catch (err) {
console.log(err)
console.log("Failed")
}
})()
FAQs
An NTLM auth extension to the Axios HTTP library
The npm package axios-ntlm receives a total of 64,076 weekly downloads. As such, axios-ntlm popularity was classified as popular.
We found that axios-ntlm demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.