
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
c4restfulclient
Advanced tools
C4RESTFulClient是基于request的封装:
配置分为ClientOption和RequestOption:
export interface ClientOption {
baseURL ?: string, // 基地址
sslOption ?: { // SSL的配置项
cert : Buffer; // 证书
key : Buffer; // 私钥
passphrase ?: string; // 证书的密码
ca ?: string | Buffer | string[] | Buffer[]; // CA
},
rejectUnauthorized ?: boolean; // 是否对证书进行校验(双向验证时需要)
preambleCRLF ?: boolean; // 在multipart/form-data请求的边界之前追加/CRLF
postambleCRLF ?: boolean; // 在multipart/form-data请求的边界尾部追加/CRLF
timeout ?: number; // 请求超时时间,单位毫秒
gzip ?: boolean; // 是否使用gzip
cookiesOption ?: { // cookie的配置项
enabled : boolean; // 是否开启
store ?: any; // 存储引擎
};
downloadPath ?: string; // 下载文件的保存目录
};
export interface RequestOption {
qs ?: { [key : string] : any }; // 请求的查询字符串
body ?: any; // PATCH、POST和PUT请求的实体,必须是Buffer、string或者ReadSteam,如果json项是true,body不许是可序列化的JSON对象
json ?: boolean; // 设置请求实体是否为JSON,会自动在header中增加application/json的Content-Type
form ?: { [key : string] : any} | string; // 当传递一个对象或查询字符串时,将body设置为querystring表示的值,并在header中添加application/x-www-form-urlencoded的content-type
formData ?: { [key : string] : any}; // 传递给multpart/form-data的请求数据
multipart ?: RequestPart[] | Multipart; // 用于发送multipart/related的请求数据
headers ?: Headers; // http的headers
gzip ?: boolean; // 是否使用gzip
cookiesOption ?: { // cookie的配置项
enabled : boolean; // 是否开启
store ?: any; // 存储引擎
};
// https双向认证
rejectUnauthorized ?: boolean; // 是否对证书进行校验(双向验证时需要)
key ?: Buffer; // 私钥
cert ?: Buffer; // 证书
passphrase ?: string; // 证书的密码
ca?: string | Buffer | string[] | Buffer[]; // CA
// downloadFileName
downloadFileName ?: string; // 下载文件的保存文件名
}
C4RESTFulClient
说明:RESTFul客户端
路径:./src/C4RESTFulClient.ts
成员变量:
成员方法:
/**
* 初始化
* @param option ClientOption
*/
async init(option ?: ClientOption)
/**
* 增加Parser
* @param parser C4RESTFulParser
*/
addParser(parser : C4RESTFulParser)
/**
* 移除Parser
* @param name 要移除的Parser的名字
*/
removeParser(name : string)
/**
* 请求
* @param url 请求的URL
* @param method 请求的METHOD
* @param option RequestOption
*/
request(url : string, method : string, option : RequestOption) : Promise<Request.Response>
/**
* GET Method
* @param url 请求的URL
* @param option RequestOption
*/
get(url : string, option : RequestOption)
/**
* post Method
* @param url 请求的URL
* @param option RequestOption
*/
post(url : string, option : RequestOption)
/**
* put Method
* @param url 请求的URL
* @param option RequestOption
*/
put(url : string, option : RequestOption)
/**
* patch Method
* @param url 请求的URL
* @param option RequestOption
*/
patch(url : string, option : RequestOption)
/**
* delete Method
* @param url 请求的URL
* @param option RequestOption
*/
delete(url : string, option : RequestOption)
C4RESTFulParser
说明:Parser的接口类
路径:./src/C4RESTFulParser.ts
成员变量:
成员方法:
C4DefaultJSONParser
说明:JSON解析器
路径:./src/C4DefaultRESTFulParser/C4DefaultJSONParser.ts
成员变量:
成员方法:
C4DefaultTextParser
说明:Text解析器
路径:./src/C4DefaultRESTFulParser/C4DefaultTextParser.ts
成员变量:
成员方法:
C4DefaultXMLParser
说明:XML解析器
路径:./src/C4DefaultRESTFulParser/C4DefaultXMLParser.ts
成员变量:
成员方法:
C4DefaultFileStreamParser
说明:文件下载解析器
路径:./src/C4DefaultRESTFulParser/C4DefaultFileStreamParser.ts
成员变量:
成员方法:
C4CSVFileStreamParser
说明:CSV文件下载解析器
路径:./src/C4DefaultRESTFulParser/C4CSVFileStreamParser.ts
成员变量:
成员方法:
FAQs
C4Framework RESTFulClient
The npm package c4restfulclient receives a total of 4 weekly downloads. As such, c4restfulclient popularity was classified as not popular.
We found that c4restfulclient demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.