can-bind-to-host
Advanced tools
Utility package to see if the node process can bind to the host or listen on a port. Can be used for checking if a host resolves to localhost.
can-bind-to-host serves to definitively tell if a host (hostname or IP address) can be bound to. This is useful to determining if the given host is equivalent to localhost.
This package was written to replace the abandonned is-localhost-ip package.
Note: In the context of this README,
localhostis used as a familiar term for the IPs (or hostnames that resolve to them) which are associated with the network interface(s) of the local system. This includeslocalhost,127.0.0.1,0.0.0.0,::1, and even public domains that happen to resolve to an IP which points to your own system.
The implementation of can-bind-to-host is very short (it's less than 25 lines!). It functions by attempting to create a TCP server on the specified host (and optionally port). The underlying standard net module handles DNS resolution as needed.
import canBindToHost from 'can-bind-to-host';
// Check if bindable to localhost:8080
canBindToHost("localhost", 8080)
.then(bindable => bindable ? "Yes" : "No")
.then(answer => console.log(answer))
You can try out the package via npx in CLI:
Usage:
npx can-bind-to-host [hostname] [port]
Examples:
$ npx can-bind-to-host
0.0.0.0:0 is bindable
$ npx can-bind-to-host localhost 8080
localhost:8080 is bindable
$ npx can-bind-to-host localhost
localhost:0 is bindable
can-bind-to-host to check if a host is localhost?Yes!
In general, can-bind-to-host can reliably detect whether a given host points to localhost.
Unlike is-localhost-ip which uses regular expressions to determine if an IP is local and can mislead by unusual network configurations, this package can definitively rule out any host which is not local.
For similar reasons as above, this package can return false negatives in case of using this package under an extremely restricted user. This can be mitigated by running an additional check on 0.0.0.0 to see whether the process has the permissions to bind to localhost at all.
As long as the process uses this package can bind to a local port, it will be accurate.
FAQs
Utility package to see if the node process can bind to the host or listen on a port. Can be used for checking if a host resolves to localhost.
We found that can-bind-to-host demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Elastic’s return to open source with the AGPL license has been met with skepticism, as many developers see it as a strategic move rather than a genuine effort to restore user trust and freedoms.
Security News
A new "revival hijack" supply chain attack targets deleted Python packages, with an estimated 22K packages at risk. Socket can detect and block hijacked packages that have added malicious code.
Product
We're introducing a new Analytics feature in the Socket dashboard so you can view changes in your organization's and repositories' alerts over time.