Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
By Sarah Gooding - Feb 07, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
cf-api
A pluggable JSON API server
This is CatfishApi but without all of the bloat and a simple API to register plugins. Everything becomes a plugin.
Installation
npm install --save cf-api
Usage
var createApi = require('cf-api')
var api = createApi(options)
server = api.initialize()
server.get('/', homepage)
server.post('/form', submit)
// This tells the api that you've finised adding your routes
// and you now want it to add the error handling middleware
server.emit('preBoot')
server.listen(port)
API API
var api = createApi(Object: options)
Create an API instance. There are two options available:
checkOrigin- a function with the signaturefunction (url, cb) {}to checkreq.headers.origin.cb(null, true)to allow andorigin,cb(null, false)to deny an origin. Defaults tocb(null, true)for all requests, meaning all cross-domain requests are allowed. It is up to the user to implement their whitelist/blacklist.logger- a logger object with methodsdebug(),info(),warn()anderror()(default:console).maxBodySize- an option to be passed along to the body-parser json middleware function. If this is a number it will be the number of bytes, otherwise it will be parsed by the bytes module (default:undefinedwhich falls back to the body parser default of'100kB').
For backwards compatibility, the allowedDomains option still works and generates a checkOrigin function for you.
api.initialize()
Create and return the server.
Changelog
2.0.0
- Plugin interface now totally removed. Application components are registered outside of the scope of this module.
- User must call
server.emit('preBoot')after all routes have been added to make tell the api to add the last piece of middleware: the error handler. This is due to a change in Express 4.
1.1.0
- API now allows binary request bodies as well as json
1.0.1
- Fixed cors middleware not terminating preflight requests. Do not use 1.0.0, please upgrade.
1.0.0
- Added
checkOriginoption in place ofallowedDomains. Latter is still supported for compatibility.
Pre 1.0.0
- Unstable!
Credits
Built by developers at Clock.
Licence
Licensed under the New BSD License
FAQs
A pluggable JSON API server
The npm package cf-api receives a total of 0 weekly downloads. As such, cf-api popularity was classified as not popular.
We found that cf-api demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 14 Mar 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Linux Foundation Warns Open Source Developers: Compliance with Sanctions Is Not Optional
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
By Sarah Gooding - Feb 06, 2025
Security News
Maven Central Adds Sigstore Signature Validation
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
By Sarah Gooding - Feb 06, 2025