Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
connect-timeout
Advanced tools
Readme
Times out a request in the Connect/Express application framework.
This is a Node.js module available through the
npm registry. Installation is done using the
npm install
command:
$ npm install connect-timeout
NOTE This module is not recommend as a "top-level" middleware (i.e.
app.use(timeout('5s'))
) unless you take precautions to halt your own
middleware processing. See as top-level middleware
for how to use as a top-level middleware.
While the library will emit a 'timeout' event when requests exceed the given timeout, node will continue processing the slow request until it terminates. Slow requests will continue to use CPU and memory, even if you are returning a HTTP response in the timeout callback. For better control over CPU/memory, you may need to find the events that are taking a long time (3rd party HTTP requests, disk I/O, database calls) and find a way to cancel them, and/or close the attached sockets.
Returns middleware that times out in time
milliseconds. time
can also
be a string accepted by the ms
module. On timeout, req
will emit "timeout"
.
The timeout
function takes an optional options
object that may contain
any of the following keys:
Controls if this module will "respond" in the form of forwarding an error.
If true
, the timeout error is passed to next()
so that you may customize
the response behavior. This error has a .timeout
property as well as
.status == 503
. This defaults to true
.
Clears the timeout on the request. The timeout is completely removed and will not fire for this request in the future.
true
if timeout fired; false
otherwise.
Because of the way middleware processing works, once this module passes the request to the next middleware (which it has to do in order for you to do work), it can no longer stop the flow, so you must take care to check if the request has timedout before you continue to act on the request.
var bodyParser = require('body-parser')
var cookieParser = require('cookie-parser')
var express = require('express')
var timeout = require('connect-timeout')
// example of using this top-level; note the use of haltOnTimedout
// after every middleware; it will stop the request flow on a timeout
var app = express()
app.use(timeout('5s'))
app.use(bodyParser())
app.use(haltOnTimedout)
app.use(cookieParser())
app.use(haltOnTimedout)
// Add your routes here, etc.
function haltOnTimedout (req, res, next) {
if (!req.timedout) next()
}
app.listen(3000)
var express = require('express')
var bodyParser = require('body-parser')
var timeout = require('connect-timeout')
var app = express()
app.post('/save', timeout('5s'), bodyParser.json(), haltOnTimedout, function (req, res, next) {
savePost(req.body, function (err, id) {
if (err) return next(err)
if (req.timedout) return
res.send('saved as id ' + id)
})
})
function haltOnTimedout (req, res, next) {
if (!req.timedout) next()
}
function savePost (post, cb) {
setTimeout(function () {
cb(null, ((Math.random() * 40000) >>> 0))
}, (Math.random() * 7000) >>> 0)
}
app.listen(3000)
var bodyParser = require('body-parser')
var connect = require('connect')
var timeout = require('connect-timeout')
var app = connect()
app.use('/save', timeout('5s'), bodyParser.json(), haltOnTimedout, function (req, res, next) {
savePost(req.body, function (err, id) {
if (err) return next(err)
if (req.timedout) return
res.send('saved as id ' + id)
})
})
function haltOnTimedout (req, res, next) {
if (!req.timedout) next()
}
function savePost (post, cb) {
setTimeout(function () {
cb(null, ((Math.random() * 40000) >>> 0))
}, (Math.random() * 7000) >>> 0)
}
app.listen(3000)
FAQs
Request timeout middleware for Connect/Express
The npm package connect-timeout receives a total of 208,007 weekly downloads. As such, connect-timeout popularity was classified as popular.
We found that connect-timeout demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.