Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
ecstatic-enodirfix
Advanced tools
A simple static file server middleware that works with both Express and Flatiron
A simple static file server middleware. Use it with a raw http server, express/connect, or flatiron/union!
var http = require('http');
var express = require('express');
var ecstatic = require('ecstatic');
var app = express();
app.use(ecstatic({ root: __dirname + '/public' }));
http.createServer(app).listen(8080);
console.log('Listening on :8080');
var union = require('union');
var ecstatic = require('ecstatic');
union.createServer({
before: [
ecstatic({ root: __dirname + '/public' }),
]
}).listen(8080);
console.log('Listening on :8080');
var http = require('http');
var ecstatic = require('ecstatic');
http.createServer(
ecstatic({ root: __dirname + '/public' })
).listen(8080);
console.log('Listening on :8080');
To allow fall through to your custom routes:
ecstatic({ root: __dirname + '/public', handleError: false })
Pass ecstatic an options hash, and it will return your middleware!
var opts = {
root : __dirname + '/public',
baseDir : '/',
cache : 3600,
showDir : true,
autoIndex : false,
humanReadable : true,
si : false,
defaultExt : 'html',
gzip : false,
serverHeader : true
}
If opts
is a string, the string is assigned to the root folder and all other
options are set to their defaults.
opts.root
opts.root
is the directory you want to serve up.
opts.baseDir
opts.baseDir
is /
by default, but can be changed to allow your static files
to be served off a specific route. For example, if opts.baseDir === "blog"
and opts.root = "./public"
, requests for localhost:8080/blog/index.html
will
resolve to ./public/index.html
.
opts.cache
Customize cache control with opts.cache
, if it is a number then it will set max-age in seconds.
Other wise it will pass through directly to cache-control. Time defaults to 3600 s (ie, 1 hour).
opts.showDir
Turn off directory listings with opts.showDir === false
. Defaults to true.
opts.humanReadable
If showDir is enabled, add human-readable file sizes. Defaults to true.
Aliases are humanreadable
and human-readable
.
opts.si
If showDir and humanReadable are enabled, print file sizes with base 1000 instead
of base 1024. Name is inferred from cli options for ls
. Aliased to index
, the
equivalent option in Apache.
opts.autoIndex
Serve /path/index.html
when /path/
is requested.
Turn off autoIndexing with opts.autoIndex === false
. Defaults to true.
opts.defaultExt
Turn on default file extensions with opts.defaultExt
. If opts.defaultExt
is
true, it will default to html
. For example if you want a request to /a-file
to resolve to ./public/a-file.html
, set this to true
. If you want
/a-file
to resolve to ./public/a-file.json
instead, set opts.defaultExt
to
json
.
opts.gzip
Set opts.gzip === true
in order to turn on "gzip mode," wherein ecstatic will
serve ./public/some-file.js.gz
in place of ./public/some-file.js
when the
gzipped version exists and ecstatic determines that the behavior is appropriate.
opts.serverHeader
Set opts.serverHeader
to false in order to turn off setting the Server
header
on all responses served by ecstatic.
opts.contentType
Set opts.contentType
in order to change default Content-Type header value.
Defaults to application/octet-stream.
opts.handleError
Turn off handleErrors to allow fall-through with opts.handleError === false
, Defaults to true.
This works more or less as you'd expect.
This returns another middleware which will attempt to show a directory view. Turning on auto-indexing is roughly equivalent to adding this middleware after an ecstatic middleware with autoindexing disabled.
ecstatic
commandto start a standalone static http server,
run npm install -g ecstatic
and then run ecstatic [dir?] [options] --port PORT
all options work as above, passed in optimist style.
port
defaults to 8000
. If a dir
or --root dir
argument is not passed, ecsatic will
serve the current dir.
Ecstatic has a fairly extensive test suite. You can run it with:
$ npm test
Without outside contributions, ecstatic would wither and die! Before contributing, take a quick look at the contributing guidelines in ./CONTRIBUTING.md . They're relatively painless, I promise.
MIT.
FAQs
A simple static file server middleware that works with both Express and Flatiron
The npm package ecstatic-enodirfix receives a total of 0 weekly downloads. As such, ecstatic-enodirfix popularity was classified as not popular.
We found that ecstatic-enodirfix demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.