Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
env-hoc
Advanced tools
Readme
Provides an universal HOC (higher-order component) for React components and populates the component props and the getInitialProps args object with an env property, which gives access to cookies, language(s), userAgent and doNotTrack in a standardized way. If you are using Next.js / After.js you will get also access to the IP address and benefit heavily from the standardized API on server-side and client-side.
Accept-Language
&& User-Agent
&& Cookie
&& DNT
headers are parsed and available in the same format as in window
. (same parsing libraries / functions && reformatting && backwards compatibility)Feature requests for additional properties are welcomed
You can install it directly from npm:
npm i env-hoc
or, if you are using yarn:
yarn add env-hoc
Just import the package and add it as a decorator to every page where you want to have access to the env
object.
import React from 'react';
import withEnv from 'env-hoc';
@withEnv
class Environment extends React.Component {
//getInitialProps is a Next.js/After.js thing, just ignore it, if you aren't using one of them
static getInitialProps(args) {
console.log('args.env:', args.env);
}
render() {
console.log('this.props:', this.props.env);
return (
<div>
<h1>Environment</h1>
<pre>userAgent: {this.props.env.userAgent}</pre>
<pre>language: {this.props.env.language}</pre>
<pre>languages: {this.props.env.languages.join(', ')}</pre>
<pre>ipAddress: {this.props.env.ipAddress}</pre>
<pre>cookies: {JSON.stringify(this.props.env.cookies)}</pre>
<pre>doNotTrack: {this.props.env.doNotTrack ? 'true' : 'false'}</pre>
</div>
);
}
}
export default Environment;
/* CONSOLE OUTPUT:
args.env: { userAgent: 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
language: 'de-DE',
languages: [ 'de-DE', 'de', 'en-US', 'en', 'bs', 'hr' ],
cookies: {},
doNotTrack: true,
ipAddress: '::1' }
this.props: { userAgent: 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36',
language: 'de-DE',
languages: [ 'de-DE', 'de', 'en-US', 'en', 'bs', 'hr' ],
cookies: {},
doNotTrack: true,
ipAddress: '::1' }
*/
Just import the package and wrap it around every page where you want to have access to the env
object.
import React from 'react';
import withEnv from 'env-hoc';
class Environment extends React.Component {
//getInitialProps is a Next.js/After.js thing, just ignore it, if you aren't using one of them
static getInitialProps(args) {
console.log('args.env:', args.env);
}
render() {
console.log('this.props:', this.props.env);
return (
<div>
<h1>Environment</h1>
<pre>userAgent: {this.props.env.userAgent}</pre>
<pre>language: {this.props.env.language}</pre>
<pre>languages: {this.props.env.languages.join(', ')}</pre>
<pre>ipAddress: {this.props.env.ipAddress}</pre>
<pre>cookies: {JSON.stringify(this.props.env.cookies)}</pre>
<pre>doNotTrack: {this.props.env.doNotTrack ? 'true' : 'false'}</pre>
</div>
);
}
}
export default withEnv(Environment);
//without decorator
withEnv({
trustProxy: false,
})(Environment);
//with decorator
@withEnv({
trustProxy: false,
})
class Environment extends React.Component {}
You can also configure withEnv once in a file and then import it from there when needed.
//file: configuredWithEnv.js
export default withEnv({
trustProxy: false,
});
//file: page.js
import configuredWithEnv from './configuredWithEnv';
//with decorator
@configuredWithEnv
export default class Environment extends React.Component {}
//without decorator
configuredWithEnv(class Environment extends React.Component {})
withEnv({
useServerProps: {
cookies: true,
languages: true,
},
});
withEnv({
trustProxy: true,
cookieParser: {},
debug: process.env.NODE_ENV === 'development',
useServerProps: false,
});
If you want to be a good programmer or support very old browsers, you should still check if a property is available, if some data isn't available, then it will be always for:
null
{}
So a short if () {}
will do it mostly.
FAQs
Provides an HOC (higher-order component) for Next.js / After.js and populates the component props and the getInitialProps args object with an env property, which gives access to cookies, ipAddress, language(s) and userAgent on server-side and client-side
The npm package env-hoc receives a total of 1 weekly downloads. As such, env-hoc popularity was classified as not popular.
We found that env-hoc demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.