Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

express-combo

Package Overview
Dependencies
Maintainers
7
Versions
6
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

express-combo

Combo handler for express applications

  • 1.0.0
  • latest
  • Source
  • npm
  • Socket score
Version published
Maintainers
7
Created
Source

This repository has been deprecated

Express Combo

Combo handler for express applications.

Build Status

Goals

  • register and serve static assets from a specific folder
  • register and serve static assets based on an explicit mapping to protect other files that should not be exposed
  • serve combo urls based on the static assets that were registered

Installation

Install using npm:

$ npm install express-combo

Usage

var express = require('express'),
    app = express(),
    statichandler = require('express-combo');

app.get('/static', statichandler.folder('public', 'full/path/to/folder/'));

app.get('/static', statichandler.map('protected', {
    'something/foo.js": "full/path/to/something/foo.js',
    'bar.js": "full/path/to/something/bar.js'
}));

app.get('/static', statichandler.combine({
    comboBase: '/combo~',
    comboSep: '~'
}));

The example above will allow you to access any file within the folder full/path/to/folder/ by following the route:

In this case, serving files without any protection, which means all files could be accessed. Under the hood this is equivalent to use express.static middleware. It also expose two files, but this time adding some explicit mapping for them, exposing:

It protects any other file within the those folders. It also provides a nice abstraction where filenames and paths in the filesystem are not longer relevant when it comes to serve them, and the mapping has to be explicit.

And last, but not least, it turns on the combo capabilities for all the previous registered assets, and doing so by defining the separator token. As a result, a urls like these will be valid:

Note: the /static prefix is optional, and you can remove it all together, and even use app.use() directly for those middleware.

TODO

  • support custom filters (regex) to include and/or exclude assets thru folder and map.
  • css relative path correction when serving thru combo

License

This software is free to use under the Yahoo! Inc. BSD license. See the LICENSE file for license text and copyright information.

Contribute

See the CONTRIBUTE file for info.

Keywords

FAQs

Package last updated on 16 Aug 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Fluent Assertions Faces Backlash After Abandoning Open Source Licensing

Security News

Fluent Assertions Faces Backlash After Abandoning Open Source Licensing

Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.

By Sarah Gooding  -  Jan 18, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc