express-safe-send
Advanced tools
Do not send on already sent Express headers.
npm install express-safe-send
This solves a problem that arises rarely, but persistently, in production deployments. In express route handlers that have defined timeout handling, Node.js timers and timing behaviour can be slighlty undeterministic, because of the nature of Node and libraries that handle timeouts themselves not properly.
Think of a handler that has a 10s timeout defined in which you make a database call (e.g. to postgres) that itself has a timeout of less than 10 seconds set, because you assign it that safe budget. Node.js event loop delays e.g. through parsing of large incoming data, or time that is not accounted for in your database client, like connection delay, may add to your timeout budget, eventually exceeding it.
When the budget is exceeded your API consumer will already have received headers and assume a timeout. However, your handler might not have knowledge about that fact. A synchronous call (they all are) to express send functions, like res.status(200).json({ users: [] }) will then throw an exception, terminating your server hardly.
This plugin exposes a middleware for just ignoring sending, or extending express functions and adding optional callbacks to notify you about it.
const safeSend = require('express-safe-send')
const app = express()
app.use(safeSend())
app.use(timeout('10s'))
app.get('/user', function (req, res, next) {
// make a very long running request, that might time out.
Users.find({}).toArray(function(err, items) {
if (err) return next(err)
// if it (at all) returns the, ignore trying to send the data
// as Node.js would throw in this process.
res.status(200).safeJsonSend(items)
})
})
Type: Object
Type: boolean
Default: false
Override behaviour on the send and json functions via a JS proxy.
Type: Function
optional callback for global notification
const safeSend = require('express-safe-send')
const app = express()
app.use(safeSend({ proxyMode: false }, (err, req, res, next) => {
// an error noting the reason why sending was not possible
console.log(err)
}))
// or
app.use(safeSend((err, req, res, next) => {
// an error noting the reason why sending was not possible
console.log(err)
}))
MIT © Robert Jefe Lindstaedt
FAQs
Do not send on already sent Express headers.
The npm package express-safe-send receives a total of 0 weekly downloads. As such, express-safe-send popularity was classified as not popular.
We found that express-safe-send demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Company News
Socket is joining TC54 to help develop standards for software supply chain security, contributing to the evolution of SBOMs, CycloneDX, and Package URL specifications.
Security News
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
Research
Security News
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.