Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
fake-xml-http-request
Advanced tools
This library provide a fake XMLHttpRequest object for testing browser-based libraries. It is partially extracted (and in many places simplified) from Sinon.JS and attempts to match the behavior of XMLHttpRequest specification.
Sinon includes much more than just a fake XHR object which is useful in situations where you may not need mocks, spies, stubs, or fake servers.
In addition to matching the native XMLHttpRequest's API, FakeXMLHttpRequest
adds a respond
function that takes three arguments: a HTTP response status
number, a headers object, and a text response body:
// simulate successful response
import FakeXMLHttpRequest from "fake-xml-http-request";
let xhr = new FakeXMLHttpRequest();
xhr.respond(200, {"Content-Type": "application/json"}, '{"key":"value"}');
xhr.status; // 200
xhr.statusText; // "OK"
xhr.responseText; // '{"key":"value"}'
// simulate failed response
xhr = new FakeXMLHttpRequest();
xhr.abort();
There is no mechanism for swapping the native XMLHttpRequest or for recording, finding, or playing back requests. Libraries using FakeXMLHttpRequest should provide this behavior.
Tests are written in QUnit and run through the Karma test runner.
Run with:
karma start
In order to have a more open and welcoming community this project adheres to a code of conduct adapted from the contributor covenant.
Please adhere to this code of conduct in any interactions you have with this project's community. If you encounter someone violating these terms, please let a maintainer (@trek) know and we will address it as soon as possible.
FAQs
test infrastructure for a fake XMLHttpRequest object
The npm package fake-xml-http-request receives a total of 206,273 weekly downloads. As such, fake-xml-http-request popularity was classified as popular.
We found that fake-xml-http-request demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.