Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
follow-redirects
Advanced tools
The follow-redirects npm package is a drop-in replacement for Node.js' native http and https modules that automatically follows HTTP(S) redirects. It provides an easy way to make HTTP(S) requests without having to manually handle redirection logic.
HTTP/HTTPS request with automatic redirection
This code demonstrates how to make a simple HTTP GET request that automatically follows redirects using the follow-redirects package.
const http = require('follow-redirects').http;
http.get('http://example.com', (response) => {
response.on('data', (chunk) => {
console.log(chunk.toString());
});
}).on('error', (err) => {
console.error(err);
});
Customizing redirect options
This code snippet shows how to customize the behavior of follow-redirects by setting the maximum number of redirects to follow and adding a hook to log the URL before redirecting.
const https = require('follow-redirects').https;
const options = {
maxRedirects: 10,
beforeRedirect: (options, { headers }) => {
console.log(`Redirecting to: ${options.hostname}${options.path}`);
}
};
https.get('https://example.com', options, (response) => {
// Handle response
}).on('error', (err) => {
console.error(err);
});
Streaming response data
This example demonstrates how to stream data from an HTTP GET request to a file, which is useful for downloading files while following redirects.
const http = require('follow-redirects').http;
const fs = require('fs');
const file = fs.createWriteStream('downloaded_file.txt');
http.get('http://example.com/file', (response) => {
response.pipe(file);
}).on('error', (err) => {
console.error(err);
});
Axios is a promise-based HTTP client for the browser and Node.js that supports automatic redirection. It provides a more feature-rich API compared to follow-redirects, including interceptors, request cancellation, and protection against XSRF.
Request is a simplified HTTP request client that supports redirection by default. It is no longer maintained, but it was once a popular choice for making HTTP requests in Node.js. It offered a higher-level API with convenience methods and support for forms and multipart file uploads.
Got is a human-friendly and powerful HTTP request library for Node.js. It handles redirections by default and provides a wide range of options for customization, retries, streams, and more. It is designed to be a more modern and feature-rich alternative to other HTTP request libraries.
Node-fetch is a light-weight module that brings the Fetch API to Node.js. It follows redirects by default and aims to provide a consistent API with the browser's fetch function. It is a good choice for those who prefer the Fetch API's promise-based syntax.
Drop in replacement for Nodes http
and https
that automatically follows redirects.
follow-redirects
provides request and get
methods that behave identically to those found on the native http and https
modules, with the exception that they will seamlessly follow redirects.
var http = require('follow-redirects').http;
var https = require('follow-redirects').https;
http.get('http://bit.ly/900913', function (res) {
res.on('data', function (chunk) {
console.log(chunk);
});
}).on('error', function (err) {
console.error(err);
});
By default the number of redirects is limited to 5, but you can modify that globally or per request.
require('follow-redirects').maxRedirects = 10; // Has global affect (be careful!)
https.request({
host: 'bitly.com',
path: '/UHfDGO',
maxRedirects: 3 // per request setting
}, function (res) {/* ... */});
You can inspect the redirection chain from the fetchedUrls
array on the response
.
The array is populated in reverse order, so the original url you requested will be the
last element, while the final redirection point will be at index 0.
https.request({
host: 'bitly.com',
path: '/UHfDGO',
}, function (res) {
console.log(res.fetchedUrls);
// [ 'http://duckduckgo.com/robots.txt', 'http://bitly.com/UHfDGO' ]
});
Due to the way XMLHttpRequest
works, the browserify
versions of http
and https
already follow redirects.
If you are only targetting the browser, then this library has little value for you. If you want to write cross
platform code for node and the browser, follow-redirects
provides a great solution for making the native node
modules behave the same as they do in browserified builds in the browser. To avoid bundling unnecessary code
you should tell browserify to swap out follow-redirects
with the standard modules when bundling.
To make this easier, you need to change how you require the modules:
var http = require('follow-redirects/http');
var https = require('follow-redirects/https');
You can then replace follow-redirects
in your browserify configuration like so:
"browser": {
"follow-redirects/http" : "http",
"follow-redirects/https" : "https"
}
The browserify-http
module has not kept pace with node development, and no long behaves identically to the native
module when running in the browser. If you are experiencing problems, you may want to check out
browserify-http-2. It is more actively maintained and
attempts to address a few of the shortcomings of browserify-http
. In that case, your browserify config should
look something like this:
"browser": {
"follow-redirects/http" : "browserify-http-2/http",
"follow-redirects/https" : "browserify-http-2/https"
}
Pull Requests are always welcome. Please file an issue
detailing your proposal before you invest your valuable time. Additional features and bug fixes should be accompanied
by tests. You can run the test suite locally with a simple npm test
command.
follow-redirects
uses the excellent debug for logging. To turn on logging
set the environment variable DEBUG=follow-redirects
for debug output from just this module. When running the test
suite it is sometimes advantageous to set DEBUG=*
to see output from the express server as well.
Olivier Lalonde (olalonde@gmail.com)
James Talmage (james@talmage.io)
FAQs
HTTP and HTTPS modules that follow redirects.
We found that follow-redirects demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.