Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
formstream
Advanced tools
The formstream npm package is used to create multipart/form-data streams, which are useful for uploading files and data via HTTP requests. It simplifies the process of constructing form data streams, making it easier to handle file uploads in Node.js applications.
Create a form stream
This feature allows you to create a form stream, add fields and files to it, and then generate the stream for use in an HTTP request.
const formstream = require('formstream');
const form = formstream();
form.field('name', 'value');
form.file('file', '/path/to/file');
form.stream();
Add fields to the form
This feature allows you to add text fields to the form stream. Each field is added with a key-value pair.
const form = formstream();
form.field('username', 'john_doe');
form.field('email', 'john@example.com');
Add files to the form
This feature allows you to add files to the form stream. Each file is added with a key and the file path.
const form = formstream();
form.file('profile_picture', '/path/to/profile.jpg');
Generate the form stream
This feature generates the form stream after adding all the fields and files. The generated stream can then be used in an HTTP request.
const form = formstream();
form.field('username', 'john_doe');
form.file('profile_picture', '/path/to/profile.jpg');
const stream = form.stream();
The form-data package is a module to create readable 'multipart/form-data' streams. It is similar to formstream in that it allows you to construct form data streams for file uploads. However, form-data is more widely used and has more extensive documentation and community support.
The multiparty package is a module for parsing multipart/form-data, which is commonly used for file uploads. Unlike formstream, which focuses on creating form data streams, multiparty is used for parsing incoming form data streams. It is useful for handling file uploads on the server side.
The busboy package is a fast and low-level module for parsing incoming HTML form data. It is similar to multiparty in that it is used for parsing form data streams, but it is known for its performance and efficiency. It is a good choice for handling large file uploads.
A multipart/form-data encoded stream, helper for file upload.
$ npm install formstream
var formstream = require('formstream');
var http = require('http');
var form = formstream();
// form.file('file', filepath, filename);
form.file('file', './logo.png', 'upload-logo.png');
// other form fields
form.field('foo', 'fengmk2').field('love', 'aerdeng');
// even send file content buffer directly
// form.buffer(name, buffer, filename, mimeType)
form.buffer('file2', new Buffer('This is file2 content.'), 'foo.txt');
var options = {
method: 'POST',
host: 'upload.cnodejs.net',
path: '/store',
headers: form.headers()
};
var req = http.request(options, function (res) {
console.log('Status: %s', res.statusCode);
res.on('data', function (data) {
console.log(data.toString());
});
});
form.pipe(req);
var fs = require('fs');
var formstream = require('formstream');
var filepath = './logo.png';
fs.stat(filepath, function (err, stat) {
formstream().field('status', 'share picture')
.field('access_token', 'your access token')
.file('pic', filepath, 'logo.png', stat.size)
.pipe(process.stdout); // your request stream
});
Create a form instance.
Form - form instance
Add a normal field to the form.
Form - form instance
Add a local file to be uploaded to the form.
filepath
if empty)Content-Length
header if not specified)Form - form instance
Add a buffer as a file to upload.
filename
if empty)Form - form instance
Add a readable stream as a file to upload. Event 'error' will be emitted if an error occured.
filename
if empty)Content-Length
header if not specified)Form - form instance
Get headers for the request.
var headers = form.headers({
'Authorization': 'Bearer kei2akc92jmznvnkeh09sknzdk',
'Accept': 'application/vnd.github.v3.full+json'
});
Object - Headers to be sent.
Emitted if there was an error receiving data.
The 'data' event emits when a Buffer was used.
See Node.js Documentation for more.
Emitted when the stream has received no more 'data' events will happen.
See Node.js Documentation for more.
(The MIT License)
Copyright (c) 2012 - 2014 fengmk2 <fengmk2@gmail.com> Copyright(c) node-modules and other contributors.
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
A multipart/form-data encoded stream, helper for file upload.
The npm package formstream receives a total of 163,477 weekly downloads. As such, formstream popularity was classified as popular.
We found that formstream demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.