Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
got-caseless
Advanced tools
Human-friendly and powerful HTTP request library for Node.js. Fork that uses caseless instead of lowercase-keys for headers.
Human-friendly and powerful HTTP request library for Node.js
Caseless fork - Preserves the casing of your headers.
Moving from Request? (Note that Request is unmaintained)
See how Got compares to other HTTP libraries
For browser usage, we recommend Ky by the same people.
$ npm install got
const got = require('got');
(async () => {
try {
const response = await got('https://sindresorhus.com');
console.log(response.body);
//=> '<!doctype html> ...'
} catch (error) {
console.log(error.response.body);
//=> 'Internal server error ...'
}
})();
const stream = require('stream');
const {promisify} = require('util');
const fs = require('fs');
const got = require('got');
const pipeline = promisify(stream.pipeline);
(async () => {
await pipeline(
got.stream('https://sindresorhus.com'),
fs.createWriteStream('index.html')
);
// For POST, PUT, and PATCH methods `got.stream` returns a `stream.Writable`
await pipeline(
fs.createReadStream('index.html'),
got.stream.post('https://sindresorhus.com')
);
})();
Tip: Using from.pipe(to)
doesn't forward errors. If you use it, switch to Stream.pipeline(from, ..., to, callback)
instead (available from Node v10).
It's a GET
request by default, but can be changed by using different methods or via options.method
.
By default, Got will retry on failure. To disable this option, set options.retry
to 0
.
Returns a Promise for a response
object or a stream if options.isStream
is set to true.
Type: string | object
The URL to request, as a string, a https.request
options object, or a WHATWG URL
.
Properties from options
will override properties in the parsed url
.
If no protocol is specified, it will throw a TypeError
.
Note: this can also be an option.
Type: object
Any of the https.request
options.
Note: Legacy URL support is disabled. options.path
is supported only for backwards compatibility. Use options.pathname
and options.searchParams
instead. options.auth
has been replaced with options.username
& options.password
.
Type: string | URL
When specified, prefixUrl
will be prepended to url
. The prefix can be any valid URL, either relative or absolute. A trailing slash /
is optional - one will be added automatically.
Note: prefixUrl
will be ignored if the url
argument is a URL instance.
Note: Leading slashes in input
are disallowed when using this option to enforce consistency and avoid confusion. For example, when the prefix URL is https://example.com/foo
and the input is /bar
, there's ambiguity whether the resulting URL would become https://example.com/foo/bar
or https://example.com/bar
. The latter is used by browsers.
Tip: Useful when used with got.extend()
to create niche-specific Got-instances.
Tip: You can change prefixUrl
using hooks as long as the URL still includes the prefixUrl
. If the URL doesn't include it anymore, it will throw.
const got = require('got');
(async () => {
await got('unicorn', {prefixUrl: 'https://cats.com'});
//=> 'https://cats.com/unicorn'
const instance = got.extend({
prefixUrl: 'https://google.com'
});
await instance('unicorn', {
hooks: {
beforeRequest: [
options => {
options.prefixUrl = 'https://cats.com';
}
]
}
});
//=> 'https://cats.com/unicorn'
})();
Type: object
Default: {}
Request headers.
Existing headers will be overwritten. Headers set to undefined
will be omitted.
Type: boolean
Default: false
Returns a Stream
instead of a Promise
. This is equivalent to calling got.stream(url, options?)
.
Type: string | Buffer | stream.Readable
or form-data
instance
Note #1: The body
option cannot be used with the json
or form
option.
Note #2: If you provide this option, got.stream()
will be read-only.
Note #3: If you provide a payload with the GET
or HEAD
method, it will throw a TypeError
unless the method is GET
and the allowGetBody
option is set to true
.
The content-length
header will be automatically set if body
is a string
/ Buffer
/ fs.createReadStream
instance / form-data
instance, and content-length
and transfer-encoding
are not manually set in options.headers
.
Type: object | Array | number | string | boolean | null
(JSON-serializable values)
Note: If you provide this option, got.stream()
will be read-only.
JSON body. If the Content-Type
header is not set, it will be set to application/json
.
Type: object
User data. In contrast to other options, context
is not enumerable.
Note: The object is never merged, it's just passed through. Got will not modify the object in any way.
It's very useful for storing auth tokens:
const got = require('got');
const instance = got.extend({
hooks: {
beforeRequest: [
options => {
if (!options.context && !options.context.token) {
throw new Error('Token required');
}
options.setHeader('token') = options.context.token;
}
]
}
});
(async () => {
const context = {
token: 'secret'
};
const response = await instance('https://httpbin.org/headers', {context});
// Let's see the headers
console.log(response.body);
})();
Type: string
Default: 'text'
Note: When using streams, this option is ignored.
The parsing method. Can be 'text'
, 'json'
or 'buffer'
.
The promise also has .text()
, .json()
and .buffer()
methods which sets this and the resolveBodyOnly
option automatically.
Example:
// This
const body = await got(url).json();
// is the same as this
const body = await got(url, {responseType: 'json', resolveBodyOnly: true});
Type: string
Default: false
When set to true
the promise will return the Response body instead of the Response object.
Type: object
| tough.CookieJar
instance
Note: If you provide this option, options.headers.cookie
will be overridden.
Cookie support. You don't have to care about parsing or how to store them. Example.
Type: Function<Promise>
The function takes two arguments: rawCookie
(string
) and url
(string
).
Type: Function<Promise>
The function takes one argument: url
(string
).
Type: boolean
Default: false
Ignore invalid cookies instead of throwing an error. Only useful when the cookieJar
option has been set. Not recommended.
Type: string
Default: 'utf8'
Encoding to be used on setEncoding
of the response data.
To get a Buffer
, you need to set responseType
to buffer
instead.
Type: object | true
Note: If you provide this option, got.stream()
will be read-only.
The form body is converted to query string using (new URLSearchParams(object)).toString()
.
If set to true
and the Content-Type
header is not set, it will be set to application/x-www-form-urlencoded
.
Type: string | object<string, string | number> | URLSearchParams
Query string that will be added to the request URL. This will override the query string in url
.
If you need to pass in an array, you can do it using a URLSearchParams
instance:
const got = require('got');
const searchParams = new URLSearchParams([['key', 'a'], ['key', 'b']]);
got('https://example.com', {searchParams});
console.log(searchParams.toString());
//=> 'key=a&key=b'
And if you need a different array format, you could use the query-string
package:
const got = require('got');
const queryString = require('query-string');
const searchParams = queryString.stringify({key: ['a', 'b']}, {arrayFormat: 'bracket'});
got('https://example.com', {searchParams});
console.log(searchParams);
//=> 'key[]=a&key[]=b'
Type: number | object
Milliseconds to wait for the server to end the response before aborting the request with got.TimeoutError
error (a.k.a. request
property). By default, there's no timeout.
This also accepts an object
with the following fields to constrain the duration of each phase of the request lifecycle:
lookup
starts when a socket is assigned and ends when the hostname has been resolved. Does not apply when using a Unix domain socket.connect
starts when lookup
completes (or when the socket is assigned if lookup does not apply to the request) and ends when the socket is connected.secureConnect
starts when connect
completes and ends when the handshaking process completes (HTTPS only).socket
starts when the socket is connected. See request.setTimeout.response
starts when the request has been written to the socket and ends when the response headers are received.send
starts when the socket is connected and ends with the request has been written to the socket.request
starts when the request is initiated and ends when the response's end event fires.Type: number | object
Default:
2
({attemptCount, retryOptions, error, computedValue}) => computedValue
GET
PUT
HEAD
DELETE
OPTIONS
TRACE
408
413
429
500
502
503
504
521
522
524
undefined
ETIMEDOUT
ECONNRESET
EADDRINUSE
ECONNREFUSED
EPIPE
ENOTFOUND
ENETUNREACH
EAI_AGAIN
An object representing limit
, calculateDelay
, methods
, statusCodes
, maxRetryAfter
and errorCodes
fields for maximum retry count, retry handler, allowed methods, allowed status codes, maximum Retry-After
time and allowed error codes.
Note: When using streams, this option is ignored. If the connection is reset when downloading, you need to catch the error and clear the file you were writing into to prevent duplicated content.
If maxRetryAfter
is set to undefined
, it will use options.timeout
.
If Retry-After
header is greater than maxRetryAfter
, it will cancel the request.
Delays between retries counts with function 1000 * Math.pow(2, retry) + Math.random() * 100
, where retry
is attempt number (starts from 1).
The calculateDelay
property is a function
that receives an object with attemptCount
, retryOptions
, error
and computedValue
properties for current retry count, the retry options, error and default computed value. The function must return a delay in milliseconds (0
return value cancels retry).
By default, it retries only on the specified methods, status codes, and on these network errors:
ETIMEDOUT
: One of the timeout limits were reached.ECONNRESET
: Connection was forcibly closed by a peer.EADDRINUSE
: Could not bind to any free port.ECONNREFUSED
: Connection was refused by the server.EPIPE
: The remote side of the stream being written has been closed.ENOTFOUND
: Couldn't resolve the hostname to an IP address.ENETUNREACH
: No internet connection.EAI_AGAIN
: DNS lookup timed out.Type: boolean
Default: true
Defines if redirect responses should be followed automatically.
Note that if a 303
is sent by the server in response to any request type (POST
, DELETE
, etc.), Got will automatically request the resource pointed to in the location header via GET
. This is in accordance with the spec.
Type: boolean
Default: true
By default, redirects will use method rewriting. For example, when sending a POST request and receiving a 302
, it will resend the body to the new location using the same HTTP method (POST
in this case).
Type: boolean
Default: false
Note: The RFC 7321 doesn't specify any particular behavior for the GET method having a payload, therefore it's considered an anti-pattern.
Set this to true
to allow sending body for the GET
method. However, the HTTP/2 specification says that An HTTP GET request includes request header fields and no payload body
, therefore when using the HTTP/2 protocol this option will have no effect. This option is only meant to interact with non-compliant servers when you have no other choice.
Type: number
Default: 10
If exceeded, the request will be aborted and a MaxRedirectsError
will be thrown.
Type: boolean
Default: true
Decompress the response automatically. This will set the accept-encoding
header to gzip, deflate, br
on Node.js 11.7.0+ or gzip, deflate
for older Node.js versions, unless you set it yourself.
Brotli (br
) support requires Node.js 11.7.0 or later.
If this is disabled, a compressed response is returned as a Buffer
. This may be useful if you want to handle decompression yourself or stream the raw compressed data.
Type: object
Default: false
Cache adapter instance for storing cached response data.
Type: object
Default: false
Cache adapter instance for storing cached DNS data.
Type: Function
Default: http.request | https.request
(Depending on the protocol)
Custom request function. The main purpose of this is to support HTTP2 using a wrapper.
Type: boolean
Default: false
When used in Electron, Got will use electron.net
instead of the Node.js http
module. According to the Electron docs, it should be fully compatible, but it's not entirely. See #443 and #461.
Type: boolean
Default: true
Determines if a got.HTTPError
is thrown for error responses (non-2xx status codes).
If this is disabled, requests that encounter an error status code will be resolved with the response
instead of throwing. This may be useful if you are checking for resource availability and are expecting error responses.
Same as the agent
option for http.request
, but with an extra feature:
If you require different agents for different protocols, you can pass a map of agents to the agent
option. This is necessary because a request to one protocol might redirect to another. In such a scenario, Got will switch over to the right protocol agent for you.
const got = require('got');
const HttpAgent = require('agentkeepalive');
const {HttpsAgent} = HttpAgent;
got('https://sindresorhus.com', {
agent: {
http: new HttpAgent(),
https: new HttpsAgent()
}
});
Type: object<string, Function[]>
Hooks allow modifications during the request lifecycle. Hook functions may be async and are run serially.
Type: Function[]
Default: []
Called with plain request options, right before their normalization. This is especially useful in conjunction with got.extend()
when the input needs custom handling.
See the Request migration guide for an example.
Note: This hook must be synchronous!
Type: Function[]
Default: []
Called with normalized request options. Got will make no further changes to the request before it is sent (except the body serialization). This is especially useful in conjunction with got.extend()
when you want to create an API client that, for example, uses HMAC-signing.
See the AWS section for an example.
Type: Function[]
Default: []
Called with normalized request options and the redirect response. Got will make no further changes to the request. This is especially useful when you want to avoid dead sites. Example:
const got = require('got');
got('https://example.com', {
hooks: {
beforeRedirect: [
(options, response) => {
if (options.hostname === 'deadSite') {
options.hostname = 'fallbackSite';
}
}
]
}
});
Type: Function[]
Default: []
Note: When using streams, this hook is ignored.
Called with normalized request options, the error and the retry count. Got will make no further changes to the request. This is especially useful when some extra work is required before the next try. Example:
const got = require('got');
got.post('https://example.com', {
hooks: {
beforeRetry: [
(options, error, retryCount) => {
if (error.statusCode === 413) { // Payload too large
options.body = getNewBody();
}
}
]
}
});
Note: When retrying in a afterResponse
hook, all remaining beforeRetry
hooks will be called without the error
and retryCount
arguments.
Type: Function[]
Default: []
Note: When using streams, this hook is ignored.
Called with response object and a retry function. Calling the retry function will trigger beforeRetry
hooks.
Each function should return the response. This is especially useful when you want to refresh an access token. Example:
const got = require('got');
const instance = got.extend({
hooks: {
afterResponse: [
(response, retryWithMergedOptions) => {
if (response.statusCode === 401) { // Unauthorized
const updatedOptions = {
headers: {
token: getNewToken() // Refresh the access token
}
};
// Save for further requests
instance.defaults.options = got.mergeOptions(instance.defaults.options, updatedOptions);
// Make a new retry
return retryWithMergedOptions(updatedOptions);
}
// No changes otherwise
return response;
}
],
beforeRetry: [
(options, error, retryCount) => {
// This will be called on `retryWithMergedOptions(...)`
}
]
},
mutableDefaults: true
});
Type: Function[]
Default: []
Called with an Error
instance. The error is passed to the hook right before it's thrown. This is especially useful when you want to have more detailed errors.
Note: Errors thrown while normalizing input options are thrown directly and not part of this hook.
const got = require('got');
got('https://api.github.com/some-endpoint', {
hooks: {
beforeError: [
error => {
const {response} = error;
if (response && response.body) {
error.name = 'GitHubError';
error.message = `${response.body.message} (${error.statusCode})`;
}
return error;
}
]
}
});
Type: object
Note: This feature is marked as experimental as we're looking for feedback on the API and how it works. The feature itself is stable, but the API may change based on feedback. So if you decide to try it out, we suggest locking down the got
dependency semver range or use a lockfile.
Type: Function
Default: response => JSON.parse(response.body)
A function that transform Response
into an array of items. This is where you should do the parsing.
Type: Function
Default: Link
header logic
A function that returns an object representing Got options pointing to the next page. If there are no more pages, false
should be returned.
Type: Function
Default: (item, allItems) => true
Checks whether the item should be emitted or not.
Type: Function
Default: (item, allItems) => true
Checks whether the pagination should continue.
For example, if you need to stop before emitting an entry with some flag, you should use (item, allItems) => !item.flag
. If you want to stop after emitting the entry, you should use (item, allItems) => allItems.some(entry => entry.flag)
instead.
Type: number
Default: Infinity
The maximum amount of items that should be emitted.
The response object will typically be a Node.js HTTP response stream, however, if returned from the cache it will be a response-like object which behaves in the same way.
Type: object
Note: This is not a http.ClientRequest.
options
- The Got options that were set on this request.Type: string | object | Buffer
(Depending on options.responseType
)
The result of the request.
Type: string
The request URL or the final URL after redirects.
Type: string
The remote IP address.
Note: Not available when the response is cached. This is hopefully a temporary limitation, see lukechilds/cacheable-request#86.
Type: string
The original request URL.
Type: object
The object contains the following properties:
start
- Time when the request started.socket
- Time when a socket was assigned to the request.lookup
- Time when the DNS lookup finished.connect
- Time when the socket successfully connected.secureConnect
- Time when the socket securely connected.upload
- Time when the request finished uploading.response
- Time when the request fired response
event.end
- Time when the response fired end
event.error
- Time when the request fired error
event.abort
- Time when the request fired abort
event.phases
wait
- timings.socket - timings.start
dns
- timings.lookup - timings.socket
tcp
- timings.connect - timings.lookup
tls
- timings.secureConnect - timings.connect
request
- timings.upload - (timings.secureConnect || timings.connect)
firstByte
- timings.response - timings.upload
download
- timings.end - timings.response
total
- (timings.end || timings.error || timings.abort) - timings.start
If something has not been measured yet, it will be undefined
.
Note: The time is a number
representing the milliseconds elapsed since the UNIX epoch.
Type: boolean
Whether the response was retrieved from the cache.
Type: string[]
The redirect URLs.
Type: number
The number of times the request was retried.
Note: Progress events, redirect events and request/response events can also be used with promises.
Note: To access response.isFromCache
you need to use got.stream(url, options).isFromCache
. The value will be undefined until the response
event.
Sets options.isStream
to true
.
Returns a duplex stream with additional events:
request
event to get the request object of the request.
Tip: You can use request
event to abort request:
got.stream('https://github.com')
.on('request', request => setTimeout(() => request.abort(), 50));
The response
event to get the response object of the final request.
The redirect
event to get the response object of a redirect. The second argument is options for the next request to the redirect location.
Progress events for uploading (sending a request) and downloading (receiving a response). The progress
argument is an object like:
{
percent: 0.1,
transferred: 1024,
total: 10240
}
If the content-length
header is missing, total
will be undefined
.
(async () => {
const response = await got('https://sindresorhus.com')
.on('downloadProgress', progress => {
// Report download progress
})
.on('uploadProgress', progress => {
// Report upload progress
});
console.log(response);
})();
The error
event emitted in case of a protocol error (like ENOTFOUND
etc.) or status error (4xx or 5xx). The second argument is the body of the server response in case of status error. The third argument is a response object.
Returns an async iterator:
(async () => {
const countLimit = 10;
const pagination = got.paginate('https://api.github.com/repos/sindresorhus/got/commits', {
_pagination: {countLimit}
});
console.log(`Printing latest ${countLimit} Got commits (newest to oldest):`);
for await (const commitData of pagination) {
console.log(commitData.commit.message);
}
})();
See options._pagination
for more pagination options.
Sets options.method
to the method name and makes a request.
Configure a new got
instance with default options
. The options
are merged with the parent instance's defaults.options
using got.mergeOptions
. You can access the resolved options with the .defaults
property on the instance.
const client = got.extend({
prefixUrl: 'https://example.com',
headers: {
'x-unicorn': 'rainbow'
}
});
client.get('demo');
/* HTTP Request =>
* GET /demo HTTP/1.1
* Host: example.com
* x-unicorn: rainbow
*/
(async () => {
const client = got.extend({
prefixUrl: 'httpbin.org',
headers: {
'x-foo': 'bar'
}
});
const {headers} = await client.get('headers').json();
//=> headers['x-foo'] === 'bar'
const jsonClient = client.extend({
responseType: 'json',
resolveBodyOnly: true,
headers: {
'x-baz': 'qux'
}
});
const {headers: headers2} = await jsonClient.get('headers');
//=> headers2['x-foo'] === 'bar'
//=> headers2['x-baz'] === 'qux'
})();
Additionally, got.extend()
accepts two properties from the defaults
object: mutableDefaults
and handlers
. Example:
// You can now modify `mutableGot.defaults.options`.
const mutableGot = got.extend({mutableDefaults: true});
const mergedHandlers = got.extend({
handlers: [
(options, next) => {
options.getHeader('referer');
return next(options);
}
]
});
Note: Handlers can be asynchronous. The recommended approach is:
const handler = (options, next) => {
if (options.stream) {
// It's a Stream
return next(options);
}
// It's a Promise
return (async () => {
try {
const response = await next(options);
response.yourOwnProperty = true;
return response;
} catch (error) {
// Every error will be replaced by this one.
// Before you receive any error here,
// it will be passed to the `beforeError` hooks first.
// Note: this one won't be passed to `beforeError` hook. It's final.
throw new Error('Your very own error.');
}
})();
};
const instance = got.extend({handlers: [handler]});
Merges many instances into a single one:
got.mergeOptions()
(+ hooks are merged too),instance.defaults.handlers
).It's possible to combine options and instances.
It gives the same effect as got.extend(...options).extend(...instances)
:
const a = {headers: {cat: 'meow'}};
const b = got.extend({
options: {
headers: {
cow: 'moo'
}
}
});
// The same as `got.extend(a).extend(b)`.
// Note `a` is options and `b` is an instance.
got.extend(a, b);
//=> {headers: {cat: 'meow', cow: 'moo'}}
Extends parent options. Avoid using object spread as it doesn't work recursively:
const a = {headers: {cat: 'meow', wolf: ['bark', 'wrrr']}};
const b = {headers: {cow: 'moo', wolf: ['auuu']}};
{...a, ...b} // => {headers: {cow: 'moo', wolf: ['auuu']}}
got.mergeOptions(a, b) // => {headers: {cat: 'meow', cow: 'moo', wolf: ['auuu']}}
Options are deeply merged to a new object. The value of each key is determined as follows:
undefined
, it keeps the old one.URLSearchParams
, a new URLSearchParams instance is created. The values are merged using urlSearchParams.append(key, value)
.URL
and the new value is a string
or URL
, a new URL instance is created: new URL(new, parent)
.object
:
object
too, both values are merged recursively into a new object
.Array
, it overwrites the old one with a deep clone of the new property.Type: object
The Got defaults used in that instance.
Type: Function[]
Default: []
An array of functions. You execute them directly by calling got()
. They are some sort of "global hooks" - these functions are called first. The last handler (it's hidden) is either asPromise
or asStream
, depending on the options.isStream
property.
Each handler takes two arguments:
Returns a Promise
or a Stream
depending on options.isStream
.
const settings = {
handlers: [
(options, next) => {
if (options.isStream) {
// It's a Stream, so we can perform stream-specific actions on it
return next(options)
.on('request', request => {
setTimeout(() => {
request.abort();
}, 50);
});
}
// It's a Promise
return next(options);
}
],
options: got.mergeOptions(got.defaults.options, {
responseType: 'json'
})
};
const jsonGot = got.extend(settings);
Type: boolean
Default: false
A read-only boolean describing whether the defaults are mutable or not. If set to true
, you can update headers over time, for example, update an access token when it expires.
Got exports some handy TypeScript types and interfaces. See the type definition for all the exported types.
TypeScript will automatically infer types for Got instances, but in case you want to define something like dependencies, you can import the available types directly from Got.
import {GotRequestMethod} from 'got';
interface Dependencies {
readonly post: GotRequestMethod
}
When writing hooks, you can refer to their types to keep your interfaces consistent.
import {BeforeRequestHook} from 'got';
const addAccessToken = (accessToken: string): BeforeRequestHook => options => {
options.path = `${options.path}?access_token=${accessToken}`;
}
Each error contains an options
property which are the options Got used to create a request - just to make debugging easier.
When a cache method fails, for example, if the database goes down or there's a filesystem error.
When a request fails. Contains a code
property with error class code, like ECONNREFUSED
.
When reading from response stream fails.
When server response code is 2xx, and parsing body fails. Includes a response
property.
When the server response code is not 2xx. Includes a response
property.
When the server redirects you more than ten times. Includes a response
property.
When given an unsupported protocol.
When the request is aborted with .cancel()
.
When the request is aborted due to a timeout. Includes an event
and timings
property.
The promise returned by Got has a .cancel()
method which when called, aborts the request.
(async () => {
const request = got(url, options);
// …
// In another part of the code
if (something) {
request.cancel();
}
// …
try {
await request;
} catch (error) {
if (request.isCanceled) { // Or `error instanceof got.CancelError`
// Handle cancelation
}
// Handle other errors
}
})();
When using hooks, simply throw an error to abort the request.
const got = require('got');
(async () => {
const request = got(url, {
hooks: {
beforeRequest: [
() => {
throw new Error('Oops. Request canceled.');
}
]
}
});
try {
await request;
} catch (error) {
// …
}
})();
Got implements RFC 7234 compliant HTTP caching which works out of the box in-memory and is easily pluggable with a wide range of storage adapters. Fresh cache entries are served directly from the cache, and stale cache entries are revalidated with If-None-Match
/If-Modified-Since
headers. You can read more about the underlying cache behavior in the cacheable-request
documentation. For DNS cache, Got uses cacheable-lookup
.
You can use the JavaScript Map
type as an in-memory cache:
const got = require('got');
const map = new Map();
(async () => {
let response = await got('https://sindresorhus.com', {cache: map});
console.log(response.isFromCache);
//=> false
response = await got('https://sindresorhus.com', {cache: map});
console.log(response.isFromCache);
//=> true
})();
Got uses Keyv internally to support a wide range of storage adapters. For something more scalable you could use an official Keyv storage adapter:
$ npm install @keyv/redis
const got = require('got');
const KeyvRedis = require('@keyv/redis');
const redis = new KeyvRedis('redis://user:pass@localhost:6379');
got('https://sindresorhus.com', {cache: redis});
Got supports anything that follows the Map API, so it's easy to write your own storage adapter or use a third-party solution.
For example, the following are all valid storage adapters:
const storageAdapter = new Map();
// Or
const storageAdapter = require('./my-storage-adapter');
// Or
const QuickLRU = require('quick-lru');
const storageAdapter = new QuickLRU({maxSize: 1000});
got('https://sindresorhus.com', {cache: storageAdapter});
View the Keyv docs for more information on how to use storage adapters.
You can use the tunnel
package with the agent
option to work with proxies:
const got = require('got');
const tunnel = require('tunnel');
got('https://sindresorhus.com', {
agent: tunnel.httpOverHttp({
proxy: {
host: 'localhost'
}
})
});
Alternatively, use global-agent
to configure a global proxy for all HTTP/HTTPS traffic in your program.
You can use the tough-cookie
package:
const {promisify} = require('util');
const got = require('got');
const {CookieJar} = require('tough-cookie');
(async () => {
const cookieJar = new CookieJar();
const setCookie = promisify(cookieJar.setCookie.bind(cookieJar));
await setCookie('foo=bar', 'https://example.com');
await got('https://example.com', {cookieJar});
})();
You can use the form-data
package to create POST request with form data:
const fs = require('fs');
const got = require('got');
const FormData = require('form-data');
const form = new FormData();
form.append('my_file', fs.createReadStream('/foo/bar.jpg'));
got.post('https://example.com', {
body: form
});
You can use the oauth-1.0a
package to create a signed OAuth request:
const got = require('got');
const crypto = require('crypto');
const OAuth = require('oauth-1.0a');
const oauth = OAuth({
consumer: {
key: process.env.CONSUMER_KEY,
secret: process.env.CONSUMER_SECRET
},
signature_method: 'HMAC-SHA1',
hash_function: (baseString, key) => crypto.createHmac('sha1', key).update(baseString).digest('base64')
});
const token = {
key: process.env.ACCESS_TOKEN,
secret: process.env.ACCESS_TOKEN_SECRET
};
const url = 'https://api.twitter.com/1.1/statuses/home_timeline.json';
got(url, {
headers: oauth.toHeader(oauth.authorize({url, method: 'GET'}, token)),
responseType: 'json'
});
Requests can also be sent via unix domain sockets. Use the following URL scheme: PROTOCOL://unix:SOCKET:PATH
.
PROTOCOL
- http
or https
(optional)SOCKET
- Absolute path to a unix domain socket, for example: /var/run/docker.sock
PATH
- Request path, for example: /v2/keys
const got = require('got');
got('http://unix:/var/run/docker.sock:/containers/json');
// Or without protocol (HTTP by default)
got('unix:/var/run/docker.sock:/containers/json');
Requests to AWS services need to have their headers signed. This can be accomplished by using the aws4
package. This is an example for querying an "API Gateway" with a signed request.
const got = require('got');
const AWS = require('aws-sdk');
const aws4 = require('aws4');
const chain = new AWS.CredentialProviderChain();
// Create a Got instance to use relative paths and signed requests
const awsClient = got.extend({
prefixUrl: 'https://<api-id>.execute-api.<api-region>.amazonaws.com/<stage>/',
hooks: {
beforeRequest: [
async options => {
const credentials = await chain.resolvePromise();
aws4.sign(options, credentials);
}
]
}
});
const response = await awsClient('endpoint/path', {
// Request-specific options
});
You can test your requests by using the nock
package to mock an endpoint:
const got = require('got');
const nock = require('nock');
nock('https://sindresorhus.com')
.get('/')
.reply(200, 'Hello world!');
(async () => {
const response = await got('https://sindresorhus.com');
console.log(response.body);
//=> 'Hello world!'
})();
For real integration testing we recommend using ava
with create-test-server
. We're using a macro so we don't have to server.listen()
and server.close()
every test. Take a look at one of our tests:
test('retry function gets iteration count', withServer, async (t, server, got) => {
let knocks = 0;
server.get('/', (request, response) => {
if (knocks++ === 1) {
response.end('who`s there?');
}
});
await got({
retry: {
calculateDelay: ({attemptCount}) => {
t.true(is.number(attemptCount));
return attemptCount < 2 ? 1 : 0;
}
}
});
});
To pass an object as the body, you need to use the json
option. It will be stringified using JSON.stringify
. Example:
const got = require('got');
(async () => {
const {body} = await got.post('https://httpbin.org/anything', {
json: {
hello: 'world'
},
responseType: 'json'
});
console.log(body.data);
//=> '{"hello":"world"}'
})();
To receive a JSON body you can either set responseType
option to json
or use promise.json()
. Example:
const got = require('got');
(async () => {
const body = await got.post('https://httpbin.org/anything', {
json: {
hello: 'world'
}
}).json();
console.log(body);
//=> {…}
})();
It's a good idea to set the 'user-agent'
header so the provider can more easily see how their resource is used. By default, it's the URL to this repo. You can omit this header by setting it to undefined
.
const got = require('got');
const pkg = require('./package.json');
got('https://sindresorhus.com', {
headers: {
'user-agent': `my-package/${pkg.version} (https://github.com/username/my-package)`
}
});
got('https://sindresorhus.com', {
headers: {
'user-agent': undefined
}
});
Bear in mind; if you send an if-modified-since
header and receive a 304 Not Modified
response, the body will be empty. It's your responsibility to cache and retrieve the body contents.
Use got.extend()
to make it nicer to work with REST APIs. Especially if you use the prefixUrl
option.
const got = require('got');
const pkg = require('./package.json');
const custom = got.extend({
prefixUrl: 'example.com',
responseType: 'json',
headers: {
'user-agent': `my-package/${pkg.version} (https://github.com/username/my-package)`
}
});
// Use `custom` exactly how you use `got`
(async () => {
const list = await custom('v1/users/list');
})();
Got provides an experimental support for HTTP2 using the http2-wrapper
package:
const got = require('got');
const {request} = require('http2-wrapper');
const h2got = got.extend({request});
(async () => {
const {body} = await h2got('https://nghttp2.org/httpbin/headers');
console.log(body);
})();
Got was created because the popular request
package is bloated:
Furthermore, Got is fully written in TypeScript.
Some of the Got features may not work properly. See #899 for more info.
got | request | node-fetch | ky | axios | superagent | |
---|---|---|---|---|---|---|
HTTP/2 support | :grey_question: | :x: | :x: | :x: | :x: | :heavy_check_mark:** |
Browser support | :x: | :x: | :heavy_check_mark:* | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
Promise API | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
Stream API | :heavy_check_mark: | :heavy_check_mark: | Node.js only | :x: | :x: | :heavy_check_mark: |
Pagination API | :sparkle: | :x: | :x: | :x: | :x: | :x: |
Request cancelation | :heavy_check_mark: | :x: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
RFC compliant caching | :heavy_check_mark: | :x: | :x: | :x: | :x: | :x: |
Cookies (out-of-box) | :heavy_check_mark: | :heavy_check_mark: | :x: | :x: | :x: | :x: |
Follows redirects | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
Retries on failure | :heavy_check_mark: | :x: | :x: | :heavy_check_mark: | :x: | :heavy_check_mark: |
Progress events | :heavy_check_mark: | :x: | :x: | :heavy_check_mark:*** | Browser only | :heavy_check_mark: |
Handles gzip/deflate | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
Advanced timeouts | :heavy_check_mark: | :x: | :x: | :x: | :x: | :x: |
Timings | :heavy_check_mark: | :heavy_check_mark: | :x: | :x: | :x: | :x: |
Errors with metadata | :heavy_check_mark: | :x: | :x: | :heavy_check_mark: | :heavy_check_mark: | :x: |
JSON mode | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: | :heavy_check_mark: |
Custom defaults | :heavy_check_mark: | :heavy_check_mark: | :x: | :heavy_check_mark: | :heavy_check_mark: | :x: |
Composable | :heavy_check_mark: | :x: | :x: | :x: | :x: | :heavy_check_mark: |
Hooks | :heavy_check_mark: | :x: | :x: | :heavy_check_mark: | :heavy_check_mark: | :x: |
Issues open | ||||||
Issues closed | ||||||
Downloads | ||||||
Coverage | ||||||
Build | ||||||
Bugs | ||||||
Dependents | ||||||
Install size |
* It's almost API compatible with the browser fetch
API.
** Need to switch the protocol manually. Doesn't accept PUSH streams and doesn't reuse HTTP/2 sessions.
*** Currently, only DownloadProgress
event is supported, UploadProgress
event is not supported.
:sparkle: Almost-stable feature, but the API may change. Don't hestitate to try it out!
:grey_question: Feature in early stage of development. Very experimental.
Click here to see the install size of the Got dependencies.
fetch
interfaceSindre Sorhus | Szymon Marczak |
FAQs
Human-friendly and powerful HTTP request library for Node.js. Fork that uses caseless instead of lowercase-keys for headers.
The npm package got-caseless receives a total of 105 weekly downloads. As such, got-caseless popularity was classified as not popular.
We found that got-caseless demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.