Security News
Opengrep Emerges as Open Source Alternative Amid Semgrep Licensing Controversy
Opengrep forks Semgrep to preserve open source SAST in response to controversial licensing changes.
By Sarah Gooding - Jan 28, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
hapi-405-routes
Advanced tools
Hapi-405-Routes
Plugin for Hapi.js to include 405 Method Not Allowed Responses on routes for a given set of methods.
Overview
This plugin registers additional routes with your hapi service for routes with specific methods not implemented.
Say you have a farming web service has an api with only 2 routes:
GET /farm/goats // route which retrieves data about all goats on the farm.
POST /farm/goats // route which allows for creation of additional goats.
By default, hapi responds with a 404 if there is not route/method match registered with the service. If a user were to request OPTIONS /farm/goats they would get a 404 response.
This plugin builds additional routes based on the route paths already implemented which will respond with a 405 status code. Using this plugin and requesting OPTIONS /farm/goats will respond with a 405 Method Not Allowed.
Additionally the 405 routes can be configured to respond with an allow header specifying which methods are allowed for the requested route path. See [options](# Options) below.
Installing
This plugin is available through an npm module.
npm install hapi-405-routes
Usage
This plugin must be registered after the implemented routes have already been registered with the service.
// my service routes
server.route(routes);
// this 405 route plugin
server.register([
{
register: require('hapi-405-routes'),
options: {
methodsToSupport: ['GET', 'DELETE', 'PATCH', 'POST', 'OPTIONS'],
setAllowHeader: true,
log: true
}
}
]);
Options
This plugin supports 4 options passed in during plugin registration: methodsToSupport, setAllowHeader, allowHeadWithGet, and log.
methodsToSupport
- Data Type:
Array<String> - Defaults:
['GET', 'POST', 'DELETE', 'PUT', 'PATCH', 'OPTIONS', 'TRACE'] - Description: This option specifies which methods should respond with a 405 status code: "Method Not Allowed" if not already implemented.
log
- Data Type:
Boolean - Defaults:
false - Description: Enables plugin logging
setAllowHeader
- Data Type:
Boolean - Defaults:
false - Description: Sets an
allowheader with each 405 response containing the methods implemented for the related route path.
allowHeadWithGet
- Data Type:
Boolean - Defaults:
false - Description: Includes
HEADwith the allow header if aGETmethod is implemented for the related route path. (Hapi does not natively supportHEADmethods)
FAQs
Allows 405 'Method Not Allowed' responses for hapi routes
We found that hapi-405-routes demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 02 May 2018
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Node.js EOL Versions CVE Dubbed the "Worst CVE of the Year" by Security Experts
Critics call the Node.js EOL CVE a misuse of the system, sparking debate over CVE standards and the growing noise in vulnerability databases.
By Sarah Gooding - Jan 24, 2025
Security News
cURL Project and Go Security Teams Reject CVSS as Broken
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
By Sarah Gooding - Jan 24, 2025