Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
http-errors
Advanced tools
Package description
The http-errors npm package is used to create HTTP error objects within Node.js applications. It provides a simple way to generate error objects that follow the HTTP response status codes and messages. This can be particularly useful when building web applications or APIs where you need to return specific error information to the client.
Creating HTTP error objects
This feature allows you to create error objects that correspond to HTTP response status codes. You can also provide a custom error message.
{"const createError = require('http-errors');\n\n// Create a 404 Not Found error\nconst notFoundError = createError(404);\n\n// Create a 500 Internal Server Error with a custom message\nconst internalServerError = createError(500, 'Something went wrong!');"}
Creating error objects with properties
This feature allows you to create error objects with additional properties, such as 'expose' to control whether the message should be sent to the client.
{"const createError = require('http-errors');\n\n// Create a 401 Unauthorized error with additional properties\nconst unauthorizedError = createError(401, 'Please login to view this page', { expose: false });"}
Checking if an object is an HTTP error
This feature provides a utility to check if a given object is an instance of an HTTP error.
{"const createError = require('http-errors');\n\n// Create an error object\nconst err = createError(404);\n\n// Check if 'err' is an HTTP error\nconst isError = createError.isHttpError(err); // true"}
Boom is a set of utilities for returning HTTP errors. It is similar to http-errors but also includes a rich set of options for decorating the error object, such as automatic payload formatting according to the error type.
Restify-errors is designed to work with the Restify framework and provides a way to create and manage HTTP errors. It is similar to http-errors but is more tightly integrated with Restify's API.
Readme
Create HTTP errors for Express, Koa, Connect, etc. with ease.
This is a Node.js module available through the
npm registry. Installation is done using the
npm install
command:
$ npm install http-errors
var createError = require('http-errors')
var express = require('express')
var app = express()
app.use(function (req, res, next) {
if (!req.user) return next(createError(401, 'Please login to view this page.'))
next()
})
This is the current API, currently extracted from Koa and subject to change.
expose
- can be used to signal if message
should be sent to the client,
defaulting to false
when status
>= 500headers
- can be an object of header names to values to be sent to the
client, defaulting to undefined
. When defined, the key names should all
be lower-casedmessage
- the traditional error message, which should be kept short and all
single linestatus
- the status code of the error, mirroring statusCode
for general
compatibilitystatusCode
- the status code of the error, defaulting to 500
Create a new error object with the given message msg
.
The error object inherits from createError.HttpError
.
var err = createError(404, 'This video does not exist!')
status: 500
- the status code as a numbermessage
- the message of the error, defaulting to node's text for that status code.properties
- custom properties to attach to the objectExtend the given error
object with createError.HttpError
properties. This will not alter the inheritance of the given
error
object, and the modified error
object is the
return value.
fs.readFile('foo.txt', function (err, buf) {
if (err) {
if (err.code === 'ENOENT') {
var httpError = createError(404, err, { expose: false })
} else {
var httpError = createError(500, err)
}
}
})
status
- the status code as a numbererror
- the error object to extendproperties
- custom properties to attach to the objectCreate a new error object with the given message msg
.
The error object inherits from createError.HttpError
.
var err = new createError.NotFound()
code
- the status code as a numbername
- the name of the error as a "bumpy case", i.e. NotFound
or InternalServerError
.Status Code | Constructor Name |
---|---|
400 | BadRequest |
401 | Unauthorized |
402 | PaymentRequired |
403 | Forbidden |
404 | NotFound |
405 | MethodNotAllowed |
406 | NotAcceptable |
407 | ProxyAuthenticationRequired |
408 | RequestTimeout |
409 | Conflict |
410 | Gone |
411 | LengthRequired |
412 | PreconditionFailed |
413 | PayloadTooLarge |
414 | URITooLong |
415 | UnsupportedMediaType |
416 | RangeNotSatisfiable |
417 | ExpectationFailed |
418 | ImATeapot |
421 | MisdirectedRequest |
422 | UnprocessableEntity |
423 | Locked |
424 | FailedDependency |
425 | UnorderedCollection |
426 | UpgradeRequired |
428 | PreconditionRequired |
429 | TooManyRequests |
431 | RequestHeaderFieldsTooLarge |
451 | UnavailableForLegalReasons |
500 | InternalServerError |
501 | NotImplemented |
502 | BadGateway |
503 | ServiceUnavailable |
504 | GatewayTimeout |
505 | HTTPVersionNotSupported |
506 | VariantAlsoNegotiates |
507 | InsufficientStorage |
508 | LoopDetected |
509 | BandwidthLimitExceeded |
510 | NotExtended |
511 | NetworkAuthenticationRequired |
FAQs
Create HTTP error objects
The npm package http-errors receives a total of 50,465,280 weekly downloads. As such, http-errors popularity was classified as popular.
We found that http-errors demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.