
Security News
GitHub Actions Supply Chain Attack Puts Thousands of Projects at Risk
A compromised GitHub Action exposed secrets in CI/CD logs, putting thousands of projects at risk and forcing developers to urgently secure their workflows.
http-errors
Advanced tools
The http-errors npm package is used to create HTTP error objects within Node.js applications. It provides a simple way to generate error objects that follow the HTTP response status codes and messages. This can be particularly useful when building web applications or APIs where you need to return specific error information to the client.
Creating HTTP error objects
This feature allows you to create error objects that correspond to HTTP response status codes. You can also provide a custom error message.
{"const createError = require('http-errors');\n\n// Create a 404 Not Found error\nconst notFoundError = createError(404);\n\n// Create a 500 Internal Server Error with a custom message\nconst internalServerError = createError(500, 'Something went wrong!');"}
Creating error objects with properties
This feature allows you to create error objects with additional properties, such as 'expose' to control whether the message should be sent to the client.
{"const createError = require('http-errors');\n\n// Create a 401 Unauthorized error with additional properties\nconst unauthorizedError = createError(401, 'Please login to view this page', { expose: false });"}
Checking if an object is an HTTP error
This feature provides a utility to check if a given object is an instance of an HTTP error.
{"const createError = require('http-errors');\n\n// Create an error object\nconst err = createError(404);\n\n// Check if 'err' is an HTTP error\nconst isError = createError.isHttpError(err); // true"}
Boom is a set of utilities for returning HTTP errors. It is similar to http-errors but also includes a rich set of options for decorating the error object, such as automatic payload formatting according to the error type.
Restify-errors is designed to work with the Restify framework and provides a way to create and manage HTTP errors. It is similar to http-errors but is more tightly integrated with Restify's API.
Create HTTP errors for Express, Koa, Connect, etc. with ease.
This is a Node.js module available through the
npm registry. Installation is done using the
npm install
command:
$ npm install http-errors
var createError = require('http-errors')
var express = require('express')
var app = express()
app.use(function (req, res, next) {
if (!req.user) return next(createError(401, 'Please login to view this page.'))
next()
})
This is the current API, currently extracted from Koa and subject to change.
expose
- can be used to signal if message
should be sent to the client,
defaulting to false
when status
>= 500headers
- can be an object of header names to values to be sent to the
client, defaulting to undefined
. When defined, the key names should all
be lower-casedmessage
- the traditional error message, which should be kept short and all
single linestatus
- the status code of the error, mirroring statusCode
for general
compatibilitystatusCode
- the status code of the error, defaulting to 500
Create a new error object with the given message msg
.
The error object inherits from createError.HttpError
.
var err = createError(404, 'This video does not exist!')
status: 500
- the status code as a numbermessage
- the message of the error, defaulting to node's text for that status code.properties
- custom properties to attach to the objectExtend the given error
object with createError.HttpError
properties. This will not alter the inheritance of the given
error
object, and the modified error
object is the
return value.
fs.readFile('foo.txt', function (err, buf) {
if (err) {
if (err.code === 'ENOENT') {
var httpError = createError(404, err, { expose: false })
} else {
var httpError = createError(500, err)
}
}
})
status
- the status code as a numbererror
- the error object to extendproperties
- custom properties to attach to the objectCreate a new error object with the given message msg
.
The error object inherits from createError.HttpError
.
var err = new createError.NotFound()
code
- the status code as a numbername
- the name of the error as a "bumpy case", i.e. NotFound
or InternalServerError
.Status Code | Constructor Name |
---|---|
400 | BadRequest |
401 | Unauthorized |
402 | PaymentRequired |
403 | Forbidden |
404 | NotFound |
405 | MethodNotAllowed |
406 | NotAcceptable |
407 | ProxyAuthenticationRequired |
408 | RequestTimeout |
409 | Conflict |
410 | Gone |
411 | LengthRequired |
412 | PreconditionFailed |
413 | PayloadTooLarge |
414 | URITooLong |
415 | UnsupportedMediaType |
416 | RangeNotSatisfiable |
417 | ExpectationFailed |
418 | ImATeapot |
421 | MisdirectedRequest |
422 | UnprocessableEntity |
423 | Locked |
424 | FailedDependency |
425 | UnorderedCollection |
426 | UpgradeRequired |
428 | PreconditionRequired |
429 | TooManyRequests |
431 | RequestHeaderFieldsTooLarge |
451 | UnavailableForLegalReasons |
500 | InternalServerError |
501 | NotImplemented |
502 | BadGateway |
503 | ServiceUnavailable |
504 | GatewayTimeout |
505 | HTTPVersionNotSupported |
506 | VariantAlsoNegotiates |
507 | InsufficientStorage |
508 | LoopDetected |
509 | BandwidthLimitExceeded |
510 | NotExtended |
511 | NetworkAuthenticationRequired |
FAQs
Create HTTP error objects
The npm package http-errors receives a total of 39,002,581 weekly downloads. As such, http-errors popularity was classified as popular.
We found that http-errors demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A compromised GitHub Action exposed secrets in CI/CD logs, putting thousands of projects at risk and forcing developers to urgently secure their workflows.
Research
Security News
A malicious Maven package typosquatting a popular library is secretly stealing OAuth credentials on the 15th of each month, putting Java developers at risk.
Security News
Socket and Seal Security collaborate to fix a critical npm overrides bug, resolving a three-year security issue in the JavaScript ecosystem's most popular package manager.