Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
http-headers
Advanced tools
Parse the start-line and headers from an HTTP request or reponse.
Converts:
HTTP/1.1 200 OK
Date: Tue, 10 Jun 2014 07:19:27 GMT
Connection: keep-alive
Transfer-Encoding: chunked
Hello World
To this:
{
version: { major: 1, minor: 1 },
statusCode: 200,
statusMessage: 'OK',
headers: {
date: 'Tue, 10 Jun 2014 07:19:27 GMT',
connection: 'keep-alive',
'transfer-encoding': 'chunked'
}
}
Features:
npm install http-headers --save
var net = require('net')
var httpHeaders = require('http-headers')
// create TCP server
net.createServer(function (c) {
var buffers = []
c.on('data', buffers.push.bind(buffers))
c.on('end', function () {
var data = Buffer.concat(buffers)
// parse incoming data as an HTTP request and extra HTTP headers
console.log(httpHeaders(data))
})
}).listen(8080)
http.ServerReponse
supportIf given an instance of http.ServerResponse
, the reponse headers is
automatically extracted, parsed and returned:
var http = require('http')
var httpHeaders = require('http-headers')
http.createServer(function (req, res) {
res.end('Hello World')
console.log(httpHeaders(res))
}).listen(8080)
If you've ever needed to log or in another way access the headers sent
to the client on a http.ServerResponse
in Node.js, you know it's not
as easy as with the http.IncomingMessage
headers (which you just
access via request.headers['content-type']
).
Response headers are not directly available on the response
object.
Instead all headers are preprocessed as a string on the private
response._header
property and needs to be processed in order to be
available as an object.
This module makes the task super simple.
The http-headers module exposes a single parser function:
httpHeaders(data[, onlyHeaders])
Arguments:
data
- A string, buffer or instance of http.ServerReponse
onlyHeaders
- An optional boolean. If true
, only the headers
object will be returned. Defaults to false
If given a request as input:
GET /foo HTTP/1.1
Date: Tue, 10 Jun 2014 07:19:27 GMT
Connection: keep-alive
Transfer-Encoding: chunked
Hello World
Returns:
{
method: 'GET',
url: '/foo',
version: { major: 1, minor: 1 },
headers: {
date: 'Tue, 10 Jun 2014 07:19:27 GMT',
connection: 'keep-alive',
'transfer-encoding': 'chunked'
}
}
If given a request as input:
HTTP/1.1 200 OK
Date: Tue, 10 Jun 2014 07:19:27 GMT
Connection: keep-alive
Transfer-Encoding: chunked
Hello World
Returns:
{
version: { major: 1, minor: 1 },
statusCode: 200,
statusMessage: 'OK',
headers: {
date: 'Tue, 10 Jun 2014 07:19:27 GMT',
connection: 'keep-alive',
'transfer-encoding': 'chunked'
}
}
onlyHeaders
exampleIf the optional second argument is set to true
, only headers are
returned no matter the type of input:
{
date: 'Tue, 10 Jun 2014 07:19:27 GMT',
connection: 'keep-alive',
'transfer-encoding': 'chunked'
}
If the data
given does not contain an HTTP Start-Line, only the
headers are returned, even if the onlyHeaders
argument is false
:
Date: Tue, 10 Jun 2014 07:19:27 GMT
Connection: keep-alive
Transfer-Encoding: chunked
Hello World
Returns:
{
date: 'Tue, 10 Jun 2014 07:19:27 GMT',
connection: 'keep-alive',
'transfer-encoding': 'chunked'
}
MIT
FAQs
Parse http headers
We found that http-headers demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.