Do not use yet in production This module won't probably be heavily maintained. Fork at will or claim ownership ! Okay now you can keep reading :)
Kind of a firewall for http requests based on headers. It parses a set of rules for each HTTP header and apply the matching policy
NB: This module makes the assumption your request object looks like this
req = {
headers : {
'method' : 'PUT',
'url' : '/kung/foo/panda/',
'any-other-header' : 'of_any_value'
}
}
If it does not, use the setAccessFieldFunction (look around the end of this readme to see an example)
Example 1: a rule could be represented as such
rule = {
policy : HTTPTables.policies.DROP,
conditions : {
'method' : ['POST', 'GET'],
'user-agent' : /Android/,
'url' : "/api/v2/users/1"
}
}
In this case it will drop every POST or GET requests from android on /api/v2/users/1 url
var HTTPTables = require('httptables');
var httptables = HTTPTables({
defaultPolicy : HTTPTables.policies.DROP // Drop all not matching requests
})
Example 2: In Express
var HTTPTables = require('httptables');
var httptables = HTTPTables({
defaultPolicy : HTTPTables.policies.DROP // Drop all not matching requests
})
// Override the way to access a header field for an express request object
httptables.setAccessFieldFunction = function (req, field) {
var _field = (field || "").toUpperCase();
if(field === 'URL') {
return req.url;
} else if(field === 'METHOD') {
return req.method;
} else {
return req.get(field);
}
}
//...
//...
//...
app.use(function (req, res, next) {
req.mySetOfRules = [
{
policy : HTTPTables.policies.ACCEPT,
conditions : {
'method' : ['POST', 'GET'],
'user-agent' : /Android/,
'url' : "/api/v2/users/1"
}
},
{
policy : HTTPTables.policies.ACCEPT,
conditions : {
'method' : ['POST', 'GET', 'PUT', 'DELETE'],
'url' : "/api/v2/organizations/1/billing"
}
}
];
next();
})
// Comming Soon, see commented code in source to implement yourself
// only if you want/need
app.use(httptables.toExpressMiddleware({rulesPropertyName : 'mySetOfRules'}))
FAQs
HTTP firewall
The npm package httptables receives a total of 0 weekly downloads. As such, httptables popularity was classified as not popular.
We found that httptables demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.