Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
isomorphic-fetch
Advanced tools
The isomorphic-fetch npm package is a library that enables the use of the Fetch API in both server-side (Node.js) and client-side (browser) environments. It provides a consistent interface for making HTTP requests, allowing developers to write universal code that works across different platforms.
Making HTTP GET requests
This code sample demonstrates how to make a simple HTTP GET request to retrieve data from a specified URL and then process the JSON response.
fetch('https://api.example.com/data')
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
Making HTTP POST requests
This code sample shows how to make an HTTP POST request to send JSON data to a server and then handle the JSON response.
fetch('https://api.example.com/data', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify({ key: 'value' })
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
Handling HTTP errors
This code sample illustrates how to handle errors in HTTP requests by checking the response status and throwing an error if the response is not successful.
fetch('https://api.example.com/data')
.then(response => {
if (!response.ok) {
throw new Error('Network response was not ok');
}
return response.json();
})
.then(data => console.log(data))
.catch(error => console.error('Error:', error));
Axios is a popular HTTP client for the browser and Node.js. It provides a promise-based API and has a similar feature set to isomorphic-fetch, including interceptors, automatic transforms for JSON data, and cancellation of requests. Axios also provides more detailed configuration options for requests compared to isomorphic-fetch.
Node-fetch is a light-weight module that brings the Fetch API to Node.js. It is similar to isomorphic-fetch but is specifically designed for Node.js environments. Unlike isomorphic-fetch, node-fetch does not provide a polyfill for the browser environment.
Whatwg-fetch is a polyfill for the Fetch API for browsers that do not support it natively. It is similar to isomorphic-fetch in that it allows the use of the Fetch API in the browser, but it does not provide support for Node.js environments.
Cross-fetch is another library that provides a polyfill for the Fetch API for both Node.js and browser environments. It is similar to isomorphic-fetch in its universal approach, but it may have different implementation details or additional features.
Fetch for node and Browserify. Built on top of GitHub's WHATWG Fetch polyfill.
fetch
as a global so that its API is consistent between client and server.For ease-of-maintenance and backward-compatibility reasons, this library will always be a polyfill. As a "safe" alternative, which does not modify the global, consider fetch-ponyfill.
The Fetch API is currently not implemented consistently across browsers. This module will enable you to use fetch
in your Node code in a cross-browser compliant fashion. The Fetch API is part of the Web platform API defined by the standards bodies WHATWG and W3C.
npm install --save isomorphic-fetch
bower install --save isomorphic-fetch
require('isomorphic-fetch');
fetch('//offline-news-api.herokuapp.com/stories')
.then(function(response) {
if (response.status >= 400) {
throw new Error("Bad response from server");
}
return response.json();
})
.then(function(stories) {
console.log(stories);
});
All open source code released by FT Labs is licenced under the MIT licence. Based on the fine work by jxck.
FAQs
Isomorphic WHATWG Fetch API, for Node & Browserify
We found that isomorphic-fetch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.