Security News
JSR Working Group Kicks Off with Ambitious Roadmap and Plans for Open Governance
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
jsc-safe-url
Advanced tools
Utility functions for converting to and from URLs that encode query string data into URL paths
jsc-safe-url
JavaScriptCore santizes source URLs in error stacks by stripping query strings and fragments. Ref: Webkit/Webkit#49109d
.
This package contains utility functions required to implement the proposed React Native Community RFC0646. It exports three functons:
function isJscSafeUrl(url: string): boolean
Returns false
if the URL has a query component that could be stripped by JSC.
function toJscSafeUrl(urlToConvert: string): string
Accepts an absolute or relative URL, and encodes any data in the input query string (if present) into the path component of the URL, by using the delimiter //&
(which cannot appear in a normalized file path) to separate the original path from the orignal query string.
toJscSafeUrl('https://example.com/path?foo=bar#fragment')
// 'https://example.com/path//&foo=bar#fragment'
function toNormalUrl(urlToNormalize: string): string
Accepts an absolute or relative URL, and replaces the first unescaped //&
in the path component with ?
. (Effectively the reverse of toJscSafeUrl
.)
toNormalUrl('https://example.com/path//&foo=bar#fragment')
// 'https://example.com/path?foo=bar#fragment'
FAQs
Utility functions for converting to and from URLs that encode query string data into URL paths
The npm package jsc-safe-url receives a total of 1,611,742 weekly downloads. As such, jsc-safe-url popularity was classified as popular.
We found that jsc-safe-url demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.