Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
kitejs 提供统一访问服务的 client,支持 Http、RPC(thrift) 协议,提供多种编解码方式(正在支持)。 kitejs 集成寻址、支持负载均衡策略
首先进行安装
npm install kitejs --save
使用方法
// for HTTP
const kite = require('kitejs');
var client = new kite.Client(
{
host: '127.0.0.1',
port: 8080,
protocol: 'HTTP',
log: {
logFile: __dirname + '/client.log'
}
}
);
client.request({ path: '/' }, function (err, data) {
if (err) throw err;
console.log(data);
});
// for THRIFT
const kite = require('kitejs');
var client = new kite.Client(
{
host: '127.0.0.1',
port: 8080,
protocol: 'THRIFT',
log: {
logFile: __dirname + '/client.log'
}
}
);
client
.loadService(__dirname + '/thrift/gen-nodejs/Calculator.js')
.request(function (err, cal, conn) {
if (err) throw err;
cal.ping(function (err, response) {
console.log('ping()');
});
cal.add(1, 1, function (err, response) {
console.log(response);
});
});
// for CONSUL
const kite = require('kitejs');
var client = new kite.Client({
service: 'ies.fe.mis',
searchHostType: 'CONSUL',
log: {
logFile: __dirname + '/client.log'
}
});
client.request({path: '/'}, function (err, data) {
console.log(data);
});
可以方便的创建一个 Client 用于请求。。。
Options
protocol 访问协议,HTTP \ THRIFT,默认HTTP
searchHostType 寻址方式 LOCAL 或者 CONSUL,默认LOCAL
service consul 时提供 PSM 信息
host 服务端域名信息
port 服务端端口信息
timeout 访问超时时间 1s
100ms
or 1
默认为秒
address 更人性化的地址设置,比如 127.0.0.1:10220
consul 提供 consul 服务地址信息
{
consul: {
host: '127.0.0.1',
port: 2280
}
}
request
发起请求,获取服务端数据.request(options?, cb);
参数
options 可选,主要用于 HTTP 填写 PATH、HEADERS 等信息
POST
数据cb
function (err, data, conn?) {}
null
loadService
加载 Thrift Service参数
client.loadService('xxService.js')
// return client Object instance.
xxService.js
并注册入 Thrift 请求框架返回
FAQs
the rpc framework Kite for Node.js
The npm package kitejs receives a total of 43 weekly downloads. As such, kitejs popularity was classified as not popular.
We found that kitejs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 13 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.