Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
The koa-send package is a utility for Koa applications that allows you to serve static files. It is commonly used to serve files such as HTML, CSS, JavaScript, images, and other static assets from a directory on the server.
Serving Static Files
This feature allows you to serve static files from a specified path. In this example, when a request is made to '/static', the server responds with the file located at 'path/to/static/file.html'.
const Koa = require('koa');
const send = require('koa-send');
const app = new Koa();
app.use(async (ctx) => {
if (ctx.path === '/static') {
await send(ctx, 'path/to/static/file.html');
}
});
app.listen(3000);
Serving Files from a Directory
This feature allows you to serve files from a directory. In this example, any request path will be mapped to a file in the 'public' directory relative to the current directory.
const Koa = require('koa');
const send = require('koa-send');
const app = new Koa();
app.use(async (ctx) => {
await send(ctx, ctx.path, { root: __dirname + '/public' });
});
app.listen(3000);
Setting Cache Control Headers
This feature allows you to set cache control headers for the served files. In this example, the 'maxage' option is set to 1 hour, which will set the 'Cache-Control' header to cache the file for 1 hour.
const Koa = require('koa');
const send = require('koa-send');
const app = new Koa();
app.use(async (ctx) => {
await send(ctx, 'path/to/static/file.html', { maxage: 1000 * 60 * 60 }); // 1 hour
});
app.listen(3000);
koa-static is another middleware for serving static files in a Koa application. It is similar to koa-send but is more focused on serving static files from a directory. It provides a simpler API for serving static files and is often used in conjunction with other Koa middlewares.
serve-static is a middleware for serving static files in Express applications, but it can also be used with Koa through the koa-connect package. It provides similar functionality to koa-send, allowing you to serve static files from a directory with options for caching and other settings.
koa-static-cache is a Koa middleware for serving static files with caching capabilities. It is similar to koa-send but includes built-in support for caching files in memory, which can improve performance for frequently accessed files.
Static file serving middleware.
$ npm install koa-send
maxage
Browser cache max-age in milliseconds. defaults to 0hidden
Allow transfer of hidden files. defaults to falseroot
Root directory to restrict file accessgzip
Try to serve the gzipped version of a file automatically when gzip
is supported by a client and if the requested file with .gz
extension exists. defaults to true.format
If not false
(defaults to true
), format the path to serve static file servers and not require a trailing slash for directories, so that you can do both /directory
and /directory/
Note that root
is required, defaults to ''
and will be resolved,
removing the leading /
to make the path relative and this
path must not contain "..", protecting developers from
concatenating user input. If you plan on serving files based on
user input supply a root
directory from which to serve from.
For example to serve files from ./public
:
app.use(function *(){
yield send(this, this.path, { root: __dirname + '/public' });
})
To serve developer specified files:
app.use(function *(){
yield send(this, 'path/to/my.js');
})
var send = require('koa-send');
var koa = require('koa');
var app = koa();
// $ GET /package.json
// $ GET /
app.use(function *(){
if ('/' == this.path) return this.body = 'Try GET /package.json';
yield send(this, __dirname + '/package.json');
})
app.listen(3000);
console.log('listening on port 3000');
MIT
FAQs
Transfer static files
The npm package koa-send receives a total of 157,721 weekly downloads. As such, koa-send popularity was classified as popular.
We found that koa-send demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 10 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.