Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
A simple library that emulates memcache functions using HTML5 localStorage
This is a simple library that emulates memcache
functions using HTML5 localStorage
, so that you can cache data on the client
and associate an expiration time with each piece of data. If the localStorage
limit (~5MB) is exceeded, it tries to create space by removing the items that are closest to expiring anyway. If localStorage
is not available at all in the browser, the library degrades by simply not caching and all cache requests return null.
The library exposes these methods: set()
, get()
, remove()
, flush()
, flushExpired()
, setBucket()
, resetBucket()
, setExpiryMilliseconds()
.
Stores the value in localStorage. Expires after specified number of minutes.
key
(string)value
(Object|string)time
(number: optional)boolean : True if the value was stored successfully.
Retrieves specified value from localStorage, if not expired.
key
(string)string | Object : The stored value. If no value is available, null is returned.
Removes a value from localStorage.
key
(string)Removes all lscache items from localStorage without affecting other data.
Removes all expired lscache items from localStorage without affecting other data.
Appends CACHE_PREFIX so lscache will partition data in to different buckets.
bucket
(string)Removes prefix from keys so that lscache no longer stores in a particular bucket.
Sets the number of milliseconds each time unit represents in the set() function's "time" argument. Sample values:
milliseconds
(number)The interface should be familiar to those of you who have used memcache
, and should be easy to understand for those of you who haven't.
For example, you can store a string for 2 minutes using lscache.set()
:
lscache.set('greeting', 'Hello World!', 2);
You can then retrieve that string with lscache.get()
:
alert(lscache.get('greeting'));
You can remove that string from the cache entirely with lscache.remove()
:
lscache.remove('greeting');
You can remove all items from the cache entirely with lscache.flush()
:
lscache.flush();
You can remove only expired items from the cache entirely with lscache.flushExpired()
:
lscache.flushExpired();
You can also check if local storage is supported in the current browser with lscache.supported()
:
if (!lscache.supported()) {
alert('Local storage is unsupported in this browser');
return;
}
You can enable console warning if set fails with lscache.enableWarnings()
:
// enable warnings
lscache.enableWarnings(true);
// disable warnings
lscache.enableWarnings(false);
The library also takes care of serializing objects, so you can store more complex data:
lscache.set('data', {'name': 'Pamela', 'age': 26}, 2);
And then when you retrieve it, you will get it back as an object:
alert(lscache.get('data').name);
If you have multiple instances of lscache running on the same domain, you can partition data in a certain bucket via:
lscache.set('response', '...', 2);
lscache.setBucket('lib');
lscache.set('path', '...', 2);
lscache.flush(); //only removes 'path' which was set in the lib bucket
The default unit for the set()
function's "time" argument is minutes. A shorter time may be desired, for example, in unit tests. You can use lscache.setExpriryMilliseconds()
to select a finer granularity of time unit:
asyncTest('Testing set() and get() with different units', function() {´
var expiryMilliseconds = 1000; //time units is seconds
lscache.setExpiryMilliseconds(expiryMilliseconds);
var key = 'thekey';
var numExpiryUnits = 2; // expire after two seconds
lscache.set(key, 'some value', numExpiryUnits);
setTimeout(function() {
equal(lscache.get(key), null, 'We expect value to be null');
start();
}, expiryMilliseconds*numExpiryUnits + 1);
});
For more live examples, play around with the demo here: http://pamelafox.github.com/lscache/demo.html
This library was originally developed with the use case of caching results of JSON API queries to speed up my webapps and give them better protection against flaky APIs. (More on that in this blog post)
For example, RageTube uses lscache
to fetch Youtube API results for 10 minutes:
var key = 'youtube:' + query;
var json = lscache.get(key);
if (json) {
processJSON(json);
} else {
fetchJSON(query);
}
function processJSON(json) {
// ..
}
function fetchJSON() {
var searchUrl = 'http://gdata.youtube.com/feeds/api/videos';
var params = {
'v': '2', 'alt': 'jsonc', 'q': encodeURIComponent(query)
}
JSONP.get(searchUrl, params, null, function(json) {
processJSON(json);
lscache.set(key, json, 10);
});
}
It does not have to be used for only expiration-based caching, however. It can also be used as just a wrapper for localStorage
, as it provides the benefit of handling JS object (de-)serialization.
For example, the QuizCards Chrome extensions use lscache
to store the user statistics for each user bucket, and those stats are an array
of objects.
function initBuckets() {
var bucket1 = [];
for (var i = 0; i < CARDS_DATA.length; i++) {
var datum = CARDS_DATA[i];
bucket1.push({'id': datum.id, 'lastAsked': 0});
}
lscache.set(LS_BUCKET + 1, bucket1);
lscache.set(LS_BUCKET + 2, []);
lscache.set(LS_BUCKET + 3, []);
lscache.set(LS_BUCKET + 4, []);
lscache.set(LS_BUCKET + 5, []);
lscache.set(LS_INIT, 'true')
}
The lscache
library should work in all browsers where localStorage
is supported.
A list of those is here:
http://www.quirksmode.org/dom/html5.html
For contributors:
npm install
to install all the dependencies.grunt
. The default task will check the files with jshint, minify them, and use browserify to generate a bundle for testing.grunt test
to run the tests.For repo owners, after a code change:
grunt bump
to tag the new release.npm login
, npm publish
to release on npm.FAQs
A simple library that emulates memcache functions using HTML5 localStorage
The npm package lscache receives a total of 26,228 weekly downloads. As such, lscache popularity was classified as popular.
We found that lscache demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.