Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
The mdurl npm package is a utility for encoding and decoding URLs in a manner that is consistent with Markdown specifications. It is particularly useful when dealing with Markdown files that contain URLs which may need to be properly escaped to ensure they are interpreted correctly by Markdown parsers.
URL Encoding
Encodes a URL by escaping characters that are not allowed in Markdown URLs. This is useful for creating Markdown links that contain special characters.
var encode = require('mdurl/encode');
console.log(encode('https://example.com/foo bar'));
URL Decoding
Decodes a URL by unescaping percent-encoded characters. This is useful for reading and processing Markdown links that contain encoded characters.
var decode = require('mdurl/decode');
console.log(decode('https://example.com/foo%20bar'));
The query-string package provides methods for parsing and stringifying URL query strings. It is similar to mdurl in that it deals with URL manipulation, but it focuses specifically on the query string part of the URL.
The url-parse package offers utilities for URL parsing and formatting. It provides more comprehensive URL manipulation capabilities compared to mdurl, including parsing of the entire URL structure, not just encoding and decoding.
URL utilities for markdown-it parser.
Percent-encode a string, avoiding double encoding. Don't touch /a-zA-Z0-9/
+
excluded chars + /%[a-fA-F0-9]{2}/
(if not disabled). Broken surrorates are
replaced with U+FFFD
.
Params:
;/?:@&=+$,-_.!~*'()#
. Additional chars to keep intact
(except /a-zA-Z0-9/
).true
. By default it skips already encoded sequences
(/%[a-fA-F0-9]{2}/
). If set to false
, %
will be encoded.You can use these constants as second argument to encode
function.
encode.defaultChars
is the same exclude set as in the standard encodeURI()
functionencode.componentChars
is the same exclude set as in the encodeURIComponent()
functionFor example, encode('something', encode.componentChars, true)
is roughly the equivalent of
the encodeURIComponent()
function (except encode()
doesn't throw).
Decode percent-encoded string. Invalid percent-encoded sequences (e.g. %2G
)
are left as is. Invalid UTF-8 characters are replaced with U+FFFD
.
Params:
;/?:@&=+$,#
.You can use these constants as second argument to decode
function.
decode.defaultChars
is the same exclude set as in the standard decodeURI()
functiondecode.componentChars
is the same exclude set as in the decodeURIComponent()
functionFor example, decode('something', decode.defaultChars)
has the same behavior as
decodeURI('something')
on a correctly encoded input.
Parse url string. Similar to node's url.parse, but without any normalizations and query string parse.
//
, expect a hostname after it. Optional, false
.Result (hash):
Difference with node's url
:
url.parse('http://foo?bar')
pathname is
``, not /
http:\\example.org\
is
treated like a relative pathhttp://example.org:foo
pathname is :foo
url.parse()
does not have parseQueryString
argumenthost
, path
, query
, etc.,
which can be constructed using other parts of the url.Format an object previously obtained with .parse()
function. Similar to node's
url.format.
FAQs
URL utilities for markdown-it
The npm package mdurl receives a total of 3,768,621 weekly downloads. As such, mdurl popularity was classified as popular.
We found that mdurl demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.