
Security News
PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.
medium-type
Advanced tools
Class for parsing, stringifying and manipulating media types. Useful for content negotiation. Follows RFC2045, supports quoted parameters, all allowed characters etc.
![NPM version][npm-badge] ![Build status][travis-badge] [npm-badge]: https://badge.fury.io/js/medium-type.png [travis-badge]: https://travis-ci.org/moll/js-medium-type.png?branch=master
MediumType.js is a JavaScript library to parse and stringify media types.
Implements parsing based on RFC 2045 with added support for
suffixes (RFC 3023, RFC 6839).
RFC 2045 is a little more permissive than later RFCs when it comes to allowed
tokens. MediumType.js thereby adheres to Postel's law of liberal
acceptance.
Examples of supported media types:
application/json.application/vnd.app.model+json; charset=utf-8.application/xml; dtd="http://www.w3.org/TR/html4/strict.dtd".*/*+json; q=0.3.*/*.Split comma separated media types (like in HTTP's Accept header).
Note that it properly supports quoted parameters when splitting. It's the
only library that I know of that does this.
MediumType.split("text/html; levels=\"1, 2, 3\", text/plain")
Sort an array of MediumTypes according to sorting rules of the HTTP
Accept header listed in RFC 2616 and RFC 7231.
That is, first by the q parameter, then by type and subtype specificity and
then by parameter count (excluding the q parameter).
MediumType.sort([
new MediumType("text/html; level=3; q=0.7"),
new MediumType("text/html; q=0.7"),
new MediumType("text/plain; q=0.5"),
new MediumType("text/*; q=0.1"),
new MediumType("*/*; q=0.1"),
])
Stringify media types to a canonical type/subtype+suffix; param=value
format.
MediumType.stringify({type: "application", subtype: "json"})
new MediumType({type: "application", subtype: "json"}).toString()
No dependencies on Node.js modules or the whole MIME database. Pretty lightweight and easily usable in the browser with Browserify.
From v1.0.0 MediumType.js will follow semantic versioning, but until then, breaking changes may appear between minor versions (the middle number).
npm install medium-type
MediumType.js doesn't yet have a build ready for the browser, but you will be able to use Browserify to have it run there till then.
var MediumType = require("medium-type")
var type = new MediumType("application/vnd.app.model+json; charset=utf-8")
type.type == "application"
type.subtype == "vnd.app.model"
type.suffix == "json"
type.parameters.charset == "utf-8"
For extended documentation on all functions, please see the MediumType.js API Documentation.
MediumType.js is released under a Lesser GNU Affero General Public License, which in summary means:
For more convoluted language, see the LICENSE file.
Andri Möll typed this and the code.
Monday Calendar supported the engineering work.
If you find MediumType.js needs improving, please don't hesitate to type to me now at andri@dot.ee or create an issue online.
FAQs
Class for parsing, stringifying and manipulating media types. Useful for content negotiation. Follows RFC2045, supports quoted parameters, all allowed characters etc.
The npm package medium-type receives a total of 991 weekly downloads. As such, medium-type popularity was classified as not popular.
We found that medium-type demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.

Security News
Open source attacks are accelerating as AI coding agents pull in dependencies faster, with less human review.

Research
/Security News
Malicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.