Execute a listener when a response is about to write headers.
This is a Node.js module available through the
npm registry. Installation is done using the
npm install command:
$ npm install on-headers
var onHeaders = require('on-headers')
This will add the listener listener to fire when headers are emitted for res.
The listener is passed the response object as it's context (this). Headers are
considered to be emitted only once, right before they are sent to the client.
When this is called multiple times on the same res, the listeners are fired
in the reverse order they were added.
var http = require('http')
var onHeaders = require('on-headers')
http
.createServer(onRequest)
.listen(3000)
function addPoweredBy () {
// set if not set by end of request
if (!this.getHeader('X-Powered-By')) {
this.setHeader('X-Powered-By', 'Node.js')
}
}
function onRequest (req, res) {
onHeaders(res, addPoweredBy)
res.setHeader('Content-Type', 'text/plain')
res.end('hello!')
}
$ npm test
The on-finished package is similar to on-headers in that it allows you to execute code based on HTTP request/response lifecycle events. However, on-finished is used to detect when the HTTP response has finished or when the request has been closed, rather than when headers are about to be sent.
While not directly similar to on-headers, prepend-http is another package that deals with HTTP headers. It is used to prepend `http://` to a URL if it's missing. This package does not provide hooks into the response object's lifecycle.
Helmet is a package that provides a set of middleware functions to set HTTP response headers for security purposes. It differs from on-headers as it focuses on security headers and provides a higher-level API for configuring them, rather than providing a hook for any kind of custom logic before headers are sent.
FAQs
Execute a listener when a response is about to write headers
The npm package on-headers receives a total of 24,328,379 weekly downloads. As such, on-headers popularity was classified as popular.
We found that on-headers demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Five malicious NuGet packages impersonate Chinese .NET libraries to deploy a stealer targeting browser credentials, crypto wallets, SSH keys, and local files.
Security News
pnpm 11 turns on a 1-day Minimum Release Age and blocks exotic subdeps by default, adding safeguards against fast-moving supply chain attacks.
Security News
The remediated findings include organization permission bugs, stale project access after transfers, OIDC replay edge cases, audit logging gaps, and an IDOR in API token deletion.