Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Qwest is a simple ajax library based on promises
behaviour and that supports XmlHttpRequest2
special data like ArrayBuffer
, Blob
and FormData
.
You can pick the minified library or install it with :
jam install qwest
bower install qwest
npm install qwest --save-dev
then()
and catch()
promises instead of success()
and error()
type
option has been replaced by responseType
dataType
option has been addedbefore
callback has now its own promise (see it in action at the bottom of the doc)XDomainRequest
for IE8/9 is supported as wellqwest.get('example.com')
.then(function(response){
alert(response);
});
qwest.post('example.com',{
firstname: 'Pedro',
lastname: 'Sanchez',
age: 30
})
.then(function(response){
// Make some useful actions
})
.catch(function(message){
// Print the error message
});
qwest.<method>(<url>,[data],[options])
.then(function(response){
// Run when the request is successful
})
.catch(function(message){
// Process error message
})
.complete(function(){
// Always run
});
The method is either get
, post
, put
or delete
. The data
parameter can be a multi-dimensional array or object, a string, an ArrayBuffer, a Blob, etc... If you don't want to pass any data but specify some options, set data to null
.
The available options
are :
false
for GET requests and true
for POST requestsnull
In each callback, the this
keyword refers to the XmlHttpRequest
object, so you can do some specific tasks you may need.
qwest.get('example.com')
.then(function(response){
// Blah blah blah
})
.catch(function(message){
log(this.responseText);
throw message;
});
One of the great qwest's functionnalities is the request limitation. It avoids browser freezes and server overloads by freeing bandwidth and memory resources when you have a whole bunch of requests to do at the same time (when you load a gallery, per example). You just need to set the request limit and when the count is reached qwest will stock all further requests and start them when a slot is free.
qwest.limit(4);
$('.foo').forEach(function(){
qwest.get(this.data('some_url_to_get'));
});
If you want to remove the limit, do qwest.limit(null)
.
If you want to apply some manual options to the XHR
object, you can use the before
promise. It must be called before any other promise. The this
keyword refers to the XHR
object itself.
qwest.before(function(){
this.uploadonprogress=function(e){
// Upload in progress
};
})
.get('example.com')
.then(function(response){
// Blah blah blah
});
XHR2 is not available on every browser, so, if needed, you can simply verify the XHR version.
if(qwest.xhr2){
// Actions for XHR2
}
else{
// Actions for XHR1
}
Getting binary data in legacy browsers needs a trick, as we can read it on MDN. In qwest, that's how we could handle it :
qwest.before(function(){
this.overrideMimeType('text\/plain; charset=x-user-defined');
})
.get('example.com/file')
.then(function(response){
// response is now a binary string
});
According to this compatibility table, IE7/8 do not support using catch
and delete
as method name because these are reserved words. If you want to support those browsers you should write :
qwest.delete('example.com')
.then(function(){})
.catch(function(){});
Like this :
qwest['delete']('example.com')
.then(function(){})
['catch'](function(){});
The CORS object shipped with IE8 and 9 is XDomainRequest
. This object does not support PUT
and DELETE
requests.
XHR2 does not support arraybuffer
, blob
and document
response types in synchroneous mode.
then()
callback, it will be catched by the catch()
promiseContent-Type
header is application/x-www-form-urlencoded
for post
and xhr2
data types, with a POST
requestjs
response type executes a remote javascript file and returns its raw code in the then()
promisetext
MIT license everywhere!
FAQs
Ajax library with XHR2, promises and request limit
The npm package qwest receives a total of 1,498 weekly downloads. As such, qwest popularity was classified as popular.
We found that qwest demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.