Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
resolve-accept-language
Advanced tools
Resolve the preferred locale based on the value of an `Accept-Language` HTTP header.
Resolve the best locale based on the value of an Accept-Language
HTTP header.
Add the package as a dependency:
npm install resolve-accept-language
Code example:
import resolveAcceptLanguage from 'resolve-accept-language'
/**
* The API is well documented from within your IDE using TSDoc. The arguments are as follows:
*
* 1) The HTTP accept-language header.
* 2) The available locales (they must contain the default locale).
* 3) The default locale.
*/
console.log(
resolveAcceptLanguage(
'fr-CA;q=0.01,en-CA;q=0.1,en-US;q=0.001',
// The `as const` is optional for TypeScript but gives better typing.
['en-US', 'fr-CA'] as const,
'en-US'
)
)
Output:
fr-CA
You may want to control exactly the behavior depending on the type of match. For example, you could want to display a language picker on your home page if the match is not satisfactory. In those cases, you will need to use the ResolveAcceptLanguage
class instead. It offers more visibility into the selection process while matching a locale:
import { MATCH_TYPES, ResolveAcceptLanguage } from 'resolve-accept-language'
const resolveAcceptLanguage = new ResolveAcceptLanguage(
'fr-CA;q=0.01,en-CA;q=0.1,en-US;q=0.001' as const,
['en-US', 'fr-CA'],
'fr-CA'
)
console.log(`A locale was matched: ${resolveAcceptLanguage.getMatch()}`)
if (resolveAcceptLanguage.getMatchType() === MATCH_TYPES.localeBased) {
console.log('The match is locale-based')
} else if (resolveAcceptLanguage.getMatchType() === MATCH_TYPES.languageBased) {
console.log('The match is language-based')
} else if (resolveAcceptLanguage.getMatchType() === MATCH_TYPES.relatedLocaleBased) {
console.log('The match is related-locale-based')
} else if (resolveAcceptLanguage.getMatchType() === MATCH_TYPES.defaultLocale) {
console.log('The match is the default locale')
}
As per RFC 4647, this package uses the "lookup" matching scheme. This means that it will always produce exactly one match for a given request.
The matching strategy will use the following logic:
resolveAcceptLanguage
return the default locale as a last resort option.Accept-Language
package?The Accept-Language
header has been around since 1999. Like many other standards that deal with languages, the header is based
on BCP 47 language tags. Language tags can be as simple as fr
(non-country specific French) or more complex, for example,
sr-Latn-RS
would represent Latin script Serbian.
One of the main challenges is that BCP 47 language tags can be either overly simple or too complex. This is one of the problems this
library will try to address by focusing on locales identifiers using the language
-country
format instead of trying to provide
full BCP 47 language tags support. The main reasons for this:
language
-country
format. We could possibly extend script support in the future given a valid use case, but in the meantime, our goal is to keep this library as simple as possible, while providing the best matches.FAQs
Resolve the preferred locale based on the value of an `Accept-Language` HTTP header.
The npm package resolve-accept-language receives a total of 36,646 weekly downloads. As such, resolve-accept-language popularity was classified as popular.
We found that resolve-accept-language demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.