Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
route-parser
Advanced tools
A isomorphic, bullet-proof, ninja-ready route parsing, matching, and reversing library for Javascript in Node and the browser.
A isomorphic, bullet-proof, ninja-ready route parsing, matching, and reversing library for Javascript in Node and the browser.
Yes.
You want to write routes in a way that makes sense, capture named parameters, add additional constraints to routing, and be able to generate links using your routes. You don't want to be surprised by limitations in your router or hit a spiral of additional complexity when you need to do more advanced tasks.
npm install --save route-parser
Route = require('route-parser');
var route = new Route('/my/fancy/route/page/:page');
route.match('/my/fancy/route/page/7') // { page: 7 }
route.reverse({page: 3}) // -> '/my/fancy/route/page/3'
Example | Description |
---|---|
:name | a parameter to capture from the route up to / , ? , or end of string |
*splat | a splat to capture from the route up to ? or end of string |
() | Optional group that doesn't have to be part of the query. Can contain nested optional groups, params, and splats |
anything else | free form literals |
Some examples:
/some/(optional/):thing
/users/:id/comments/:comment/rating/:rating
/*a/foo/*b
/books/*section/:title
/books?author=:author&subject=:subject
We define a grammar for route specifications and parse the route. Matching is done by generating a regular expression from that tree, and reversing is done by filling in parameter nodes in the tree.
Not really. Parsing route specs into regular expressions gets to be problematic if you want to do named captures and route reversing. Other routing libraries have issues with parsing one of /foo(/:bar)
or /foo(/:bar)
, and two-pass string-to-RegExp transforms become complex and error prone.
Using a parser here also gives us the chance to give early feedback for any errors that are made in the route spec.
URI templates are designed for expanding data into a template, not matching a route. Taking an arbitrary path and matching it against a URI template isn't defined. In the expansion step of URI templates, undefined variables can be evaluated to ''
, which isn't useful when trying to do route matching, optional or otherwise. To use a URI-template-like language is possible, but needs to be expanded past the RFC
These all lack named parameters and reversability.
Named parameters are less brittle and reduce the coupling betwen routes and their handlers. Given the routes /users/:userid/photos/:category
and /photos/:category/users/:userid
, backbone style routing solutions require two different handlers. Named parameters let you use just one.
Reversibility means you can use a single route table for your application for matching and generating links instead of throwing route helper functions throughout your code.
FAQs
A isomorphic, bullet-proof, ninja-ready route parsing, matching, and reversing library for Javascript in Node and the browser.
The npm package route-parser receives a total of 13,459 weekly downloads. As such, route-parser popularity was classified as popular.
We found that route-parser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.