Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
routington
Advanced tools
Routington is a trie-based URL router. Its goal is only to define and match URLs. It does not handle methods, headers, controllers, views, etc., in anyway. It is faster than traditional, linear, regular expression-matching routers, although insignficantly, and scales with the number of routes.
The purpose of this router isn't for performance, but to bring more structure to URL routing. The intention is for you to build a framework on top either in node.js or in the browser.
Implementations:
var routington = require('routington')
var router = routington()
router
is the root Node
in the trie. All node
s will have router
as furthest ancestor.
Every node on a tree is an instance of Node
. You only construct the root. A node
has the following properties:
child {}Node
- String based child definitions.
For example, node.child['post']
will return a child node with node.string === 'post'
children []Node
- Name/regex based child definitionsparent Node
- The parent of the nodename
- Name of the node (for parameter matching)string
- String to match the URL fragmentregex
- Regular expression to match the URL fragmentvar nodes = router.define('/:identity(page|petition)/:id([0-9a-f]{24})')
route
is a definition of a route and is an extension of Express' routing syntax.
route
, however, can only be a string.nodes
is an array of node
s.Each fragment of the route, delimited by a /
, can have the following signature:
string
- ex /post
string|string
- |
separated strings, ex /post|page
:name
- Wildcard route matched to a name(regex)
- A regular expression match without saving the parameter (not recommended):name(regex)
- Named regular expression matchYou should always name your regular expressions otherwise you can't use the captured value.
The regular expression is built using new RegExp('^(' + regex + ')$', 'i')
,
so you need to escape your string, ie \\w
.
You can always pre-define names or regular expressions before. For example, I can define:
router.define('/page/:id(\\w{3,30})')
// later, :id will have the same regexp
// so you don't have to repeat yourself
router.define('/page/:id/things')
router.define('/page/:id(\\w{3,30})')
var match = router.match('/page/taylorswift')
match
, unless null
, will be an object with the following properties:
param
- A list of named parameters, ex, match.param.id === 'taylorswift'
.node
- The matched node.
Will always have name.string === ''
.Each URL you define creates a node,
and you are free to do whatever you'd like with each node as long you don't overwrite any prototype properties (basically just define
, match
, and parse
).
Adding any features to routington shouldn't be necessary.
For example, suppose you want to attach callbacks to a node by extending routington:
router.get('/:id/:controller', function (req, res, next) {
console.log('do something')
})
You can attach the middleware to a node.GET
array:
router.get = function (path, handler) {
var node = router.define(path)[0]
node.GET = node.GET || []
node.GET.push(handler)
}
Now, dispatching is easy:
function dispatcher(req, res, next) {
var match = router.match(url.parse(req.url).pathname)
if (!match)
// this is a 404
var node = match.node
var callbacks = node[req.method]
if (!callbacks)
// this is a 405
// execute all the callbacks.
// async.series won't actually work here,
// but you get the point.
async.series(callbacks, next)
}
Properties attached to the node will be exposed on the match. For example, suppose you wanted to label a node:
var node = router.define('/:id/:controller')[0]
node.label = 'controller'
When matched, it will be available via match.node.label
:
var match = router.match('/someid/somecontroller')
assert(match.node.label === 'label')
Since reaching into match.node
is a little inconvenient and you probably don't want your end users to touch it,
you should expose in your dispatcher:
var match = router.match(url.parse(req.url).pathname)
// ...
req.param = match.param
req.label = match.node.label
IE9+
FAQs
Trie-based URL Routing
The npm package routington receives a total of 394 weekly downloads. As such, routington popularity was classified as not popular.
We found that routington demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.