Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
serve-index
Advanced tools
The serve-index npm package is a middleware for Node.js that serves pages that display directory listings. It's commonly used with Express or other middleware-based HTTP server frameworks. It provides a responsive web interface to navigate the file structure of the served directories.
Directory Listing
This feature allows you to list the contents of a directory in a web page. The code sample shows how to use serveIndex with Express to serve the contents of the 'public/files' directory with file icons.
const express = require('express');
const serveIndex = require('serve-index');
const app = express();
app.use('/files', express.static('public/files'));
app.use('/files', serveIndex('public/files', {'icons': true}));
app.listen(3000);
Custom Styles and Templates
Serve-index allows for customization of the directory listing by using custom templates and styles. The code sample demonstrates how to specify a custom HTML template for the directory listing.
const express = require('express');
const serveIndex = require('serve-index');
const app = express();
app.use('/files', serveIndex('public/files', {
'icons': true,
'template': 'path/to/custom/template.html'
}));
app.listen(3000);
Filtering Files
Serve-index can filter the files that are displayed in the directory listing. In the code sample, a filter function is used to display only files with the '.html' extension.
const express = require('express');
const serveIndex = require('serve-index');
const app = express();
app.use('/files', serveIndex('public/files', {
'filter': function (filename, index, files, dir) {
return filename.endsWith('.html');
}
}));
app.listen(3000);
http-server is a simple, zero-configuration command-line HTTP server that is powerful enough for production usage but also features a file server with directory listing. It is more focused on being a full-fledged HTTP server compared to serve-index which is a middleware.
express-static is built into Express and serves static files. It does not provide directory listing by default, but it can be used in conjunction with serve-index to achieve similar functionality.
node-static is a simple, rfc 2616 compliant file streaming module for Node.js. It is designed to develop production-ready file servers as quickly as possible. While it can serve static files like serve-index, it does not provide directory listing features out of the box.
Serves pages that contain directory listings for a given path.
This is a Node.js module available through the
npm registry. Installation is done using the
npm install
command:
$ npm install serve-index
var serveIndex = require('serve-index')
Returns middlware that serves an index of the directory in the given path
.
The path
is based off the req.url
value, so a req.url
of '/some/dir
with a path
of 'public'
will look at 'public/some/dir'
. If you are using
something like express
, you can change the URL "base" with app.use
(see
the express example).
Serve index accepts these properties in the options object.
Apply this filter function to files. Defaults to false
. The filter
function
is called for each file, with the signature filter(filename, index, files, dir)
where filename
is the name of the file, index
is the array index, files
is
the array of files and dir
is the absolute path the file is located (and thus,
the directory the listing is for).
Display hidden (dot) files. Defaults to false
.
Display icons. Defaults to false
.
Optional path to a CSS stylesheet. Defaults to a built-in stylesheet.
Optional path to an HTML template or a function that will render a HTML string. Defaults to a built-in template.
When given a string, the string is used as a file path to load and then the following tokens are replaced in templates:
{directory}
with the name of the directory.{files}
with the HTML of an unordered list of file links.{linked-path}
with the HTML of a link to the directory.{style}
with the specified stylesheet and embedded images.When given as a function, the function is called as template(locals, callback)
and it needs to invoke callback(error, htmlString)
. The following are the
provided locals:
directory
is the directory being displayed (where /
is the root).displayIcons
is a Boolean for if icons should be rendered or not.fileList
is a sorted array of files in the directory. The array contains
objects with the following properties:
name
is the relative name for the file.stat
is a fs.Stats
object for the file.path
is the full filesystem path to directory
.style
is the default stylesheet or the contents of the stylesheet
option.viewName
is the view name provided by the view
option.Display mode. tiles
and details
are available. Defaults to tiles
.
var finalhandler = require('finalhandler')
var http = require('http')
var serveIndex = require('serve-index')
var serveStatic = require('serve-static')
// Serve directory indexes for public/ftp folder (with icons)
var index = serveIndex('public/ftp', {'icons': true})
// Serve up public/ftp folder files
var serve = serveStatic('public/ftp')
// Create server
var server = http.createServer(function onRequest(req, res){
var done = finalhandler(req, res)
serve(req, res, function onNext(err) {
if (err) return done(err)
index(req, res, done)
})
})
// Listen
server.listen(3000)
var express = require('express')
var serveIndex = require('serve-index')
var app = express()
// Serve URLs like /ftp/thing as public/ftp/thing
// The express.static serves the file contents
// The serveIndex is this module serving the directory
app.use('/ftp', express.static('public/ftp'), serveIndex('public/ftp', {'icons': true}))
// Listen
app.listen(3000)
FAQs
Serve directory listings
The npm package serve-index receives a total of 10,561,709 weekly downloads. As such, serve-index popularity was classified as popular.
We found that serve-index demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.