Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
serve-static
Advanced tools
The serve-static npm package is used to serve static files such as images, CSS files, and JavaScript files. It is built on top of the core 'http' module in Node.js and provides a middleware that can be used with frameworks like Express to serve files from a directory in the file system.
Basic static file serving
This code sample demonstrates how to serve static files from a directory named 'public'. When a request is made to the server, it will look for files in this directory to serve.
const express = require('express');
const serveStatic = require('serve-static');
const app = express();
app.use(serveStatic('public'));
app.listen(3000);
Customizing cache control
This code sample shows how to customize cache control headers for the files served. The 'maxAge' option sets the cache control max-age directive in seconds, and the 'setHeaders' function allows for further customization of the headers.
const express = require('express');
const serveStatic = require('serve-static');
const app = express();
app.use(serveStatic('public', {
maxAge: '1d',
setHeaders: function (res, path) {
res.setHeader('Cache-Control', 'public, max-age=86400')
}
}));
app.listen(3000);
Serving files from multiple directories
This code sample demonstrates how to serve static files from multiple directories. The first 'serveStatic' serves files from the 'public' directory, while the second one serves files from the 'media' directory under the '/media' path.
const express = require('express');
const serveStatic = require('serve-static');
const app = express();
app.use(serveStatic('public'));
app.use('/media', serveStatic('media'));
app.listen(3000);
express-static is similar to serve-static but is specifically tailored for use with the Express framework. It provides a simpler API for serving static files in an Express application.
koa-static is designed for the Koa framework, which is a different Node.js web framework. It provides similar functionality to serve-static but is built to work within Koa's middleware system.
connect-static is a middleware for the Connect framework, which is a middleware layer for Node.js that can be used independently or with Express. It offers similar static file serving capabilities as serve-static.
Previously connect.static()
.
Usage:
var connect = require('connect');
var serveStatic = require('serve-static');
var app = connect();
app.use(serveStatic('public/ftp', {'index': 'default.html'}));
app.listen();
The MIT License (MIT)
Copyright (c) 2014 Douglas Christopher Wilson
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Serve static files
The npm package serve-static receives a total of 27,126,104 weekly downloads. As such, serve-static popularity was classified as popular.
We found that serve-static demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.