Security News
Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Help in opening URLs (mostly HTTP) in a complex world — basic and digest authentication, redirections, cookies and more.
The urllib npm package is a utility library for making HTTP requests and handling URLs. It provides a simple and flexible API for performing various types of HTTP requests, handling query parameters, and working with URLs.
HTTP GET Request
This feature allows you to make a simple HTTP GET request to a specified URL. The callback function handles the response data or any errors that occur.
const urllib = require('urllib');
urllib.request('https://api.example.com/data', function (err, data, res) {
if (err) {
console.error(err);
return;
}
console.log(data.toString());
});
HTTP POST Request
This feature allows you to make an HTTP POST request with a payload. The data object contains the key-value pairs to be sent in the request body.
const urllib = require('urllib');
urllib.request('https://api.example.com/data', {
method: 'POST',
data: {
key1: 'value1',
key2: 'value2'
}
}, function (err, data, res) {
if (err) {
console.error(err);
return;
}
console.log(data.toString());
});
Handling Query Parameters
This feature allows you to include query parameters in your HTTP request. The data object is automatically serialized into a query string and appended to the URL.
const urllib = require('urllib');
const params = {
key1: 'value1',
key2: 'value2'
};
urllib.request('https://api.example.com/data', {
data: params
}, function (err, data, res) {
if (err) {
console.error(err);
return;
}
console.log(data.toString());
});
Custom Headers
This feature allows you to set custom headers for your HTTP request. The headers object contains key-value pairs representing the header names and values.
const urllib = require('urllib');
urllib.request('https://api.example.com/data', {
headers: {
'Authorization': 'Bearer token',
'Content-Type': 'application/json'
}
}, function (err, data, res) {
if (err) {
console.error(err);
return;
}
console.log(data.toString());
});
Axios is a promise-based HTTP client for the browser and Node.js. It provides a more modern and flexible API compared to urllib, with support for interceptors, request cancellation, and automatic JSON data transformation.
Node-fetch is a lightweight module that brings the Fetch API to Node.js. It is a minimalistic alternative to urllib, focusing on simplicity and compliance with the Fetch standard.
Request is a simplified HTTP client for Node.js with a rich set of features. It is more feature-rich than urllib, offering support for OAuth, cookies, and multipart form data. However, it has been deprecated in favor of more modern alternatives like axios.
Help in opening URLs (mostly HTTP) in a complex world — basic and digest authentication, redirections, cookies, timeout and more.
$ npm install urllib --save
var urllib = require('urllib');
urllib.request('http://cnodejs.org/', function (err, data, res) {
if (err) {
throw err; // you need to handle error
}
console.log(res.statusCode);
console.log(res.headers);
// data is Buffer instance
console.log(data.toString());
});
If you've installed bluebird,
bluebird will be used.
urllib
does not install bluebird for you.
Otherwise, if you're using a node that has native v8 Promises (v0.11.13+), then that will be used.
Otherwise, this library will crash the process and exit, so you might as well install bluebird as a dependency!
var urllib = require('urllib');
urllib.request('http://nodejs.org').then(function (result) {
// result: {data: buffer, res: response object}
console.log('status: %s, body size: %d, headers: %j', result.res.statusCode, result.data.length, result.res.headers);
}).error(function (err) {
console.error(err);
});
var co = require('co');
var urllib = require('urllib');
co(function* () {
var result = yield urllib.requestThunk('http://nodejs.org');
console.log('status: %s, body size: %d, headers: %j',
result.status, result.data.length, result.headers);
})();
response
eventYou should create a urllib instance first.
var httpclient = require('urllib').create();
httpclient.on('response', function (info) {
error: err,
ctx: args.ctx,
req: {
url: url,
options: options,
size: requestSize,
},
res: res
});
httpclient.request('http://nodejs.org', function (err, body) {
console.log('body size: %d', body.length);
});
http.request(url[, options][, callback])
GET
. Could be GET
, POST
, DELETE
or PUT
. Alias 'type'.data
will be ignored.data
and content
will be ignored.callback
will be called with data
set null
after finished writing.json
. If it's json
, will auto set Content-Type: application/json
header.text
or json
. If it's text
, the callback
ed data
would be a String. If it's json
, the data
of callback would be a parsed JSON Object. Default callback
ed data
would be a Buffer
.exports.TIMEOUT
. Include remote server connecting timeout and response timeout. When timeout happen, will return ConnectionTimeout
or ResponseTimeout
.username:password
used in HTTP Basic Authorization.username:password
used in HTTP Digest Authorization.false
if you does not use agent.false
if you does not use agent.false
.null
if no error accured.dataType
is set to text
or an JSON parsed into Object if it's set to json
.http.ClientRequest - The request.
Calling .abort()
method of the request stream can cancel the request.
options.data
When making a request:
urllib.request('http://example.com', {
method: 'GET',
data: {
'a': 'hello',
'b': 'world'
}
});
For GET
request, data
will be stringify to query string, e.g. http://example.com/?a=hello&b=world
.
For others like POST
, PATCH
or PUT
request,
in defaults, the data
will be stringify into application/x-www-form-urlencoded
format
if Content-Type
header is not set.
If Content-type
is application/json
, the data
will be JSON.stringify
to JSON data format.
options.content
options.content
is useful when you wish to construct the request body by yourself,
for example making a Content-Type: application/json
request.
Notes that if you want to send a JSON body, you should stringify it yourself:
urllib.request('http://example.com', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
content: JSON.stringify({
a: 'hello',
b: 'world'
})
});
It would make a HTTP request like:
POST / HTTP/1.1
Host: example.com
Content-Type: application/json
{
"a": "hello",
"b": "world"
}
This exmaple can use options.data
with application/json
content type:
urllib.request('http://example.com', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
data: {
a: 'hello',
b: 'world'
}
});
options.stream
Uploads a file with formstream:
var urllib = require('urllib');
var formstream = require('formstream');
var form = formstream();
form.file('file', __filename);
form.field('hello', '你好urllib');
var req = urllib.request('http://my.server.com/upload', {
method: 'POST',
headers: form.headers(),
stream: form
}, function (err, data, res) {
// upload finished
});
Response is normal object, it contains:
status
or statusCode
: response status code, -1
meaning some network error like ENOTFOUND
headers
: response http headers, default is {}
size
: response sizeaborted
: response was aborted or notrt
: total request and response time in ms.res.aborted
If the underlaying connection was terminated before response.end()
was called,
res.aborted
should be true
,
and return RemoteSocketClosedError
error.
var server = require('http').createServer(function (req, res) {
req.resume();
req.on('end', function () {
res.write('foo haha\n');
setTimeout(function () {
res.write('foo haha 2');
setTimeout(function () {
res.socket.end();
}, 300);
}, 200);
return;
});
});
urllib.request('http://127.0.0.1:1984/socket.end', function (err, data, res) {
err.name.should.equal('RemoteSocketClosedError');
err.message.should.equal('Remote socket was terminated before `response.end()` was called');
data.toString().should.equal('foo haha\nfoo haha 2');
should.ok(res.aborted);
done();
});
Accept-Encoding=gzip
by options.gzip = true
Below is the output from git-summary
.
$ git summary
project : urllib
repo age : 3 years, 6 months
active : 70 days
commits : 212
files : 23
authors :
176 fengmk2 83.0%
9 XiNGRZ 4.2%
7 dead_horse 3.3%
6 Jackson Tian 2.8%
6 ibigbug 2.8%
2 alsotang 0.9%
2 haoxin 0.9%
1 popomore 0.5%
1 Jonathan Dahan 0.5%
1 aleafs 0.5%
1 coderhaoxin 0.5%
(The MIT License)
Copyright (c) 2011-2014 fengmk2 <fengmk2@gmail.com>
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Help in opening URLs (mostly HTTP) in a complex world — basic and digest authentication, redirections, timeout and more. Base undici API.
The npm package urllib receives a total of 186,877 weekly downloads. As such, urllib popularity was classified as popular.
We found that urllib demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 13 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.