Product
Introducing License Enforcement in Socket
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
The vary npm package is a utility for manipulating the HTTP Vary header. It allows developers to programmatically append values to the Vary header of an HTTP response, ensuring that the correct header is constructed for proper handling of HTTP caching, content negotiation, and other mechanisms that might vary the response based on certain aspects of the request.
Appending to the Vary header
This feature allows you to append a field to the Vary header of an HTTP response. In the code sample, the 'User-Agent' field is added to the Vary header, indicating that the response may vary based on the 'User-Agent' header of the request.
"use strict";
const http = require('http');
const vary = require('vary');
http.createServer((req, res) => {
vary(res, 'User-Agent');
res.end('Response varies based on User-Agent header.');
}).listen(3000);
Appending multiple fields
This feature allows you to append multiple fields to the Vary header at once. In the code sample, both 'User-Agent' and 'Accept-Encoding' are added to the Vary header, indicating that the response may vary based on both of these request headers.
"use strict";
const http = require('http');
const vary = require('vary');
http.createServer((req, res) => {
vary(res, 'User-Agent, Accept-Encoding');
res.end('Response varies based on User-Agent and Accept-Encoding headers.');
}).listen(3000);
The 'fresh' package is an HTTP response freshness testing library that evaluates whether a response is still 'fresh' in the context of request and response headers. It is similar to 'vary' in that it deals with HTTP headers, but 'fresh' focuses on cache validation while 'vary' focuses on managing the Vary header.
The 'negotiator' package is an HTTP content negotiation library that supports media types, charsets, encodings, languages, and more. It is similar to 'vary' in that it assists with content negotiation, but 'negotiator' provides a higher-level API for selecting the best response based on the client's request, whereas 'vary' is specifically for manipulating the Vary header.
Manipulate the HTTP Vary header
This is a Node.js module available through the
npm registry. Installation is done using the
npm install
command:
$ npm install vary
var vary = require('vary')
Adds the given header field
to the Vary
response header of res
.
This can be a string of a single field, a string of a valid Vary
header, or an array of multiple fields.
This will append the header if not already listed, otherwise leaves it listed in the current location.
// Append "Origin" to the Vary header of the response
vary(res, 'Origin')
Adds the given header field
to the Vary
response header string header
.
This can be a string of a single field, a string of a valid Vary
header,
or an array of multiple fields.
This will append the header if not already listed, otherwise leaves it listed in the current location. The new header string is returned.
// Get header string appending "Origin" to "Accept, User-Agent"
vary.append('Accept, User-Agent', 'Origin')
var http = require('http')
var vary = require('vary')
http.createServer(function onRequest (req, res) {
// about to user-agent sniff
vary(res, 'User-Agent')
var ua = req.headers['user-agent'] || ''
var isMobile = /mobi|android|touch|mini/i.test(ua)
// serve site, depending on isMobile
res.setHeader('Content-Type', 'text/html')
res.end('You are (probably) ' + (isMobile ? '' : 'not ') + 'a mobile user')
})
$ npm test
FAQs
Manipulate the HTTP Vary header
The npm package vary receives a total of 29,842,208 weekly downloads. As such, vary popularity was classified as popular.
We found that vary demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Ensure open-source compliance with Socket’s License Enforcement Beta. Set up your License Policy and secure your software!
Product
We're launching a new set of license analysis and compliance features for analyzing, managing, and complying with licenses across a range of supported languages and ecosystems.
Product
We're excited to introduce Socket Optimize, a powerful CLI command to secure open source dependencies with tested, optimized package overrides.