Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Readme
$ npm install vhost
var vhost = require('vhost')
Create a new middleware function to hand off request to handle
when the incoming
host for the request matches hostname
. The function is called as
handle(req, res, next)
, like a standard middleware.
hostname
can be a string or a RegExp object. When hostname
is a string it can
contain *
to match 1 or more characters in that section of the hostname. When
hostname
is a RegExp, it will be forced to case-insensitive (since hostnames are)
and will be forced to match based on the start and end of the hostname.
When host is matched and the request is sent down to a vhost handler, the req.vhost
property will be populated with an object. This object will have numeric properties
corresponding to each wildcard (or capture group if RegExp object provided) and the
hostname
that was matched.
// for match of "foo.bar.example.com:8080" against "*.*.example.com":
req.vhost.host === 'foo.bar.example.com:8080'
req.vhost.hostname === 'foo.bar.example.com'
req.vhost.length === 2
req.vhost[0] === 'foo'
req.vhost[1] === 'bar'
var connect = require('connect')
var serveStatic = require('serve-static')
var vhost = require('vhost')
var mailapp = connect()
// add middlewares to mailapp for mail.example.com
// create app to serve static files on subdomain
var staticapp = connect()
staticapp.use(serveStatic('public'))
// create main app
var app = connect()
// add vhost routing to main app for mail
app.use(vhost('mail.example.com', mailapp))
// route static assets for "assets-*" subdomain to get
// around max host connections limit on browsers
app.use(vhost('assets-*.example.com', staticapp))
// add middlewares and main usage to app
app.listen(3000)
var connect = require('connect')
var serveStatic = require('serve-static')
var vhost = require('vhost')
var mainapp = connect()
// add middlewares to mainapp for the main web site
// create app that will server user content from public/{username}/
var userapp = connect()
userapp.use(function(req, res, next){
var username = req.vhost[0] // username is the "*"
// pretend request was for /{username}/* for file serving
req.originalUrl = req.url
req.url = '/' + username + req.url
next()
})
userapp.use(serveStatic('public'))
// create main app
var app = connect()
// add vhost routing for main app
app.use(vhost('userpages.local', mainapp))
app.use(vhost('www.userpages.local', mainapp))
// listen on all subdomains for user pages
app.use(vhost('*.userpages.local', userapp))
app.listen(3000)
var connect = require('connect')
var http = require('http')
var vhost = require('vhost')
// create main app
var app = connect()
app.use(vhost('mail.example.com', function (req, res) {
// handle req + res belonging to mail.example.com
res.setHeader('Content-Type', 'text/plain')
res.end('hello from mail!')
}))
// an external api server in any framework
var httpServer = http.createServer(function (req, res) {
res.setHeader('Content-Type', 'text/plain')
res.end('hello from the api!')
})
app.use(vhost('api.example.com', function (req, res) {
// handle req + res belonging to api.example.com
// pass the request to a standard Node.js HTTP server
httpServer.emit('request', req, res)
}))
app.listen(3000)
FAQs
virtual domain hosting
The npm package vhost receives a total of 120,750 weekly downloads. As such, vhost popularity was classified as popular.
We found that vhost demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.