Socket
Socket
Sign inDemoInstall

whatwg-fetch

Package Overview
Dependencies
0
Maintainers
2
Versions
51
Alerts
File Explorer

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

    whatwg-fetch

A window.fetch polyfill.


Version published
Weekly downloads
9.3M
decreased by-21.63%
Maintainers
2
Install size
23.2 kB
Created
Weekly downloads
 

Package description

What is whatwg-fetch?

The whatwg-fetch npm package is a polyfill for the Fetch API, a modern interface for making network requests in browsers and Node.js. It allows developers to make HTTP requests to retrieve or send data to remote servers in an easy and efficient way. The Fetch API provides a more powerful and flexible feature set compared to older technologies like XMLHttpRequest.

What are whatwg-fetch's main functionalities?

Making GET requests

This code sample demonstrates how to make a GET request to retrieve data from a specified URL and then process the response as JSON.

fetch('https://api.example.com/data')
  .then(response => response.json())
  .then(data => console.log(data))
  .catch(error => console.error('Error:', error));

Making POST requests

This code sample shows how to make a POST request to send JSON data to a server and then handle the JSON response.

fetch('https://api.example.com/data', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({ key: 'value' })
})
.then(response => response.json())
.then(data => console.log(data))
.catch(error => console.error('Error:', error));

Handling HTTP errors

This code sample illustrates how to handle HTTP errors by checking the response status before processing the response.

fetch('https://api.example.com/data')
  .then(response => {
    if (!response.ok) {
      throw new Error('Network response was not ok');
    }
    return response.json();
  })
  .then(data => console.log(data))
  .catch(error => console.error('Error:', error));

Other packages similar to whatwg-fetch

Changelog

Source

v2.0.3

2 March 2017

  • Accept array in Headers constructor #485
  • Improve README language #483
  • Fix grammar mistake in README #468
  • Remove bower version from release instructions 5cc72dd
  • Remove extra punctuation eebaa2a
  • Fetch 2.0.3 d4ed806

Readme

Source

window.fetch polyfill

The fetch() function is a Promise-based mechanism for programmatically making web requests in the browser. This project is a polyfill that implements a subset of the standard Fetch specification, enough to make fetch a viable replacement for most uses of XMLHttpRequest in traditional web applications.

This project adheres to the Open Code of Conduct. By participating, you are expected to uphold this code.

Table of Contents

Read this first

  • If you believe you found a bug with how fetch behaves in Chrome or Firefox, please avoid opening an issue in this repository. This project is a polyfill, and since Chrome and Firefox both implement the window.fetch function natively, no code from this project actually takes any effect in these browsers. See Browser support for detailed information.

  • If you have trouble making a request to another domain (a different subdomain or port number also constitutes as another domain), please familiarize yourself with all the intricacies and limitations of CORS requests. Because CORS requires participation of the server by implementing specific HTTP response headers, it is often nontrivial to set up or debug. CORS is exclusively handled by the browser's internal mechanisms which this polyfill cannot influence.

  • If you have trouble maintaining the user's session or CSRF protection through fetch requests, please ensure that you've read and understood the Sending cookies section.

  • If this polyfill doesn't work under Node.js environments, that is expected, because this project is meant for web browsers only. You should ensure that your application doesn't try to package and run this on the server.

  • If you have an idea for a new feature of fetch, please understand that we are only ever going to add features and APIs that are a part of the Fetch specification. You should submit your feature requests to the repository of the specification itself, rather than this repository.

Installation

  • npm install whatwg-fetch --save; or

  • bower install fetch.

You will also need a Promise polyfill for older browsers. We recommend taylorhakes/promise-polyfill for its small size and Promises/A+ compatibility.

For use with webpack, add this package in the entry configuration option before your application entry point:

entry: ['whatwg-fetch', ...]

For Babel and ES2015+, make sure to import the file:

import 'whatwg-fetch'

Usage

For a more comprehensive API reference that this polyfill supports, refer to https://github.github.io/fetch/.

HTML

fetch('/users.html')
  .then(function(response) {
    return response.text()
  }).then(function(body) {
    document.body.innerHTML = body
  })

JSON

fetch('/users.json')
  .then(function(response) {
    return response.json()
  }).then(function(json) {
    console.log('parsed json', json)
  }).catch(function(ex) {
    console.log('parsing failed', ex)
  })

Response metadata

fetch('/users.json').then(function(response) {
  console.log(response.headers.get('Content-Type'))
  console.log(response.headers.get('Date'))
  console.log(response.status)
  console.log(response.statusText)
})

Post form

var form = document.querySelector('form')

fetch('/users', {
  method: 'POST',
  body: new FormData(form)
})

Post JSON

fetch('/users', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json'
  },
  body: JSON.stringify({
    name: 'Hubot',
    login: 'hubot',
  })
})

File upload

var input = document.querySelector('input[type="file"]')

var data = new FormData()
data.append('file', input.files[0])
data.append('user', 'hubot')

fetch('/avatars', {
  method: 'POST',
  body: data
})

Caveats

The fetch specification differs from jQuery.ajax() in mainly two ways that bear keeping in mind:

  • The Promise returned from fetch() won't reject on HTTP error status even if the response is an HTTP 404 or 500. Instead, it will resolve normally, and it will only reject on network failure or if anything prevented the request from completing.

  • By default, fetch won't send or receive any cookies from the server, resulting in unauthenticated requests if the site relies on maintaining a user session. See Sending cookies for how to opt into cookie handling.

Handling HTTP error statuses

To have fetch Promise reject on HTTP error statuses, i.e. on any non-2xx status, define a custom response handler:

function checkStatus(response) {
  if (response.status >= 200 && response.status < 300) {
    return response
  } else {
    var error = new Error(response.statusText)
    error.response = response
    throw error
  }
}

function parseJSON(response) {
  return response.json()
}

fetch('/users')
  .then(checkStatus)
  .then(parseJSON)
  .then(function(data) {
    console.log('request succeeded with JSON response', data)
  }).catch(function(error) {
    console.log('request failed', error)
  })
Sending cookies

To automatically send cookies for the current domain, the credentials option must be provided:

fetch('/users', {
  credentials: 'same-origin'
})

The "same-origin" value makes fetch behave similarly to XMLHttpRequest with regards to cookies. Otherwise, cookies won't get sent, resulting in these requests not preserving the authentication session.

For CORS requests, use the "include" value to allow sending credentials to other domains:

fetch('https://example.com:1234/users', {
  credentials: 'include'
})
Receiving cookies

As with XMLHttpRequest, the Set-Cookie response header returned from the server is a forbidden header name and therefore can't be programmatically read with response.headers.get(). Instead, it's the browser's responsibility to handle new cookies being set (if applicable to the current URL). Unless they are HTTP-only, new cookies will be available through document.cookie.

Bear in mind that the default behavior of fetch is to ignore the Set-Cookie header completely. To opt into accepting cookies from the server, you must use the credentials option.

Obtaining the Response URL

Due to limitations of XMLHttpRequest, the response.url value might not be reliable after HTTP redirects on older browsers.

The solution is to configure the server to set the response HTTP header X-Request-URL to the current URL after any redirect that might have happened. It should be safe to set it unconditionally.

# Ruby on Rails controller example
response.headers['X-Request-URL'] = request.url

This server workaround is necessary if you need reliable response.url in Firefox < 32, Chrome < 37, Safari, or IE.

Browser Support

  • Chrome
  • Firefox
  • Safari 6.1+
  • Internet Explorer 10+

Note: modern browsers such as Chrome, Firefox, and Microsoft Edge contain native implementations of window.fetch, therefore the code from this polyfill doesn't have any effect on those browsers. If you believe you've encountered an error with how window.fetch is implemented in any of these browsers, you should file an issue with that browser vendor instead of this project.

FAQs

Last updated on 02 Mar 2017

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc