Sign inDemoInstall


Package Overview
File Explorer

Advanced tools

Install Socket

Protect your apps from supply chain attacks



Parses, serializes, and manipulates MIME types, according to the WHATWG MIME Sniffing Standard


Version published
Weekly downloads
increased by4.82%

Weekly downloads

Package description

What is whatwg-mimetype?

The whatwg-mimetype npm package is a JavaScript implementation of the WHATWG MIME type standard. It allows for parsing, serializing, and manipulating MIME types according to the rules defined by the WHATWG specification.

What are whatwg-mimetype's main functionalities?

Parsing MIME types

This feature allows for the parsing of MIME type strings to create MIMEType objects that can be easily manipulated and queried.

const MIMEType = require('whatwg-mimetype');
const mimeType = new MIMEType('text/html');
console.log(mimeType.toString()); // 'text/html'

Serializing MIME types

This feature enables the conversion of MIMEType objects back into their string representation.

const MIMEType = require('whatwg-mimetype');
const mimeType = new MIMEType('text/html');
console.log(mimeType.toString()); // 'text/html'

Extracting MIME type components

This feature allows for the extraction of the type, subtype, and parameters of a MIME type for further processing or inspection.

const MIMEType = require('whatwg-mimetype');
const mimeType = new MIMEType('text/html; charset=UTF-8');
console.log(mimeType.type); // 'text'
console.log(mimeType.subtype); // 'html'
console.log(mimeType.parameters.get('charset')); // 'UTF-8'

Checking for essence

This feature provides the essence of the MIME type, which is the combination of the type and subtype, excluding any parameters.

const MIMEType = require('whatwg-mimetype');
const mimeType = new MIMEType('text/html; charset=UTF-8');
console.log(mimeType.essence); // 'text/html'

Other packages similar to whatwg-mimetype



Parse, serialize, and manipulate MIME types

This package will parse MIME types into a structured format, which can then be manipulated and serialized:

const MIMEType = require("whatwg-mimetype");

const mimeType = new MIMEType(`Text/HTML;Charset="utf-8"`);

console.assert(mimeType.toString() === "text/html;charset=utf-8");

console.assert(mimeType.type === "text");
console.assert(mimeType.subtype === "html");
console.assert(mimeType.essence === "text/html");
console.assert(mimeType.parameters.get("charset") === "utf-8");

mimeType.parameters.set("charset", "windows-1252");
console.assert(mimeType.parameters.get("charset") === "windows-1252");
console.assert(mimeType.toString() === "text/html;charset=windows-1252");

console.assert(mimeType.isHTML() === true);
console.assert(mimeType.isXML() === false);

Parsing is a fairly complex process; see the specification for details (and similarly for serialization).

This package's algorithms conform to those of the WHATWG MIME Sniffing Standard, and is aligned up to commit 8e9a7dd.


This package's main module's default export is a class, MIMEType. Its constructor takes a string which it will attempt to parse into a MIME type; if parsing fails, an Error will be thrown.

The parse() static factory method

As an alternative to the constructor, you can use MIMEType.parse(string). The only difference is that parse() will return null on failed parsing, whereas the constructor will throw. It thus makes the most sense to use the constructor in cases where unparseable MIME types would be exceptional, and use parse() when dealing with input from some unconstrained source.


  • type: the MIME type's type, e.g. "text"
  • subtype: the MIME type's subtype, e.g. "html"
  • essence: the MIME type's essence, e.g. "text/html"
  • parameters: an instance of MIMETypeParameters, containing this MIME type's parameters

type and subtype can be changed. They will be validated to be non-empty and only contain HTTP token code points.

essence is only a getter, and cannot be changed.

parameters is also a getter, but the contents of the MIMETypeParameters object are mutable, as described below.


Note: the isHTML(), isXML(), and isJavaScript() methods are speculative, and may be removed or changed in future major versions. See whatwg/mimesniff#48 for brainstorming in this area. Currently we implement these mainly because they are useful in jsdom.

MIMETypeParameters API

The MIMETypeParameters class, instances of which are returned by mimeType.parameters, has equivalent surface API to a JavaScript Map.

However, MIMETypeParameters methods will always interpret their arguments as appropriate for MIME types, so e.g. parameter names will be lowercased, and attempting to set invalid characters will throw.

Some examples:

const mimeType = new MIMEType(`x/x;a=b;c=D;E="F"`);

// Logs:
// a b
// c D
// e F
for (const [name, value] of mimeType.parameters) {
  console.log(name, value);

console.assert(mimeType.parameters.get("A") === "b");

mimeType.parameters.set("Q", "X");
console.assert(mimeType.parameters.get("q") === "X");
console.assert(mimeType.toString() === "x/x;a=b;c=d;e=F;q=X");

// Throws:
mimeType.parameters.set("@", "x");

Raw parsing/serialization APIs

If you want primitives on which to build your own API, you can get direct access to the parsing and serialization algorithms as follows:

const parse = require("whatwg-mimetype/parser");
const serialize = require("whatwg-mimetype/serialize");

parse(string) returns an object containing the type and subtype strings, plus parameters, which is a Map. This is roughly our equivalent of the spec's MIME type record. If parsing fails, it instead returns null.

serialize(record) operates on the such an object, giving back a string according to the serialization algorithm.



Last updated on 11 Nov 2023

Did you know?

Socket installs a GitHub app to automatically flag issues on every pull request and report the health of your dependencies. Find out what is inside your node modules and prevent malicious activity before you update the dependencies.


Related posts

SocketSocket SOC 2 Logo


  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc