Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
whatwg-url
Advanced tools
An implementation of the WHATWG URL Standard's URL API and parsing machinery
The whatwg-url npm package is an implementation of the URL and URLSearchParams interfaces found in the WHATWG URL Standard. It provides utilities for URL parsing, serialization, and manipulation in accordance with the standard.
Parsing and Serializing URLs
This feature allows for the parsing of a full URL string into its constituent parts, as well as the serialization of the URL object back into a string.
const { URL } = require('whatwg-url');
const myURL = new URL('https://example.com/path?query=123#fragment');
console.log(myURL.href); // 'https://example.com/path?query=123#fragment'
Manipulating URL Components
This feature enables the modification of different parts of the URL, such as the pathname, search, or hash.
const { URL } = require('whatwg-url');
const myURL = new URL('https://example.com/path');
myURL.pathname = '/newPath';
console.log(myURL.href); // 'https://example.com/newPath'
Working with URLSearchParams
This feature provides an interface for working with query strings, allowing for easy parsing, appending, deleting, and iterating over query parameters.
const { URLSearchParams } = require('whatwg-url');
const params = new URLSearchParams('key1=value1&key2=value2');
params.append('key3', 'value3');
console.log(params.toString()); // 'key1=value1&key2=value2&key3=value3'
url-parse is a package that offers URL parsing and manipulation. It provides a similar API to whatwg-url but also works in environments without the native URL constructor. It can be a lighter alternative with similar capabilities.
urijs is a URL manipulation library that allows parsing, building, and normalizing URLs. It offers a fluent API and additional features like URI building and resolution, which makes it more feature-rich compared to whatwg-url.
whatwg-url is a full implementation of the WHATWG URL Standard. It can be used standalone, but it also exposes a lot of the internal algorithms that are useful for integrating a URL parser into a project like jsdom.
whatwg-url is currently up to date with the URL spec up to commit a62223.
URL
ConstructorThe main API is the URL
export, which follows the spec's behavior in all ways (including e.g. USVString
conversion). Most consumers of this library will want to use this.
The following methods are exported for use by places like jsdom that need to implement things like HTMLHyperlinkElementUtils
. They operate on or return an "internal URL" or "URL record" type.
parseURL(input, { baseURL, encodingOverride })
basicURLParse(input, { baseURL, encodingOverride, url, stateOverride })
serializeURL(urlRecord, excludeFragment)
serializeHost(hostFromURLRecord)
serializeInteger(number)
serializeURLOrigin(urlRecord)
setTheUsername(urlRecord, usernameString)
setThePassword(urlRecord, passwordString)
cannotHaveAUsernamePasswordPort(urlRecord)
The stateOverride
parameter is one of the following strings:
"scheme start"
"scheme"
"no scheme"
"special relative or authority"
"path or authority"
"relative"
"relative slash"
"special authority slashes"
"special authority ignore slashes"
"authority"
"host"
"hostname"
"port"
"file"
"file slash"
"file host"
"path start"
"path"
"cannot-be-a-base-URL path"
"query"
"fragment"
The URL record type has the following API:
These properties should be treated with care, as in general changing them will cause the URL record to be in an inconsistent state until the appropriate invocation of basicURLParse
is used to fix it up. You can see examples of this in the URL Standard, where there are many step sequences like "4. Set context object’s url’s fragment to the empty string. 5. Basic URL parse input with context object’s url as url and fragment state as state override." In between those two steps, a URL record is in an unusable state.
The return value of "failure" in the spec is represented by the string "failure"
. That is, functions like parseURL
and basicURLParse
can return either a URL record or the string "failure"
.
FAQs
An implementation of the WHATWG URL Standard's URL API and parsing machinery
The npm package whatwg-url receives a total of 57,301,523 weekly downloads. As such, whatwg-url popularity was classified as popular.
We found that whatwg-url demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.