
Security News
Oracle Drags Its Feet in the JavaScript Trademark Dispute
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
With XHook, you could easily implement functionality to:
addEventListener
removeEventListener
Support Modern Browser.
:warning: It's important to include XHook first as other libraries may store a reference to XMLHttpRequest
before XHook can patch it
Using script
link to load xhook and use it, like so:
<script src="//unpkg.com/xhook@latest/dist/xhook.min.js"></script>
<script>
xhook.after(function (request, response) {
if (request.url.match(/example\.txt$/))
response.text = response.text.replace(/[aeiou]/g, "z");
});
</script>
latest
or lock to one of the available versions)We can also install xhook via npm.
npm install xhook
Then use ESM syntax to load xhook.
import xhook from "xhook";
//modify 'responseText' of 'example2.txt'
xhook.after(function (request, response) {
if (request.url.match(/example\.txt$/))
response.text = response.text.replace(/[aeiou]/g, "z");
});
xhook.before(handler(request[, callback])[, index])
Modifying any property of the request
object will modify the underlying XHR before it is sent.
To make the handler
is asynchronous, just include the optional callback
function, which accepts an optional response
object.
To provide a fake response, return
or callback()
a response
object.
xhook.after(handler(request, response[, callback]) [, index])
Modifying any property of the response
object will modify the underlying XHR before it is received.
To make the handler
is asynchronous, just include the optional callback
function.
xhook.enable()
Enables XHook (swaps out the native XMLHttpRequest
class). XHook is enabled be default.
xhook.disable()
Disables XHook (swaps the native XMLHttpRequest
class back in)
request
Objectmethod
(String) (open(method,url)
)url
(String) (open(method,url)
)body
(String) (send(body)
)headers
(Object) (Contains Name-Value pairs set with setRequestHeader(name,value)
)timeout
(Number) (timeout
)type
(String) (responseType
)withCredentials
(String) (withCredentials
)response
Objectstatus
(Number) Required when for fake response
s (status
)statusText
(String) (statusText
)text
(String) (responseText
)headers
(Object) (Contains Name-Value pairs retrieved with getAllResponseHeaders()
)xml
(XML) (responseXML
)data
(Varies) (response
)The dark red before
hook is returning a response
object, which will trigger the after
hooks, then trigger the appropriate events, so it appears as if response
came from
the server.
https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest
http://www.w3.org/TR/XMLHttpRequest/
http://www.w3.org/TR/XMLHttpRequest2/
XHook does not attempt to resolve any browser compatibility issues. Libraries like jQuery
and https://github.com/ilinsky/xmlhttprequest will attempt to do this. XHook simply proxies to and from XMLHttpRequest
, so you may use any library
conjunction with XHook, just make sure to load XHook first.
You may use synchronous XHR, though this will cause asynchronous hooks to be skipped.
See CONTRIBUTING for instructions on how to build and run XHook locally.
MIT License Copyright © 2022 Jaime Pillora dev@jpillora.com
FAQs
Easily intercept and modify XHR request and response
The npm package xhook receives a total of 2,688 weekly downloads. As such, xhook popularity was classified as popular.
We found that xhook demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
Security News
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.