Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
yslow-data-rest-api
Advanced tools
A REST API for storing web performance data from YSlow.
It receives test results using YSlow's beacon mechanism and makes them available through a JSON API. Data is persisted to MongoDB with the yslow-data-service package.
npm install yslow-data-rest-api
Start the server:
yslow-data-rest-api
Configure YSlow to send requests to the beacon end-point. Here's an example with YSlow for PhantomJS:
phantomjs yslow.js -b http://localhost:3000/beacon -i basic http://www.bbc.co.uk/
Head to http://localhost:3000/results to see the test results:
{
"results": [
{
"id": "52b887a7e486520836000003",
"timestamp": "2013-12-23T18:57:43.216Z",
"data": {
"v": "3.1.8",
"w": 510283,
"o": 76,
"u": "http://www.bbc.co.uk/",
"r": 87,
"i": "ydefault",
"lt": 1706
}
}
]
}
To start the server on a different port/host then use the -p
and -H
flags:
yslow-data-rest-api -p 8080 -H localhost
By default the REST API is configured to use a MongoDB database at mongodb://127.0.0.1:27017/yslow
. To change this, set the environment variable YSLOW_DATA_DB
e.g.
EXPORT YSLOW_DATA_DB="mongodb://127.0.0.1:27017/some_db"
POST /beacon
Accepts YSlow beacon requests
curl -i -X POST -H "Content-Type: application/json" -d '{"v": "3.1.8", "w": 510283, "o": 76, "u": "http://www.bbc.co.uk/", "r": 87, "i": "ydefault", "lt": 1706}' http://localhost:3000/beacon
HTTP/1.1 201 Created
Location: /results/52b88a9ca7b09dcc36000001
{
"results": [
{
"id": "52b8c2bc1544b91d5a000001",
"timestamp": "2013-12-23T23:09:48.626Z",
"data": {
"v": "3.1.8",
"w": 510283,
"o": 76,
"u": "http://www.bbc.co.uk/",
"r": 87,
"i": "ydefault",
"lt": 1706
}
}
]
}
GET /results
Returns stored results
url
- Filters results by URLlimit
- Limits the number of results returnedcurl -i "http://localhost:3000/results?url=http://www.bbc.co.uk/&limit=5"
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"results": [
{
"id": "52b8c26e6a9782d25900001a",
"timestamp": "2013-12-23T23:08:30.229Z",
"data": {
"v": "3.1.8",
"w": 538060,
"o": 76,
"u": "http://www.bbc.co.uk",
"r": 88,
"i": "ydefault",
"lt": 1883
}
}
]
}
DELETE /results
Deletes all results
curl -i -X DELETE http://localhost:3000/results
HTTP/1.1 204 No Content
GET /results/:id
Returns a single result by its ID
curl -i http://localhost:3000/results/52b88c58a3d2f8fd36000004
{
"results": [
{
"id": "52b8c26e6a9782d25900001a",
"timestamp": "2013-12-23T23:08:30.229Z",
"data": {
"v": "3.1.8",
"w": 538060,
"o": 76,
"u": "http://www.bbc.co.uk",
"r": 88,
"i": "ydefault",
"lt": 1883
}
}
]
}
DELETE /results/:id
Deletes a single result by its ID
curl -i -X DELETE http://localhost:3000/results/52b88c58a3d2f8fd36000004
HTTP/1.1 204 No Content
GET /results/latest
Returns the latest result
url
- Returns the latest result for the given URLcurl -i "http://localhost:3000/results/latest?url=http://www.bbc.co.uk"
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"results": [
{
"id": "52b8c4c2c4dea4fb5c00001b",
"timestamp": "2013-12-23T23:18:26.710Z",
"data": {
"v": "3.1.8",
"w": 538060,
"o": 76,
"u": "http://www.bbc.co.uk",
"r": 88,
"i": "ydefault",
"lt": 1883
}
}
]
}
GET /urls
Returns the distinct URLs that have been tested
curl -i "http://localhost:3000/urls"
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"urls": [
"http://www.bbc.co.uk/weather/",
"http://www.bbc.co.uk/news/"
]
}
FAQs
REST API for storing YSlow performance data
We found that yslow-data-rest-api demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.