erin-noe-payne / super-router Goto Github PK
View Code? Open in Web Editor NEWIt's super!
It's super!
Is creating havok on a lot of URL types which have query parameters since it normalizes them into lower case values.
Example URL:
http://www.foo.com/something?Key1=Value1&Key2=Value2
It will lowercase the query parameters into:
http://www.foo.com/something?key1=value1&key2=value2
That pretty much breaks RFC URI
It would probably be better if you're going to do normalization to use a helper utility that expressJS and others use to parse out the URI first. Then apply selective normalizations to the path.
Example usage of it is:
const parseurl = require('parseurl');
const parsed = parseurl({ url: 'http://www.Google.com/hi/Hi/Hello?someKey=someValue&someSecondKey=someSecondValue' });
console.log(JSON.stringify(parsed, undefined, 2));
Output is:
{
"protocol": "http:",
"slashes": true,
"auth": null,
"host": "www.google.com",
"port": null,
"hostname": "www.google.com",
"hash": null,
"search": "?someKey=someValue&someSecondKey=someSecondValue",
"query": "someKey=someValue&someSecondKey=someSecondValue",
"pathname": "/hi/Hi/Hello",
"path": "/hi/Hi/Hello?someKey=someValue&someSecondKey=someSecondValue",
"href": "http://www.google.com/hi/Hi/Hello?someKey=someValue&someSecondKey=someSecondValue",
"_raw": "http://www.Google.com/hi/Hi/Hello?someKey=someValue&someSecondKey=someSecondValue"
}
You can see it would be easier to normalize your pathname above without using regular expressions.
Context: before calling toString
on request objects, we can specify request.sensitive
to identify specific fields in the header or body as private so they do not show up on the toString'd request object. See the test.
We would like to be able to do the same for response objects. This is trickier, however: requests are clearly objects before they get JSON.stringify
'd over the wire, so scrubbing fields marked as sensitive is easier. Response bodies come over the wire as strings and remain attached to the Response object as strings. This is because a server's response to a request may not actually be in proper JSON.
To scrub toString
'd responses, we must first attempt to parse the request body.
If it can't be parsed, theres not much we can do about sanitizing it ๐
If it can be parsed, then the approach is almost identical to Request
; replace the values on the sensitive fields with '********'
and JSON.stringify
the final object.
Currently, for options requests, there has to be special conditional blocks put in middleware that comes before the options handler on a route you want to be hit to skip if the method == options.
Missing semi-colon in examples/router
Static analysis run of super-router can be found below:
https://codeclimate.com/github/autoric/super-router/examples/router.js
Cannot normalize header values.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.