websockets with the node stream API
Installations
npm install @httptoolkit/websocket-streamDeveloper Guide
Typescript
Yes
Module System
CommonJS, UMD
Node Version
14.18.3
NPM Version
8.5.2
Score
97.7
Supply Chain
99.4
Quality
73.8
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Contributors
Unable to fetch Contributors
Languages
JavaScript (91.21%)
TypeScript (8.79%)
Love this project? Help keep it running — sponsor us today! 🚀
Developer
httptoolkit
Download Statistics
Total Downloads
48,911,666
Last Day
19,230
Last Week
627,950
Last Month
2,418,824
Last Year
23,144,997
GitHub Statistics
BSD-2-Clause License
3 Stars
234 Commits
2 Forks
3 Watchers
2 Branches
29 Contributors
Updated on May 09, 2023
Bundle Size
35.40 kB
Minified
9.96 kB
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
6.0.1
Package Id
@httptoolkit/websocket-stream@6.0.1
Unpacked Size
29.00 kB
Size
8.62 kB
File Count
15
NPM Version
8.5.2
Node Version
14.18.3
Total Downloads
Cumulative downloads
Total Downloads
48,911,666
Last Day
11.2%
19,230
Compared to previous day
Last Week
1.8%
627,950
Compared to previous week
Last Month
37.4%
2,418,824
Compared to previous month
Last Year
28.1%
23,144,997
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
websocket-stream 
Part of HTTP Toolkit: powerful tools for building, testing & debugging HTTP(S)
Use HTML5 websockets using the Node Streams API.
This is a fork of the original websocket-stream (now unmaintained), for use in HTTP Toolkit. This fork:
- Uses isomorphic-ws so that the 'ws' module is not loaded unnecessarily in browsers
- Supports WS up to version 8 (note that isomorphic-ws uses * as its ws version, so this will always use the latest compatible release)
- Fixes and extends the TypeScript types, and adds an explicit dependency on @types/ws
- Has a CI build for automated testing
- Adds a 'ws-close' event, which exposes the close event data when a websocket is closed by a close frame (before the stream 'close' event, which is different)
Usage
This module works in Node or in Browsers that support WebSockets. You can use browserify to package this module for browser use.
1var websocket = require('@httptoolkit/websocket-stream') 2var ws = websocket('ws://echo.websocket.org') 3process.stdin.pipe(ws) 4ws.pipe(process.stdout)
In the example above ws is a duplex stream. That means you can pipe output to anything that accepts streams. You can also pipe data into streams (such as a webcam feed or audio data).
The underlying WebSocket instance is available as ws.socket.
Options
The available options differs depending on if you use this module in the browser or with node.js. Options can be passed in as the third or second argument - WebSocket(address, [protocols], [options]).
options.browserBufferSize
How much to allow the socket.bufferedAmount to grow before starting to throttle writes. This option has no effect in node.js.
Default: 1024 * 512 (512KiB)
options.browserBufferTimeout
How long to wait before checking if the socket buffer has drained sufficently for another write. This option has no effect in node.js.
Default: 1000 (1 second)
options.objectMode
Send each chunk on its own, and do not try to pack them in a single websocket frame.
Default: false
options.binary
Always convert to Buffer in Node.js before sending.
Forces options.objectMode to false.
Default: true
options.perMessageDeflate
We recommend disabling the per message deflate extension to achieve the best throughput.
Default: true on the client, false on the server.
Example:
1var websocket = require('@httptoolkit/websocket-stream') 2var ws = websocket('ws://realtimecats.com', { 3 perMessageDeflate: false 4})
Beware that this option is ignored by browser clients. To make sure that permessage-deflate is never used, disable it on the server.
Other options
When used in node.js see the ws.WebSocket documentation
On the server
Using the ws module you can make a websocket server and use this module to get websocket streams on the server:
1var websocket = require('@httptoolkit/websocket-stream') 2var wss = websocket.createServer({server: someHTTPServer}, handle) 3 4function handle(stream, request) { 5 // `request` is the upgrade request sent by the client. 6 fs.createReadStream('bigdata.json').pipe(stream) 7}
We recommend disabling the per message deflate extension to achieve the best throughput:
1var websocket = require('@httptoolkit/websocket-stream') 2var wss = websocket.createServer({ 3 perMessageDeflate: false, 4 server: someHTTPServer 5}, handle) 6 7function handle(stream) { 8 fs.createReadStream('bigdata.json').pipe(stream) 9}
You can even use it on express.js with the express-ws library:
1const express = require('express'); 2const expressWebSocket = require('express-ws'); 3const websocketStream = require('websocket-stream/stream'); 4const app = express(); 5 6// extend express app with app.ws() 7expressWebSocket(app, null, { 8 // ws options here 9 perMessageDeflate: false, 10}); 11 12app.ws('/bigdata.json', function(ws, req) { 13 // convert ws instance to stream 14 const stream = websocketStream(ws, { 15 // websocket-stream options here 16 binary: true, 17 }); 18 19 fs.createReadStream('bigdata.json').pipe(stream); 20}); 21 22app.listen(3000);
Run the tests
Server-side tests
npm test
Client-side tests
First start the echo server by running node test-server.js
Then run npm start and open localhost:9966 in your browser and open the Dev Tools console to see test output.
license
BSD LICENSE
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: BSD 2-Clause "Simplified" License: LICENSE:0
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/httptoolkit/websocket-stream/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/httptoolkit/websocket-stream/ci.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:20
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Score
3.4
/10
Last Scanned on 2025-02-10
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More