Gathering detailed insights and metrics for content-disposition
Gathering detailed insights and metrics for content-disposition
Gathering detailed insights and metrics for content-disposition
Gathering detailed insights and metrics for content-disposition
npm install content-disposition
Typescript
Module System
Min. Node Version
Node Version
NPM Version
99.5
Supply Chain
99
Quality
81.3
Maintenance
100
Vulnerability
100
License
JavaScript (100%)
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
MIT License
234 Stars
153 Commits
45 Forks
15 Watchers
9 Branches
32 Contributors
Updated on Jun 01, 2025
Minified
Minified + Gzipped
Latest Version
0.5.4
Package Id
content-disposition@0.5.4
Unpacked Size
18.67 kB
Size
6.58 kB
File Count
5
NPM Version
7.20.3
Node Version
16.7.0
Published on
Dec 10, 2021
Cumulative downloads
Total Downloads
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Create and parse HTTP Content-Disposition
header
1$ npm install content-disposition
1var contentDisposition = require('content-disposition')
Create an attachment Content-Disposition
header value using the given file name,
if supplied. The filename
is optional and if no file name is desired, but you
want to specify options
, set filename
to undefined
.
1res.setHeader('Content-Disposition', contentDisposition('∫ maths.pdf'))
note HTTP headers are of the ISO-8859-1 character set. If you are writing this
header through a means different from setHeader
in Node.js, you'll want to specify
the 'binary'
encoding in Node.js.
contentDisposition
accepts these properties in the options object.
If the filename
option is outside ISO-8859-1, then the file name is actually
stored in a supplemental field for clients that support Unicode file names and
a ISO-8859-1 version of the file name is automatically generated.
This specifies the ISO-8859-1 file name to override the automatic generation or
disables the generation all together, defaults to true
.
false
will disable including a ISO-8859-1 file name and only include the
Unicode version (unless the file name is already ISO-8859-1).true
will enable automatic generation if the file name is outside ISO-8859-1.If the filename
option is ISO-8859-1 and this option is specified and has a
different value, then the filename
option is encoded in the extended field
and this set as the fallback field, even though they are both ISO-8859-1.
Specifies the disposition type, defaults to "attachment"
. This can also be
"inline"
, or any other value (all values except inline are treated like
attachment
, but can convey additional information if both parties agree to
it). The type is normalized to lower-case.
1var disposition = contentDisposition.parse('attachment; filename="EURO rates.txt"; filename*=UTF-8\'\'%e2%82%ac%20rates.txt')
Parse a Content-Disposition
header string. This automatically handles extended
("Unicode") parameters by decoding them and providing them under the standard
parameter name. This will return an object with the following properties (examples
are shown for the string 'attachment; filename="EURO rates.txt"; filename*=UTF-8\'\'%e2%82%ac%20rates.txt'
):
type
: The disposition type (always lower case). Example: 'attachment'
parameters
: An object of the parameters in the disposition (name of parameter
always lower case and extended versions replace non-extended versions). Example:
{filename: "€ rates.txt"}
1var contentDisposition = require('content-disposition') 2var destroy = require('destroy') 3var fs = require('fs') 4var http = require('http') 5var onFinished = require('on-finished') 6 7var filePath = '/path/to/public/plans.pdf' 8 9http.createServer(function onRequest (req, res) { 10 // set headers 11 res.setHeader('Content-Type', 'application/pdf') 12 res.setHeader('Content-Disposition', contentDisposition(filePath)) 13 14 // send file 15 var stream = fs.createReadStream(filePath) 16 stream.pipe(res) 17 onFinished(res, function () { 18 destroy(stream) 19 }) 20})
1$ npm test
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
update tool detected
Details
Reason
no dangerous workflow patterns detected
Reason
GitHub workflow tokens follow principle of least privilege
Details
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
Reason
project has 7 contributing companies or organizations
Details
Reason
security policy file detected
Details
Reason
SAST tool detected but not run on all commits
Details
Reason
14 out of 19 merged PRs checked by a CI test -- score normalized to 7
Reason
Found 14/26 approved changesets -- score normalized to 5
Reason
5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
branch protection not enabled on development/release branches
Details
Reason
project is not fuzzed
Details
Score
Last Scanned on 2025-06-30T21:30:21Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More