Gathering detailed insights and metrics for https-localhost
Gathering detailed insights and metrics for https-localhost
Gathering detailed insights and metrics for https-localhost
Gathering detailed insights and metrics for https-localhost
prepend-http
Prepend `https://` to humanized URLs like sindresorhus.com and localhost
@knapsack/https
Automatically provisions and installs locally-trusted TLS certificates for Node.js https servers (including Express.js, etc.) using mkcert.
@jsenv/https-localhost
Https certificate for localhost server
localhost-cert
A secure and convenient solution for enabling HTTPS on localhost
npm install https-localhost
Typescript
Module System
Node Version
NPM Version
Release v4.7.0
Published on 08 Sept 2021
Release v4.6.5
Published on 07 May 2021
Release v4.6.4
Published on 04 Dec 2020
Release v4.6.3
Published on 10 Oct 2020
Release v4.6.2
Published on 01 Aug 2020
Fix, dependency update, and performance improvement
Published on 20 Feb 2020
JavaScript (99.17%)
HTML (0.83%)
Total
4,270,496
Last Day
1,398
Last Week
22,609
Last Month
88,784
Last Year
1,520,588
286 Stars
181 Commits
38 Forks
8 Watching
3 Branches
9 Contributors
Latest Version
4.7.1
Package Id
https-localhost@4.7.1
Unpacked Size
80.93 kB
Size
26.98 kB
File Count
21
NPM Version
8.1.4
Node Version
17.2.0
Publised On
09 Dec 2024
Cumulative downloads
Total Downloads
Last day
129.9%
1,398
Compared to previous day
Last week
32.4%
22,609
Compared to previous week
Last month
-6.8%
88,784
Compared to previous month
Last year
13.1%
1,520,588
Compared to previous year
I'm looking for maintainers and contributors! Learn more. |
---|
Run an express server on localhost with HTTP2 and SSL. Serve static files or import as module in your project.
https-localhost is a lightweight tool for serving static content on SSL thanks to locally-trusted development certificates.
It works with MacOS, Linux and Windows, on Chrome and Firefox, and requires you no configuration.
nss/certutils are needed for Firefox and Chrome.
1brew install nss
1sudo apt install libnss3-tools 2 -or- 3sudo yum install nss-tools 4 -or- 5sudo pacman -S nss
1npm i -g --only=prod https-localhost
1serve ~/myproj
sudo
may be necessary.PORT
environmental variable: PORT=4433 serve ~/myproj
. Specifying port number will also prevent http to https redirect.HOST
environmental variable: HOST=example.com serve ~/myproj
.If you don't have Node.js installed just use a packaged version! Download it from the release page.
1# Linux 2./https-localhost-linux ~/myproj 3 4# MacOS 5./https-localhost-macos ~/myproj 6 7# Windows 8./https-localhost-win.exe C:\User\me\myproj
Tip 1: on Windows just drag the folder on the executable to serve it.
Tip 2: on all platform put the executable on the folder you want to serve and double-click it.
Install as a dependency:
1npm i -s https-localhost
Then put in your index.js
file:
1const app = require("https-localhost")() 2// app is an express app, do what you usually do with express 3app.listen(port)
app.redirect()
.app.serve(path)
.require("https-localhost")("mydomain.com")
Tip: consider installing it as a dev dependency: this is not a production tool!
npm i --save-dev https-localhost
1const httpsLocalhost = require("https-localhost")() 2// const app = ... 3// const port = 443 4const certs = await httpsLocalhost.getCerts() 5const server = https.createServer(certs, app).listen(port)
This tool has a production version that activates HTTP/2, compression and minify.
1NODE_ENV=production serve ~/myproj
I decide to not activate it by default since it is usually an unwanted behaviour for localhost testing, but sometimes it could be userful, e.g. to test Progressive Web Application or more ingeneral the website performances.
IMPORTANT: the fact that there is a production enviornment doesn't mean that this tool is suitable for production. It's intended to be used only for local testing.
Serving static content on localhost in a trusted SSL connection is not so simple.
It requires to manually generate and trust certificates, with complicate commands and many manual steps.
sserve, serves static content using a locally-trusted certificate, generated with the well-knowed mkcert tool.
When you install sserve it automatically creates and installs a local CA in the system (and browsers) root store, and generates the certificate for you.
No configuration is required, just lunch the tool and we take care of everything you need.
The supported root stores are the one supported by mkcert.
Checkout the updated list here.
Here there is a handy copy:
update-ca-trust
(Fedora, RHEL, CentOS) orupdate-ca-certificates
(Ubuntu, Debian) ortrust
(Arch)JAVA_HOME
is set)https-localhost is compatible with the LTS and latest version of Node.js.
If you need compatibility with other Node.js versions let me know, we'll try to rearrange the code.
localhost.key
and localhost.crt
and specify its path with CERT_PATH=/diractory/containing/certificates/ serve ~/myproj
.PORT=4433 serve ~/myproj
.Run with sudo to use the default ports 443 and 80. You can also change port with: PORT=4433 serve ~/myproj
.
Another service on your machine is using port 443 or port 80. Stop it or change port with PORT=4433 serve ~/myproj
.
Windows users with spaces or quotes in the name (like Aldo D'Aquino) may experience some problems in running the script. You can try to escape this chars or put the entire path between double quotes, but I suggest you to switch to a better user name (like aldodaquino).
RangeError: Invalid typed array length: -4095
It is a known bug of spdy
that is present sometimes with some old Node.js versions.
It should be present only with NODE_ENV=production
, hence the easiest fix is to avoid using the production env. Anyway, if you need the production env, you can try to update Node.js to the latest release, or to the most stable LTS version.
I've tried to reproduce this error without any success (checkout the Travis build logs). If you can help please open an issue and describe as better as you can how to reproduce it, I'll be happy to help you.
And in general all the cases when the script runs but the connection is marked as untrusted.
Force a reinstall of the certificate with REINSTALL=true serve
. sudo
may be required on linux and MacOS.
If the problem is solved you should be able to use https-localhost also as module.
Each contribute is welcome!
Please, checkout the contributing guidelines.
Is released under AGPL-3.0 - GNU Affero General Public License v3.0.
THIS TOOL IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. For the full warranty check the LICENSE.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
Reason
SAST tool detected but not run on all commits
Details
Reason
Found 4/15 approved changesets -- score normalized to 2
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
Reason
project is not fuzzed
Details
Reason
Project has not signed or included provenance with any releases.
Details
Reason
20 existing vulnerabilities detected
Details
Score
Last Scanned on 2024-12-02
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More