Installations

npm install normalize-url

Score

99.5

Supply Chain

99.5

Quality

77

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

0

Total

87

Closed

32

Merged

55

Issues

Open

9

Total

99

Closed

90

Releases

23

v8.0.1

Published on 10 Mar 2024

v8.0.0

Published on 04 Nov 2022

v7.2.0

Published on 27 Sept 2022

v7.1.0

Published on 01 Sept 2022

v7.0.3

Published on 18 Jan 2022

v7.0.2

Published on 10 Sept 2021

View all 23 releases

Developer

sindresorhus

Developer Guide

BETA

Module System

ESM

Min. Node Version

>=14.16

Typescript Support

Yes

Node Version

18.19.0

NPM Version

9.2.0 Statistics

840 Stars

166 Commits

122 Forks

16 Watching

1 Branches

43 Contributors

Updated on 15 Oct 2024

Bundle Size

3.63 kB

Minified

1.57 kB

Minified + Gzipped

Bundlephobia

Languages

JavaScript (95.02%)

TypeScript (4.98%)

Total Downloads

Cumulative downloads

Total Downloads

7,445,896,679

Last day

-7.4%

5,195,466

Compared to previous day

Last week

2.1%

30,936,972

Compared to previous week

Last month

10.6%

127,100,748

Compared to previous month

Last year

-6.3%

1,382,052,449

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

4

ava c8 tsd xo

Versions

normalize-url

Normalize a URL

Useful when you need to display, store, deduplicate, sort, compare, etc, URLs.

Note: This package does not do URL sanitization. Garbage in, garbage out. If you use this in a server context and accept URLs as user input, it's up to you to protect against invalid URLs, path traversal attacks, etc.

Install

1npm install normalize-url

Usage

1import normalizeUrl from 'normalize-url';
2
3normalizeUrl('sindresorhus.com');
4//=> 'http://sindresorhus.com'
5
6normalizeUrl('//www.sindresorhus.com:80/../baz?b=bar&a=foo');
7//=> 'http://sindresorhus.com/baz?a=foo&b=bar'

API

normalizeUrl(url, options?)

URLs with custom protocols are not normalized and just passed through by default. Supported protocols are: https, http, file, and data.

Human-friendly URLs with basic auth (for example, user:password@sindresorhus.com) are not handled because basic auth conflicts with custom protocols. Basic auth URLs are also deprecated.

url

Type: string

URL to normalize, including data URL.

options

Type: object

defaultProtocol

Type: string
Default: 'http'
Values: 'https' | 'http'

normalizeProtocol

Type: boolean
Default: true

Prepend defaultProtocol to the URL if it's protocol-relative.

1normalizeUrl('//sindresorhus.com');
2//=> 'http://sindresorhus.com'
3
4normalizeUrl('//sindresorhus.com', {normalizeProtocol: false});
5//=> '//sindresorhus.com'

forceHttp

Type: boolean
Default: false

Normalize HTTPS to HTTP.

1normalizeUrl('https://sindresorhus.com');
2//=> 'https://sindresorhus.com'
3
4normalizeUrl('https://sindresorhus.com', {forceHttp: true});
5//=> 'http://sindresorhus.com'

forceHttps

Type: boolean
Default: false

Normalize HTTP to HTTPS.

1normalizeUrl('http://sindresorhus.com');
2//=> 'http://sindresorhus.com'
3
4normalizeUrl('http://sindresorhus.com', {forceHttps: true});
5//=> 'https://sindresorhus.com'

This option cannot be used with the forceHttp option at the same time.

stripAuthentication

Type: boolean
Default: true

Strip the authentication part of the URL.

1normalizeUrl('https://user:password@sindresorhus.com');
2//=> 'https://sindresorhus.com'
3
4normalizeUrl('https://user:password@sindresorhus.com', {stripAuthentication: false});
5//=> 'https://user:password@sindresorhus.com'

stripHash

Type: boolean
Default: false

Strip the hash part of the URL.

1normalizeUrl('sindresorhus.com/about.html#contact');
2//=> 'http://sindresorhus.com/about.html#contact'
3
4normalizeUrl('sindresorhus.com/about.html#contact', {stripHash: true});
5//=> 'http://sindresorhus.com/about.html'

stripProtocol

Type: boolean
Default: false

Remove the protocol from the URL: http://sindresorhus.com → sindresorhus.com.

It will only remove https:// and http:// protocols.

1normalizeUrl('https://sindresorhus.com');
2//=> 'https://sindresorhus.com'
3
4normalizeUrl('https://sindresorhus.com', {stripProtocol: true});
5//=> 'sindresorhus.com'

stripTextFragment

Type: boolean
Default: true

Strip the text fragment part of the URL.

Note: The text fragment will always be removed if the stripHash option is set to true, as the hash contains the text fragment.

1normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello');
2//=> 'http://sindresorhus.com/about.html#'
3
4normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello');
5//=> 'http://sindresorhus.com/about.html#section'
6
7normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello', {stripTextFragment: false});
8//=> 'http://sindresorhus.com/about.html#:~:text=hello'
9
10normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello', {stripTextFragment: false});
11//=> 'http://sindresorhus.com/about.html#section:~:text=hello'

stripWWW

Type: boolean
Default: true

Remove www. from the URL.

1normalizeUrl('http://www.sindresorhus.com');
2//=> 'http://sindresorhus.com'
3
4normalizeUrl('http://www.sindresorhus.com', {stripWWW: false});
5//=> 'http://www.sindresorhus.com'

removeQueryParameters

Type: Array<RegExp | string> | boolean
Default: [/^utm_\w+/i]

Remove query parameters that matches any of the provided strings or regexes.

1normalizeUrl('www.sindresorhus.com?foo=bar&ref=test_ref', {
2	removeQueryParameters: ['ref']
3});
4//=> 'http://sindresorhus.com/?foo=bar'

If a boolean is provided, true will remove all the query parameters.

1normalizeUrl('www.sindresorhus.com?foo=bar', {
2	removeQueryParameters: true
3});
4//=> 'http://sindresorhus.com'

false will not remove any query parameter.

1normalizeUrl('www.sindresorhus.com?foo=bar&utm_medium=test&ref=test_ref', {
2	removeQueryParameters: false
3});
4//=> 'http://www.sindresorhus.com/?foo=bar&ref=test_ref&utm_medium=test'

keepQueryParameters

Type: Array<RegExp | string>
Default: undefined

Keeps only query parameters that matches any of the provided strings or regexes.

Note: It overrides the removeQueryParameters option.

1normalizeUrl('https://sindresorhus.com?foo=bar&ref=unicorn', {
2	keepQueryParameters: ['ref']
3});
4//=> 'https://sindresorhus.com/?ref=unicorn'

removeTrailingSlash

Type: boolean
Default: true

Remove trailing slash.

Note: Trailing slash is always removed if the URL doesn't have a pathname unless the removeSingleSlash option is set to false.

1normalizeUrl('http://sindresorhus.com/redirect/');
2//=> 'http://sindresorhus.com/redirect'
3
4normalizeUrl('http://sindresorhus.com/redirect/', {removeTrailingSlash: false});
5//=> 'http://sindresorhus.com/redirect/'
6
7normalizeUrl('http://sindresorhus.com/', {removeTrailingSlash: false});
8//=> 'http://sindresorhus.com'

removeSingleSlash

Type: boolean
Default: true

Remove a sole / pathname in the output. This option is independent of removeTrailingSlash.

1normalizeUrl('https://sindresorhus.com/');
2//=> 'https://sindresorhus.com'
3
4normalizeUrl('https://sindresorhus.com/', {removeSingleSlash: false});
5//=> 'https://sindresorhus.com/'

removeDirectoryIndex

Type: boolean | Array<RegExp | string>
Default: false

Removes the default directory index file from path that matches any of the provided strings or regexes. When true, the regex /^index\.[a-z]+$/ is used.

1normalizeUrl('www.sindresorhus.com/foo/default.php', {
2	removeDirectoryIndex: [/^default\.[a-z]+$/]
3});
4//=> 'http://sindresorhus.com/foo'

removeExplicitPort

Type: boolean
Default: false

Removes an explicit port number from the URL.

Port 443 is always removed from HTTPS URLs and 80 is always removed from HTTP URLs regardless of this option.

1normalizeUrl('sindresorhus.com:123', {
2	removeExplicitPort: true
3});
4//=> 'http://sindresorhus.com'

sortQueryParameters

Type: boolean
Default: true

Sorts the query parameters alphabetically by key.

1normalizeUrl('www.sindresorhus.com?b=two&a=one&c=three', {
2	sortQueryParameters: false
3});
4//=> 'http://sindresorhus.com/?b=two&a=one&c=three'

8.0.1

HIGH

3

HIGH

7.5/10

Summary

ReDoS in normalize-url

Affected Versions

>= 4.3.0, < 4.5.1

Patched Versions

4.5.1

HIGH

7.5/10

Summary

ReDoS in normalize-url

Affected Versions

>= 6.0.0, < 6.0.1

Patched Versions

6.0.1

HIGH

7.5/10

Summary

ReDoS in normalize-url

Affected Versions

>= 5.0.0, < 5.3.1

Patched Versions

5.3.1

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Security-Policy

Determines if the project has published a security policy.

10

License

Determines if the project has defined a license.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

2

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

Score

4.2

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

normalize-url

Installations

Score

Pull Requests

0

87

32

55

Issues

9

99

90

Releases

Developer

sindresorhus

Developer Guide

ESM

>=14.16

Yes

18.19.0

9.2.0

Statistics

Bundle Size

3.63 kB

1.57 kB

Languages

Total Downloads

7,445,896,679

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

normalize-url

Install

Usage

API

normalizeUrl(url, options?)

url

options

defaultProtocol

normalizeProtocol

forceHttp

forceHttps

stripAuthentication

stripHash

stripProtocol

stripTextFragment

stripWWW

removeQueryParameters

keepQueryParameters

removeTrailingSlash

removeSingleSlash

removeDirectoryIndex

removeExplicitPort

sortQueryParameters

Related

Stable Version

8.0.1

HIGH

10

10

10

10

10

2

0

0

0

0

0

0

0

4.2

/10

Other packages similar to normalize-url