npmpackage.info

Gathering detailed insights and metrics for normalize-url

Other packages similar to normalize-url

postcss-normalize-url

7.0.1

Normalize URLs with PostCSS

resolve-url-loader

5.0.0

Webpack loader that resolves relative paths in url() statements based on the original source file

url-join

5.0.0

Join urls and normalize as in path.join.

normalize-git-url

3.0.2

Normalizes Git URLs. For npm, but you can use it too.

Gathering detailed insights and metrics for normalize-url

normalize-url - 8.0.1 | npmpackage.info

normalize-url

Normalize a URL

8.0.1

847

MIT

JavaScript

1.57 kB

8,161,137,129 4.2

Installations

npm install normalize-url

Developer Guide

BETA

Typescript

Yes

Module System

ESM

Min. Node Version

>=14.16

Node Version

18.19.0

NPM Version

9.2.0 Score

99.8

Supply Chain

99.5

Quality

76.1

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

1

Total

88

Closed

32

Merged

55

Issues

Open

10

Total

100

Closed

90

Releases

v8.0.1

Updated on Mar 10, 2024

v8.0.0

Updated on Nov 04, 2022

v7.2.0

Updated on Sep 27, 2022

v7.1.0

Updated on Sep 01, 2022

v7.0.3

Updated on Jan 18, 2022

v7.0.2

Updated on Sep 10, 2021

View All 23 releases

Languages

JavaScript

TypeScript

JavaScript (95.02%)

TypeScript (4.98%)

Developer

sindresorhus

Download Statistics

Total Downloads

8,161,137,129

Last Day

1,814,232

Last Week

30,158,881

Last Month

130,830,393

Last Year

1,410,927,186

GitHub Statistics

MIT License

847 Stars

166 Commits

123 Forks

15 Watchers

1 Branches

43 Contributors

Updated on May 11, 2025

Bundle Size

3.63 kB

Minified

1.57 kB

Minified + Gzipped

Bundlephobia

Sponsor this package

https://github.com/sponsors/sindresorhus

Maintainers

View All 43 Contributors

Package Meta Information

Latest Version

8.0.1

Package Id

normalize-url@8.0.1

Unpacked Size

25.25 kB

Size

6.50 kB

File Count

NPM Version

9.2.0

Node Version

18.19.0

Published on

Mar 10, 2024

Total Downloads

Cumulative downloads

Total Downloads

8,161,137,129

Dev Dependencies

ava c8 tsd xo

normalize-url

Normalize a URL

Useful when you need to display, store, deduplicate, sort, compare, etc, URLs.

Note: This package does not do URL sanitization. Garbage in, garbage out. If you use this in a server context and accept URLs as user input, it's up to you to protect against invalid URLs, path traversal attacks, etc.

Install

1npm install normalize-url

Usage

1import normalizeUrl from 'normalize-url';
2
3normalizeUrl('sindresorhus.com');
4//=> 'http://sindresorhus.com'
5
6normalizeUrl('//www.sindresorhus.com:80/../baz?b=bar&a=foo');
7//=> 'http://sindresorhus.com/baz?a=foo&b=bar'

API

normalizeUrl(url, options?)

URLs with custom protocols are not normalized and just passed through by default. Supported protocols are: https, http, file, and data.

Human-friendly URLs with basic auth (for example, user:password@sindresorhus.com) are not handled because basic auth conflicts with custom protocols. Basic auth URLs are also deprecated.

url

Type: string

URL to normalize, including data URL.

options

Type: object

defaultProtocol

Type: string
Default: 'http'
Values: 'https' | 'http'

normalizeProtocol

Type: boolean
Default: true

Prepend defaultProtocol to the URL if it's protocol-relative.

1normalizeUrl('//sindresorhus.com');
2//=> 'http://sindresorhus.com'
3
4normalizeUrl('//sindresorhus.com', {normalizeProtocol: false});
5//=> '//sindresorhus.com'

forceHttp

Type: boolean
Default: false

Normalize HTTPS to HTTP.

1normalizeUrl('https://sindresorhus.com');
2//=> 'https://sindresorhus.com'
3
4normalizeUrl('https://sindresorhus.com', {forceHttp: true});
5//=> 'http://sindresorhus.com'

forceHttps

Type: boolean
Default: false

Normalize HTTP to HTTPS.

1normalizeUrl('http://sindresorhus.com');
2//=> 'http://sindresorhus.com'
3
4normalizeUrl('http://sindresorhus.com', {forceHttps: true});
5//=> 'https://sindresorhus.com'

This option cannot be used with the forceHttp option at the same time.

stripAuthentication

Type: boolean
Default: true

Strip the authentication part of the URL.

1normalizeUrl('https://user:password@sindresorhus.com');
2//=> 'https://sindresorhus.com'
3
4normalizeUrl('https://user:password@sindresorhus.com', {stripAuthentication: false});
5//=> 'https://user:password@sindresorhus.com'

stripHash

Type: boolean
Default: false

Strip the hash part of the URL.

1normalizeUrl('sindresorhus.com/about.html#contact');
2//=> 'http://sindresorhus.com/about.html#contact'
3
4normalizeUrl('sindresorhus.com/about.html#contact', {stripHash: true});
5//=> 'http://sindresorhus.com/about.html'

stripProtocol

Type: boolean
Default: false

Remove the protocol from the URL: http://sindresorhus.com → sindresorhus.com.

It will only remove https:// and http:// protocols.

1normalizeUrl('https://sindresorhus.com');
2//=> 'https://sindresorhus.com'
3
4normalizeUrl('https://sindresorhus.com', {stripProtocol: true});
5//=> 'sindresorhus.com'

stripTextFragment

Type: boolean
Default: true

Strip the text fragment part of the URL.

Note: The text fragment will always be removed if the stripHash option is set to true, as the hash contains the text fragment.

1normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello');
2//=> 'http://sindresorhus.com/about.html#'
3
4normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello');
5//=> 'http://sindresorhus.com/about.html#section'
6
7normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello', {stripTextFragment: false});
8//=> 'http://sindresorhus.com/about.html#:~:text=hello'
9
10normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello', {stripTextFragment: false});
11//=> 'http://sindresorhus.com/about.html#section:~:text=hello'

stripWWW

Type: boolean
Default: true

Remove www. from the URL.

1normalizeUrl('http://www.sindresorhus.com');
2//=> 'http://sindresorhus.com'
3
4normalizeUrl('http://www.sindresorhus.com', {stripWWW: false});
5//=> 'http://www.sindresorhus.com'

removeQueryParameters

Type: Array<RegExp | string> | boolean
Default: [/^utm_\w+/i]

Remove query parameters that matches any of the provided strings or regexes.

1normalizeUrl('www.sindresorhus.com?foo=bar&ref=test_ref', {
2	removeQueryParameters: ['ref']
3});
4//=> 'http://sindresorhus.com/?foo=bar'

If a boolean is provided, true will remove all the query parameters.

1normalizeUrl('www.sindresorhus.com?foo=bar', {
2	removeQueryParameters: true
3});
4//=> 'http://sindresorhus.com'

false will not remove any query parameter.

1normalizeUrl('www.sindresorhus.com?foo=bar&utm_medium=test&ref=test_ref', {
2	removeQueryParameters: false
3});
4//=> 'http://www.sindresorhus.com/?foo=bar&ref=test_ref&utm_medium=test'

keepQueryParameters

Type: Array<RegExp | string>
Default: undefined

Keeps only query parameters that matches any of the provided strings or regexes.

Note: It overrides the removeQueryParameters option.

1normalizeUrl('https://sindresorhus.com?foo=bar&ref=unicorn', {
2	keepQueryParameters: ['ref']
3});
4//=> 'https://sindresorhus.com/?ref=unicorn'

removeTrailingSlash

Type: boolean
Default: true

Remove trailing slash.

Note: Trailing slash is always removed if the URL doesn't have a pathname unless the removeSingleSlash option is set to false.

1normalizeUrl('http://sindresorhus.com/redirect/');
2//=> 'http://sindresorhus.com/redirect'
3
4normalizeUrl('http://sindresorhus.com/redirect/', {removeTrailingSlash: false});
5//=> 'http://sindresorhus.com/redirect/'
6
7normalizeUrl('http://sindresorhus.com/', {removeTrailingSlash: false});
8//=> 'http://sindresorhus.com'

removeSingleSlash

Type: boolean
Default: true

Remove a sole / pathname in the output. This option is independent of removeTrailingSlash.

1normalizeUrl('https://sindresorhus.com/');
2//=> 'https://sindresorhus.com'
3
4normalizeUrl('https://sindresorhus.com/', {removeSingleSlash: false});
5//=> 'https://sindresorhus.com/'

removeDirectoryIndex

Type: boolean | Array<RegExp | string>
Default: false

Removes the default directory index file from path that matches any of the provided strings or regexes. When true, the regex /^index\.[a-z]+$/ is used.

1normalizeUrl('www.sindresorhus.com/foo/default.php', {
2	removeDirectoryIndex: [/^default\.[a-z]+$/]
3});
4//=> 'http://sindresorhus.com/foo'

removeExplicitPort

Type: boolean
Default: false

Removes an explicit port number from the URL.

Port 443 is always removed from HTTPS URLs and 80 is always removed from HTTP URLs regardless of this option.

1normalizeUrl('sindresorhus.com:123', {
2	removeExplicitPort: true
3});
4//=> 'http://sindresorhus.com'

sortQueryParameters

Type: boolean
Default: true

Sorts the query parameters alphabetically by key.

1normalizeUrl('www.sindresorhus.com?b=two&a=one&c=three', {
2	sortQueryParameters: false
3});
4//=> 'http://sindresorhus.com/?b=two&a=one&c=three'

compare-urls - Compare URLs by first normalizing them

High

7.5/10

Summary

ReDoS in normalize-url

Affected Versions

>= 4.3.0, < 4.5.1

Patched Versions

4.5.1

High

7.5/10

Summary

ReDoS in normalize-url

Affected Versions

>= 6.0.0, < 6.0.1

Patched Versions

6.0.1

High

7.5/10

Summary

ReDoS in normalize-url

Affected Versions

>= 5.0.0, < 5.3.1

Patched Versions

5.3.1

10

Security-Policy

Determines if the project has published a security policy.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

License

Determines if the project has defined a license.

2

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Maintained

Determines if the project is "actively maintained".

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

Score

4.2

/10

Last Scanned on 2025-05-26

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to normalize-url

Other packages similar to normalize-url

normalize-url

Installations

Developer Guide

Yes

ESM

>=14.16

18.19.0

9.2.0

Score

Pull Requests

1

88

32

55

Issues

10

100

90

Releases

Languages

Developer

sindresorhus

Download Statistics

GitHub Statistics

Bundle Size

3.63 kB

1.57 kB

Sponsor this package

Maintainers

Package Meta Information

Total Downloads

8,161,137,129

Dev Dependencies

normalize-url

Install

Usage

API

normalizeUrl(url, options?)

url

options

defaultProtocol

normalizeProtocol

forceHttp

forceHttps

stripAuthentication

stripHash

stripProtocol

stripTextFragment

stripWWW

removeQueryParameters

keepQueryParameters

removeTrailingSlash

removeSingleSlash

removeDirectoryIndex

removeExplicitPort

sortQueryParameters

Related

10

10

10

10

10

2

0

0

0

0

0

0

0

4.2

/10

Weekly Downloads

Monthly Downloads

Yearly Downloads