npm install stream-http
99.3
Supply Chain Risk
100
Quality
77.7
Maintenance
100
Vulnerability
352 Stars
275 Commits
62 Forks
12 Watching
3 Branches
23 Contributors
Updated on 31 Aug 2024
Minified
Minified + Gzipped
JavaScript (100%)
Cumulative downloads
Total Downloads
Last day
0.9%
1,631,209
Compared to previous day
Last week
4.4%
8,482,527
Compared to previous week
Last month
-2%
35,434,555
Compared to previous month
Last year
-23.7%
449,933,469
Compared to previous year
This module is an implementation of Node's native http
module for the browser.
It tries to match Node's API and behavior as closely as possible, but some features
aren't available, since browsers don't give nearly as much control over requests.
This is heavily inspired by, and intended to replace, http-browserify.
In accordance with its name, stream-http
tries to provide data to its caller before
the request has completed whenever possible.
Backpressure, allowing the browser to only pull data from the server as fast as it is consumed, is supported in:
fetch
and WritableStream
)The following browsers support true streaming, where only a small amount of the request has to be held in memory at once:
fetch
API)moz-chunked-arraybuffer
responseType with xhr)All other supported browsers support pseudo-streaming, where the data is available before the request finishes, but the entire response must be held in memory. This works for both text and binary data.
As of version 3.0.0, IE10 and below are no longer supported. IE11 support will remain for now.
The intent is to have the same API as the client part of the Node HTTP module. The interfaces are the same wherever practical, although limitations in browsers make an exact clone of the Node API impossible.
This module implements http.request
, http.get
, and most of http.ClientRequest
and http.IncomingMessage
in addition to http.METHODS
and http.STATUS_CODES
. See the
Node docs for how these work.
The message.url
property provides access to the final URL after all redirects. This
is useful since the browser follows all redirects silently, unlike Node. It is available
in Chrome 37 and newer, Firefox 32 and newer, and Safari 9 and newer.
The options.withCredentials
boolean flag, used to indicate if the browser should send
cookies or authentication information with a CORS request. Default false.
This module has to make some tradeoffs to support binary data and/or streaming. Generally, the module can make a fairly good decision about which underlying browser features to use, but sometimes it helps to get a little input from the developer.
The options.mode
field passed into http.request
or http.get
can take on one of the
following values:
undefined
): Try to provide partial data before
the request completes, but not at the cost of correctness for binary data or correctness of
the 'content-type' response header. This mode will also avoid slower code paths whenever
possible, which is particularly useful when making large requests in a browser like Safari
that has a weaker JavaScript engine.options.requestTimeout
allows setting a timeout in millisecionds for XHR and fetch (if
supported by the browser). This is a limit on how long the entire process takes from
beginning to end. Note that this is not the same as the node setTimeout
functions,
which apply to pauses in data transfer over the underlying socket, or the node timeout
option, which applies to opening the connection.
http.Agent
is only a stubhttp.ClientRequest
.request.setTimeout
, that operate directly on the underlying
socket.message.httpVersion
message.rawHeaders
is modified by the browser, and may not quite match what is sent by
the server.message.trailers
and message.rawTrailers
will remain empty.http.get('/bundle.js', function (res) { var div = document.getElementById('result'); div.innerHTML += 'GET /beep<br>'; res.on('data', function (buf) { div.innerHTML += buf; }); res.on('end', function () { div.innerHTML += '<br>__END__'; }); })
There are two sets of tests: the tests that run in Node (found in test/node
) and the tests
that run in the browser (found in test/browser
). Normally the browser tests run on
Sauce Labs.
Running npm test
will run both sets of tests, but in order for the Sauce Labs tests to run
you will need to sign up for an account (free for open source projects) and put the
credentials in a .airtaprc
file.
You will also need to run a Sauce Connect Proxy
with the same credentials.
To run just the Node tests, run npm run test-node
.
To run the browser tests locally, run npm run test-browser-local
and point your browser to
the link shown in your terminal.
MIT. Copyright (C) John Hiesey and other contributors.
Reason
license file detected
Details
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
Found 3/21 approved changesets -- score normalized to 1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
branch protection not enabled on development/release branches
Details
Reason
security policy file not detected
Details
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Score
Last Scanned on 2024-09-09
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More