Gathering detailed insights and metrics for type-is
Gathering detailed insights and metrics for type-is
Installations
npm install type-isReleases
27
Contributors
33
Developer
jshttp
Developer Guide
BETA
Module System
Unable to determine the module system for this package.
Min. Node Version
>= 0.6
Typescript Support
No
Node Version
8.16.0
NPM Version
6.4.1
Statistics
228 Stars
339 Commits
33 Forks
18 Watching
3 Branches
33 Contributors
Updated on 09 Oct 2024
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
6,425,759,352
Last day
-5.9%
5,640,883
Compared to previous day
Last week
2.2%
33,041,282
Compared to previous week
Last month
8.2%
136,828,616
Compared to previous month
Last year
6.2%
1,428,181,793
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
type-is
Infer the content-type of a request.
Install
This is a Node.js module available through the
npm registry. Installation is done using the
npm install command:
1$ npm install type-isAPI
1var http = require('http') 2var typeis = require('type-is') 3 4http.createServer(function (req, res) { 5 var istext = typeis(req, ['text/*']) 6 res.end('you ' + (istext ? 'sent' : 'did not send') + ' me text') 7})
typeis(request, types)
Checks if the request is one of the types. If the request has no body,
even if there is a Content-Type header, then null is returned. If the
Content-Type header is invalid or does not matches any of the types, then
false is returned. Otherwise, a string of the type that matched is returned.
The request argument is expected to be a Node.js HTTP request. The types
argument is an array of type strings.
Each type in the types array can be one of the following:
- A file extension name such as
json. This name will be returned if matched. - A mime type such as
application/json. - A mime type with a wildcard such as
*/*or*/jsonorapplication/*. The full mime type will be returned if matched. - A suffix such as
+json. This can be combined with a wildcard such as*/vnd+jsonorapplication/*+json. The full mime type will be returned if matched.
Some examples to illustrate the inputs and returned value:
1// req.headers.content-type = 'application/json' 2 3typeis(req, ['json']) // => 'json' 4typeis(req, ['html', 'json']) // => 'json' 5typeis(req, ['application/*']) // => 'application/json' 6typeis(req, ['application/json']) // => 'application/json' 7 8typeis(req, ['html']) // => false
typeis.hasBody(request)
Returns a Boolean if the given request has a body, regardless of the
Content-Type header.
Having a body has no relation to how large the body is (it may be 0 bytes). This is similar to how file existence works. If a body does exist, then this indicates that there is data to read from the Node.js request stream.
1if (typeis.hasBody(req)) { 2 // read the body, since there is one 3 4 req.on('data', function (chunk) { 5 // ... 6 }) 7}
typeis.is(mediaType, types)
Checks if the mediaType is one of the types. If the mediaType is invalid
or does not matches any of the types, then false is returned. Otherwise, a
string of the type that matched is returned.
The mediaType argument is expected to be a
media type string. The types argument
is an array of type strings.
Each type in the types array can be one of the following:
- A file extension name such as
json. This name will be returned if matched. - A mime type such as
application/json. - A mime type with a wildcard such as
*/*or*/jsonorapplication/*. The full mime type will be returned if matched. - A suffix such as
+json. This can be combined with a wildcard such as*/vnd+jsonorapplication/*+json. The full mime type will be returned if matched.
Some examples to illustrate the inputs and returned value:
1var mediaType = 'application/json' 2 3typeis.is(mediaType, ['json']) // => 'json' 4typeis.is(mediaType, ['html', 'json']) // => 'json' 5typeis.is(mediaType, ['application/*']) // => 'application/json' 6typeis.is(mediaType, ['application/json']) // => 'application/json' 7 8typeis.is(mediaType, ['html']) // => false
typeis.match(expected, actual)
Match the type string expected with actual, taking in to account wildcards.
A wildcard can only be in the type of the subtype part of a media type and only
in the expected value (as actual should be the real media type to match). A
suffix can still be included even with a wildcard subtype. If an input is
malformed, false will be returned.
1typeis.match('text/html', 'text/html') // => true 2typeis.match('*/html', 'text/html') // => true 3typeis.match('text/*', 'text/html') // => true 4typeis.match('*/*', 'text/html') // => true 5typeis.match('*/*+json', 'application/x-custom+json') // => true
typeis.normalize(type)
Normalize a type string. This works by performing the following:
- If the
typeis not a string,falseis returned. - If the string starts with
+(so it is a+suffixshorthand like+json), then it is expanded to contain the complete wildcard notation of*/*+suffix. - If the string contains a
/, then it is returned as the type. - Else the string is assumed to be a file extension and the mapped media type is
returned, or
falseis there is no mapping.
This includes two special mappings:
'multipart'->'multipart/*''urlencoded'->'application/x-www-form-urlencoded'
Examples
Example body parser
1var express = require('express') 2var typeis = require('type-is') 3 4var app = express() 5 6app.use(function bodyParser (req, res, next) { 7 if (!typeis.hasBody(req)) { 8 return next() 9 } 10 11 switch (typeis(req, ['urlencoded', 'json', 'multipart'])) { 12 case 'urlencoded': 13 // parse urlencoded body 14 throw new Error('implement urlencoded body parsing') 15 case 'json': 16 // parse json body 17 throw new Error('implement json body parsing') 18 case 'multipart': 19 // parse multipart body 20 throw new Error('implement multipart body parsing') 21 default: 22 // 415 error code 23 res.statusCode = 415 24 res.end() 25 break 26 } 27})
License
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
7 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 5
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/jshttp/.github/SECURITY.md:1
- Warn: no linked content found
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/jshttp/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/jshttp/.github/SECURITY.md:1
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/jshttp/type-is/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/jshttp/type-is/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/jshttp/type-is/ci.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:65
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:81
- Info: 3 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 3 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
Found 3/24 approved changesets -- score normalized to 1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:18
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 10 are checked with a SAST tool
Score
4.4
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More