npmpackage.info

Gathering detailed insights and metrics for uri-js

Other packages similar to uri-js

@trivikr-test/util-uri-escape

3.170.0-es2021

Please refer [README.md](https://github.com/aws/aws-sdk-js-v3/blob/v3.170.0/packages/util-uri-escape/README.md) for v3.170.0.

@polywrap/uri-resolvers-js

0.12.2

Polywrap URI resolvers

@polywrap/uri-resolver-extensions-js

0.12.2

Polywrap URI resolver extensions

nehonix-uri-processor

2.3.19

A powerful URI processor for encoding, decoding, and analyzing URI data securely.

Gathering detailed insights and metrics for uri-js

uri-js - 4.4.1 | npmpackage.info

uri-js

An RFC 3986 compliant, scheme extendable URI parsing/validating/normalizing/resolving library for JavaScript

4.4.1

311

NOASSERTION

JavaScript

2.1

Installations

npm install uri-js

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Node Version

12.18.3

NPM Version

6.14.6 Pull Requests

Open

10

Total

43

Closed

16

Merged

17

Issues

Open

20

Total

55

Closed

35

Releases

Unable to fetch releases

Languages

JavaScript

TypeScript

CSS

HTML

JavaScript (59.71%)

TypeScript (36.73%)

CSS (2.51%)

HTML (1.04%)

Developer

garycourt

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

NOASSERTION License

311 Stars

89 Commits

68 Forks

8 Watchers

7 Branches

8 Contributors

Updated on Jul 07, 2025

Maintainers

View All 8 Contributors

Package Meta Information

Latest Version

4.4.1

Package Id

uri-js@4.4.1

Size

128.91 kB

NPM Version

6.14.6

Node Version

12.18.3

Published on

Jan 10, 2021

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

punycode

Dev Dependencies

babel-cli babel-plugin-external-helpers babel-preset-latest mocha mocha-qunit-ui rollup rollup-plugin-babel rollup-plugin-node-resolve sorcery typescript uglify-js

URI.js

URI.js is an RFC 3986 compliant, scheme extendable URI parsing/validating/resolving library for all JavaScript environments (browsers, Node.js, etc). It is also compliant with the IRI (RFC 3987), IDNA (RFC 5890), IPv6 Address (RFC 5952), IPv6 Zone Identifier (RFC 6874) specifications.

URI.js has an extensive test suite, and works in all (Node.js, web) environments. It weighs in at 6.4kb (gzipped, 17kb deflated).

API

Parsing

URI.parse("uri://user:pass@example.com:123/one/two.three?q1=a1&q2=a2#body");
//returns:
//{
//  scheme : "uri",
//  userinfo : "user:pass",
//  host : "example.com",
//  port : 123,
//  path : "/one/two.three",
//  query : "q1=a1&q2=a2",
//  fragment : "body"
//}

Serializing

URI.serialize({scheme : "http", host : "example.com", fragment : "footer"}) === "http://example.com/#footer"

Resolving

URI.resolve("uri://a/b/c/d?q", "../../g") === "uri://a/g"

Normalizing

URI.normalize("HTTP://ABC.com:80/%7Esmith/home.html") === "http://abc.com/~smith/home.html"

Comparison

URI.equal("example://a/b/c/%7Bfoo%7D", "eXAMPLE://a/./b/../b/%63/%7bfoo%7d") === true

IP Support

//IPv4 normalization
URI.normalize("//192.068.001.000") === "//192.68.1.0"

//IPv6 normalization
URI.normalize("//[2001:0:0DB8::0:0001]") === "//[2001:0:db8::1]"

//IPv6 zone identifier support
URI.parse("//[2001:db8::7%25en1]");
//returns:
//{
//  host : "2001:db8::7%en1"
//}

IRI Support

//convert IRI to URI
URI.serialize(URI.parse("http://examplé.org/rosé")) === "http://xn--exampl-gva.org/ros%C3%A9"
//convert URI to IRI
URI.serialize(URI.parse("http://xn--exampl-gva.org/ros%C3%A9"), {iri:true}) === "http://examplé.org/rosé"

Options

All of the above functions can accept an additional options argument that is an object that can contain one or more of the following properties:

scheme (string)

Indicates the scheme that the URI should be treated as, overriding the URI's normal scheme parsing behavior.
reference (string)

If set to "suffix", it indicates that the URI is in the suffix format, and the validator will use the option's scheme property to determine the URI's scheme.
tolerant (boolean, false)

If set to true, the parser will relax URI resolving rules.
absolutePath (boolean, false)

If set to true, the serializer will not resolve a relative path component.
iri (boolean, false)

If set to true, the serializer will unescape non-ASCII characters as per RFC 3987.
unicodeSupport (boolean, false)

If set to true, the parser will unescape non-ASCII characters in the parsed output as per RFC 3987.
domainHost (boolean, false)

If set to true, the library will treat the host component as a domain name, and convert IDNs (International Domain Names) as per RFC 5891.

Scheme Extendable

URI.js supports inserting custom scheme dependent processing rules. Currently, URI.js has built in support for the following schemes:

http [RFC 2616]
https [RFC 2818]
ws [RFC 6455]
wss [RFC 6455]
mailto [RFC 6068]
urn [RFC 2141]
urn:uuid [RFC 4122]

HTTP/HTTPS Support

URI.equal("HTTP://ABC.COM:80", "http://abc.com/") === true
URI.equal("https://abc.com", "HTTPS://ABC.COM:443/") === true

WS/WSS Support

URI.parse("wss://example.com/foo?bar=baz");
//returns:
//{
//	scheme : "wss",
//	host: "example.com",
//	resourceName: "/foo?bar=baz",
//	secure: true,
//}

URI.equal("WS://ABC.COM:80/chat#one", "ws://abc.com/chat") === true

Mailto Support

URI.parse("mailto:alpha@example.com,bravo@example.com?subject=SUBSCRIBE&body=Sign%20me%20up!");
//returns:
//{
//	scheme : "mailto",
//	to : ["alpha@example.com", "bravo@example.com"],
//	subject : "SUBSCRIBE",
//	body : "Sign me up!"
//}

URI.serialize({
	scheme : "mailto",
	to : ["alpha@example.com"],
	subject : "REMOVE",
	body : "Please remove me",
	headers : {
		cc : "charlie@example.com"
	}
}) === "mailto:alpha@example.com?cc=charlie@example.com&subject=REMOVE&body=Please%20remove%20me"

URN Support

URI.parse("urn:example:foo");
//returns:
//{
//	scheme : "urn",
//	nid : "example",
//	nss : "foo",
//}

URN UUID Support

URI.parse("urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6");
//returns:
//{
//	scheme : "urn",
//	nid : "uuid",
//	uuid : "f81d4fae-7dec-11d0-a765-00a0c91e6bf6",
//}

Usage

To load in a browser, use the following tag:

<script type="text/javascript" src="uri-js/dist/es5/uri.all.min.js"></script>

To load in a CommonJS/Module environment, first install with npm/yarn by running on the command line:

npm install uri-js
# OR
yarn add uri-js

Then, in your code, load it using:

const URI = require("uri-js");

If you are writing your code in ES6+ (ESNEXT) or TypeScript, you would load it using:

import * as URI from "uri-js";

Or you can load just what you need using named exports:

import { parse, serialize, resolve, resolveComponents, normalize, equal, removeDotSegments, pctEncChar, pctDecChars, escapeComponent, unescapeComponent } from "uri-js";

Breaking changes

Breaking changes from 3.x

URN parsing has been completely changed to better align with the specification. Scheme is now always urn, but has two new properties: nid which contains the Namspace Identifier, and nss which contains the Namespace Specific String. The nss property will be removed by higher order scheme handlers, such as the UUID URN scheme handler.

The UUID of a URN can now be found in the uuid property.

Breaking changes from 2.x

URI validation has been removed as it was slow, exposed a vulnerabilty, and was generally not useful.

Breaking changes from 1.x

The errors array on parsed components is now an error string.

Moderate

6.5/10

Summary

Regular Expression Denial Of Service in uri-js

Affected Versions

< 3.0.0

Patched Versions

3.0.0

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

9

License

Determines if the project has defined a license.

3

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

2.1

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More