npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@osvlabs/cordova-plugin-advanced-http

v2.1.2

Published

Cordova / Phonegap plugin for communicating with HTTP servers using SSL pinning

Downloads

4

Readme

Cordova Advanced HTTP

npm version downloads/month MIT Licence Build Status

Cordova / Phonegap plugin for communicating with HTTP servers. Supports iOS, Android and Browser.

This is a fork of Wymsee's Cordova-HTTP plugin.

Advantages over Javascript requests

  • Background threading - all requests are done in a background thread.
  • Handling of HTTP code 401 - read more at Issue CB-2415.
  • SSL Pinning

Updates

Please check CHANGELOG.md for details about updating to a new version.

Installation

The plugin conforms to the Cordova plugin specification, it can be installed using the Cordova / Phonegap command line interface.

phonegap plugin add @osvlabs/cordova-plugin-advanced-http

cordova plugin add @osvlabs/cordova-plugin-advanced-http

Usage

Plain Cordova

This plugin registers a global object located at cordova.plugin.http.

With Ionic-native wrapper

Check the Ionic docs for how to use this plugin with Ionic-native.

Synchronous Functions

getBasicAuthHeader

This returns an object representing a basic HTTP Authorization header of the form {'Authorization': 'Basic base64encodedusernameandpassword'}

var header = cordova.plugin.http.getBasicAuthHeader("user", "password");

useBasicAuth

This sets up all future requests to use Basic HTTP authentication with the given username and password.

cordova.plugin.http.useBasicAuth("user", "password");

setHeader

Set a header for all future requests to a specified host. Takes a hostname, a header and a value (must be a string value).

cordova.plugin.http.setHeader("Hostname", "Header", "Value");

You can also define headers used for all hosts by using wildcard character "*" or providing only two params.

cordova.plugin.http.setHeader("*", "Header", "Value");
cordova.plugin.http.setHeader("Header", "Value");

The hostname also includes the port number. If you define a header for www.example.com it will not match following URL http://www.example.com:8080.

// will match http://www.example.com/...
cordova.plugin.http.setHeader("www.example.com", "Header", "Value");

// will match http://www.example.com:8080/...
cordova.plugin.http.setHeader("www.example.com:8080", "Header", "Value");

setDataSerializer

Set the data serializer which will be used for all future PATCH, POST and PUT requests. Takes a string representing the name of the serializer.

cordova.plugin.http.setDataSerializer("urlencoded");

You can choose one of these:

  • urlencoded: send data as url encoded content in body (content type "application/x-www-form-urlencoded")
  • json: send data as JSON encoded content in body (content type "application/json")
  • utf8: send data as plain UTF8 encoded string in body (content type "plain/text")

This defaults to urlencoded. You can also override the default content type headers by specifying your own headers (see setHeader).

Caution: urlencoded does not support serializing deep structures whereas json does.

setRequestTimeout

Set how long to wait for a request to respond, in seconds.

cordova.plugin.http.setRequestTimeout(5.0);

setFollowRedirect

Configure if it should follow redirects automatically. This defaults to true.

cordova.plugin.http.setFollowRedirect(true);

getCookieString

Returns saved cookies (as string) matching given URL.

cordova.plugin.http.getCookieString(url);

setCookie

Add a custom cookie. Takes a URL, a cookie string and an options object. See ToughCookie documentation for allowed options.

cordova.plugin.http.setCookie(url, cookie, options);

clearCookies

Clear the cookie store.

cordova.plugin.http.clearCookies();

Asynchronous Functions

These functions all take success and error callbacks as their last 2 arguments.

setServerTrustMode

Set server trust mode, being one of the following values:

  • default: default SSL trustship and hostname verification handling using system's CA certs
  • legacy: use legacy default behavior (< 2.0.3), excluding user installed CA certs (only for Android)
  • nocheck: disable SSL certificate checking and hostname verification, trusting all certs (meant to be used only for testing purposes)
  • pinned: trust only provided certificates

To use SSL pinning you must include at least one .cer SSL certificate in your app project. You can pin to your server certificate or to one of the issuing CA certificates. Include your certificate in the www/certificates folder. All .cer files found there will be loaded automatically.

:warning: Your certificate must be DER encoded! If you only have a PEM encoded certificate read this stackoverflow answer. You want to convert it to a DER encoded certificate with a .cer extension.

// enable SSL pinning
cordova.plugin.http.setServerTrustMode(
  "pinned",
  function() {
    console.log("success!");
  },
  function() {
    console.log("error :(");
  }
);

// use system's default CA certs
cordova.plugin.http.setServerTrustMode(
  "default",
  function() {
    console.log("success!");
  },
  function() {
    console.log("error :(");
  }
);

// disable SSL cert checking, only meant for testing purposes, do NOT use in production!
cordova.plugin.http.setServerTrustMode(
  "nocheck",
  function() {
    console.log("success!");
  },
  function() {
    console.log("error :(");
  }
);

disableRedirect (deprecated)

This function was deprecated in 2.0.9. Use "setFollowRedirect" instead.

setSSLCertMode (deprecated)

This function was deprecated in 2.0.8. Use "setServerTrustMode" instead.

enableSSLPinning (obsolete)

This function was removed in 2.0.0. Use "setServerTrustMode" to enable SSL pinning (mode "pinned").

acceptAllCerts (obsolete)

This function was removed in 2.0.0. Use "setServerTrustMode" to disable checking certs (mode "nocheck").

validateDomainName (obsolete)

This function was removed in v1.6.2. Domain name validation is disabled automatically when you set server trust mode to "nocheck".

removeCookies

Remove all cookies associated with a given URL.

cordova.plugin.http.removeCookies(url, callback);

sendRequest

Execute a HTTP request. Takes a URL and an options object. This is the internally used implementation of the following shorthand functions (post, get, put, patch, delete, head, uploadFile and downloadFile). You can use this function, if you want to override global settings for each single request. Check the documentation of the respective shorthand function for details on what is returned on success and failure.

:warning: You need to encode the base URL yourself if it contains special characters like whitespaces. You can use encodeURI() for this purpose.

The options object contains following keys:

  • method: HTTP method to be used, defaults to get, needs to be one of the following values:
    • get, post, put, patch, head, delete, upload, download
  • data: payload to be send to the server (only applicable on post, put or patch methods)
  • params: query params to be appended to the URL (only applicable on get, head, delete, upload or download methods)
  • serializer: data serializer to be used (only applicable on post, put or patch methods), defaults to global serializer value, see setDataSerializer for supported values
  • responseType: expected response type, defaults to text, needs to be one of the following values:
    • text: data is returned as decoded string, use this for all kinds of string responses (e.g. JSON, XML, HTML, plain text, etc.)
    • arraybuffer: data is returned as ArrayBuffer instance
    • blob: data is returned as Blob instance
  • timeout: timeout value for the request in seconds, defaults to global timeout value
  • followRedirect: enable or disable automatically following redirects
  • headers: headers object (key value pair), will be merged with global values
  • filePath: filePath to be used during upload and download see uploadFile and downloadFile for detailed information
  • name: name to be used during upload see uploadFile for detailed information

Here's a quick example:

const options = {
  method: "post",
  data: { id: 12, message: "test" },
  headers: { Authorization: "OAuth2: token" }
};

cordova.plugin.http.sendRequest(
  "https://google.com/",
  options,
  function(response) {
    // prints 200
    console.log(response.status);
  },
  function(response) {
    // prints 403
    console.log(response.status);

    //prints Permission denied
    console.log(response.error);
  }
);

post

Execute a POST request. Takes a URL, data, and headers.

cordova.plugin.http.post(
  "https://google.com/",
  {
    test: "testString"
  },
  {
    Authorization: "OAuth2: token"
  },
  function(response) {
    console.log(response.status);
  },
  function(response) {
    console.error(response.error);
  }
);

success

The success function receives a response object with 4 properties: status, data, url, and headers. status is the HTTP response code as numeric value. data is the response from the server as a string. url is the final URL obtained after any redirects as a string. headers is an object with the headers. The keys of the returned object are the header names and the values are the respective header values. All header names are lowercase.

Here's a quick example:

{
  status: 200,
  data: '{"id": 12, "message": "test"}',
  url: 'http://example.net/rest'
  headers: {
    'content-length': '247'
  }
}

Most apis will return JSON meaning you'll want to parse the data like in the example below:

cordova.plugin.http.post(
  "https://google.com/",
  {
    id: 12,
    message: "test"
  },
  { Authorization: "OAuth2: token" },
  function(response) {
    // prints 200
    console.log(response.status);
    try {
      response.data = JSON.parse(response.data);
      // prints test
      console.log(response.data.message);
    } catch (e) {
      console.error("JSON parsing error");
    }
  },
  function(response) {
    // prints 403
    console.log(response.status);

    //prints Permission denied
    console.log(response.error);
  }
);

failure

The error function receives a response object with 4 properties: status, error, url, and headers (url and headers being optional). status is the HTTP response code as numeric value. error is the error response from the server as a string. url is the final URL obtained after any redirects as a string. headers is an object with the headers. The keys of the returned object are the header names and the values are the respective header values. All header names are lowercase.

Here's a quick example:

{
  status: 403,
  error: 'Permission denied',
  url: 'http://example.net/noperm'
  headers: {
    'content-length': '247'
  }
}

get

Execute a GET request. Takes a URL, parameters, and headers. See the post documentation for details on what is returned on success and failure.

cordova.plugin.http.get(
  "https://google.com/",
  {
    id: "12",
    message: "test"
  },
  { Authorization: "OAuth2: token" },
  function(response) {
    console.log(response.status);
  },
  function(response) {
    console.error(response.error);
  }
);

put

Execute a PUT request. Takes a URL, data, and headers. See the post documentation for details on what is returned on success and failure.

patch

Execute a PATCH request. Takes a URL, data, and headers. See the post documentation for details on what is returned on success and failure.

delete

Execute a DELETE request. Takes a URL, parameters, and headers. See the post documentation for details on what is returned on success and failure.

head

Execute a HEAD request. Takes a URL, parameters, and headers. See the post documentation for details on what is returned on success and failure.

uploadFile

Uploads a file saved on the device. Takes a URL, parameters, headers, filePath, and the name of the parameter to pass the file along as. See the post documentation for details on what is returned on success and failure.

cordova.plugin.http.uploadFile(
  "https://google.com/",
  {
    id: "12",
    message: "test"
  },
  { Authorization: "OAuth2: token" },
  "file:///somepicture.jpg",
  "picture",
  function(response) {
    console.log(response.status);
  },
  function(response) {
    console.error(response.error);
  }
);

downloadFile

Downloads a file and saves it to the device. Takes a URL, parameters, headers, and a filePath. See post documentation for details on what is returned on failure. On success this function returns a cordova FileEntry object.

cordova.plugin.http.downloadFile(
  "https://google.com/",
  {
    id: "12",
    message: "test"
  },
  { Authorization: "OAuth2: token" },
  "file:///somepicture.jpg",
  function(entry) {
    // prints the filename
    console.log(entry.name);

    // prints the filePath
    console.log(entry.fullPath);
  },
  function(response) {
    console.error(response.error);
  }
);

Browser support

This plugin supports a very restricted set of functions on the browser platform. It's meant for testing purposes, not for production grade usage.

Following features are not supported:

  • Manipulating Cookies
  • Uploading and Downloading files
  • Pinning SSL certificate
  • Disabling SSL certificate check
  • Disabling transparently following redirects (HTTP codes 3xx)

Libraries

This plugin utilizes some awesome open source libraries:

We made a few modifications to the networking libraries.

Contribute & Develop

We've set up a separate document for our contribution guidelines.