http-headers-js
v1.0.10
Published
Http constants for mime-types, headers, tracking-statuses, methods, content-encodings, csp, response codes and cache-control instructions
Downloads
1,242
Maintainers
Readme
Http constants for mime-types, headers, tracking-statuses, methods, content-encodings, csp, response codes and cache-control instructions
Current version 1.0.10
Provides standard and common non-standard http headers, mime-types, methods, content codings, response statuses, CSP directives and sources, cache-control instructions and tracking statuses.
All headers are capitalized, hence Access-Control-Request-Method
All mime-types are lowercase, hence video/mpeg
All content codings are lowercase, hence deflate
All methods are uppercase, hence POST
All response codes are integer numbers, hence 404
All Cache-Control instructions are lowercase, hence min-fresh
All CSP directives and sources are lowercase, hence unsafe-eval
Key names constructed from uppercase values, -
, +
and .
substituted with _
, hence
Headers.STRICT_TRANSPORT_SECURITY //Strict-Transport-Security
MimeTypes.Application.XOP_XML //application/xop+xml
MimeTypes.Model.X3D_VRML //model/x3d+vrml
ContentEncodings.X_GZIP //x-gzip
MimeTypes.Image.VND_WAP_WBMP //image/vnd.wap.wbmp
ResponseCodes.I_AM_A_TEAPOT //418
CacheControls.MAX_AGE //max-age
CSPS.UNSAFE_EVAL //unsafe-eval
Usage
Install local
npm install http-headers-js --save
Available at the moment
let {
Headers,
TrackingStatuses,
MimeTypes,
Methods,
ContentEncodings,
ResponseCodes,
CacheControls,
RespCodeIs,
CSPD,
CSPS
} = require('http-headers-js');
- Headers - headers
- TrackingStatuses - tracking statuses
- Methods - http methods
- ContentEncodings - http content coding registry
- ResponseCodes - response codes
- CacheControls - Cache-Control instructions
- CSPD - CSP directives
- CSPS - some CSP source values
- MimeTypes - yes, mime types, fair and square
- RespCodeIs - set of functions to get type of response code
Constants
Import and usage, as exemplified by express js middleware
let { Headers } = require('http-headers-js');
/* code */
isLoggedIn: function (req, res, next) {
let token = req.get(Headers.AUTHORIZATION);
if (token == null) {
return res.status(401).send("Not authorized");
}
OAuth.get(token) //some library to check token
.then(function (user) {
if (user == null) {
return res.status(401).send("Not authorized");
}
next();
})
}
/*code*/
const { MimeTypes } = require('http-headers-js');
class ExtensionFilter {
static getExtensionByContentType (contentType) {
switch (contentType) {
case MimeTypes.Application.PDF:
return "PDF";
case MimeTypes.Vnd.MS.WORD_2007:
return "DOCX";
defaut:
return null;
}
}
}
To use mime types first access type, then subtype:
MimeTypes.Application.SOAP_XML //application/soap+xml
MimeTypes.Application.X.WWW_FORM_URLENCODED //application/x-www-form-urlencoded
MimeTypes.X.WWW_FORM_URLENCODED //application/x-www-form-urlencoded
MimeTypes.Vnd.Od.TEXT //application/vnd.oasis.opendocument.text
MimeTypes.Vnd.MS.EXCEL //application/vnd.ms-excel
MimeTypes.Vnd.MS.EXCEL_2007 //application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
MimeTypes.Pkcs.X_PKCS7_CERTREQRESP //application/x-pkcs7-certreqresp
There are also two duplicates for mime types. One is MimeTypes.X
and MimeType.Application.X
, another is MimeTypes.Pkcs
and MimeTypes.Application.Pkcs
CSPS contains two sets of values - common and with QTD suffix. QTD values are quoted:
CSPS.SELF //string "self"
CSPS.SELF_QTD //string "'self'"
Functions
There are 5 functions to check response code:
RespCodeIs.Info
RespCodeIs.Success
RespCodeIs.Redirect
RespCodeIs.ClientErr
RespCodeIs.ServerErr
All functions take number argument, like
RespCodeIs.ServerErr(500) //return true
RespCodeIs.ServerErr(ResponseCodes.INTERNAL_SERVER_ERROR) //return true
RespCodeIs.ClientErr(ResponseCodes.USE_PROXY) //return false
Dependencies
No additional dependencies for production, mocha
and chai
for testing.
Test
npm test
Development
Direct Contacts
Issues? Write to [email protected]
What's new
1.0.10
- Added more testing
1.0.9
- Added CSP directives and common sources
1.0.8
- Added
CacheControls
- Support older engines
1.0.7
- Added
RespCodeIs
- Headers and Methods sorted in src
1.0.6
- Added
ResponseCodes
1.0.5
- Added
Early-Data
,Downlink
,Save-Data
,Referrer-Policy
,Content-Security-Policy-Report-Only
,Expect-CT
,Public-Key-Pins-Report-Only
,X-Download-Options
,X-Permitted-Cross-Domain-Policies
,Sec-WebSocket-...
,Large-Allocation
,Server-Timing
,SourceMap
,X-DNS-Prefetch-Control
,X-Robots-Tag
- Fixed
VIEWPORT-WIDTH
toVIEWPORT_WIDTH
,3GPP
to_3GPP
(_3GPP2
),VND.RN_REALAUDIO
toVND_RN_REALAUDIO
,VND.WAVE
toVND_WAVE
,VND.MICROSOFT.ICON
toVND_MICROSOFT_ICON
,VND.WAP.WBMP
toVND_WAP_WBMP
- Autotest key names
1.0.3
- Added
Content-Version
,Derived-From
,Alternates
,MIME-Version
,Public
,Title
headers - Added
ContentEncodings
1.0.2
- Added
Methods
- Added
Last-Event-ID
,DPR
,Content-DPR
,Accept-CH
,Accept-CH-Lifetime
,Width
,Viewport-Width
,Keep-Alive
headers