@hardlydifficult/http 1.0.2 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +43 -56
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -1,6 +1,6 @@
1
1
  # @hardlydifficult/http
2
2
 
3
- HTTP utilities for safe request/response handling: constant-time string comparison, body reading with 1MB limit, and JSON responses with CORS.
3
+ HTTP utilities for safe request/response handling, including constant-time string comparison, body reading with size limits, and JSON responses with CORS headers.
4
4
 
5
5
  ## Installation
6
6
 
@@ -11,88 +11,75 @@ npm install @hardlydifficult/http
11
11
  ## Quick Start
12
12
 
13
13
  ```typescript
14
- import { safeCompare, readBody, sendJson, MAX_BODY_BYTES } from "@hardlydifficult/http";
15
- import http from "http";
14
+ import { readBody, sendJson, safeCompare } from '@hardlydifficult/http';
16
15
 
17
- const server = http.createServer(async (req, res) => {
18
- // Read request body with default 1MB limit
19
- const body = await readBody(req);
16
+ // Safe string comparison
17
+ const isMatch = safeCompare('secret', 'secret'); // true
20
18
 
21
- // Example: compare secrets safely
22
- const isValid = safeCompare(body, "secret");
19
+ // Read request body with 1MB limit
20
+ const body = await readBody(req); // max 1MB
23
21
 
24
- // Send JSON response with CORS support
25
- sendJson(res, isValid ? 200 : 401, { valid: isValid }, "https://example.com");
26
- });
27
-
28
- server.listen(3000);
22
+ // Send JSON response with CORS headers
23
+ sendJson(res, { status: 'ok' });
29
24
  ```
30
25
 
31
- ## Constant-Time String Comparison
32
-
33
- Protects against timing attacks by using `crypto.timingSafeEqual` internally.
26
+ ## HTTP Utilities
34
27
 
35
- ### `safeCompare(a: string, b: string): boolean`
28
+ ### Safe String Comparison
36
29
 
37
- Compares two strings in constant time.
30
+ Performs constant-time comparison of two strings to prevent timing attacks.
38
31
 
39
32
  ```typescript
40
- import { safeCompare } from "@hardlydifficult/http";
33
+ import { safeCompare } from '@hardlydifficult/http';
41
34
 
42
- safeCompare("hello", "hello"); // true
43
- safeCompare("hello", "world"); // false
44
- safeCompare("", "something"); // false
45
- safeCompare("héllo", "héllo"); // true (unicode-safe)
35
+ const result = safeCompare('abc123', 'abc123'); // true
36
+ const fail = safeCompare('abc123', 'abc124'); // false
46
37
  ```
47
38
 
48
- ## Request Body Reading
39
+ | Parameter | Type | Description |
40
+ |-----------|--------|---------------------|
41
+ | a | string | First string to compare |
42
+ | b | string | Second string to compare |
49
43
 
50
- Reads full request body as string with configurable size limit.
44
+ ### Reading Request Body
51
45
 
52
- ### `readBody(req: IncomingMessage, maxBytes?: number): Promise<string>`
53
-
54
- Parses incoming request body up to `maxBytes` (default: `MAX_BODY_BYTES`).
46
+ Reads and returns the request body as a string, enforcing a maximum size limit of 1 MB.
55
47
 
56
48
  ```typescript
57
- import { readBody, MAX_BODY_BYTES } from "@hardlydifficult/http";
58
- import type { IncomingMessage } from "http";
59
-
60
- // Use default limit (1MB)
61
- const body1 = await readBody(req);
49
+ import { readBody, MAX_BODY_BYTES } from '@hardlydifficult/http';
62
50
 
63
- // Use custom limit (e.g., 512KB)
64
- const body2 = await readBody(req, 512 * 1024);
51
+ const body = await readBody(req); // max 1,048,576 bytes (1 MB)
52
+ // Throws Error if body exceeds MAX_BODY_BYTES
65
53
  ```
66
54
 
67
- ## JSON Response with CORS
55
+ | Parameter | Type | Description |
56
+ |-----------|--------------------|--------------------------------|
57
+ | req | IncomingMessage | Node.js HTTP request object |
68
58
 
69
- Sends JSON responses with CORS headers enabled.
59
+ ### Sending JSON Responses
70
60
 
71
- ### `sendJson(res: ServerResponse, status: number, body: unknown, corsOrigin: string): void`
72
-
73
- Writes JSON response with proper headers and CORS support.
61
+ Sends a JSON response with appropriate `Content-Type` and `Access-Control-Allow-Origin` headers.
74
62
 
75
63
  ```typescript
76
- import { sendJson } from "@hardlydifficult/http";
77
- import type { ServerResponse } from "http";
78
-
79
- sendJson(res, 200, { message: "OK" }, "https://example.com");
80
- // Sends:
81
- // Content-Type: application/json
82
- // Access-Control-Allow-Origin: https://example.com
83
- // Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
84
- // Access-Control-Allow-Headers: Content-Type, Authorization
85
- // Body: {"message":"OK"}
64
+ import { sendJson } from '@hardlydifficult/http';
65
+
66
+ sendJson(res, { message: 'Hello world' });
67
+ // Sends: {"message":"Hello world"} with CORS headers
86
68
  ```
87
69
 
88
- ## Constants
70
+ | Parameter | Type | Description |
71
+ |-----------|----------|---------------------------------|
72
+ | res | ServerResponse | Node.js HTTP response object |
73
+ | data | unknown | Data to serialize as JSON |
89
74
 
90
- ### `MAX_BODY_BYTES`
75
+ ## Appendix
91
76
 
92
- Default maximum body size in bytes (1 MB = 1048576).
77
+ ### Body Size Limit Behavior
93
78
 
94
- ```typescript
95
- import { MAX_BODY_BYTES } from "@hardlydifficult/http";
79
+ The `readBody` function enforces a strict 1 MB (`MAX_BODY_BYTES = 1024 * 1024`) limit. If the request body exceeds this, it throws an error:
96
80
 
97
- MAX_BODY_BYTES; // 1048576
81
+ ```typescript
82
+ if (received > MAX_BODY_BYTES) {
83
+ throw new Error(`Body exceeded maximum size of ${MAX_BODY_BYTES} bytes`);
84
+ }
98
85
  ```
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@hardlydifficult/http",
3
- "version": "1.0.2",
3
+ "version": "1.0.4",
4
4
  "main": "./dist/index.js",
5
5
  "types": "./dist/index.d.ts",
6
6
  "files": [