normalize-url 7.2.0 → 8.0.1

package/index.d.ts

@@ -1,10 +1,8 @@
-export interface Options {
+export type Options = {
 	/**
-	@default 'http:'
-
-	Values: `'https:' | 'http:'`
+	@default 'http'
 	*/
-	readonly defaultProtocol?: string; // TODO: Make this `'https:' | 'http:'` in the next major version.
+	readonly defaultProtocol?: 'https' | 'http';
 
 	/**
 	Prepends `defaultProtocol` to the URL if it's protocol-relative.
@@ -23,7 +21,7 @@ export interface Options {
 	readonly normalizeProtocol?: boolean;
 
 	/**
-	Normalizes `https:` URLs to `http:`.
+	Normalizes HTTPS URLs to HTTP.
 
 	@default false
 
@@ -39,9 +37,9 @@ export interface Options {
 	readonly forceHttp?: boolean;
 
 	/**
-	Normalizes `http:` URLs to `https:`.
+	Normalizes HTTP URLs to HTTPS.
 
-	This option can't be used with the `forceHttp` option at the same time.
+	This option cannot be used with the `forceHttp` option at the same time.
 
 	@default false
 
@@ -63,10 +61,10 @@ export interface Options {
 
 	@example
 	```
-	normalizeUrl('user:password@sindresorhus.com');
+	normalizeUrl('https://user:password@sindresorhus.com');
 	//=> 'https://sindresorhus.com'
 
-	normalizeUrl('user:password@sindresorhus.com', {stripAuthentication: false});
+	normalizeUrl('https://user:password@sindresorhus.com', {stripAuthentication: false});
 	//=> 'https://user:password@sindresorhus.com'
 	```
 	*/
@@ -280,11 +278,15 @@ export interface Options {
 	```
 	*/
 	readonly sortQueryParameters?: boolean;
-}
+};
 
 /**
 [Normalize](https://en.wikipedia.org/wiki/URL_normalization) a URL.
 
+URLs with custom protocols are not normalized and just passed through by default. Supported protocols are: `https`, `http`, `file`, and `data`.
+
+Human-friendly URLs with basic auth (for example, `user:password@sindresorhus.com`) are not handled because basic auth conflicts with custom protocols. [Basic auth URLs are also deprecated.](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication#access_using_credentials_in_the_url)
+
 @param url - URL to normalize, including [data URL](https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Data_URIs).
 
 @example

package/index.js

@@ -4,6 +4,24 @@ const DATA_URL_DEFAULT_CHARSET = 'us-ascii';
 
 const testParameter = (name, filters) => filters.some(filter => filter instanceof RegExp ? filter.test(name) : filter === name);
 
+const supportedProtocols = new Set([
+	'https:',
+	'http:',
+	'file:',
+]);
+
+const hasCustomProtocol = urlString => {
+	try {
+		const {protocol} = new URL(urlString);
+
+		return protocol.endsWith(':')
+			&& !protocol.includes('.')
+			&& !supportedProtocols.has(protocol);
+	} catch {
+		return false;
+	}
+};
+
 const normalizeDataURL = (urlString, {stripHash}) => {
 	const match = /^data:(?<type>[^,]*?),(?<data>[^#]*?)(?:#(?<hash>.*))?$/.exec(urlString);
 
@@ -22,7 +40,7 @@ const normalizeDataURL = (urlString, {stripHash}) => {
 	}
 
 	// Lowercase MIME type
-	const mimeType = (mediaType.shift() || '').toLowerCase();
+	const mimeType = mediaType.shift()?.toLowerCase() ?? '';
 	const attributes = mediaType
 		.map(attribute => {
 			let [key, value = ''] = attribute.split('=').map(string => string.trim());
@@ -57,7 +75,7 @@ const normalizeDataURL = (urlString, {stripHash}) => {
 
 export default function normalizeUrl(urlString, options) {
 	options = {
-		defaultProtocol: 'http:',
+		defaultProtocol: 'http',
 		normalizeProtocol: true,
 		forceHttp: false,
 		forceHttps: false,
@@ -74,6 +92,11 @@ export default function normalizeUrl(urlString, options) {
 		...options,
 	};
 
+	// Legacy: Append `:` to the protocol if missing.
+	if (typeof options.defaultProtocol === 'string' && !options.defaultProtocol.endsWith(':')) {
+		options.defaultProtocol = `${options.defaultProtocol}:`;
+	}
+
 	urlString = urlString.trim();
 
 	// Data URL
@@ -81,8 +104,8 @@ export default function normalizeUrl(urlString, options) {
 		return normalizeDataURL(urlString, options);
 	}
 
-	if (/^view-source:/i.test(urlString)) {
-		throw new Error('`view-source:` is not supported as it is a non-standard protocol');
+	if (hasCustomProtocol(urlString)) {
+		return urlString;
 	}
 
 	const hasRelativeProtocol = urlString.startsWith('//');

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "normalize-url",
-	"version": "7.2.0",
+	"version": "8.0.1",
 	"description": "Normalize a URL",
 	"license": "MIT",
 	"repository": "sindresorhus/normalize-url",
@@ -11,12 +11,17 @@
 		"url": "https://sindresorhus.com"
 	},
 	"type": "module",
-	"exports": "./index.js",
+	"exports": {
+		"types": "./index.d.ts",
+		"default": "./index.js"
+	},
+	"sideEffects": false,
 	"engines": {
-		"node": ">=12.20"
+		"node": ">=14.16"
 	},
 	"scripts": {
-		"test": "xo && c8 ava && tsd"
+		"//test": "xo && c8 ava && tsd",
+		"test": "c8 ava && tsd"
 	},
 	"files": [
 		"index.js",
@@ -38,10 +43,10 @@
 		"canonical"
 	],
 	"devDependencies": {
-		"ava": "^4.0.1",
-		"c8": "^7.11.0",
-		"tsd": "^0.19.1",
-		"xo": "^0.47.0"
+		"ava": "^5.0.1",
+		"c8": "^7.12.0",
+		"tsd": "^0.24.1",
+		"xo": "^0.52.4"
 	},
 	"c8": {
 		"reporter": [

package/readme.md

@@ -12,8 +12,6 @@ Useful when you need to display, store, deduplicate, sort, compare, etc, URLs.
 npm install normalize-url
 ```
 
-*If you need Safari support, use version 4: `npm i normalize-url@4`*
-
 ## Usage
 
 ```js
@@ -30,6 +28,10 @@ normalizeUrl('//www.sindresorhus.com:80/../baz?b=bar&a=foo');
 
 ### normalizeUrl(url, options?)
 
+URLs with custom protocols are not normalized and just passed through by default. Supported protocols are: `https`, `http`, `file`, and `data`.
+
+Human-friendly URLs with basic auth (for example, `user:password@sindresorhus.com`) are not handled because basic auth conflicts with custom protocols. [Basic auth URLs are also deprecated.](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication#access_using_credentials_in_the_url)
+
 #### url
 
 Type: `string`
@@ -43,8 +45,8 @@ Type: `object`
 ##### defaultProtocol
 
 Type: `string`\
-Default: `http:`\
-Values: `'https:' | 'http:'`
+Default: `'http'`\
+Values: `'https' | 'http'`
 
 ##### normalizeProtocol
 
@@ -66,7 +68,7 @@ normalizeUrl('//sindresorhus.com', {normalizeProtocol: false});
 Type: `boolean`\
 Default: `false`
 
-Normalize `https:` to `http:`.
+Normalize HTTPS to HTTP.
 
 ```js
 normalizeUrl('https://sindresorhus.com');
@@ -81,7 +83,7 @@ normalizeUrl('https://sindresorhus.com', {forceHttp: true});
 Type: `boolean`\
 Default: `false`
 
-Normalize `http:` to `https:`.
+Normalize HTTP to HTTPS.
 
 ```js
 normalizeUrl('http://sindresorhus.com');
@@ -91,7 +93,7 @@ normalizeUrl('http://sindresorhus.com', {forceHttps: true});
 //=> 'https://sindresorhus.com'
 ```
 
-This option can't be used with the `forceHttp` option at the same time.
+This option cannot be used with the `forceHttp` option at the same time.
 
 ##### stripAuthentication
 
@@ -101,10 +103,10 @@ Default: `true`
 Strip the [authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) part of the URL.
 
 ```js
-normalizeUrl('user:password@sindresorhus.com');
+normalizeUrl('https://user:password@sindresorhus.com');
 //=> 'https://sindresorhus.com'
 
-normalizeUrl('user:password@sindresorhus.com', {stripAuthentication: false});
+normalizeUrl('https://user:password@sindresorhus.com', {stripAuthentication: false});
 //=> 'https://user:password@sindresorhus.com'
 ```
 
@@ -308,15 +310,3 @@ normalizeUrl('www.sindresorhus.com?b=two&a=one&c=three', {
 ## Related
 
 - [compare-urls](https://github.com/sindresorhus/compare-urls) - Compare URLs by first normalizing them
-
----
-
-<div align="center">
-	<b>
-		<a href="https://tidelift.com/subscription/pkg/npm-normalize-url?utm_source=npm-normalize-url&utm_medium=referral&utm_campaign=readme">Get professional support for this package with a Tidelift subscription</a>
-	</b>
-	<br>
-	<sub>
-		Tidelift helps make open source sustainable for maintainers while giving companies<br>assurances about security, maintenance, and licensing for their dependencies.
-	</sub>
-</div>