UNPKG

a2jax

Version:

A secure, lightweight JavaScript library for making HTTP requests with built-in security features and flexible configuration options.

github.com/OminduDissanayaka/A2jax

OminduDissanayaka/A2jax

389 lines (310 loc) 10.1 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
# A2jax A secure, lightweight JavaScript library for making HTTP requests with built-in security features and flexible configuration options. ## Features - 🔒 **Multi-level Security**: Three security levels (low, medium, high) with automatic input sanitization - 🛡️ **CSRF Protection**: Built-in CSRF token handling for secure requests - ⚡ **Rate Limiting**: Configurable request rate limiting to prevent abuse - 🔑 **API Key Support**: Secure API key authentication for high-security applications - ⏱️ **Timeout Management**: Configurable request timeouts with automatic handling - 🌐 **Base URL Support**: Set a base URL for all requests - 📝 **Input Sanitization**: Automatic sanitization of request data based on security level - 🚫 **Request Size Limits**: Configurable limits to prevent oversized requests ## Installation ```bash npm install a2jax ``` Or include directly in your HTML: ```html <script src="https://cdn.jsdelivr.net/npm/a2jax@latest/dist/a2jax.min.js"></script> ``` ## Quick Start ```javascript // Basic usage with default medium security const xhr = new A2jax(); // Make a GET request xhr.get('/api/users') .then(response => { console.log('Users:', response.data); }) .catch(error => { console.error('Error:', error); }); // Make a POST request xhr.post('/api/users', { name: 'John Doe', email: 'john@example.com' }) .then(response => { console.log('User created:', response.data); }); ``` ## Configuration ### Basic Configuration ```javascript const xhr = new A2jax({ security: true, securityLevel: 'high', timeout: 15000, baseURL: 'https://api.example.com', apiKey: 'your-api-key-here' }); ``` ### Security Levels | Level | Features | |-------|----------| | **Low** | Basic input sanitization, no CSRF protection, no rate limiting | | **Medium** (Default) | Input sanitization, CSRF protection, rate limiting (10 req/sec), SSL validation, 1MB request limit | | **High** | All medium features + enhanced rate limiting (5 req/sec), 512KB limit, API key requirement, session validation | ### Configuration Methods ```javascript // Method 1: During initialization const xhr = new A2jax({ security: true, securityLevel: 'high', apiKey: 'your-api-key' }); // Method 2: Using configuration methods const xhr2 = new A2jax(); xhr2.setSecurity(true, 'medium') .setApiKey('your-api-key') .setBaseURL('https://api.example.com'); // Method 3: Static factory method const xhr3 = A2jax.create({ security: true, securityLevel: 'high', timeout: 20000 }); ``` ## API Reference ### GET Requests ```javascript // Basic GET request xhr.get('/api/users') .then(response => console.log(response.data)); // GET with custom headers xhr.get('/api/users/123', { headers: { 'Authorization': 'Bearer your-token', 'Accept': 'application/json' } }) .then(response => console.log(response.data)); // GET with query parameters const params = new URLSearchParams({ include: 'profile,settings' }); xhr.get(`/api/users/123?${params}`) .then(response => console.log(response.data)); ``` ### POST Requests ```javascript // Basic POST request xhr.post('/api/users', { name: 'John Doe', email: 'john@example.com', age: 30 }) .then(response => console.log(response.data)); // POST with custom headers xhr.post('/api/login', { username: 'johndoe', password: 'securepassword' }, { headers: { 'Content-Type': 'application/json', 'X-Client-Version': '1.0.0' } }) .then(response => { localStorage.setItem('authToken', response.data.token); }); ``` ## Advanced Usage ### API Client Pattern ```javascript class APIClient { constructor(baseURL, apiKey) { this.client = new A2jax({ security: true, securityLevel: 'high', baseURL: baseURL, apiKey: apiKey, timeout: 30000, defaultHeaders: { 'Accept': 'application/json', 'User-Agent': 'MyApp/1.0' } }); } async getUsers() { try { const response = await this.client.get('/users'); return response.data; } catch (error) { throw new Error(`Failed to fetch users: ${error.error}`); } } async createUser(userData) { try { const response = await this.client.post('/users', userData); return response.data; } catch (error) { if (error.status === 400) { throw new Error('Invalid user data provided'); } throw new Error(`Failed to create user: ${error.error}`); } } } // Usage const api = new APIClient('https://api.myapp.com', 'your-api-key'); const users = await api.getUsers(); ``` ### Error Handling ```javascript async function handleAPICall() { try { const response = await xhr.post('/api/sensitive-data', { data: 'sensitive information' }); console.log('Success:', response.data); } catch (error) { if (error.error === 'Rate limit exceeded. Please slow down your requests.') { console.warn('Too many requests, waiting before retry...'); setTimeout(() => handleAPICall(), 2000); } else if (error.error === 'Request timeout') { console.error('Request timed out, check your connection'); } else if (error.status === 413) { console.error('Request too large, reduce data size'); } else if (error.status >= 500) { console.error('Server error, try again later'); } else { console.error('Request failed:', error); } } } ``` ### Retry with Exponential Backoff ```javascript async function retryRequest(url, data, maxRetries = 3) { const xhr = new A2jax({ security: true, securityLevel: 'medium' }); for (let attempt = 1; attempt <= maxRetries; attempt++) { try { const response = await xhr.post(url, data); return response; } catch (error) { if (attempt === maxRetries) { throw error; } // Wait with exponential backoff const delay = Math.pow(2, attempt) * 1000; await new Promise(resolve => setTimeout(resolve, delay)); } } } ``` ## Environment-Specific Configuration ### Development Environment ```javascript const devXhr = new A2jax({ security: true, securityLevel: 'low', baseURL: 'http://localhost:3000/api', timeout: 5000 }); ``` ### Production Environment ```javascript const prodXhr = new A2jax({ security: true, securityLevel: 'high', baseURL: 'https://secure-api.production.com', apiKey: process.env.API_KEY, timeout: 15000, defaultHeaders: { 'X-App-Version': '2.1.0', 'X-Client-ID': 'web-client' } }); ``` ## Common Patterns ### Form Submission ```javascript async function submitContactForm(formData) { const xhr = new A2jax({ security: true, securityLevel: 'medium' }); try { const response = await xhr.post('/api/contact', { name: formData.name, email: formData.email, message: formData.message, timestamp: Date.now() }); showNotification('Message sent successfully!', 'success'); return response.data; } catch (error) { showNotification('Failed to send message. Please try again.', 'error'); throw error; } } ``` ### Loading Multiple Resources ```javascript async function loadUserDashboard(userId) { const xhr = new A2jax({ security: true, securityLevel: 'high', apiKey: getAuthToken() }); showLoadingSpinner(true); try { const [userResponse, statsResponse] = await Promise.all([ xhr.get(`/api/users/${userId}`), xhr.get(`/api/users/${userId}/stats`) ]); updateUserProfile(userResponse.data); updateUserStats(statsResponse.data); } catch (error) { if (error.status === 401) { redirectToLogin(); } else { showErrorMessage('Failed to load dashboard data'); } } finally { showLoadingSpinner(false); } } ``` ## Security Features ### Input Sanitization A2jax automatically sanitizes input data based on the configured security level, preventing XSS attacks and other malicious input. ### CSRF Protection Medium and high security levels include automatic CSRF token handling to prevent cross-site request forgery attacks. ### Rate Limiting Built-in rate limiting prevents abuse: - Medium security: 10 requests per second - High security: 5 requests per second ### Request Size Limits Configurable limits prevent oversized requests: - Medium security: 1MB limit - High security: 512KB limit ## Browser Support A2jax supports all modern browsers that support: - Promises - Fetch API or XMLHttpRequest - ES6 features ## Contributing 1. Fork the repository 2. Create your feature branch (`git checkout -b feature/amazing-feature`) 3. Commit your changes (`git commit -m 'Add some amazing feature'`) 4. Push to the branch (`git push origin feature/amazing-feature`) 5. Open a Pull Request ## License This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details. ## Support For support, please open an issue on GitHub or contact the maintainers. --- **A2jax** - Secure HTTP requests made simple.