resilient, efficient resource loader
Pure JavaScript plugin for preserves spaces and line breaks
pre js application
Returns true if a string has an extglob.
YAML 1.2 parser and serializer
Get the command from a shebang
Parses CSS inline style to JavaScript object (camelCased).
Resolve the path of a module like `require.resolve()` but from a given path
Light ECMAScript (JavaScript) Value Notation - human written, concise, typed, flexible
Like ruby's abbrev module, but in js
Buffers events from a stream until you are ready to handle them.
The Lodash method `_.merge` exported as a module.
JavaScript sprintf implementation
process.nextTick but always with args
Fast (and loose) selective `process.env` replacer using js-tokens instead of an AST
Escape string for use in HTML
A pure JS implementation SHA256.
Fast deep equal
type-check allows you to check the types of JavaScript values at runtime with a Haskell like type syntax.
Compare strings containing a mix of letters and numbers in the way a human being would in sort order.
A small polyfill for Object.setprototypeof
A cross browser microtask library
Pass two numbers, get a regex-compatible source string for matching ranges. Validated against more than 2.78 million test assertions.
Array#isArray for older browsers
Handlebars pre compiler for Ember JS
Paraqeet is a Jekyll theme for building websites using Bootstrap - the most popular HTML, CSS, and JS library in the world. Paraqeet comes pre-loaded with the latest versions of Bootstrap and Bootstrap Icons - the official open source SVG icon library for Bootstrap, as well as built-in Sass support for Rouge - Jekyll’s default code syntax highlighter.
The middleware makes sure any request to specified paths would have been preflighted if it was sent by a browser. We don't want random websites to be able to execute actual GraphQL operations from a user's browser unless our CORS policy supports it. It's not good enough just to ensure that the browser can't read the response from the operation; we also want to prevent CSRF, where the attacker can cause side effects with an operation or can measure the timing of a read operation. Our goal is to ensure that we don't run the context function or execute the GraphQL operation until the browser has evaluated the CORS policy, which means we want all operations to be pre-flighted. We can do that by only processing operations that have at least one header set that appears to be manually set by the JS code rather than by the browser automatically. POST requests generally have a content-type `application/json`, which is sufficient to trigger preflighting. So we take extra care with requests that specify no content-type or that specify one of the three non-preflighted content types. For those operations, we require one of a set of specific headers to be set. By ensuring that every operation either has a custom content-type or sets one of these headers, we know we won't execute operations at the request of origins who our CORS policy will block.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.
No description provided.