robojerk/codeql-action

Fix dependabot vulnerabilities

Browse source 
This adds some forced resolutions to ensure that vulnerable versions
of packages are not installed.
This commit is contained in:
Andrew Eisenberg 2021-07-14 14:35:34 -07:00
parent 14deaf67e9
commit ae97d8f96d
81 changed files with 727 additions and 7406 deletions
Download patch file Download diff file Expand all files Collapse all files

457
node_modules/normalize-url/index.d.ts generated vendored
View file

@ -1,216 +1,263 @@
declare namespace normalizeUrl {
interface Options {
/**
@default 'http:'
*/
readonly defaultProtocol?: string;
/**
Prepends `defaultProtocol` to the URL if it's protocol-relative.
@default true
@example
```
normalizeUrl('//sindresorhus.com:80/');
//=> 'http://sindresorhus.com'
normalizeUrl('//sindresorhus.com:80/', {normalizeProtocol: false});
//=> '//sindresorhus.com'
```
*/
readonly normalizeProtocol?: boolean;
/**
Normalizes `https:` URLs to `http:`.
@default false
@example
```
normalizeUrl('https://sindresorhus.com:80/');
//=> 'https://sindresorhus.com'
normalizeUrl('https://sindresorhus.com:80/', {forceHttp: true});
//=> 'http://sindresorhus.com'
```
*/
readonly forceHttp?: boolean;
/**
Normalizes `http:` URLs to `https:`.
This option can't be used with the `forceHttp` option at the same time.
@default false
@example
```
normalizeUrl('https://sindresorhus.com:80/');
//=> 'https://sindresorhus.com'
normalizeUrl('http://sindresorhus.com:80/', {forceHttps: true});
//=> 'https://sindresorhus.com'
```
*/
readonly forceHttps?: boolean;
/**
Strip the [authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) part of a URL.
@default true
@example
```
normalizeUrl('user:password@sindresorhus.com');
//=> 'https://sindresorhus.com'
normalizeUrl('user:password@sindresorhus.com', {stripAuthentication: false});
//=> 'https://user:password@sindresorhus.com'
```
*/
readonly stripAuthentication?: boolean;
/**
Removes hash from the URL.
@default false
@example
```
normalizeUrl('sindresorhus.com/about.html#contact');
//=> 'http://sindresorhus.com/about.html#contact'
normalizeUrl('sindresorhus.com/about.html#contact', {stripHash: true});
//=> 'http://sindresorhus.com/about.html'
```
*/
readonly stripHash?: boolean;
/**
Removes HTTP(S) protocol from an URL `http://sindresorhus.com` `sindresorhus.com`.
@default false
@example
```
normalizeUrl('https://sindresorhus.com');
//=> 'https://sindresorhus.com'
normalizeUrl('sindresorhus.com', {stripProtocol: true});
//=> 'sindresorhus.com'
```
*/
readonly stripProtocol?: boolean;
/**
Removes `www.` from the URL.
@default true
@example
```
normalizeUrl('http://www.sindresorhus.com');
//=> 'http://sindresorhus.com'
normalizeUrl('http://www.sindresorhus.com', {stripWWW: false});
//=> 'http://www.sindresorhus.com'
```
*/
readonly stripWWW?: boolean;
/**
Removes query parameters that matches any of the provided strings or regexes.
@default [/^utm_\w+/i]
@example
```
normalizeUrl('www.sindresorhus.com?foo=bar&ref=test_ref', {
removeQueryParameters: ['ref']
});
//=> 'http://sindresorhus.com/?foo=bar'
```
*/
readonly removeQueryParameters?: ReadonlyArray<RegExp | string>;
/**
Removes trailing slash.
__Note__: Trailing slash is always removed if the URL doesn't have a pathname.
@default true
@example
```
normalizeUrl('http://sindresorhus.com/redirect/');
//=> 'http://sindresorhus.com/redirect'
normalizeUrl('http://sindresorhus.com/redirect/', {removeTrailingSlash: false});
//=> 'http://sindresorhus.com/redirect/'
normalizeUrl('http://sindresorhus.com/', {removeTrailingSlash: false});
//=> 'http://sindresorhus.com'
```
*/
readonly removeTrailingSlash?: boolean;
/**
Removes the default directory index file from path that matches any of the provided strings or regexes.
When `true`, the regex `/^index\.[a-z]+$/` is used.
@default false
@example
```
normalizeUrl('www.sindresorhus.com/foo/default.php', {
removeDirectoryIndex: [/^default\.[a-z]+$/]
});
//=> 'http://sindresorhus.com/foo'
```
*/
readonly removeDirectoryIndex?: ReadonlyArray<RegExp | string>;
/**
Sorts the query parameters alphabetically by key.
@default true
@example
```
normalizeUrl('www.sindresorhus.com?b=two&a=one&c=three', {
sortQueryParameters: false
});
//=> 'http://sindresorhus.com/?b=two&a=one&c=three'
```
*/
readonly sortQueryParameters?: boolean;
}
}
declare const normalizeUrl: {
export interface Options {
/**
[Normalize](https://en.wikipedia.org/wiki/URL_normalization) a URL.
@default 'http:'
*/
readonly defaultProtocol?: string;
@param url - URL to normalize, including [data URL](https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Data_URIs).
/**
Prepends `defaultProtocol` to the URL if it's protocol-relative.
@default true
@example
```
import normalizeUrl = require('normalize-url');
normalizeUrl('sindresorhus.com');
normalizeUrl('//sindresorhus.com:80/');
//=> 'http://sindresorhus.com'
normalizeUrl('HTTP://xn--xample-hva.com:80/?b=bar&a=foo');
//=> 'http://êxample.com/?a=foo&b=bar'
normalizeUrl('//sindresorhus.com:80/', {normalizeProtocol: false});
//=> '//sindresorhus.com'
```
*/
(url: string, options?: normalizeUrl.Options): string;
readonly normalizeProtocol?: boolean;
// TODO: Remove this for the next major release, refactor the whole definition to:
// declare function normalizeUrl(url: string, options?: normalizeUrl.Options): string;
// export = normalizeUrl;
default: typeof normalizeUrl;
};
/**
Normalizes `https:` URLs to `http:`.
export = normalizeUrl;
@default false
@example
```
normalizeUrl('https://sindresorhus.com:80/');
//=> 'https://sindresorhus.com'
normalizeUrl('https://sindresorhus.com:80/', {forceHttp: true});
//=> 'http://sindresorhus.com'
```
*/
readonly forceHttp?: boolean;
/**
Normalizes `http:` URLs to `https:`.
This option can't be used with the `forceHttp` option at the same time.
@default false
@example
```
normalizeUrl('https://sindresorhus.com:80/');
//=> 'https://sindresorhus.com'
normalizeUrl('http://sindresorhus.com:80/', {forceHttps: true});
//=> 'https://sindresorhus.com'
```
*/
readonly forceHttps?: boolean;
/**
Strip the [authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) part of a URL.
@default true
@example
```
normalizeUrl('user:password@sindresorhus.com');
//=> 'https://sindresorhus.com'
normalizeUrl('user:password@sindresorhus.com', {stripAuthentication: false});
//=> 'https://user:password@sindresorhus.com'
```
*/
readonly stripAuthentication?: boolean;
/**
Removes hash from the URL.
@default false
@example
```
normalizeUrl('sindresorhus.com/about.html#contact');
//=> 'http://sindresorhus.com/about.html#contact'
normalizeUrl('sindresorhus.com/about.html#contact', {stripHash: true});
//=> 'http://sindresorhus.com/about.html'
```
*/
readonly stripHash?: boolean;
/**
Removes HTTP(S) protocol from an URL `http://sindresorhus.com` `sindresorhus.com`.
@default false
@example
```
normalizeUrl('https://sindresorhus.com');
//=> 'https://sindresorhus.com'
normalizeUrl('sindresorhus.com', {stripProtocol: true});
//=> 'sindresorhus.com'
```
*/
readonly stripProtocol?: boolean;
/**
Strip the [text fragment](https://web.dev/text-fragments/) part of the URL
__Note:__ The text fragment will always be removed if the `stripHash` option is set to `true`, as the hash contains the text fragment.
@default true
@example
```
normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello');
//=> 'http://sindresorhus.com/about.html#'
normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello');
//=> 'http://sindresorhus.com/about.html#section'
normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello', {stripTextFragment: false});
//=> 'http://sindresorhus.com/about.html#:~:text=hello'
normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello', {stripTextFragment: false});
//=> 'http://sindresorhus.com/about.html#section:~:text=hello'
```
*/
readonly stripTextFragment?: boolean;
/**
Removes `www.` from the URL.
@default true
@example
```
normalizeUrl('http://www.sindresorhus.com');
//=> 'http://sindresorhus.com'
normalizeUrl('http://www.sindresorhus.com', {stripWWW: false});
//=> 'http://www.sindresorhus.com'
```
*/
readonly stripWWW?: boolean;
/**
Removes query parameters that matches any of the provided strings or regexes.
@default [/^utm_\w+/i]
@example
```
normalizeUrl('www.sindresorhus.com?foo=bar&ref=test_ref', {
removeQueryParameters: ['ref']
});
//=> 'http://sindresorhus.com/?foo=bar'
```
If a boolean is provided, `true` will remove all the query parameters.
```
normalizeUrl('www.sindresorhus.com?foo=bar', {
removeQueryParameters: true
});
//=> 'http://sindresorhus.com'
```
`false` will not remove any query parameter.
```
normalizeUrl('www.sindresorhus.com?foo=bar&utm_medium=test&ref=test_ref', {
removeQueryParameters: false
});
//=> 'http://www.sindresorhus.com/?foo=bar&ref=test_ref&utm_medium=test'
```
*/
readonly removeQueryParameters?: ReadonlyArray<RegExp | string> | boolean;
/**
Removes trailing slash.
__Note__: Trailing slash is always removed if the URL doesn't have a pathname unless the `removeSingleSlash` option is set to `false`.
@default true
@example
```
normalizeUrl('http://sindresorhus.com/redirect/');
//=> 'http://sindresorhus.com/redirect'
normalizeUrl('http://sindresorhus.com/redirect/', {removeTrailingSlash: false});
//=> 'http://sindresorhus.com/redirect/'
normalizeUrl('http://sindresorhus.com/', {removeTrailingSlash: false});
//=> 'http://sindresorhus.com'
```
*/
readonly removeTrailingSlash?: boolean;
/**
Remove a sole `/` pathname in the output. This option is independant of `removeTrailingSlash`.
@default true
@example
```
normalizeUrl('https://sindresorhus.com/');
//=> 'https://sindresorhus.com'
normalizeUrl('https://sindresorhus.com/', {removeSingleSlash: false});
//=> 'https://sindresorhus.com/'
```
*/
readonly removeSingleSlash?: boolean;
/**
Removes the default directory index file from path that matches any of the provided strings or regexes.
When `true`, the regex `/^index\.[a-z]+$/` is used.
@default false
@example
```
normalizeUrl('www.sindresorhus.com/foo/default.php', {
removeDirectoryIndex: [/^default\.[a-z]+$/]
});
//=> 'http://sindresorhus.com/foo'
```
*/
readonly removeDirectoryIndex?: ReadonlyArray<RegExp | string>;
/**
Sorts the query parameters alphabetically by key.
@default true
@example
```
normalizeUrl('www.sindresorhus.com?b=two&a=one&c=three', {
sortQueryParameters: false
});
//=> 'http://sindresorhus.com/?b=two&a=one&c=three'
```
*/
readonly sortQueryParameters?: boolean;
}
/**
[Normalize](https://en.wikipedia.org/wiki/URL_normalization) a URL.
@param url - URL to normalize, including [data URL](https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Data_URIs).
@example
```
import normalizeUrl from 'normalize-url';
normalizeUrl('sindresorhus.com');
//=> 'http://sindresorhus.com'
normalizeUrl('//www.sindresorhus.com:80/../baz?b=bar&a=foo');
//=> 'http://sindresorhus.com/baz?a=foo&b=bar'
```
*/
export default function normalizeUrl(url: string, options?: Options): string;

141
node_modules/normalize-url/index.js generated vendored
View file

@ -1,31 +1,24 @@
'use strict';
// TODO: Use the `URL` global when targeting Node.js 10
const URLParser = typeof URL === 'undefined' ? require('url').URL : URL;
// https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/Data_URIs
const DATA_URL_DEFAULT_MIME_TYPE = 'text/plain';
const DATA_URL_DEFAULT_CHARSET = 'us-ascii';
const testParameter = (name, filters) => {
return filters.some(filter => filter instanceof RegExp ? filter.test(name) : filter === name);
};
const testParameter = (name, filters) => filters.some(filter => filter instanceof RegExp ? filter.test(name) : filter === name);
const normalizeDataURL = (urlString, {stripHash}) => {
const parts = urlString.match(/^data:(.*?),(.*?)(?:#(.*))?$/);
const match = /^data:(?<type>[^,]*?),(?<data>[^#]*?)(?:#(?<hash>.*))?$/.exec(urlString);
if (!parts) {
if (!match) {
throw new Error(`Invalid URL: ${urlString}`);
}
const mediaType = parts[1].split(';');
const body = parts[2];
const hash = stripHash ? '' : parts[3];
let base64 = false;
let {type, data, hash} = match.groups;
const mediaType = type.split(';');
hash = stripHash ? '' : hash;
let isBase64 = false;
if (mediaType[mediaType.length - 1] === 'base64') {
mediaType.pop();
base64 = true;
isBase64 = true;
}
// Lowercase MIME type
@ -48,21 +41,21 @@ const normalizeDataURL = (urlString, {stripHash}) => {
.filter(Boolean);
const normalizedMediaType = [
...attributes
...attributes,
];
if (base64) {
if (isBase64) {
normalizedMediaType.push('base64');
}
if (normalizedMediaType.length !== 0 || (mimeType && mimeType !== DATA_URL_DEFAULT_MIME_TYPE)) {
if (normalizedMediaType.length > 0 || (mimeType && mimeType !== DATA_URL_DEFAULT_MIME_TYPE)) {
normalizedMediaType.unshift(mimeType);
}
return `data:${normalizedMediaType.join(';')},${base64 ? body.trim() : body}${hash ? `#${hash}` : ''}`;
return `data:${normalizedMediaType.join(';')},${isBase64 ? data.trim() : data}${hash ? `#${hash}` : ''}`;
};
const normalizeUrl = (urlString, options) => {
export default function normalizeUrl(urlString, options) {
options = {
defaultProtocol: 'http:',
normalizeProtocol: true,
@ -70,27 +63,16 @@ const normalizeUrl = (urlString, options) => {
forceHttps: false,
stripAuthentication: true,
stripHash: false,
stripTextFragment: true,
stripWWW: true,
removeQueryParameters: [/^utm_\w+/i],
removeTrailingSlash: true,
removeSingleSlash: true,
removeDirectoryIndex: false,
sortQueryParameters: true,
...options
...options,
};
// TODO: Remove this at some point in the future
if (Reflect.has(options, 'normalizeHttps')) {
throw new Error('options.normalizeHttps is renamed to options.forceHttp');
}
if (Reflect.has(options, 'normalizeHttp')) {
throw new Error('options.normalizeHttp is renamed to options.forceHttps');
}
if (Reflect.has(options, 'stripFragment')) {
throw new Error('options.stripFragment is renamed to options.stripHash');
}
urlString = urlString.trim();
// Data URL
@ -98,6 +80,10 @@ const normalizeUrl = (urlString, options) => {
return normalizeDataURL(urlString, options);
}
if (/^view-source:/i.test(urlString)) {
throw new Error('`view-source:` is not supported as it is a non-standard protocol');
}
const hasRelativeProtocol = urlString.startsWith('//');
const isRelativeUrl = !hasRelativeProtocol && /^\.*\//.test(urlString);
@ -106,47 +92,43 @@ const normalizeUrl = (urlString, options) => {
urlString = urlString.replace(/^(?!(?:\w+:)?\/\/)|^\/\//, options.defaultProtocol);
}
const urlObj = new URLParser(urlString);
const urlObject = new URL(urlString);
if (options.forceHttp && options.forceHttps) {
throw new Error('The `forceHttp` and `forceHttps` options cannot be used together');
}
if (options.forceHttp && urlObj.protocol === 'https:') {
urlObj.protocol = 'http:';
if (options.forceHttp && urlObject.protocol === 'https:') {
urlObject.protocol = 'http:';
}
if (options.forceHttps && urlObj.protocol === 'http:') {
urlObj.protocol = 'https:';
if (options.forceHttps && urlObject.protocol === 'http:') {
urlObject.protocol = 'https:';
}
// Remove auth
if (options.stripAuthentication) {
urlObj.username = '';
urlObj.password = '';
urlObject.username = '';
urlObject.password = '';
}
// Remove hash
if (options.stripHash) {
urlObj.hash = '';
urlObject.hash = '';
} else if (options.stripTextFragment) {
urlObject.hash = urlObject.hash.replace(/#?:~:text.*?$/i, '');
}
// Remove duplicate slashes if not preceded by a protocol
if (urlObj.pathname) {
// TODO: Use the following instead when targeting Node.js 10
// `urlObj.pathname = urlObj.pathname.replace(/(?<!https?:)\/{2,}/g, '/');`
urlObj.pathname = urlObj.pathname.replace(/((?!:).|^)\/{2,}/g, (_, p1) => {
if (/^(?!\/)/g.test(p1)) {
return `${p1}/`;
}
return '/';
});
if (urlObject.pathname) {
urlObject.pathname = urlObject.pathname.replace(/(?<!\b[a-z][a-z\d+\-.]{1,50}:)\/{2,}/g, '/');
}
// Decode URI octets
if (urlObj.pathname) {
urlObj.pathname = decodeURI(urlObj.pathname);
if (urlObject.pathname) {
try {
urlObject.pathname = decodeURI(urlObject.pathname);
} catch {}
}
// Remove directory index
@ -155,51 +137,62 @@ const normalizeUrl = (urlString, options) => {
}
if (Array.isArray(options.removeDirectoryIndex) && options.removeDirectoryIndex.length > 0) {
let pathComponents = urlObj.pathname.split('/');
let pathComponents = urlObject.pathname.split('/');
const lastComponent = pathComponents[pathComponents.length - 1];
if (testParameter(lastComponent, options.removeDirectoryIndex)) {
pathComponents = pathComponents.slice(0, pathComponents.length - 1);
urlObj.pathname = pathComponents.slice(1).join('/') + '/';
pathComponents = pathComponents.slice(0, -1);
urlObject.pathname = pathComponents.slice(1).join('/') + '/';
}
}
if (urlObj.hostname) {
if (urlObject.hostname) {
// Remove trailing dot
urlObj.hostname = urlObj.hostname.replace(/\.$/, '');
urlObject.hostname = urlObject.hostname.replace(/\.$/, '');
// Remove `www.`
if (options.stripWWW && /^www\.([a-z\-\d]{2,63})\.([a-z.]{2,5})$/.test(urlObj.hostname)) {
// Each label should be max 63 at length (min: 2).
// The extension should be max 5 at length (min: 2).
if (options.stripWWW && /^www\.(?!www\.)[a-z\-\d]{1,63}\.[a-z.\-\d]{2,63}$/.test(urlObject.hostname)) {
// Each label should be max 63 at length (min: 1).
// Source: https://en.wikipedia.org/wiki/Hostname#Restrictions_on_valid_host_names
urlObj.hostname = urlObj.hostname.replace(/^www\./, '');
// Each TLD should be up to 63 characters long (min: 2).
// It is technically possible to have a single character TLD, but none currently exist.
urlObject.hostname = urlObject.hostname.replace(/^www\./, '');
}
}
// Remove query unwanted parameters
if (Array.isArray(options.removeQueryParameters)) {
for (const key of [...urlObj.searchParams.keys()]) {
for (const key of [...urlObject.searchParams.keys()]) {
if (testParameter(key, options.removeQueryParameters)) {
urlObj.searchParams.delete(key);
urlObject.searchParams.delete(key);
}
}
}
if (options.removeQueryParameters === true) {
urlObject.search = '';
}
// Sort query parameters
if (options.sortQueryParameters) {
urlObj.searchParams.sort();
urlObject.searchParams.sort();
}
if (options.removeTrailingSlash) {
urlObj.pathname = urlObj.pathname.replace(/\/$/, '');
urlObject.pathname = urlObject.pathname.replace(/\/$/, '');
}
// Take advantage of many of the Node `url` normalizations
urlString = urlObj.toString();
const oldUrlString = urlString;
// Remove ending `/`
if ((options.removeTrailingSlash || urlObj.pathname === '/') && urlObj.hash === '') {
// Take advantage of many of the Node `url` normalizations
urlString = urlObject.toString();
if (!options.removeSingleSlash && urlObject.pathname === '/' && !oldUrlString.endsWith('/') && urlObject.hash === '') {
urlString = urlString.replace(/\/$/, '');
}
// Remove ending `/` unless removeSingleSlash is false
if ((options.removeTrailingSlash || urlObject.pathname === '/') && urlObject.hash === '' && options.removeSingleSlash) {
urlString = urlString.replace(/\/$/, '');
}
@ -214,8 +207,4 @@ const normalizeUrl = (urlString, options) => {
}
return urlString;
};
module.exports = normalizeUrl;
// TODO: Remove this for the next major release
module.exports.default = normalizeUrl;
}

2
node_modules/normalize-url/license generated vendored
View file

@ -1,6 +1,6 @@
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com)
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

24
node_modules/normalize-url/package.json generated vendored
View file

@ -1,16 +1,19 @@
{
"name": "normalize-url",
"version": "4.5.0",
"version": "7.0.0",
"description": "Normalize a URL",
"license": "MIT",
"repository": "sindresorhus/normalize-url",
"funding": "https://github.com/sponsors/sindresorhus",
"author": {
"name": "Sindre Sorhus",
"email": "sindresorhus@gmail.com",
"url": "sindresorhus.com"
"url": "https://sindresorhus.com"
},
"type": "module",
"exports": "./index.js",
"engines": {
"node": ">=8"
"node": ">=12.20"
},
"scripts": {
"test": "xo && nyc ava && tsd"
@ -35,10 +38,15 @@
"canonical"
],
"devDependencies": {
"ava": "^2.4.0",
"coveralls": "^3.0.6",
"nyc": "^14.1.1",
"tsd": "^0.8.0",
"xo": "^0.24.0"
"ava": "^3.15.0",
"nyc": "^15.1.0",
"tsd": "^0.17.0",
"xo": "^0.41.0"
},
"nyc": {
"reporter": [
"text",
"lcov"
]
}
}

98
node_modules/normalize-url/readme.md generated vendored
View file

@ -1,30 +1,29 @@
# normalize-url [![Build Status](https://travis-ci.org/sindresorhus/normalize-url.svg?branch=master)](https://travis-ci.org/sindresorhus/normalize-url) [![Coverage Status](https://coveralls.io/repos/github/sindresorhus/normalize-url/badge.svg?branch=master)](https://coveralls.io/github/sindresorhus/normalize-url?branch=master)
# normalize-url [![Coverage Status](https://codecov.io/gh/sindresorhus/normalize-url/branch/main/graph/badge.svg)](https://codecov.io/gh/sindresorhus/normalize-url)
> [Normalize](https://en.wikipedia.org/wiki/URL_normalization) a URL
Useful when you need to display, store, deduplicate, sort, compare, etc, URLs.
## Install
```
$ npm install normalize-url
```
*If you need to use this in the browser, use version 4: `npm i normalize-url@4`*
## Usage
```js
const normalizeUrl = require('normalize-url');
import normalizeUrl from 'normalize-url';
normalizeUrl('sindresorhus.com');
//=> 'http://sindresorhus.com'
normalizeUrl('HTTP://xn--xample-hva.com:80/?b=bar&a=foo');
//=> 'http://êxample.com/?a=foo&b=bar'
normalizeUrl('//www.sindresorhus.com:80/../baz?b=bar&a=foo');
//=> 'http://sindresorhus.com/baz?a=foo&b=bar'
```
## API
### normalizeUrl(url, options?)
@ -41,12 +40,12 @@ Type: `object`
##### defaultProtocol
Type: `string`<br>
Type: `string`\
Default: `http:`
##### normalizeProtocol
Type: `boolean`<br>
Type: `boolean`\
Default: `true`
Prepend `defaultProtocol` to the URL if it's protocol-relative.
@ -61,7 +60,7 @@ normalizeUrl('//sindresorhus.com:80/', {normalizeProtocol: false});
##### forceHttp
Type: `boolean`<br>
Type: `boolean`\
Default: `false`
Normalize `https:` to `http:`.
@ -76,7 +75,7 @@ normalizeUrl('https://sindresorhus.com:80/', {forceHttp: true});
##### forceHttps
Type: `boolean`<br>
Type: `boolean`\
Default: `false`
Normalize `http:` to `https:`.
@ -93,7 +92,7 @@ This option can't be used with the `forceHttp` option at the same time.
##### stripAuthentication
Type: `boolean`<br>
Type: `boolean`\
Default: `true`
Strip the [authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) part of the URL.
@ -108,7 +107,7 @@ normalizeUrl('user:password@sindresorhus.com', {stripAuthentication: false});
##### stripHash
Type: `boolean`<br>
Type: `boolean`\
Default: `false`
Strip the hash part of the URL.
@ -123,7 +122,7 @@ normalizeUrl('sindresorhus.com/about.html#contact', {stripHash: true});
##### stripProtocol
Type: `boolean`<br>
Type: `boolean`\
Default: `false`
Remove HTTP(S) protocol from the URL: `http://sindresorhus.com``sindresorhus.com`.
@ -132,13 +131,36 @@ Remove HTTP(S) protocol from the URL: `http://sindresorhus.com` → `sindresorhu
normalizeUrl('https://sindresorhus.com');
//=> 'https://sindresorhus.com'
normalizeUrl('sindresorhus.com', {stripProtocol: true});
normalizeUrl('https://sindresorhus.com', {stripProtocol: true});
//=> 'sindresorhus.com'
```
##### stripTextFragment
Type: `boolean`\
Default: `true`
Strip the [text fragment](https://web.dev/text-fragments/) part of the URL.
**Note:** The text fragment will always be removed if the `stripHash` option is set to `true`, as the hash contains the text fragment.
```js
normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello');
//=> 'http://sindresorhus.com/about.html#'
normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello');
//=> 'http://sindresorhus.com/about.html#section'
normalizeUrl('http://sindresorhus.com/about.html#:~:text=hello', {stripTextFragment: false});
//=> 'http://sindresorhus.com/about.html#:~:text=hello'
normalizeUrl('http://sindresorhus.com/about.html#section:~:text=hello', {stripTextFragment: false});
//=> 'http://sindresorhus.com/about.html#section:~:text=hello'
```
##### stripWWW
Type: `boolean`<br>
Type: `boolean`\
Default: `true`
Remove `www.` from the URL.
@ -153,7 +175,7 @@ normalizeUrl('http://www.sindresorhus.com', {stripWWW: false});
##### removeQueryParameters
Type: `Array<RegExp | string>`<br>
Type: `Array<RegExp | string> | boolean`\
Default: `[/^utm_\w+/i]`
Remove query parameters that matches any of the provided strings or regexes.
@ -165,14 +187,32 @@ normalizeUrl('www.sindresorhus.com?foo=bar&ref=test_ref', {
//=> 'http://sindresorhus.com/?foo=bar'
```
If a boolean is provided, `true` will remove all the query parameters.
```js
normalizeUrl('www.sindresorhus.com?foo=bar', {
removeQueryParameters: true
});
//=> 'http://sindresorhus.com'
```
`false` will not remove any query parameter.
```js
normalizeUrl('www.sindresorhus.com?foo=bar&utm_medium=test&ref=test_ref', {
removeQueryParameters: false
});
//=> 'http://www.sindresorhus.com/?foo=bar&ref=test_ref&utm_medium=test'
```
##### removeTrailingSlash
Type: `boolean`<br>
Type: `boolean`\
Default: `true`
Remove trailing slash.
**Note:** Trailing slash is always removed if the URL doesn't have a pathname.
**Note:** Trailing slash is always removed if the URL doesn't have a pathname unless the `removeSingleSlash` option is set to `false`.
```js
normalizeUrl('http://sindresorhus.com/redirect/');
@ -185,9 +225,25 @@ normalizeUrl('http://sindresorhus.com/', {removeTrailingSlash: false});
//=> 'http://sindresorhus.com'
```
##### removeSingleSlash
Type: `boolean`\
Default: `true`
Remove a sole `/` pathname in the output. This option is independant of `removeTrailingSlash`.
```js
normalizeUrl('https://sindresorhus.com/');
//=> 'https://sindresorhus.com'
normalizeUrl('https://sindresorhus.com/', {removeSingleSlash: false});
//=> 'https://sindresorhus.com/'
```
##### removeDirectoryIndex
Type: `boolean | Array<RegExp | string>`<br>
Type: `boolean | Array<RegExp | string>`\
Default: `false`
Removes the default directory index file from path that matches any of the provided strings or regexes. When `true`, the regex `/^index\.[a-z]+$/` is used.
@ -201,7 +257,7 @@ normalizeUrl('www.sindresorhus.com/foo/default.php', {
##### sortQueryParameters
Type: `boolean`<br>
Type: `boolean`\
Default: `true`
Sorts the query parameters alphabetically by key.
@ -213,12 +269,10 @@ normalizeUrl('www.sindresorhus.com?b=two&a=one&c=three', {
//=> 'http://sindresorhus.com/?b=two&a=one&c=three'
```
## Related
- [compare-urls](https://github.com/sindresorhus/compare-urls) - Compare URLs by first normalizing them
---
<div align="center">