@autosec/fetchhole NPM

FetchHole

Elevate your Function as a Service (FaaS) development with enhanced security at the edge using @autosec/fetchhole. This package acts as a sophisticated drop-in replacement for the native fetch() function, tailored for developers who emphasize security in their web applications.

Features

Drop-in Replacement: Seamlessly integrates with existing code, replacing the native fetch() function.
Advanced Logging: Comprehensive logging capabilities for effective debugging.
Redirect Intercept: Customize redirect limits with a default of 20, as per the WHATWG Fetch specification.
Header Computation: Automatically computes and adds missing Content-Length and ETag headers. Choose your preferred ETag hash algorithm, with sha256 as the default.
Cache Support: Utilizes memory or disk caching via the Cache Web API. Compatible with Cloudflare's cache API for Cloudflare users.
Intercept for Alternate Routing: Ideal for scenarios like Cloudflare Workers Binding, allowing for alternate request routing.
Custom DNS Resolver Support: Designed for DNS level security applications like Zero Trust services. Compatible with any DoH resolver that uses 0.0.0.0 for blocking.
- Direct IP Address Handling: Offers three modes for handling direct IP address access:
  - Full Block
  - Fail if No PTR Record (conducts a PTR record check, followed by a standard DNS check)
  - Allow

Installation

npm install @autosec/fetchhole

Usage

Simply import fetchhole and use it as a replacement for the native fetch() function.

import fetch from '@autosec/fetchhole';

// Use fetch as you normally would
fetch('https://example.com').then((response) => {
	// Your code here
});

Configuration

You can customize fetchhole with various options to suit your needs. Settings can be applied at the class instance level or as an fetch init property: