APIR - APIRequest

This Obsidian plugin enables users to make API requests directly within their notes and display the response in a code-block.

🔒 Security

This plugin implements comprehensive security measures including:

• Input validation for URLs, paths, and user data
• XSS prevention through HTML sanitization
• Protection against directory traversal attacks
• Safe JSONPath expression evaluation
• Secure localStorage handling

🚀 Installation

The plugin can be installed from within Obsidian.

Obsidian Community Plugin Browser

• Go to Settings -> Community plugins
• Make sure Restricted mode is off
• Click Browse
• Search for APIRequest
• Click Install and then Enable

🛠️ Usage

Read documentation here

✅ To-do

Check all changes on TODOS-v2.md

• Translate (& update) documentation
• Data re-usage ({{ls.UUID>JSONPath}} syntax, where ls stands for localStorage)
• Support for comments using # or // syntax
• Inline query from response (using Dataview)
• Add tests (!!!)
• Re-implement repeat flag (repeat requests X times or every X seconds)
• Security improvements (input validation, XSS prevention, path traversal protection)
• TypeScript type safety improvements
• Comprehensive error handling

🤝 Contributing

Contributions are welcome! Please read our Contributing Guidelines before submitting a pull request.

Development

# Install dependencies
npm install

# Build
npm run build

# Development mode (auto-rebuild)
npm run dev

For more details, see CONTRIBUTING.md.

🔒 Security Best Practices

When using this plugin:

1. Use HTTPS: Always use HTTPS URLs for API requests
2. Protect API Keys: Store API keys in global variables, not in notes
3. Review Cached Data: Regularly clear old cached responses
4. Validate Sources: Only connect to trusted API endpoints

❤️ Sponsors

✍️ Feedback and Contributions

If you encounter any issues or have feedback on the plugin, feel free to open an issue on the GitHub repository.

Contributions are also welcome!