@nxtedition/lib 14.3.0 → 15.0.0

package/undici/interceptor/content.js

@@ -0,0 +1,137 @@
+const crypto = require('node:crypto')
+const stream = require('node:stream')
+const assert = require('node:assert')
+const { findHeader } = require('../utils')
+const { isStream } = require('../../stream')
+
+class Handler {
+  constructor(opts, { handler }) {
+    this.handler = handler
+    this.md5 = null
+    this.length = null
+
+    this.hasher = null
+    this.pos = 0
+  }
+
+  onConnect(abort) {
+    return this.handler.onConnect(abort)
+  }
+
+  onBodySent(chunk) {
+    return this.handler.onBodySent(chunk)
+  }
+
+  onHeaders(statusCode, rawHeaders, resume, statusMessage) {
+    this.md5 = findHeader(rawHeaders, 'content-md5')
+    this.length = findHeader(rawHeaders, 'content-length')
+
+    this.hasher = this.md5 != null ? crypto.createHash('md5') : null
+
+    return this.handler.onHeaders(statusCode, rawHeaders, resume, statusMessage)
+  }
+
+  onData(chunk) {
+    this.pos += chunk.length
+    this.hasher?.update(chunk)
+    return this.handler.onData(chunk)
+  }
+
+  onComplete(rawTrailers) {
+    const hash = this.hasher?.digest('base64')
+    if (this.md5 != null && hash !== this.md5) {
+      this.handler.onError(
+        Object.assign(new Error('Request Content-Length mismatch'), {
+          expected: this.md5,
+          actual: hash,
+        }),
+      )
+    }
+    if (this.length != null && this.pos !== Number(this.length)) {
+      return this.handler.onError(
+        Object.assign(new Error('Request Content-Length mismatch'), {
+          expected: Number(this.length),
+          actual: this.pos,
+        }),
+      )
+    }
+    return this.handler.onComplete(rawTrailers)
+  }
+
+  onError(err) {
+    this.handler.onError(err)
+  }
+}
+
+module.exports = (dispatch) => (opts, handler) => {
+  const md5 = opts.headers?.['content-md5'] ?? opts.headers?.['Content-MD5']
+  const length = opts.headers?.['content-lenght'] ?? opts.headers?.['Content-Length']
+
+  if (md5 == null && length == null) {
+    return dispatch(opts, new Handler(opts, { handler }))
+  }
+
+  if (isStream(opts.body)) {
+    const hasher = md5 ? crypto.createHash('md5') : null
+    let pos = 0
+
+    opts = {
+      ...opts,
+      body: stream.pipeline(
+        opts.body,
+        new stream.Transform({
+          transform(chunk, encoding, callback) {
+            pos += chunk.length
+            hasher?.update(chunk)
+            callback(null)
+          },
+          final(callback) {
+            const hash = hasher?.digest('base64')
+            if (md5 != null && hash !== md5) {
+              callback(
+                Object.assign(new Error('Request Content-MD5 mismatch'), {
+                  expected: md5,
+                  actual: hash,
+                }),
+              )
+            } else if (length != null && pos !== Number(length)) {
+              callback(
+                Object.assign(new Error('Request Content-Length mismatch'), {
+                  expected: Number(length),
+                  actual: pos,
+                }),
+              )
+            } else {
+              callback(null)
+            }
+          },
+        }),
+        () => {},
+      ),
+    }
+  } else if (opts.body instanceof Buffer || typeof opts.body === 'string') {
+    const buf = Buffer.from(opts.body)
+    const hasher = md5 ? crypto.createHash('md5') : null
+
+    const hash = hasher?.update(buf).digest('base64')
+    const pos = buf.length
+
+    if (md5 != null && hash !== md5) {
+      throw Object.assign(new Error('Request Content-MD5 mismatch'), {
+        expected: md5,
+        actual: hash,
+      })
+    }
+
+    if (length != null && pos !== Number(length)) {
+      throw Object.assign(new Error('Request Content-Length mismatch'), {
+        expected: Number(length),
+        actual: pos,
+      })
+    }
+  } else {
+    assert(false, 'not implemented')
+  }
+
+  return dispatch(opts, new Handler(opts, { handler }))
+}

package/undici/interceptor/log.js

@@ -0,0 +1,57 @@
+const { parseHeaders } = require('../../http.js')
+const xuid = require('xuid')
+
+class Handler {
+  constructor(opts, { handler }) {
+    this.handler = handler
+    this.opts = opts
+    this.abort = null
+    this.aborted = false
+
+    this.logger = opts.logger.child({ ureq: { id: xuid() } })
+    this.pos = 0
+  }
+
+  onConnect(abort) {
+    this.abort = abort
+    this.logger.debug({ ureq: this.opts }, 'upstream request started')
+    this.handler.onConnect((reason) => {
+      this.aborted = true
+      this.abort(reason)
+    })
+  }
+
+  onBodySent(chunk) {
+    return this.handler.onBodySent(chunk)
+  }
+
+  onHeaders(statusCode, rawHeaders, resume, statusMessage) {
+    this.logger.debug(
+      { ures: { statusCode, headers: parseHeaders(rawHeaders) } },
+      'upstream request response',
+    )
+    return this.handler.onHeaders(statusCode, rawHeaders, resume, statusMessage)
+  }
+
+  onData(chunk) {
+    this.pos += chunk.length
+    return this.handler.onData(chunk)
+  }
+
+  onComplete(rawTrailers) {
+    this.logger.debug({ bytesRead: this.pos }, 'upstream request completed')
+    return this.handler.onComplete(rawTrailers)
+  }
+
+  onError(err) {
+    if (this.aborted) {
+      this.logger.debug({ bytesRead: this.pos, err }, 'upstream request aborted')
+    } else {
+      this.logger.error({ bytesRead: this.pos, err }, 'upstream request failed')
+    }
+    return this.handler.onError(err)
+  }
+}
+
+module.exports = (dispatch) => (opts, handler) =>
+  opts.logger ? dispatch(opts, new Handler(opts, { handler })) : dispatch(opts, handler)

package/{proxy.js → undici/interceptor/proxy.js}

@@ -1,29 +1,107 @@
 const createError = require('http-errors')
 const net = require('net')
 
+class Handler {
+  constructor(opts, { handler }) {
+    this.handler = handler
+    this.opts = {
+      ...opts,
+      headers: reduceHeaders(
+        {
+          headers: opts.headers ?? {},
+          httpVersion: opts.proxy.httpVersion ?? opts.proxy.req?.httpVersion,
+          socket: opts.proxy.socket ?? opts.proxy.req?.socket,
+          proxyName: opts.proxy.name,
+        },
+        (obj, key, val) => {
+          obj[key] = val
+          return obj
+        },
+        {},
+      ),
+    }
+    this.abort = null
+    this.aborted = false
+  }
+
+  onConnect(abort) {
+    this.abort = abort
+    this.handler.onConnect((reason) => {
+      this.aborted = true
+      this.abort(reason)
+    })
+  }
+
+  onBodySent(chunk) {
+    return this.handler.onBodySent(chunk)
+  }
+
+  onHeaders(statusCode, rawHeaders, resume, statusMessage) {
+    return this.handler.onHeaders(
+      statusCode,
+      reduceHeaders(
+        {
+          headers: rawHeaders,
+          httpVersion: this.opts.proxy.httpVersion ?? this.opts.proxy.req?.httpVersion,
+          socket: null,
+          proxyName: this.opts.proxy.name,
+        },
+        (acc, key, val) => {
+          acc.push(key, val)
+          return acc
+        },
+        [],
+      ),
+      resume,
+      statusMessage,
+    )
+  }
+
+  onData(chunk) {
+    return this.handler.onData(chunk)
+  }
+
+  onComplete(rawTrailers) {
+    return this.handler.onComplete(rawTrailers)
+  }
+
+  onError(err) {
+    return this.handler.onError(err)
+  }
+}
+
+module.exports = (dispatch) => (opts, handler) =>
+  opts.proxy ? dispatch(opts, new Handler(opts, { handler })) : dispatch(opts, handler)
+
 // This expression matches hop-by-hop headers.
 // These headers are meaningful only for a single transport-level connection,
 // and must not be retransmitted by proxies or cached.
 const HOP_EXPR =
   /^(te|host|upgrade|trailers|connection|keep-alive|http2-settings|transfer-encoding|proxy-connection|proxy-authenticate|proxy-authorization)$/i
 
+function forEachHeader(headers, fn) {
+  if (Array.isArray(headers)) {
+    for (let n = 0; n < headers.length; n += 2) {
+      fn(headers[n + 0], headers[n + 1])
+    }
+  } else {
+    for (const [key, val] of Object.entries(headers)) {
+      fn(key, val)
+    }
+  }
+}
+
 // Removes hop-by-hop and pseudo headers.
 // Updates via and forwarded headers.
 // Only hop-by-hop headers may be set using the Connection general header.
-module.exports.reduceHeaders = function reduceHeaders(
-  { id, headers, proxyName, httpVersion, socket },
-  fn,
-  acc
-) {
-  let via
-  let forwarded
-  let host
-  let authority
-  let connection
-
-  const entries = Object.entries(headers)
-
-  for (const [key, val] of entries) {
+function reduceHeaders({ headers, proxyName, httpVersion, socket }, fn, acc) {
+  let via = ''
+  let forwarded = ''
+  let host = ''
+  let authority = ''
+  let connection = ''
+
+  forEachHeader(headers, (key, val) => {
     const len = key.length
     if (len === 3 && !via && key.toLowerCase() === 'via') {
       via = val
@@ -36,18 +114,18 @@ module.exports.reduceHeaders = function reduceHeaders(
     } else if (len === 10 && !authority && key.toLowerCase() === ':authority') {
       authority = val
     }
-  }
+  })
 
   let remove = []
   if (connection && !HOP_EXPR.test(connection)) {
     remove = connection.split(/,\s*/)
   }
 
-  for (const [key, val] of entries) {
+  forEachHeader(headers, (key, val) => {
     if (key.charAt(0) !== ':' && !remove.includes(key) && !HOP_EXPR.test(key)) {
       acc = fn(acc, key, val)
     }
-  }
+  })
 
   if (socket) {
     const forwardedHost = authority || host
@@ -60,7 +138,7 @@ module.exports.reduceHeaders = function reduceHeaders(
           socket.remoteAddress && `for=${printIp(socket.remoteAddress, socket.remotePort)}`,
           `proto=${socket.encrypted ? 'https' : 'http'}`,
           forwardedHost && `host="${forwardedHost}"`,
-        ].join(';')
+        ].join(';'),
     )
   } else if (forwarded) {
     // The forwarded header should not be included in response.
@@ -76,17 +154,13 @@ module.exports.reduceHeaders = function reduceHeaders(
     } else {
       via = ''
     }
-    via += `${httpVersion} ${proxyName}`
+    via += `${httpVersion ?? 'HTTP/1.1'} ${proxyName}`
   }
 
   if (via) {
     acc = fn(acc, 'via', via)
   }
 
-  if (id) {
-    acc = fn(acc, 'request-id', id)
-  }
-
   return acc
 }
 

package/undici/interceptor/redirect.js

@@ -0,0 +1,179 @@
+const assert = require('assert')
+const { findHeader } = require('../utils')
+const { isDisturbed, parseURL } = require('../utils')
+
+const redirectableStatusCodes = [300, 301, 302, 303, 307, 308]
+
+class Handler {
+  constructor(opts, { dispatch, handler }) {
+    this.dispatch = dispatch
+    this.handler = handler
+    this.opts = opts
+    this.abort = null
+    this.aborted = false
+    this.reason = null
+
+    this.count = 0
+    this.location = null
+
+    this.handler.onConnect((reason) => {
+      this.aborted = true
+      if (this.abort) {
+        this.abort(reason)
+      } else {
+        this.reason = reason
+      }
+    })
+  }
+
+  onConnect(abort) {
+    if (this.aborted) {
+      abort(this.reason)
+    } else {
+      this.abort = abort
+    }
+  }
+
+  onUpgrade(statusCode, headers, socket) {
+    this.handler.onUpgrade(statusCode, headers, socket)
+  }
+
+  onError(error) {
+    this.handler.onError(error)
+  }
+
+  onHeaders(statusCode, headers, resume, statusText) {
+    if (redirectableStatusCodes.indexOf(statusCode) === -1) {
+      return this.handler.onHeaders(statusCode, headers, resume, statusText)
+    }
+
+    if (isDisturbed(this.opts.body)) {
+      throw new Error(`Disturbed request cannot be redirected.`)
+    }
+
+    const maxCount = this.opts.follow.count
+
+    if (this.count++ >= maxCount) {
+      throw new Error(`Max redirections reached: ${maxCount}.`)
+    }
+
+    this.location = findHeader(headers, 'location')
+
+    if (!this.location) {
+      throw new Error(`Missing redirection location.`)
+    }
+
+    const { origin, pathname, search } = parseURL(
+      new URL(this.location, this.opts.origin && new URL(this.opts.path, this.opts.origin)),
+    )
+    const path = search ? `${pathname}${search}` : pathname
+
+    // Remove headers referring to the original URL.
+    // By default it is Host only, unless it's a 303 (see below), which removes also all Content-* headers.
+    // https://tools.ietf.org/html/rfc7231#section-6.4
+    this.opts = {
+      ...this.opts,
+      headers: cleanRequestHeaders(
+        this.opts.headers,
+        statusCode === 303,
+        this.opts.origin !== origin,
+      ),
+      path,
+      origin,
+      query: null,
+    }
+
+    // https://tools.ietf.org/html/rfc7231#section-6.4.4
+    // In case of HTTP 303, always replace method to be either HEAD or GET
+    if (statusCode === 303 && this.opts.method !== 'HEAD') {
+      this.opts = { ...this.opts, method: 'GET', body: null }
+    }
+  }
+
+  onData(chunk) {
+    if (this.location) {
+      /*
+        https://tools.ietf.org/html/rfc7231#section-6.4
+
+        TLDR: undici always ignores 3xx response bodies.
+
+        Redirection is used to serve the requested resource from another URL, so it is assumes that
+        no body is generated (and thus can be ignored). Even though generating a body is not prohibited.
+
+        For status 301, 302, 303, 307 and 308 (the latter from RFC 7238), the specs mention that the body usually
+        (which means it's optional and not mandated) contain just an hyperlink to the value of
+        the Location response header, so the body can be ignored safely.
+
+        For status 300, which is "Multiple Choices", the spec mentions both generating a Location
+        response header AND a response body with the other possible location to follow.
+        Since the spec explicitily chooses not to specify a format for such body and leave it to
+        servers and browsers implementors, we ignore the body as there is no specified way to eventually parse it.
+      */
+    } else {
+      return this.handler.onData(chunk)
+    }
+  }
+
+  onComplete(trailers) {
+    if (this.location) {
+      /*
+        https://tools.ietf.org/html/rfc7231#section-6.4
+
+        TLDR: undici always ignores 3xx response trailers as they are not expected in case of redirections
+        and neither are useful if present.
+
+        See comment on onData method above for more detailed informations.
+      */
+
+      this.location = null
+
+      this.dispatch(this.opts, this)
+    } else {
+      this.handler.onComplete(trailers)
+    }
+  }
+
+  onBodySent(chunk) {
+    if (this.handler.onBodySent) {
+      this.handler.onBodySent(chunk)
+    }
+  }
+}
+
+// https://tools.ietf.org/html/rfc7231#section-6.4.4
+function shouldRemoveHeader(header, removeContent, unknownOrigin) {
+  return (
+    (header.length === 4 && header.toString().toLowerCase() === 'host') ||
+    (removeContent && header.toString().toLowerCase().indexOf('content-') === 0) ||
+    (unknownOrigin &&
+      header.length === 13 &&
+      header.toString().toLowerCase() === 'authorization') ||
+    (unknownOrigin && header.length === 6 && header.toString().toLowerCase() === 'cookie')
+  )
+}
+
+// https://tools.ietf.org/html/rfc7231#section-6.4
+function cleanRequestHeaders(headers, removeContent, unknownOrigin) {
+  const ret = []
+  if (Array.isArray(headers)) {
+    for (let i = 0; i < headers.length; i += 2) {
+      if (!shouldRemoveHeader(headers[i], removeContent, unknownOrigin)) {
+        ret.push(headers[i], headers[i + 1])
+      }
+    }
+  } else if (headers && typeof headers === 'object') {
+    for (const key of Object.keys(headers)) {
+      if (!shouldRemoveHeader(key, removeContent, unknownOrigin)) {
+        ret.push(key, headers[key])
+      }
+    }
+  } else {
+    assert(headers == null, 'headers must be an object or an array')
+  }
+  return ret
+}
+
+module.exports = (dispatch) => (opts, handler) =>
+  opts.follow?.count
+    ? dispatch(opts, new Handler(opts, { handler, dispatch }))
+    : dispatch(opts, handler)

package/undici/interceptor/response-body-dump.js

@@ -0,0 +1,46 @@
+const { AbortError } = require('../../errors')
+
+class Handler {
+  constructor(opts, { handler }) {
+    this.handler = handler
+    this.pos = 0
+  }
+
+  onConnect(abort) {
+    this.abort = abort
+    return this.handler.onConnect(abort)
+  }
+
+  onBodySent(chunk) {
+    return this.handler.onBodySent(chunk)
+  }
+
+  onHeaders(statusCode, rawHeaders, resume, statusMessage) {
+    return this.handler.onHeaders(statusCode, rawHeaders, resume, statusMessage)
+  }
+
+  onData(chunk) {
+    this.pos += chunk.length
+    if (this.pos < 128 * 1024) {
+      return true
+    }
+
+    this.handler.onComplete([])
+    this.handler = null
+
+    this.abort(new AbortError('dump'))
+
+    return false
+  }
+
+  onComplete(rawTrailers) {
+    return this.handler.onComplete([])
+  }
+
+  onError(err) {
+    return this.handler?.onError(err)
+  }
+}
+
+module.exports = (dispatch) => (opts, handler) =>
+  opts.dump ? dispatch(opts, new Handler(opts, { handler })) : dispatch(opts, handler)