npm - com.jimuwd.xian.registry-proxy - Versions diffs - 1.0.98 → 1.0.99 - Mend

com.jimuwd.xian.registry-proxy 1.0.98 → 1.0.99

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/index.js +23 -17
package/package.json +1 -1

package/dist/index.js CHANGED Viewed

@@ -184,33 +184,34 @@ async function writeResponseToDownstreamClient(registryInfo, targetUrl, resToDow
             // 默认是 connection: keep-alive 和 keep-alive: timeout=5，这里直接给它咔嚓掉
             resToDownstreamClient.setHeader('Connection', 'close');
             resToDownstreamClient.removeHeader('Keep-Alive');
-            resToDownstreamClient.setHeader('content-type', 'application/json');
+            resToDownstreamClient.setHeader('content-type', contentType);
             resToDownstreamClient.setHeader('content-length', Buffer.byteLength(bodyData));
             logger.info(`Response to downstream client headers`, JSON.stringify(resToDownstreamClient.getHeaders()), targetUrl);
             resToDownstreamClient.writeHead(upstreamResponse.status).end(bodyData);
         }
         else if (contentType.includes('application/octet-stream')) { // 二进制流处理
             logger.info("Write application/octet-stream response from upstream to downstream", targetUrl);
-            // 准备通用响应头信息
-            const safeHeaders = {};
-            // 复制所有可能需要的头信息（不包含安全相关的敏感头信息，如access-control-allow-origin、set-cookie、server、strict-transport-security等，这意味着代理服务器向下游客户端屏蔽了这些认证等安全数据）
-            // 也不能包含cf-cache-status、cf-ray（Cloudflare 特有字段）可能干扰客户端解析。
-            const headersToCopy = ['cache-control', 'connection', 'content-type', 'content-encoding', 'content-length', 'date', 'etag', 'last-modified', 'transfer-encoding', 'vary',];
-            headersToCopy.forEach(header => {
-                const value = upstreamResponse.headers.get(header);
-                if (value)
-                    safeHeaders[header] = value;
-            });
-            if (!safeHeaders['content-type'])
-                safeHeaders['content-type'] = 'application/octet-stream';
             if (!upstreamResponse.body) {
                 logger.error(`Empty response body from upstream ${targetUrl}`);
                 resToDownstreamClient.writeHead(502).end('Empty Upstream Response');
             }
             else {
                 // write back to client
+                // 准备通用响应头信息
+                const safeHeaders = { 'content-type': contentType };
+                // 复制所有可能需要的头信息（不包含安全相关的敏感头信息，如access-control-allow-origin、set-cookie、server、strict-transport-security等，这意味着代理服务器向下游客户端屏蔽了这些认证等安全数据）
+                // 也不能包含cf-cache-status、cf-ray（Cloudflare 特有字段）可能干扰客户端解析。
+                const headersToCopy = ['cache-control', 'connection', 'content-encoding', 'content-length', 'date', 'etag', 'last-modified', 'transfer-encoding', 'vary',];
+                headersToCopy.forEach(header => {
+                    const value = upstreamResponse.headers.get(header);
+                    if (value)
+                        safeHeaders[header] = value;
+                });
+                // 必须使用 ServerResponse.setHeaders(safeHeaders)来覆盖现有headers而不是ServerResponse.writeHead(status,headers)来合并headers！
+                // 这个坑害我浪费很久事件来调试！
+                resToDownstreamClient.setHeaders(safeHeaders);
                 logger.info(`Response to downstream client headers`, JSON.stringify(safeHeaders), targetUrl);
-                resToDownstreamClient.writeHead(upstreamResponse.status, safeHeaders);
+                resToDownstreamClient.writeHead(upstreamResponse.status);
                 // stop pipe when req from client is closed accidentally.
                 const cleanup = () => {
                     reqFromDownstreamClient.off('close', cleanup);
@@ -250,9 +251,14 @@ async function writeResponseToDownstreamClient(registryInfo, targetUrl, resToDow
         else {
             logger.warn(`Write unsupported content-type=${contentType} response from upstream to downstream ${targetUrl}`);
             const bodyData = await upstreamResponse.text();
-            const safeHeaders = { 'content-type': contentType, 'content-length': Buffer.byteLength(bodyData) };
-            logger.info(`Response to downstream client headers`, JSON.stringify(safeHeaders), targetUrl);
-            resToDownstreamClient.writeHead(upstreamResponse.status, safeHeaders).end(bodyData);
+            resToDownstreamClient.removeHeader('Transfer-Encoding');
+            // 默认是 connection: keep-alive 和 keep-alive: timeout=5，这里直接给它咔嚓掉
+            resToDownstreamClient.setHeader('Connection', 'close');
+            resToDownstreamClient.removeHeader('Keep-Alive');
+            resToDownstreamClient.setHeader('content-type', contentType);
+            resToDownstreamClient.setHeader('content-length', Buffer.byteLength(bodyData));
+            logger.info(`Response to downstream client headers`, JSON.stringify(resToDownstreamClient.getHeaders()), targetUrl);
+            resToDownstreamClient.writeHead(upstreamResponse.status).end(bodyData);
         }
     }
     catch (err) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "com.jimuwd.xian.registry-proxy",
-  "version": "1.0.98",
+  "version": "1.0.99",
   "description": "A lightweight npm registry proxy with fallback support",
   "type": "module",
   "main": "dist/index.js",