npm - follow-redirects - Versions diffs - 1.10.0 → 1.13.0 - Mend

follow-redirects 1.10.0 → 1.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of follow-redirects might be problematic. Click here for more details.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -6,6 +6,7 @@ Drop-in replacement for Node's `http` and `https` modules that automatically fol
 [![Build Status](https://travis-ci.org/follow-redirects/follow-redirects.svg?branch=master)](https://travis-ci.org/follow-redirects/follow-redirects)
 [![Coverage Status](https://coveralls.io/repos/follow-redirects/follow-redirects/badge.svg?branch=master)](https://coveralls.io/r/follow-redirects/follow-redirects?branch=master)
 [![npm downloads](https://img.shields.io/npm/dm/follow-redirects.svg)](https://www.npmjs.com/package/follow-redirects)
+[![Sponsor on GitHub](https://img.shields.io/static/v1?label=Sponsor&message=%F0%9F%92%96&logo=GitHub)](https://github.com/sponsors/RubenVerborgh)
 `follow-redirects` provides [request](https://nodejs.org/api/http.html#http_http_request_options_callback) and [get](https://nodejs.org/api/http.html#http_http_get_options_callback)
  methods that behave identically to those found on the native [http](https://nodejs.org/api/http.html#http_http_request_options_callback) and [https](https://nodejs.org/api/https.html#https_https_request_options_callback)
@@ -27,13 +28,14 @@ You can inspect the final redirected URL through the `responseUrl` property on t
 If no redirection happened, `responseUrl` is the original request URL.
 ```javascript
-https.request({
+const request = https.request({
   host: 'bitly.com',
   path: '/UHfDGO',
 }, response => {
   console.log(response.responseUrl);
   // 'http://duckduckgo.com/robots.txt'
 });
+request.end();
 ```
 ## Options
@@ -61,8 +63,9 @@ const { http, https } = require('follow-redirects');
 const options = url.parse('http://bit.ly/900913');
 options.maxRedirects = 10;
-options.beforeRedirect = options => {
-  // Use this function to adjust the options upon redirecting,
+options.beforeRedirect = (options, { headers }) => {
+  // Use this to adjust the request options upon redirecting,
+  // to inspect the latest response headers,
   // or to cancel the request by throwing an error
   if (options.hostname === "example.com") {
     options.auth = "user:password";

package/debug.js ADDED Viewed

@@ -0,0 +1,9 @@
+var debug;
+try {
+  /* eslint global-require: off */
+  debug = require("debug")("follow-redirects");
+}
+catch (error) {
+  debug = function () { /* */ };
+}
+module.exports = debug;

package/index.js CHANGED Viewed

@@ -2,9 +2,9 @@ var url = require("url");
 var URL = url.URL;
 var http = require("http");
 var https = require("https");
-var assert = require("assert");
 var Writable = require("stream").Writable;
-var debug = require("debug")("follow-redirects");
+var assert = require("assert");
+var debug = require("./debug");
 // Create handlers that pass events from native requests
 var eventHandlers = Object.create(null);
@@ -335,20 +335,26 @@ RedirectableRequest.prototype._processResponse = function (response) {
     }
     // Drop the Host header, as the redirect might lead to a different host
-    if (!this._isRedirect) {
-      removeMatchingHeaders(/^host$/i, this._options.headers);
-    }
+    var previousHostName = removeMatchingHeaders(/^host$/i, this._options.headers) ||
+      url.parse(this._currentUrl).hostname;
     // Create the redirected request
     var redirectUrl = url.resolve(this._currentUrl, location);
     debug("redirecting to", redirectUrl);
     this._isRedirect = true;
-    Object.assign(this._options, url.parse(redirectUrl));
+    var redirectUrlParts = url.parse(redirectUrl);
+    Object.assign(this._options, redirectUrlParts);
+    // Drop the Authorization header if redirecting to another host
+    if (redirectUrlParts.hostname !== previousHostName) {
+      removeMatchingHeaders(/^authorization$/i, this._options.headers);
+    }
     // Evaluate the beforeRedirect callback
     if (typeof this._options.beforeRedirect === "function") {
+      var responseDetails = { headers: response.headers };
       try {
-        this._options.beforeRedirect.call(null, this._options);
+        this._options.beforeRedirect.call(null, this._options, responseDetails);
       }
       catch (err) {
         this.emit("error", err);
@@ -465,11 +471,14 @@ function urlToOptions(urlObject) {
 }
 function removeMatchingHeaders(regex, headers) {
+  var lastValue;
   for (var header in headers) {
     if (regex.test(header)) {
+      lastValue = headers[header];
       delete headers[header];
     }
   }
+  return lastValue;
 }
 function createErrorType(code, defaultMessage) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "follow-redirects",
-  "version": "1.10.0",
+  "version": "1.13.0",
   "description": "HTTP and HTTPS modules that follow redirects.",
   "license": "MIT",
   "main": "index.js",
@@ -37,9 +37,12 @@
     "Olivier Lalonde <olalonde@gmail.com> (http://www.syskall.com)",
     "James Talmage <james@talmage.io>"
   ],
-  "dependencies": {
-    "debug": "^3.0.0"
-  },
+  "funding": [
+    {
+      "type": "individual",
+      "url": "https://github.com/sponsors/RubenVerborgh"
+    }
+  ],
   "devDependencies": {
     "concat-stream": "^2.0.0",
     "eslint": "^5.16.0",