http-proxy-middleware 0.17.2-beta → 0.18.0

package/CHANGELOG.md

@@ -1,5 +1,24 @@
 # Changelog
 
+## [v0.18.0](https://github.com/chimurai/http-proxy-middleware/releases/tag/v0.18.0)
+- fix(vulnerability): update micromatch to v3.x ([npm:braces:20180219](https://snyk.io/test/npm/http-proxy-middleware?tab=issues&severity=high&severity=medium&severity=low#npm:braces:20180219
+))
+- test(node): drop node 0.x support ([#212](https://github.com/chimurai/http-proxy-middleware/pull/212))
+
+
+## [v0.17.4](https://github.com/chimurai/http-proxy-middleware/releases/tag/v0.17.4)
+- fix(ntlm authentication): fixed bug preventing proxying with ntlm authentication. ([#132](https://github.com/chimurai/http-proxy-middleware/pull/149)) (Thanks: [EladBezalel](https://github.com/EladBezalel), [oshri551](https://github.com/oshri551))
+
+
+## [v0.17.3](https://github.com/chimurai/http-proxy-middleware/releases/tag/v0.17.3)
+- fix(onError): improve default proxy error handling. http status codes (504, 502 and 500). ([#132](https://github.com/chimurai/http-proxy-middleware/pull/132)) ([graingert](https://github.com/graingert))
+
+## [v0.17.2](https://github.com/chimurai/http-proxy-middleware/releases/tag/v0.17.2)
+- feat(logging): improve error message & add link to Node errors page. ([#106](https://github.com/chimurai/http-proxy-middleware/pull/106)) ([cloudmu](https://github.com/cloudmu))
+- feat(pathRewrite): path can be empty string. ([#110](https://github.com/chimurai/http-proxy-middleware/pull/110)) ([sunnylqm](https://github.com/sunnylqm))
+- bug(websocket): memory leak when option 'ws:true' is used. ([#114](https://github.com/chimurai/http-proxy-middleware/pull/114)) ([julbra](https://github.com/julbra))
+- chore(package.json): reduce package size. ([#109](https://github.com/chimurai/http-proxy-middleware/pull/109))
+
 ## [v0.17.1](https://github.com/chimurai/http-proxy-middleware/releases/tag/v0.17.1)
 - fix(Express sub Router): 404 on non-proxy routes  ([#94](https://github.com/chimurai/http-proxy-middleware/issues/94))
 

package/README.md

@@ -4,6 +4,7 @@
 [![Coveralls](https://img.shields.io/coveralls/chimurai/http-proxy-middleware.svg?style=flat-square)](https://coveralls.io/r/chimurai/http-proxy-middleware)
 [![dependency Status](https://img.shields.io/david/chimurai/http-proxy-middleware.svg?style=flat-square)](https://david-dm.org/chimurai/http-proxy-middleware#info=dependencies)
 [![dependency Status](https://snyk.io/test/npm/http-proxy-middleware/badge.svg)](https://snyk.io/test/npm/http-proxy-middleware)
+[![JavaScript Style Guide](https://img.shields.io/badge/codestyle-standard-brightgreen.svg)](https://standardjs.com)
 
 Node.js proxying made simple. Configure proxy middleware with ease for [connect](https://github.com/senchalabs/connect), [express](https://github.com/strongloop/express), [browser-sync](https://github.com/BrowserSync/browser-sync) and [many more](#compatible-servers).
 
@@ -31,7 +32,7 @@ _All_ `http-proxy` [options](https://github.com/nodejitsu/node-http-proxy#option
 
 ## Table of Contents
 
-<!-- MarkdownTOC autolink=true bracket=round depth=3 -->
+<!-- MarkdownTOC autolink=true bracket=round depth=2 -->
 
 - [Install](#install)
 - [Core concept](#core-concept)
@@ -107,8 +108,8 @@ var options = {
         changeOrigin: true,               // needed for virtual hosted sites
         ws: true,                         // proxy websockets
         pathRewrite: {
-            '^/old/api' : '/new/api',     // rewrite path
-            '^/remove/api' : '/api'       // remove path
+            '^/api/old-path' : '/api/new-path',     // rewrite path
+            '^/api/remove/path' : '/path'           // remove base path
         },
         router: {
             // when request.headers.host == 'dev.localhost:3000',
@@ -130,7 +131,7 @@ var app = express();
 
 Providing an alternative way to decide which requests should be proxied; In case you are not able to use the server's [`path` parameter](http://expressjs.com/en/4x/api.html#app.use) to mount the proxy or when you need more flexibility.
 
-The [RFC 3986 `path`](https://tools.ietf.org/html/rfc3986#section-3.3) is be used for context matching.
+[RFC 3986 `path`](https://tools.ietf.org/html/rfc3986#section-3.3) is used for context matching.
 
 ```
          foo://example.com:8042/over/there?name=ferret#nose
@@ -304,15 +305,29 @@ The following options are provided by the underlying [http-proxy](https://github
 *  **option.xfwd**: true/false, adds x-forward headers
 *  **option.secure**: true/false, if you want to verify the SSL Certs
 *  **option.toProxy**: true/false, passes the absolute URL as the `path` (useful for proxying to proxies)
-*  **option.prependPath**: true/false, Default: true - specify whether you want to prepend the target's path to the proxy path>
-*  **option.ignorePath**: true/false, Default: false - specify whether you want to ignore the proxy path of the incoming request>
+*  **option.prependPath**: true/false, Default: true - specify whether you want to prepend the target's path to the proxy path
+*  **option.ignorePath**: true/false, Default: false - specify whether you want to ignore the proxy path of the incoming request (note: you will have to append / manually if required).
 *  **option.localAddress** : Local interface string to bind for outgoing connections
-*  **option.changeOrigin**: true/false, adds host to request header.
+*  **option.changeOrigin**: true/false, Default: false - changes the origin of the host header to the target URL
 *  **option.auth** : Basic authentication i.e. 'user:password' to compute an Authorization header.
 *  **option.hostRewrite**: rewrites the location hostname on (301/302/307/308) redirects.
 *  **option.autoRewrite**: rewrites the location host/port on (301/302/307/308) redirects based on requested host/port. Default: false.
 *  **option.protocolRewrite**: rewrites the location protocol on (301/302/307/308) redirects to 'http' or 'https'. Default: null.
+*  **option.cookieDomainRewrite**: rewrites domain of `set-cookie` headers. Possible values:
+   * `false` (default): disable cookie rewriting
+   * String: new domain, for example `cookieDomainRewrite: "new.domain"`. To remove the domain, use `cookieDomainRewrite: ""`.
+   * Object: mapping of domains to new domains, use `"*"` to match all domains.  
+     For example keep one domain unchanged, rewrite one domain and remove other domains:
+     ```
+     cookieDomainRewrite: {
+       "unchanged.domain": "unchanged.domain",
+       "old.domain": "new.domain",
+       "*": ""
+     }
+     ```
 *  **option.headers**: object, adds [request headers](https://en.wikipedia.org/wiki/List_of_HTTP_header_fields#Request_fields). (Example: `{host:'www.example.org'}`)
+*  **option.proxyTimeout**: timeout (in millis) when proxy receives no response from target
+
 
 
 ## Shorthand
@@ -405,18 +420,13 @@ Run the test suite:
 ```bash
 # install dependencies
 $ npm install
-```
 
-unit testing
+# linting
+$ npm run lint
 
-```bash
 # unit tests
 $ npm test
-```
-
-coverage
 
-```bash
 # code coverage
 $ npm run cover
 ```
@@ -430,4 +440,4 @@ $ npm run cover
 
 The MIT License (MIT)
 
-Copyright (c) 2015-2016 Steven Chim
+Copyright (c) 2015-2017 Steven Chim

package/index.js

@@ -1,5 +1,5 @@
-var HPM  = require('./lib');
+var HPM = require('./lib')
 
-module.exports = function(context, opts) {
-    return new HPM(context, opts);
-};
+module.exports = function (context, opts) {
+  return new HPM(context, opts)
+}

package/lib/config-factory.js

@@ -1,54 +1,55 @@
-var _      = require('lodash');
-var url    = require('url');
-var logger = require('./logger').getInstance();
+var _ = require('lodash')
+var url = require('url')
+var ERRORS = require('./errors')
+var logger = require('./logger').getInstance()
 
 module.exports = {
-    createConfig: createConfig
-};
-
-function createConfig(context, opts) {
-    // structure of config object to be returned
-    var config = {
-        context: undefined,
-        options: {}
-    };
-
-    // app.use('/api', proxy({target:'http://localhost:9000'}));
-    if (isContextless(context, opts)) {
-        config.context = '/';
-        config.options = _.assign(config.options, context);
-    }
-    // app.use('/api', proxy('http://localhost:9000'));
-    // app.use(proxy('http://localhost:9000/api'));
-    else if (isStringShortHand(context)) {
-        var oUrl   = url.parse(context);
-        var target = [oUrl.protocol, '//', oUrl.host].join('');
-
-        config.context = oUrl.pathname || '/';
-        config.options = _.assign(config.options, {target: target}, opts);
-
-        if (oUrl.protocol === 'ws:' || oUrl.protocol === 'wss:') {
-            config.options.ws = true;
-        }
-    // app.use('/api', proxy({target:'http://localhost:9000'}));
-    } else {
-        config.context = context;
-        config.options = _.assign(config.options, opts);
+  createConfig: createConfig
+}
+
+function createConfig (context, opts) {
+  // structure of config object to be returned
+  var config = {
+    context: undefined,
+    options: {}
+  }
+
+  // app.use('/api', proxy({target:'http://localhost:9000'}));
+  if (isContextless(context, opts)) {
+    config.context = '/'
+    config.options = _.assign(config.options, context)
+
+  // app.use('/api', proxy('http://localhost:9000'));
+  // app.use(proxy('http://localhost:9000/api'));
+  } else if (isStringShortHand(context)) {
+    var oUrl = url.parse(context)
+    var target = [oUrl.protocol, '//', oUrl.host].join('')
+
+    config.context = oUrl.pathname || '/'
+    config.options = _.assign(config.options, {target: target}, opts)
+
+    if (oUrl.protocol === 'ws:' || oUrl.protocol === 'wss:') {
+      config.options.ws = true
     }
+  // app.use('/api', proxy({target:'http://localhost:9000'}));
+  } else {
+    config.context = context
+    config.options = _.assign(config.options, opts)
+  }
 
-    configureLogger(config.options);
+  configureLogger(config.options)
 
-    if (!config.options.target) {
-        throw new Error('[HPM] Missing "target" option. Example: {target: "http://www.example.org"}');
-    }
+  if (!config.options.target) {
+    throw new Error(ERRORS.ERR_CONFIG_FACTORY_TARGET_MISSING)
+  }
 
-    // Legacy option.proxyHost
-    config.options = mapLegacyProxyHostOption(config.options);
+  // Legacy option.proxyHost
+  config.options = mapLegacyProxyHostOption(config.options)
 
-    // Legacy option.proxyTable > option.router
-    config.options = mapLegacyProxyTableOption(config.options);
+  // Legacy option.proxyTable > option.router
+  config.options = mapLegacyProxyTableOption(config.options)
 
-    return config;
+  return config
 }
 
 /**
@@ -62,10 +63,10 @@ function createConfig(context, opts) {
  * @param  {String}  context [description]
  * @return {Boolean}         [description]
  */
-function isStringShortHand(context) {
-    if (_.isString(context)) {
-        return (url.parse(context).host) ? true : false;
-    }
+function isStringShortHand (context) {
+  if (_.isString(context)) {
+    return !!(url.parse(context).host)
+  }
 }
 
 /**
@@ -79,48 +80,48 @@ function isStringShortHand(context) {
  * @param  {*}       opts    [description]
  * @return {Boolean}         [description]
  */
-function isContextless(context, opts) {
-    return (_.isPlainObject(context) && _.isEmpty(opts));
+function isContextless (context, opts) {
+  return (_.isPlainObject(context) && _.isEmpty(opts))
 }
 
-function mapLegacyProxyHostOption(options) {
-    // set options.headers.host when option.proxyHost is provided
-    if (options.proxyHost) {
-        logger.warn('*************************************');
-        logger.warn('[HPM] Deprecated "option.proxyHost"');
-        logger.warn('      Use "option.changeOrigin" or "option.headers.host" instead');
-        logger.warn('      "option.proxyHost" will be removed in future release.');
-        logger.warn('*************************************');
-
-        options.headers = options.headers || {};
-        options.headers.host = options.proxyHost;
-    }
+function mapLegacyProxyHostOption (options) {
+  // set options.headers.host when option.proxyHost is provided
+  if (options.proxyHost) {
+    logger.warn('*************************************')
+    logger.warn('[HPM] Deprecated "option.proxyHost"')
+    logger.warn('      Use "option.changeOrigin" or "option.headers.host" instead')
+    logger.warn('      "option.proxyHost" will be removed in future release.')
+    logger.warn('*************************************')
 
-    return options;
+    options.headers = options.headers || {}
+    options.headers.host = options.proxyHost
+  }
+
+  return options
 }
 
 // Warn deprecated proxyTable api usage
-function mapLegacyProxyTableOption(options) {
-    if (options.proxyTable) {
-        logger.warn('*************************************');
-        logger.warn('[HPM] Deprecated "option.proxyTable"');
-        logger.warn('      Use "option.router" instead');
-        logger.warn('      "option.proxyTable" will be removed in future release.');
-        logger.warn('*************************************');
-
-        options.router = _.clone(options.proxyTable);
-        _.omit(options, 'proxyTable');
-    }
-
-    return options;
+function mapLegacyProxyTableOption (options) {
+  if (options.proxyTable) {
+    logger.warn('*************************************')
+    logger.warn('[HPM] Deprecated "option.proxyTable"')
+    logger.warn('      Use "option.router" instead')
+    logger.warn('      "option.proxyTable" will be removed in future release.')
+    logger.warn('*************************************')
+
+    options.router = _.clone(options.proxyTable)
+    _.omit(options, 'proxyTable')
+  }
+
+  return options
 }
 
-function configureLogger(options) {
-    if (options.logLevel) {
-        logger.setLevel(options.logLevel);
-    }
+function configureLogger (options) {
+  if (options.logLevel) {
+    logger.setLevel(options.logLevel)
+  }
 
-    if (options.logProvider) {
-        logger.setProvider(options.logProvider);
-    }
+  if (options.logProvider) {
+    logger.setProvider(options.logProvider)
+  }
 }

package/lib/context-matcher.js

@@ -1,43 +1,43 @@
-var _ = require('lodash');
-var url = require('url');
-var isGlob = require('is-glob');
-var micromatch = require('micromatch');
+var _ = require('lodash')
+var url = require('url')
+var isGlob = require('is-glob')
+var micromatch = require('micromatch')
+var ERRORS = require('./errors')
 
 module.exports = {
-    match: matchContext
-};
+  match: matchContext
+}
 
-function matchContext(context, uri, req) {
+function matchContext (context, uri, req) {
+  // single path
+  if (isStringPath(context)) {
+    return matchSingleStringPath(context, uri)
+  }
 
-    // single path
-    if (isStringPath(context)) {
-        return matchSingleStringPath(context, uri);
-    }
+  // single glob path
+  if (isGlobPath(context)) {
+    return matchSingleGlobPath(context, uri)
+  }
 
-    // single glob path
-    if (isGlobPath(context)) {
-        return matchSingleGlobPath(context, uri);
+  // multi path
+  if (Array.isArray(context)) {
+    if (context.every(isStringPath)) {
+      return matchMultiPath(context, uri)
     }
-
-    // multi path
-    if (Array.isArray(context)) {
-        if (context.every(isStringPath)) {
-            return matchMultiPath(context, uri);
-        }
-        if (context.every(isGlobPath)) {
-            return matchMultiGlobPath(context, uri);
-        }
-
-        throw new Error('[HPM] Invalid context. Expecting something like: ["/api", "/ajax"] or ["/api/**", "!**.html"]');
+    if (context.every(isGlobPath)) {
+      return matchMultiGlobPath(context, uri)
     }
 
-    // custom matching
-    if (_.isFunction(context)) {
-        var pathname = getUrlPathName(uri);
-        return context(pathname, req);
-    }
+    throw new Error(ERRORS.ERR_CONTEXT_MATCHER_INVALID_ARRAY)
+  }
+
+  // custom matching
+  if (_.isFunction(context)) {
+    var pathname = getUrlPathName(uri)
+    return context(pathname, req)
+  }
 
-    throw new Error('[HPM] Invalid context. Expecting something like: "/api" or ["/api", "/ajax"]');
+  throw new Error(ERRORS.ERR_CONTEXT_MATCHER_GENERIC)
 }
 
 /**
@@ -45,34 +45,34 @@ function matchContext(context, uri, req) {
  * @param  {String} uri     'http://example.org/api/b/c/d.html'
  * @return {Boolean}
  */
-function matchSingleStringPath(context, uri) {
-    var pathname = getUrlPathName(uri);
-    return pathname.indexOf(context) === 0;
+function matchSingleStringPath (context, uri) {
+  var pathname = getUrlPathName(uri)
+  return pathname.indexOf(context) === 0
 }
 
-function matchSingleGlobPath(pattern, uri) {
-    var pathname = getUrlPathName(uri);
-    var matches = micromatch(pathname, pattern);
-    return matches && (matches.length > 0);
+function matchSingleGlobPath (pattern, uri) {
+  var pathname = getUrlPathName(uri)
+  var matches = micromatch(pathname, pattern)
+  return matches && (matches.length > 0)
 }
 
-function matchMultiGlobPath(patternList, uri) {
-    return matchSingleGlobPath(patternList, uri);
+function matchMultiGlobPath (patternList, uri) {
+  return matchSingleGlobPath(patternList, uri)
 }
 
 /**
- * @param  {String} context ['/api', '/ajax']
+ * @param  {String} contextList ['/api', '/ajax']
  * @param  {String} uri     'http://example.org/api/b/c/d.html'
  * @return {Boolean}
  */
-function matchMultiPath(contextList, uri) {
-    for (var i = 0; i < contextList.length; i++) {
-        var context = contextList[i];
-        if (matchSingleStringPath(context, uri)) {
-            return true;
-        }
+function matchMultiPath (contextList, uri) {
+  for (var i = 0; i < contextList.length; i++) {
+    var context = contextList[i]
+    if (matchSingleStringPath(context, uri)) {
+      return true
     }
-    return false;
+  }
+  return false
 }
 
 /**
@@ -81,14 +81,14 @@ function matchMultiPath(contextList, uri) {
  * @param  {String} uri from req.url
  * @return {String}     RFC 3986 path
  */
-function getUrlPathName(uri) {
-    return uri && url.parse(uri).pathname;
+function getUrlPathName (uri) {
+  return uri && url.parse(uri).pathname
 }
 
-function isStringPath(context) {
-    return _.isString(context) && !isGlob(context);
+function isStringPath (context) {
+  return _.isString(context) && !isGlob(context)
 }
 
-function isGlobPath(context) {
-    return isGlob(context);
+function isGlobPath (context) {
+  return isGlob(context)
 }

package/lib/errors.js

@@ -0,0 +1,8 @@
+/* eslint-disable max-len */
+
+module.exports = {
+  ERR_CONFIG_FACTORY_TARGET_MISSING: '[HPM] Missing "target" option. Example: {target: "http://www.example.org"}',
+  ERR_CONTEXT_MATCHER_GENERIC: '[HPM] Invalid context. Expecting something like: "/api" or ["/api", "/ajax"]',
+  ERR_CONTEXT_MATCHER_INVALID_ARRAY: '[HPM] Invalid context. Expecting something like: ["/api", "/ajax"] or ["/api/**", "!**.html"]',
+  ERR_PATH_REWRITER_CONFIG: '[HPM] Invalid pathRewrite config. Expecting object with pathRewrite config or a rewrite function'
+}

package/lib/handlers.js

@@ -1,62 +1,74 @@
-var _      = require('lodash');
-var logger = require('./logger').getInstance();
+var _ = require('lodash')
+var logger = require('./logger').getInstance()
 
 module.exports = {
-    init: init,
-    getHandlers: getProxyEventHandlers
-};
+  init: init,
+  getHandlers: getProxyEventHandlers
+}
 
-function init(proxy, opts) {
-    var handlers = getProxyEventHandlers(opts);
+function init (proxy, opts) {
+  var handlers = getProxyEventHandlers(opts)
 
-    _.forIn(handlers, function(handler, eventName) {
-        proxy.on(eventName, handlers[eventName]);
-    });
+  _.forIn(handlers, function (handler, eventName) {
+    proxy.on(eventName, handlers[eventName])
+  })
 
-    logger.debug('[HPM] Subscribed to http-proxy events: ', _.keys(handlers));
+  logger.debug('[HPM] Subscribed to http-proxy events: ', _.keys(handlers))
 }
 
-function getProxyEventHandlers(opts) {
-    // https://github.com/nodejitsu/node-http-proxy#listening-for-proxy-events
-    var proxyEvents = ['error', 'proxyReq', 'proxyReqWs', 'proxyRes', 'open', 'close'];
-    var handlers = {};
-
-    _.forEach(proxyEvents, function(event) {
-        // all handlers for the http-proxy events are prefixed with 'on'.
-        // loop through options and try to find these handlers
-        // and add them to the handlers object for subscription in init().
-        var eventName = _.camelCase('on ' + event);
-        var fnHandler = _.get(opts, eventName);
-
-        if (_.isFunction(fnHandler)) {
-            handlers[event] = fnHandler;
-        }
-    });
-
-    // add default error handler in absence of error handler
-    if (!_.isFunction(handlers.error)) {
-        handlers.error = defaultErrorHandler;
-    }
+function getProxyEventHandlers (opts) {
+  // https://github.com/nodejitsu/node-http-proxy#listening-for-proxy-events
+  var proxyEvents = ['error', 'proxyReq', 'proxyReqWs', 'proxyRes', 'open', 'close']
+  var handlers = {}
+
+  _.forEach(proxyEvents, function (event) {
+    // all handlers for the http-proxy events are prefixed with 'on'.
+    // loop through options and try to find these handlers
+    // and add them to the handlers object for subscription in init().
+    var eventName = _.camelCase('on ' + event)
+    var fnHandler = _.get(opts, eventName)
 
-    // add default close handler in absence of close handler
-    if (!_.isFunction(handlers.close)) {
-        handlers.close = logClose;
+    if (_.isFunction(fnHandler)) {
+      handlers[event] = fnHandler
     }
+  })
 
-    return handlers;
-};
+  // add default error handler in absence of error handler
+  if (!_.isFunction(handlers.error)) {
+    handlers.error = defaultErrorHandler
+  }
+
+  // add default close handler in absence of close handler
+  if (!_.isFunction(handlers.close)) {
+    handlers.close = logClose
+  }
+
+  return handlers
+}
 
-function defaultErrorHandler(err, req, res) {
-    var host = (req.headers && req.headers.host);
+function defaultErrorHandler (err, req, res) {
+  var host = (req.headers && req.headers.host)
+  var code = err.code
 
-    if (res.writeHead && !res.headersSent) {
-        res.writeHead(500);
+  if (res.writeHead && !res.headersSent) {
+    if (/HPE_INVALID/.test(code)) {
+      res.writeHead(502)
+    } else {
+      switch (code) {
+        case 'ECONNRESET':
+        case 'ENOTFOUND':
+        case 'ECONNREFUSED':
+          res.writeHead(504)
+          break
+        default: res.writeHead(500)
+      }
     }
+  }
 
-    res.end('Error occured while trying to proxy to: ' + host + req.url);
+  res.end('Error occured while trying to proxy to: ' + host + req.url)
 }
 
-function logClose(req, socket, head) {
-    // view disconnected websocket connections
-    logger.info('[HPM] Client disconnected');
+function logClose (req, socket, head) {
+  // view disconnected websocket connections
+  logger.info('[HPM] Client disconnected')
 }