rekwest 3.3.4 → 4.1.0

package/src/index.mjs

@@ -3,6 +3,10 @@ import http2 from 'node:http2';
 import https from 'node:https';
 import { setTimeout as setTimeoutPromise } from 'node:timers/promises';
 import { ackn } from './ackn.mjs';
+import {
+  redirectModes,
+  redirectStatusCodes,
+} from './constants.mjs';
 import { Cookies } from './cookies.mjs';
 import { RequestError } from './errors.mjs';
 import { APPLICATION_OCTET_STREAM } from './mediatypes.mjs';
@@ -13,14 +17,15 @@ import {
   merge,
   mixin,
   preflight,
-  redirects,
-  revise,
+  sameOrigin,
+  sanitize,
   transform,
 } from './utils.mjs';
 
 export { constants } from 'node:http2';
 
 export * from './ackn.mjs';
+export * from './constants.mjs';
 export * from './cookies.mjs';
 export * from './errors.mjs';
 export * from './file.mjs';
@@ -29,14 +34,16 @@ export * as mediatypes from './mediatypes.mjs';
 export * from './utils.mjs';
 
 const {
-  HTTP2_HEADER_CONTENT_LENGTH,
+  HTTP2_HEADER_AUTHORIZATION,
   HTTP2_HEADER_CONTENT_TYPE,
   HTTP2_HEADER_LOCATION,
   HTTP2_HEADER_RETRY_AFTER,
   HTTP2_HEADER_SET_COOKIE,
   HTTP2_METHOD_GET,
   HTTP2_METHOD_HEAD,
+  HTTP2_METHOD_POST,
   HTTP_STATUS_BAD_REQUEST,
+  HTTP_STATUS_FOUND,
   HTTP_STATUS_MOVED_PERMANENTLY,
   HTTP_STATUS_SEE_OTHER,
   HTTP_STATUS_SERVICE_UNAVAILABLE,
@@ -70,8 +77,10 @@ let defaults = {
   timeout: 3e5,
 };
 
-export default async function rekwest(url, options = {}) {
-  ({ url } = revise({ options, url }));
+export default async function rekwest(...args) {
+  let options = sanitize(...args);
+  const { url } = options;
+
   if (!options.redirected) {
     options = merge(rekwest.defaults, options);
   }
@@ -98,17 +107,14 @@ export default async function rekwest(url, options = {}) {
     ].forEach((it) => Reflect.deleteProperty(options, it));
   }
 
-  options = preflight(options);
+  options = await transform(preflight(options));
 
   const { cookies, digest, follow, h2, redirect, redirected, thenable } = options;
   const { request } = (url.protocol === 'http:' ? http : https);
-  let { body } = options;
 
   const promise = new Promise((resolve, reject) => {
     let client, req;
 
-    body &&= transform(body, options);
-
     if (h2) {
       client = http2.connect(url.origin, options);
       req = client.request(options.headers, options);
@@ -149,30 +155,53 @@ export default async function rekwest(url, options = {}) {
                : void 0,
       });
 
-      if (follow && /^3\d{2}$/.test(res.statusCode) && res.headers[HTTP2_HEADER_LOCATION]) {
-        if (redirect === redirects.error) {
+      const { statusCode } = res;
+
+      if (follow && /3\d{2}/.test(statusCode) && res.headers[HTTP2_HEADER_LOCATION]) {
+        if (!redirectStatusCodes.includes(statusCode)) {
+          return res.emit('error', new RangeError(`Invalid status code: ${ statusCode }`));
+        }
+
+        if (redirect === redirectModes.error) {
           return res.emit('error', new RequestError(`Unexpected redirect, redirect mode is set to '${ redirect }'.`));
         }
 
-        if (redirect === redirects.follow) {
-          options.url = new URL(res.headers[HTTP2_HEADER_LOCATION], url).href;
+        if (redirect === redirectModes.follow) {
+          const location = new URL(res.headers[HTTP2_HEADER_LOCATION], url);
 
-          if (res.statusCode !== HTTP_STATUS_SEE_OTHER
-            && body === Object(body) && body.pipe?.constructor === Function) {
+          if (!/^https?:/.test(location.protocol)) {
+            return res.emit('error', new RequestError('URL scheme must be "http" or "https".'));
+          }
+
+          if (!sameOrigin(location, url)) {
+            Reflect.deleteProperty(options.headers, HTTP2_HEADER_AUTHORIZATION);
+            location.password = location.username = '';
+          }
+
+          options.url = location;
+
+          if (statusCode !== HTTP_STATUS_SEE_OTHER && options?.body?.pipe?.constructor === Function) {
             return res.emit('error', new RequestError(`Unable to ${ redirect } redirect with streamable body.`));
           }
 
           options.follow--;
 
-          if (res.statusCode === HTTP_STATUS_SEE_OTHER) {
-            Reflect.deleteProperty(options.headers, HTTP2_HEADER_CONTENT_LENGTH);
-            options.method = HTTP2_METHOD_GET;
+          if (([
+            HTTP_STATUS_MOVED_PERMANENTLY,
+            HTTP_STATUS_FOUND,
+          ].includes(statusCode) && request.method === HTTP2_METHOD_POST) || (statusCode === HTTP_STATUS_SEE_OTHER && ![
+            HTTP2_METHOD_GET,
+            HTTP2_METHOD_HEAD,
+          ].includes(options.method))) {
+            Object.keys(options.headers).filter((it) => /^content-/i.test(it))
+                  .forEach((it) => Reflect.deleteProperty(options.headers, it));
             options.body = null;
+            options.method = HTTP2_METHOD_GET;
           }
 
           Reflect.set(options, 'redirected', true);
 
-          if (res.statusCode === HTTP_STATUS_MOVED_PERMANENTLY && res.headers[HTTP2_HEADER_RETRY_AFTER]) {
+          if (statusCode === HTTP_STATUS_MOVED_PERMANENTLY && res.headers[HTTP2_HEADER_RETRY_AFTER]) {
             let interval = res.headers[HTTP2_HEADER_RETRY_AFTER];
 
             interval = Number(interval) * 1000 || new Date(interval) - Date.now();
@@ -188,14 +217,14 @@ export default async function rekwest(url, options = {}) {
         }
       }
 
-      if (res.statusCode >= HTTP_STATUS_BAD_REQUEST) {
+      if (statusCode >= HTTP_STATUS_BAD_REQUEST) {
         return reject(mixin(res, options));
       }
 
       resolve(mixin(res, options));
     });
 
-    dispatch(req, { ...options, body });
+    dispatch(options, req);
   });
 
   try {
@@ -242,16 +271,15 @@ export default async function rekwest(url, options = {}) {
 
 Reflect.defineProperty(rekwest, 'stream', {
   enumerable: true,
-  value(url, options = {}) {
-    ({ url } = revise({ options, url }));
-    options = preflight({
+  value(...args) {
+    const options = preflight({
       ...merge(rekwest.defaults, {
         headers: { [HTTP2_HEADER_CONTENT_TYPE]: APPLICATION_OCTET_STREAM },
-      }, options),
-      redirect: redirects.manual,
+      }, sanitize(...args)),
+      redirect: redirectModes.manual,
     });
 
-    const { h2 } = options;
+    const { h2, url } = options;
     const { request } = (url.protocol === 'http:' ? http : https);
     let client, req;
 

package/src/utils.mjs

@@ -1,14 +1,13 @@
 import { Blob } from 'node:buffer';
 import http2 from 'node:http2';
 import {
-  PassThrough,
+  pipeline,
   Readable,
 } from 'node:stream';
-import {
-  promisify,
-  types,
-} from 'node:util';
+import { buffer } from 'node:stream/consumers';
+import { types } from 'node:util';
 import zlib from 'node:zlib';
+import { redirectModes } from './constants.mjs';
 import { Cookies } from './cookies.mjs';
 import { TimeoutError } from './errors.mjs';
 import { File } from './file.mjs';
@@ -37,12 +36,7 @@ const {
   HTTP2_METHOD_HEAD,
 } = http2.constants;
 
-const brotliCompress = promisify(zlib.brotliCompress);
-const brotliDecompress = promisify(zlib.brotliDecompress);
-const gzip = promisify(zlib.gzip);
-const gunzip = promisify(zlib.gunzip);
-const deflate = promisify(zlib.deflate);
-const inflate = promisify(zlib.inflate);
+const unwind = (encodings) => encodings.split(',').map((it) => it.trim());
 
 export const admix = (res, headers, options) => {
   const { h2 } = options;
@@ -86,48 +80,59 @@ export const affix = (client, req, options) => {
   });
 };
 
-export const collate = (entity, primordial) => {
-  if (entity?.constructor !== primordial) {
+export const brandCheck = (value, ctor) => {
+  if (!(value instanceof ctor)) {
     throw new TypeError('Illegal invocation');
   }
 };
 
-export const compress = (buf, encoding, { async = false } = {}) => {
-  encoding &&= encoding.match(/(?<encoding>\bbr\b|\bdeflate\b|\bgzip\b)/i)?.groups.encoding.toLowerCase();
-  const compressor = {
-    br: async ? brotliCompress : zlib.brotliCompressSync,
-    deflate: async ? deflate : zlib.deflateSync,
-    gzip: async ? gzip : zlib.gzipSync,
-  }[encoding];
-
-  return compressor?.(buf) ?? (async ? Promise.resolve(buf) : buf);
-};
-
-export const decompress = (buf, encoding, { async = false } = {}) => {
-  encoding &&= encoding.match(/(?<encoding>\bbr\b|\bdeflate\b|\bgzip\b)/i)?.groups.encoding.toLowerCase();
-  const decompressor = {
-    br: async ? brotliDecompress : zlib.brotliDecompressSync,
-    deflate: async ? inflate : zlib.inflateSync,
-    gzip: async ? gunzip : zlib.gunzipSync,
-  }[encoding];
+export const compress = (readable, encodings = '') => {
+  const encoders = [];
+
+  encodings = unwind(encodings);
+
+  for (const encoding of encodings) {
+    if (/\bbr\b/i.test(encoding)) {
+      encoders.push(zlib.createBrotliCompress());
+    } else if (/\bdeflate(?!-(?:\w+)?)\b/i.test(encoding)) {
+      encoders.push(zlib.createDeflate());
+    } else if (/\bdeflate-raw\b/i.test(encoding)) {
+      encoders.push(zlib.createDeflateRaw());
+    } else if (/\bgzip\b/i.test(encoding)) {
+      encoders.push(zlib.createGzip());
+    } else {
+      return readable;
+    }
+  }
 
-  return decompressor?.(buf) ?? (async ? Promise.resolve(buf) : buf);
+  return pipeline(readable, ...encoders, () => void 0);
 };
 
-export const dispatch = (req, { body, headers }) => {
-  if (body === Object(body) && !Buffer.isBuffer(body)) {
-    if (body.pipe?.constructor !== Function
-      && (Reflect.has(body, Symbol.asyncIterator) || Reflect.has(body, Symbol.iterator))) {
-      body = Readable.from(body);
+export const decompress = (readable, encodings = '') => {
+  const decoders = [];
+
+  encodings = unwind(encodings);
+
+  for (const encoding of encodings) {
+    if (/\bbr\b/i.test(encoding)) {
+      decoders.push(zlib.createBrotliDecompress());
+    } else if (/\bdeflate(?!-(?:\w+)?)\b/i.test(encoding)) {
+      decoders.push(zlib.createInflate());
+    } else if (/\bdeflate-raw\b/i.test(encoding)) {
+      decoders.push(zlib.createInflateRaw());
+    } else if (/\bgzip\b/i.test(encoding)) {
+      decoders.push(zlib.createGunzip());
+    } else {
+      return readable;
     }
+  }
 
-    const compressor = {
-      br: zlib.createBrotliCompress,
-      deflate: zlib.createDeflate,
-      gzip: zlib.createGzip,
-    }[headers[HTTP2_HEADER_CONTENT_ENCODING]] ?? PassThrough;
+  return pipeline(readable, ...decoders, () => void 0);
+};
 
-    body.pipe(compressor()).pipe(req);
+export const dispatch = ({ body }, req) => {
+  if (body?.pipe?.constructor === Function) {
+    body.pipe(req);
   } else {
     req.end(body);
   }
@@ -170,7 +175,7 @@ export const mixin = (res, { digest = false, parse = false } = {}) => {
       arrayBuffer: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           parse &&= false;
           const { buffer, byteLength, byteOffset } = await this.body();
 
@@ -180,7 +185,7 @@ export const mixin = (res, { digest = false, parse = false } = {}) => {
       blob: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           const val = await this.arrayBuffer();
 
           return new Blob([val]);
@@ -189,7 +194,7 @@ export const mixin = (res, { digest = false, parse = false } = {}) => {
       json: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           const val = await this.text();
 
           return JSON.parse(val);
@@ -198,7 +203,7 @@ export const mixin = (res, { digest = false, parse = false } = {}) => {
       text: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           const blob = await this.blob();
 
           return blob.text();
@@ -211,25 +216,25 @@ export const mixin = (res, { digest = false, parse = false } = {}) => {
     body: {
       enumerable: true,
       value: async function () {
-        collate(this, res?.constructor);
+        brandCheck(this, res?.constructor);
 
         if (this.bodyUsed) {
           throw new TypeError('Response stream already read');
         }
 
-        let spool = [];
+        let body = [];
 
-        for await (const chunk of this) {
-          spool.push(chunk);
+        for await (const chunk of decompress(this, this.headers[HTTP2_HEADER_CONTENT_ENCODING])) {
+          body.push(chunk);
         }
 
-        spool = Buffer.concat(spool);
+        body = Buffer.concat(body);
 
-        if (spool.length) {
-          spool = await decompress(spool, this.headers[HTTP2_HEADER_CONTENT_ENCODING], { async: true });
+        if (!body.length && parse) {
+          return null;
         }
 
-        if (spool.length && parse) {
+        if (body.length && parse) {
           const contentType = this.headers[HTTP2_HEADER_CONTENT_TYPE] ?? '';
           const charset = contentType.split(';')
                                      .find((it) => /charset=/i.test(it))
@@ -239,17 +244,17 @@ export const mixin = (res, { digest = false, parse = false } = {}) => {
                                      .trim() || 'utf-8';
 
           if (/\bjson\b/i.test(contentType)) {
-            spool = JSON.parse(spool.toString(charset));
-          } else if (/\b(text|xml)\b/i.test(contentType)) {
-            if (/\b(latin1|ucs-2|utf-(8|16le))\b/.test(charset)) {
-              spool = spool.toString(charset);
+            body = JSON.parse(body.toString(charset));
+          } else if (/\b(?:text|xml)\b/i.test(contentType)) {
+            if (/\b(?:latin1|ucs-2|utf-(?:8|16le))\b/.test(charset)) {
+              body = body.toString(charset);
             } else {
-              spool = new TextDecoder(charset).decode(spool);
+              body = new TextDecoder(charset).decode(body);
             }
           }
         }
 
-        return spool;
+        return body;
       },
       writable: true,
     },
@@ -297,7 +302,7 @@ export const preflight = (options) => {
   options.h2 ??= h2;
   options.headers = {
     [HTTP2_HEADER_ACCEPT]: `${ APPLICATION_JSON }, ${ TEXT_PLAIN }, ${ WILDCARD }`,
-    [HTTP2_HEADER_ACCEPT_ENCODING]: 'br, deflate, gzip, identity',
+    [HTTP2_HEADER_ACCEPT_ENCODING]: 'br, deflate, deflate-raw, gzip, identity',
     ...Object.entries(options.headers ?? {})
              .reduce((acc, [key, val]) => (acc[key.toLowerCase()] = val, acc), {}),
     ...h2 && {
@@ -310,9 +315,9 @@ export const preflight = (options) => {
 
   options.method ??= method;
   options.parse ??= true;
-  options.redirect ??= redirects.follow;
+  options.redirect ??= redirectModes.follow;
 
-  if (!Object.values(redirects).includes(options.redirect)) {
+  if (!Reflect.has(redirectModes, options.redirect)) {
     options.createConnection?.().destroy();
     throw new TypeError(`Failed to read the 'redirect' property from 'options': The provided value '${
       options.redirect
@@ -325,13 +330,7 @@ export const preflight = (options) => {
   return options;
 };
 
-export const redirects = {
-  error: 'error',
-  follow: 'follow',
-  manual: 'manual',
-};
-
-export const revise = ({ url, options }) => {
+export const sanitize = (url, options = {}) => {
   if (options.trimTrailingSlashes) {
     url = `${ url }`.replace(/(?<!:)\/+/gi, '/');
   }
@@ -341,6 +340,8 @@ export const revise = ({ url, options }) => {
   return Object.assign(options, { url });
 };
 
+export const sameOrigin = (a, b) => a.protocol === b.protocol && a.hostname === b.hostname && a.port === b.port;
+
 export async function* tap(value) {
   if (Reflect.has(value, Symbol.asyncIterator)) {
     yield* value;
@@ -351,13 +352,11 @@ export async function* tap(value) {
   }
 }
 
-export const transform = (body, options) => {
-  let headers = {};
+export const transform = async (options) => {
+  let { body, headers } = options;
 
-  if (types.isAnyArrayBuffer(body) && !Buffer.isBuffer(body)) {
-    body = Buffer.from(body);
-  } else if (types.isArrayBufferView(body) && !Buffer.isBuffer(body)) {
-    body = Buffer.from(body.buffer, body.byteOffset, body.byteLength);
+  if (!body) {
+    return options;
   }
 
   if (File.alike(body)) {
@@ -365,38 +364,47 @@ export const transform = (body, options) => {
       [HTTP2_HEADER_CONTENT_LENGTH]: body.size,
       [HTTP2_HEADER_CONTENT_TYPE]: body.type || APPLICATION_OCTET_STREAM,
     };
-    body = body.stream?.() ?? Readable.from(tap(body));
+    body = body.stream();
   } else if (FormData.alike(body)) {
     body = FormData.actuate(body);
     headers = { [HTTP2_HEADER_CONTENT_TYPE]: body.contentType };
-  } else if (body === Object(body) && !Reflect.has(body, Symbol.asyncIterator)) {
-    if (body.constructor === URLSearchParams) {
-      headers = { [HTTP2_HEADER_CONTENT_TYPE]: APPLICATION_FORM_URLENCODED };
-      body = body.toString();
-    } else if (!Buffer.isBuffer(body)
-      && !(!Array.isArray(body) && Reflect.has(body, Symbol.iterator))) {
-      headers = { [HTTP2_HEADER_CONTENT_TYPE]: APPLICATION_JSON };
-      body = JSON.stringify(body);
+  } else if (!Buffer.isBuffer(body)) {
+    if (types.isAnyArrayBuffer(body)) {
+      body = Buffer.from(body);
+    } else if (types.isArrayBufferView(body)) {
+      body = Buffer.from(body.buffer, body.byteOffset, body.byteLength);
+    } else if (body === Object(body) && !Reflect.has(body, Symbol.asyncIterator)) {
+      if (body.constructor === URLSearchParams) {
+        headers = { [HTTP2_HEADER_CONTENT_TYPE]: APPLICATION_FORM_URLENCODED };
+        body = body.toString();
+      } else if (!(!Array.isArray(body) && Reflect.has(body, Symbol.iterator))) {
+        headers = { [HTTP2_HEADER_CONTENT_TYPE]: APPLICATION_JSON };
+        body = JSON.stringify(body);
+      }
     }
+  }
 
-    if (Buffer.isBuffer(body) || body !== Object(body)) {
-      if (options.headers[HTTP2_HEADER_CONTENT_ENCODING]) {
-        body = compress(body, options.headers[HTTP2_HEADER_CONTENT_ENCODING]);
-      }
+  const encodings = options.headers[HTTP2_HEADER_CONTENT_ENCODING];
 
-      headers = {
-        ...headers,
-        [HTTP2_HEADER_CONTENT_LENGTH]: Buffer.byteLength(body),
-      };
-    }
+  if (body === Object(body)
+    && (Reflect.has(body, Symbol.asyncIterator) || (!Array.isArray(body) && Reflect.has(body, Symbol.iterator)))) {
+    body = encodings ? compress(Readable.from(body), encodings) : Readable.from(body);
+  } else if (encodings) {
+    body = await buffer(compress(Readable.from(body), encodings));
   }
 
   Object.assign(options.headers, {
     ...headers,
+    ...!body[Symbol.asyncIterator] && {
+      [HTTP2_HEADER_CONTENT_LENGTH]: Buffer.byteLength(body),
+    },
     ...options.headers[HTTP2_HEADER_CONTENT_TYPE] && {
       [HTTP2_HEADER_CONTENT_TYPE]: options.headers[HTTP2_HEADER_CONTENT_TYPE],
     },
   });
 
-  return body;
+  return {
+    ...options,
+    body,
+  };
 };