rekwest 4.0.0 → 4.1.0

package/README.md

@@ -1,187 +1,187 @@
-The robust request library that humanity deserves 🌐
----
-This package provides highly likely functional and **easy-to-use** abstraction atop of
-native [http(s).request](https://nodejs.org/api/https.html#https_https_request_url_options_callback)
-and [http2.request](https://nodejs.org/api/http2.html#http2_clienthttp2session_request_headers_options).
-
-## Abstract
-
-* Fetch-alike
-* Cool-beans 🫐 config options (with defaults)
-* Automatic HTTP/2 support (ALPN negotiation)
-* Automatic or opt-in body parse (with non-UTF-8 charset decoding)
-* Automatic and simplistic `Cookies` treatment (with built-in jar)
-* Automatic decompression (with opt-in body compression)
-* Built-in streamable `File` & `FormData` interfaces
-* Support redirects & retries with fine-grained tune-ups
-* Support all legit request body types (include blobs & streams)
-* Support both CJS and ESM module systems
-* Fully promise-able and pipe-able
-* Zero dependencies
-
-## Prerequisites
-
-* Node.js `>= 16.7.x`
-
-## Installation
-
-```bash
-npm install rekwest --save
-```
-
-### Usage
-
-```javascript
-import rekwest, { constants } from 'rekwest';
-
-const {
-  HTTP2_HEADER_AUTHORIZATION,
-  HTTP2_HEADER_CONTENT_ENCODING,
-  HTTP2_METHOD_POST,
-  HTTP_STATUS_OK,
-} = constants;
-
-const url = 'https://somewhe.re/somewhat/endpoint';
-
-const res = await rekwest(url, {
-  body: { celestial: 'payload' },
-  headers: {
-    [HTTP2_HEADER_AUTHORIZATION]: 'Bearer [token]',
-    [HTTP2_HEADER_CONTENT_ENCODING]: 'br',  // enables: body compression
-    /** [HTTP2_HEADER_CONTENT_TYPE]
-     * is undue for
-     * Array/Blob/File/FormData/Object/URLSearchParams body types
-     * and will be set automatically, with an option to override it here
-     */
-  },
-  method: HTTP2_METHOD_POST,
-});
-
-console.assert(res.statusCode === HTTP_STATUS_OK);
-console.info(res.headers);
-console.log(res.body);
-```
-
----
-
-```javascript
-import rekwest, {
-  constants,
-  Blob,
-  File,
-  FormData,
-} from 'rekwest';
-import { Readable } from 'node:stream';
-
-const {
-  HTTP2_HEADER_AUTHORIZATION,
-  HTTP2_HEADER_CONTENT_ENCODING,
-  HTTP2_METHOD_POST,
-  HTTP_STATUS_OK,
-} = constants;
-
-const blob = new Blob(['bits']);
-const file = new File(['bits'], 'file.dab');
-const readable = Readable.from('bits');
-
-const fd = new FormData({
-  aux: Date.now(),  // either [[key, value]], or kv sequenceable
-});
-
-fd.append('celestial', 'payload');
-fd.append('blob', blob, 'blob.dab');
-fd.append('file', file);
-fd.append('readable', readable, 'readable.dab');
-
-const url = 'https://somewhe.re/somewhat/endpoint';
-
-const res = await rekwest(url, {
-  body: fd,
-  headers: {
-    [HTTP2_HEADER_AUTHORIZATION]: 'Bearer [token]',
-    [HTTP2_HEADER_CONTENT_ENCODING]: 'br',  // enables: body compression
-  },
-  method: HTTP2_METHOD_POST,
-});
-
-console.assert(res.statusCode === HTTP_STATUS_OK);
-console.info(res.headers);
-console.log(res.body);
-```
-
-### API
-
-#### `rekwest(url[, options])`
-
-* `url` **{string | URL}** The URL to send the request to
-* `options` **{Object}**
-  Extends [https.RequestOptions](https://nodejs.org/api/https.html#https_https_request_url_options_callback)
-  along with
-  extra [http2.ClientSessionOptions](https://nodejs.org/api/http2.html#http2_http2_connect_authority_options_listener)
-  & [http2.ClientSessionRequestOptions](https://nodejs.org/api/http2.html#http2_clienthttp2session_request_headers_options)
-  and [tls.ConnectionOptions](https://nodejs.org/api/tls.html#tls_tls_connect_options_callback)
-  for HTTP/2 attunes
-  * `body` **{string | Array | ArrayBuffer | ArrayBufferView | AsyncIterator | Blob | Buffer | DataView | File |
-    FormData | Iterator | Object | Readable | ReadableStream | SharedArrayBuffer | URLSearchParams}** The body to send
-    with the request
-  * `cookies` **{boolean | Array<[k, v]> | Cookies | Object | URLSearchParams}** `Default: true` The cookies to add to
-    the request
-  * `digest` **{boolean}** `Default: true` Controls whether to read the response stream or simply add a mixin
-  * `follow` **{number}** `Default: 20` The number of redirects to follow
-  * `h2` **{boolean}** `Default: false` Forces the use of HTTP/2 protocol
-  * `headers` **{Object}** The headers to add to the request
-  * `maxRetryAfter` **{number}** The upper limit of `retry-after` header. If unset, it will use `timeout` value
-  * `parse` **{boolean}** `Default: true` Controls whether to parse response body or simply return a buffer
-  * `redirect` **{error | follow | manual}** `Default: follow` Controls the redirect flows
-  * `retry` **{Object}** Represents the retry options
-    * `attempts` **{number}** `Default: 0` The number of retry attempts
-    * `backoffStrategy` **{string}** `Default: interval * Math.log(Math.random() * (Math.E * Math.E - Math.E) + Math.E)`
-      The backoff strategy algorithm that increases logarithmically. To fixate set value to `interval * 1`
-    * `interval` **{number}** `Default: 1e3` The initial retry interval
-    * `retryAfter` **{boolean}** `Default: true` Controls `retry-after` header receptiveness
-    * `statusCodes` **{number[]}** `Default: [429, 503]` The list of status codes to retry on
-  * `thenable` **{boolean}** `Default: false` Controls the promise resolutions
-  * `timeout` **{number}** `Default: 3e5` The number of milliseconds a request can take before termination
-  * `trimTrailingSlashes` **{boolean}** `Default: false` Controls whether to trim trailing slashes in the URL before
-    proceed with the request
-* **Returns:** Promise that resolves to
-  extended [http.IncomingMessage](https://nodejs.org/api/http.html#http_class_http_incomingmessage)
-  or [http2.ClientHttp2Stream](https://nodejs.org/api/http2.html#http2_class_clienthttp2stream) which is respectively
-  readable and duplex streams
-  * if `degist: true` & `parse: true`
-    * `body` **{string | Array | Buffer | Object}** The body based on its content type
-  * if `degist: false`
-    * `arrayBuffer` **{AsyncFunction}** Reads the response and returns **ArrayBuffer**
-    * `blob` **{AsyncFunction}** Reads the response and returns **Blob**
-    * `body` **{AsyncFunction}** Reads the response and returns **Buffer** if `parse: false`
-    * `json` **{AsyncFunction}** Reads the response and returns **Object**
-    * `text` **{AsyncFunction}** Reads the response and returns **String**
-  * `bodyUsed` **{boolean}** Indicates whether the response were read or not
-  * `cookies` **{undefined | Cookies}** The cookies sent and received with the response
-  * `headers` **{Object}** The headers received with the response
-  * `httpVersion` **{string}** Indicates protocol version negotiated with the server
-  * `ok` **{boolean}** Indicates if the response was successful (statusCode: **200-299**)
-  * `redirected` **{boolean}** Indicates if the response is the result of a redirect
-  * `statusCode` **{number}** Indicates the status code of the response
-  * `trailers` **{undefined | Object}** The trailer headers received with the response
-
----
-
-#### `rekwest.defaults`
-
-The object to fulfill with default [options](#rekwesturl-options)
-
----
-
-#### `rekwest.stream(url[, options])`
-
-The method with limited functionality to use with streams and/or pipes
-
-* No automata
-* No redirects
-* Pass `h2: true` in options to use HTTP/2 protocol
-  * Use `ackn({ url: URL })` method beforehand to check the available protocols
-
----
-
-For more details, please check tests (coverage: **>97%**) in the repository
+The robust request library that humanity deserves 🌐
+---
+This package provides highly likely functional and **easy-to-use** abstraction atop of
+native [http(s).request](https://nodejs.org/api/https.html#https_https_request_url_options_callback)
+and [http2.request](https://nodejs.org/api/http2.html#http2_clienthttp2session_request_headers_options).
+
+## Abstract
+
+* Fetch-alike
+* Cool-beans 🫐 config options (with defaults)
+* Automatic HTTP/2 support (ALPN negotiation)
+* Automatic or opt-in body parse (with non-UTF-8 charset decoding)
+* Automatic and simplistic `Cookies` treatment (with built-in jar)
+* Automatic decompression (with opt-in body compression)
+* Built-in streamable `File` & `FormData` interfaces
+* Support redirects & retries with fine-grained tune-ups
+* Support all legit request body types (include blobs & streams)
+* Support both CJS and ESM module systems
+* Fully promise-able and pipe-able
+* Zero dependencies
+
+## Prerequisites
+
+* Node.js `>= 16.7.x`
+
+## Installation
+
+```bash
+npm install rekwest --save
+```
+
+### Usage
+
+```javascript
+import rekwest, { constants } from 'rekwest';
+
+const {
+  HTTP2_HEADER_AUTHORIZATION,
+  HTTP2_HEADER_CONTENT_ENCODING,
+  HTTP2_METHOD_POST,
+  HTTP_STATUS_OK,
+} = constants;
+
+const url = 'https://somewhe.re/somewhat/endpoint';
+
+const res = await rekwest(url, {
+  body: { celestial: 'payload' },
+  headers: {
+    [HTTP2_HEADER_AUTHORIZATION]: 'Bearer [token]',
+    [HTTP2_HEADER_CONTENT_ENCODING]: 'br',  // enables: body compression
+    /** [HTTP2_HEADER_CONTENT_TYPE]
+     * is undue for
+     * Array/Blob/File/FormData/Object/URLSearchParams body types
+     * and will be set automatically, with an option to override it here
+     */
+  },
+  method: HTTP2_METHOD_POST,
+});
+
+console.assert(res.statusCode === HTTP_STATUS_OK);
+console.info(res.headers);
+console.log(res.body);
+```
+
+---
+
+```javascript
+import rekwest, {
+  constants,
+  Blob,
+  File,
+  FormData,
+} from 'rekwest';
+import { Readable } from 'node:stream';
+
+const {
+  HTTP2_HEADER_AUTHORIZATION,
+  HTTP2_HEADER_CONTENT_ENCODING,
+  HTTP2_METHOD_POST,
+  HTTP_STATUS_OK,
+} = constants;
+
+const blob = new Blob(['bits']);
+const file = new File(['bits'], 'file.dab');
+const readable = Readable.from('bits');
+
+const fd = new FormData({
+  aux: Date.now(),  // either [[key, value]], or kv sequenceable
+});
+
+fd.append('celestial', 'payload');
+fd.append('blob', blob, 'blob.dab');
+fd.append('file', file);
+fd.append('readable', readable, 'readable.dab');
+
+const url = 'https://somewhe.re/somewhat/endpoint';
+
+const res = await rekwest(url, {
+  body: fd,
+  headers: {
+    [HTTP2_HEADER_AUTHORIZATION]: 'Bearer [token]',
+    [HTTP2_HEADER_CONTENT_ENCODING]: 'br',  // enables: body compression
+  },
+  method: HTTP2_METHOD_POST,
+});
+
+console.assert(res.statusCode === HTTP_STATUS_OK);
+console.info(res.headers);
+console.log(res.body);
+```
+
+### API
+
+#### `rekwest(url[, options])`
+
+* `url` **{string | URL}** The URL to send the request to
+* `options` **{Object}**
+  Extends [https.RequestOptions](https://nodejs.org/api/https.html#https_https_request_url_options_callback)
+  along with
+  extra [http2.ClientSessionOptions](https://nodejs.org/api/http2.html#http2_http2_connect_authority_options_listener)
+  & [http2.ClientSessionRequestOptions](https://nodejs.org/api/http2.html#http2_clienthttp2session_request_headers_options)
+  and [tls.ConnectionOptions](https://nodejs.org/api/tls.html#tls_tls_connect_options_callback)
+  for HTTP/2 attunes
+  * `body` **{string | Array | ArrayBuffer | ArrayBufferView | AsyncIterator | Blob | Buffer | DataView | File |
+    FormData | Iterator | Object | Readable | ReadableStream | SharedArrayBuffer | URLSearchParams}** The body to send
+    with the request
+  * `cookies` **{boolean | Array<[k, v]> | Cookies | Object | URLSearchParams}** `Default: true` The cookies to add to
+    the request
+  * `digest` **{boolean}** `Default: true` Controls whether to read the response stream or simply add a mixin
+  * `follow` **{number}** `Default: 20` The number of redirects to follow
+  * `h2` **{boolean}** `Default: false` Forces the use of HTTP/2 protocol
+  * `headers` **{Object}** The headers to add to the request
+  * `maxRetryAfter` **{number}** The upper limit of `retry-after` header. If unset, it will use `timeout` value
+  * `parse` **{boolean}** `Default: true` Controls whether to parse response body or simply return a buffer
+  * `redirect` **{error | follow | manual}** `Default: follow` Controls the redirect flows
+  * `retry` **{Object}** Represents the retry options
+    * `attempts` **{number}** `Default: 0` The number of retry attempts
+    * `backoffStrategy` **{string}** `Default: interval * Math.log(Math.random() * (Math.E * Math.E - Math.E) + Math.E)`
+      The backoff strategy algorithm that increases logarithmically. To fixate set value to `interval * 1`
+    * `interval` **{number}** `Default: 1e3` The initial retry interval
+    * `retryAfter` **{boolean}** `Default: true` Controls `retry-after` header receptiveness
+    * `statusCodes` **{number[]}** `Default: [429, 503]` The list of status codes to retry on
+  * `thenable` **{boolean}** `Default: false` Controls the promise resolutions
+  * `timeout` **{number}** `Default: 3e5` The number of milliseconds a request can take before termination
+  * `trimTrailingSlashes` **{boolean}** `Default: false` Controls whether to trim trailing slashes in the URL before
+    proceed with the request
+* **Returns:** Promise that resolves to
+  extended [http.IncomingMessage](https://nodejs.org/api/http.html#http_class_http_incomingmessage)
+  or [http2.ClientHttp2Stream](https://nodejs.org/api/http2.html#http2_class_clienthttp2stream) which is respectively
+  readable and duplex streams
+  * if `degist: true` & `parse: true`
+    * `body` **{string | Array | Buffer | Object}** The body based on its content type
+  * if `degist: false`
+    * `arrayBuffer` **{AsyncFunction}** Reads the response and returns **ArrayBuffer**
+    * `blob` **{AsyncFunction}** Reads the response and returns **Blob**
+    * `body` **{AsyncFunction}** Reads the response and returns **Buffer** if `parse: false`
+    * `json` **{AsyncFunction}** Reads the response and returns **Object**
+    * `text` **{AsyncFunction}** Reads the response and returns **String**
+  * `bodyUsed` **{boolean}** Indicates whether the response were read or not
+  * `cookies` **{undefined | Cookies}** The cookies sent and received with the response
+  * `headers` **{Object}** The headers received with the response
+  * `httpVersion` **{string}** Indicates protocol version negotiated with the server
+  * `ok` **{boolean}** Indicates if the response was successful (statusCode: **200-299**)
+  * `redirected` **{boolean}** Indicates if the response is the result of a redirect
+  * `statusCode` **{number}** Indicates the status code of the response
+  * `trailers` **{undefined | Object}** The trailer headers received with the response
+
+---
+
+#### `rekwest.defaults`
+
+The object to fulfill with default [options](#rekwesturl-options)
+
+---
+
+#### `rekwest.stream(url[, options])`
+
+The method with limited functionality to use with streams and/or pipes
+
+* No automata
+* No redirects
+* Pass `h2: true` in options to use HTTP/2 protocol
+  * Use `ackn({ url: URL })` method beforehand to check the available protocols
+
+---
+
+For more details, please check tests (coverage: **>97%**) in the repository

package/dist/constants.js

@@ -0,0 +1,21 @@
+"use strict";
+
+exports.__esModule = true;
+exports.redirectStatusCodes = exports.redirectModes = void 0;
+var _nodeHttp = _interopRequireDefault(require("node:http2"));
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
+const {
+  HTTP_STATUS_FOUND,
+  HTTP_STATUS_MOVED_PERMANENTLY,
+  HTTP_STATUS_PERMANENT_REDIRECT,
+  HTTP_STATUS_SEE_OTHER,
+  HTTP_STATUS_TEMPORARY_REDIRECT
+} = _nodeHttp.default.constants;
+const redirectModes = {
+  error: 'error',
+  follow: 'follow',
+  manual: 'manual'
+};
+exports.redirectModes = redirectModes;
+const redirectStatusCodes = [HTTP_STATUS_MOVED_PERMANENTLY, HTTP_STATUS_FOUND, HTTP_STATUS_SEE_OTHER, HTTP_STATUS_TEMPORARY_REDIRECT, HTTP_STATUS_PERMANENT_REDIRECT];
+exports.redirectStatusCodes = redirectStatusCodes;

package/dist/cookies.js

@@ -15,7 +15,7 @@ class Cookies extends URLSearchParams {
     super(input);
   }
   toString() {
-    (0, _utils.collate)(this, Cookies);
+    (0, _utils.brandCheck)(this, Cookies);
     return super.toString().split('&').join('; ').trim();
   }
 }

package/dist/formdata.js

@@ -31,7 +31,7 @@ class FormData {
           } else {
             yield encoder.encode(`${prefix}; name="${escape(normalize(name))}"${value.name ? `; filename="${escape(value.name)}"` : ''}${CRLF}${HTTP2_HEADER_CONTENT_TYPE}: ${value.type || _mediatypes.APPLICATION_OCTET_STREAM}${CRLF.repeat(2)}`);
             yield* (0, _utils.tap)(value);
-            yield encoder.encode(CRLF);
+            yield new Uint8Array([13, 10]);
           }
         }
         yield encoder.encode(`--${boundary}--`);
@@ -98,18 +98,18 @@ class FormData {
     }
   }
   append(...args) {
-    (0, _utils.collate)(this, FormData);
+    (0, _utils.brandCheck)(this, FormData);
     this.#ensureArgs(args, 2, 'append');
     this.#entries.push(this.constructor.#enfoldEntry(...args));
   }
   delete(...args) {
-    (0, _utils.collate)(this, FormData);
+    (0, _utils.brandCheck)(this, FormData);
     this.#ensureArgs(args, 1, 'delete');
     const name = (0, _nodeUtil.toUSVString)(args[0]);
     this.#entries = this.#entries.filter(it => it.name !== name);
   }
   forEach(...args) {
-    (0, _utils.collate)(this, FormData);
+    (0, _utils.brandCheck)(this, FormData);
     this.#ensureArgs(args, 1, 'forEach');
     const [callback, thisArg] = args;
     for (const entry of this) {
@@ -117,25 +117,25 @@ class FormData {
     }
   }
   get(...args) {
-    (0, _utils.collate)(this, FormData);
+    (0, _utils.brandCheck)(this, FormData);
     this.#ensureArgs(args, 1, 'get');
     const name = (0, _nodeUtil.toUSVString)(args[0]);
     return (this.#entries.find(it => it.name === name) ?? {}).value ?? null;
   }
   getAll(...args) {
-    (0, _utils.collate)(this, FormData);
+    (0, _utils.brandCheck)(this, FormData);
     this.#ensureArgs(args, 1, 'getAll');
     const name = (0, _nodeUtil.toUSVString)(args[0]);
     return this.#entries.filter(it => it.name === name).map(it => it.value);
   }
   has(...args) {
-    (0, _utils.collate)(this, FormData);
+    (0, _utils.brandCheck)(this, FormData);
     this.#ensureArgs(args, 1, 'has');
     const name = (0, _nodeUtil.toUSVString)(args[0]);
     return !!this.#entries.find(it => it.name === name);
   }
   set(...args) {
-    (0, _utils.collate)(this, FormData);
+    (0, _utils.brandCheck)(this, FormData);
     this.#ensureArgs(args, 2, 'set');
     const entry = this.constructor.#enfoldEntry(...args);
     const idx = this.#entries.findIndex(it => it.name === entry.name);
@@ -146,7 +146,7 @@ class FormData {
     }
   }
   *entries() {
-    (0, _utils.collate)(this, FormData);
+    (0, _utils.brandCheck)(this, FormData);
     for (const {
       name,
       value
@@ -155,19 +155,19 @@ class FormData {
     }
   }
   *keys() {
-    (0, _utils.collate)(this, FormData);
+    (0, _utils.brandCheck)(this, FormData);
     for (const [name] of this) {
       yield name;
     }
   }
   *values() {
-    (0, _utils.collate)(this, FormData);
+    (0, _utils.brandCheck)(this, FormData);
     for (const [, value] of this) {
       yield value;
     }
   }
   [Symbol.iterator]() {
-    (0, _utils.collate)(this, FormData);
+    (0, _utils.brandCheck)(this, FormData);
     return this.entries();
   }
 }

package/dist/index.js

@@ -20,6 +20,13 @@ Object.keys(_ackn).forEach(function (key) {
   if (key in exports && exports[key] === _ackn[key]) return;
   exports[key] = _ackn[key];
 });
+var _constants = require("./constants");
+Object.keys(_constants).forEach(function (key) {
+  if (key === "default" || key === "__esModule") return;
+  if (Object.prototype.hasOwnProperty.call(_exportNames, key)) return;
+  if (key in exports && exports[key] === _constants[key]) return;
+  exports[key] = _constants[key];
+});
 var _cookies = require("./cookies");
 Object.keys(_cookies).forEach(function (key) {
   if (key === "default" || key === "__esModule") return;
@@ -61,14 +68,16 @@ function _getRequireWildcardCache(nodeInterop) { if (typeof WeakMap !== "functio
 function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
 function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
 const {
-  HTTP2_HEADER_CONTENT_LENGTH,
+  HTTP2_HEADER_AUTHORIZATION,
   HTTP2_HEADER_CONTENT_TYPE,
   HTTP2_HEADER_LOCATION,
   HTTP2_HEADER_RETRY_AFTER,
   HTTP2_HEADER_SET_COOKIE,
   HTTP2_METHOD_GET,
   HTTP2_METHOD_HEAD,
+  HTTP2_METHOD_POST,
   HTTP_STATUS_BAD_REQUEST,
+  HTTP_STATUS_FOUND,
   HTTP_STATUS_MOVED_PERMANENTLY,
   HTTP_STATUS_SEE_OTHER,
   HTTP_STATUS_SERVICE_UNAVAILABLE,
@@ -160,23 +169,37 @@ async function rekwest(...args) {
         enumerable: true,
         value: cookies !== false && _cookies.Cookies.jar.has(url.origin) ? _cookies.Cookies.jar.get(url.origin) : void 0
       });
-      if (follow && /^3\d{2}$/.test(res.statusCode) && res.headers[HTTP2_HEADER_LOCATION]) {
-        if (redirect === _utils.redirects.error) {
+      const {
+        statusCode
+      } = res;
+      if (follow && /3\d{2}/.test(statusCode) && res.headers[HTTP2_HEADER_LOCATION]) {
+        if (!_constants.redirectStatusCodes.includes(statusCode)) {
+          return res.emit('error', new RangeError(`Invalid status code: ${statusCode}`));
+        }
+        if (redirect === _constants.redirectModes.error) {
           return res.emit('error', new _errors.RequestError(`Unexpected redirect, redirect mode is set to '${redirect}'.`));
         }
-        if (redirect === _utils.redirects.follow) {
-          options.url = new URL(res.headers[HTTP2_HEADER_LOCATION], url).href;
-          if (res.statusCode !== HTTP_STATUS_SEE_OTHER && options?.body?.pipe?.constructor === Function) {
+        if (redirect === _constants.redirectModes.follow) {
+          const location = new URL(res.headers[HTTP2_HEADER_LOCATION], url);
+          if (!/^https?:/.test(location.protocol)) {
+            return res.emit('error', new _errors.RequestError('URL scheme must be "http" or "https".'));
+          }
+          if (!(0, _utils.sameOrigin)(location, url)) {
+            Reflect.deleteProperty(options.headers, HTTP2_HEADER_AUTHORIZATION);
+            location.password = location.username = '';
+          }
+          options.url = location;
+          if (statusCode !== HTTP_STATUS_SEE_OTHER && options?.body?.pipe?.constructor === Function) {
             return res.emit('error', new _errors.RequestError(`Unable to ${redirect} redirect with streamable body.`));
           }
           options.follow--;
-          if (res.statusCode === HTTP_STATUS_SEE_OTHER) {
-            Reflect.deleteProperty(options.headers, HTTP2_HEADER_CONTENT_LENGTH);
-            options.method = HTTP2_METHOD_GET;
+          if ([HTTP_STATUS_MOVED_PERMANENTLY, HTTP_STATUS_FOUND].includes(statusCode) && request.method === HTTP2_METHOD_POST || statusCode === HTTP_STATUS_SEE_OTHER && ![HTTP2_METHOD_GET, HTTP2_METHOD_HEAD].includes(options.method)) {
+            Object.keys(options.headers).filter(it => /^content-/i.test(it)).forEach(it => Reflect.deleteProperty(options.headers, it));
             options.body = null;
+            options.method = HTTP2_METHOD_GET;
           }
           Reflect.set(options, 'redirected', true);
-          if (res.statusCode === HTTP_STATUS_MOVED_PERMANENTLY && res.headers[HTTP2_HEADER_RETRY_AFTER]) {
+          if (statusCode === HTTP_STATUS_MOVED_PERMANENTLY && res.headers[HTTP2_HEADER_RETRY_AFTER]) {
             let interval = res.headers[HTTP2_HEADER_RETRY_AFTER];
             interval = Number(interval) * 1000 || new Date(interval) - Date.now();
             if (interval > options.maxRetryAfter) {
@@ -189,7 +212,7 @@ async function rekwest(...args) {
           return rekwest(options.url, options).then(resolve, reject);
         }
       }
-      if (res.statusCode >= HTTP_STATUS_BAD_REQUEST) {
+      if (statusCode >= HTTP_STATUS_BAD_REQUEST) {
         return reject((0, _utils.mixin)(res, options));
       }
       resolve((0, _utils.mixin)(res, options));
@@ -245,7 +268,7 @@ Reflect.defineProperty(rekwest, 'stream', {
           [HTTP2_HEADER_CONTENT_TYPE]: _mediatypes.APPLICATION_OCTET_STREAM
         }
       }, (0, _utils.sanitize)(...args)),
-      redirect: _utils.redirects.manual
+      redirect: _constants.redirectModes.manual
     });
     const {
       h2,

package/dist/utils.js

@@ -1,7 +1,7 @@
 "use strict";
 
 exports.__esModule = true;
-exports.sanitize = exports.redirects = exports.preflight = exports.mixin = exports.merge = exports.dispatch = exports.decompress = exports.compress = exports.collate = exports.affix = exports.admix = void 0;
+exports.sanitize = exports.sameOrigin = exports.preflight = exports.mixin = exports.merge = exports.dispatch = exports.decompress = exports.compress = exports.brandCheck = exports.affix = exports.admix = void 0;
 exports.tap = tap;
 exports.transform = void 0;
 var _nodeBuffer = require("node:buffer");
@@ -10,6 +10,7 @@ var _nodeStream = require("node:stream");
 var _consumers = require("node:stream/consumers");
 var _nodeUtil = require("node:util");
 var _nodeZlib = _interopRequireDefault(require("node:zlib"));
+var _constants = require("./constants");
 var _cookies = require("./cookies");
 var _errors = require("./errors");
 var _file = require("./file");
@@ -71,12 +72,12 @@ const affix = (client, req, options) => {
   });
 };
 exports.affix = affix;
-const collate = (entity, primordial) => {
-  if (entity?.constructor !== primordial) {
+const brandCheck = (value, ctor) => {
+  if (!(value instanceof ctor)) {
     throw new TypeError('Illegal invocation');
   }
 };
-exports.collate = collate;
+exports.brandCheck = brandCheck;
 const compress = (readable, encodings = '') => {
   const encoders = [];
   encodings = unwind(encodings);
@@ -156,7 +157,7 @@ const mixin = (res, {
       arrayBuffer: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           parse &&= false;
           const {
             buffer,
@@ -169,7 +170,7 @@ const mixin = (res, {
       blob: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           const val = await this.arrayBuffer();
           return new _nodeBuffer.Blob([val]);
         }
@@ -177,7 +178,7 @@ const mixin = (res, {
       json: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           const val = await this.text();
           return JSON.parse(val);
         }
@@ -185,7 +186,7 @@ const mixin = (res, {
       text: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           const blob = await this.blob();
           return blob.text();
         }
@@ -196,7 +197,7 @@ const mixin = (res, {
     body: {
       enumerable: true,
       value: async function () {
-        collate(this, res?.constructor);
+        brandCheck(this, res?.constructor);
         if (this.bodyUsed) {
           throw new TypeError('Response stream already read');
         }
@@ -281,8 +282,8 @@ const preflight = options => {
   };
   options.method ??= method;
   options.parse ??= true;
-  options.redirect ??= redirects.follow;
-  if (!Object.values(redirects).includes(options.redirect)) {
+  options.redirect ??= _constants.redirectModes.follow;
+  if (!Reflect.has(_constants.redirectModes, options.redirect)) {
     options.createConnection?.().destroy();
     throw new TypeError(`Failed to read the 'redirect' property from 'options': The provided value '${options.redirect}' is not a valid enum value.`);
   }
@@ -291,12 +292,6 @@ const preflight = options => {
   return options;
 };
 exports.preflight = preflight;
-const redirects = {
-  error: 'error',
-  follow: 'follow',
-  manual: 'manual'
-};
-exports.redirects = redirects;
 const sanitize = (url, options = {}) => {
   if (options.trimTrailingSlashes) {
     url = `${url}`.replace(/(?<!:)\/+/gi, '/');
@@ -307,6 +302,8 @@ const sanitize = (url, options = {}) => {
   });
 };
 exports.sanitize = sanitize;
+const sameOrigin = (a, b) => a.protocol === b.protocol && a.hostname === b.hostname && a.port === b.port;
+exports.sameOrigin = sameOrigin;
 async function* tap(value) {
   if (Reflect.has(value, Symbol.asyncIterator)) {
     yield* value;
@@ -355,17 +352,16 @@ const transform = async options => {
     }
   }
   const encodings = options.headers[HTTP2_HEADER_CONTENT_ENCODING];
-  if (encodings) {
-    if (Reflect.has(body, Symbol.asyncIterator)) {
-      body = compress(_nodeStream.Readable.from(body), encodings);
-    } else {
-      body = await (0, _consumers.buffer)(compress(_nodeStream.Readable.from(body), encodings));
-    }
-  } else if (body === Object(body) && (Reflect.has(body, Symbol.asyncIterator) || !Array.isArray(body) && Reflect.has(body, Symbol.iterator))) {
-    body = _nodeStream.Readable.from(body);
+  if (body === Object(body) && (Reflect.has(body, Symbol.asyncIterator) || !Array.isArray(body) && Reflect.has(body, Symbol.iterator))) {
+    body = encodings ? compress(_nodeStream.Readable.from(body), encodings) : _nodeStream.Readable.from(body);
+  } else if (encodings) {
+    body = await (0, _consumers.buffer)(compress(_nodeStream.Readable.from(body), encodings));
   }
   Object.assign(options.headers, {
     ...headers,
+    ...(!body[Symbol.asyncIterator] && {
+      [HTTP2_HEADER_CONTENT_LENGTH]: Buffer.byteLength(body)
+    }),
     ...(options.headers[HTTP2_HEADER_CONTENT_TYPE] && {
       [HTTP2_HEADER_CONTENT_TYPE]: options.headers[HTTP2_HEADER_CONTENT_TYPE]
     })

package/package.json

@@ -9,11 +9,11 @@
   },
   "devDependencies": {
     "@babel/cli": "^7.19.3",
-    "@babel/core": "^7.20.2",
+    "@babel/core": "^7.20.5",
     "@babel/eslint-parser": "^7.19.1",
     "@babel/preset-env": "^7.20.2",
     "c8": "^7.12.0",
-    "eslint": "^8.27.0",
+    "eslint": "^8.28.0",
     "eslint-config-ultra-refined": "^2.10.0",
     "mocha": "^10.1.0"
   },
@@ -67,5 +67,5 @@
     "test:bail": "mocha --bail",
     "test:cover": "c8 --include=src --reporter=lcov --reporter=text npm test"
   },
-  "version": "4.0.0"
+  "version": "4.1.0"
 }

package/src/constants.mjs

@@ -0,0 +1,23 @@
+import http2 from 'node:http2';
+
+const {
+  HTTP_STATUS_FOUND,
+  HTTP_STATUS_MOVED_PERMANENTLY,
+  HTTP_STATUS_PERMANENT_REDIRECT,
+  HTTP_STATUS_SEE_OTHER,
+  HTTP_STATUS_TEMPORARY_REDIRECT,
+} = http2.constants;
+
+export const redirectModes = {
+  error: 'error',
+  follow: 'follow',
+  manual: 'manual',
+};
+
+export const redirectStatusCodes = [
+  HTTP_STATUS_MOVED_PERMANENTLY,
+  HTTP_STATUS_FOUND,
+  HTTP_STATUS_SEE_OTHER,
+  HTTP_STATUS_TEMPORARY_REDIRECT,
+  HTTP_STATUS_PERMANENT_REDIRECT,
+];

package/src/cookies.mjs

@@ -1,4 +1,4 @@
-import { collate } from './utils.mjs';
+import { brandCheck } from './utils.mjs';
 
 export class Cookies extends URLSearchParams {
 
@@ -20,7 +20,7 @@ export class Cookies extends URLSearchParams {
   }
 
   toString() {
-    collate(this, Cookies);
+    brandCheck(this, Cookies);
 
     return super.toString().split('&').join('; ').trim();
   }

package/src/formdata.mjs

@@ -7,7 +7,7 @@ import {
   MULTIPART_FORM_DATA,
 } from './mediatypes.mjs';
 import {
-  collate,
+  brandCheck,
   tap,
 } from './utils.mjs';
 
@@ -46,7 +46,10 @@ export class FormData {
               value.type || APPLICATION_OCTET_STREAM
             }${ CRLF.repeat(2) }`);
             yield* tap(value);
-            yield encoder.encode(CRLF);
+            yield new Uint8Array([
+              13,
+              10,
+            ]);
           }
         }
 
@@ -144,13 +147,13 @@ export class FormData {
   }
 
   append(...args) {
-    collate(this, FormData);
+    brandCheck(this, FormData);
     this.#ensureArgs(args, 2, 'append');
     this.#entries.push(this.constructor.#enfoldEntry(...args));
   }
 
   delete(...args) {
-    collate(this, FormData);
+    brandCheck(this, FormData);
     this.#ensureArgs(args, 1, 'delete');
     const name = toUSVString(args[0]);
 
@@ -158,7 +161,7 @@ export class FormData {
   }
 
   forEach(...args) {
-    collate(this, FormData);
+    brandCheck(this, FormData);
     this.#ensureArgs(args, 1, 'forEach');
     const [callback, thisArg] = args;
 
@@ -171,7 +174,7 @@ export class FormData {
   }
 
   get(...args) {
-    collate(this, FormData);
+    brandCheck(this, FormData);
     this.#ensureArgs(args, 1, 'get');
     const name = toUSVString(args[0]);
 
@@ -179,7 +182,7 @@ export class FormData {
   }
 
   getAll(...args) {
-    collate(this, FormData);
+    brandCheck(this, FormData);
     this.#ensureArgs(args, 1, 'getAll');
     const name = toUSVString(args[0]);
 
@@ -187,7 +190,7 @@ export class FormData {
   }
 
   has(...args) {
-    collate(this, FormData);
+    brandCheck(this, FormData);
     this.#ensureArgs(args, 1, 'has');
     const name = toUSVString(args[0]);
 
@@ -195,7 +198,7 @@ export class FormData {
   }
 
   set(...args) {
-    collate(this, FormData);
+    brandCheck(this, FormData);
     this.#ensureArgs(args, 2, 'set');
     const entry = this.constructor.#enfoldEntry(...args);
     const idx = this.#entries.findIndex((it) => it.name === entry.name);
@@ -208,7 +211,7 @@ export class FormData {
   }
 
   * entries() {
-    collate(this, FormData);
+    brandCheck(this, FormData);
     for (const { name, value } of this.#entries) {
       yield [
         name,
@@ -218,21 +221,21 @@ export class FormData {
   }
 
   * keys() {
-    collate(this, FormData);
+    brandCheck(this, FormData);
     for (const [name] of this) {
       yield name;
     }
   }
 
   * values() {
-    collate(this, FormData);
+    brandCheck(this, FormData);
     for (const [, value] of this) {
       yield value;
     }
   }
 
   [Symbol.iterator]() {
-    collate(this, FormData);
+    brandCheck(this, FormData);
 
     return this.entries();
   }

package/src/index.mjs

@@ -3,6 +3,10 @@ import http2 from 'node:http2';
 import https from 'node:https';
 import { setTimeout as setTimeoutPromise } from 'node:timers/promises';
 import { ackn } from './ackn.mjs';
+import {
+  redirectModes,
+  redirectStatusCodes,
+} from './constants.mjs';
 import { Cookies } from './cookies.mjs';
 import { RequestError } from './errors.mjs';
 import { APPLICATION_OCTET_STREAM } from './mediatypes.mjs';
@@ -13,7 +17,7 @@ import {
   merge,
   mixin,
   preflight,
-  redirects,
+  sameOrigin,
   sanitize,
   transform,
 } from './utils.mjs';
@@ -21,6 +25,7 @@ import {
 export { constants } from 'node:http2';
 
 export * from './ackn.mjs';
+export * from './constants.mjs';
 export * from './cookies.mjs';
 export * from './errors.mjs';
 export * from './file.mjs';
@@ -29,14 +34,16 @@ export * as mediatypes from './mediatypes.mjs';
 export * from './utils.mjs';
 
 const {
-  HTTP2_HEADER_CONTENT_LENGTH,
+  HTTP2_HEADER_AUTHORIZATION,
   HTTP2_HEADER_CONTENT_TYPE,
   HTTP2_HEADER_LOCATION,
   HTTP2_HEADER_RETRY_AFTER,
   HTTP2_HEADER_SET_COOKIE,
   HTTP2_METHOD_GET,
   HTTP2_METHOD_HEAD,
+  HTTP2_METHOD_POST,
   HTTP_STATUS_BAD_REQUEST,
+  HTTP_STATUS_FOUND,
   HTTP_STATUS_MOVED_PERMANENTLY,
   HTTP_STATUS_SEE_OTHER,
   HTTP_STATUS_SERVICE_UNAVAILABLE,
@@ -148,29 +155,53 @@ export default async function rekwest(...args) {
                : void 0,
       });
 
-      if (follow && /^3\d{2}$/.test(res.statusCode) && res.headers[HTTP2_HEADER_LOCATION]) {
-        if (redirect === redirects.error) {
+      const { statusCode } = res;
+
+      if (follow && /3\d{2}/.test(statusCode) && res.headers[HTTP2_HEADER_LOCATION]) {
+        if (!redirectStatusCodes.includes(statusCode)) {
+          return res.emit('error', new RangeError(`Invalid status code: ${ statusCode }`));
+        }
+
+        if (redirect === redirectModes.error) {
           return res.emit('error', new RequestError(`Unexpected redirect, redirect mode is set to '${ redirect }'.`));
         }
 
-        if (redirect === redirects.follow) {
-          options.url = new URL(res.headers[HTTP2_HEADER_LOCATION], url).href;
+        if (redirect === redirectModes.follow) {
+          const location = new URL(res.headers[HTTP2_HEADER_LOCATION], url);
+
+          if (!/^https?:/.test(location.protocol)) {
+            return res.emit('error', new RequestError('URL scheme must be "http" or "https".'));
+          }
 
-          if (res.statusCode !== HTTP_STATUS_SEE_OTHER && options?.body?.pipe?.constructor === Function) {
+          if (!sameOrigin(location, url)) {
+            Reflect.deleteProperty(options.headers, HTTP2_HEADER_AUTHORIZATION);
+            location.password = location.username = '';
+          }
+
+          options.url = location;
+
+          if (statusCode !== HTTP_STATUS_SEE_OTHER && options?.body?.pipe?.constructor === Function) {
             return res.emit('error', new RequestError(`Unable to ${ redirect } redirect with streamable body.`));
           }
 
           options.follow--;
 
-          if (res.statusCode === HTTP_STATUS_SEE_OTHER) {
-            Reflect.deleteProperty(options.headers, HTTP2_HEADER_CONTENT_LENGTH);
-            options.method = HTTP2_METHOD_GET;
+          if (([
+            HTTP_STATUS_MOVED_PERMANENTLY,
+            HTTP_STATUS_FOUND,
+          ].includes(statusCode) && request.method === HTTP2_METHOD_POST) || (statusCode === HTTP_STATUS_SEE_OTHER && ![
+            HTTP2_METHOD_GET,
+            HTTP2_METHOD_HEAD,
+          ].includes(options.method))) {
+            Object.keys(options.headers).filter((it) => /^content-/i.test(it))
+                  .forEach((it) => Reflect.deleteProperty(options.headers, it));
             options.body = null;
+            options.method = HTTP2_METHOD_GET;
           }
 
           Reflect.set(options, 'redirected', true);
 
-          if (res.statusCode === HTTP_STATUS_MOVED_PERMANENTLY && res.headers[HTTP2_HEADER_RETRY_AFTER]) {
+          if (statusCode === HTTP_STATUS_MOVED_PERMANENTLY && res.headers[HTTP2_HEADER_RETRY_AFTER]) {
             let interval = res.headers[HTTP2_HEADER_RETRY_AFTER];
 
             interval = Number(interval) * 1000 || new Date(interval) - Date.now();
@@ -186,7 +217,7 @@ export default async function rekwest(...args) {
         }
       }
 
-      if (res.statusCode >= HTTP_STATUS_BAD_REQUEST) {
+      if (statusCode >= HTTP_STATUS_BAD_REQUEST) {
         return reject(mixin(res, options));
       }
 
@@ -245,7 +276,7 @@ Reflect.defineProperty(rekwest, 'stream', {
       ...merge(rekwest.defaults, {
         headers: { [HTTP2_HEADER_CONTENT_TYPE]: APPLICATION_OCTET_STREAM },
       }, sanitize(...args)),
-      redirect: redirects.manual,
+      redirect: redirectModes.manual,
     });
 
     const { h2, url } = options;

package/src/utils.mjs

@@ -7,6 +7,7 @@ import {
 import { buffer } from 'node:stream/consumers';
 import { types } from 'node:util';
 import zlib from 'node:zlib';
+import { redirectModes } from './constants.mjs';
 import { Cookies } from './cookies.mjs';
 import { TimeoutError } from './errors.mjs';
 import { File } from './file.mjs';
@@ -79,8 +80,8 @@ export const affix = (client, req, options) => {
   });
 };
 
-export const collate = (entity, primordial) => {
-  if (entity?.constructor !== primordial) {
+export const brandCheck = (value, ctor) => {
+  if (!(value instanceof ctor)) {
     throw new TypeError('Illegal invocation');
   }
 };
@@ -174,7 +175,7 @@ export const mixin = (res, { digest = false, parse = false } = {}) => {
       arrayBuffer: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           parse &&= false;
           const { buffer, byteLength, byteOffset } = await this.body();
 
@@ -184,7 +185,7 @@ export const mixin = (res, { digest = false, parse = false } = {}) => {
       blob: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           const val = await this.arrayBuffer();
 
           return new Blob([val]);
@@ -193,7 +194,7 @@ export const mixin = (res, { digest = false, parse = false } = {}) => {
       json: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           const val = await this.text();
 
           return JSON.parse(val);
@@ -202,7 +203,7 @@ export const mixin = (res, { digest = false, parse = false } = {}) => {
       text: {
         enumerable: true,
         value: async function () {
-          collate(this, res?.constructor);
+          brandCheck(this, res?.constructor);
           const blob = await this.blob();
 
           return blob.text();
@@ -215,7 +216,7 @@ export const mixin = (res, { digest = false, parse = false } = {}) => {
     body: {
       enumerable: true,
       value: async function () {
-        collate(this, res?.constructor);
+        brandCheck(this, res?.constructor);
 
         if (this.bodyUsed) {
           throw new TypeError('Response stream already read');
@@ -314,9 +315,9 @@ export const preflight = (options) => {
 
   options.method ??= method;
   options.parse ??= true;
-  options.redirect ??= redirects.follow;
+  options.redirect ??= redirectModes.follow;
 
-  if (!Object.values(redirects).includes(options.redirect)) {
+  if (!Reflect.has(redirectModes, options.redirect)) {
     options.createConnection?.().destroy();
     throw new TypeError(`Failed to read the 'redirect' property from 'options': The provided value '${
       options.redirect
@@ -329,12 +330,6 @@ export const preflight = (options) => {
   return options;
 };
 
-export const redirects = {
-  error: 'error',
-  follow: 'follow',
-  manual: 'manual',
-};
-
 export const sanitize = (url, options = {}) => {
   if (options.trimTrailingSlashes) {
     url = `${ url }`.replace(/(?<!:)\/+/gi, '/');
@@ -345,6 +340,8 @@ export const sanitize = (url, options = {}) => {
   return Object.assign(options, { url });
 };
 
+export const sameOrigin = (a, b) => a.protocol === b.protocol && a.hostname === b.hostname && a.port === b.port;
+
 export async function* tap(value) {
   if (Reflect.has(value, Symbol.asyncIterator)) {
     yield* value;
@@ -389,19 +386,18 @@ export const transform = async (options) => {
 
   const encodings = options.headers[HTTP2_HEADER_CONTENT_ENCODING];
 
-  if (encodings) {
-    if (Reflect.has(body, Symbol.asyncIterator)) {
-      body = compress(Readable.from(body), encodings);
-    } else {
-      body = await buffer(compress(Readable.from(body), encodings));
-    }
-  } else if (body === Object(body)
+  if (body === Object(body)
     && (Reflect.has(body, Symbol.asyncIterator) || (!Array.isArray(body) && Reflect.has(body, Symbol.iterator)))) {
-    body = Readable.from(body);
+    body = encodings ? compress(Readable.from(body), encodings) : Readable.from(body);
+  } else if (encodings) {
+    body = await buffer(compress(Readable.from(body), encodings));
   }
 
   Object.assign(options.headers, {
     ...headers,
+    ...!body[Symbol.asyncIterator] && {
+      [HTTP2_HEADER_CONTENT_LENGTH]: Buffer.byteLength(body),
+    },
     ...options.headers[HTTP2_HEADER_CONTENT_TYPE] && {
       [HTTP2_HEADER_CONTENT_TYPE]: options.headers[HTTP2_HEADER_CONTENT_TYPE],
     },