0
0
mirror of https://github.com/nodejs/node.git synced 2024-12-01 16:10:02 +01:00
Commit Graph

53 Commits

Author SHA1 Message Date
James M Snell
0f62ee6963 url: allow use of URL with http.request and https.request
PR-URL: https://github.com/nodejs/node/pull/10638
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Michal Zasso <targos@protonmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
2017-01-09 09:28:11 -08:00
Pedro Lima
1f45d7aa41 https: name anonymous functions in https
Naming anonymous function in the https module

PR-URL: https://github.com/nodejs/node/pull/9217
Ref: https://github.com/nodejs/node/issues/8913
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
2016-11-25 13:55:17 -05:00
James M Snell
f429fe1b88 crypto: fail early when loading crypto without openssl
Fail early in require('crypto'), require('tls'),
require('https'), etc when crypto is not available
(rather than depending on an internal try/catch).

Add documentation for detecting when crypto is not available.

PR-URL: https://github.com/nodejs/node/pull/5611
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2016-03-23 10:34:40 -07:00
Jackson Tian
d2b93e55cc lib: reduce usage of self = this
Remove unnecessary `self = this`.

PR-URL: https://github.com/nodejs/node/pull/5231
Reviewed-By: James M Snell <jasnell@gmail.com>
2016-03-21 15:48:51 -07:00
Fedor Indutny
165b33fce2 https: evict cached sessions on error
Instead of using the same session over and over, evict it when the
socket emits error. This could be used as a mitigation of #3692, until
OpenSSL fix will be merged/released.

See: https://github.com/nodejs/node/issues/3692
PR-URL: https://github.com/nodejs/node/pull/4982
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
2016-02-01 21:52:04 -05:00
Fedor Indutny
5f76b24e5e http: overridable clientError
Make default `clientError` behavior (close socket immediately)
overridable. With this APIs it is possible to write a custom error
handler, and to send, for example, a 400 HTTP response.

    http.createServer(...).on('clientError', function(err, socket) {
      socket.end('HTTP/1.1 400 Bad Request\r\n\r\n');
      socket.destroy();
    });

Fix: #4543
PR-URL: https://github.com/nodejs/node/pull/4557
Reviewed-By: Brian White <mscdex@mscdex.net>
2016-01-07 03:39:15 -05:00
Fedor Indutny
3213e5fe6e https: use servername in agent key
https requests with different SNI values should not be sent over the
same connection, even if the `host` is the same. Server may want to
present different certificate or route the incoming TLS connection
differently, depending on the received servername extension.

Fix: https://github.com/nodejs/node/issues/3940
PR-URL: https://github.com/nodejs/node/pull/4389
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2015-12-22 13:51:12 -05:00
Fedor Indutny
acef181fde https: support disabling session caching
Zero value of `maxCachedSessions` should disable TLS session caching in
`https.Agent`

PR-URL: https://github.com/nodejs/node/pull/4252
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2015-12-12 12:48:29 -05:00
Sakthipriyan Vairamani
437930c0cc http{s}: don't connect to localhost on invalid URL
If the URL passed to `http{s}.request` or `http{s}.get` is not properly
parsable by `url.parse`, we fall back to use `localhost` and port 80.
This creates confusing error messages like in this question
http://stackoverflow.com/q/32675907/1903116.

This patch throws an error message, if `url.parse` fails to parse the
URL properly.

Previous Discussion: https://github.com/nodejs/node/pull/2966
PR-URL: https://github.com/nodejs/node/pull/2967

Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
2015-10-27 08:47:23 +05:30
Shigeki Ohtsu
802a2e79e1 tls, crypto: add ALPN Support
ALPN is added to tls according to RFC7301, which supersedes NPN.
When the server receives both NPN and ALPN extensions from the client,
ALPN takes precedence over NPN and the server does not send NPN
extension to the client. alpnProtocol in TLSSocket always returns
false when no selected protocol exists by ALPN.
In https server, http/1.1 token is always set when no
options.ALPNProtocols exists.

PR-URL: https://github.com/nodejs/node/pull/2564
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2015-10-27 01:31:47 +09:00
Fedor Indutny
2ca5a3db47 https: reuse TLS sessions in Agent
Fix: #1499
PR-URL: https://github.com/nodejs/io.js/pull/2228
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
2015-07-27 11:48:36 -07:00
Rod Vagg
702997c1f0 Revert "url: significantly improve the performance of the url module"
This reverts commit 3fd7fc429c.

It was agreed that this change contained too much potential ecosystem
breakage, particularly around the inability to `delete` properties off a
`Url` object. It may be re-introduced for a later release, along with
better work on ecosystem compatibility.

PR-URL: https://github.com/iojs/io.js/pull/1602
Reviewed-By: Mikeal Rogers <mikeal.rogers@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Forrest L Norvell <forrest@npmjs.com>
Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
Reviewed-By: Isaac Z. Schlueter <i@izs.me>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
2015-05-03 20:29:41 -07:00
Petka Antonov
3fd7fc429c url: significantly improve the performance of the url module
(landed by @rvagg)

PR-URL: https://github.com/iojs/io.js/pull/1561
Reviewed-By: Domenic Denicola <domenic@domenicdenicola.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
2015-05-01 23:12:52 -07:00
Michaël Zasso
c22e5ace84 https: simpler argument check
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Brendan Ashworth <brendan.ashworth@me.com>
2015-02-07 12:00:16 -08:00
cjihrig
6ac8bdc0ab lib: reduce util.is*() usage
Many of the util.is*() methods used to check data types
simply compare against a single value or the result of
typeof. This commit replaces calls to these methods with
equivalent checks. This commit does not touch calls to the
more complex methods (isRegExp(), isDate(), etc.).

Fixes: https://github.com/iojs/io.js/issues/607
PR-URL: https://github.com/iojs/io.js/pull/647
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2015-01-31 23:47:29 -05:00
cjihrig
804e7aa9ab lib: use const to define constants
This commit replaces a number of var statements throughout
the lib code with const statements.

PR-URL: https://github.com/iojs/io.js/pull/541
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2015-01-21 16:21:31 -05:00
isaacs
3e1b1dd4a9 Remove excessive copyright/license boilerplate
The copyright and license notice is already in the LICENSE file.  There
is no justifiable reason to also require that it be included in every
file, since the individual files are not individually distributed except
as part of the entire package.
2015-01-12 15:30:28 -08:00
Ben Noordhuis
21130c7d6f lib: turn on strict mode
Turn on strict mode for the files in the lib/ directory.  It helps
catch bugs and can have a positive effect on performance.

PR-URL: https://github.com/node-forward/node/pull/64
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
2014-11-22 17:23:30 +01:00
Nathan Rajlich
d6bbb19f1d http, https: don't depend on globalAgent
For the `request()` and `get()` functions. I could never
really understand why these two functions go through agent
first... Especially since the user could be passing `agent: false`
or a different Agent instance completely, in which `globalAgent`
will be completely bypassed.

Moved the relevant logic from `Agent#request()` into the
`ClientRequest` constructor.

Incidentally, this commit fixes #7012 (which was the original
intent of this commit).
2014-02-26 13:18:54 -08:00
Brian White
6d842897c5 lib: remove unused variables and functions 2013-08-15 17:19:17 -07:00
isaacs
22c68fdc1d src: Replace macros with util functions 2013-08-01 15:08:01 -07:00
Ben Noordhuis
0330bdf519 lib: macro-ify type checks
Increases the grep factor. Makes it easier to harmonize type checks
across the code base.
2013-07-24 21:49:35 +02:00
isaacs
49519f1217 http: Reuse more http/https Agent code 2013-07-09 22:31:11 -07:00
isaacs
40e92650bb http: Add agent.get/request methods 2013-07-09 22:31:11 -07:00
Fedor Indutny
af80e7bc6e tls: introduce TLSSocket based on tls_wrap binding
Split `tls.js` into `_tls_legacy.js`, containing legacy
`createSecurePair` API, and `_tls_wrap.js` containing new code based on
`tls_wrap` binding.

Remove tests that are no longer useful/valid.
2013-06-16 09:30:15 +02:00
Ben Noordhuis
ab518e8831 https: implement https.Server#setTimeout()
Like commit d258fb0 ("http: More useful setTimeout API on server") but
this time for the https module.

Fixes #5361.
2013-04-30 13:10:56 +02:00
Ryunosuke SATO
c4fc0febfa https: optimize https.createConnection()
Stop using `arguments` for performance and readability.
2012-12-28 16:42:51 +01:00
Ben Noordhuis
0ad005852c https: fix renegotation attack protection
Listen for the 'clientError' event that is emitted when a renegotation attack
is detected and close the connection.

Fixes test/pummel/test-https-ci-reneg-attack.js
2012-10-09 16:38:00 +02:00
Ben Noordhuis
35607f3a2d tls, https: validate server certificate by default
This commit changes the default value of the rejectUnauthorized option from
false to true.

What that means is that tls.connect(), https.get() and https.request() will
reject invalid server certificates from now on, including self-signed
certificates.

There is an escape hatch: if you set the NODE_TLS_REJECT_UNAUTHORIZED
environment variable to the literal string "0", node.js reverts to its
old behavior.

Fixes #3949.
2012-09-15 00:19:06 +02:00
koichik
752ac320ae https: make https.get() accept a URL
https.get() now accepts either a URL (as a string) or an options object.

Refs #2859.
Fixes #3882.
2012-08-24 16:56:06 +02:00
Fedor Indutny
e43fe5c833 Revert "http/https: pass request to .createConnection()"
This reverts commit 53716eb0b5.
2012-07-20 20:51:02 +04:00
Fedor Indutny
53716eb0b5 http/https: pass request to .createConnection()
It's useful for passing some additional options of request object to the
underlying API
2012-07-20 01:49:30 +04:00
Dmitry Nizovtsev
1e9bcf26ce net, http, https: add localAddress option
Binds to a local address before making the outgoing connection.
2012-03-06 13:35:49 +01:00
Maciej Małecki
da908364a8 tls http https: don't pollute user's options object 2012-02-20 21:58:00 +01:00
isaacs
0cdf85e28d Lint all the JavaScripts. 2012-02-18 15:34:57 -08:00
Maciej Małecki
df0edf5fe6 https: make https use new tls.connect API
Refs #1983.
2012-01-08 11:13:18 +01:00
seebees
005d607aed http.request(url.parse(x))
http2.js

protocols object to store defaults for http and https, and use as a switch for supported protocols.
options.hostname > options.host > 'localhost'
if I have an options.auth element and I do not have an Authorization header, I do basic auth.
http.request collapses to new ClientRequest since the defaults are handled by the protocol object

test-http-url.parse*

Fixes #1390

Conflicts:

	lib/http2.js
2011-10-22 14:14:40 +09:00
Ben Noordhuis
bc7cfd7cd7 http: remove legacy http library 2011-10-04 20:51:34 +02:00
Fedor Indutny
9010f5fbab Add support for TLS SNI
Fixes #1411
2011-07-29 16:57:28 -07:00
Ben Noordhuis
2ed23314c3 http: make http and http2 co-exist
http2 is currently disabled pending addition of a --use-http2 switch
2011-07-26 17:00:53 +02:00
Mikeal Rogers
2b929c7f19 http: http2 implementation 2011-07-26 16:59:52 +02:00
Mark Cavage
a2328dc73c Add support for Unix Domain Sockets to HTTP
fixes #979.
2011-04-25 16:52:31 -07:00
Fedor Indutny
c9b40da368 OpenSSL NPN in node.js
closes #926.
2011-04-19 11:32:26 -07:00
isaacs
6d85da185c Closes GH-721 Set default host header properly
However, this test is failing for some quite unrelated issue.
Getting some odd "socket hangup" crashes, and only the first request
ever makes it to the server.
2011-04-01 17:40:41 -07:00
Ryan Dahl
24f9bf4180 expose https.Agent 2011-03-22 11:24:00 -07:00
Ryan Dahl
55048cdf79 Update copyright headers 2011-03-14 17:37:05 -07:00
Ryan Dahl
448e0f4394 tls fixes 2011-02-07 21:11:43 -08:00
Mikeal Rogers
2b03ba5917 http: agent takes options instead of host, port pair 2011-02-05 02:35:44 -08:00
Mikeal Rogers
8d37f80f4b Expose agent in http and https client. 2011-01-23 12:02:43 -08:00
Ryan Dahl
b9574b995f Expose http.getAgent 2011-01-21 13:47:27 -08:00