@dfinity/agent
Advanced tools
Comparing version 0.15.1 to 0.15.2
@@ -215,3 +215,3 @@ "use strict"; | ||
method: 'POST', | ||
headers: Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {})), | ||
headers: new Headers(Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {}))), | ||
}, | ||
@@ -277,3 +277,3 @@ endpoint: "call" /* Endpoint.Call */, | ||
method: 'POST', | ||
headers: Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {})), | ||
headers: new Headers(Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {}))), | ||
}, | ||
@@ -300,3 +300,3 @@ endpoint: "read" /* Endpoint.Query */, | ||
method: 'POST', | ||
headers: Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {})), | ||
headers: new Headers(Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {}))), | ||
}, | ||
@@ -303,0 +303,0 @@ endpoint: "read_state" /* Endpoint.ReadState */, |
@@ -30,2 +30,3 @@ "use strict"; | ||
const types_1 = require("./types"); | ||
const buffer_1 = require("../../utils/buffer"); | ||
const NANOSECONDS_PER_MILLISECONDS = BigInt(1000000); | ||
@@ -56,4 +57,8 @@ const REPLICA_PERMITTED_DRIFT_MILLISECONDS = BigInt(60 * 1000); | ||
return async (request) => { | ||
// Nonce are only useful for async calls, to prevent replay attacks. Other types of | ||
// calls don't need Nonce so we just skip creating one. | ||
const nonce = nonceFn(); | ||
// Nonce needs to be inserted into the header for all requests, to enable logs to be correlated with requests. | ||
const headers = request.request.headers ? new Headers(request.request.headers) : new Headers(); | ||
headers.set('X-IC-Request-ID', (0, buffer_1.toHex)(new Uint8Array(nonce))); | ||
request.request.headers = headers; | ||
// Nonce only needs to be inserted into the body for async calls, to prevent replay attacks. | ||
if (request.endpoint === "call" /* Endpoint.Call */) { | ||
@@ -60,0 +65,0 @@ request.body.nonce = nonceFn(); |
@@ -184,3 +184,3 @@ import { Principal } from '@dfinity/principal'; | ||
method: 'POST', | ||
headers: Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {})), | ||
headers: new Headers(Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {}))), | ||
}, | ||
@@ -246,3 +246,3 @@ endpoint: "call" /* Endpoint.Call */, | ||
method: 'POST', | ||
headers: Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {})), | ||
headers: new Headers(Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {}))), | ||
}, | ||
@@ -269,3 +269,3 @@ endpoint: "read" /* Endpoint.Query */, | ||
method: 'POST', | ||
headers: Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {})), | ||
headers: new Headers(Object.assign({ 'Content-Type': 'application/cbor' }, (this._credentials ? { Authorization: 'Basic ' + btoa(this._credentials) } : {}))), | ||
}, | ||
@@ -272,0 +272,0 @@ endpoint: "read_state" /* Endpoint.ReadState */, |
import { lebEncode } from '@dfinity/candid'; | ||
import * as cbor from 'simple-cbor'; | ||
import { makeNonce } from './types'; | ||
import { toHex } from '../../utils/buffer'; | ||
const NANOSECONDS_PER_MILLISECONDS = BigInt(1000000); | ||
@@ -28,4 +29,8 @@ const REPLICA_PERMITTED_DRIFT_MILLISECONDS = BigInt(60 * 1000); | ||
return async (request) => { | ||
// Nonce are only useful for async calls, to prevent replay attacks. Other types of | ||
// calls don't need Nonce so we just skip creating one. | ||
const nonce = nonceFn(); | ||
// Nonce needs to be inserted into the header for all requests, to enable logs to be correlated with requests. | ||
const headers = request.request.headers ? new Headers(request.request.headers) : new Headers(); | ||
headers.set('X-IC-Request-ID', toHex(new Uint8Array(nonce))); | ||
request.request.headers = headers; | ||
// Nonce only needs to be inserted into the body for async calls, to prevent replay attacks. | ||
if (request.endpoint === "call" /* Endpoint.Call */) { | ||
@@ -32,0 +37,0 @@ request.body.nonce = nonceFn(); |
{ | ||
"name": "@dfinity/agent", | ||
"version": "0.15.1", | ||
"version": "0.15.2", | ||
"author": "DFINITY Stiftung <sdk@dfinity.org>", | ||
@@ -53,4 +53,4 @@ "license": "Apache-2.0", | ||
"peerDependencies": { | ||
"@dfinity/candid": "^0.15.1", | ||
"@dfinity/principal": "^0.15.1" | ||
"@dfinity/candid": "^0.15.2", | ||
"@dfinity/principal": "^0.15.2" | ||
}, | ||
@@ -57,0 +57,0 @@ "dependencies": { |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
1040521
7627
1