🚀 Big News:Socket Has Acquired Secure Annex.Learn More
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@warren-bank/node-request

Package Overview
Dependencies
Maintainers
1
Versions
23
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@warren-bank/node-request - npm Package Compare versions

Comparing version
2.0.15
 to
2.0.16
+4
-2
package.json
{
"name": "@warren-bank/node-request",
"version": "2.0.15",
"version": "2.0.16",
"main": "request.js",

@@ -39,4 +39,6 @@ "description": "An extremely lightweight HTTP request client. Supports: http, https, redirects, cookies, content-encoding, multipart/form-data. Returns: Promise.",

"request",
"TLS fingerprint"
"TLS fingerprint",
"JA3",
"JA4"
]
}
+9
-1
README.md

@@ -87,3 +87,11 @@ ### [request](https://github.com/warren-bank/node-request)

* randomizes the order of the list of TLS cipher suites
* the effect of which is to randomize the TLS fingerprint of the HTTP request client
* the effect of which is to randomize the `JA3` TLS fingerprint of the HTTP request client
* `randomizeCiphers` {Boolean} (defaults to `false`)
* `true`:
* randomizes the values in the list of TLS cipher suites:
- remove all blacklisted cipher groups
- add new cipher suites that are supported, but were not previously included
* the maximum number is determined by: `maxAdditionalCiphers`
* the effect of which is to randomize the `JA4` TLS fingerprint of the HTTP request client
* `maxAdditionalCiphers` {Integer} (defaults to `5`)
* `binary` {Boolean} (defaults to `false`)

@@ -90,0 +98,0 @@ * `false`:

+52
-1
request.js

@@ -52,2 +52,4 @@ const {denodeify, denodeify_net_request} = require('@warren-bank/node-denodeify')

shuffleCiphers: false,
randomizeCiphers: false,
maxAdditionalCiphers: 5,
cookieJar: null

@@ -144,3 +146,3 @@ },

if (config.shuffleCiphers && _is_https){
const old_ciphers = (_req_options.ciphers || require('tls').DEFAULT_CIPHERS || '').split(':')
const old_ciphers = (_req_options.ciphers || require('tls').DEFAULT_CIPHERS || '').split(':').map(val => val.toUpperCase())
const new_ciphers = []

@@ -160,2 +162,51 @@

if (config.randomizeCiphers && _is_https){
const old_ciphers = (_req_options.ciphers || require('tls').DEFAULT_CIPHERS || '').split(':').map(val => val.toUpperCase())
let new_ciphers = []
// 1st pass: remove all blacklisted cipher groups
{
const old_ciphers_blacklist_indices = []
for (let i=0; i < old_ciphers.length; i++) {
const old_cipher = old_ciphers[i]
if (old_cipher && ((old_cipher[0] === '!') || (old_cipher === 'HIGH'))) {
old_ciphers_blacklist_indices.push(i)
}
}
for (let i = (old_ciphers_blacklist_indices.length - 1); i >= 0; i--) {
const old_index = old_ciphers_blacklist_indices[i]
old_ciphers.splice(old_index, 1)
}
}
// 2nd pass: add disabled ciphers
{
new_ciphers = [...old_ciphers]
const all_ciphers = require('tls').getCiphers().map(val => val.toUpperCase())
const alt_ciphers = all_ciphers.filter(val => !old_ciphers.includes(val))
if (alt_ciphers.length) {
const included = {}
let remainder = Math.min(alt_ciphers.length, config.maxAdditionalCiphers)
while (remainder > 0) {
// add a cipher to whitelist
const alt_cipher_index = Math.floor(Math.random() * alt_ciphers.length)
if (included[alt_cipher_index]) continue
const new_cipher = alt_ciphers[alt_cipher_index]
new_ciphers.push(new_cipher)
included[alt_cipher_index] = true
remainder--
}
}
}
if (new_ciphers.length){
_req_options.ciphers = new_ciphers.join(':')
}
}
try {

@@ -162,0 +213,0 @@ const protocol = _is_https ? https : http