Socket
Socket
Sign inDemoInstall

engine.io-parser

Package Overview
Dependencies
Maintainers
2
Versions
52
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

engine.io-parser - npm Package Compare versions

Comparing version 5.2.0 to 5.2.1

78

build/cjs/index.js

@@ -39,3 +39,2 @@ "use strict";

exports.decodePayload = decodePayload;
const HEADER_LENGTH = 4;
function createPacketEncoderStream() {

@@ -45,5 +44,21 @@ return new TransformStream({

(0, encodePacket_js_1.encodePacketToBinary)(packet, encodedPacket => {
const header = new Uint8Array(HEADER_LENGTH);
// last 31 bits indicate the length of the payload
new DataView(header.buffer).setUint32(0, encodedPacket.length);
const payloadLength = encodedPacket.length;
let header;
// inspired by the WebSocket format: https://developer.mozilla.org/en-US/docs/Web/API/WebSockets_API/Writing_WebSocket_servers#decoding_payload_length
if (payloadLength < 126) {
header = new Uint8Array(1);
new DataView(header.buffer).setUint8(0, payloadLength);
}
else if (payloadLength < 65536) {
header = new Uint8Array(3);
const view = new DataView(header.buffer);
view.setUint8(0, 126);
view.setUint16(1, payloadLength);
}
else {
header = new Uint8Array(9);
const view = new DataView(header.buffer);
view.setUint8(0, 127);
view.setBigUint64(1, BigInt(payloadLength));
}
// first bit indicates whether the payload is plain text (0) or binary (1)

@@ -87,3 +102,4 @@ if (packet.data && typeof packet.data !== "string") {

const chunks = [];
let expectedSize = -1;
let state = 0 /* READ_HEADER */;
let expectedLength = -1;
let isBinary = false;

@@ -94,24 +110,54 @@ return new TransformStream({

while (true) {
const expectHeader = expectedSize === -1;
if (expectHeader) {
if (totalLength(chunks) < HEADER_LENGTH) {
if (state === 0 /* READ_HEADER */) {
if (totalLength(chunks) < 1) {
break;
}
const headerArray = concatChunks(chunks, HEADER_LENGTH);
const header = new DataView(headerArray.buffer, headerArray.byteOffset, headerArray.length).getUint32(0);
isBinary = header >> 31 === -1;
expectedSize = header & 0x7fffffff;
if (expectedSize === 0 || expectedSize > maxPayload) {
const header = concatChunks(chunks, 1);
isBinary = (header[0] & 0x80) === 0x80;
expectedLength = header[0] & 0x7f;
if (expectedLength < 126) {
state = 3 /* READ_PAYLOAD */;
}
else if (expectedLength === 126) {
state = 1 /* READ_EXTENDED_LENGTH_16 */;
}
else {
state = 2 /* READ_EXTENDED_LENGTH_64 */;
}
}
else if (state === 1 /* READ_EXTENDED_LENGTH_16 */) {
if (totalLength(chunks) < 2) {
break;
}
const headerArray = concatChunks(chunks, 2);
expectedLength = new DataView(headerArray.buffer, headerArray.byteOffset, headerArray.length).getUint16(0);
state = 3 /* READ_PAYLOAD */;
}
else if (state === 2 /* READ_EXTENDED_LENGTH_64 */) {
if (totalLength(chunks) < 8) {
break;
}
const headerArray = concatChunks(chunks, 8);
const view = new DataView(headerArray.buffer, headerArray.byteOffset, headerArray.length);
const n = view.getUint32(0);
if (n > Math.pow(2, 53 - 32) - 1) {
// the maximum safe integer in JavaScript is 2^53 - 1
controller.enqueue(commons_js_1.ERROR_PACKET);
break;
}
expectedLength = n * Math.pow(2, 32) + view.getUint32(4);
state = 3 /* READ_PAYLOAD */;
}
else {
if (totalLength(chunks) < expectedSize) {
if (totalLength(chunks) < expectedLength) {
break;
}
const data = concatChunks(chunks, expectedSize);
const data = concatChunks(chunks, expectedLength);
controller.enqueue((0, decodePacket_js_1.decodePacket)(isBinary ? data : TEXT_DECODER.decode(data), binaryType));
expectedSize = -1;
state = 0 /* READ_HEADER */;
}
if (expectedLength === 0 || expectedLength > maxPayload) {
controller.enqueue(commons_js_1.ERROR_PACKET);
break;
}
}

@@ -118,0 +164,0 @@ }

78

build/esm/index.js

@@ -32,3 +32,2 @@ import { encodePacket, encodePacketToBinary } from "./encodePacket.js";

};
const HEADER_LENGTH = 4;
export function createPacketEncoderStream() {

@@ -38,5 +37,21 @@ return new TransformStream({

encodePacketToBinary(packet, encodedPacket => {
const header = new Uint8Array(HEADER_LENGTH);
// last 31 bits indicate the length of the payload
new DataView(header.buffer).setUint32(0, encodedPacket.length);
const payloadLength = encodedPacket.length;
let header;
// inspired by the WebSocket format: https://developer.mozilla.org/en-US/docs/Web/API/WebSockets_API/Writing_WebSocket_servers#decoding_payload_length
if (payloadLength < 126) {
header = new Uint8Array(1);
new DataView(header.buffer).setUint8(0, payloadLength);
}
else if (payloadLength < 65536) {
header = new Uint8Array(3);
const view = new DataView(header.buffer);
view.setUint8(0, 126);
view.setUint16(1, payloadLength);
}
else {
header = new Uint8Array(9);
const view = new DataView(header.buffer);
view.setUint8(0, 127);
view.setBigUint64(1, BigInt(payloadLength));
}
// first bit indicates whether the payload is plain text (0) or binary (1)

@@ -79,3 +94,4 @@ if (packet.data && typeof packet.data !== "string") {

const chunks = [];
let expectedSize = -1;
let state = 0 /* READ_HEADER */;
let expectedLength = -1;
let isBinary = false;

@@ -86,24 +102,54 @@ return new TransformStream({

while (true) {
const expectHeader = expectedSize === -1;
if (expectHeader) {
if (totalLength(chunks) < HEADER_LENGTH) {
if (state === 0 /* READ_HEADER */) {
if (totalLength(chunks) < 1) {
break;
}
const headerArray = concatChunks(chunks, HEADER_LENGTH);
const header = new DataView(headerArray.buffer, headerArray.byteOffset, headerArray.length).getUint32(0);
isBinary = header >> 31 === -1;
expectedSize = header & 0x7fffffff;
if (expectedSize === 0 || expectedSize > maxPayload) {
const header = concatChunks(chunks, 1);
isBinary = (header[0] & 0x80) === 0x80;
expectedLength = header[0] & 0x7f;
if (expectedLength < 126) {
state = 3 /* READ_PAYLOAD */;
}
else if (expectedLength === 126) {
state = 1 /* READ_EXTENDED_LENGTH_16 */;
}
else {
state = 2 /* READ_EXTENDED_LENGTH_64 */;
}
}
else if (state === 1 /* READ_EXTENDED_LENGTH_16 */) {
if (totalLength(chunks) < 2) {
break;
}
const headerArray = concatChunks(chunks, 2);
expectedLength = new DataView(headerArray.buffer, headerArray.byteOffset, headerArray.length).getUint16(0);
state = 3 /* READ_PAYLOAD */;
}
else if (state === 2 /* READ_EXTENDED_LENGTH_64 */) {
if (totalLength(chunks) < 8) {
break;
}
const headerArray = concatChunks(chunks, 8);
const view = new DataView(headerArray.buffer, headerArray.byteOffset, headerArray.length);
const n = view.getUint32(0);
if (n > Math.pow(2, 53 - 32) - 1) {
// the maximum safe integer in JavaScript is 2^53 - 1
controller.enqueue(ERROR_PACKET);
break;
}
expectedLength = n * Math.pow(2, 32) + view.getUint32(4);
state = 3 /* READ_PAYLOAD */;
}
else {
if (totalLength(chunks) < expectedSize) {
if (totalLength(chunks) < expectedLength) {
break;
}
const data = concatChunks(chunks, expectedSize);
const data = concatChunks(chunks, expectedLength);
controller.enqueue(decodePacket(isBinary ? data : TEXT_DECODER.decode(data), binaryType));
expectedSize = -1;
state = 0 /* READ_HEADER */;
}
if (expectedLength === 0 || expectedLength > maxPayload) {
controller.enqueue(ERROR_PACKET);
break;
}
}

@@ -110,0 +156,0 @@ }

2

package.json

@@ -5,3 +5,3 @@ {

"license": "MIT",
"version": "5.2.0",
"version": "5.2.1",
"main": "./build/cjs/index.js",

@@ -8,0 +8,0 @@ "module": "./build/esm/index.js",

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc