Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
fast-proxy
Advanced tools
Node.js framework agnostic library that enables you to forward an http request to another HTTP server. Supported protocols: HTTP, HTTPS, HTTP2
This library was initially forked from
fastify-reply-from
: https://github.com/fastify/fastify-reply-from
fast-proxy
powers: https://www.npmjs.com/package/fast-gateway 🚀
npm i fast-proxy
The following examples describe how to use fast-proxy
with restana
:
Gateway:
const { proxy, close } = require('fast-proxy')({
base: 'http://127.0.0.1:3000'
// options
})
const gateway = require('restana')()
gateway.all('/service/*', function (req, res) {
proxy(req, res, req.url, {})
})
gateway.start(8080)
Remote service:
const service = require('restana')()
service.get('/service/hi', (req, res) => res.send('Hello World!'))
service.start(3000)
Using imports:
import fastProxy from 'fast-proxy'
const { proxy, close } = fastProxy({
base: 'http://127.0.0.1:3000'
})
Please see: https://github.com/jkyberneees/nodejs-proxy-benchmarks
base
Set the base URL for all the forwarded requests. Will be required if http2
is set to true
Note that path will be discarded.
Set the query string parser and stringifier. By default fast-proxy
uses the
fast-querystring module. Configuration can be changed like so:
{
base: 'http://localhost:3001/',
queryString: {
parse: (value) => qs.parse(value),
stringify: (value) => qs.stringify(value),
}
}
Set to true
if target server is http2
enabled.
Set to true
to use undici
instead of require('http')
. Enabling this flag should guarantee
20-50% more throughput.
This flag could controls the settings of the undici client, like so:
...
base: 'http://localhost:3001/',
undici: {
connections: 100,
pipelining: 10
}
...
See undici demo at:
demos/gateway-undici.js
The number of parsed URLs that will be cached. Default: 100.
Use value =
0
to disable the caching mechanism
Allows to optionally overwrite the internal http
and https
client agents implementation. Defaults: http
and https
.
For example, this could be used to add support for following redirects, like so:
...
requests: {
http: require('follow-redirects/http'),
https: require('follow-redirects/https')
}
...
If using
undici
orhttp2
this settings are ignored!
Defaults to 1 minute, passed down to [http.Agent
][http-agent] and
[https.Agent
][https-agent] instances.
Defaults to 2048 sockets, passed down to [http.Agent
][http-agent] and
[https.Agent
][https-agent] instances.
Defaults to true
, passed down to [https.Agent
][https-agent] instances.
This needs to be set to false
to reply from https servers with
self-signed certificates.
Other supported configurations in https://nodejs.org/api/http.html#http_new_agent_options can also be part of the opts
object.
Optional "on close
resource release" strategy. You can link this to your application shutdown hook as an example.
Enables you to forward an http request to another HTTP server.
proxy(
originReq, // http.IncomingMessage
originRes, // http.ServerResponse
req.url, // String -> remote URL + path or path if base was set
{} // Options described below
)
Optionally indicates the base URL for the current request proxy. When used, the global base
config is overwriten.
This configuration value is ignored when using HTTP2.
Called when an http response is received from the source.
The default behavior is pump(stream, res)
, which will be disabled if the
option is specified.
Called to rewrite the headers of the request, before them being sent to the downstream server. It must return the new headers object.
Called to rewrite the headers of the response, before them being copied over to the outer response. It must return the new headers object.
Extended options supported by http[s].request
method (https://nodejs.org/api/http.html#http_http_request_options_callback)
The following options are dynamically assigned: method, port, path, hostname, headers, agent
.
http2
options are limited totimeout
only, whileundici
supports none.
Replaces the original querystring of the request with what is specified.
This will get passed to
querystring.stringify
.
Special thanks to fastify-reply-from
developers for creating a production ready library from where we could initially fork.
MIT
FAQs
Forward your HTTP request to another server.
We found that fast-proxy demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.