New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
fetch-h2 - npm Package Compare versions
Comparing version 2.4.3 to 2.4.4
@@ -1,1 +0,1 @@ | ||
| export declare const version = "2.4.3"; | ||
| export declare const version = "2.4.4"; |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.version = "2.4.3"; | ||
| exports.version = "2.4.4"; | ||
| //# sourceMappingURL=version.js.map |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| function getAltNames(cert) { | ||
| function getNames(cert) { | ||
| var _a, _b; | ||
@@ -11,5 +11,7 @@ const CN = (_a = cert.subject) === null || _a === void 0 ? void 0 : _a.CN; | ||
| .map(name => name.substr(4)); | ||
| if (CN) | ||
| sans.push(CN); | ||
| return [...new Set(sans)]; | ||
| if (cert.subjectaltname) | ||
| // Ignore CN if SAN:s are present; https://stackoverflow.com/a/29600674 | ||
| return [...new Set(sans)]; | ||
| else | ||
| return [CN]; | ||
| } | ||
@@ -30,3 +32,3 @@ function makeRegex(name) { | ||
| if (cert) { | ||
| getAltNames(cert).forEach(name => { | ||
| getNames(cert).forEach(name => { | ||
| if (name.match(/.*\*.*\*.*/)) | ||
@@ -33,0 +35,0 @@ throw new Error(`Invalid CN/subjectAltNames: ${name}`); |
@@ -21,3 +21,84 @@ "use strict"; | ||
| }); | ||
| it("Should match on CN when no SAN is provided (plain)", () => { | ||
| const cert = { subject: { CN: "foo.com" } }; | ||
| const { names, dynamic } = san_1.parseOrigin(cert); | ||
| expect(names).toStrictEqual(["foo.com"]); | ||
| expect(dynamic).toBe(undefined); | ||
| }); | ||
| it("Should match on CN when no SAN is provided (dynamic)", () => { | ||
| const cert = { subject: { CN: "*.foo.com" } }; | ||
| const { names, dynamic } = san_1.parseOrigin(cert); | ||
| expect(names.length).toBe(0); | ||
| expect(dynamic === null || dynamic === void 0 ? void 0 : dynamic("test.foo.com")).toBe(true); | ||
| }); | ||
| describe("Multi wildcard domains", () => { | ||
| it("Should throw on double-wildcards", () => { | ||
| const cert = { subject: { CN: "*.*.foo.com" } }; | ||
| const test = () => san_1.parseOrigin(cert); | ||
| expect(test).toThrow(/invalid/i); | ||
| }); | ||
| const subjectaltname = [ | ||
| "DNS:foo.com", | ||
| "DNS:bar.com", | ||
| "DNS:example1.com", | ||
| "DNS:*.example1.com", | ||
| "DNS:*.example2.com", | ||
| ].join(", "); | ||
| const certs = [ | ||
| { | ||
| name: "CN is wildcard", | ||
| cert: { | ||
| subject: { CN: "*.example1.com" }, | ||
| subjectaltname, | ||
| }, | ||
| }, | ||
| { | ||
| name: "CN is plain", | ||
| cert: { | ||
| subject: { CN: "example1.com" }, | ||
| subjectaltname, | ||
| }, | ||
| }, | ||
| { | ||
| name: "CN is wildcard but not in SAN", | ||
| cert: { | ||
| subject: { CN: "*.invalid.com" }, | ||
| subjectaltname, | ||
| }, | ||
| }, | ||
| { | ||
| name: "CN is plain but not in SAN", | ||
| cert: { | ||
| subject: { CN: "invalid.com" }, | ||
| subjectaltname, | ||
| }, | ||
| }, | ||
| ]; | ||
| certs.forEach(({ name, cert }) => describe(name, () => { | ||
| it(`Should not match other domains`, () => { | ||
| const { names, dynamic } = san_1.parseOrigin(cert); | ||
| expect(names.includes("invalid.com")).toBe(false); | ||
| expect(dynamic === null || dynamic === void 0 ? void 0 : dynamic("invalid.com")).toBe(false); | ||
| expect(dynamic === null || dynamic === void 0 ? void 0 : dynamic("test.invalid.com")).toBe(false); | ||
| expect(dynamic === null || dynamic === void 0 ? void 0 : dynamic("sub.foo.com")).toBe(false); | ||
| expect(dynamic === null || dynamic === void 0 ? void 0 : dynamic("sub.bar.com")).toBe(false); | ||
| }); | ||
| it(`Should handle plain names`, () => { | ||
| var _a, _b; | ||
| const match = san_1.parseOrigin(cert); | ||
| expect((_a = match.dynamic) === null || _a === void 0 ? void 0 : _a.call(match, "foo.com")).toBe(false); | ||
| expect((_b = match.dynamic) === null || _b === void 0 ? void 0 : _b.call(match, "bar.com")).toBe(false); | ||
| expect(match.names.includes("foo.com")).toBe(true); | ||
| expect(match.names.includes("bar.com")).toBe(true); | ||
| expect(match.names.includes("example1.com")).toBe(true); | ||
| }); | ||
| it(`Should not wildcard plain names`, () => { | ||
| var _a, _b; | ||
| const match = san_1.parseOrigin(cert); | ||
| expect((_a = match.dynamic) === null || _a === void 0 ? void 0 : _a.call(match, "sub.example1.com")).toBe(true); | ||
| expect((_b = match.dynamic) === null || _b === void 0 ? void 0 : _b.call(match, "sub.example2.com")).toBe(true); | ||
| }); | ||
| })); | ||
| }); | ||
| }); | ||
| //# sourceMappingURL=san.js.map |
| { | ||
| "name": "fetch-h2", | ||
| "version": "2.4.3", | ||
| "version": "2.4.4", | ||
| "description": "HTTP/1+2 Fetch API client for Node.js", | ||
@@ -5,0 +5,0 @@ "author": "Gustaf Räntilä", |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
No alert changes
Improved metrics
- Total package byte prevSize
- increased by1.78%
395833
- Lines of code
- increased by1.65%
5103
No dependency changes