http2-proxy - npm Package Compare versions

Comparing version 0.1.19 to 0.1.20

index.js

@@ -1,5 +0,3 @@
-const createError = require('http-errors')
 const http2 = require('http2')
 const http = require('http')
-const pump = require('pump')
 const net = require('net')
@@ -61,3 +59,7 @@
 
-    onProxyError(err, req, resOrSocket)
+    if (onProxyError) {
+      onProxyError(err, req, resOrSocket)
+    } else {
+      throw err
+    }
   }
@@ -68,3 +70,3 @@
       if (req.method !== 'GET') {
-        throw new createError.MethodNotAllowed()
+        throw createError('method not allowed', null, 405)
       }
@@ -74,3 +76,3 @@
           req.headers[HTTP2_HEADER_UPGRADE].toLowerCase() !== 'websocket') {
-        throw new createError.BadRequest()
+        throw createError('bad request', null, 400)
       }
@@ -80,3 +82,3 @@ }
     if (!/1\.1|2\.\d/.test(req.httpVersion)) {
-      throw new createError.HTTPVersionNotSupported()
+      throw createError('http version not supported', null, 505)
     }
@@ -90,3 +92,3 @@
     ) {
-      throw new createError.LoopDetected()
+      throw createError('loop detected', null, 508)
     }
@@ -120,2 +122,7 @@
 
+    // NOTE http2.Http2ServerRequest doesn't forward stream errors.
+    const incoming = req.stream || req
+
+    incoming.on('error', onError)
+
     return proxy(req, resOrSocket, {
@@ -143,9 +150,4 @@ method: req.method,
 
-  // NOTE http2.Http2ServerRequest doesn't forward stream errors.
-  const incoming = req.stream || req
-
   const callback = err => {
-    incoming.removeListener('error', callback)
-    incoming.removeListener('aborted', abort)
-    incoming.removeListener('timeout', abort)
+    req.removeListener('close', abort)
     abort()
@@ -155,5 +157,3 @@ onError(err)
 
-  incoming.on('error', callback)
-  incoming.on('aborted', abort)
-  incoming.on('timeout', abort)
+  req.on('close', abort)
 
@@ -164,10 +164,14 @@ req
       if (err.code === 'ECONNREFUSED' || err.code === 'ENOTFOUND') {
-        callback(new createError.ServiceUnavailable(err.message))
+        err.statusCode = 503
+        callback(err)
       } else if (/HPE_INVALID/.test(err.code)) {
-        callback(new createError.BadGateway(err.message))
+        err.statusCode = 502
+        callback(err)
       } else if (err.code === 'ECONNRESET') {
         if (!proxyReq.aborted) {
-          callback(new createError.BadGateway('socket hang up'))
+          err.statusCode = 502
+          callback(err)
         }
       } else {
+        err.statusCode = 500
         callback(err)
@@ -179,10 +183,6 @@ }
     // .on('aborted', () => callback(new createError.BadGateway('socket hang up')))
-    .on('timeout', () => callback(new createError.GatewayTimeout()))
+    .on('timeout', () => callback(createError('gateway timeout', null, 504)))
     .on('response', proxyRes => {
       try {
-        proxyRes.on('aborted', () => {
-          const error = new Error('socket hang up')
-          error.code = 'ECONNRESET'
-          callback(error)
-        })
+        proxyRes.on('aborted', () => callback(createError('socket hang up', 'ECONNRESET', 502)))
 
@@ -204,3 +204,6 @@ if (resOrSocket instanceof net.Socket) {
           })
-          pump(proxyRes, resOrSocket, err => err && callback(err))
+          proxyRes
+            .on('error', callback)
+            .pipe(resOrSocket)
+            .on('error', callback)
         }
@@ -241,3 +244,7 @@ } catch (err) {
 
-        pump(proxySocket, resOrSocket, proxySocket, err => err && callback(err))
+        proxySocket
+          .on('error', callback)
+          .pipe(resOrSocket)
+          .on('error', callback)
+          .pipe(proxySocket)
       } catch (err) {
@@ -318,1 +325,8 @@ callback(err)
 }
+
+function createError (msg, code, statusCode) {
+  const err = new Error(msg)
+  err.code = code
+  err.statusCode = statusCode
+  return err
+}

package.json

 {
   "name": "http2-proxy",
-  "version": "0.1.19",
+  "version": "0.1.20",
   "scripts": {
@@ -19,4 +19,3 @@ "dev": "nodemon --inspect=9308 --expose-http2 src",
   "dependencies": {
-    "http-errors": "^1.6.2",
-    "pump": "^1.0.2"
+    "http-errors": "^1.6.2"
   },
@@ -23,0 +22,0 @@ "devDependencies": {

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

13376

increased by0.51%

Dependency count

1

decreased by-50%

Lines of code

272

increased by4.62%

Number of medium supply chain risk alerts

3

decreased by-25%

Dependency changes

• - Removedpump@^1.0.2

• - Removedend-of-stream@1.4.4(transitive)

• - Removedonce@1.4.0(transitive)

• - Removedpump@1.0.3(transitive)

• - Removedwrappy@1.0.2(transitive)