make-fetch-happen
Advanced tools
Comparing version 1.1.0 to 1.2.0
34
cache.js
@@ -7,2 +7,3 @@ 'use strict' | ||
const pipe = require('mississippi').pipe | ||
const ssri = require('ssri') | ||
const through = require('mississippi').through | ||
@@ -41,3 +42,3 @@ const to = require('mississippi').to | ||
// matching request in the Cache object. | ||
match (req) { | ||
match (req, opts) { | ||
return cacache.get.info(this._path, cacheKey(req)).then(info => { | ||
@@ -47,3 +48,5 @@ if (info && matchDetails(req, { | ||
reqHeaders: new fetch.Headers(info.metadata.reqHeaders), | ||
resHeaders: new fetch.Headers(info.metadata.resHeaders) | ||
resHeaders: new fetch.Headers(info.metadata.resHeaders), | ||
cacheIntegrity: info.integrity, | ||
integrity: opts && opts.integrity | ||
})) { | ||
@@ -76,9 +79,10 @@ if (req.method === 'HEAD') { | ||
if (stat.size > MAX_MEM_SIZE) { | ||
pipe(cacache.get.stream.byDigest(cachePath, info.digest, { | ||
hashAlgorithm: info.hashAlgorithm | ||
}), body, () => {}) | ||
pipe( | ||
cacache.get.stream.byDigest(cachePath, info.integrity), | ||
body, | ||
() => {} | ||
) | ||
} else { | ||
// cacache is much faster at bulk reads | ||
cacache.get.byDigest(cachePath, info.digest, { | ||
hashAlgorithm: info.hashAlgorithm, | ||
cacache.get.byDigest(cachePath, info.integrity, { | ||
memoize: true | ||
@@ -127,7 +131,6 @@ }).then(data => { | ||
// Providing these will bypass content write | ||
opts.hashAlgorithm = info.hashAlgorithm | ||
opts.digest = info.digest | ||
opts.integrity = info.integrity | ||
return new this.Promise((resolve, reject) => { | ||
pipe( | ||
cacache.get.stream.byDigest(this._path, info.digest, opts), | ||
cacache.get.stream.byDigest(this._path, info.integrity, opts), | ||
cacache.put.stream(this._path, cacheKey(req), opts), | ||
@@ -220,2 +223,13 @@ err => err ? reject(err) : resolve(response) | ||
} | ||
if (cached.integrity) { | ||
const cachedSri = ssri.parse(cached.cacheIntegrity) | ||
const sri = ssri.parse(cached.integrity) | ||
const algo = sri.pickAlgorithm() | ||
if (cachedSri[algo] && !sri[algo].some(hash => { | ||
// cachedSri always has exactly one item per algorithm | ||
return cachedSri[algo][0].digest === hash.digest | ||
})) { | ||
return false | ||
} | ||
} | ||
reqUrl.hash = null | ||
@@ -222,0 +236,0 @@ cacheUrl.hash = null |
@@ -5,2 +5,12 @@ # Change Log | ||
<a name="1.2.0"></a> | ||
# [1.2.0](https://github.com/zkat/make-fetch-happen/compare/v1.1.0...v1.2.0) (2017-04-03) | ||
### Features | ||
* **integrity:** full Subresource Integrity support (#10) ([a590159](https://github.com/zkat/make-fetch-happen/commit/a590159)) | ||
<a name="1.1.0"></a> | ||
@@ -7,0 +17,0 @@ # [1.1.0](https://github.com/zkat/make-fetch-happen/compare/v1.0.1...v1.1.0) (2017-04-01) |
21
index.js
@@ -10,2 +10,3 @@ 'use strict' | ||
const retry = require('promise-retry') | ||
let ssri | ||
const Stream = require('stream') | ||
@@ -26,3 +27,2 @@ const url = require('url') | ||
finalOpts = {} | ||
// TODO - merge headers | ||
Object.keys(_opts).forEach(k => { finalOpts[k] = _opts[k] }) | ||
@@ -51,2 +51,5 @@ Object.keys(opts).forEach(k => { finalOpts[k] = opts[k] }) | ||
} | ||
if (opts.integrity && !ssri) { | ||
ssri = require('ssri') | ||
} | ||
opts.cacheManager = opts.cacheManager && ( | ||
@@ -78,3 +81,3 @@ typeof opts.cacheManager === 'string' | ||
}) | ||
return opts.cacheManager.match(req, opts.cacheOpts).then(res => { | ||
return opts.cacheManager.match(req, opts).then(res => { | ||
if (res) { | ||
@@ -246,2 +249,16 @@ const warningCode = (res.headers.get('Warning') || '').match(/^\d+/) | ||
return fetch(req).then(res => { | ||
if (opts.integrity) { | ||
const oldBod = res.body | ||
const newBod = ssri.integrityStream({ | ||
integrity: opts.integrity | ||
}) | ||
oldBod.pipe(newBod) | ||
res.body = newBod | ||
oldBod.once('error', err => { | ||
newBod.emit('error', err) | ||
}) | ||
newBod.once('error', err => { | ||
oldBod.emit('error', err) | ||
}) | ||
} | ||
const cacheCtrl = res.headers.get('cache-control') || '' | ||
@@ -248,0 +265,0 @@ if ( |
{ | ||
"name": "make-fetch-happen", | ||
"version": "1.1.0", | ||
"version": "1.2.0", | ||
"description": "Opinionated, caching, retrying fetch client", | ||
@@ -37,3 +37,3 @@ "main": "index.js", | ||
"bluebird": "^3.5.0", | ||
"cacache": "^6.3.0", | ||
"cacache": "^7.0.1", | ||
"checksum-stream": "^1.0.2", | ||
@@ -45,3 +45,4 @@ "lru-cache": "^4.0.2", | ||
"proxy-agent": "^2.0.0", | ||
"safe-buffer": "^5.0.1" | ||
"safe-buffer": "^5.0.1", | ||
"ssri": "^3.0.2" | ||
}, | ||
@@ -48,0 +49,0 @@ "devDependencies": { |
@@ -66,2 +66,8 @@ # make-fetch-happen [![npm version](https://img.shields.io/npm/v/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![license](https://img.shields.io/npm/l/make-fetch-happen.svg)](https://npm.im/make-fetch-happen) [![Travis](https://img.shields.io/travis/zkat/make-fetch-happen.svg)](https://travis-ci.org/zkat/make-fetch-happen) [![AppVeyor](https://ci.appveyor.com/api/projects/status/github/zkat/make-fetch-happen?svg=true)](https://ci.appveyor.com/project/zkat/make-fetch-happen) [![Coverage Status](https://coveralls.io/repos/github/zkat/make-fetch-happen/badge.svg?branch=latest)](https://coveralls.io/github/zkat/make-fetch-happen?branch=latest) | ||
All participants and maintainers in this project are expected to follow [Code of Conduct](CODE_OF_CONDUCT.md), and just generally be excellent to each other. | ||
Please refer to the [Changelog](CHANGELOG.md) for project history details, too. | ||
Happy hacking! | ||
### API | ||
@@ -279,7 +285,5 @@ | ||
**(NOT IMPLEMENTED YET)** | ||
Matches the response body against the given [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) metadata. If verification fails, the request will fail with an `EBADCHECKSUM` error. | ||
`integrity` may either be a string or an [`ssri`](https://npm.im/ssri) Integrity-like. | ||
`integrity` may either be a string or an [`ssri`](https://npm.im/ssri) `Integrity`-like. | ||
@@ -286,0 +290,0 @@ ##### Example |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
36242
552
305
10
106
1
1
2
+ Addedssri@^3.0.2
+ Addedcacache@7.1.0(transitive)
+ Addedssri@3.0.24.1.6(transitive)
- Removedcacache@6.3.0(transitive)
Updatedcacache@^7.0.1