Socket
Socket
Sign inDemoInstall

node-fetch

Package Overview
Dependencies
5
Maintainers
5
Versions
96
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 3.1.1 to 3.2.0

20

package.json
{
"name": "node-fetch",
"version": "3.1.1",
"version": "3.2.0",
"description": "A light-weight module that brings Fetch API to node.js",

@@ -49,3 +49,3 @@ "main": "./src/index.js",

"abortcontroller-polyfill": "^1.7.1",
"busboy": "^0.3.1",
"busboy": "^1.4.0",
"c8": "^7.7.2",

@@ -57,3 +57,2 @@ "chai": "^4.3.4",

"coveralls": "^3.1.0",
"delay": "^5.0.0",
"form-data": "^4.0.0",

@@ -69,3 +68,3 @@ "formdata-node": "^4.2.4",

"data-uri-to-buffer": "^4.0.0",
"fetch-blob": "^3.1.3",
"fetch-blob": "^3.1.4",
"formdata-polyfill": "^4.0.10"

@@ -123,3 +122,14 @@ },

},
"runkitExampleFilename": "example.js"
"runkitExampleFilename": "example.js",
"release": {
"branches": [
"+([0-9]).x",
"main",
"next",
{
"name": "beta",
"prerelease": true
}
]
}
}

58

src/index.js

@@ -24,6 +24,16 @@ /**

import {isRedirect} from './utils/is-redirect.js';
import {FormData} from 'formdata-polyfill/esm.min.js';
import {isDomainOrSubdomain} from './utils/is.js';
import {parseReferrerPolicyFromHeader} from './utils/referrer.js';
import {
Blob,
File,
fileFromSync,
fileFrom,
blobFromSync,
blobFrom
} from 'fetch-blob/from.js';
export {Headers, Request, Response, FetchError, AbortError, isRedirect};
export {FormData, Headers, Request, Response, FetchError, AbortError, isRedirect};
export {Blob, File, fileFromSync, fileFrom, blobFromSync, blobFrom};

@@ -239,3 +249,7 @@ const supportedSchemas = new Set(['data:', 'http:', 'https:']);

let body = pump(response_, new PassThrough(), reject);
let body = pump(response_, new PassThrough(), error => {
if (error) {
reject(error);
}
});
// see https://github.com/nodejs/node/pull/29376

@@ -286,3 +300,7 @@ /* c8 ignore next 3 */

if (codings === 'gzip' || codings === 'x-gzip') {
body = pump(body, zlib.createGunzip(zlibOptions), reject);
body = pump(body, zlib.createGunzip(zlibOptions), error => {
if (error) {
reject(error);
}
});
response = new Response(body, responseOptions);

@@ -297,6 +315,22 @@ resolve(response);

// a hack for old IIS and Apache servers
const raw = pump(response_, new PassThrough(), reject);
const raw = pump(response_, new PassThrough(), error => {
if (error) {
reject(error);
}
});
raw.once('data', chunk => {
// See http://stackoverflow.com/questions/37519828
body = (chunk[0] & 0x0F) === 0x08 ? pump(body, zlib.createInflate(), reject) : pump(body, zlib.createInflateRaw(), reject);
if ((chunk[0] & 0x0F) === 0x08) {
body = pump(body, zlib.createInflate(), error => {
if (error) {
reject(error);
}
});
} else {
body = pump(body, zlib.createInflateRaw(), error => {
if (error) {
reject(error);
}
});
}

@@ -306,2 +340,10 @@ response = new Response(body, responseOptions);

});
raw.once('end', () => {
// Some old IIS servers return zero-length OK deflate responses, so
// 'data' is never emitted. See https://github.com/node-fetch/node-fetch/pull/903
if (!response) {
response = new Response(body, responseOptions);
resolve(response);
}
});
return;

@@ -312,3 +354,7 @@ }

if (codings === 'br') {
body = pump(body, zlib.createBrotliDecompress(), reject);
body = pump(body, zlib.createBrotliDecompress(), error => {
if (error) {
reject(error);
}
});
response = new Response(body, responseOptions);

@@ -315,0 +361,0 @@ resolve(response);

4

src/utils/is.js

@@ -72,5 +72,3 @@ /**

return orig === dest || (
orig[orig.length - dest.length - 1] === '.' && orig.endsWith(dest)
);
return orig === dest || orig.endsWith(`.${dest}`);
};
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc