Socket
Socket
Sign inDemoInstall

postman-request

Package Overview
Dependencies
23
Maintainers
3
Versions
61
Alerts
File Explorer

Advanced tools

npm Scripts
License

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 2.79.1-postman.4 to 2.80.1-postman.1

3

lib/helpers.js

@@ -5,2 +5,3 @@ 'use strict'

, crypto = require('crypto')
, Buffer = require('safe-buffer').Buffer

@@ -39,3 +40,3 @@ var defer = typeof setImmediate === 'undefined'

function toBase64 (str) {
return (new Buffer(str || '', 'utf8')).toString('base64')
return Buffer.from(str || '', 'utf8').toString('base64')
}

@@ -42,0 +43,0 @@

3

lib/multipart.js

@@ -6,2 +6,3 @@ 'use strict'

, isstream = require('isstream')
, Buffer = require('safe-buffer').Buffer

@@ -75,3 +76,3 @@

}
return chunked ? body.append(part) : body.push(new Buffer(part))
return chunked ? body.append(part) : body.push(Buffer.from(part))
}

@@ -78,0 +79,0 @@

3

lib/oauth.js

@@ -9,2 +9,3 @@ 'use strict'

, crypto = require('crypto')
, Buffer = require('safe-buffer').Buffer

@@ -74,3 +75,3 @@

return new Buffer(sha1).toString('base64')
return Buffer.from(sha1).toString('base64')
}

@@ -77,0 +78,0 @@

65

lib/url-parse.js
var url = require('url')
, urlEncoder = require('postman-url-encoder')
, EMPTY = ''
, STRING = 'string'
, PERCENT = '%'
, AMPERSAND = '&'

@@ -10,62 +10,4 @@ , EQUALS = '='

, parse
, isPreEncoded
, percentEncode
percentEncode = function percentEncode(c) {
var hex = c.toString(16).toUpperCase();
(hex.length === 1) && (hex = '0' + hex)
return PERCENT + hex
}
isPreEncoded = function isPreEncoded(buffer, i) {
// If it is % check next two bytes for percent encode characters
// looking for pattern %00 - %FF
return (buffer[i] === 0x25 &&
(isPreEncodedCharacter(buffer[i+1]) &&
isPreEncodedCharacter(buffer[i+2]))
)
}
isPreEncodedCharacter = function isPreEncodedCharacter(byte) {
return (byte >= 0x30 && byte <= 0x39) || // 0-9
(byte >= 0x41 && byte <= 0x46) || // A-F
(byte >= 0x61 && byte <= 0x66) // a-f
}
charactersToPercentEncode = function charactersToPercentEncode(byte) {
return (byte < 0x23 || byte > 0x7E || // Below # and after ~
byte === 0x3C || byte === 0x3E || // > and <
byte === 0x28 || byte === 0x29 || // ( and )
byte === 0x25 || // %
byte === 0x27 || // '
byte === 0x2A // *
)
}
/**
* Percent partialEncode a query string according to RFC 3986
*
* @param value
* @returns {string}
*/
partialEncode = function (value) {
if (!value) { return '' }
var buffer = new Buffer(value),
ret = '',
i
for (i = 0; i < buffer.length; ++i) {
if (charactersToPercentEncode(buffer[i]) && !isPreEncoded(buffer, i)) {
ret += percentEncode(buffer[i])
} else {
ret += String.fromCodePoint(buffer[i]) // Only works in ES6 (available in Node v4+)
}
}
return ret
}
/**
* Parses a query string into an array, preserving parameter values

@@ -125,6 +67,6 @@ *

if (value === null) {
return partialEncode(key)
return urlEncoder.encode(key)
}
return partialEncode(key) + EQUALS + partialEncode(value)
return urlEncoder.encode(key) + EQUALS + urlEncoder.encode(value)
}).join(AMPERSAND) : ''

@@ -165,2 +107,1 @@ }

module.exports.stringify = stringify
module.exports.partialEncode = partialEncode

15

package.json
{
"name": "postman-request",
"description": "Simplified HTTP request client.",
"tags": [
"keywords": [
"http",

@@ -10,3 +10,3 @@ "simple",

],
"version": "2.79.1-postman.4",
"version": "2.80.1-postman.1",
"repository": {

@@ -29,3 +29,3 @@ "type": "git",

"aws4": "^1.2.1",
"caseless": "~0.11.0",
"caseless": "~0.12.0",
"combined-stream": "~1.0.5",

@@ -35,3 +35,3 @@ "extend": "~3.0.0",

"form-data": "~2.1.1",
"har-validator": "~4.2.0",
"har-validator": "~4.2.1",
"hawk": "~3.1.3",

@@ -44,7 +44,10 @@ "http-signature": "~1.1.0",

"oauth-sign": "~0.8.1",
"postman-url-encoder": "^1.0.0",
"performance-now": "^0.2.0",
"qs": "~6.3.0",
"safe-buffer": "^5.0.1",
"stringstream": "~0.0.4",
"tough-cookie": "~2.3.0",
"tunnel-agent": "~0.4.1",
"uuid": "^3.0.1"
"tunnel-agent": "^0.6.0",
"uuid": "^3.0.0"
},

@@ -51,0 +54,0 @@ "scripts": {

55

README.md

@@ -13,6 +13,6 @@

request('http://www.google.com', function (error, response, body) {
if (!error && response.statusCode == 200) {
console.log(body) // Show the HTML for the Google homepage.
}
})
console.log('error:', error); // Print the error if one occurred
console.log('statusCode:', response && response.statusCode); // Print the response status code if a response was received
console.log('body:', body); // Print the HTML for the Google homepage.
});
```

@@ -181,3 +181,3 @@

filename: 'topsecret.jpg',
contentType: 'image/jpg'
contentType: 'image/jpeg'
}

@@ -284,3 +284,3 @@ }

`sendImmediately` defaults to `true`, which causes a basic or bearer
authentication header to be sent. If `sendImmediately` is `false`, then
authentication header to be sent. If `sendImmediately` is `false`, then
`request` will retry with a proper authentication header after receiving a

@@ -291,3 +291,3 @@ `401` response from the server (which must contain a `WWW-Authenticate` header

Note that you can also specify basic authentication using the URL itself, as
detailed in [RFC 1738](http://www.ietf.org/rfc/rfc1738.txt). Simply pass the
detailed in [RFC 1738](http://www.ietf.org/rfc/rfc1738.txt). Simply pass the
`user:password` before the host with an `@` sign:

@@ -357,3 +357,3 @@

[OAuth version 1.0](https://tools.ietf.org/html/rfc5849) is supported. The
[OAuth version 1.0](https://tools.ietf.org/html/rfc5849) is supported. The
default signing algorithm is

@@ -477,3 +477,3 @@ [HMAC-SHA1](https://tools.ietf.org/html/rfc5849#section-3.4.2):

By default, when proxying `http` traffic, request will simply make a
standard proxied `http` request. This is done by making the `url`
standard proxied `http` request. This is done by making the `url`
section of the initial line of the request a fully qualified url to

@@ -494,3 +494,3 @@ the endpoint.

or other features, it is generally simpler to go with a
straightforward HTTP proxy in this case. However, if you would like
straightforward HTTP proxy in this case. However, if you would like
to force a tunneling proxy, you may set the `tunnel` option to `true`.

@@ -719,3 +719,3 @@

- `uri` || `url` - fully qualified uri or a parsed url object from `url.parse()`
- `baseUrl` - fully qualified uri string used as the base url. Most useful with `request.defaults`, for example when you want to do many requests to the same domain. If `baseUrl` is `https://example.com/api/`, then requesting `/end/point?test=true` will fetch `https://example.com/api/end/point?test=true`. When `baseUrl` is given, `uri` must also be a string.
- `baseUrl` - fully qualified uri string used as the base url. Most useful with `request.defaults`, for example when you want to do many requests to the same domain. If `baseUrl` is `https://example.com/api/`, then requesting `/end/point?test=true` will fetch `https://example.com/api/end/point?test=true`. When `baseUrl` is given, `uri` must also be a string.
- `method` - http method (default: `"GET"`)

@@ -730,3 +730,3 @@ - `headers` - http headers (default: `{}`)

- `useQuerystring` - If true, use `querystring` to stringify and parse
querystrings, otherwise use `qs` (default: `false`). Set this option to
querystrings, otherwise use `qs` (default: `false`). Set this option to
`true` if you need arrays to be serialized as `foo=bar&foo=baz` instead of the

@@ -750,3 +750,3 @@ default `foo[0]=bar&foo[1]=baz`.

- `postambleCRLF` - append a newline/CRLF at the end of the boundary of your `multipart/form-data` request.
- `json` - sets `body` to JSON representation of value and adds `Content-type: application/json` header. Additionally, parses the response body as JSON.
- `json` - sets `body` to JSON representation of value and adds `Content-type: application/json` header. Additionally, parses the response body as JSON.
- `jsonReviver` - a [reviver function](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse) that will be passed to `JSON.parse()` when parsing a JSON response body.

@@ -757,3 +757,3 @@ - `jsonReplacer` - a [replacer function](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify) that will be passed to `JSON.stringify()` when stringifying a JSON request body.

- `auth` - A hash containing values `user` || `username`, `pass` || `password`, and `sendImmediately` (optional). See documentation above.
- `auth` - A hash containing values `user` || `username`, `pass` || `password`, and `sendImmediately` (optional). See documentation above.
- `oauth` - Options for OAuth HMAC-SHA1 signing. See documentation above.

@@ -775,3 +775,3 @@ - `hawk` - Options for [Hawk signing](https://github.com/hueniverse/hawk). The `credentials` key must contain the necessary signing info, [see hawk docs for details](https://github.com/hueniverse/hawk#usage-example).

- `encoding` - Encoding to be used on `setEncoding` of response data. If `null`, the `body` is returned as a `Buffer`. Anything else **(including the default value of `undefined`)** will be passed as the [encoding](http://nodejs.org/api/buffer.html#buffer_buffer) parameter to `toString()` (meaning this is effectively `utf8` by default). (**Note:** if you expect binary data, you should set `encoding: null`.)
- `gzip` - If `true`, add an `Accept-Encoding` header to request compressed content encodings from the server (if not already present) and decode supported content encodings in the response. **Note:** Automatic decoding of the response content is performed on the body data returned through `request` (both through the `request` stream and passed to the callback function) but is not performed on the `response` stream (available from the `response` event) which is the unmodified `http.IncomingMessage` object which may contain compressed data. See example below.
- `gzip` - If `true`, add an `Accept-Encoding` header to request compressed content encodings from the server (if not already present) and decode supported content encodings in the response. **Note:** Automatic decoding of the response content is performed on the body data returned through `request` (both through the `request` stream and passed to the callback function) but is not performed on the `response` stream (available from the `response` event) which is the unmodified `http.IncomingMessage` object which may contain compressed data. See example below.
- `jar` - If `true`, remember cookies for future use (or define your custom cookie jar; see examples section)

@@ -788,3 +788,3 @@

- Note that if you are sending multiple requests in a loop and creating
multiple new `pool` objects, `maxSockets` will not work as intended. To
multiple new `pool` objects, `maxSockets` will not work as intended. To
work around this, either use [`request.defaults`](#requestdefaultsoptions)

@@ -820,3 +820,20 @@ with your pool options or create the pool object with the `maxSockets`

- `time` - If `true`, the request-response cycle (including all redirects) is timed at millisecond resolution, and the result provided on the response's `elapsedTime` property. The `responseStartTime` property is also available to indicate the timestamp when the response begins.
- `time` - If `true`, the request-response cycle (including all redirects) is timed at millisecond resolution. When set, the following properties are added to the response object:
- `elapsedTime` Duration of the entire request/response in milliseconds (*deprecated*).
- `responseStartTime` Timestamp when the response began (in Unix Epoch milliseconds) (*deprecated*).
- `timingStart` Timestamp of the start of the request (in Unix Epoch milliseconds).
- `timings` Contains event timestamps in millisecond resolution relative to `timingStart`. If there were redirects, the properties reflect the timings of the final request in the redirect chain:
- `socket` Relative timestamp when the [`http`](https://nodejs.org/api/http.html#http_event_socket) module's `socket` event fires. This happens when the socket is assigned to the request.
- `lookup` Relative timestamp when the [`net`](https://nodejs.org/api/net.html#net_event_lookup) module's `lookup` event fires. This happens when the DNS has been resolved.
- `connect`: Relative timestamp when the [`net`](https://nodejs.org/api/net.html#net_event_connect) module's `connect` event fires. This happens when the server acknowledges the TCP connection.
- `response`: Relative timestamp when the [`http`](https://nodejs.org/api/http.html#http_event_response) module's `response` event fires. This happens when the first bytes are received from the server.
- `end`: Relative timestamp when the last bytes of the response are received.
- `timingPhases` Contains the durations of each request phase. If there were redirects, the properties reflect the timings of the final request in the redirect chain:
- `wait`: Duration of socket initialization (`timings.socket`)
- `dns`: Duration of DNS lookup (`timings.lookup` - `timings.socket`)
- `tcp`: Duration of TCP connection (`timings.connect` - `timings.socket`)
- `firstByte`: Duration of HTTP server response (`timings.response` - `timings.connect`)
- `download`: Duration of HTTP download (`timings.end` - `timings.response`)
- `total`: Duration entire HTTP round-trip (`timings.end`)
- `har` - A [HAR 1.2 Request Object](http://www.softwareishard.com/blog/har-12-spec/#request), will be processed from HAR format into options overwriting matching values *(see the [HAR 1.2 section](#support-for-har-1.2) for details)*

@@ -828,3 +845,3 @@ - `callback` - alternatively pass the request's callback in the options object

1. An `error` when applicable (usually from [`http.ClientRequest`](http://nodejs.org/api/http.html#http_class_http_clientrequest) object)
2. An [`http.IncomingMessage`](https://nodejs.org/api/http.html#http_class_http_incomingmessage) object
2. An [`http.IncomingMessage`](https://nodejs.org/api/http.html#http_class_http_incomingmessage) object (Response object)
3. The third is the `response` body (`String` or `Buffer`, or JSON object if the `json` option is supplied)

@@ -1012,3 +1029,3 @@

For backwards-compatibility, response compression is not supported by default.
To accept gzip-compressed responses, set the `gzip` option to `true`. Note
To accept gzip-compressed responses, set the `gzip` option to `true`. Note
that the body data passed through `request` is automatically decompressed

@@ -1015,0 +1032,0 @@ while the response object is unmodified and will contain compressed data if

109

request.js

@@ -33,2 +33,4 @@ 'use strict'

, Tunnel = require('./lib/tunnel').Tunnel
, now = require('performance-now')
, Buffer = require('safe-buffer').Buffer

@@ -294,9 +296,6 @@ var safeStringify = helpers.safeStringify

var hostHeaderName = self.originalHostHeaderName || 'host'
self.setHeader(hostHeaderName, self.uri.hostname)
if (self.uri.port) {
if ( !(self.uri.port === 80 && self.uri.protocol === 'http:') &&
!(self.uri.port === 443 && self.uri.protocol === 'https:') ) {
self.setHeader(hostHeaderName, self.getHeader('host') + (':' + self.uri.port) )
}
}
// When used with an IPv6 address, `host` will provide
// the correct bracketed format, unlike using `hostname` and
// optionally adding the `port` when necessary.
self.setHeader(hostHeaderName, self.uri.host)
self.setHost = true

@@ -419,2 +418,4 @@ }

self.timing = true
// NOTE: elapsedTime is deprecated in favor of .timings
self.elapsedTime = self.elapsedTime || 0

@@ -425,3 +426,3 @@ }

if (isTypedArray(self.body)) {
self.body = new Buffer(self.body)
self.body = Buffer.from(self.body)
}

@@ -722,2 +723,12 @@

if (self.timing) {
// All timings will be relative to this request's startTime. In order to do this,
// we need to capture the wall-clock start time (via Date), immediately followed
// by the high-resolution timer (via now()). While these two won't be set
// at the _exact_ same time, they should be close enough to be able to calculate
// high-resolution, monotonically non-decreasing timestamps relative to startTime.
var startTime = new Date().getTime()
var startTimeNow = now()
}
if (self._aborted) {

@@ -764,3 +775,8 @@ return

if (self.timing) {
self.startTime = new Date().getTime()
self.startTime = startTime
self.startTimeNow = startTimeNow
// Timing values will all be relative to startTime (by comparing to startTimeNow
// so we have an accurate clock)
self.timings = {}
}

@@ -783,2 +799,27 @@

self.req.on('socket', function(socket) {
// `._connecting` was the old property which was made public in node v6.1.0
var isConnecting = socket._connecting || socket.connecting
if (self.timing) {
self.timings.socket = now() - self.startTimeNow
if (isConnecting) {
var onLookupTiming = function() {
self.timings.lookup = now() - self.startTimeNow
}
var onConnectTiming = function() {
self.timings.connect = now() - self.startTimeNow
}
socket.once('lookup', onLookupTiming)
socket.once('connect', onConnectTiming)
// clean up timing event listeners if needed on error
self.req.once('error', function() {
socket.removeListener('lookup', onLookupTiming)
socket.removeListener('connect', onConnectTiming)
})
}
}
var setReqTimeout = function() {

@@ -800,4 +841,2 @@ // This timeout sets the amount of time to wait *between* bytes sent

}
// `._connecting` was the old property which was made public in node v6.1.0
var isConnecting = socket._connecting || socket.connecting
if (timeout !== undefined) {

@@ -866,8 +905,48 @@ // Only start the connection timer if we're actually connecting a new

var self = this
if (self.timing) {
self.timings.response = now() - self.startTimeNow
}
debug('onRequestResponse', self.uri.href, response.statusCode, response.headers)
response.on('end', function() {
if (self.timing) {
self.elapsedTime += (new Date().getTime() - self.startTime)
debug('elapsed time', self.elapsedTime)
self.timings.end = now() - self.startTimeNow
response.timingStart = self.startTime
// fill in the blanks for any periods that didn't trigger, such as
// no lookup or connect due to keep alive
if (!self.timings.socket) {
self.timings.socket = 0
}
if (!self.timings.lookup) {
self.timings.lookup = self.timings.socket
}
if (!self.timings.connect) {
self.timings.connect = self.timings.lookup
}
if (!self.timings.response) {
self.timings.response = self.timings.connect
}
debug('elapsed time', self.timings.end)
// elapsedTime includes all redirects
self.elapsedTime += Math.round(self.timings.end)
// NOTE: elapsedTime is deprecated in favor of .timings
response.elapsedTime = self.elapsedTime
// timings is just for the final fetch
response.timings = self.timings
// pre-calculate phase timings as well
response.timingPhases = {
wait: self.timings.socket,
dns: self.timings.lookup - self.timings.socket,
tcp: self.timings.connect - self.timings.lookup,
firstByte: self.timings.response - self.timings.connect,
download: self.timings.end - self.timings.response,
total: self.timings.end
}
}

@@ -1021,2 +1100,4 @@ debug('response end', self.uri.href, response.statusCode, response.headers)

self.responseStartTime = (new Date()).getTime()
// NOTE: responseStartTime is deprecated in favor of .timings
response.responseStartTime = self.responseStartTime

@@ -1106,3 +1187,3 @@ }

if (typeof response.body === 'undefined' && !self._json) {
response.body = self.encoding === null ? new Buffer(0) : ''
response.body = self.encoding === null ? Buffer.alloc(0) : ''
}

@@ -1109,0 +1190,0 @@ self.emit('complete', response, response.body)

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc