request-ssl
Advanced tools
request-ssl - npm Package Compare versions
Comparing version 0.0.11 to 0.0.12
@@ -14,3 +14,9 @@ var exec = require('child_process').exec; | ||
| ignoreLeaks: false, | ||
| globals: [] | ||
| globals: [ | ||
| 'requestSSLHooks', | ||
| 'requestSSLFingerprints', | ||
| 'requestSSLInsideHook', | ||
| 'requestSSLInitialized', | ||
| 'requestSSLInitializing' | ||
| ] | ||
| }, | ||
@@ -17,0 +23,0 @@ src: tests |
@@ -20,33 +20,17 @@ /** | ||
| urlib = require('url'), | ||
| debug = require('debug')('request-ssl'), | ||
| initialized, | ||
| initializing, | ||
| insideHook, | ||
| hooks; | ||
| debug = require('debug')('request-ssl'); | ||
| // internal variables | ||
| var fingerprints; | ||
| var secureProtocol = 'SSLv23_method'; | ||
| // this is a little brutal but we MUST ensure that we share across the entire | ||
| // memory space the fingerprints otherwise different libraries loading the node | ||
| // module will have conflicts with adding fingerprints. so we attach the hooks | ||
| // to global object to make them a singleton | ||
| if (global.requestSSLHooks) { | ||
| hooks = global.requestSSLHooks; | ||
| // since this library really needs to act as a singleton, we are binding a few | ||
| // commands to global such that all loads of this module will always use the | ||
| // same certificates, etc. since that's a key part of the design | ||
| if (typeof(global.requestSSLHooks)==='undefined') { | ||
| global.requestSSLHooks = []; | ||
| } | ||
| else { | ||
| hooks = []; | ||
| global.requestSSLHooks = hooks; | ||
| if (typeof(global.requestSSLFingerprints)==='undefined') { | ||
| global.requestSSLFingerprints = {}; | ||
| } | ||
| if (global.requestSSLFingerprints) { | ||
| fingerprints = global.requestSSLFingerprints; | ||
| } | ||
| else { | ||
| fingerprints = {}; | ||
| global.requestSSLFingerprints = fingerprints; | ||
| } | ||
| /** | ||
@@ -205,3 +189,3 @@ * shim the request function to do SSL certificate pinning | ||
| var domain = getDomain(url); | ||
| var found = fingerprints[domain]; | ||
| var found = global.requestSSLFingerprints[domain]; | ||
| debug('getFingerprintForURL %s -> %s=%s',url,domain,found); | ||
@@ -213,3 +197,3 @@ if (!found) { | ||
| domain = '*.'+tokens.splice(tokens.length > 1 ? 0 : 1).join('.'); | ||
| found = fingerprints[domain]; | ||
| found = global.requestSSLFingerprints[domain]; | ||
| debug('getFingerprintForURL (wildcard) %s -> %s=%s',url,domain,found); | ||
@@ -244,3 +228,3 @@ } | ||
| debug('addFingerprint %s=%s',name,fingerprint); | ||
| fingerprints[name] = fingerprint; | ||
| global.requestSSLFingerprints[name] = fingerprint; | ||
| }; | ||
@@ -254,3 +238,3 @@ | ||
| debug('removeFingerprint %s',name); | ||
| delete fingerprints[name]; | ||
| delete global.requestSSLFingerprints[name]; | ||
| }; | ||
@@ -263,3 +247,3 @@ | ||
| debug('removeAllFingerprints'); | ||
| fingerprints = {}; | ||
| global.requestSSLFingerprints = {}; | ||
| }; | ||
@@ -292,7 +276,7 @@ | ||
| request.Request.prototype.init = function() { | ||
| debug('init called',insideHook); | ||
| debug('init called',global.requestSSLInsideHook); | ||
| var self = this, | ||
| args = arguments; | ||
| if (initializing && !insideHook) { | ||
| if (global.requestSSLInitializing && !global.requestSSLInsideHook) { | ||
| debug('init need to retry'); | ||
@@ -304,3 +288,3 @@ return setTimeout(function(){ | ||
| } | ||
| if (insideHook || initialized || !hooks || hooks.length === 0) { | ||
| if (global.requestSSLInsideHook || global.requestSSLInitialized || !global.requestSSLHooks || global.requestSSLHooks.length === 0) { | ||
| debug('init is calling real init'); | ||
@@ -312,5 +296,5 @@ return patchedInit.apply(this, arguments); | ||
| var done = function() { | ||
| initializing = false; | ||
| initialized = true; | ||
| global.requestSSLHooks = hooks = null; | ||
| global.requestSSLInitializing = false; | ||
| global.requestSSLInitialized = true; | ||
| global.requestSSLHooks = null; | ||
| // unpatch ourselves | ||
@@ -324,7 +308,7 @@ request.Request.prototype.init = patchedInit; | ||
| debug('next hook'); | ||
| var hook = hooks[index++]; | ||
| var hook = global.requestSSLHooks[index++]; | ||
| if (hook) { | ||
| debug('init hook',hook); | ||
| // if async | ||
| insideHook = true; | ||
| global.requestSSLInsideHook = true; | ||
| if (hook.length > 0) { | ||
@@ -342,3 +326,3 @@ debug('calling a hook async'); | ||
| } | ||
| insideHook = false; | ||
| global.requestSSLInsideHook = false; | ||
| } | ||
@@ -350,3 +334,3 @@ else { | ||
| }; | ||
| initializing = true; | ||
| global.requestSSLInitializing = true; | ||
| nextHook(); | ||
@@ -365,7 +349,7 @@ }; | ||
| Request.registerInitializer = function registerInitializer(callback) { | ||
| if (initialized) { | ||
| if (global.requestSSLInitialized) { | ||
| return callback.length ? callback(function(){}) : callback(); | ||
| } | ||
| debug('registerInitializer %o',callback); | ||
| hooks.push(callback); | ||
| global.requestSSLHooks.push(callback); | ||
| }; | ||
@@ -372,0 +356,0 @@ |
| { | ||
| "name": "request-ssl", | ||
| "version": "0.0.11", | ||
| "version": "0.0.12", | ||
| "description": "Pinned SSL version of the Request library", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.73%
34211
Worsened metrics
- Lines of code
- decreased by-1.6%
491