request - npm Package Compare versions

Comparing version 2.37.0 to 2.38.0

index.js

@@ -70,4 +70,12 @@ // Copyright 2010-2012 Mikeal Rogers
       var params = initParams(uri, opts, callback)
-      for (var i in options) {
-        if (params.options[i] === undefined) params.options[i] = options[i]
+      Object.keys(options).forEach(function (key) {
+        if (key !== 'headers' && params.options[key] === undefined) {
+          params.options[key] = options[key]
+        }
+      })
+      if (options.headers) {
+        var headers = {}
+        util._extend(headers, options.headers)
+        util._extend(headers, params.options.headers)
+        params.options.headers = headers
       }
@@ -74,0 +82,0 @@ if(typeof requester === 'function') {

package.json

@@ -10,7 +10,7 @@ {
   ],
-  "version": "2.37.0",
+  "version": "2.38.0",
   "author": "Mikeal Rogers <mikeal.rogers@gmail.com>",
   "repository": {
     "type": "git",
-    "url": "http://github.com/mikeal/request.git"
+    "url": "https://github.com/mikeal/request.git"
   },
@@ -39,3 +39,4 @@ "bugs": {
     "hawk": "1.1.1",
-    "aws-sign2": "~0.5.0"
+    "aws-sign2": "~0.5.0",
+    "stringstream": "~0.0.4"
   },
@@ -42,0 +43,0 @@ "scripts": {

README.md

@@ -257,3 +257,3 @@ # Request -- Simplified HTTP client
 * `strictSSL` - If `true`, requires SSL certificates be valid. **Note:** to use your own certificate authority, you need to specify an agent that was created with that CA as an option.
-* `jar` - If `true`, remember cookies for future use (or define your custom cookie jar; see examples section)
+* `jar` - If `true` and `tough-cookie` is installed, remember cookies for future use (or define your custom cookie jar; see examples section)
 * `aws` - `object` containing AWS signing information. Should have the properties `key`, `secret`. Also requires the property `bucket`, unless you’re specifying your `bucket` as part of the path, or the request doesn’t use a bucket (i.e. GET Services)
@@ -369,3 +369,3 @@ * `httpSignature` - Options for the [HTTP Signature Scheme](https://github.com/joyent/node-http-signature/blob/master/http_signing.md) using [Joyent's library](https://github.com/joyent/node-http-signature). The `keyId` and `key` properties must be specified. See the docs for other options.
 
-Cookies are disabled by default (else, they would be used in subsequent requests). To enable cookies, set `jar` to `true` (either in `defaults` or `options`).
+Cookies are disabled by default (else, they would be used in subsequent requests). To enable cookies, set `jar` to `true` (either in `defaults` or `options`) and install `tough-cookie`.
 
@@ -392,2 +392,3 @@ ```javascript
 ```javascript
+// `npm install --save tough-cookie` before this works
 var j = request.jar()
@@ -394,0 +395,0 @@ var cookie = request.cookie('your_cookie_here')

request.js

@@ -21,2 +21,3 @@ var optional = require('./lib/optional')
   , _safeStringify = require('json-stringify-safe')
+  , stringstream = optional('stringstream')
 
@@ -146,2 +147,12 @@ , ForeverAgent = require('forever-agent')
 
+  if(!self.hasOwnProperty('proxy')) {
+    // check for HTTP(S)_PROXY environment variables
+    if(self.uri.protocol == "http:") {
+        self.proxy = process.env.HTTP_PROXY || process.env.http_proxy || null;
+    } else if(self.uri.protocol == "https:") {
+        self.proxy = process.env.HTTPS_PROXY || process.env.https_proxy || 
+                     process.env.HTTP_PROXY || process.env.http_proxy || null;
+    }
+  }
+  
   if (self.proxy) {
@@ -161,3 +172,5 @@ if (typeof self.proxy == 'string') self.proxy = url.parse(self.proxy)
                           , rejectUnauthorized: self.rejectUnauthorized
-                          , ca: this.ca }
+                          , ca: this.ca
+                          , cert:this.cert
+                          , key: this.key}
 
@@ -403,28 +416,39 @@ self.agent = tunnelFn(tunnelOptions)
 
-      if (self._form) {
-        self.setHeaders(self._form.getHeaders())
-        try {
-          var length = self._form.getLengthSync()
-          if (!self.hasHeader('content-length')) self.setHeader('content-length', length)
-        } catch(e){}
-        self._form.pipe(self)
-      }
-      if (self.body) {
-        if (Array.isArray(self.body)) {
-          self.body.forEach(function (part) {
-            self.write(part)
-          })
-        } else {
-          self.write(self.body)
+      var end = function () {
+        if (self._form) {
+          self._form.pipe(self)
         }
-        self.end()
-      } else if (self.requestBodyStream) {
-        console.warn("options.requestBodyStream is deprecated, please pass the request object to stream.pipe.")
-        self.requestBodyStream.pipe(self)
-      } else if (!self.src) {
-        if (self.method !== 'GET' && typeof self.method !== 'undefined') {
-          self.setHeader('content-length', 0)
+        if (self.body) {
+          if (Array.isArray(self.body)) {
+            self.body.forEach(function (part) {
+              self.write(part)
+            })
+          } else {
+            self.write(self.body)
+          }
+          self.end()
+        } else if (self.requestBodyStream) {
+          console.warn("options.requestBodyStream is deprecated, please pass the request object to stream.pipe.")
+          self.requestBodyStream.pipe(self)
+        } else if (!self.src) {
+          if (self.method !== 'GET' && typeof self.method !== 'undefined') {
+            self.setHeader('content-length', 0)
+          }
+          self.end()
         }
-        self.end()
       }
+
+      if (self._form && !self.hasHeader('content-length')) {
+        // Before ending the request, we had to compute the length of the whole form, asyncly
+        self.setHeaders(self._form.getHeaders())
+        self._form.getLength(function (err, length) {
+          if (!err) {
+            self.setHeader('content-length', length)
+          }
+          end()
+        })
+      } else {
+        end()
+      }
+
       self.ntick = true
@@ -956,5 +980,9 @@ })
         console.error("Ignoring encoding parameter as this stream is being piped to another stream which makes the encoding option invalid.")
+      } else if (dataStream.setEncoding) {
+        dataStream.setEncoding(self.encoding)
       } else {
-        // gz streams don't have setEncoding in v0.8
-        if (dataStream.setEncoding) dataStream.setEncoding(self.encoding)
+        // Should only occur on node pre-v0.9.4 (joyent/node@9b5abe5) with
+        // zlib streams.
+        // If/When support for 0.9.4 is dropped, this should be unnecessary.
+        dataStream = dataStream.pipe(stringstream(self.encoding))
       }
@@ -961,0 +989,0 @@ }

New alerts

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

203046

increased by110.22%

Lines of code

1477

increased by2.29%

Number of lines in readme file

409

increased by0.25%

Worsened metrics

Dependency count

13

increased by8.33%

Number of low supply chain risk alerts

19

increased by171.43%

No dependency changes