🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

request

Package Overview
Dependencies
Maintainers
4
Versions
126
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

request - npm Package Compare versions

Comparing version

2.78.0
to
2.80.0

2

lib/auth.js
'use strict'
var caseless = require('caseless')
, uuid = require('node-uuid')
, uuid = require('uuid')
, helpers = require('./helpers')

@@ -6,0 +6,0 @@

2

lib/multipart.js
'use strict'
var uuid = require('node-uuid')
var uuid = require('uuid')
, CombinedStream = require('combined-stream')

@@ -5,0 +5,0 @@ , isstream = require('isstream')

2

lib/oauth.js

@@ -6,3 +6,3 @@ 'use strict'

, caseless = require('caseless')
, uuid = require('node-uuid')
, uuid = require('uuid')
, oauth = require('oauth-sign')

@@ -9,0 +9,0 @@ , crypto = require('crypto')

20

package.json
{
"name": "request",
"description": "Simplified HTTP request client.",
"tags": [
"keywords": [
"http",

@@ -10,3 +10,3 @@ "simple",

],
"version": "2.78.0",
"version": "2.80.0",
"author": "Mikeal Rogers <mikeal.rogers@gmail.com>",

@@ -25,6 +25,11 @@ "repository": {

"main": "index.js",
"files": [
"lib/",
"index.js",
"request.js"
],
"dependencies": {
"aws-sign2": "~0.6.0",
"aws4": "^1.2.1",
"caseless": "~0.11.0",
"caseless": "~0.12.0",
"combined-stream": "~1.0.5",

@@ -34,3 +39,3 @@ "extend": "~3.0.0",

"form-data": "~2.1.1",
"har-validator": "~2.0.6",
"har-validator": "~4.2.0",
"hawk": "~3.1.3",

@@ -42,8 +47,9 @@ "http-signature": "~1.1.0",

"mime-types": "~2.1.7",
"node-uuid": "~1.4.7",
"oauth-sign": "~0.8.1",
"performance-now": "^0.2.0",
"qs": "~6.3.0",
"stringstream": "~0.0.4",
"tough-cookie": "~2.3.0",
"tunnel-agent": "~0.4.1"
"tunnel-agent": "~0.4.1",
"uuid": "^3.0.0"
},

@@ -77,3 +83,3 @@ "scripts": {

"tape": "^4.6.0",
"taper": "^0.4.0"
"taper": "^0.5.0"
},

@@ -80,0 +86,0 @@ "greenkeeper": {

51

README.md

@@ -21,6 +21,6 @@

request('http://www.google.com', function (error, response, body) {
if (!error && response.statusCode == 200) {
console.log(body) // Show the HTML for the Google homepage.
}
})
console.log('error:', error); // Print the error if one occurred
console.log('statusCode:', response && response.statusCode); // Print the response status code if a response was received
console.log('body:', body); // Print the HTML for the Google homepage.
});
```

@@ -189,3 +189,3 @@

filename: 'topsecret.jpg',
contentType: 'image/jpg'
contentType: 'image/jpeg'
}

@@ -292,3 +292,3 @@ }

`sendImmediately` defaults to `true`, which causes a basic or bearer
authentication header to be sent. If `sendImmediately` is `false`, then
authentication header to be sent. If `sendImmediately` is `false`, then
`request` will retry with a proper authentication header after receiving a

@@ -299,3 +299,3 @@ `401` response from the server (which must contain a `WWW-Authenticate` header

Note that you can also specify basic authentication using the URL itself, as
detailed in [RFC 1738](http://www.ietf.org/rfc/rfc1738.txt). Simply pass the
detailed in [RFC 1738](http://www.ietf.org/rfc/rfc1738.txt). Simply pass the
`user:password` before the host with an `@` sign:

@@ -365,3 +365,3 @@

[OAuth version 1.0](https://tools.ietf.org/html/rfc5849) is supported. The
[OAuth version 1.0](https://tools.ietf.org/html/rfc5849) is supported. The
default signing algorithm is

@@ -485,3 +485,3 @@ [HMAC-SHA1](https://tools.ietf.org/html/rfc5849#section-3.4.2):

By default, when proxying `http` traffic, request will simply make a
standard proxied `http` request. This is done by making the `url`
standard proxied `http` request. This is done by making the `url`
section of the initial line of the request a fully qualified url to

@@ -502,3 +502,3 @@ the endpoint.

or other features, it is generally simpler to go with a
straightforward HTTP proxy in this case. However, if you would like
straightforward HTTP proxy in this case. However, if you would like
to force a tunneling proxy, you may set the `tunnel` option to `true`.

@@ -727,3 +727,3 @@

- `uri` || `url` - fully qualified uri or a parsed url object from `url.parse()`
- `baseUrl` - fully qualified uri string used as the base url. Most useful with `request.defaults`, for example when you want to do many requests to the same domain. If `baseUrl` is `https://example.com/api/`, then requesting `/end/point?test=true` will fetch `https://example.com/api/end/point?test=true`. When `baseUrl` is given, `uri` must also be a string.
- `baseUrl` - fully qualified uri string used as the base url. Most useful with `request.defaults`, for example when you want to do many requests to the same domain. If `baseUrl` is `https://example.com/api/`, then requesting `/end/point?test=true` will fetch `https://example.com/api/end/point?test=true`. When `baseUrl` is given, `uri` must also be a string.
- `method` - http method (default: `"GET"`)

@@ -738,3 +738,3 @@ - `headers` - http headers (default: `{}`)

- `useQuerystring` - If true, use `querystring` to stringify and parse
querystrings, otherwise use `qs` (default: `false`). Set this option to
querystrings, otherwise use `qs` (default: `false`). Set this option to
`true` if you need arrays to be serialized as `foo=bar&foo=baz` instead of the

@@ -758,3 +758,3 @@ default `foo[0]=bar&foo[1]=baz`.

- `postambleCRLF` - append a newline/CRLF at the end of the boundary of your `multipart/form-data` request.
- `json` - sets `body` to JSON representation of value and adds `Content-type: application/json` header. Additionally, parses the response body as JSON.
- `json` - sets `body` to JSON representation of value and adds `Content-type: application/json` header. Additionally, parses the response body as JSON.
- `jsonReviver` - a [reviver function](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse) that will be passed to `JSON.parse()` when parsing a JSON response body.

@@ -765,6 +765,6 @@ - `jsonReplacer` - a [replacer function](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/JSON/stringify) that will be passed to `JSON.stringify()` when stringifying a JSON request body.

- `auth` - A hash containing values `user` || `username`, `pass` || `password`, and `sendImmediately` (optional). See documentation above.
- `auth` - A hash containing values `user` || `username`, `pass` || `password`, and `sendImmediately` (optional). See documentation above.
- `oauth` - Options for OAuth HMAC-SHA1 signing. See documentation above.
- `hawk` - Options for [Hawk signing](https://github.com/hueniverse/hawk). The `credentials` key must contain the necessary signing info, [see hawk docs for details](https://github.com/hueniverse/hawk#usage-example).
- `aws` - `object` containing AWS signing information. Should have the properties `key`, `secret`. Also requires the property `bucket`, unless you’re specifying your `bucket` as part of the path, or the request doesn’t use a bucket (i.e. GET Services). If you want to use AWS sign version 4 use the parameter `sign_version` with value `4` otherwise the default is version 2. **Note:** you need to `npm install aws4` first.
- `aws` - `object` containing AWS signing information. Should have the properties `key`, `secret`, and optionally `session` (note that this only works for services that require session as part of the canonical string). Also requires the property `bucket`, unless you’re specifying your `bucket` as part of the path, or the request doesn’t use a bucket (i.e. GET Services). If you want to use AWS sign version 4 use the parameter `sign_version` with value `4` otherwise the default is version 2. **Note:** you need to `npm install aws4` first.
- `httpSignature` - Options for the [HTTP Signature Scheme](https://github.com/joyent/node-http-signature/blob/master/http_signing.md) using [Joyent's library](https://github.com/joyent/node-http-signature). The `keyId` and `key` properties must be specified. See the docs for other options.

@@ -783,3 +783,3 @@

- `encoding` - Encoding to be used on `setEncoding` of response data. If `null`, the `body` is returned as a `Buffer`. Anything else **(including the default value of `undefined`)** will be passed as the [encoding](http://nodejs.org/api/buffer.html#buffer_buffer) parameter to `toString()` (meaning this is effectively `utf8` by default). (**Note:** if you expect binary data, you should set `encoding: null`.)
- `gzip` - If `true`, add an `Accept-Encoding` header to request compressed content encodings from the server (if not already present) and decode supported content encodings in the response. **Note:** Automatic decoding of the response content is performed on the body data returned through `request` (both through the `request` stream and passed to the callback function) but is not performed on the `response` stream (available from the `response` event) which is the unmodified `http.IncomingMessage` object which may contain compressed data. See example below.
- `gzip` - If `true`, add an `Accept-Encoding` header to request compressed content encodings from the server (if not already present) and decode supported content encodings in the response. **Note:** Automatic decoding of the response content is performed on the body data returned through `request` (both through the `request` stream and passed to the callback function) but is not performed on the `response` stream (available from the `response` event) which is the unmodified `http.IncomingMessage` object which may contain compressed data. See example below.
- `jar` - If `true`, remember cookies for future use (or define your custom cookie jar; see examples section)

@@ -796,3 +796,3 @@

- Note that if you are sending multiple requests in a loop and creating
multiple new `pool` objects, `maxSockets` will not work as intended. To
multiple new `pool` objects, `maxSockets` will not work as intended. To
work around this, either use [`request.defaults`](#requestdefaultsoptions)

@@ -828,3 +828,14 @@ with your pool options or create the pool object with the `maxSockets`

- `time` - If `true`, the request-response cycle (including all redirects) is timed at millisecond resolution, and the result provided on the response's `elapsedTime` property. The `responseStartTime` property is also available to indicate the timestamp when the response begins.
- `time` - If `true`, the request-response cycle (including all redirects) is timed at millisecond resolution, and the result provided on the response's `elapsedTime` property. The `responseStartTime` property is also available to indicate the timestamp when the response begins. In addition, there is a `.timings` object available with the following properties:
- `start`: Timestamp when `request()` was initialized
- `socket` Timestamp when the [`http`](https://nodejs.org/api/http.html#http_event_socket) module's `socket` event fires. This happens when the socket is assigned to the request (after DNS has been resolved).
- `connect`: Timestamp when the [`http`](https://nodejs.org/api/http.html#http_event_connect) module's `connect` event fires. This happens when the server acknowledges the TCP connection.
- `response`: Timestamp when the [`http`](https://nodejs.org/api/http.html#http_event_response) module's `response` event fires. This happens when the first bytes are received from the server.
- `end`: Timestamp when the last bytes of the response are received.
- `dns`: Duration of DNS lookup (`timings.socket` - `timings.start`)
- `tcp`: Duration of TCP connection (`timings.connect` - `timings.socket`)
- `firstByte`: Duration of HTTP server response (`timings.response` - `timings.connect`)
- `download`: Duration of HTTP download (`timings.end` - `timings.response`)
- `total`: Duration entire HTTP round-trip (`timings.end` - `timings.start`)
- `har` - A [HAR 1.2 Request Object](http://www.softwareishard.com/blog/har-12-spec/#request), will be processed from HAR format into options overwriting matching values *(see the [HAR 1.2 section](#support-for-har-1.2) for details)*

@@ -836,3 +847,3 @@ - `callback` - alternatively pass the request's callback in the options object

1. An `error` when applicable (usually from [`http.ClientRequest`](http://nodejs.org/api/http.html#http_class_http_clientrequest) object)
2. An [`http.IncomingMessage`](https://nodejs.org/api/http.html#http_class_http_incomingmessage) object
2. An [`http.IncomingMessage`](https://nodejs.org/api/http.html#http_class_http_incomingmessage) object (Response object)
3. The third is the `response` body (`String` or `Buffer`, or JSON object if the `json` option is supplied)

@@ -1020,3 +1031,3 @@

For backwards-compatibility, response compression is not supported by default.
To accept gzip-compressed responses, set the `gzip` option to `true`. Note
To accept gzip-compressed responses, set the `gzip` option to `true`. Note
that the body data passed through `request` is automatically decompressed

@@ -1023,0 +1034,0 @@ while the response object is unmodified and will contain compressed data if

73

request.js

@@ -31,2 +31,3 @@ 'use strict'

, Tunnel = require('./lib/tunnel').Tunnel
, now = require('performance-now')

@@ -292,9 +293,6 @@ var safeStringify = helpers.safeStringify

var hostHeaderName = self.originalHostHeaderName || 'host'
self.setHeader(hostHeaderName, self.uri.hostname)
if (self.uri.port) {
if ( !(self.uri.port === 80 && self.uri.protocol === 'http:') &&
!(self.uri.port === 443 && self.uri.protocol === 'https:') ) {
self.setHeader(hostHeaderName, self.getHeader('host') + (':' + self.uri.port) )
}
}
// When used with an IPv6 address, `host` will provide
// the correct bracketed format, unlike using `hostname` and
// optionally adding the `port` when necessary.
self.setHeader(hostHeaderName, self.uri.host)
self.setHost = true

@@ -417,2 +415,4 @@ }

self.timing = true
// NOTE: elapsedTime is deprecated in favor of .timings
self.elapsedTime = self.elapsedTime || 0

@@ -719,2 +719,6 @@ }

if (self.timing) {
var startTime = now()
}
if (self._aborted) {

@@ -756,2 +760,5 @@ return

self.startTime = new Date().getTime()
self.timings = {
start: startTime
}
}

@@ -774,2 +781,9 @@

self.req.on('socket', function(socket) {
if (self.timing) {
self.timings.socket = now()
socket.on('connect', function() {
self.timings.connect = now()
})
}
var setReqTimeout = function() {

@@ -856,8 +870,28 @@ // This timeout sets the amount of time to wait *between* bytes sent

var self = this
if (self.timing) {
self.timings.response = now()
}
debug('onRequestResponse', self.uri.href, response.statusCode, response.headers)
response.on('end', function() {
if (self.timing) {
self.elapsedTime += (new Date().getTime() - self.startTime)
debug('elapsed time', self.elapsedTime)
self.timings.end = now()
self.timings.dns = self.timings.socket - self.timings.start
self.timings.tcp = self.timings.connect - self.timings.socket
self.timings.firstByte = self.timings.response - self.timings.connect
self.timings.download = self.timings.end - self.timings.response
self.timings.total = self.timings.end - self.timings.start
debug('elapsed time', self.timings.total)
// elapsedTime includes all redirects
self.elapsedTime += Math.round(self.timings.total)
// NOTE: elapsedTime is deprecated in favor of .timings
response.elapsedTime = self.elapsedTime
// timings is just for the final fetch
response.timings = self.timings
}

@@ -956,7 +990,16 @@ debug('response end', self.uri.href, response.statusCode, response.headers)

// Be more lenient with decoding compressed responses, since (very rarely)
// servers send slightly invalid gzip responses that are still accepted
// by common browsers.
// Always using Z_SYNC_FLUSH is what cURL does.
var zlibOptions = {
flush: zlib.Z_SYNC_FLUSH
, finishFlush: zlib.Z_SYNC_FLUSH
}
if (contentEncoding === 'gzip') {
responseContent = zlib.createGunzip()
responseContent = zlib.createGunzip(zlibOptions)
response.pipe(responseContent)
} else if (contentEncoding === 'deflate') {
responseContent = zlib.createInflate()
responseContent = zlib.createInflate(zlibOptions)
response.pipe(responseContent)

@@ -1003,2 +1046,4 @@ } else {

self.responseStartTime = (new Date()).getTime()
// NOTE: responseStartTime is deprecated in favor of .timings
response.responseStartTime = self.responseStartTime

@@ -1304,6 +1349,10 @@ }

accessKeyId: opts.key,
secretAccessKey: opts.secret
secretAccessKey: opts.secret,
sessionToken: opts.session
})
self.setHeader('authorization', signRes.headers.Authorization)
self.setHeader('x-amz-date', signRes.headers['X-Amz-Date'])
if (signRes.headers['X-Amz-Security-Token']) {
self.setHeader('x-amz-security-token', signRes.headers['X-Amz-Security-Token'])
}
}

@@ -1310,0 +1359,0 @@ else {

.eslintrc
.npmignore
.travis.yml
codecov.yml
CONTRIBUTING.md
CHANGELOG.md

Sorry, the diff of this file is too big to display