Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

rock-req

Package Overview
Dependencies
Maintainers
1
Versions
8
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

rock-req - npm Package Compare versions

Comparing version 5.0.0 to 5.0.1

15

index.js

@@ -39,5 +39,6 @@ module.exports = extend()

const { hostname, port, protocol, auth, path } = url.parse(opts.url) // eslint-disable-line node/no-deprecated-api
if (!hostname && !port && !protocol && !auth) opts.path = path // Relative redirect
if (!hostname && !port && !protocol && !auth) opts.path = path // Relative path with hostname set
else Object.assign(opts, { hostname, port, protocol, auth, path }) // Absolute redirect
}
const originalRequest = { hostname: opts.hostname, port: opts.port, protocol: opts.protocol, auth: opts.auth, path: opts.path }
opts = opts.beforeRequest(opts)

@@ -62,3 +63,2 @@

const originalHost = opts.hostname // hostname before potential redirect
const protocol = opts.protocol === 'https:' ? https : http // Support http/https urls

@@ -95,7 +95,10 @@ const chunks = []

res.resume() // Discard response, consume data until the end to free up memory. Mandatory!
opts.url = res.headers.location // Follow 3xx redirects
delete opts.headers.host // Discard `host` header on redirect (see #32)
const redirectHost = url.parse(opts.url).hostname // eslint-disable-line node/no-deprecated-api
// If redirected host is different than original host, drop headers to prevent cookie leak (#73)
if (redirectHost !== null && redirectHost !== originalHost) {
opts.url = res.headers.location
const redirectTo = url.parse(opts.url) // eslint-disable-line node/no-deprecated-api
if (redirectTo.hostname === null) { // relative redirect
opts.url = null
Object.assign(opts, originalRequest)
opts.path = redirectTo.path
} else if (redirectTo.hostname !== originalRequest.hostname) { // If redirected host is different than original host, drop headers to prevent cookie leak (#73)
delete opts.headers.cookie

@@ -102,0 +105,0 @@ delete opts.headers.authorization

2

package.json
{
"name": "rock-req",
"description": "Zero dependencies (160 LOC) & rock-solid request library: http/https, reliable retry on failure, redirects, gzip/deflate/brotli, extensible, proxy, streams, JSON mode, forms, timeout",
"version": "5.0.0",
"version": "5.0.1",
"author": {

@@ -6,0 +6,0 @@ "name": "David Grelaud & Feross Aboukhadijeh"

@@ -10,8 +10,11 @@

[![javascript style guide][standard-image]][standard-url]
[![npm][npm-image]][npm-url] [![ci][ci-image]][ci-url] [![javascript style guide][standard-image]][standard-url]
[standard-image]: https://img.shields.io/badge/code_style-standard-brightgreen.svg
[standard-url]: https://standardjs.com
[npm-image]: https://img.shields.io/npm/v/rock-req.svg
[npm-url]: https://npmjs.org/package/rock-req
[ci-url]: https://github.com/carboneio/rock-req/actions
[ci-image]: https://img.shields.io/github/actions/workflow/status/carboneio/rock-req/ci.yml?branch=master
## 🔥 Why should you need this?

@@ -234,3 +237,3 @@

The callback is called when all the request succeed or all retries are done
The callback is called when the request succeed or all retries are done

@@ -321,3 +324,3 @@ ```js

`beforeRequest` is always called on each redirect/retry.
- on redirect, `opts.url` (and `hostname`, `port`, `protocol`, `path`) is updated to the new location
- on redirect, `opts.url` (and `hostname`, `port`, `protocol`, `path`) is updated to the new location. `opts.url` is null if it is a relative redirect.
- on retry, `opts.url` (and `hostname`, `port`, `protocol`, `path`) have the same value as they did

@@ -334,3 +337,3 @@ when the rock-req was initially called.

opts.port = 80;
opts.path = `${encodeURIComponent(hostname)}/${port}${path}`;
opts.path = `${hostname}/${port}${path}`;
return opts;

@@ -337,0 +340,0 @@ },

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc