Pluggable, versatile and middleware-oriented full featured HTTP/S proxy with traffic replay and intercept
Pluggable, full featured and middleware-oriented HTTP/S proxy with versatile routing layer, traffic interceptor and replay to multiple backends, built-in balancer, hierarchical configuration and more. Built for node.js/io.js. Compatible with connect/express.
rocky can be fluently used programmatically or via command-line interface.
To get started, take a look to the how does it work, basic usage, examples and third-party middleware
Requires node.js +0.12 or io.js +1.6
rocky could be useful?npm install rocky --save
For command-line interface usage, install it as global package:
npm install -g rocky
Packaged using nar. Shipped with node.js 0.12.6
chmod +x rocky-0.2.0-linux-x64.nar
./rocky-0.2.0-linux-x64.nar exec --port 3000 --config rocky.toml
Migrating systems if not a trivial thing, and it's even more complex if we're talking about production systems that require high availability. Taking care of consistency and public interface contract should be a premise in most cases.
rocky was initially created to become an useful tool for assisting during a backend migration strategy. However, it could be useful for many other scenarios.
rocky was designed with versatility in mind, with a small core and clean codebase, and very focused on extensibility providing multiple layers of extensibility, such as middleware, which could be considered as well like a kind of hooks in some way.
so it can work as a standalone HTTP proxy or integrated in your existent node.js backend, powered by express/connect or a raw http server.
rocky will take care of HTTP routing, discerning traffic and forwarding/replaying it accordingly to your desired new backend.
rocky is relative young but production focused package.
Version 0.1.x was wrote during my free time in less than 10 days (mostly at night during the weekend), therefore it could be considered in beta stage.
Version 0.2.x introduces significant improvements, a more consistent API and handy features to extend rocky via its multiple middleware layers. This version is more focused on stability and production focused, however it's only recommended to use it in non-hostile environments.
beta - First version. Initially released at 25.06.2015.beta - Currently under development.rocky could be useful in multiple scenarios, but a common and representative use case scenario could be the following:
|==============|
| The Internet |
|==============|
||||
|==============|
| HTTP proxy |
|~~~~~~~~~~~~~~|
| Rocky Router |
|~~~~~~~~~~~~~~|
| Middleware |
|==============|
|| |
(duplex) // \ (one-way)
// \
// \
/----------\ /----------\ /----------\
| target | | replay 1 | -> | replay 2 | (*N)
\----------/ \----------/ \----------/
rocky provides a build-in featured and powerful connect-style middleware that allow
you to augment its functionality easily.
The middleware layer is compatible with
rocky introduces multiple types of middleware layers based on the same interface and behavior of connect/express middleware.
This was introduced in order to achieve in a more responsive way multiple traffic flows in the scope of a HTTP proxy.
Those flows are intrinsicly correlated but might be handled in a completely different way. The goal is to allowing you to handle them acordingly, acting in the middle of those phases to augment some functionality or react to some event with better precisision.
Supported types of middleware are:
.use([path], function (req, res, next)) - Dispachted on every matched route for both forward and replay phases..useForward(function (req, res, next)) - Dispached before forwarding a request..useReplay(function (req, res, next)) - Dispached before starting each replay request..useParam(param, function (req, res, next)) - Dispached on every matched param on route path. Only available as global middleware.The following diagram explains the request flow and how the different middleware layers are involved in it:
↓ ( Incoming request ) ↓
↓ || ↓
↓ --------------------- ↓
↓ [ Global middleware ] ↓ --> Dispatch on every incoming request
↓ --------------------- ↓
↓ || ↓
↓ ----------------- ↓
↓ | Route handler | ↓ --> Match a configured route
↓ ----------------- ↓
↓ ||| ↓
↓ / \ ↓
↓ / \ ↓
↓ / \ ↓
↓ [ Forward ] [ Replay ] ↓ --> Dispatch both middleware in separated flows
↓ \ / ↓
↓ \ / ↓
↓ \ / ↓
↓ ------------------ ↓
↓ | HTTP dispacher | ↓ --> Send requests over the network, separately
↓ ------------------ ↓
Middleware behavior and interface are the same like connect/express,
so you can create middleware as you already know with the notation function(req, res, next)
Note that you can use any other existent middleware plug in rocky as part of your connect/express app.
Additionally, rocky provides some built-in middleware functions that you can plug in different types of middleware.
Start rocky HTTP proxy server
Usage: rocky [options]
Options:
--help, -h Show help [boolean]
--config, -c File path to TOML config file
--port, -p rocky HTTP server port
--forward, -f Default forward server URL
--replay, -r Define a replay server URL
--key, -k Path to SSL key file
--cert, -e Path to SSL certificate file
--secure, -s Enable SSL certification validation
--balance, -b Define server URLs to balance between, separated by commas
--debug, -d Enable debug mode [boolean]
-v, --version Show version number [boolean]
Examples:
rocky -c rocky.toml \
-f http://127.0.0.1:9000 \
-r http://127.0.0.1
Passing the config file:
rocky --config rocky.toml --port 8080 --debug
Reading config from stdin:
cat rocky.toml | rocky --port 8080 --debug
Transparent rocky.toml file discovery in current and higher directories:
rocky --port 8080
Supported params
string - Default forward URLboolean - Enable debug mode. Default falsestring - <url string to be parsed with the url modulearray<string> - Optional replay server URLs. Via API you should use the replay() methodarray<url> - Define the URLs to balance. Via API you should use the balance() methodstring - url string to be parsed with the url modulenumber - Timeout for request socketnumber - Timeout for proxy request socketobject - object to be passed to http(s).request. See node.js https docsobject - object to be passed to https.createServer()
string - Path to SSL certificate filestring - Path to SSL key fileboolean - true/false, if you want to proxy websocketsboolean - true/false, adds x-forward headersboolean - true/false, verify SSL certificateboolean - true/false, explicitly specify if we are proxying to another proxyboolean - true/false, Default: true - specify whether you want to prepend the target's path to the proxy pathboolean - true/false, Default: false - specify whether you want to ignore the proxy path of the incoming requestboolean - <Local interface string to bind for outgoing connectionsboolean - <true/false, Default: false - changes the origin of the host header to the target URLboolean - Basic authentication i.e. 'user:password' to compute an Authorization header.boolean - rewrites the location hostname on (301/302/307/308) redirects, Default: null.boolean - rewrites the location host/port on (301/302/307/308) redirects based on requested host/port. Default: false.boolean - rewrites the location protocol on (301/302/307/308) redirects to 'http' or 'https'. Default: null.boolean - Only valid for replay request. Forward the original body instead of the transformed oneobject - Specific router params
boolean - When false trailing slashes are optional (default: false)boolean - When true the routing will be case sensitive. (default: false)boolean - When true any req.params passed to the router will be
merged into the router's req.params. (default: false)Default configuration file name: rocky.toml
The configuration file must be declared in TOML language
port = 8080
forward = "http://google.com"
replay = ["http://duckduckgo.com"]
[ssl]
cert = "server.crt"
key = "server.key"
[/users/:id]
method = "all"
forward = "http://new.server"
[/oauth]
method = "all"
forward = "http://auth.server"
[/*]
method = "GET"
forward = "http://old.server"
[/download/:file]
method = "GET"
timeout = 5000
balance = ["http://1.file.server", "http://2.file.server"]
[/photo/:name]
method = "GET"
[[replay]]
target = "http://old.server"
forwardHost = true
[[replay]]
target = "http://backup.server"
Example using Express
var rocky = require('rocky')
var express = require('express')
// Set up the express server
var app = express()
// Set up the rocky proxy
var proxy = rocky()
// Default proxy config
proxy
.forward('http://new.server')
.replay('http://old.server')
.replay('http://log.server')
.options({ forwardHost: true })
// Configure the routes to forward/replay
proxy
.get('/users/:id')
proxy
.get('/download/:file')
.balance(['http://1.file.server', 'http://2.file.server'])
// Plug in the rocky middleware
app.use(proxy.middleware())
// Old route (won't be called since it will be intercepted by rocky)
app.get('/users/:id', function () { /* ... */ })
app.listen(3000)
Example using the built-in HTTP server
var rocky = require('rocky')
var proxy = rocky()
// Default proxy config
proxy
.forward('http://new.server')
.replay('http://old.server', { forwardOriginalBody: true })
.options({ forwardHost: true })
.on('proxy:error', function (err) {
console.error('Error:', err)
})
.on('proxyReq', function (proxyReq, req, res, opts) {
console.log('Proxy request:', req.url, 'to', opts.target)
})
.on('proxyRes', function (proxyRes, req, res) {
console.log('Proxy response:', req.url, 'with status', res.statusCode)
})
// Configure the routes to forward/replay
proxy
.get('/users/:id')
// Overwrite the path
.toPath('/profile/:id')
// Add custom headers
.headers({
'Authorization': 'Bearer 0123456789'
})
proxy
.get('/search')
// Overwrite the forward URL for this route
.forward('http://another.server')
// Use a custom middleware for validation purposes
.use(function (req, res, next) {
if (req.headers['Autorization'] !== 'Bearer 012345678') {
res.statusCode = 401
return res.end()
}
next()
})
// Intercept and transform the response body before sending it to the client
.transformResponseBody(function (req, res, next) {
// Get the body buffer and parse it (assuming it's a JSON)
var body = JSON.parse(res.body.toString())
// Compose the new body
var newBody = JSON.stringify({ salutation: 'hello ' + body.hello })
// Send the new body in the request
next(null, newBody)
})
proxy.listen(3000)
For more usage cases, take a look at the examples
Creates a new rocky instance with the given options.
You can pass any of the allowed params at configuration level and any supported http-proxy options
Alias: target
Define a default target URL to forward the request
Add a server URL to replay the incoming request
opts param provide specific replay options, overwritting the parent options.
Define/overwrite rocky server options.
You can pass any of the supported options by http-proxy.
Use the given middleware to handle all http methods on the given path, defaulting to the root path.
Alias: param()
Maps the specified path parameter name to a specialized param-capturing middleware.
The middleware stack is the same as .use().
Use a given middleware to handle the replay traffic.
Use a custom middleware for a specific phase. Supported phase names are: forward, 'replay'.
This method is used internally, but it's also public since it could be useful for dynamic programmatic middleware configuration, instead of using the shortcut methods such as: useReplay or useForward.
Define a set of URLs to balance between with a simple round-robin like scheduler.
Subscribe to a proxy event. See support events here
Remove an event by its handler function. See support events here
Remove an event by its handler function. See support events here
Remove all the subscribers to the given event. See support events here
Return: Function(req, res, next)
Return a connect/express compatible middleware
Raw HTTP request/response handler.
Starts a HTTP proxy server in the given port
Close the HTTP proxy server, if exists.
Shortcut to rocky#server.close(cb)
Return: Route
Add a route handler for the given path for all HTTP methods
Return: Route
Configure a new route the given path with GET method
Return: Route
Configure a new route the given path with POST method
Return: Route
Configure a new route the given path with PUT method
Return: Route
Configure a new route the given path with DELETE method
Return: Route
Configure a new route the given path with PATCH method
Return: Route
Configure a new route the given path with HEAD method
Internal router instance
HTTP/HTTPS server instance.
Only present if listen() was called starting the built-in server.
Alias: target
Overwrite forward server for the current route.
Overwrite replay servers for the current route.
opts param provide specific replay options, overwritting the parent options.
Define a set of URLs to balance between with a simple round-robin like scheduler.
Shortcut method to intercept and reply the incoming request.
If used, body param must be a string or buffer
Overwrite the request path, defining additional optional params.
Define or overwrite request headers
Overwrite the Host header value when forward the request
This method implements a non-instrusive native http.IncommingMessage stream wrapper that allow you to intercept and transform the request body received from the client before sending it to the target server.
The middleware argument must a function which accepts the following arguments: function(req, res, next)
The filter arguments is optional and it can be a string, regexp or function(req) which should return boolean if the request passes the filter. The default check value by string or regexp test is the Content-Type header.
In the middleware function must call the next function, which accepts the following arguments: err, newBody, encoding
You can see an usage example here.
Caution: using this middleware could generate in some scenarios negative performance side-effects, since the whole payload data will be buffered in the heap until it's finished. Don't use it if you need to handle large payloads.
The body will be exposed as raw Buffer or String on both properties body and originalBody in http.ClientRequest:
rocky
.post('/users')
.transformRequestBody(function (req, res, next) {
// Get the body buffer and parse it (assuming it's a JSON)
var body = JSON.parse(req.body.toString())
// Compose the new body
var newBody = JSON.stringify({ salutation: 'hello ' + body.hello })
// Set the new body
next(null, newBody, 'utf8')
}, function (req) {
// Custom filter
return /application\/json/i.test(req.headers['content-type'])
})
This method implements a non-instrusive native http.RequestResponse stream wrapper that allow you to intercept and transform the response body received from the target server before sending it to the client.
The middleware argument must a function which accepts the following arguments: function(req, res, next)
The filter arguments is optional and it can be a string, regexp or function(res) which should return boolean if the request passes the filter. The default check value by string or regexp test is the Content-Type header.
In the middleware function must call the next function, which accepts the following arguments: err, newBody, encoding
You can see an usage example here.
Caution: using this middleware could generate in some scenarios negative performance side-effects since the whole payload data will be buffered in the heap until it's finished. Don't use it if you need to handle large payloads.
The body will be exposed as raw Buffer or String on both properties body and originalBody in http.ClientResponse:
rocky
.post('/users')
.transformResponseBody(function (req, res, next) {
// Get the body buffer and parse it (assuming it's a JSON)
var body = JSON.parse(res.body.toString())
// Compose the new body
var newBody = JSON.stringify({ salutation: 'hello ' + body.hello })
// Set the new body
next(null, newBody, 'utf8')
}, function (res) {
// Custom filter
return /application\/json/i.test(res.getHeader('content-type'))
})
Overwrite default proxy options for the current route. You can pass any supported option by http-proxy
Add custom middleware to the specific route.
Subscribes to a specific event for the given route. Useful to incercept the status or modify the options on-the-fly
opts, proxyReq, req, res - Fired when the request forward startsopts, proxyRes, req, res - Fired when the target server responderr, req, res - Fired when the proxy request failserr, req, res - Fired when cannot forward/replay the request or middleware errorparams, opts, req - Fired before a replay request startsopts, err, req, res - Fired when the replay request failserr, req, res - Fired on server middleware error. Only available if running as standalone HTTP serverreq, res - Fired on missing route. Only available if running as standalone HTTP serverFor more information about events, see the events fired by http-proxy
Subscribes to a specific event for the given route, and unsubscribes after dispatched
Remove an event by its handler function in the current route
Create a standalone rocky server with the given config options.
See the supported config fields
var config = {
'forward': 'http://google.com',
'/search': {
method: 'GET',
forward: 'http://duckduckgo.com'
replay: ['http://bing.com', 'http://yahoo.com']
},
'/users/:id': {
method: 'all'
},
'/*': {
method: 'all',
forward: 'http://bing.com'
}
}
rocky.create(config)
Expose the built-in internal middleware functions.
You can reuse them as standard middleware in diferent ways, like this:
rocky()
.all('/*')
.use(rocky.middleware.headers({
'Authorization': 'Bearer 0123456789'
}))
.useReplay(rocky.middleware.host('replay.server.net'))
Intercept and optionally transform/replace the request body before forward it to the target server.
See rocky#transformRequestBody for more details.
Intercept and optionally transform/replace the response body from the server before send it to the client.
See rocky#transformResponseBody for more details.
Overrites the request URL path of the incoming request before forward/replay it.
Add/extend custom headers to the incoming request before forward/replay it.
Overwrite the Host header before forwarding/replaying the request. Useful for some scenarios (e.g Heroku).
Shortcut method to reply the intercepted request from the middleware, with optional headers and body data.
Accessor for the http-proxy API
Current rocky package semver
MIT - Tomas Aparicio
FAQs
Full-featured, middleware-oriented, hackable HTTP and WebSocket proxy
The npm package rocky receives a total of 1,785 weekly downloads. As such, rocky popularity was classified as popular.
We found that rocky demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
Security News
A Stanford study reveals 9.5% of engineers contribute almost nothing, costing tech $90B annually, with remote work fueling the rise of "ghost engineers."