simple-get
Advanced tools
Comparing version 4.0.0 to 4.0.1
@@ -47,2 +47,3 @@ /*! simple-get. MIT License. Feross Aboukhadijeh <https://feross.org/opensource> */ | ||
const originalHost = opts.hostname // hostname before potential redirect | ||
const protocol = opts.protocol === 'https:' ? https : http // Support http/https urls | ||
@@ -55,2 +56,9 @@ const req = protocol.request(opts, res => { | ||
const redirectHost = url.parse(opts.url).hostname // eslint-disable-line node/no-deprecated-api | ||
// If redirected host is different than original host, drop headers to prevent cookie leak (#73) | ||
if (redirectHost !== null && redirectHost !== originalHost) { | ||
delete opts.headers.cookie | ||
delete opts.headers.authorization | ||
} | ||
if (opts.method === 'POST' && [301, 302].includes(res.statusCode)) { | ||
@@ -57,0 +65,0 @@ opts.method = 'GET' // On 301/302 redirect, change POST to GET (see #35) |
{ | ||
"name": "simple-get", | ||
"description": "Simplest way to make http get requests. Supports HTTPS, redirects, gzip/deflate, streams in < 100 lines.", | ||
"version": "4.0.0", | ||
"version": "4.0.1", | ||
"author": { | ||
@@ -6,0 +6,0 @@ "name": "Feross Aboukhadijeh", |
@@ -1,5 +0,5 @@ | ||
# simple-get [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] | ||
# simple-get [![ci][ci-image]][ci-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][downloads-url] [![javascript style guide][standard-image]][standard-url] | ||
[travis-image]: https://img.shields.io/travis/feross/simple-get/master.svg | ||
[travis-url]: https://travis-ci.org/feross/simple-get | ||
[ci-image]: https://img.shields.io/github/workflow/status/feross/simple-get/ci/master | ||
[ci-url]: https://github.com/feross/simple-get/actions | ||
[npm-image]: https://img.shields.io/npm/v/simple-get.svg | ||
@@ -257,2 +257,16 @@ [npm-url]: https://npmjs.org/package/simple-get | ||
### Basic Auth | ||
```js | ||
const user = 'someuser' | ||
const pass = 'pa$$word' | ||
const encodedAuth = Buffer.from(`${user}:${pass}`).toString('base64') | ||
get('http://example.com', { | ||
headers: { | ||
authorization: `Basic ${encodedAuth}` | ||
} | ||
}) | ||
``` | ||
### OAuth | ||
@@ -259,0 +273,0 @@ |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
14971
6
91
334