solr-proxy - npm Package Compare versions

Comparing version 7.0.0 to 8.0.0

bin/solr-proxy.js

@@ -7,2 +7,6 @@ #!/usr/bin/env node
 
-cli.argv(argv, console.log, SolrProxy)
+async function run () {
+  await cli.argv(argv, console.log, SolrProxy)
+}
+
+run()

index.js

@@ -1,3 +0,2 @@
-const httpProxy = require('http-proxy')
-const extend = require('xtend')
+const fastify = require('fastify')
 
@@ -9,2 +8,9 @@ // To enable verbose logging, set environment variable:
 
+const deny = function (req, res) {
+  debug('DENIED: ' + req.method + ' ' + req.url)
+  // res.writeHead(403, 'Forbidden')
+  // res.write('solrProxy: access denied\n')
+  res.code(403).send('Forbidden')
+}
+
 /*
@@ -16,13 +22,9 @@ * Returns true if the request satisfies the following conditions:
  */
-const validateRequest = function (request, options) {
-  const parsedUrl = new URL(request.url, 'https://www.example.com/')
+const validateRequest = async function (options, req, res) {
+  const parsedUrl = new URL(req.url, 'https://www.example.com/')
   const path = parsedUrl.pathname
   const queryParams = Array.from(parsedUrl.searchParams)
 
-  if (options.validHttpMethods.indexOf(request.method) === -1) {
-    return false
-  }
-
   if (options.validPaths.indexOf(path) === -1) {
-    return false
+    return deny(req, res)
   }
@@ -50,5 +52,4 @@
   })) {
-    return false
+    return deny(req, res)
   }
-
   return true
@@ -62,6 +63,3 @@ }
   invalidParams: ['qt', 'stream'],
-  backend: {
-    host: 'localhost',
-    port: 8983
-  },
+  upstream: 'http://localhost:8983',
   maxRows: 200,
@@ -73,30 +71,22 @@ maxStart: 1000
   debug('Creating server with options: %j', options)
-  const proxy = httpProxy.createProxyServer({ target: options.backend })
 
-  proxy.on('error', function (err, req, res) {
-    res.writeHead(502, { 'Content-Type': 'text/plain' })
-    res.end('Proxy error: ' + err)
-  })
-
-  let createServer
+  let server
   if (options.ssl) {
-    const https = require('https')
-    createServer = (callback) => https.createServer(options.ssl, callback)
+    server = fastify({ https: options.ssl })
   } else {
-    const http = require('http')
-    createServer = http.createServer
+    server = fastify()
   }
 
-  // adapted from https://git.io/k5dCxQ
-  const server = createServer(function (request, response) {
-    if (validateRequest(request, options)) {
-      debug('ALLOWED: ' + request.method + ' ' + request.url)
-      proxy.web(request, response)
-    } else {
-      debug('DENIED: ' + request.method + ' ' + request.url)
-      response.writeHead(403, 'Illegal request')
-      response.write('solrProxy: access denied\n')
-      response.end()
-    }
+  server.register(require('fastify-http-proxy'), {
+    upstream: options.upstream,
+    httpMethods: options.validHttpMethods,
+    preHandler: validateRequest.bind(null, options)
   })
+
+  server.setErrorHandler(function (err, req, res) {
+    debug('ERROR: ' + err)
+    // Send error response
+    res.status(502).send('Bad gateway')
+  })
+
   return server
@@ -106,6 +96,6 @@ }
 const SolrProxy = {
-  start: function (port, options) {
-    options = options || {}
-    options.backend = extend(defaultOptions.backend, options.backend)
-    options = extend(defaultOptions, options)
+  start: async function (port, options = {}) {
+    for (const option in defaultOptions) {
+      options[option] = options[option] || defaultOptions[option]
+    }
 
@@ -115,3 +105,3 @@ port = port || options.listenPort
     const server = createServer(options)
-    server.listen(port)
+    await server.listen(port)
     return server
@@ -118,0 +108,0 @@ }

lib/cli/argv.js

 const createProxyOptions = function (argv) {
-  const proxyOptions = {
-    backend: {}
-  }
+  const proxyOptions = {}
 
-  if (argv.backendPort) {
-    proxyOptions.backend.port = argv.backendPort
+  if (argv.upstream) {
+    proxyOptions.upstream = argv.upstream
   }
 
-  if (argv.backendHost) {
-    proxyOptions.backend.host = argv.backendHost
-  }
-
   if (argv.validMethods) {
@@ -37,20 +31,21 @@ proxyOptions.validHttpMethods = argv.validMethods.split(',')
 
-module.exports = function (argv, stdout, SolrProxy) {
+module.exports = async function (argv, stdout, SolrProxy) {
   const usageMessage = 'Usage: solr-proxy [options]\n' +
     '\n' +
-    'Options:\n' +
-    '  --port           Listen on this port                 [default: 8008]\n' +
-    '  --backendPort    Solr backend port                   [default: 8983]\n' +
-    '  --backendHost    Solr backend host                   [default: "localhost"]\n' +
-    '  --validPaths     Allowed paths (comma delimited)     [default: "/solr/select"]\n' +
-    '  --invalidParams  Blocked parameters (comma           [default: "qt,stream"]\n' +
-    '                   delimited)\n' +
-    '  --validMethods   Allowed HTTP methods (comma         [default: "GET"]\n' +
-    '                   delimited)\n' +
-    '  --maxRows        Maximum rows permitted in a request [default: 200]\n' +
-    '  --maxStart       Maximum start offset permitted in a [default: 1000]\n' +
-    '                   request\n' +
-    '  --quiet, -q      Do not write messages to STDOUT\n' +
-    '  --version, -v    Show version\n' +
-    '  --help, -h       Show this message'
+   'Options:\n' +
+   '--port          Listen on this port         [default: 8008]\n' +
+   '--upstream      Solr backend                [default: "http://localhost:8983"]\n' +
+   '--validPaths    Allowed paths (comma        [default: "/solr/select"]\n' +
+   '                delimited)\n' +
+   '--invalidParams Blocked parameters (comma   [default: "qt,stream"]\n' +
+   '                delimited)\n' +
+   '--validMethods  Allowed HTTP methods (comma [default: "GET"]\n' +
+   '                delimited)\n' +
+   '--maxRows       Maximum rows permitted in a [default: 200]\n' +
+   '                request\n' +
+   '--maxStart      Maximum start offset        [default: 1000]\n' +
+   '                permitted in a request\n' +
+   '--quiet, -q     Do not write messages to STDOUT\n' +
+   '--version, -v   Show version\n' +
+   '--help, -h      Show this message'
 
@@ -75,4 +70,4 @@ if (argv.help || argv.h) {
 
-  SolrProxy.start(argv.port, proxyOptions)
+  await SolrProxy.start(argv.port, proxyOptions)
   stdout('solr-proxy is running...')
 }

package.json

@@ -10,3 +10,3 @@ {
   ],
-  "version": "7.0.0",
+  "version": "8.0.0",
   "author": "Rich Trott <rtrott@gmail.com>",
@@ -33,5 +33,5 @@ "bugs": {
   "dependencies": {
-    "http-proxy": "^1.18.1",
-    "minimist": "^1.2.0",
-    "xtend": "^4.0.2"
+    "fastify": "^3.27.1",
+    "fastify-http-proxy": "^6.2.2",
+    "minimist": "^1.2.0"
   },
@@ -38,0 +38,0 @@ "devDependencies": {

README.md

@@ -38,16 +38,17 @@ solr-proxy
 Options:
-  --port           Listen on this port                 [default: 8008]
-  --backendPort    Solr backend port                   [default: 8983]
-  --backendHost    Solr backend host                   [default: "localhost"]
-  --validPaths     Allowed paths (comma delimited)     [default: "/solr/select"]
-  --invalidParams  Blocked parameters (comma           [default: "qt,stream"]
-                   delimited)
-  --validMethods   Allowed HTTP methods (comma         [default: "GET"]
-                   delimited)
-  --maxRows        Maximum rows permitted in a request [default: 200]
-  --maxStart       Maximum start offset permitted in a [default: 1000]
-                   request
-  --quiet, -q      Do not write messages to STDOUT
-  --version, -v    Show version
-  --help, -h       Show this message
+  --port          Listen on this port         [default: 8008]
+  --upstream      Solr backend                [default: "http://localhost:8983"]
+  --validPaths    Allowed paths (comma        [default: "/solr/select"]
+                  delimited)
+  --invalidParams Blocked parameters (comma   [default: "qt,stream"]
+                  delimited)
+  --validMethods  Allowed HTTP methods (comma [default: "GET"]
+                  delimited)
+  --maxRows       Maximum rows permitted in a [default: 200]
+                  request
+  --maxStart      Maximum start offset        [default: 1000]
+                  permitted in a request
+  --quiet, -q     Do not write messages to STDOUT
+  --version, -v   Show version
+  --help, -h      Show this message
 ```
@@ -58,4 +59,4 @@
 ```js
-var SolrProxy = require('solr-proxy');
-SolrProxy.start();
+const SolrProxy = require('solr-proxy')
+await SolrProxy.start()
 ```
@@ -72,11 +73,8 @@
 ```js
-var defaultOptions = {
+const defaultOptions = {
   validHttpMethods: ['GET'],        // all other HTTP methods will be disallowed
   validPaths: ['/solr/select'],     // all other paths will be denied
   invalidParams: ['qt', 'stream'],  // blocks requests with params qt or stream.* (all other params are allowed)
-  backend: {                        // proxy to solr at this location
-    host: 'localhost',
-    port: 8080
-  }
-};
+  upstream: 'http://localhost:8008' // proxy to solr at this location
+}
 ```
@@ -88,3 +86,3 @@
 ```js
-var options = {
+const options = {
   ssl: {
@@ -94,9 +92,6 @@ key: fs.readFileSync('key.pem'),
   }
-};
-var proxy = SolrProxy.start(null, options);
+}
+const proxy = await SolrProxy.start(null, options);
 ```
 
-To enable verbose logging, set environment variable `DEBUG` to include
-`solr-proxy`.
-
 Default Rules
@@ -103,0 +98,0 @@ -------------

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 3 instances in 1 package

Improved metrics

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Total package byte prevSize

10899

decreased by-5.96%

Lines of code

155

decreased by-6.63%

Number of lines in readme file

114

decreased by-4.2%

Dependency changes

• + Addedfastify@^3.27.1

• + Addedfastify-http-proxy@^6.2.2

• + Added@fastify/ajv-compiler@1.1.0(transitive)

• + Added@fastify/error@2.0.0(transitive)

• + Addedabstract-logging@2.0.1(transitive)

• + Addedajv@6.12.68.17.1(transitive)

• + Addedarchy@1.0.0(transitive)

• + Addedatomic-sleep@1.0.0(transitive)

• + Addedavvio@7.2.5(transitive)

• + Addedcookie@0.5.0(transitive)

• + Addeddebug@4.4.0(transitive)

• + Addeddeepmerge@4.3.1(transitive)

• + Addeddepd@2.0.0(transitive)

• + Addedend-of-stream@1.4.4(transitive)

• + Addedfast-content-type-parse@1.1.0(transitive)

• + Addedfast-decode-uri-component@1.0.1(transitive)

• + Addedfast-deep-equal@3.1.3(transitive)

• + Addedfast-json-stable-stringify@2.1.0(transitive)

• + Addedfast-json-stringify@2.7.13(transitive)

• + Addedfast-redact@3.5.0(transitive)

• + Addedfast-safe-stringify@2.1.1(transitive)

• + Addedfast-uri@3.0.6(transitive)

• + Addedfastify@3.29.5(transitive)

• + Addedfastify-http-proxy@6.2.26.3.0(transitive)

• + Addedfastify-plugin@3.0.1(transitive)

• + Addedfastify-reply-from@6.6.06.7.0(transitive)

• + Addedfastq@1.19.0(transitive)

• + Addedfind-my-way@4.5.1(transitive)

• + Addedflatstr@1.0.12(transitive)

• + Addedforwarded@0.2.0(transitive)

• + Addedhttp-errors@2.0.0(transitive)

• + Addedinherits@2.0.4(transitive)

• + Addedipaddr.js@1.9.1(transitive)

• + Addedjson-schema-traverse@0.4.11.0.0(transitive)

• + Addedlight-my-request@4.12.0(transitive)

• + Addedms@2.1.3(transitive)

• + Addedonce@1.4.0(transitive)

• + Addedpino@6.14.0(transitive)

• + Addedpino-std-serializers@3.2.0(transitive)

• + Addedprocess-warning@1.0.0(transitive)

• + Addedproxy-addr@2.0.7(transitive)

• + Addedpump@3.0.2(transitive)

• + Addedpunycode@2.3.1(transitive)

• + Addedqueue-microtask@1.2.3(transitive)

• + Addedquick-format-unescaped@4.0.4(transitive)

• + Addedrequire-from-string@2.0.2(transitive)

• + Addedret@0.2.2(transitive)

• + Addedreusify@1.0.4(transitive)

• + Addedrfdc@1.4.1(transitive)

• + Addedsafe-regex2@2.0.0(transitive)

• + Addedsecure-json-parse@2.7.0(transitive)

• + Addedsemver@7.7.1(transitive)

• + Addedsemver-store@0.3.0(transitive)

• + Addedset-cookie-parser@2.7.1(transitive)

• + Addedsetprototypeof@1.2.0(transitive)

• + Addedsonic-boom@1.4.1(transitive)

• + Addedstatuses@2.0.1(transitive)

• + Addedstring-similarity@4.0.4(transitive)

• + Addedtiny-lru@8.0.2(transitive)

• + Addedtoidentifier@1.0.1(transitive)

• + Addedundici@4.16.0(transitive)

• + Addeduri-js@4.4.1(transitive)

• + Addedwrappy@1.0.2(transitive)

• + Addedws@8.18.0(transitive)

• - Removedhttp-proxy@^1.18.1

• - Removedxtend@^4.0.2

• - Removedeventemitter3@4.0.7(transitive)

• - Removedfollow-redirects@1.15.9(transitive)

• - Removedhttp-proxy@1.18.1(transitive)

• - Removedrequires-port@1.0.0(transitive)

• - Removedxtend@4.0.2(transitive)