Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

unexpected-mitm

Package Overview
Dependencies
Maintainers
5
Versions
108
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

unexpected-mitm - npm Package Compare versions

Comparing version 9.1.7 to 9.2.0

158

lib/unexpectedMitm.js
/* global setImmediate, process, after, console */
var messy = require('messy'),
createMitm = require('mitm'),
createMitm = require('mitm-papandreou'),
_ = require('underscore'),

@@ -8,2 +8,3 @@ http = require('http'),

fs = require('fs'),
path = require('path'),
stream = require('stream'),

@@ -17,3 +18,25 @@ urlModule = require('url'),

var isNodeZeroTen = !!process.version.match(/v0.10/);
// fallback to an inlined version of 0.12+ path.isAbsolute() for 0.10 compat
var pathIsAbsolute = path.isAbsolute || function (path) {
var len = path.length;
if (len === 0) {
return false;
}
var code = path.charCodeAt(0);
if (code === 47/*/*/ || code === 92/*\*/) {
return true;
} else if ((code >= 65/*A*/ && code <= 90/*Z*/) ||
(code >= 97/*a*/ && code <= 122/*z*/)) {
// Possible device root
if (len > 2 && path.charCodeAt(1) === 58/*:*/) {
code = path.charCodeAt(2);
if (code === 47/*/*/ || code === 92/*\*/) {
return true;
}
}
}
return false;
};
function checkEnvFlag(varName) {

@@ -312,3 +335,3 @@ return process.env[varName] === 'true';

function determineInjectionCallsite(stack) {
function determineCallsite(stack) {
// discard the first frame

@@ -382,2 +405,23 @@ stack.shift();

},
inspect: function (value, depth, output, inspect) {
if (value.length > 32) {
return output.code("new Buffer('" + value.toString('base64') + "', 'base64')", 'javascript');
} else {
// This can be replaced by return this.baseType.inspect.call(this, value, depth, output, inspect)
// if https://github.com/unexpectedjs/unexpected/pull/332 lands:
this.prefix(output, value);
var codeStr = '';
for (var i = 0 ; i < value.length ; i += 1) {
if (i > 0) {
codeStr += ', ';
}
var octet = value[i];
var hex = octet.toString(16).toUpperCase();
codeStr += '0x' + (hex.length === 1 ? '0' : '') + hex;
}
output.code(codeStr, 'javascript');
this.suffix(output, value);
return output;
}
},
prefix: function (output) {

@@ -622,5 +666,3 @@ return output.code('new Buffer([', 'javascript');

return expect.promise(function (resolve, reject) {
var bypassNextConnect = false,
lastHijackedSocket,
lastHijackedSocketOptions;
var bypassNextConnect = false;

@@ -631,11 +673,10 @@ mitm.on('connect', function (socket, opts) {

bypassNextConnect = false;
} else {
lastHijackedSocket = socket;
lastHijackedSocketOptions = opts;
}
}).on('request', createSerializedRequestHandler(function (req, res) {
var clientSocket = req.connection._mitm.client;
var clientSocketOptions = req.connection._mitm.opts;
var metadata = _.extend(
{},
_.pick(lastHijackedSocketOptions.agent && lastHijackedSocketOptions.agent.options, metadataPropertyNames),
_.pick(lastHijackedSocketOptions, metadataPropertyNames)
_.pick(clientSocketOptions.agent && clientSocketOptions.agent.options, metadataPropertyNames),
_.pick(clientSocketOptions, metadataPropertyNames)
),

@@ -698,3 +739,3 @@ recordedExchange = {

recordedExchange.response = err;
lastHijackedSocket.emit('error', err);
clientSocket.emit('error', err);
});

@@ -706,3 +747,3 @@ });

return expect.shift();
}).caught(reject).then(function () {
}).caught(reject).then(function (value) {
recordedExchanges = recordedExchanges.map(trimRecordedExchange);

@@ -713,3 +754,3 @@ if (recordedExchanges.length === 1) {

resolve(recordedExchanges);
resolve([value, recordedExchanges]);
});

@@ -724,3 +765,3 @@ }).finally(function () {

expect
.addAssertion('<any> with http recorded [and injected] <assertion>', function (expect, subject) {
.addAssertion('<any> with http recorded [and injected] [with extra info] <assertion>', function (expect, subject) {
var stack = callsite(),

@@ -734,5 +775,5 @@ injectIntoTest = this.flags['and injected'];

return executeMitm(expect, subject).then(function (recordedExchanges) {
return executeMitm(expect, subject).spread(function (value, recordedExchanges) {
if (injectIntoTest) {
var injectionCallsite = determineInjectionCallsite(stack);
var injectionCallsite = determineCallsite(stack);
if (injectionCallsite) {

@@ -742,5 +783,59 @@ recordPendingInjection(injectionCallsite, recordedExchanges);

}
return recordedExchanges;
if (expect.flags['with extra info']) {
return [value, recordedExchanges];
} else {
return value;
}
});
})
.addAssertion('<any> with http mocked out by file [and verified] [with extra info] <string> <assertion>', function (expect, subject, testFile) {
expect.errorMode = 'nested';
var shouldReturnExtraInfo = expect.flags['with extra info'];
var writeCallsite = determineCallsite(callsite());
if (!pathIsAbsolute(testFile)) {
testFile = path.join(path.dirname(writeCallsite.fileName), testFile);
}
if (checkEnvFlag('UNEXPECTED_MITM_WRITE')) {
return executeMitm(expect, subject).spread(function (fulfilmentValue, recordedExchanges) {
var output = 'module.exports = ' + stringify(recordedExchanges, 4) + ';\n';
fs.writeFileSync(testFile, output);
if (shouldReturnExtraInfo) {
return [recordedExchanges, null, null, testFile];
} else {
return recordedExchanges;
}
});
}
return expect.promise(function () {
var exchanges = require(testFile);
if (typeof exchanges === 'function') {
exchanges = exchanges(expect);
}
return exchanges;
}).then(function (requestDescriptions) {
var nextAssertion = 'with http mocked out';
if (expect.flags['and verified']) {
nextAssertion += ' and verified';
}
nextAssertion += ' with extra info';
expect.args = [subject, nextAssertion, requestDescriptions].concat(expect.args.slice(1));
expect.errorMode = 'bubble';
return expect.promise(function () {
return expect.shift();
}).spread(function (fulfilmentValue, httpConversation, httpConversationSatisfySpec) {
if (shouldReturnExtraInfo) {
return [fulfilmentValue, httpConversation, httpConversationSatisfySpec, testFile];
} else {
return fulfilmentValue;
}
});
});
})
.addAssertion('<any> with http mocked out [and verified] [with extra info] <array|object> <assertion>', function (expect, subject, requestDescriptions) { // ...

@@ -773,18 +868,15 @@ expect.errorMode = 'nested';

var httpConversation = new messy.HttpConversation(),
httpConversationSatisfySpec = {exchanges: []},
lastHijackedSocket,
lastHijackedSocketOptions;
httpConversationSatisfySpec = {exchanges: []};
__lastError = null;
mitm.on('connect', function (socket, opts) {
lastHijackedSocket = socket;
lastHijackedSocketOptions = opts;
if (typeof lastHijackedSocketOptions.port === 'string') {
mitm.on('request', createSerializedRequestHandler(function (req, res) {
var clientSocket = req.connection._mitm.client;
var clientSocketOptions = req.connection._mitm.opts;
if (typeof clientSocketOptions.port === 'string') {
// The port could have been defined as a string in a 3rdparty library doing the http(s) call, and that seems to be valid use of the http(s) module
lastHijackedSocketOptions = _.defaults({
port: parseInt(lastHijackedSocketOptions.port, 10)
}, lastHijackedSocketOptions);
clientSocketOptions = _.defaults({
port: parseInt(clientSocketOptions.port, 10)
}, clientSocketOptions);
}
}).on('request', createSerializedRequestHandler(function (req, res) {
var currentDescription = requestDescriptions.shift(),

@@ -795,4 +887,4 @@ hasRequestDescription = !!currentDescription,

{ encrypted: Boolean(res.connection.encrypted) },
_.pick(lastHijackedSocketOptions, messy.HttpRequest.metadataPropertyNames),
_.pick(lastHijackedSocketOptions && lastHijackedSocketOptions.agent && lastHijackedSocketOptions.agent.options, messy.HttpRequest.metadataPropertyNames)
_.pick(clientSocketOptions, messy.HttpRequest.metadataPropertyNames),
_.pick(clientSocketOptions && clientSocketOptions.agent && clientSocketOptions.agent.options, messy.HttpRequest.metadataPropertyNames)
),

@@ -843,3 +935,3 @@ requestDescription = currentDescription,

// cancel the delegated assertion
lastHijackedSocket.emit('error', new Error('unexpected-mitm: Saw unexpected requests.'));
clientSocket.emit('error', new Error('unexpected-mitm: Saw unexpected requests.'));
// continue with current assertion

@@ -909,3 +1001,3 @@ resolve([null, httpConversation, httpConversationSatisfySpec]);

try {
lastHijackedSocket.emit('error', e);
clientSocket.emit('error', e);
} finally {

@@ -964,3 +1056,3 @@ /*

setImmediate(function () {
lastHijackedSocket.emit('error', mockResponseError);
clientSocket.emit('error', mockResponseError);
assertMockResponse(mockResponse, mockResponseError);

@@ -967,0 +1059,0 @@ });

{
"name": "unexpected-mitm",
"version": "9.1.7",
"version": "9.2.0",
"description": "Unexpected plugin for the mitm library",

@@ -51,3 +51,3 @@ "author": "Andreas Lind <andreas@one.com>",

"messy": "^6.6.1",
"mitm": "1.3.0",
"mitm-papandreou": "1.3.0-patch1",
"underscore": "1.7.0",

@@ -54,0 +54,0 @@ "unexpected-messy": "^6.0.0"

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc