websocket13 - npm Package Compare versions

Comparing version 1.5.2 to 1.6.0

lib/client.js

@@ -7,2 +7,3 @@ var WS13 = require('./index.js');
 var Https = require('https');
+var TLS = require('tls');
 var Crypto = require('crypto');
@@ -104,3 +105,3 @@
 	this._connectOptions.headers = this.headers;
-	this._connectOptions.agent = false;
+	this._connectOptions.agent = this._getConnectionAgent();
 
@@ -233,1 +234,103 @@ var req = (this.secure ? Https : Http).request(this._connectOptions, (res) => {
 };
+
+WebSocket.prototype._getConnectionAgent = function() {
+	if (!this.options.httpProxy) {
+		return false; // no need to use an agent
+	}
+
+	var wsOpts = this.options;
+	var wsSecure = this.secure;
+	var agent = new (this.secure ? Https : Http).Agent({"keepAlive": false});
+	agent.createConnection = function(options, callback) {
+		var url = parseUrl(wsOpts.httpProxy);
+		url.method = 'CONNECT';
+		url.path = options.host + ':' + options.port;
+		url.localAddress = options.localAddress;
+		url.localPort = options.localPort;
+		if (url.auth) {
+			url.headers = {
+				"Proxy-Authorization": "Basic " + (new Buffer(url.auth, 'utf8')).toString('base64')
+			};
+			delete url.auth;
+		}
+
+		// Make the CONNECT request
+		var finished = false;
+		var req = (url.protocol == "https:" ? Https : Http).request(url);
+		req.end();
+		req.setTimeout(wsOpts.proxyTimeout || 5000);
+
+		req.on('connect', (res, socket, head) => {
+			if (finished) {
+				// This has already errored
+				socket.end();
+				return;
+			}
+
+			finished = true;
+			req.setTimeout(0);
+
+			if (res.statusCode != 200) {
+				callback(new Error("Proxy CONNECT " + res.statusCode + " " + res.statusMessage));
+				return;
+			}
+
+			if (!wsSecure) {
+				// The WebSocket connection won't be secure, so we're done here
+				callback(null, socket);
+				return;
+			}
+
+			var tlsOptions = {"socket": socket};
+			for (var i in options) {
+				if (!options.hasOwnProperty(i)) {
+					continue;
+				}
+
+				if (i.match(/^_/) || ['agent', 'headers'].indexOf(i) != -1) {
+					// Ignore private properties, and "agent" and "headers"
+					continue;
+				}
+
+				tlsOptions[i] = options[i];
+			}
+
+			// The WebSocket connection needs to be secure, so do the TLS handshake with the WS server
+			var tlsSocket = TLS.connect(tlsOptions, () => {
+				if (!tlsSocket.authorized && tlsOptions.rejectUnauthorized !== false) {
+					// Checking this isn't strictly necessary as all versions of Node since 2013 won't call this callback in this case
+					callback(new Error(tlsSocket.authorizationError || "Secure connection failed"));
+					return;
+				}
+
+				// All good!
+				callback(null, tlsSocket);
+			});
+
+			tlsSocket.on('error', (err) => {
+				socket.end();
+				callback(err);
+			});
+		});
+
+		req.on('timeout', () => {
+			if (finished) {
+				return;
+			}
+
+			finished = true;
+			callback(new Error("Proxy connection timed out"));
+		});
+
+		req.on('error', (err) => {
+			if (finished) {
+				return;
+			}
+
+			finished = true;
+			callback(err);
+		});
+	};
+
+	return agent;
+};

package.json

 {
 	"name": "websocket13",
-	"version": "1.5.2",
+	"version": "1.6.0",
 	"description": "Simple WebSocket protocol 13 client with no native or heavy dependencies",
@@ -5,0 +5,0 @@ "author": "Alexander Corn <mckay@doctormckay.com>",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

124155

increased by3.22%

Lines of code

1402

increased by6.45%

Worsened metrics

Number of medium supply chain risk alerts

4

increased by33.33%

No dependency changes