You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 7-8.RSVP
Socket
Socket
Sign inDemoInstall

whatwg-fetch

Package Overview
Dependencies
Maintainers
3
Versions
51
Alerts
File Explorer

Advanced tools

npm Scripts
License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 3.0.0 to 3.0.1

53

dist/fetch.umd.js

@@ -53,3 +53,3 @@ (function (global, factory) {

}
if (/[^a-z0-9\-#$%&'*+.^_`|~]/i.test(name)) {
if (/[^a-z0-9\-#$%&'*+.^_`|~!]/i.test(name) || name === '') {
throw new TypeError('Invalid character in header field name')

@@ -219,2 +219,13 @@ }

this._initBody = function(body) {
/*
fetch-mock wraps the Response object in an ES6 Proxy to
provide useful test harness features such as flush. However, on
ES5 browsers without fetch or Proxy support pollyfills must be used;
the proxy-pollyfill is unable to proxy an attribute unless it exists
on the object before the Proxy is created. This change ensures
Response.bodyUsed exists on the instance, while maintaining the
semantic of setting Request.bodyUsed in the constructor before
_initBody is called.
*/
this.bodyUsed = this.bodyUsed;
this._bodyInit = body;

@@ -402,3 +413,3 @@ if (!body) {

this.ok = this.status >= 200 && this.status < 300;
this.statusText = 'statusText' in options ? options.statusText : 'OK';
this.statusText = 'statusText' in options ? options.statusText : '';
this.headers = new Headers(options.headers);

@@ -472,19 +483,35 @@ this.url = options.url || '';

var body = 'response' in xhr ? xhr.response : xhr.responseText;
resolve(new Response(body, options));
setTimeout(function() {
resolve(new Response(body, options));
}, 0);
};
xhr.onerror = function() {
reject(new TypeError('Network request failed'));
setTimeout(function() {
reject(new TypeError('Network request failed'));
}, 0);
};
xhr.ontimeout = function() {
reject(new TypeError('Network request failed'));
setTimeout(function() {
reject(new TypeError('Network request failed'));
}, 0);
};
xhr.onabort = function() {
reject(new exports.DOMException('Aborted', 'AbortError'));
setTimeout(function() {
reject(new exports.DOMException('Aborted', 'AbortError'));
}, 0);
};
xhr.open(request.method, request.url, true);
function fixUrl(url) {
try {
return url === '' && self.location.href ? self.location.href : url
} catch (e) {
return url
}
}
xhr.open(request.method, fixUrl(request.url), true);
if (request.credentials === 'include') {

@@ -496,4 +523,12 @@ xhr.withCredentials = true;

if ('responseType' in xhr && support.blob) {
xhr.responseType = 'blob';
if ('responseType' in xhr) {
if (support.blob) {
xhr.responseType = 'blob';
} else if (
support.arrayBuffer &&
request.headers.get('Content-Type') &&
request.headers.get('Content-Type').indexOf('application/octet-stream') !== -1
) {
xhr.responseType = 'arraybuffer';
}
}

@@ -500,0 +535,0 @@

53

fetch.js

@@ -47,3 +47,3 @@ var support = {

}
if (/[^a-z0-9\-#$%&'*+.^_`|~]/i.test(name)) {
if (/[^a-z0-9\-#$%&'*+.^_`|~!]/i.test(name) || name === '') {
throw new TypeError('Invalid character in header field name')

@@ -213,2 +213,13 @@ }

this._initBody = function(body) {
/*
fetch-mock wraps the Response object in an ES6 Proxy to
provide useful test harness features such as flush. However, on
ES5 browsers without fetch or Proxy support pollyfills must be used;
the proxy-pollyfill is unable to proxy an attribute unless it exists
on the object before the Proxy is created. This change ensures
Response.bodyUsed exists on the instance, while maintaining the
semantic of setting Request.bodyUsed in the constructor before
_initBody is called.
*/
this.bodyUsed = this.bodyUsed
this._bodyInit = body

@@ -396,3 +407,3 @@ if (!body) {

this.ok = this.status >= 200 && this.status < 300
this.statusText = 'statusText' in options ? options.statusText : 'OK'
this.statusText = 'statusText' in options ? options.statusText : ''
this.headers = new Headers(options.headers)

@@ -466,19 +477,35 @@ this.url = options.url || ''

var body = 'response' in xhr ? xhr.response : xhr.responseText
resolve(new Response(body, options))
setTimeout(function() {
resolve(new Response(body, options))
}, 0)
}
xhr.onerror = function() {
reject(new TypeError('Network request failed'))
setTimeout(function() {
reject(new TypeError('Network request failed'))
}, 0)
}
xhr.ontimeout = function() {
reject(new TypeError('Network request failed'))
setTimeout(function() {
reject(new TypeError('Network request failed'))
}, 0)
}
xhr.onabort = function() {
reject(new DOMException('Aborted', 'AbortError'))
setTimeout(function() {
reject(new DOMException('Aborted', 'AbortError'))
}, 0)
}
xhr.open(request.method, request.url, true)
function fixUrl(url) {
try {
return url === '' && self.location.href ? self.location.href : url
} catch (e) {
return url
}
}
xhr.open(request.method, fixUrl(request.url), true)
if (request.credentials === 'include') {

@@ -490,4 +517,12 @@ xhr.withCredentials = true

if ('responseType' in xhr && support.blob) {
xhr.responseType = 'blob'
if ('responseType' in xhr) {
if (support.blob) {
xhr.responseType = 'blob'
} else if (
support.arrayBuffer &&
request.headers.get('Content-Type') &&
request.headers.get('Content-Type').indexOf('application/octet-stream') !== -1
) {
xhr.responseType = 'arraybuffer'
}
}

@@ -494,0 +529,0 @@

5

package.json
{
"name": "whatwg-fetch",
"description": "A window.fetch polyfill.",
"version": "3.0.0",
"version": "3.0.1",
"main": "./dist/fetch.umd.js",

@@ -13,3 +13,3 @@ "module": "./fetch.js",

"eslint": "^4.19.1",
"eslint-plugin-github": "^1.0.0",
"eslint-plugin-github": "^1.6.0",
"karma": "^3.0.0",

@@ -24,2 +24,3 @@ "karma-chai": "^0.1.0",

"mocha": "^4.0.1",
"prettier": "^1.19.1",
"promise-polyfill": "6.0.2",

@@ -26,0 +27,0 @@ "rollup": "^0.59.1",

34

README.md

@@ -24,2 +24,3 @@ # window.fetch polyfill

* [Receiving cookies](#receiving-cookies)
* [Redirect modes](#redirect-modes)
* [Obtaining the Response URL](#obtaining-the-response-url)

@@ -61,2 +62,6 @@ * [Aborting requests](#aborting-requests)

As an alternative to using npm, you can obtain `fetch.umd.js` from the
[Releases][] section. The UMD distribution is compatible with AMD and CommonJS
module loaders, as well as loading directly into a page via `<script>` tag.
You will also need a Promise polyfill for [older browsers](http://caniuse.com/#feat=promises).

@@ -189,2 +194,6 @@ We recommend [taylorhakes/promise-polyfill](https://github.com/taylorhakes/promise-polyfill)

* Not all Fetch standard options are supported in this polyfill. For instance,
[`redirect`](#redirect-modes) and
[`cache`](https://github.github.io/fetch/#caveats) directives are ignored.
#### Handling HTTP error statuses

@@ -231,11 +240,2 @@

To disable sending or receiving cookies for requests to any domain, including
the current one, use the "omit" value:
```javascript
fetch('/users', {
credentials: 'omit'
})
```
The default value for `credentials` is "same-origin".

@@ -261,2 +261,8 @@

Note: due to [limitations of
XMLHttpRequest](https://github.com/github/fetch/pull/56#issuecomment-68835992),
using `credentials: 'omit'` is not respected for same domains in browsers where
this polyfill is active. Cookies will always be sent to same domains in older
browsers.
#### Receiving cookies

@@ -270,2 +276,11 @@

#### Redirect modes
The Fetch specification defines these values for [the `redirect`
option](https://fetch.spec.whatwg.org/#concept-request-redirect-mode): "follow"
(the default), "error", and "manual".
Due to limitations of XMLHttpRequest, only the "follow" mode is available in
browsers where this polyfill is active.
#### Obtaining the Response URL

@@ -341,1 +356,2 @@

[forbidden header name]: https://developer.mozilla.org/en-US/docs/Glossary/Forbidden_header_name
[releases]: https://github.com/github/fetch/releases
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc