8000 In domain-task/fetch, only apply HTTPS cert validation workaround for… · aspnet/JavaScriptServices@e632d2b · GitHub
[go: up one dir, main page]

Skip to content
This repository was archived by the owner on Apr 8, 2020. It is now read-only.
/ JavaScriptServices Public archive

Commit e632d2b

Browse files
In domain-task/fetch, only apply HTTPS cert validation workaround for HTTPS requests (not HTTP)
1 parent 7a56f64 commit e632d2b

File tree

2 files changed

+12
-8
lines changed

2 files changed

+12
-8
lines changed

src/Microsoft.AspNetCore.SpaServices/npm/domain-task/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "domain-task",
3-
"version": "3.0.2",
3+
"version": "3.0.3",
44
"description": "Tracks outstanding operations for a logical thread of execution",
55
"main": "index.js",
66
"scripts": {

src/Microsoft.AspNetCore.SpaServices/npm/domain-task/src/fetch.ts

Lines changed: 11 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ import { baseUrl } from './main';
66
const isomorphicFetch = require('isomorphic-fetch');
77
const isNode = typeof process === 'object' && process.versions && !!process.versions.node;
88
const nodeHttps = isNode && require('https');
9+
const isHttpsRegex = /^https\:/;
910

1011
function issueRequest(baseUrl: string, req: string | Request, init?: RequestInit): Promise<any> {
1112
const reqUrl = (req instanceof Request) ? req.url : req;
@@ -30,11 +31,11 @@ function issueRequest(baseUrl: string, req: string | Request, init?: RequestInit
3031
`);
3132
}
3233

33-
init = applyHttpsAgentPolicy(init, isRelativeUrl);
34+
init = applyHttpsAgentPolicy(init, isRelativeUrl, baseUrl);
3435
return isomorphicFetch(req, init);
3536
}
3637

37-
function applyHttpsAgentPolicy(init: RequestInit, isRelativeUrl: boolean): RequestInit {
38+
function applyHttpsAgentPolicy(init: RequestInit, isRelativeUrl: boolean, baseUrl: string): RequestInit {
3839
// HTTPS is awkward in Node because it uses a built-in list of CAs, rather than recognizing
3940
// the OS's system-level CA list. There are dozens of issues filed against Node about this,
4041
// but still (as of v8.0.0) no resolution besides manually duplicating your CA config.
@@ -54,12 +55,15 @@ function applyHttpsAgentPolicy(init: RequestInit, isRelativeUrl: boolean): Reque
5455
// for 'agent' (which would let you set up other HTTPS-handling policies), then we automatically
5556
// disable cert verification for that request.
5657
if (isNode && isRelativeUrl) {
57-
const hasAgentConfig = init && ('agent' in init);
58-
if (!hasAgentConfig) {
59-
const agentForRequest = new (nodeHttps.Agent)({ rejectUnauthorized: false });
58+
const isHttps = baseUrl && isHttpsRegex.test(baseUrl);
59+
if (isHttps) {
60+
const hasAgentConfig = init && ('agent' in init);
61+
if (!hasAgentConfig) {
62+
const agentForRequest = new (nodeHttps.Agent)({ rejectUnauthorized: false });
6063

61-
init = init || {};
62-
(init as any).agent = agentForRequest;
64+
init = init || {};
65+
(init as any).agent = agentForRequest;
66+
}
6367
}
6468
}
6569

0 commit comments

Comments
 (0)
0