aboutsummaryrefslogtreecommitdiffhomepage
path: root/node_modules/xmlhttprequest-ssl/lib/XMLHttpRequest.js
diff options
context:
space:
mode:
Diffstat (limited to 'node_modules/xmlhttprequest-ssl/lib/XMLHttpRequest.js')
-rw-r--r--node_modules/xmlhttprequest-ssl/lib/XMLHttpRequest.js652
1 files changed, 652 insertions, 0 deletions
diff --git a/node_modules/xmlhttprequest-ssl/lib/XMLHttpRequest.js b/node_modules/xmlhttprequest-ssl/lib/XMLHttpRequest.js
new file mode 100644
index 0000000..b9e069e
--- /dev/null
+++ b/node_modules/xmlhttprequest-ssl/lib/XMLHttpRequest.js
@@ -0,0 +1,652 @@
+/**
+ * Wrapper for built-in http.js to emulate the browser XMLHttpRequest object.
+ *
+ * This can be used with JS designed for browsers to improve reuse of code and
+ * allow the use of existing libraries.
+ *
+ * Usage: include("XMLHttpRequest.js") and use XMLHttpRequest per W3C specs.
+ *
+ * @author Dan DeFelippi <dan@driverdan.com>
+ * @contributor David Ellis <d.f.ellis@ieee.org>
+ * @license MIT
+ */
+
+var fs = require('fs');
+var Url = require('url');
+var spawn = require('child_process').spawn;
+
+/**
+ * Module exports.
+ */
+
+module.exports = XMLHttpRequest;
+
+// backwards-compat
+XMLHttpRequest.XMLHttpRequest = XMLHttpRequest;
+
+/**
+ * `XMLHttpRequest` constructor.
+ *
+ * Supported options for the `opts` object are:
+ *
+ * - `agent`: An http.Agent instance; http.globalAgent may be used; if 'undefined', agent usage is disabled
+ *
+ * @param {Object} opts optional "options" object
+ */
+
+function XMLHttpRequest(opts) {
+ "use strict";
+
+ /**
+ * Private variables
+ */
+ var self = this;
+ var http = require('http');
+ var https = require('https');
+
+ // Holds http.js objects
+ var request;
+ var response;
+
+ // Request settings
+ var settings = {};
+
+ // Disable header blacklist.
+ // Not part of XHR specs.
+ var disableHeaderCheck = false;
+
+ // Set some default headers
+ var defaultHeaders = {
+ "User-Agent": "node-XMLHttpRequest",
+ "Accept": "*/*"
+ };
+
+ var headers = Object.assign({}, defaultHeaders);
+
+ // These headers are not user setable.
+ // The following are allowed but banned in the spec:
+ // * user-agent
+ var forbiddenRequestHeaders = [
+ "accept-charset",
+ "accept-encoding",
+ "access-control-request-headers",
+ "access-control-request-method",
+ "connection",
+ "content-length",
+ "content-transfer-encoding",
+ "cookie",
+ "cookie2",
+ "date",
+ "expect",
+ "host",
+ "keep-alive",
+ "origin",
+ "referer",
+ "te",
+ "trailer",
+ "transfer-encoding",
+ "upgrade",
+ "via"
+ ];
+
+ // These request methods are not allowed
+ var forbiddenRequestMethods = [
+ "TRACE",
+ "TRACK",
+ "CONNECT"
+ ];
+
+ // Send flag
+ var sendFlag = false;
+ // Error flag, used when errors occur or abort is called
+ var errorFlag = false;
+
+ // Event listeners
+ var listeners = {};
+
+ /**
+ * Constants
+ */
+
+ this.UNSENT = 0;
+ this.OPENED = 1;
+ this.HEADERS_RECEIVED = 2;
+ this.LOADING = 3;
+ this.DONE = 4;
+
+ /**
+ * Public vars
+ */
+
+ // Current state
+ this.readyState = this.UNSENT;
+
+ // default ready state change handler in case one is not set or is set late
+ this.onreadystatechange = null;
+
+ // Result & response
+ this.responseText = "";
+ this.responseXML = "";
+ this.status = null;
+ this.statusText = null;
+
+ /**
+ * Private methods
+ */
+
+ /**
+ * Check if the specified header is allowed.
+ *
+ * @param string header Header to validate
+ * @return boolean False if not allowed, otherwise true
+ */
+ var isAllowedHttpHeader = function(header) {
+ return disableHeaderCheck || (header && forbiddenRequestHeaders.indexOf(header.toLowerCase()) === -1);
+ };
+
+ /**
+ * Check if the specified method is allowed.
+ *
+ * @param string method Request method to validate
+ * @return boolean False if not allowed, otherwise true
+ */
+ var isAllowedHttpMethod = function(method) {
+ return (method && forbiddenRequestMethods.indexOf(method) === -1);
+ };
+
+ /**
+ * Public methods
+ */
+
+ /**
+ * Open the connection. Currently supports local server requests.
+ *
+ * @param string method Connection method (eg GET, POST)
+ * @param string url URL for the connection.
+ * @param boolean async Asynchronous connection. Default is true.
+ * @param string user Username for basic authentication (optional)
+ * @param string password Password for basic authentication (optional)
+ */
+ this.open = function(method, url, async, user, password) {
+ this.abort();
+ errorFlag = false;
+
+ // Check for valid request method
+ if (!isAllowedHttpMethod(method)) {
+ throw "SecurityError: Request method not allowed";
+ }
+
+ settings = {
+ "method": method,
+ "url": url.toString(),
+ "async": (typeof async !== "boolean" ? true : async),
+ "user": user || null,
+ "password": password || null
+ };
+
+ setState(this.OPENED);
+ };
+
+ /**
+ * Disables or enables isAllowedHttpHeader() check the request. Enabled by default.
+ * This does not conform to the W3C spec.
+ *
+ * @param boolean state Enable or disable header checking.
+ */
+ this.setDisableHeaderCheck = function(state) {
+ disableHeaderCheck = state;
+ };
+
+ /**
+ * Sets a header for the request.
+ *
+ * @param string header Header name
+ * @param string value Header value
+ * @return boolean Header added
+ */
+ this.setRequestHeader = function(header, value) {
+ if (this.readyState != this.OPENED) {
+ throw "INVALID_STATE_ERR: setRequestHeader can only be called when state is OPEN";
+ return false;
+ }
+ if (!isAllowedHttpHeader(header)) {
+ console.warn('Refused to set unsafe header "' + header + '"');
+ return false;
+ }
+ if (sendFlag) {
+ throw "INVALID_STATE_ERR: send flag is true";
+ return false;
+ }
+ headers[header] = value;
+ return true;
+ };
+
+ /**
+ * Gets a header from the server response.
+ *
+ * @param string header Name of header to get.
+ * @return string Text of the header or null if it doesn't exist.
+ */
+ this.getResponseHeader = function(header) {
+ if (typeof header === "string"
+ && this.readyState > this.OPENED
+ && response.headers[header.toLowerCase()]
+ && !errorFlag
+ ) {
+ return response.headers[header.toLowerCase()];
+ }
+
+ return null;
+ };
+
+ /**
+ * Gets all the response headers.
+ *
+ * @return string A string with all response headers separated by CR+LF
+ */
+ this.getAllResponseHeaders = function() {
+ if (this.readyState < this.HEADERS_RECEIVED || errorFlag) {
+ return "";
+ }
+ var result = "";
+
+ for (var i in response.headers) {
+ // Cookie headers are excluded
+ if (i !== "set-cookie" && i !== "set-cookie2") {
+ result += i + ": " + response.headers[i] + "\r\n";
+ }
+ }
+ return result.substr(0, result.length - 2);
+ };
+
+ /**
+ * Gets a request header
+ *
+ * @param string name Name of header to get
+ * @return string Returns the request header or empty string if not set
+ */
+ this.getRequestHeader = function(name) {
+ // @TODO Make this case insensitive
+ if (typeof name === "string" && headers[name]) {
+ return headers[name];
+ }
+
+ return "";
+ };
+
+ /**
+ * Sends the request to the server.
+ *
+ * @param string data Optional data to send as request body.
+ */
+ this.send = function(data) {
+ if (this.readyState != this.OPENED) {
+ throw "INVALID_STATE_ERR: connection must be opened before send() is called";
+ }
+
+ if (sendFlag) {
+ throw "INVALID_STATE_ERR: send has already been called";
+ }
+
+ var ssl = false, local = false;
+ var url = Url.parse(settings.url);
+ var host;
+ // Determine the server
+ switch (url.protocol) {
+ case 'https:':
+ ssl = true;
+ // SSL & non-SSL both need host, no break here.
+ case 'http:':
+ host = url.hostname;
+ break;
+
+ case 'file:':
+ local = true;
+ break;
+
+ case undefined:
+ case '':
+ host = "localhost";
+ break;
+
+ default:
+ throw "Protocol not supported.";
+ }
+
+ // Load files off the local filesystem (file://)
+ if (local) {
+ if (settings.method !== "GET") {
+ throw "XMLHttpRequest: Only GET method is supported";
+ }
+
+ if (settings.async) {
+ fs.readFile(url.pathname, 'utf8', function(error, data) {
+ if (error) {
+ self.handleError(error);
+ } else {
+ self.status = 200;
+ self.responseText = data;
+ setState(self.DONE);
+ }
+ });
+ } else {
+ try {
+ this.responseText = fs.readFileSync(url.pathname, 'utf8');
+ this.status = 200;
+ setState(self.DONE);
+ } catch(e) {
+ this.handleError(e);
+ }
+ }
+
+ return;
+ }
+
+ // Default to port 80. If accessing localhost on another port be sure
+ // to use http://localhost:port/path
+ var port = url.port || (ssl ? 443 : 80);
+ // Add query string if one is used
+ var uri = url.pathname + (url.search ? url.search : '');
+
+ // Set the Host header or the server may reject the request
+ headers["Host"] = host;
+ if (!((ssl && port === 443) || port === 80)) {
+ headers["Host"] += ':' + url.port;
+ }
+
+ // Set Basic Auth if necessary
+ if (settings.user) {
+ if (typeof settings.password == "undefined") {
+ settings.password = "";
+ }
+ var authBuf = new Buffer(settings.user + ":" + settings.password);
+ headers["Authorization"] = "Basic " + authBuf.toString("base64");
+ }
+
+ // Set content length header
+ if (settings.method === "GET" || settings.method === "HEAD") {
+ data = null;
+ } else if (data) {
+ headers["Content-Length"] = Buffer.isBuffer(data) ? data.length : Buffer.byteLength(data);
+
+ if (!headers["Content-Type"]) {
+ headers["Content-Type"] = "text/plain;charset=UTF-8";
+ }
+ } else if (settings.method === "POST") {
+ // For a post with no data set Content-Length: 0.
+ // This is required by buggy servers that don't meet the specs.
+ headers["Content-Length"] = 0;
+ }
+
+ var agent = false;
+ if (opts && opts.agent) {
+ agent = opts.agent;
+ }
+ var options = {
+ host: host,
+ port: port,
+ path: uri,
+ method: settings.method,
+ headers: headers,
+ agent: agent
+ };
+
+ if (ssl) {
+ options.pfx = opts.pfx;
+ options.key = opts.key;
+ options.passphrase = opts.passphrase;
+ options.cert = opts.cert;
+ options.ca = opts.ca;
+ options.ciphers = opts.ciphers;
+ options.rejectUnauthorized = opts.rejectUnauthorized;
+ }
+
+ // Reset error flag
+ errorFlag = false;
+
+ // Handle async requests
+ if (settings.async) {
+ // Use the proper protocol
+ var doRequest = ssl ? https.request : http.request;
+
+ // Request is being sent, set send flag
+ sendFlag = true;
+
+ // As per spec, this is called here for historical reasons.
+ self.dispatchEvent("readystatechange");
+
+ // Handler for the response
+ var responseHandler = function(resp) {
+ // Set response var to the response we got back
+ // This is so it remains accessable outside this scope
+ response = resp;
+ // Check for redirect
+ // @TODO Prevent looped redirects
+ if (response.statusCode === 302 || response.statusCode === 303 || response.statusCode === 307) {
+ // Change URL to the redirect location
+ settings.url = response.headers.location;
+ var url = Url.parse(settings.url);
+ // Set host var in case it's used later
+ host = url.hostname;
+ // Options for the new request
+ var newOptions = {
+ hostname: url.hostname,
+ port: url.port,
+ path: url.path,
+ method: response.statusCode === 303 ? 'GET' : settings.method,
+ headers: headers
+ };
+
+ if (ssl) {
+ newOptions.pfx = opts.pfx;
+ newOptions.key = opts.key;
+ newOptions.passphrase = opts.passphrase;
+ newOptions.cert = opts.cert;
+ newOptions.ca = opts.ca;
+ newOptions.ciphers = opts.ciphers;
+ newOptions.rejectUnauthorized = opts.rejectUnauthorized;
+ }
+
+ // Issue the new request
+ request = doRequest(newOptions, responseHandler).on('error', errorHandler);
+ request.end();
+ // @TODO Check if an XHR event needs to be fired here
+ return;
+ }
+
+ if (response && response.setEncoding) {
+ response.setEncoding("utf8");
+ }
+
+ setState(self.HEADERS_RECEIVED);
+ self.status = response.statusCode;
+
+ response.on('data', function(chunk) {
+ // Make sure there's some data
+ if (chunk) {
+ self.responseText += chunk;
+ }
+ // Don't emit state changes if the connection has been aborted.
+ if (sendFlag) {
+ setState(self.LOADING);
+ }
+ });
+
+ response.on('end', function() {
+ if (sendFlag) {
+ // The sendFlag needs to be set before setState is called. Otherwise if we are chaining callbacks
+ // there can be a timing issue (the callback is called and a new call is made before the flag is reset).
+ sendFlag = false;
+ // Discard the 'end' event if the connection has been aborted
+ setState(self.DONE);
+ }
+ });
+
+ response.on('error', function(error) {
+ self.handleError(error);
+ });
+ }
+
+ // Error handler for the request
+ var errorHandler = function(error) {
+ self.handleError(error);
+ }
+
+ // Create the request
+ request = doRequest(options, responseHandler).on('error', errorHandler);
+
+ // Node 0.4 and later won't accept empty data. Make sure it's needed.
+ if (data) {
+ request.write(data);
+ }
+
+ request.end();
+
+ self.dispatchEvent("loadstart");
+ } else { // Synchronous
+ // Create a temporary file for communication with the other Node process
+ var contentFile = ".node-xmlhttprequest-content-" + process.pid;
+ var syncFile = ".node-xmlhttprequest-sync-" + process.pid;
+ fs.writeFileSync(syncFile, "", "utf8");
+ // The async request the other Node process executes
+ var execString = "var http = require('http'), https = require('https'), fs = require('fs');"
+ + "var doRequest = http" + (ssl ? "s" : "") + ".request;"
+ + "var options = " + JSON.stringify(options) + ";"
+ + "var responseText = '';"
+ + "var req = doRequest(options, function(response) {"
+ + "response.setEncoding('utf8');"
+ + "response.on('data', function(chunk) {"
+ + " responseText += chunk;"
+ + "});"
+ + "response.on('end', function() {"
+ + "fs.writeFileSync('" + contentFile + "', 'NODE-XMLHTTPREQUEST-STATUS:' + response.statusCode + ',' + responseText, 'utf8');"
+ + "fs.unlinkSync('" + syncFile + "');"
+ + "});"
+ + "response.on('error', function(error) {"
+ + "fs.writeFileSync('" + contentFile + "', 'NODE-XMLHTTPREQUEST-ERROR:' + JSON.stringify(error), 'utf8');"
+ + "fs.unlinkSync('" + syncFile + "');"
+ + "});"
+ + "}).on('error', function(error) {"
+ + "fs.writeFileSync('" + contentFile + "', 'NODE-XMLHTTPREQUEST-ERROR:' + JSON.stringify(error), 'utf8');"
+ + "fs.unlinkSync('" + syncFile + "');"
+ + "});"
+ + (data ? "req.write('" + data.replace(/'/g, "\\'") + "');":"")
+ + "req.end();";
+ // Start the other Node Process, executing this string
+ var syncProc = spawn(process.argv[0], ["-e", execString]);
+ var statusText;
+ while(fs.existsSync(syncFile)) {
+ // Wait while the sync file is empty
+ }
+ self.responseText = fs.readFileSync(contentFile, 'utf8');
+ // Kill the child process once the file has data
+ syncProc.stdin.end();
+ // Remove the temporary file
+ fs.unlinkSync(contentFile);
+ if (self.responseText.match(/^NODE-XMLHTTPREQUEST-ERROR:/)) {
+ // If the file returned an error, handle it
+ var errorObj = self.responseText.replace(/^NODE-XMLHTTPREQUEST-ERROR:/, "");
+ self.handleError(errorObj);
+ } else {
+ // If the file returned okay, parse its data and move to the DONE state
+ self.status = self.responseText.replace(/^NODE-XMLHTTPREQUEST-STATUS:([0-9]*),.*/, "$1");
+ self.responseText = self.responseText.replace(/^NODE-XMLHTTPREQUEST-STATUS:[0-9]*,(.*)/, "$1");
+ setState(self.DONE);
+ }
+ }
+ };
+
+ /**
+ * Called when an error is encountered to deal with it.
+ */
+ this.handleError = function(error) {
+ this.status = 503;
+ this.statusText = error;
+ this.responseText = error.stack;
+ errorFlag = true;
+ setState(this.DONE);
+ };
+
+ /**
+ * Aborts a request.
+ */
+ this.abort = function() {
+ if (request) {
+ request.abort();
+ request = null;
+ }
+
+ headers = Object.assign({}, defaultHeaders);
+ this.responseText = "";
+ this.responseXML = "";
+
+ errorFlag = true;
+
+ if (this.readyState !== this.UNSENT
+ && (this.readyState !== this.OPENED || sendFlag)
+ && this.readyState !== this.DONE) {
+ sendFlag = false;
+ setState(this.DONE);
+ }
+ this.readyState = this.UNSENT;
+ };
+
+ /**
+ * Adds an event listener. Preferred method of binding to events.
+ */
+ this.addEventListener = function(event, callback) {
+ if (!(event in listeners)) {
+ listeners[event] = [];
+ }
+ // Currently allows duplicate callbacks. Should it?
+ listeners[event].push(callback);
+ };
+
+ /**
+ * Remove an event callback that has already been bound.
+ * Only works on the matching funciton, cannot be a copy.
+ */
+ this.removeEventListener = function(event, callback) {
+ if (event in listeners) {
+ // Filter will return a new array with the callback removed
+ listeners[event] = listeners[event].filter(function(ev) {
+ return ev !== callback;
+ });
+ }
+ };
+
+ /**
+ * Dispatch any events, including both "on" methods and events attached using addEventListener.
+ */
+ this.dispatchEvent = function(event) {
+ if (typeof self["on" + event] === "function") {
+ self["on" + event]();
+ }
+ if (event in listeners) {
+ for (var i = 0, len = listeners[event].length; i < len; i++) {
+ listeners[event][i].call(self);
+ }
+ }
+ };
+
+ /**
+ * Changes readyState and calls onreadystatechange.
+ *
+ * @param int state New state
+ */
+ var setState = function(state) {
+ if (self.readyState !== state) {
+ self.readyState = state;
+
+ if (settings.async || self.readyState < self.OPENED || self.readyState === self.DONE) {
+ self.dispatchEvent("readystatechange");
+ }
+
+ if (self.readyState === self.DONE && !errorFlag) {
+ self.dispatchEvent("load");
+ // @TODO figure out InspectorInstrumentation::didLoadXHR(cookie)
+ self.dispatchEvent("loadend");
+ }
+ }
+ };
+};
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-26 02:06:44 +0000