prevent http request without enable it explicitly

2023-04-24 12:42:45 -03:00 · 2023-04-24 12:42:45 -03:00 · 3004ece1f8
commit 3004ece1f8
parent e4bf114f60
4 changed files with 27 additions and 2 deletions
--- a/packages/taler-util/package.json
+++ b/packages/taler-util/package.json
@ -74,7 +74,7 @@
  },
  "ava": {
    "files": [
-      "lib/*test.js"
+      "lib/**/*test.js"
    ]
-  }
+}
 }
--- a/packages/taler-util/src/http-common.ts
+++ b/packages/taler-util/src/http-common.ts
@ -423,6 +423,7 @@ export function getExpiry(

 export interface HttpLibArgs {
  enableThrottling?: boolean;
+  allowHttp?: boolean;
 }

 export function encodeBody(body: any): ArrayBuffer {
--- a/packages/taler-util/src/http-impl.node.ts
+++ b/packages/taler-util/src/http-impl.node.ts
@ -49,9 +49,11 @@ const textDecoder = new TextDecoder();
 export class HttpLibImpl implements HttpRequestLibrary {
  private throttle = new RequestThrottler();
  private throttlingEnabled = true;
+  private allowHttp = false;

  constructor(args?: HttpLibArgs) {
    this.throttlingEnabled = args?.enableThrottling ?? false;
+    this.allowHttp = args?.allowHttp ?? false;
  }

  /**
@ -78,6 +80,16 @@ export class HttpLibImpl implements HttpRequestLibrary {
        `request to origin ${parsedUrl.origin} was throttled`,
      );
    }
+    if (!this.allowHttp && parsedUrl.protocol !== "https:") {
+      throw TalerError.fromDetail(
+        TalerErrorCode.WALLET_NETWORK_ERROR,
+        {
+          requestMethod: method,
+          requestUrl: url,
+        },
+        `request to ${parsedUrl.origin} is not possible with protocol ${parsedUrl.protocol}`,
+      );
+    }
    let timeoutMs: number | undefined;
    if (typeof opt?.timeout?.d_ms === "number") {
      timeoutMs = opt.timeout.d_ms;
--- a/packages/taler-util/src/http-impl.qtart.ts
+++ b/packages/taler-util/src/http-impl.qtart.ts
@ -41,9 +41,11 @@ const textDecoder = new TextDecoder();
 export class HttpLibImpl implements HttpRequestLibrary {
  private throttle = new RequestThrottler();
  private throttlingEnabled = true;
+  private allowHttp = false;

  constructor(args?: HttpLibArgs) {
    this.throttlingEnabled = args?.enableThrottling ?? false;
+    this.allowHttp = args?.allowHttp ?? false;
  }

  /**
@ -70,6 +72,16 @@ export class HttpLibImpl implements HttpRequestLibrary {
        `request to origin ${parsedUrl.origin} was throttled`,
      );
    }
+    if (!this.allowHttp && parsedUrl.protocol !== "https") {
+      throw TalerError.fromDetail(
+        TalerErrorCode.WALLET_NETWORK_ERROR,
+        {
+          requestMethod: method,
+          requestUrl: url,
+        },
+        `request to ${parsedUrl.origin} is not possible with protocol ${parsedUrl.protocol}`,
+      );
+    }

    let data: ArrayBuffer | undefined = undefined;
    const requestHeadersMap = { ...getDefaultHeaders(method), ...opt?.headers };