prevent http request without enable it explicitly

This commit is contained in:
Sebastian 2023-04-24 12:42:45 -03:00
parent e4bf114f60
commit 3004ece1f8
No known key found for this signature in database
GPG Key ID: 173909D1A5F66069
4 changed files with 27 additions and 2 deletions

View File

@ -74,7 +74,7 @@
}, },
"ava": { "ava": {
"files": [ "files": [
"lib/*test.js" "lib/**/*test.js"
] ]
} }
} }

View File

@ -423,6 +423,7 @@ export function getExpiry(
export interface HttpLibArgs { export interface HttpLibArgs {
enableThrottling?: boolean; enableThrottling?: boolean;
allowHttp?: boolean;
} }
export function encodeBody(body: any): ArrayBuffer { export function encodeBody(body: any): ArrayBuffer {

View File

@ -49,9 +49,11 @@ const textDecoder = new TextDecoder();
export class HttpLibImpl implements HttpRequestLibrary { export class HttpLibImpl implements HttpRequestLibrary {
private throttle = new RequestThrottler(); private throttle = new RequestThrottler();
private throttlingEnabled = true; private throttlingEnabled = true;
private allowHttp = false;
constructor(args?: HttpLibArgs) { constructor(args?: HttpLibArgs) {
this.throttlingEnabled = args?.enableThrottling ?? false; this.throttlingEnabled = args?.enableThrottling ?? false;
this.allowHttp = args?.allowHttp ?? false;
} }
/** /**
@ -78,6 +80,16 @@ export class HttpLibImpl implements HttpRequestLibrary {
`request to origin ${parsedUrl.origin} was throttled`, `request to origin ${parsedUrl.origin} was throttled`,
); );
} }
if (!this.allowHttp && parsedUrl.protocol !== "https:") {
throw TalerError.fromDetail(
TalerErrorCode.WALLET_NETWORK_ERROR,
{
requestMethod: method,
requestUrl: url,
},
`request to ${parsedUrl.origin} is not possible with protocol ${parsedUrl.protocol}`,
);
}
let timeoutMs: number | undefined; let timeoutMs: number | undefined;
if (typeof opt?.timeout?.d_ms === "number") { if (typeof opt?.timeout?.d_ms === "number") {
timeoutMs = opt.timeout.d_ms; timeoutMs = opt.timeout.d_ms;

View File

@ -41,9 +41,11 @@ const textDecoder = new TextDecoder();
export class HttpLibImpl implements HttpRequestLibrary { export class HttpLibImpl implements HttpRequestLibrary {
private throttle = new RequestThrottler(); private throttle = new RequestThrottler();
private throttlingEnabled = true; private throttlingEnabled = true;
private allowHttp = false;
constructor(args?: HttpLibArgs) { constructor(args?: HttpLibArgs) {
this.throttlingEnabled = args?.enableThrottling ?? false; this.throttlingEnabled = args?.enableThrottling ?? false;
this.allowHttp = args?.allowHttp ?? false;
} }
/** /**
@ -70,6 +72,16 @@ export class HttpLibImpl implements HttpRequestLibrary {
`request to origin ${parsedUrl.origin} was throttled`, `request to origin ${parsedUrl.origin} was throttled`,
); );
} }
if (!this.allowHttp && parsedUrl.protocol !== "https") {
throw TalerError.fromDetail(
TalerErrorCode.WALLET_NETWORK_ERROR,
{
requestMethod: method,
requestUrl: url,
},
`request to ${parsedUrl.origin} is not possible with protocol ${parsedUrl.protocol}`,
);
}
let data: ArrayBuffer | undefined = undefined; let data: ArrayBuffer | undefined = undefined;
const requestHeadersMap = { ...getDefaultHeaders(method), ...opt?.headers }; const requestHeadersMap = { ...getDefaultHeaders(method), ...opt?.headers };