milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add some more comments on why http / https is handled in different code paths

Browse source
This commit is contained in:
Sander Declerck 2025-10-15 11:56:03 +02:00
parent 37ef3e187b
commit 05354ba2f0
No known key found for this signature in database
2 changed files with 7 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
packages/safe-chain/src/registryProxy/plainHttpProxy.js
View file

@ -4,6 +4,9 @@ import * as https from "https";
export function handleHttpProxyRequest(req, res) { export function handleHttpProxyRequest(req, res) {
const url = new URL(req.url); const url = new URL(req.url);
// The protocol for the plainHttpProxy should usually only be http:
// but when the client for some reason sends an https: request directly
// instead of using the CONNECT method, we should handle it gracefully.
let protocol; let protocol;
if (url.protocol === "http:") { if (url.protocol === "http:") {
protocol = http; protocol = http;

5
packages/safe-chain/src/registryProxy/registryProxy.js
View file

@ -55,7 +55,10 @@ export function mergeSafeChainProxyEnvironmentVariables(env) {
function createProxyServer() { function createProxyServer() {
const server = http.createServer( const server = http.createServer(
handleHttpProxyRequest // This handles plain HTTP requests // This handles direct HTTP requests (non-CONNECT requests)
// This is normally http-only traffic, but we also handle
// https for clients that don't properly use CONNECT
handleHttpProxyRequest
); );
// This handles HTTPS requests via the CONNECT method // This handles HTTPS requests via the CONNECT method