Implement a proxy blocking tarball requests for packages containing malware.

2026-05-26 12:10:49 +00:00 · 2025-09-30 13:52:21 +02:00 · 2025-09-30 13:52:21 +02:00 · e2afcb16e3
commit e2afcb16e3
parent 04cb001006
16 changed files with 633 additions and 33 deletions
--- a/packages/safe-chain/src/registryProxy/tunnelRequestHandler.js
+++ b/packages/safe-chain/src/registryProxy/tunnelRequestHandler.js
@ -0,0 +1,20 @@
+import * as net from "net";
+import { ui } from "../environment/userInteraction.js";
+
+export function tunnelRequest(req, clientSocket, head) {
+  const { port, hostname } = new URL(`http://${req.url}`);
+
+  const serverSocket = net.connect(port || 443, hostname, () => {
+    clientSocket.write("HTTP/1.1 200 Connection Established\r\n\r\n");
+    serverSocket.write(head);
+    serverSocket.pipe(clientSocket);
+    clientSocket.pipe(serverSocket);
+  });
+
+  serverSocket.on("error", (err) => {
+    ui.writeError(
+      `Safe-chain: error connecting to ${hostname}:${port} - ${err.message}`
+    );
+    clientSocket.end("HTTP/1.1 502 Bad Gateway\r\n\r\n");
+  });
+}