[tests] https test pass, fix #511. Exposed the rejectUnauthorized flag

2025-12-08 20:59:18 +00:00 · 2013-11-07 15:09:37 -05:00 · 2013-11-07 15:09:37 -05:00 · fd42dcef01
commit fd42dcef01
parent a2b1f0a4c9
3 changed files with 37 additions and 1 deletions
--- a/lib/http-proxy.js
+++ b/lib/http-proxy.js
@ -30,6 +30,7 @@ proxy.createProxyServer = proxy.createServer = function createProxyServer(option
   *    ssl    : <object to be passed to https.createServer()> 
   *    ws     : <true/false, if you want to proxy websockets>
   *    xfwd   : <true/false, adds x-forward headers>          
+   *    secure : <true/false, verify SSL certificate>
   *  }                                                        
   *   
   *  NOTE: `options.ws` and `options.ssl` are optional.       
--- a/lib/http-proxy/common.js
+++ b/lib/http-proxy/common.js
@ -37,6 +37,11 @@ common.setupOutgoing = function(outgoing, options, req, forward) {
    extend(outgoing.headers, options.headers);
  }

+  if (options[forward || 'target'].protocol == 'https:') {
+    outgoing.rejectUnauthorized = (typeof options.secure === "undefined") ? true : options.secure;
+  }
+
+
  outgoing.agent = options.agent || false;
  outgoing.path = req.url;

--- a/test/lib-https-proxy-test.js
+++ b/test/lib-https-proxy-test.js
@ -17,7 +17,7 @@ Object.defineProperty(gen, 'port', {
 });

 describe('lib/http-proxy.js', function() {
-  describe('#createProxyServer using HTTPS', function() {
+  describe('HTTPS #createProxyServer', function() {
  	describe('HTTPS to HTTP', function () {
      it('should proxy the request en send back the response', function (done) {
        var ports = { source: gen.port, proxy: gen.port };
@ -79,6 +79,8 @@ describe('lib/http-proxy.js', function() {

        var proxy = httpProxy.createProxyServer({
          target: 'https://127.0.0.1:' + ports.source,
+          // Allow to use SSL self signed
+          secure: false
        }).listen(ports.proxy);

        http.request({
@ -100,5 +102,33 @@ describe('lib/http-proxy.js', function() {
        }).end();
      })
    })
+    describe('HTTPS not allow SSL self signed', function () {
+      it('should fail with error', function (done) {
+        var ports = { source: gen.port, proxy: gen.port };
+        var source = https.createServer({
+          key: fs.readFileSync(path.join(__dirname, 'fixtures', 'agent2-key.pem')),
+          cert: fs.readFileSync(path.join(__dirname, 'fixtures', 'agent2-cert.pem')),
+        }).listen(ports.source);
+
+        var proxy = httpProxy.createProxyServer({
+          target: 'https://127.0.0.1:' + ports.source,
+          secure: true
+        });
+
+        proxy.listen(ports.proxy);
+
+        proxy.on('error', function (err, req, res) {
+          expect(err).to.be.an(Error);
+          expect(err.toString()).to.be('Error: DEPTH_ZERO_SELF_SIGNED_CERT')
+          done();
+        })
+
+        http.request({
+          hostname: '127.0.0.1',
+          port: ports.proxy,
+          method: 'GET'
+        }).end();
+      })
+    })
  });
 });