taler-typescript-core

Wallet core logic and WebUIs for various components
Log | Files | Refs | Submodules | README | LICENSE
commit 3004ece1f8153fdf8ddb283e5d767dd5b5c2e179
parent e4bf114f60a7a76f43714183a4149406ade33d44
Author: Sebastian <sebasjm@gmail.com>
Date:   Mon, 24 Apr 2023 12:42:45 -0300

prevent http request without enable it explicitly

Diffstat:

Mpackages/taler-util/package.json | 4++--


Mpackages/taler-util/src/http-common.ts | 1+


Mpackages/taler-util/src/http-impl.node.ts | 12++++++++++++


Mpackages/taler-util/src/http-impl.qtart.ts | 12++++++++++++


4 files changed, 27 insertions(+), 2 deletions(-)

diff --git a/packages/taler-util/package.json b/packages/taler-util/package.json
@@ -74,7 +74,7 @@
   },
   "ava": {
     "files": [
-      "lib/*test.js"
+      "lib/**/*test.js"
     ]
-  }
+}
 }
diff --git a/packages/taler-util/src/http-common.ts b/packages/taler-util/src/http-common.ts
@@ -423,6 +423,7 @@ export function getExpiry(
 
 export interface HttpLibArgs {
   enableThrottling?: boolean;
+  allowHttp?: boolean;
 }
 
 export function encodeBody(body: any): ArrayBuffer {
diff --git a/packages/taler-util/src/http-impl.node.ts b/packages/taler-util/src/http-impl.node.ts
@@ -49,9 +49,11 @@ const textDecoder = new TextDecoder();
 export class HttpLibImpl implements HttpRequestLibrary {
   private throttle = new RequestThrottler();
   private throttlingEnabled = true;
+  private allowHttp = false;
 
   constructor(args?: HttpLibArgs) {
     this.throttlingEnabled = args?.enableThrottling ?? false;
+    this.allowHttp = args?.allowHttp ?? false;
   }
 
   /**
@@ -78,6 +80,16 @@ export class HttpLibImpl implements HttpRequestLibrary {
         `request to origin ${parsedUrl.origin} was throttled`,
       );
     }
+    if (!this.allowHttp && parsedUrl.protocol !== "https:") {
+      throw TalerError.fromDetail(
+        TalerErrorCode.WALLET_NETWORK_ERROR,
+        {
+          requestMethod: method,
+          requestUrl: url,
+        },
+        `request to ${parsedUrl.origin} is not possible with protocol ${parsedUrl.protocol}`,
+      );
+    }
     let timeoutMs: number | undefined;
     if (typeof opt?.timeout?.d_ms === "number") {
       timeoutMs = opt.timeout.d_ms;
diff --git a/packages/taler-util/src/http-impl.qtart.ts b/packages/taler-util/src/http-impl.qtart.ts
@@ -41,9 +41,11 @@ const textDecoder = new TextDecoder();
 export class HttpLibImpl implements HttpRequestLibrary {
   private throttle = new RequestThrottler();
   private throttlingEnabled = true;
+  private allowHttp = false;
 
   constructor(args?: HttpLibArgs) {
     this.throttlingEnabled = args?.enableThrottling ?? false;
+    this.allowHttp = args?.allowHttp ?? false;
   }
 
   /**
@@ -70,6 +72,16 @@ export class HttpLibImpl implements HttpRequestLibrary {
         `request to origin ${parsedUrl.origin} was throttled`,
       );
     }
+    if (!this.allowHttp && parsedUrl.protocol !== "https") {
+      throw TalerError.fromDetail(
+        TalerErrorCode.WALLET_NETWORK_ERROR,
+        {
+          requestMethod: method,
+          requestUrl: url,
+        },
+        `request to ${parsedUrl.origin} is not possible with protocol ${parsedUrl.protocol}`,
+      );
+    }
 
     let data: ArrayBuffer | undefined = undefined;
     const requestHeadersMap = { ...getDefaultHeaders(method), ...opt?.headers };