v1.1.1

Hide warnings for unsafe headers
v1.1.0
2015-07-12 21:26:03 -07:00 · 2015-07-12 21:25:08 -07:00 · 2015-07-12 21:10:55 -07:00 · 2015-07-12 21:08:00 -07:00 · 2015-07-12 20:41:20 -07:00
3 changed files with 39 additions and 8 deletions
@@ -1,10 +1,11 @@
 // var Base64 = require('Base64')
 var capability = require('./capability')
 var foreach = require('foreach')
+var indexOf = require('indexof')
+var inherits = require('inherits')
 var keys = require('object-keys')
 var response = require('./response')
 var stream = require('stream')
-var inherits = require('inherits')

 var IncomingMessage = response.IncomingMessage
 var rStates = response.readyStates
@@ -63,7 +64,14 @@ inherits(ClientRequest, stream.Writable)

 ClientRequest.prototype.setHeader = function (name, value) {
 	var self = this
-	self._headers[name.toLowerCase()] = {
+	var lowerName = name.toLowerCase()
+	// This check is not necessary, but it prevents warnings from browsers about setting unsafe
+	// headers. To be honest I'm not entirely sure hiding these warnings is a good thing, but
+	// http-browserify did it, so I will too.
+	if (indexOf(unsafeHeaders, lowerName) !== -1)
+		return
+
+	self._headers[lowerName] = {
 		name: name,
 		value: value
 	}
@@ -109,7 +117,7 @@ ClientRequest.prototype._onFinish = function () {
 			headers: headers,
 			body: body,
 			mode: 'cors',
-			credentials: opts.credentials ? 'include' : 'omit'
+			credentials: opts.withCredentials ? 'include' : 'omit'
 		}).then(function (response) {
 			self._fetchResponse = response
 			self._connect()
@@ -234,3 +242,28 @@ ClientRequest.prototype.flushHeaders = function () {}
 ClientRequest.prototype.setTimeout = function () {}
 ClientRequest.prototype.setNoDelay = function () {}
 ClientRequest.prototype.setSocketKeepAlive = function () {}
+
+// Taken from http://www.w3.org/TR/XMLHttpRequest/#the-setrequestheader%28%29-method
+var unsafeHeaders = [
+	'accept-charset',
+	'accept-encoding',
+	'access-control-request-headers',
+	'access-control-request-method',
+	'connection',
+	'content-length',
+	'cookie',
+	'cookie2',
+	'date',
+	'dnt',
+	'expect',
+	'host',
+	'keep-alive',
+	'origin',
+	'referer',
+	'te',
+	'trailer',
+	'transfer-encoding',
+	'upgrade',
+	'user-agent',
+	'via'
+];
@@ -1,7 +1,7 @@
 var capability = require('./capability')
 var foreach = require('foreach')
-var stream = require('stream')
 var inherits = require('inherits')
+var stream = require('stream')

 var rStates = exports.readyStates = {
 	UNSENT: 0,
@@ -39,7 +39,6 @@ var IncomingMessage = exports.IncomingMessage = function (xhr, response, mode) {
 			reader.read().then(function (result) {
 				if (result.done) {
 					self.push(null)
-					self.emit('close')
 					return
 				}
 				self.push(new Buffer(result.value))
@@ -151,7 +150,6 @@ IncomingMessage.prototype._onXHRProgress = function () {
 			}
 			reader.onload = function () {
 				self.push(null)
-				self.emit('close')
 			}
 			// reader.onerror = ??? // TODO: this
 			reader.readAsArrayBuffer(response)
@@ -161,6 +159,5 @@ IncomingMessage.prototype._onXHRProgress = function () {
 	// The ms-stream case handles end separately in reader.onload()
 	if (self._xhr.readyState === rStates.DONE && self._mode !== 'ms-stream') {
 		self.push(null)
-		self.emit('close')
 	}
 }
@@ -1,6 +1,6 @@
 {
  "name": "stream-http",
-  "version": "1.0.2",
+  "version": "1.1.1",
  "description": "Streaming http in the browser",
  "main": "index.js",
  "repository": {
@@ -18,6 +18,7 @@
  "dependencies": {
    "builtin-status-codes": "~1.0.0",
    "foreach": "^2.0.5",
+    "indexof": "0.0.1",
    "inherits": "^2.0.1",
    "object-keys": "1.0.4",
    "xtend": "^4.0.0"
Author	SHA1	Message	Date
John Hiesey	15181f5586	v1.1.1	2015-07-12 21:26:03 -07:00
John Hiesey	916ab55402	Hide warnings for unsafe headers	2015-07-12 21:25:08 -07:00
John Hiesey	0f81836459	v1.1.0	2015-07-12 21:10:55 -07:00
John Hiesey	73f1e6f3f0	Stop emitting 'close' 1. This fixes an issue where the `response` module emits an extra 'end' 2. Node doesn't seem to emit 'close', even if "Connection: close" is specified 3. There isn't a real socket, and this module already doesn't emit the other socket-related events (and this is documented)	2015-07-12 21:08:00 -07:00
John Hiesey	d700e6d8d9	Fix withCredentials flag for fetch implementation	2015-07-12 20:41:20 -07:00