http,https: add built-in proxy support in http/https.request and Agent #58980
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Review requested:
|
055344f to
0e19610
Compare
13 tasks
2bcc125 to
fd6026e
Compare
jasnell
reviewed
Jul 7, 2025
jasnell
reviewed
Jul 7, 2025
jasnell
reviewed
Jul 7, 2025
jasnell
reviewed
Jul 7, 2025
jasnell
reviewed
Jul 7, 2025
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #58980 +/- ##
==========================================
+ Coverage 90.05% 90.09% +0.03%
==========================================
Files 645 645
Lines 189153 189730 +577
Branches 37091 37217 +126
==========================================
+ Hits 170348 170943 +595
+ Misses 11528 11506 -22
- Partials 7277 7281 +4
🚀 New features to boost your workflow:
|
822460a to
2172897
Compare
This was referenced Jul 8, 2025
|
The
notable-change
Please suggest a text for the release notes if you'd like to include a more detailed summary, then proceed to update the PR description with the text or a link to the notable change suggested text comment. Otherwise, the commit will be placed in the Other Notable Changes section. |
2172897 to
07c1459
Compare
|
Last CI was orange, the CI status of node-test-commit-osx can't be updated by the bot because the job is currently disabled (nodejs/build#4105). Manually landed in b16a0e7...036b1fd. |
aduh95
pushed a commit
that referenced
this pull request
Jul 21, 2025
Rewrite to ESM to use TLA. Also add a test to make sure case precedence is honored. Refs: https://about.gitlab.com/blog/we-need-to-talk-no-proxy PR-URL: #58980 Refs: #57872 Refs: #8381 Refs: #15620 Reviewed-By: Matteo Collina <[email protected]>
aduh95
pushed a commit
that referenced
this pull request
Jul 21, 2025
This patch implements proxy support for HTTP and HTTPS clients and agents in the `http` and `https` built-ins`. When NODE_USE_ENV_PROXY is set to 1, the default global agent would parse the HTTP_PROXY/http_proxy, HTTPS_PROXY/https_proxy, NO_PROXY/no_proxy settings from the environment variables, and proxy the requests sent through the built-in http/https client accordingly. To support this, `http.Agent` and `https.Agent` now accept a few new options: - `proxyEnv`: when it's an object, the agent would read and parse the HTTP_PROXY/http_proxy, HTTPS_PROXY/https_proxy, NO_PROXY/no_proxy properties from it, and apply them based on the protocol it uses to send requests. This option allows custom agents to reuse built-in proxy support by composing options. Global agents set this to `process.env` when NODE_USE_ENV_PROXY is 1. - `defaultPort` and `protocol`: these allow setting of the default port and protocol of the agents. We also need these when configuring proxy settings and deciding whether a request should be proxied. Implementation-wise, this adds a `ProxyConfig` internal class to handle parsing and application of proxy configurations. The configuration is parsed during agent construction. When requests are made, the `createConnection()` methods on the agents would check whether the request should be proxied. If yes, they either connect to the proxy server (in the case of HTTP reqeusts) or establish a tunnel (in the case of HTTPS requests) through either a TCP socket (if the proxy uses HTTP) or a TLS socket (if the proxy uses HTTPS). When proxying HTTPS requests through a tunnel, the connection listener is invoked after the tunnel is established. Tunnel establishment uses the timeout of the request options, if there is one. Otherwise it uses the timeout of the agent. If an error is encountered during tunnel establishment, an ERR_PROXY_TUNNEL would be emitted on the returned socket. If the proxy server sends a errored status code, the error would contain an `statusCode` property. If the error is caused by timeout, the error would contain a `proxyTunnelTimeout` property. This implementation honors the built-in socket pool and socket limits. Pooled sockets are still keyed by request endpoints, they are just connected to the proxy server instead, and the persistence of the connection can be maintained as long as the proxy server respects connection/proxy-connection or persist by default (HTTP/1.1) PR-URL: #58980 Refs: #57872 Refs: #8381 Refs: #15620 Reviewed-By: Matteo Collina <[email protected]>
nodejs-github-bot
added a commit
that referenced
this pull request
Jul 28, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in --cpu-prof-name (Haram Jeong) #59072
crypto:
* (SEMVER-MINOR) add tls.setDefaultCACertificates() (Joyee Cheung) #58822
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) #58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) #59113
esm:
* (SEMVER-MINOR) unflag --experimental-wasm-modules (Guy Bedford) #57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and Agent (Joyee Cheung) #58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) #58666
PR-URL: #59257
aduh95
added a commit
that referenced
this pull request
Jul 29, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) #59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) #58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) #59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) #58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) #59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) #57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) #58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) #58666
PR-URL: #59257
aduh95
added a commit
that referenced
this pull request
Jul 29, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) #59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) #58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) #59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) #58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) #59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) #57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) #58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) #58666
PR-URL: #59257
aduh95
added a commit
that referenced
this pull request
Jul 29, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) #59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) #58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) #59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) #58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) #59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) #57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) #58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) #58666
PR-URL: #59257
aduh95
added a commit
that referenced
this pull request
Jul 29, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) #59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) #58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) #59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) #58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) #59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) #57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) #58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) #58666
PR-URL: #59257
aduh95
added a commit
that referenced
this pull request
Jul 29, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) #59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) #58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) #59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) #58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) #59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) #57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) #58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) #58666
PR-URL: #59257
aduh95
added a commit
that referenced
this pull request
Jul 31, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) #59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) #58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) #59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) #58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) #59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) #57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) #58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) #58666
PR-URL: #59257
aduh95
added a commit
that referenced
this pull request
Jul 31, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) #59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) #58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) #59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) #58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) #59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) #57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) #58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) #58666
PR-URL: #59257
aduh95
added a commit
that referenced
this pull request
Jul 31, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) #59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) #58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) #59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) #58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) #59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) #57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) #58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) #58666
PR-URL: #59257
aduh95
added a commit
that referenced
this pull request
Jul 31, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) #59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) #58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) #59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) #58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) #59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) #57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) #58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) #58666
PR-URL: #59257
meteorqz6
pushed a commit
to meteorqz6/node
that referenced
this pull request
Aug 2, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) nodejs#59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) nodejs#58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) nodejs#59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) nodejs#58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) nodejs#59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) nodejs#57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) nodejs#58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) nodejs#58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) nodejs#58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) nodejs#58666
PR-URL: nodejs#59257
tmeijn
pushed a commit
to tmeijn/dotfiles
that referenced
this pull request
Aug 4, 2025
This MR contains the following updates: | Package | Update | Change | |---|---|---| | [node](https://nodejs.org) ([source](https://github.com/nodejs/node)) | minor | `24.4.1` -> `24.5.0` | MR created with the help of [el-capitano/tools/renovate-bot](https://gitlab.com/el-capitano/tools/renovate-bot). **Proposed changes to behavior should be submitted there as MRs.** --- ### Release Notes <details> <summary>nodejs/node (node)</summary> ### [`v24.5.0`](https://github.com/nodejs/node/releases/tag/v24.5.0): 2025-07-31, Version 24.5.0 (Current), @​aduh95 [Compare Source](nodejs/node@v24.4.1...v24.5.0) ##### Notable Changes ##### Upgrade to OpenSSL 3.5 This release is distributed with OpenSSL 3.5.1, following the announcement that OpenSSL 3.5 will be supported until April 2030, while Node.js 24 will be supported until April 2028. Read more about OpenSSL support in their blog post: <https://openssl-library.org/post/2025-02-20-openssl-3.5-lts/>. Contributed by Richard Lau in [#​58100](nodejs/node#58100). ##### Unflag `--experimental-wasm-modules` Node.js supports both source phase imports and instance phase imports to WebAssembly modules and for WASM imports to JavaScript, in line with the current Phase 3 WebAssembly [ESM Integration](https://github.com/webassembly/esm-integration) proposal. The implementation and the specification are still subject to change. Contributed by Guy Bedford in [#​57038](nodejs/node#57038). ##### Built-in proxy support in `request()` and `Agent` `node:http` and `node:https` now support proxies. When `NODE_USE_ENV_PROXY` is set to `1`, the default global agent would parse the `http_proxy`/`HTTP_PROXY`, `https_proxy`/`HTTPS_PROXY`, `no_proxy`/`NO_PROXY` settings from the environment variables, and proxy the requests sent through the built-in http/https client accordingly. To use global proxy support from the command line: ```bash NODE_USE_ENV_PROXY=1 HTTP_PROXY=http://proxy.example.com:8080 HTTPS_PROXY=http://proxy.example.com:8080 NO_PROXY=localhost,127.0.0.1 node client.js ``` In addition, `http.Agent` and `https.Agent` now support the custom `proxyEnv` options. ```js const agent = new https.Agent({ proxyEnv: { HTTPS_PROXY: 'http://proxy.example.com:8080' } }); ``` For reference, `fetch()` already supports `NODE_USE_ENV_PROXY` as of Node.js 24.0.0. Contributed by Joyee Cheung in [#​58980](nodejs/node#58980). ##### Add `setDefaultCACertificates()` to `node:tls` This API allows dynamically configuring CA certificates that will be used by the Node.js TLS clients by default. Once called, the provided certificates will become the default CA certificate list returned by `tls.getCACertificates('default')` and used by TLS connections that don't specify their own CA certificates. To add system CA certificates to the default bundle (which includes the Mozilla CA certificates): ```js tls.setDefaultCACertificates(tls.getCACertificates('default').concat(tls.getCACertificates('system'))); ``` Contributed by Joyee Cheung in [#​58822](nodejs/node#58822). ##### Other notable changes - \[[`d5640ca58a`](nodejs/node@d5640ca58a)] - **(SEMVER-MINOR)** **cli**: support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) [#​59072](nodejs/node#59072) - \[[`c52aaacfc5`](nodejs/node@c52aaacfc5)] - **(SEMVER-MINOR)** **dns**: support max timeout (theanarkh) [#​58440](nodejs/node#58440) - \[[`927742b342`](nodejs/node@927742b342)] - **doc**: update the instruction on how to verify releases (Antoine du Hamel) [#​59113](nodejs/node#59113) - \[[`f753645cd8`](nodejs/node@f753645cd8)] - **(SEMVER-MINOR)** **net**: update net.blocklist to allow file save and file management (alphaleadership) [#​58087](nodejs/node#58087) - \[[`9791ff3480`](nodejs/node@9791ff3480)] - **(SEMVER-MINOR)** **worker**: add web locks api (ishabi) [#​58666](nodejs/node#58666) ##### Commits - \[[`5457c7a8a1`](nodejs/node@5457c7a8a1)] - **benchmark**: adjust configuration for string-decoder bench (Rafael Gonzaga) [#​59187](nodejs/node#59187) - \[[`28538f2255`](nodejs/node@28538f2255)] - **benchmark**: add --track to benchmark (Rafael Gonzaga) [#​59174](nodejs/node#59174) - \[[`a28d804497`](nodejs/node@a28d804497)] - **benchmark**: small lint fix on \_cli.js (Rafael Gonzaga) [#​59172](nodejs/node#59172) - \[[`09717eb68e`](nodejs/node@09717eb68e)] - **benchmark**: drop misc/punycode benchmark (Rafael Gonzaga) [#​59171](nodejs/node#59171) - \[[`ad6757ef02`](nodejs/node@ad6757ef02)] - **benchmark**: fix sqlite-is-transaction (Rafael Gonzaga) [#​59170](nodejs/node#59170) - \[[`7fc3143f61`](nodejs/node@7fc3143f61)] - **benchmark**: reduce N for diagnostics\_channel subscribe benchmark (Arthur Angelo) [#​59116](nodejs/node#59116) - \[[`f2812723a0`](nodejs/node@f2812723a0)] - **buffer**: cache Environment::GetCurrent to avoid repeated calls (Mert Can Altin) [#​59043](nodejs/node#59043) - \[[`e3e729ca60`](nodejs/node@e3e729ca60)] - **build**: remove suppressions.supp (Rafael Gonzaga) [#​59079](nodejs/node#59079) - \[[`dc66422768`](nodejs/node@dc66422768)] - **build,deps,tools**: prepare to update to OpenSSL 3.5 (Richard Lau) [#​58100](nodejs/node#58100) - \[[`f5da4947d9`](nodejs/node@f5da4947d9)] - **cli**: add --use-env-proxy (Joyee Cheung) [#​59151](nodejs/node#59151) - \[[`d5640ca58a`](nodejs/node@d5640ca58a)] - **(SEMVER-MINOR)** **cli**: support `${pid}` placeholder in --cpu-prof-name (Haram Jeong) [#​59072](nodejs/node#59072) - \[[`eeeb40e95b`](nodejs/node@eeeb40e95b)] - **(SEMVER-MINOR)** **crypto**: add tls.setDefaultCACertificates() (Joyee Cheung) [#​58822](nodejs/node#58822) - \[[`135fca5b72`](nodejs/node@135fca5b72)] - **crypto**: avoid copying buffers to UTF-8 strings in `crypto.hash()` (Renegade334) [#​59067](nodejs/node#59067) - \[[`998cef10e3`](nodejs/node@998cef10e3)] - **deps**: update archs files for openssl-3.5.1 (Node.js GitHub Bot) [#​59234](nodejs/node#59234) - \[[`1f06ca956a`](nodejs/node@1f06ca956a)] - **deps**: upgrade openssl sources to openssl-3.5.1 (Node.js GitHub Bot) [#​59234](nodejs/node#59234) - \[[`55a90eed8d`](nodejs/node@55a90eed8d)] - **deps**: upgrade npm to 11.5.1 (npm team) [#​59199](nodejs/node#59199) - \[[`2b5d451ae0`](nodejs/node@2b5d451ae0)] - **deps**: update amaro to 1.1.1 (Node.js GitHub Bot) [#​59141](nodejs/node#59141) - \[[`af789d9b5c`](nodejs/node@af789d9b5c)] - **deps**: update undici to 7.12.0 (Node.js GitHub Bot) [#​59135](nodejs/node#59135) - \[[`a34e44545e`](nodejs/node@a34e44545e)] - **deps**: update sqlite to 3.50.3 (Node.js GitHub Bot) [#​59132](nodejs/node#59132) - \[[`bfe4781c7d`](nodejs/node@bfe4781c7d)] - **deps**: update googletest to [`7e17b15`](nodejs/node@7e17b15) (Node.js GitHub Bot) [#​59131](nodejs/node#59131) - \[[`72adf52e51`](nodejs/node@72adf52e51)] - **deps**: update ada to 3.2.6 (Node.js GitHub Bot) [#​58966](nodejs/node#58966) - \[[`2a5f35b589`](nodejs/node@2a5f35b589)] - **deps**: V8: cherry-pick [`3d750c2`](nodejs/node@3d750c2aa9ef) (Michaël Zasso) [#​58750](nodejs/node#58750) - \[[`3f813eaba7`](nodejs/node@3f813eaba7)] - **deps**: update archs files for openssl-3.0.17 (Node.js GitHub Bot) [#​59134](nodejs/node#59134) - \[[`fb52d0d8df`](nodejs/node@fb52d0d8df)] - **deps**: upgrade openssl sources to openssl-3.0.17 (Node.js GitHub Bot) [#​59134](nodejs/node#59134) - \[[`f122602f9d`](nodejs/node@f122602f9d)] - **deps**: update corepack to 0.34.0 (Node.js GitHub Bot) [#​59133](nodejs/node#59133) - \[[`c52aaacfc5`](nodejs/node@c52aaacfc5)] - **(SEMVER-MINOR)** **dns**: support max timeout (theanarkh) [#​58440](nodejs/node#58440) - \[[`927742b342`](nodejs/node@927742b342)] - **doc**: update the instruction on how to verify releases (Antoine du Hamel) [#​59113](nodejs/node#59113) - \[[`9a8d2020ad`](nodejs/node@9a8d2020ad)] - **doc**: copyedit SECURITY.md (Rich Trott) [#​59190](nodejs/node#59190) - \[[`3da5bc0668`](nodejs/node@3da5bc0668)] - **doc**: fix broken sentence in `URL.parse` (Superchupu) [#​59164](nodejs/node#59164) - \[[`06cd7461e0`](nodejs/node@06cd7461e0)] - **doc**: improve onboarding instructions (Joyee Cheung) [#​59159](nodejs/node#59159) - \[[`dfb72d158b`](nodejs/node@dfb72d158b)] - **doc**: add constraints for mem leak to threat model (Rafael Gonzaga) [#​58917](nodejs/node#58917) - \[[`51b8dfd5c6`](nodejs/node@51b8dfd5c6)] - **doc**: add Aditi-1400 to collaborators (Aditi) [#​59157](nodejs/node#59157) - \[[`4ffa756ce3`](nodejs/node@4ffa756ce3)] - **doc**: avoid suggesting testing fast api with intense loop (Chengzhong Wu) [#​59111](nodejs/node#59111) - \[[`6f81b274f7`](nodejs/node@6f81b274f7)] - **doc**: fix typo in writing-test.md (SeokHun) [#​59123](nodejs/node#59123) - \[[`88e434e687`](nodejs/node@88e434e687)] - **doc**: add new environment variables doc page (Dario Piotrowicz) [#​59052](nodejs/node#59052) - \[[`b1a318d706`](nodejs/node@b1a318d706)] - **doc**: update release key for aduh95 (Antoine du Hamel) [#​58877](nodejs/node#58877) - \[[`34c49000c9`](nodejs/node@34c49000c9)] - **doc**: add missing section for `setReturnArrays` in `sqlite.md` (Edy Silva) [#​59074](nodejs/node#59074) - \[[`9b2e965aff`](nodejs/node@9b2e965aff)] - **doc**: add RafaelGSS as steward July 25 (Rafael Gonzaga) [#​59078](nodejs/node#59078) - \[[`2d1dcb87e6`](nodejs/node@2d1dcb87e6)] - **doc**: clarify ERR\_FS\_FILE\_TOO\_LARGE to reflect fs.readFile() I/O limit (Haram Jeong) [#​59050](nodejs/node#59050) - \[[`999b5e51e7`](nodejs/node@999b5e51e7)] - **doc**: run license-builder (github-actions\[bot]) [#​59056](nodejs/node#59056) - \[[`1940a2cb46`](nodejs/node@1940a2cb46)] - **doc**: fix typed list formatting (Aviv Keller) [#​59019](nodejs/node#59019) - \[[`6cb5e0d22f`](nodejs/node@6cb5e0d22f)] - **doc**: refine `util.parseArgs` `default` definition (Slayer95) [#​58958](nodejs/node#58958) - \[[`d2e7f8e13a`](nodejs/node@d2e7f8e13a)] - **doc**: remove unused import in `zlib.md` (coderaiser) [#​59041](nodejs/node#59041) - \[[`9d02960149`](nodejs/node@9d02960149)] - **doc**: add missing environment variables to manpage (amir lavasani) [#​58963](nodejs/node#58963) - \[[`45ffdb34fb`](nodejs/node@45ffdb34fb)] - **doc**: add stability index to the `--watch-kill-signal` flag (Dario Piotrowicz) [#​58997](nodejs/node#58997) - \[[`3924c43600`](nodejs/node@3924c43600)] - **doc**: add missing `<code>` blocks (Antoine du Hamel) [#​58995](nodejs/node#58995) - \[[`cb95e183f3`](nodejs/node@cb95e183f3)] - **doc**: add scroll margin to links (Roman Reiss) [#​58982](nodejs/node#58982) - \[[`c9ded6ba15`](nodejs/node@c9ded6ba15)] - **doc**: add sponsorship link to RafaelGSS (Rafael Gonzaga) [#​58983](nodejs/node#58983) - \[[`b919fe0447`](nodejs/node@b919fe0447)] - **(SEMVER-MINOR)** **esm**: unflag --experimental-wasm-modules (Guy Bedford) [#​57038](nodejs/node#57038) - \[[`71bb6cd077`](nodejs/node@71bb6cd077)] - **esm**: js-string Wasm builtins in ESM Integration (Guy Bedford) [#​59020](nodejs/node#59020) - \[[`8d869e6d62`](nodejs/node@8d869e6d62)] - **fs**: fix return value of fs APIs (theanarkh) [#​58996](nodejs/node#58996) - \[[`7f654cee9e`](nodejs/node@7f654cee9e)] - **(SEMVER-MINOR)** **http,https**: add built-in proxy support in http/https.request and Agent (Joyee Cheung) [#​58980](nodejs/node#58980) - \[[`85d6a28f4f`](nodejs/node@85d6a28f4f)] - **inspector**: initial support for Network.loadNetworkResource (Shima Ryuhei) [#​58077](nodejs/node#58077) - \[[`cfaa299f2e`](nodejs/node@cfaa299f2e)] - **lib**: fix incorrect `ArrayBufferPrototypeGetDetached` primordial type (Dario Piotrowicz) [#​58978](nodejs/node#58978) - \[[`d555db22ad`](nodejs/node@d555db22ad)] - **lib**: flag to conditionally modify proto on deprecate (Rafael Gonzaga) [#​58928](nodejs/node#58928) - \[[`96c9dd79e6`](nodejs/node@96c9dd79e6)] - **meta**: move one or more collaborators to emeritus (Node.js GitHub Bot) [#​59140](nodejs/node#59140) - \[[`324d9fc9d4`](nodejs/node@324d9fc9d4)] - **meta**: enable jsdoc/check-tag-names rule (Yagiz Nizipli) [#​58521](nodejs/node#58521) - \[[`04c751463b`](nodejs/node@04c751463b)] - **meta**: add marco-ippolito to security release stewards (Marco Ippolito) [#​58944](nodejs/node#58944) - \[[`fe0195fdcc`](nodejs/node@fe0195fdcc)] - **module**: fix conditions override in synchronous resolve hooks (Joyee Cheung) [#​59011](nodejs/node#59011) - \[[`515b581d47`](nodejs/node@515b581d47)] - **module**: throw error when re-runing errored module jobs (Joyee Cheung) [#​58957](nodejs/node#58957) - \[[`f753645cd8`](nodejs/node@f753645cd8)] - **(SEMVER-MINOR)** **net**: update net.blocklist to allow file save and file management (alphaleadership) [#​58087](nodejs/node#58087) - \[[`15e6c28d82`](nodejs/node@15e6c28d82)] - **node-api,doc**: update links to ecma262 with section names (Chengzhong Wu) [#​59087](nodejs/node#59087) - \[[`f67b686551`](nodejs/node@f67b686551)] - **perf\_hooks**: do not expose SafeMap via Histogram wrapper (René) [#​59094](nodejs/node#59094) - \[[`3d2f919f7c`](nodejs/node@3d2f919f7c)] - **process**: make execve's args argument optional (Allon Murienik) [#​58412](nodejs/node#58412) - \[[`1a44265810`](nodejs/node@1a44265810)] - **repl**: handle errors from getters during completion (Shima Ryuhei) [#​59044](nodejs/node#59044) - \[[`467dbd31e6`](nodejs/node@467dbd31e6)] - **repl**: fix repl crashing on variable declarations without init (Dario Piotrowicz) [#​59032](nodejs/node#59032) - \[[`3a3eb6852d`](nodejs/node@3a3eb6852d)] - **repl**: improve REPL disabling completion on proxies and getters (Dario Piotrowicz) [#​58891](nodejs/node#58891) - \[[`55838e79b8`](nodejs/node@55838e79b8)] - **src**: call unmask after install signal handler (theanarkh) [#​59059](nodejs/node#59059) - \[[`77649ad93b`](nodejs/node@77649ad93b)] - **src**: use `FastStringKey` for `TrackV8FastApiCall` (Anna Henningsen) [#​59148](nodejs/node#59148) - \[[`86babf9c4b`](nodejs/node@86babf9c4b)] - **src**: use C++20 `consteval` for `FastStringKey` (Anna Henningsen) [#​59148](nodejs/node#59148) - \[[`88b99eeae1`](nodejs/node@88b99eeae1)] - **src**: remove declarations of removed BaseObject static fns (Anna Henningsen) [#​59093](nodejs/node#59093) - \[[`d89390fc8f`](nodejs/node@d89390fc8f)] - **src**: add cache to nearest parent package json (Ilyas Shabi) [#​59086](nodejs/node#59086) - \[[`21780075e4`](nodejs/node@21780075e4)] - **src**: check import attributes value types as strings (Chengzhong Wu) [#​58986](nodejs/node#58986) - \[[`ef89c2fac9`](nodejs/node@ef89c2fac9)] - **src,test**: fix config file parsing for flags defaulted to true (Edy Silva) [#​59110](nodejs/node#59110) - \[[`1e990866e0`](nodejs/node@1e990866e0)] - **test**: mark web lock held test as flaky (Ilyas Shabi) [#​59144](nodejs/node#59144) - \[[`ba8e95a785`](nodejs/node@ba8e95a785)] - **test**: use mustSucceed in test-fs-read (Sungwon) [#​59204](nodejs/node#59204) - \[[`39978f507f`](nodejs/node@39978f507f)] - **test**: prepare test-crypto-rsa-dsa for newer OpenSSL (Richard Lau) [#​58100](nodejs/node#58100) - \[[`1c3aadb9d6`](nodejs/node@1c3aadb9d6)] - **test**: fix flaky test-worker-message-port-transfer-filehandle test (Alex Yang) [#​59158](nodejs/node#59158) - \[[`a0d22e9c51`](nodejs/node@a0d22e9c51)] - **test**: remove timeout in test-https-proxy-request-handshake-failure (Joyee Cheung) [#​59165](nodejs/node#59165) - \[[`7e0a0fccc1`](nodejs/node@7e0a0fccc1)] - **test**: expand linting rules around `assert` w literal messages (Anna Henningsen) [#​59147](nodejs/node#59147) - \[[`c6070046c3`](nodejs/node@c6070046c3)] - **test**: update WPT for WebCryptoAPI to [`ab08796`](nodejs/node@ab08796857) (Node.js GitHub Bot) [#​59129](nodejs/node#59129) - \[[`15d8cc908e`](nodejs/node@15d8cc908e)] - **test**: update WPT for WebCryptoAPI to [`19d82c5`](nodejs/node@19d82c57ab) (Node.js GitHub Bot) [#​59129](nodejs/node#59129) - \[[`83023e5144`](nodejs/node@83023e5144)] - **test**: skip tests that cause timeouts on IBM i (Abdirahim Musse) [#​59014](nodejs/node#59014) - \[[`82d4175ec3`](nodejs/node@82d4175ec3)] - **test**: update `startCLI` to set `--port=0` by default (Dario Piotrowicz) [#​59042](nodejs/node#59042) - \[[`16dc53c143`](nodejs/node@16dc53c143)] - **(SEMVER-MINOR)** **test**: move http proxy tests to test/client-proxy (Joyee Cheung) [#​58980](nodejs/node#58980) - \[[`a9511a6066`](nodejs/node@a9511a6066)] - **test**: mark test-inspector-network-fetch as flaky on Windows (Joyee Cheung) [#​59091](nodejs/node#59091) - \[[`1cffcc02a3`](nodejs/node@1cffcc02a3)] - **test**: add missing port=0 arg in test-debugger-extract-function-name (Dario Piotrowicz) [#​58977](nodejs/node#58977) - \[[`83cdf1701b`](nodejs/node@83cdf1701b)] - **test\_runner**: clean up promisified interval generation (René) [#​58824](nodejs/node#58824) - \[[`195d6038dc`](nodejs/node@195d6038dc)] - **tools**: clarify README linter error message (Joyee Cheung) [#​59160](nodejs/node#59160) - \[[`51f578a3bf`](nodejs/node@51f578a3bf)] - **tools**: add support for URLs to MR commits in `merge.sh` (Antoine du Hamel) [#​59162](nodejs/node#59162) - \[[`20be9012eb`](nodejs/node@20be9012eb)] - **tools**: bump [@​eslint/plugin-kit](https://github.com/eslint/plugin-kit) from 0.3.1 to 0.3.3 in /tools/eslint (dependabot\[bot]) [#​59119](nodejs/node#59119) - \[[`623e264e93`](nodejs/node@623e264e93)] - **tools**: ignore CVE mention when linting release proposals (Antoine du Hamel) [#​59037](nodejs/node#59037) - \[[`0e547e09ab`](nodejs/node@0e547e09ab)] - **tools,test**: enforce best practices to detect never settling promises (Antoine du Hamel) [#​58992](nodejs/node#58992) - \[[`075d1968db`](nodejs/node@075d1968db)] - **util**: respect nested formats in styleText (Alex Yang) [#​59098](nodejs/node#59098) - \[[`9791ff3480`](nodejs/node@9791ff3480)] - **(SEMVER-MINOR)** **worker**: add web locks api (ishabi) [#​58666](nodejs/node#58666) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this MR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this MR, check this box --- This MR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS40Ni4zIiwidXBkYXRlZEluVmVyIjoiNDEuNDYuMyIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiUmVub3ZhdGUgQm90Il19-->
hsnabod175
reviewed
Aug 5, 2025
panva
pushed a commit
to panva/node
that referenced
this pull request
Aug 7, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) nodejs#59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) nodejs#58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) nodejs#59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) nodejs#58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) nodejs#59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) nodejs#57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) nodejs#58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) nodejs#58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) nodejs#58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) nodejs#58666
PR-URL: nodejs#59257
mete0rfish
pushed a commit
to mete0rfish/node-contribute
that referenced
this pull request
Aug 9, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) nodejs#59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) nodejs#58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) nodejs#59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) nodejs#58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) nodejs#59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) nodejs#57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) nodejs#58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) nodejs#58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) nodejs#58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) nodejs#58666
PR-URL: nodejs#59257
panva
pushed a commit
to panva/node
that referenced
this pull request
Aug 9, 2025
Notable changes:
cli:
* (SEMVER-MINOR) support `${pid}` placeholder in `--cpu-prof-name` (Haram Jeong) nodejs#59072
crypto:
* (SEMVER-MINOR) add `tls.setDefaultCACertificates()` (Joyee Cheung) nodejs#58822
deps:
* upgrade to openssl-3.5.1 (Node.js GitHub Bot) nodejs#59234
dns:
* (SEMVER-MINOR) support max timeout (theanarkh) nodejs#58440
doc:
* update the instruction on how to verify releases (Antoine du Hamel) nodejs#59113
esm:
* (SEMVER-MINOR) unflag `--experimental-wasm-modules` (Guy Bedford) nodejs#57038
http,https:
* (SEMVER-MINOR) add built-in proxy support in http/https.request and `Agent` (Joyee Cheung) nodejs#58980
net:
* (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) nodejs#58087
test:
* (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) nodejs#58980
worker:
* (SEMVER-MINOR) add web locks api (ishabi) nodejs#58666
PR-URL: nodejs#59257
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 12, 2025
Notable changes: cli: * (SEMVER-MINOR) add NODE_USE_SYSTEM_CA=1 (Joyee Cheung) #59276 * (SEMVER-MINOR) add --use-env-proxy (Joyee Cheung) #59151 * (SEMVER-MINOR) support `${pid}` placeholder in --cpu-prof-name (Haram Jeong) #59072 crypto: * (SEMVER-MINOR) support ML-DSA KeyObject, sign, and verify (Filip Skokan) #59259 * (SEMVER-MINOR) add tls.setDefaultCACertificates() (Joyee Cheung) #58822 deps: * update archs files for openssl-3.5.1 (Node.js GitHub Bot) #59234 * upgrade openssl sources to openssl-3.5.1 (Node.js GitHub Bot) #59234 dns: * (SEMVER-MINOR) support max timeout (theanarkh) #58440 doc: * update the instruction on how to verify releases (Antoine du Hamel) #59113 esm: * (SEMVER-MINOR) unflag --experimental-wasm-modules (Guy Bedford) #57038 fs: * (SEMVER-MINOR) port SonicBoom module to fs module as Utf8Stream (James M Snell) #58897 http: * (SEMVER-MINOR) add server.keepAliveTimeoutBuffer option (Haram Jeong) #59243 http,https: * (SEMVER-MINOR) add built-in proxy support in http/https.request and Agent (Joyee Cheung) #58980 lib: * docs deprecate _http_* (Sebastian Beltran) #59293 net: * (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087 test: * (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980 worker: * (SEMVER-MINOR) add web locks api (ishabi) #58666 zlib: * (SEMVER-MINOR) add dictionary support to zstdCompress and zstdDecompress (lluisemper) #59240 PR-URL: #59449 Signed-off-by: RafaelGSS <[email protected]>
RafaelGSS
pushed a commit
that referenced
this pull request
Aug 12, 2025
Notable changes: cli: * (SEMVER-MINOR) add NODE_USE_SYSTEM_CA=1 (Joyee Cheung) #59276 * (SEMVER-MINOR) add --use-env-proxy (Joyee Cheung) #59151 * (SEMVER-MINOR) support `${pid}` placeholder in --cpu-prof-name (Haram Jeong) #59072 crypto: * (SEMVER-MINOR) support ML-DSA KeyObject, sign, and verify (Filip Skokan) #59259 * (SEMVER-MINOR) add tls.setDefaultCACertificates() (Joyee Cheung) #58822 deps: * update archs files for openssl-3.5.1 (Node.js GitHub Bot) #59234 * upgrade openssl sources to openssl-3.5.1 (Node.js GitHub Bot) #59234 dns: * (SEMVER-MINOR) support max timeout (theanarkh) #58440 doc: * update the instruction on how to verify releases (Antoine du Hamel) #59113 esm: * (SEMVER-MINOR) unflag --experimental-wasm-modules (Guy Bedford) #57038 fs: * (SEMVER-MINOR) port SonicBoom module to fs module as Utf8Stream (James M Snell) #58897 http: * (SEMVER-MINOR) add server.keepAliveTimeoutBuffer option (Haram Jeong) #59243 http,https: * (SEMVER-MINOR) add built-in proxy support in http/https.request and Agent (Joyee Cheung) #58980 lib: * docs deprecate _http_* (Sebastian Beltran) #59293 net: * (SEMVER-MINOR) update net.blocklist to allow file save and file management (alphaleadership) #58087 test: * (SEMVER-MINOR) move http proxy tests to test/client-proxy (Joyee Cheung) #58980 worker: * (SEMVER-MINOR) add web locks api (ishabi) #58666 zlib: * (SEMVER-MINOR) add dictionary support to zstdCompress and zstdDecompress (lluisemper) #59240 PR-URL: #59449 Signed-off-by: RafaelGSS <[email protected]>
|
I think this is waiting for #57165 before it can land on v22.x-staging. It doesn't land cleanly on the current staging branch. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patch implements proxy support for HTTP and HTTPS clients and
agents in the
httpandhttpsbuilt-ins`. When NODE_USE_ENV_PROXYis set to 1, the default global agent would parse the
HTTP_PROXY/http_proxy, HTTPS_PROXY/https_proxy, NO_PROXY/no_proxy
settings from the environment variables, and proxy the requests
sent through the built-in http/https client accordingly.
To support this,
http.Agentandhttps.Agentnow accept a few newoptions:
proxyEnv: when it's an object, the agent would read and parsethe HTTP_PROXY/http_proxy, HTTPS_PROXY/https_proxy, NO_PROXY/no_proxy
properties from it, and apply them based on the protocol it uses
to send requests. This option allows custom agents to
reuse built-in proxy support by composing options. Global agents
set this to
process.envwhen NODE_USE_ENV_PROXY is 1.defaultPortandprotocol: these allow setting of the default portand protocol of the agents. We also need these when configuring
proxy settings and deciding whether a request should be proxied.
Example
Starting a Node.js process with proxy support enabled for all requests sent
through the default global agent:
NODE_USE_ENV_PROXY=1 HTTP_PROXY=http://proxy.example.com:8080 HTTPS_PROXY=http://proxy.example.com:8080 NO_PROXY=localhost,127.0.0.1 node client.jsTo create a custom agent with built-in proxy support:
Alternatively, the following also works:
Implementation
Implementation-wise, this adds a
ProxyConfiginternal class to handleparsing and application of proxy configurations. The configuration
is parsed during agent construction. When requests are made,
the
createConnection()methods on the agents would check whetherthe request should be proxied. If yes, they either connect to the
proxy server (in the case of HTTP reqeusts) or establish a tunnel
(in the case of HTTPS requests) through either a TCP socket (if the
proxy uses HTTP) or a TLS socket (if the proxy uses HTTPS).
When proxying HTTPS requests through a tunnel, the connection listener
is invoked after the tunnel is established. Tunnel establishment uses
the timeout of the request options, if there is one. Otherwise it uses
the timeout of the agent.
If an error is encountered during tunnel establishment, an
ERR_PROXY_TUNNEL would be emitted on the returned socket. If the proxy
server sends a errored status code, the error would contain an
statusCodeproperty. If the error is caused by timeout, the errorwould contain a
proxyTunnelTimeoutproperty.This implementation honors the built-in socket pool and socket limits.
Pooled sockets are still keyed by request endpoints, they are just
connected to the proxy server instead, and the persistence of the
connection can be maintained as long as the proxy server respects
connection/proxy-connection or persist by default (HTTP/1.1)
Testing
Most of the diff of this patch are tests for various cases that a proxied client can run into. I also tested it with a production proxy server behind a firewall.
To check how transparent the sockets behave when they are going through a proxy, I also ran the existing http/https tests over a minimal testing proxy server:
So >88% of the existing HTTP/HTTPS use cases work transparently when they go through a proxy. Among the failures most of them are caused by testing proxy server not being transparent since I didn't put a lot of thought into it, or that the tests are expecting specific things (e.g. events, errors) that have to come from a server in the same process. I think this is good enough as an initial implementation and we can continue iterating to make the proxied behavior as transparent as possible.
Some TODOs:
The first commit comes from #58950 - I split it off since it just moved the existing tests for fetch into a new client-proxy directory and made the testing proxy server a bit more versatile, not strictly tied to what this patch tries to implement.
Refs: #57872
Refs: #8381
Refs: #15620