clean up some outdated code and implement a few performance
improvements. most notably, the response from `upgradeWebSocket` is now
actually used as a normal response.
a followup pr will rework raw upgrades to a greater extent
This commit adds support for specifying a `Deno.HttpClient` in the
`client` field of the `WebSocketOptions` bag. This mirrors how users
pass a custom HTTP client to `fetch`.
Additionally the underlying connection for websockets are now
established through the same mechanism used for `fetch`, which
means that `WebSocket` now correctly uses HTTP proxies, like
when configuring the `HTTP_PROXY` env var.
---------
Signed-off-by: Luca Casonato <hello@lcas.dev>
Fixes https://github.com/denoland/deno/issues/28903
Closes https://github.com/denoland/deno/issues/26190
- Adds a new option `unsafelyDisableHostnameVerification` to
`Deno.connectTls` and `Deno.startTls` to ignore DNS name mismatch errors
from rustls server verifier.
- Disable hostname verification in Node.js TLSSocket if
`checkServerIdentity` is a no-op.
---------
Signed-off-by: Divy Srivastava <dj.srivastava23@gmail.com>
1. Removes the access check callback, which was kind of confusing.
1. Requires `CheckedPath` for everything in the `FileSystem` trait to
ensure we're always checking permissions.
This commit adds support for using
[vsock](https://man7.org/linux/man-pages/man7/vsock.7.html) transport in
fetch API on Linux and macOS.
Similar to #29154, a vsock transport can be specified in the `proxy`
field when calling `Deno.createHttpClient`.
```ts
const client = Deno.createHttpClient({
proxy: {
transport: "vsock",
cid: 2,
port: 80,
},
});
await fetch("http://localhost/ping", { client });
```
Since `rust 1.87.0` reported `undefined symbol:
ring::pbkdf2::PBKDF2_HMAC_SHA1::*` in CI and it was difficult to debug
locally, use `rust 1.86.0` in CI tests for troubleshoot the errors
This commit adds support for using Unix socket proxies in `fetch` API.
This is facilitated by passing an appropriate `Deno.HttpClient` instance
to the `fetch` API:
```
const client = Deno.createHttpClient({
proxy: {
transport: "unix",
path: "/path/to/unix.sock",
},
});
await fetch("http://localhost/ping", { client });
```
Closes https://github.com/denoland/deno/issues/8821
---------
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Currently, there is no way to implement `FetchPermissions` without
importing `FsError` from `deno_fs` directly. This PR aims to re-export
the `FsError` from `deno_fetch` itself to allow it.
This commits moves all `.d.ts` files from `ext/*` to `cli/tsc/dts`.
Due to TSC snapshot removal, `cargo publish` is now erroring out,
unable to find the declaration files. These files were moved to
"cli/tsc/dts", because it's much easier than keeping them in
extension directories, while still providing them compressed
or uncompressed depending on the build type.
This brings some of the HTTP/2 retry behavior from reqwest to
`ext/fetch`. It will retry very specific HTTP/2 errors once, if the body
is able to be used again.
Closes#27332
This commit changes "node:http" module to add support
for the "createConnection" option when the "request()"
API is called.
Closes https://github.com/denoland/deno/issues/19507
---------
Signed-off-by: Yoshiya Hinosawa <stibium121@gmail.com>
Signed-off-by: Satya Rohith <me@satyarohith.com>
Co-authored-by: Yoshiya Hinosawa <stibium121@gmail.com>
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: crowlkats <crowlkats@toaxl.com>
This commit improves permission prompts by adding an option
to print a full trace of where the permissions is being requested.
Due to big performance hint of stack trace collection, this is only
enabled when `DENO_TRACE_PERMISSIONS` env var is present.
Closes https://github.com/denoland/deno/issues/20756
---------
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
This commit makes HTTP client parameters used in `fetch` API
configurable on the extension initialization via a callback
`client_builder_hook` that users can provide.
The main motivation behind this change is to allow `deno_fetch` users to
tune the HTTP/2 client to suit their needs, although Deno CLI users will
not benefit from it as no JavaScript interface is exposed to set these
parameters currently.
It is up to users whether to provide a hook function. If not provided,
the default configuration from hyper crate will be used.
Ref #26785
This commit makes `fetch` error messages include source and destination TCP
socket info i.e. port number and IP address for better debuggability.
Closes#24922
Sending ALPN to a proxy, and then when tunneling, requires better
juggling of TLS configs. This improves the choice of TLS config in the
proxy connector, based on what reqwest does. It also includes some
`ext/fetch/tests.rs` that check the different combinations.
Fixes#24632Fixes#24691
Originally landed in
f6fd6619e7.
Reverted in https://github.com/denoland/deno/pull/24574.
This reland contains a fix that sends "Accept: */*" header for calls made
from "FileFetcher". Absence of this header made downloading source code
from JSR broken. This is tested by ensuring this header is present in the
test server that servers JSR packages.
---------
Co-authored-by: Sean McArthur <sean@seanmonstar.com>
This commit re-implements `ext/fetch` and all dependent crates
using `hyper` and `hyper-util`, instead of `reqwest`.
The reasoning is that we want to have greater control and access
to low level `hyper` APIs when implementing `fetch` API as well
as `node:http` module.
---------
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
This commit updates Deno to use `reqwest` at 0.12.4
and `rustls` at 0.22. Other related crates were updated
as well to match versions accepted by `reqwest` and `rustls`.
Note: we are not using the latest available `rustls` yet,
but this upgrade was non-trivial already, so a bump to
0.23 for `rustls` will be done in a separate commit.
Closes#23370
---------
Signed-off-by: Ryan Dahl <ry@tinyclouds.org>
Signed-off-by: Bartek Iwańczuk <biwanczuk@gmail.com>
Co-authored-by: Ryan Dahl <ry@tinyclouds.org>
Co-authored-by: Divy Srivastava <dj.srivastava23@gmail.com>
Also removes permissions being passed in for node resolution. It was
completely useless because we only checked it for reading package.json
files, but Deno reading package.json files for resolution is perfectly
fine.
My guess is this is also a perf improvement because Deno is doing less
work.
Precursor to #23236
This implements the SNI features, but uses private symbols to avoid
exposing the functionality at this time. Note that to properly test this
feature, we need to add a way for `connectTls` to specify a hostname.
This is something that should be pushed into that API at a later time as
well.
```ts
Deno.test(
{ permissions: { net: true, read: true } },
async function listenResolver() {
let sniRequests = [];
const listener = Deno.listenTls({
hostname: "localhost",
port: 0,
[resolverSymbol]: (sni: string) => {
sniRequests.push(sni);
return {
cert,
key,
};
},
});
{
const conn = await Deno.connectTls({
hostname: "localhost",
[serverNameSymbol]: "server-1",
port: listener.addr.port,
});
const [_handshake, serverConn] = await Promise.all([
conn.handshake(),
listener.accept(),
]);
conn.close();
serverConn.close();
}
{
const conn = await Deno.connectTls({
hostname: "localhost",
[serverNameSymbol]: "server-2",
port: listener.addr.port,
});
const [_handshake, serverConn] = await Promise.all([
conn.handshake(),
listener.accept(),
]);
conn.close();
serverConn.close();
}
assertEquals(sniRequests, ["server-1", "server-2"]);
listener.close();
},
);
```
---------
Signed-off-by: Matt Mastracci <matthew@mastracci.com>
Issue https://github.com/denoland/deno/issues/22222
This PR moves `runtime/permissions` code to a upstream crate called
`deno_permissions`. The `deno_permissions::PermissionsContainer` is put
into the OpState and can be used instead of the current trait-based
permissions system.
For this PR, I've migrated `deno_fetch` to the new crate but kept the
rest of the trait-based system as a wrapper of `deno_permissions` crate.
Doing the migration all at once is error prone and hard to review.
Comparing incremental compile times for `ext/fetch` on Mac M1:
| profile | `cargo build --bin deno` | `cargo plonk build --bin deno` |
| --------- | ------------- | ------------------- |
| `debug` | 20 s | 0.8s |
| `release` | 4 mins 12 s | 1.4s |
This change deprecates
`Deno.CreateHttpClientOptions.{certChain,privateKey}` in favour of
`Deno.CreateHttpClientOptions.{cert,key}`.
Closes#22278
Co-authored-by: Matt Mastracci <matthew@mastracci.com>
