[tests] https test pass, fix #511. Exposed the rejectUnauthorized flag

http-party · Nov 7, 2013 · fd42dce · fd42dce
1 parent a2b1f0a
commit fd42dce
Show file tree

Hide file tree

Showing 3 changed files with 37 additions and 1 deletion.
diff --git a/lib/http-proxy.js b/lib/http-proxy.js
@@ -30,6 +30,7 @@ proxy.createProxyServer = proxy.createServer = function createProxyServer(option
    *    ssl    : <object to be passed to https.createServer()> 
    *    ws     : <true/false, if you want to proxy websockets>
    *    xfwd   : <true/false, adds x-forward headers>          
+   *    secure : <true/false, verify SSL certificate>
    *  }                                                        
    *   
    *  NOTE: `options.ws` and `options.ssl` are optional.       

diff --git a/lib/http-proxy/common.js b/lib/http-proxy/common.js
@@ -37,6 +37,11 @@ common.setupOutgoing = function(outgoing, options, req, forward) {
     extend(outgoing.headers, options.headers);
   }
 
+  if (options[forward || 'target'].protocol == 'https:') {
+    outgoing.rejectUnauthorized = (typeof options.secure === "undefined") ? true : options.secure;
+  }
+
+
   outgoing.agent = options.agent || false;
   outgoing.path = req.url;
 

diff --git a/test/lib-https-proxy-test.js b/test/lib-https-proxy-test.js
@@ -17,7 +17,7 @@ Object.defineProperty(gen, 'port', {
 });
 
 describe('lib/http-proxy.js', function() {
-  describe('#createProxyServer using HTTPS', function() {
+  describe('HTTPS #createProxyServer', function() {
   	describe('HTTPS to HTTP', function () {
       it('should proxy the request en send back the response', function (done) {
         var ports = { source: gen.port, proxy: gen.port };
@@ -79,6 +79,8 @@ describe('lib/http-proxy.js', function() {
 
         var proxy = httpProxy.createProxyServer({
           target: 'https://127.0.0.1:' + ports.source,
+          // Allow to use SSL self signed
+          secure: false
         }).listen(ports.proxy);
 
         http.request({
@@ -100,5 +102,33 @@ describe('lib/http-proxy.js', function() {
         }).end();
       })
     })
+    describe('HTTPS not allow SSL self signed', function () {
+      it('should fail with error', function (done) {
+        var ports = { source: gen.port, proxy: gen.port };
+        var source = https.createServer({
+          key: fs.readFileSync(path.join(__dirname, 'fixtures', 'agent2-key.pem')),
+          cert: fs.readFileSync(path.join(__dirname, 'fixtures', 'agent2-cert.pem')),
+        }).listen(ports.source);
+
+        var proxy = httpProxy.createProxyServer({
+          target: 'https://127.0.0.1:' + ports.source,
+          secure: true
+        });
+
+        proxy.listen(ports.proxy);
+
+        proxy.on('error', function (err, req, res) {
+          expect(err).to.be.an(Error);
+          expect(err.toString()).to.be('Error: DEPTH_ZERO_SELF_SIGNED_CERT')
+          done();
+        })
+
+        http.request({
+          hostname: '127.0.0.1',
+          port: ports.proxy,
+          method: 'GET'
+        }).end();
+      })
+    })
   });
 });