Comments (3)
Here is how VS Code implemented it: https://github.com/microsoft/vscode/blob/9c2b9327e5cdce9583ef6cfe5072102b150cf7cb/src/vs/workbench/api/node/proxyResolver.ts#L151-L159
Without support for multi-step negotiate that resolves to NTLM, as they only do one step. And they also cache domains that requested Negotiate, so they don't have to hit them without credentials just to get 407 again.
from proxy-agents.
It looks like they use an extension and patches of this library though, we will need an additional callback to be able to asynchronously add such credentials, the current headers callback is sync, and also won't allow handling the 407 and auto-detecting to use such auth, or saving state about the request.
from proxy-agents.
Looks like they had to extend HttpsProxyAgent
to add the necessary callback: https://github.com/microsoft/vscode-proxy-agent/blob/e390847e6fc7e32c45cabcee54e544e6821629ed/src/agent.ts#L158-L229. A fuller implementation will also need to do the same for HttpProxyAgent
. And we can decide if we want to make it more robust so it can properly perform multi-step Negotiate. Alternatively, it can be implemented internally, with an optional peer dependency on Kerberos so it is only used if it is installed if you don't want to depend on it directly, as it is a native module.
EDIT: Actually the callback should already be robust enough for multi-step, since you can probably store the KerberosClient
on the state
the callback get's passed instead of just a boolean
like their current implementation does.
from proxy-agents.
Related Issues (20)
- Vulnerability for ip package in pac-resolver HOT 9
- Vulnerability for ip 2.0 package in socks-proxy-agent HOT 2
- Getting this error ENOENT: no such file or directory, open 'node:url' when I am trying to run npm run test HOT 5
- After 7.0.3 Update: node:url Module build failed: UnhandledSchemeError: Reading from "node:url" is not handled by plugins HOT 1
- NPM IP package vulnerable to Server-Side Request Forgery (SSRF) attacks HOT 16
- vulnerability: upgrade socks to 2.7.3 HOT 1
- Please bump "socks" to "^2.7.3" in socks-proxy-agent to resolve CVE-2023-42282 HOT 7
- Bump up socks version to mitigate vulnerability in IP package HOT 7
- Proxy issue with system proxy and Https Proxy agent HOT 2
- [agent-base] `maxSockets` not being respected HOT 2
- [agent-base] allow for https session reuse
- Uesrname and password for socks-proxy-agents HOT 1
- Certificates with IP addresses does not work with this change HOT 2
- Reading headers from the Response for HTTP Connect method to the Proxy Server HOT 1
- Support global registration like `global-agent` HOT 1
- Add digest auth support
- Setting "family:4" is required on some hardware
- SocksClientError: connect ETIMEDOUT xxx.xxx.xxx.xxx:xxxx HOT 1
- Proxy wont connect HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from proxy-agents.