Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature] Add rejectUnauthorized option to BdApi.Net.fetch #1690

Open
1 task done
Miniontoby opened this issue Nov 1, 2023 · 5 comments
Open
1 task done

[Feature] Add rejectUnauthorized option to BdApi.Net.fetch #1690

Miniontoby opened this issue Nov 1, 2023 · 5 comments
Labels
enhancement

Comments

@Miniontoby
Copy link

Miniontoby commented Nov 1, 2023
edited

Before Requesting

  • I found no existing issue matching my feature request

Describe the feature you'd like!

I would like to see an option like the rejectUnauthorized option from https module in the BdApi.Net.fetch.

This would allow request to websites with an expired SSL cert and websites with self signed certs as well.

The node-fetch package, which is the Net.fetch similar to (as mentioned on the wiki), actually has it in an agent property of the options.

const https = require("https");
const agent = new https.Agent({
  rejectUnauthorized: false,
});
const response = await fetch('my_url.com', { agent });

Note: This is not in the fetch from the browser...

Anything else?

I have tried the require('request').post() which does have the option and does allow the expired/self signed cert.

But as we know: [BetterDiscord] [Remote~Require] The "request" module is marked as deprecated. Use BdApi.Net.fetch instead.

So that one isn't going to last very long
@Miniontoby
Copy link
Author

Miniontoby commented Nov 15, 2023
edited

I see in that changelog that:

BdApi.Net.fetch now actually uses all the options passed to it, previously it failed to pass the options to the other process.

But the problem with https is that you need an https.Agent to set rejectUnauthorized to false...

Any updates on how to do this?

@rauenzi
Copy link
Member

rauenzi commented Feb 22, 2024

Can you point to the docs where a separate Agent is needed? rejectUnauthorized appears to be an option of request and not of Agent https://nodejs.org/api/https.html#httpsrequesturl-options-callback

@Miniontoby
Copy link
Author

Miniontoby commented Feb 22, 2024
edited

I was talking about the example code I shown, for that (node-fetch) package you will need to use an agent.

Or at least that is how people tell you to do it

@rauenzi
Copy link
Member

rauenzi commented Feb 22, 2024

Looks like node-fetch chose not to add it specifically, whereas we could node-fetch/node-fetch#15

Also it appears that Agent does indeed have a rejectUnauthorized that is documented under TLSsocket (due to inheritance) but the node docs are horrendous for finding this information. https://nodejs.org/api/tls.html#new-tlstlssocketsocket-options

So we could allow passing agent options (not a whole agent instance due to ipc) or allow that specific http request option (rejectUnauthorized) which would you rather see?

@Miniontoby
Copy link
Author

At the moment the normal fetch and the require("request") (from BD, which is deprecated) are both having the setting in the main object.

So just keep it in the main object.

I only said it about with the agent because that is how the most look alike package did it. But I think it is a waste of memory to put it in an agent object.... so just put it in the main one!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rauenzi @Miniontoby