|
rc@73
|
1 /**
|
|
rc@73
|
2 * Module dependencies.
|
|
rc@73
|
3 */
|
|
rc@73
|
4
|
|
rc@73
|
5 var accepts = require('accepts');
|
|
rc@73
|
6 var typeis = require('type-is');
|
|
rc@73
|
7 var http = require('http');
|
|
rc@73
|
8 var fresh = require('fresh');
|
|
rc@73
|
9 var parseRange = require('range-parser');
|
|
rc@73
|
10 var parse = require('parseurl');
|
|
rc@73
|
11 var proxyaddr = require('proxy-addr');
|
|
rc@73
|
12
|
|
rc@73
|
13 /**
|
|
rc@73
|
14 * Request prototype.
|
|
rc@73
|
15 */
|
|
rc@73
|
16
|
|
rc@73
|
17 var req = exports = module.exports = {
|
|
rc@73
|
18 __proto__: http.IncomingMessage.prototype
|
|
rc@73
|
19 };
|
|
rc@73
|
20
|
|
rc@73
|
21 /**
|
|
rc@73
|
22 * Return request header.
|
|
rc@73
|
23 *
|
|
rc@73
|
24 * The `Referrer` header field is special-cased,
|
|
rc@73
|
25 * both `Referrer` and `Referer` are interchangeable.
|
|
rc@73
|
26 *
|
|
rc@73
|
27 * Examples:
|
|
rc@73
|
28 *
|
|
rc@73
|
29 * req.get('Content-Type');
|
|
rc@73
|
30 * // => "text/plain"
|
|
rc@73
|
31 *
|
|
rc@73
|
32 * req.get('content-type');
|
|
rc@73
|
33 * // => "text/plain"
|
|
rc@73
|
34 *
|
|
rc@73
|
35 * req.get('Something');
|
|
rc@73
|
36 * // => undefined
|
|
rc@73
|
37 *
|
|
rc@73
|
38 * Aliased as `req.header()`.
|
|
rc@73
|
39 *
|
|
rc@73
|
40 * @param {String} name
|
|
rc@73
|
41 * @return {String}
|
|
rc@73
|
42 * @api public
|
|
rc@73
|
43 */
|
|
rc@73
|
44
|
|
rc@73
|
45 req.get =
|
|
rc@73
|
46 req.header = function(name){
|
|
rc@73
|
47 switch (name = name.toLowerCase()) {
|
|
rc@73
|
48 case 'referer':
|
|
rc@73
|
49 case 'referrer':
|
|
rc@73
|
50 return this.headers.referrer
|
|
rc@73
|
51 || this.headers.referer;
|
|
rc@73
|
52 default:
|
|
rc@73
|
53 return this.headers[name];
|
|
rc@73
|
54 }
|
|
rc@73
|
55 };
|
|
rc@73
|
56
|
|
rc@73
|
57 /**
|
|
rc@73
|
58 * To do: update docs.
|
|
rc@73
|
59 *
|
|
rc@73
|
60 * Check if the given `type(s)` is acceptable, returning
|
|
rc@73
|
61 * the best match when true, otherwise `undefined`, in which
|
|
rc@73
|
62 * case you should respond with 406 "Not Acceptable".
|
|
rc@73
|
63 *
|
|
rc@73
|
64 * The `type` value may be a single mime type string
|
|
rc@73
|
65 * such as "application/json", the extension name
|
|
rc@73
|
66 * such as "json", a comma-delimted list such as "json, html, text/plain",
|
|
rc@73
|
67 * an argument list such as `"json", "html", "text/plain"`,
|
|
rc@73
|
68 * or an array `["json", "html", "text/plain"]`. When a list
|
|
rc@73
|
69 * or array is given the _best_ match, if any is returned.
|
|
rc@73
|
70 *
|
|
rc@73
|
71 * Examples:
|
|
rc@73
|
72 *
|
|
rc@73
|
73 * // Accept: text/html
|
|
rc@73
|
74 * req.accepts('html');
|
|
rc@73
|
75 * // => "html"
|
|
rc@73
|
76 *
|
|
rc@73
|
77 * // Accept: text/*, application/json
|
|
rc@73
|
78 * req.accepts('html');
|
|
rc@73
|
79 * // => "html"
|
|
rc@73
|
80 * req.accepts('text/html');
|
|
rc@73
|
81 * // => "text/html"
|
|
rc@73
|
82 * req.accepts('json, text');
|
|
rc@73
|
83 * // => "json"
|
|
rc@73
|
84 * req.accepts('application/json');
|
|
rc@73
|
85 * // => "application/json"
|
|
rc@73
|
86 *
|
|
rc@73
|
87 * // Accept: text/*, application/json
|
|
rc@73
|
88 * req.accepts('image/png');
|
|
rc@73
|
89 * req.accepts('png');
|
|
rc@73
|
90 * // => undefined
|
|
rc@73
|
91 *
|
|
rc@73
|
92 * // Accept: text/*;q=.5, application/json
|
|
rc@73
|
93 * req.accepts(['html', 'json']);
|
|
rc@73
|
94 * req.accepts('html', 'json');
|
|
rc@73
|
95 * req.accepts('html, json');
|
|
rc@73
|
96 * // => "json"
|
|
rc@73
|
97 *
|
|
rc@73
|
98 * @param {String|Array} type(s)
|
|
rc@73
|
99 * @return {String}
|
|
rc@73
|
100 * @api public
|
|
rc@73
|
101 */
|
|
rc@73
|
102
|
|
rc@73
|
103 req.accepts = function(){
|
|
rc@73
|
104 var accept = accepts(this);
|
|
rc@73
|
105 return accept.types.apply(accept, arguments);
|
|
rc@73
|
106 };
|
|
rc@73
|
107
|
|
rc@73
|
108 /**
|
|
rc@73
|
109 * Check if the given `encoding` is accepted.
|
|
rc@73
|
110 *
|
|
rc@73
|
111 * @param {String} encoding
|
|
rc@73
|
112 * @return {Boolean}
|
|
rc@73
|
113 * @api public
|
|
rc@73
|
114 */
|
|
rc@73
|
115
|
|
rc@73
|
116 req.acceptsEncoding = // backwards compatibility
|
|
rc@73
|
117 req.acceptsEncodings = function(){
|
|
rc@73
|
118 var accept = accepts(this);
|
|
rc@73
|
119 return accept.encodings.apply(accept, arguments);
|
|
rc@73
|
120 };
|
|
rc@73
|
121
|
|
rc@73
|
122 /**
|
|
rc@73
|
123 * To do: update docs.
|
|
rc@73
|
124 *
|
|
rc@73
|
125 * Check if the given `charset` is acceptable,
|
|
rc@73
|
126 * otherwise you should respond with 406 "Not Acceptable".
|
|
rc@73
|
127 *
|
|
rc@73
|
128 * @param {String} charset
|
|
rc@73
|
129 * @return {Boolean}
|
|
rc@73
|
130 * @api public
|
|
rc@73
|
131 */
|
|
rc@73
|
132
|
|
rc@73
|
133 req.acceptsCharset = // backwards compatibility
|
|
rc@73
|
134 req.acceptsCharsets = function(){
|
|
rc@73
|
135 var accept = accepts(this);
|
|
rc@73
|
136 return accept.charsets.apply(accept, arguments);
|
|
rc@73
|
137 };
|
|
rc@73
|
138
|
|
rc@73
|
139 /**
|
|
rc@73
|
140 * To do: update docs.
|
|
rc@73
|
141 *
|
|
rc@73
|
142 * Check if the given `lang` is acceptable,
|
|
rc@73
|
143 * otherwise you should respond with 406 "Not Acceptable".
|
|
rc@73
|
144 *
|
|
rc@73
|
145 * @param {String} lang
|
|
rc@73
|
146 * @return {Boolean}
|
|
rc@73
|
147 * @api public
|
|
rc@73
|
148 */
|
|
rc@73
|
149
|
|
rc@73
|
150 req.acceptsLanguage = // backwards compatibility
|
|
rc@73
|
151 req.acceptsLanguages = function(){
|
|
rc@73
|
152 var accept = accepts(this);
|
|
rc@73
|
153 return accept.languages.apply(accept, arguments);
|
|
rc@73
|
154 };
|
|
rc@73
|
155
|
|
rc@73
|
156 /**
|
|
rc@73
|
157 * Parse Range header field,
|
|
rc@73
|
158 * capping to the given `size`.
|
|
rc@73
|
159 *
|
|
rc@73
|
160 * Unspecified ranges such as "0-" require
|
|
rc@73
|
161 * knowledge of your resource length. In
|
|
rc@73
|
162 * the case of a byte range this is of course
|
|
rc@73
|
163 * the total number of bytes. If the Range
|
|
rc@73
|
164 * header field is not given `null` is returned,
|
|
rc@73
|
165 * `-1` when unsatisfiable, `-2` when syntactically invalid.
|
|
rc@73
|
166 *
|
|
rc@73
|
167 * NOTE: remember that ranges are inclusive, so
|
|
rc@73
|
168 * for example "Range: users=0-3" should respond
|
|
rc@73
|
169 * with 4 users when available, not 3.
|
|
rc@73
|
170 *
|
|
rc@73
|
171 * @param {Number} size
|
|
rc@73
|
172 * @return {Array}
|
|
rc@73
|
173 * @api public
|
|
rc@73
|
174 */
|
|
rc@73
|
175
|
|
rc@73
|
176 req.range = function(size){
|
|
rc@73
|
177 var range = this.get('Range');
|
|
rc@73
|
178 if (!range) return;
|
|
rc@73
|
179 return parseRange(size, range);
|
|
rc@73
|
180 };
|
|
rc@73
|
181
|
|
rc@73
|
182 /**
|
|
rc@73
|
183 * Return the value of param `name` when present or `defaultValue`.
|
|
rc@73
|
184 *
|
|
rc@73
|
185 * - Checks route placeholders, ex: _/user/:id_
|
|
rc@73
|
186 * - Checks body params, ex: id=12, {"id":12}
|
|
rc@73
|
187 * - Checks query string params, ex: ?id=12
|
|
rc@73
|
188 *
|
|
rc@73
|
189 * To utilize request bodies, `req.body`
|
|
rc@73
|
190 * should be an object. This can be done by using
|
|
rc@73
|
191 * the `bodyParser()` middleware.
|
|
rc@73
|
192 *
|
|
rc@73
|
193 * @param {String} name
|
|
rc@73
|
194 * @param {Mixed} [defaultValue]
|
|
rc@73
|
195 * @return {String}
|
|
rc@73
|
196 * @api public
|
|
rc@73
|
197 */
|
|
rc@73
|
198
|
|
rc@73
|
199 req.param = function(name, defaultValue){
|
|
rc@73
|
200 var params = this.params || {};
|
|
rc@73
|
201 var body = this.body || {};
|
|
rc@73
|
202 var query = this.query || {};
|
|
rc@73
|
203 if (null != params[name] && params.hasOwnProperty(name)) return params[name];
|
|
rc@73
|
204 if (null != body[name]) return body[name];
|
|
rc@73
|
205 if (null != query[name]) return query[name];
|
|
rc@73
|
206 return defaultValue;
|
|
rc@73
|
207 };
|
|
rc@73
|
208
|
|
rc@73
|
209 /**
|
|
rc@73
|
210 * Check if the incoming request contains the "Content-Type"
|
|
rc@73
|
211 * header field, and it contains the give mime `type`.
|
|
rc@73
|
212 *
|
|
rc@73
|
213 * Examples:
|
|
rc@73
|
214 *
|
|
rc@73
|
215 * // With Content-Type: text/html; charset=utf-8
|
|
rc@73
|
216 * req.is('html');
|
|
rc@73
|
217 * req.is('text/html');
|
|
rc@73
|
218 * req.is('text/*');
|
|
rc@73
|
219 * // => true
|
|
rc@73
|
220 *
|
|
rc@73
|
221 * // When Content-Type is application/json
|
|
rc@73
|
222 * req.is('json');
|
|
rc@73
|
223 * req.is('application/json');
|
|
rc@73
|
224 * req.is('application/*');
|
|
rc@73
|
225 * // => true
|
|
rc@73
|
226 *
|
|
rc@73
|
227 * req.is('html');
|
|
rc@73
|
228 * // => false
|
|
rc@73
|
229 *
|
|
rc@73
|
230 * @param {String} type
|
|
rc@73
|
231 * @return {Boolean}
|
|
rc@73
|
232 * @api public
|
|
rc@73
|
233 */
|
|
rc@73
|
234
|
|
rc@73
|
235 req.is = function(types){
|
|
rc@73
|
236 if (!Array.isArray(types)) types = [].slice.call(arguments);
|
|
rc@73
|
237 return typeis(this, types);
|
|
rc@73
|
238 };
|
|
rc@73
|
239
|
|
rc@73
|
240 /**
|
|
rc@73
|
241 * Return the protocol string "http" or "https"
|
|
rc@73
|
242 * when requested with TLS. When the "trust proxy"
|
|
rc@73
|
243 * setting trusts the socket address, the
|
|
rc@73
|
244 * "X-Forwarded-Proto" header field will be trusted.
|
|
rc@73
|
245 * If you're running behind a reverse proxy that
|
|
rc@73
|
246 * supplies https for you this may be enabled.
|
|
rc@73
|
247 *
|
|
rc@73
|
248 * @return {String}
|
|
rc@73
|
249 * @api public
|
|
rc@73
|
250 */
|
|
rc@73
|
251
|
|
rc@73
|
252 req.__defineGetter__('protocol', function(){
|
|
rc@73
|
253 var trust = this.app.get('trust proxy fn');
|
|
rc@73
|
254
|
|
rc@73
|
255 if (!trust(this.connection.remoteAddress)) {
|
|
rc@73
|
256 return this.connection.encrypted
|
|
rc@73
|
257 ? 'https'
|
|
rc@73
|
258 : 'http';
|
|
rc@73
|
259 }
|
|
rc@73
|
260
|
|
rc@73
|
261 // Note: X-Forwarded-Proto is normally only ever a
|
|
rc@73
|
262 // single value, but this is to be safe.
|
|
rc@73
|
263 var proto = this.get('X-Forwarded-Proto') || 'http';
|
|
rc@73
|
264 return proto.split(/\s*,\s*/)[0];
|
|
rc@73
|
265 });
|
|
rc@73
|
266
|
|
rc@73
|
267 /**
|
|
rc@73
|
268 * Short-hand for:
|
|
rc@73
|
269 *
|
|
rc@73
|
270 * req.protocol == 'https'
|
|
rc@73
|
271 *
|
|
rc@73
|
272 * @return {Boolean}
|
|
rc@73
|
273 * @api public
|
|
rc@73
|
274 */
|
|
rc@73
|
275
|
|
rc@73
|
276 req.__defineGetter__('secure', function(){
|
|
rc@73
|
277 return 'https' == this.protocol;
|
|
rc@73
|
278 });
|
|
rc@73
|
279
|
|
rc@73
|
280 /**
|
|
rc@73
|
281 * Return the remote address from the trusted proxy.
|
|
rc@73
|
282 *
|
|
rc@73
|
283 * The is the remote address on the socket unless
|
|
rc@73
|
284 * "trust proxy" is set.
|
|
rc@73
|
285 *
|
|
rc@73
|
286 * @return {String}
|
|
rc@73
|
287 * @api public
|
|
rc@73
|
288 */
|
|
rc@73
|
289
|
|
rc@73
|
290 req.__defineGetter__('ip', function(){
|
|
rc@73
|
291 var trust = this.app.get('trust proxy fn');
|
|
rc@73
|
292 return proxyaddr(this, trust);
|
|
rc@73
|
293 });
|
|
rc@73
|
294
|
|
rc@73
|
295 /**
|
|
rc@73
|
296 * When "trust proxy" is set, trusted proxy addresses + client.
|
|
rc@73
|
297 *
|
|
rc@73
|
298 * For example if the value were "client, proxy1, proxy2"
|
|
rc@73
|
299 * you would receive the array `["client", "proxy1", "proxy2"]`
|
|
rc@73
|
300 * where "proxy2" is the furthest down-stream and "proxy1" and
|
|
rc@73
|
301 * "proxy2" were trusted.
|
|
rc@73
|
302 *
|
|
rc@73
|
303 * @return {Array}
|
|
rc@73
|
304 * @api public
|
|
rc@73
|
305 */
|
|
rc@73
|
306
|
|
rc@73
|
307 req.__defineGetter__('ips', function(){
|
|
rc@73
|
308 var trust = this.app.get('trust proxy fn');
|
|
rc@73
|
309 var addrs = proxyaddr.all(this, trust);
|
|
rc@73
|
310 return addrs.slice(1).reverse();
|
|
rc@73
|
311 });
|
|
rc@73
|
312
|
|
rc@73
|
313 /**
|
|
rc@73
|
314 * Return subdomains as an array.
|
|
rc@73
|
315 *
|
|
rc@73
|
316 * Subdomains are the dot-separated parts of the host before the main domain of
|
|
rc@73
|
317 * the app. By default, the domain of the app is assumed to be the last two
|
|
rc@73
|
318 * parts of the host. This can be changed by setting "subdomain offset".
|
|
rc@73
|
319 *
|
|
rc@73
|
320 * For example, if the domain is "tobi.ferrets.example.com":
|
|
rc@73
|
321 * If "subdomain offset" is not set, req.subdomains is `["ferrets", "tobi"]`.
|
|
rc@73
|
322 * If "subdomain offset" is 3, req.subdomains is `["tobi"]`.
|
|
rc@73
|
323 *
|
|
rc@73
|
324 * @return {Array}
|
|
rc@73
|
325 * @api public
|
|
rc@73
|
326 */
|
|
rc@73
|
327
|
|
rc@73
|
328 req.__defineGetter__('subdomains', function(){
|
|
rc@73
|
329 var offset = this.app.get('subdomain offset');
|
|
rc@73
|
330 return (this.host || '')
|
|
rc@73
|
331 .split('.')
|
|
rc@73
|
332 .reverse()
|
|
rc@73
|
333 .slice(offset);
|
|
rc@73
|
334 });
|
|
rc@73
|
335
|
|
rc@73
|
336 /**
|
|
rc@73
|
337 * Short-hand for `url.parse(req.url).pathname`.
|
|
rc@73
|
338 *
|
|
rc@73
|
339 * @return {String}
|
|
rc@73
|
340 * @api public
|
|
rc@73
|
341 */
|
|
rc@73
|
342
|
|
rc@73
|
343 req.__defineGetter__('path', function(){
|
|
rc@73
|
344 return parse(this).pathname;
|
|
rc@73
|
345 });
|
|
rc@73
|
346
|
|
rc@73
|
347 /**
|
|
rc@73
|
348 * Parse the "Host" header field hostname.
|
|
rc@73
|
349 *
|
|
rc@73
|
350 * When the "trust proxy" setting trusts the socket
|
|
rc@73
|
351 * address, the "X-Forwarded-Host" header field will
|
|
rc@73
|
352 * be trusted.
|
|
rc@73
|
353 *
|
|
rc@73
|
354 * @return {String}
|
|
rc@73
|
355 * @api public
|
|
rc@73
|
356 */
|
|
rc@73
|
357
|
|
rc@73
|
358 req.__defineGetter__('host', function(){
|
|
rc@73
|
359 var trust = this.app.get('trust proxy fn');
|
|
rc@73
|
360 var host = this.get('X-Forwarded-Host');
|
|
rc@73
|
361
|
|
rc@73
|
362 if (!host || !trust(this.connection.remoteAddress)) {
|
|
rc@73
|
363 host = this.get('Host');
|
|
rc@73
|
364 }
|
|
rc@73
|
365
|
|
rc@73
|
366 if (!host) return;
|
|
rc@73
|
367
|
|
rc@73
|
368 // IPv6 literal support
|
|
rc@73
|
369 var offset = host[0] === '['
|
|
rc@73
|
370 ? host.indexOf(']') + 1
|
|
rc@73
|
371 : 0;
|
|
rc@73
|
372 var index = host.indexOf(':', offset);
|
|
rc@73
|
373
|
|
rc@73
|
374 return ~index
|
|
rc@73
|
375 ? host.substring(0, index)
|
|
rc@73
|
376 : host;
|
|
rc@73
|
377 });
|
|
rc@73
|
378
|
|
rc@73
|
379 /**
|
|
rc@73
|
380 * Check if the request is fresh, aka
|
|
rc@73
|
381 * Last-Modified and/or the ETag
|
|
rc@73
|
382 * still match.
|
|
rc@73
|
383 *
|
|
rc@73
|
384 * @return {Boolean}
|
|
rc@73
|
385 * @api public
|
|
rc@73
|
386 */
|
|
rc@73
|
387
|
|
rc@73
|
388 req.__defineGetter__('fresh', function(){
|
|
rc@73
|
389 var method = this.method;
|
|
rc@73
|
390 var s = this.res.statusCode;
|
|
rc@73
|
391
|
|
rc@73
|
392 // GET or HEAD for weak freshness validation only
|
|
rc@73
|
393 if ('GET' != method && 'HEAD' != method) return false;
|
|
rc@73
|
394
|
|
rc@73
|
395 // 2xx or 304 as per rfc2616 14.26
|
|
rc@73
|
396 if ((s >= 200 && s < 300) || 304 == s) {
|
|
rc@73
|
397 return fresh(this.headers, this.res._headers);
|
|
rc@73
|
398 }
|
|
rc@73
|
399
|
|
rc@73
|
400 return false;
|
|
rc@73
|
401 });
|
|
rc@73
|
402
|
|
rc@73
|
403 /**
|
|
rc@73
|
404 * Check if the request is stale, aka
|
|
rc@73
|
405 * "Last-Modified" and / or the "ETag" for the
|
|
rc@73
|
406 * resource has changed.
|
|
rc@73
|
407 *
|
|
rc@73
|
408 * @return {Boolean}
|
|
rc@73
|
409 * @api public
|
|
rc@73
|
410 */
|
|
rc@73
|
411
|
|
rc@73
|
412 req.__defineGetter__('stale', function(){
|
|
rc@73
|
413 return !this.fresh;
|
|
rc@73
|
414 });
|
|
rc@73
|
415
|
|
rc@73
|
416 /**
|
|
rc@73
|
417 * Check if the request was an _XMLHttpRequest_.
|
|
rc@73
|
418 *
|
|
rc@73
|
419 * @return {Boolean}
|
|
rc@73
|
420 * @api public
|
|
rc@73
|
421 */
|
|
rc@73
|
422
|
|
rc@73
|
423 req.__defineGetter__('xhr', function(){
|
|
rc@73
|
424 var val = this.get('X-Requested-With') || '';
|
|
rc@73
|
425 return 'xmlhttprequest' == val.toLowerCase();
|
|
rc@73
|
426 });
|
