Add option to have miniflare accept https requests

cloudflare · Jun 26, 2023 · b1b8adf · b1b8adf
1 parent 5d1eba3
commit b1b8adf
Show file tree

Hide file tree

Showing 5 changed files with 48 additions and 12 deletions.
diff --git a/packages/miniflare/src/http/fetch.ts b/packages/miniflare/src/http/fetch.ts
@@ -1,11 +1,15 @@
 import http from "http";
-import { Headers, RequestInfo, fetch as baseFetch } from "undici";
+import { Agent, Headers, RequestInfo, fetch as baseFetch } from "undici";
 import NodeWebSocket from "ws";
 import { DeferredPromise } from "../shared";
 import { Request, RequestInit } from "./request";
 import { Response } from "./response";
 import { WebSocketPair, coupleWebSocket } from "./websocket";
 
+export const allowUnauthorizedAgent = new Agent({
+  connect: { rejectUnauthorized: false },
+});
+
 const ignored = ["transfer-encoding", "connection", "keep-alive", "expect"];
 function headersFromIncomingRequest(req: http.IncomingMessage): Headers {
   const entries = Object.entries(req.headers).filter(
@@ -21,7 +25,8 @@ export async function fetch(
   input: RequestInfo,
   init?: RequestInit | Request
 ): Promise<Response> {
-  const request = new Request(input, init as RequestInit);
+  const requestInit = init as RequestInit;
+  const request = new Request(input, requestInit);
 
   // Handle WebSocket upgrades
   if (
@@ -48,10 +53,16 @@ export async function fetch(
       }
     }
 
+    const rejectUnauthorized =
+      requestInit.dispatcher === allowUnauthorizedAgent
+        ? { rejectUnauthorized: false }
+        : {};
+
     // Establish web socket connection
     const ws = new NodeWebSocket(url, protocols, {
       followRedirects: request.redirect === "follow",
       headers,
+      ...rejectUnauthorized,
     });
 
     // Get response headers from upgrade
@@ -70,6 +81,6 @@ export async function fetch(
     });
   }
 
-  const response = await baseFetch(request);
+  const response = await baseFetch(request, requestInit);
   return new Response(response.body, response);
 }
diff --git a/packages/miniflare/src/index.ts b/packages/miniflare/src/index.ts
@@ -18,6 +18,7 @@ import {
   Request,
   RequestInit,
   Response,
+  allowUnauthorizedAgent,
   configureEntrySocket,
   coupleWebSocket,
   fetch,
@@ -790,9 +791,13 @@ export class Miniflare {
           "There is likely additional logging output above."
       );
     }
+
+    const entrySocket = config.sockets?.[0];
+    const secure = entrySocket !== undefined && "https" in entrySocket;
+
     // noinspection HttpUrlsUsage
     this.#runtimeEntryURL = new URL(
-      `http://${this.#accessibleHost}:${maybePort}`
+      `${secure ? "https" : "http"}://${this.#accessibleHost}:${maybePort}`
     );
 
     if (!this.#runtimeMutex.hasWaiting) {
@@ -856,6 +861,7 @@ export class Miniflare {
   dispatchFetch: DispatchFetch = async (input, init) => {
     this.#checkDisposed();
     await this.ready;
+
     const forward = new Request(input, init);
     const url = new URL(forward.url);
     forward.headers.set(CoreHeaders.ORIGINAL_URL, url.toString());
@@ -874,7 +880,12 @@ export class Miniflare {
       forward.headers.delete("Content-Length");
     }
 
-    const response = await fetch(url, forward as RequestInit);
+    const forwardInit = forward as RequestInit;
+    if (url.protocol === "https:") {
+      forwardInit.dispatcher = allowUnauthorizedAgent;
+    }
+
+    const response = await fetch(url, forwardInit);
 
     // If the Worker threw an uncaught exception, propagate it to the caller
     const stack = response.headers.get(CoreHeaders.ERROR_STACK);

diff --git a/packages/miniflare/src/plugins/core/index.ts b/packages/miniflare/src/plugins/core/index.ts
@@ -87,11 +87,6 @@ export const CoreOptionsSchema = z.intersection(
   })
 );
 
-export interface KeyPair {
-  key: string;
-  cert: string;
-}
-
 export const CoreSharedOptionsSchema = z.object({
   host: z.string().optional(),
   port: z.number().optional(),

diff --git a/packages/miniflare/src/plugins/index.ts b/packages/miniflare/src/plugins/index.ts
@@ -95,7 +95,6 @@ export type {
   ModuleDefinition,
   GlobalServicesOptions,
   SourceOptions,
-  KeyPair,
 } from "./core";
 export * from "./d1";
 export * from "./do";

diff --git a/packages/miniflare/test/index.spec.ts b/packages/miniflare/test/index.spec.ts
@@ -15,7 +15,7 @@ import {
   MessageEvent as StandardMessageEvent,
   WebSocketServer,
 } from "ws";
-import { useServer } from "./test-shared";
+import { TestLog, useServer } from "./test-shared";
 
 test("Miniflare: validates options", async (t) => {
   // Check empty workers array rejected
@@ -324,3 +324,23 @@ test("Miniflare: HTTPS fetches using browser CA certificates", async (t) => {
   const res = await mf.dispatchFetch("http://localhost");
   t.true(res.ok);
 });
+
+test("Miniflare: Accepts https requests", async (t) => {
+  const log = new TestLog(t);
+
+  const mf = new Miniflare({
+    log,
+    modules: true,
+    https: true,
+    script: `export default {
+      fetch() {
+        return new Response("Hello world");
+      }
+    }`,
+  });
+
+  const res = await mf.dispatchFetch("https://localhost");
+  t.true(res.ok);
+
+  t.assert(log.logs[0][1].startsWith("Ready on https://"));
+});