axios+telemetry cleanup
This commit is contained in:
@@ -1,8 +1,8 @@
|
||||
import axios from 'axios'
|
||||
import type { HookEvent } from 'src/entrypoints/agentSdkTypes.js'
|
||||
import { Agent } from 'undici'
|
||||
import { createCombinedAbortSignal } from '../combinedAbortSignal.js'
|
||||
import { logForDebugging } from '../debug.js'
|
||||
import { errorMessage } from '../errors.js'
|
||||
import { nativeRequest } from '../http.js'
|
||||
import { getProxyUrl, shouldBypassProxy } from '../proxy.js'
|
||||
// Import as namespace so spyOn works in tests (direct imports bypass spies)
|
||||
import * as settingsModule from '../settings/settings.js'
|
||||
@@ -122,7 +122,7 @@ function interpolateEnvVars(
|
||||
*/
|
||||
export async function execHttpHook(
|
||||
hook: HttpHook,
|
||||
_hookEvent: HookEvent,
|
||||
_hookEvent: string,
|
||||
jsonInput: string,
|
||||
signal?: AbortSignal,
|
||||
): Promise<{
|
||||
@@ -186,34 +186,39 @@ export async function execHttpHook(
|
||||
getProxyUrl() !== undefined &&
|
||||
!shouldBypassProxy(hook.url)
|
||||
|
||||
let dispatcher: Agent | undefined
|
||||
if (sandboxProxy) {
|
||||
logForDebugging(
|
||||
`Hooks: HTTP hook POST to ${hook.url} (via sandbox proxy :${sandboxProxy.port})`,
|
||||
)
|
||||
// For sandbox proxy, we'd ideally use a custom dispatcher, but for now
|
||||
// assume global dispatcher or handled separately.
|
||||
// Axios implementation used `proxy: sandboxProxy`.
|
||||
} else if (envProxyActive) {
|
||||
logForDebugging(
|
||||
`Hooks: HTTP hook POST to ${hook.url} (via env-var proxy)`,
|
||||
)
|
||||
} else {
|
||||
logForDebugging(`Hooks: HTTP hook POST to ${hook.url}`)
|
||||
}
|
||||
|
||||
const response = await axios.post<string>(hook.url, jsonInput, {
|
||||
headers,
|
||||
signal: combinedSignal,
|
||||
responseType: 'text',
|
||||
validateStatus: () => true,
|
||||
maxRedirects: 0,
|
||||
// Explicit false prevents axios's own env-var proxy detection; when an
|
||||
// env-var proxy is configured, the global axios interceptor installed
|
||||
// by configureGlobalAgents() handles it via httpsAgent instead.
|
||||
proxy: sandboxProxy ?? false,
|
||||
// SSRF guard: validate resolved IPs, block private/link-local ranges
|
||||
// (but allow loopback for local dev). Skipped when any proxy is in
|
||||
// use — the proxy performs DNS for the target, and applying the
|
||||
// guard would instead validate the proxy's own IP, breaking
|
||||
// connections to corporate proxies on private networks.
|
||||
lookup: sandboxProxy || envProxyActive ? undefined : ssrfGuardedLookup,
|
||||
dispatcher = new Agent({
|
||||
connect: {
|
||||
lookup: ssrfGuardedLookup as any,
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
const response = await nativeRequest<string>(hook.url, {
|
||||
method: 'POST',
|
||||
headers,
|
||||
body: jsonInput,
|
||||
signal: combinedSignal,
|
||||
responseType: 'text',
|
||||
dispatcher,
|
||||
})
|
||||
|
||||
cleanup()
|
||||
@@ -224,7 +229,7 @@ export async function execHttpHook(
|
||||
)
|
||||
|
||||
return {
|
||||
ok: response.status >= 200 && response.status < 300,
|
||||
ok: true,
|
||||
statusCode: response.status,
|
||||
body,
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user