fix(devtools-proxy-support): remove ability to specify per-request CA

This is currently not supported by `https-proxy-agent`. Instead of trying to work around this, let's just keep it simple for now and always stick to the CA option provided to the agent (i.e. typically on the application level).
mongodb-js · Aug 9, 2024 · f234016 · f234016
1 parent c532e58
commit f234016
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 18 deletions.
diff --git a/packages/devtools-proxy-support/src/agent.spec.ts b/packages/devtools-proxy-support/src/agent.spec.ts
@@ -21,7 +21,6 @@ describe('createAgent', function () {
       new URL(url).protocol === 'https:' ? httpsGet : httpGet;
     const options = {
       agent,
-      ca: setup.tlsOptions.ca,
       checkServerIdentity: () => undefined, // allow hostname mismatches
       ...customOptions,
     };
@@ -142,7 +141,10 @@ describe('createAgent', function () {
     it('can connect to an https proxy without auth', async function () {
       const res = await get(
         'https://example.com/hello',
-        createAgent({ proxy: `http://127.0.0.1:${setup.httpsProxyPort}` })
+        createAgent({
+          proxy: `http://127.0.0.1:${setup.httpsProxyPort}`,
+          ca: setup.tlsOptions.ca,
+        })
       );
       expect(res.body).to.equal('OK /hello');
       expect(setup.getRequestedUrls()).to.deep.equal([
@@ -157,6 +159,7 @@ describe('createAgent', function () {
         'https://example.com/hello',
         createAgent({
           proxy: `http://foo:[email protected]:${setup.httpsProxyPort}`,
+          ca: setup.tlsOptions.ca,
         })
       );
       expect(res.body).to.equal('OK /hello');
@@ -173,6 +176,7 @@ describe('createAgent', function () {
         'https://example.com/hello',
         createAgent({
           proxy: `http://foo:[email protected]:${setup.httpsProxyPort}`,
+          ca: setup.tlsOptions.ca,
         })
       );
       expect(res.statusCode).to.equal(407);
@@ -186,17 +190,6 @@ describe('createAgent', function () {
         resetSystemCACache();
       });
 
-      it('can connect using CA as part of the request options', async function () {
-        // get() helpfully sets the CA for us
-        const res = await get(
-          'https://example.com/hello',
-          createAgent({ proxy: `http://127.0.0.1:${setup.httpsProxyPort}` })
-        );
-        expect(res.body).to.equal('OK /hello');
-        expect(setup.getRequestedUrls()).to.deep.equal([
-          'http://example.com/hello',
-        ]);
-      });
       it('can connect using CA as part of the agent options (no explicit CA set)', async function () {
         const res = await get(
           'https://example.com/hello',

diff --git a/packages/devtools-proxy-support/src/agent.ts b/packages/devtools-proxy-support/src/agent.ts
@@ -49,13 +49,14 @@ class DevtoolsProxyAgent extends ProxyAgent implements AgentWithInitialize {
   private _reqLockResolve: (() => void) | undefined;
 
   constructor(proxyOptions: DevtoolsProxyOptions, logger: ProxyLogEmitter) {
-    // We remove .ca because the Node.js HTTP agent implementation overrides
-    // request options with agent options, but we want to merge them instead
+    // NB: The Node.js HTTP agent implementation overrides request options
+    // with agent options. Ideally, we'd want to merge them, but it seems like
+    // there is little we can do about it at this point.
+    // None of our products need the ability to specify per-request CA options
+    // currently anyway.
     // https://github.com/nodejs/node/blob/014dad5953a632f44e668f9527f546c6e1bb8b86/lib/_http_agent.js#L239
-    const { ca, ...proxyOptionsWithoutCA } = proxyOptions;
-    void ca;
     super({
-      ...proxyOptionsWithoutCA,
+      ...proxyOptions,
       getProxyForUrl: (url: string) => this._getProxyForUrl(url),
     });