feat: CORS proxying (#94)

Author: rentallect

package-lock.json

@@ -132,4 +132,4 @@
     "utf-8-validate": "^5.0.4",
     "uuid": "^8.3.2"
   }
-}
+}

package.json

@@ -619,7 +619,7 @@ zitiFetch = async ( url, opts ) => {
       throw err;
     });
 
-    var newUrl = new URL( 'https://' + zitiConfig.httpAgent.target.host + ':' + zitiConfig.httpAgent.target.port + url );
+    let newUrl = new URL( 'https://' + zitiConfig.httpAgent.target.host + ':' + zitiConfig.httpAgent.target.port + url );
     ziti._ctx.logger.trace( 'zitiFetch: transformed URL: ', newUrl.toString());
 
     serviceName = await ziti._ctx.shouldRouteOverZiti( newUrl );
@@ -633,8 +633,44 @@ zitiFetch = async ( url, opts ) => {
 
   } else {  // the request is targeting the raw internet
 
-    ziti._ctx.logger.warn('zitiFetch(): no http agent url match, bypassing intercept of [%s]', url);
-    return window.realFetch(url, opts);
+    serviceName = await ziti._ctx.shouldRouteOverZiti( url );
+
+    if (isUndefined(serviceName)) { // If we have no serviceConfig associated with the hostname:port
+
+      let routeOverCORSProxy = await ziti._ctx.shouldRouteOverCORSProxy( url );
+
+      if (routeOverCORSProxy) {     // If we hostname:port is something we need to CORS Proxy
+
+        ziti._ctx.logger.warn('zitiFetch(): doing CORS Proxying of [%s]', url);
+
+        let newUrl = new URL( url );
+        let corsTargetHostname = newUrl.hostname;
+        let corsTargetPort = newUrl.port;
+        if (corsTargetPort === '') {
+          if (newUrl.protocol === 'https:') {
+            corsTargetPort = '443';
+          } else {
+            corsTargetPort = '80';
+          }
+        }
+      
+        let corsTargetPathname = newUrl.pathname;
+        newUrl.hostname = zitiConfig.httpAgent.self.host;
+        newUrl.port = 443;
+        newUrl.pathname = '/ziti-cors-proxy/' + corsTargetHostname + ':' + corsTargetPort + corsTargetPathname;
+        // newUrl.pathname = '/ziti-cors-proxy/' + corsTargetHostname  + corsTargetPathname;
+        ziti._ctx.logger.warn( 'zitiFetch: transformed URL: ', newUrl.toString());   
+
+        return window.realFetch(newUrl, opts); // Send special request to HTTP Agent
+
+      } else {
+
+        ziti._ctx.logger.warn('zitiFetch(): no associated serviceConfig, bypassing intercept of [%s]', url);
+        return window.realFetch(url, opts);
+  
+      }
+
+    }  
   }
 
   /**

src/client.js

@@ -897,6 +897,40 @@ ZitiContext.prototype.shouldRouteOverZiti = async function(url) {
 }
 
 
+/**
+ * Determine if the given URL should be handled via CORS Proxy.
+ * 
+ * @returns {bool}
+ */
+ ZitiContext.prototype.shouldRouteOverCORSProxy = async function(url) {
+  let parsedURL = new URL(url);
+
+  let hostname = parsedURL.hostname;
+  let port = parsedURL.port;
+
+  if (port === '') {
+    if ((parsedURL.protocol === 'https:') || (parsedURL.protocol === 'wss:')) {
+      port = 443;
+    } else {
+      port = 80;
+    }
+  }
+
+  let corsHostsArray = zitiConfig.httpAgent.corsProxy.hosts.split(',');
+
+  return new Promise( async (resolve, reject) => {
+    let routeOverCORSProxy = false;
+    forEach(corsHostsArray, function( corsHost ) {
+      let corsHostSplit = corsHost.split(':');
+      if ((hostname === corsHostSplit[0]) && (port === parseInt(corsHostSplit[1], 10))) {
+        routeOverCORSProxy = true;
+      }
+    });
+    return resolve( routeOverCORSProxy );
+  });
+}
+
+
 /**
  * Return current value of the ztAPI
  *

src/context/context.js

@@ -196,6 +196,12 @@ HttpRequest.prototype.getRequestOptions = async function() {
 	const parsedURL = this[INTERNALS].parsedURL;
 	const headers = this[INTERNALS].headers;
 
+	// Transform all occurances of the HTTP Agent hostname back to the target hostname
+	var replace = zitiConfig.httpAgent.self.host;
+	var re = new RegExp(replace,"gi");
+	parsedURL.href = parsedURL.href.replace(re, zitiConfig.httpAgent.target.host);
+	parsedURL.search = parsedURL.search.replace(re, zitiConfig.httpAgent.target.host);
+
 	// fetch step 1.3
 	if (!headers.has('Accept')) {
 		headers.set('Accept', '*/*');