Respect NO_PROXY rules when doing requests

Tool: gitpod/catfood.gitpod.cloud

Author: jeanp413

src/vs/platform/request/node/proxy.ts

@@ -18,14 +18,42 @@ function getSystemProxyURI(requestURL: Url, env: typeof process.env): string | n
 	return null;
 }
 
+function applySystemNoProxyRules(requestURL: Url, proxyURl: string | null, env: typeof process.env): string | null {
+	const noProxy = env.NO_PROXY || env.no_proxy || null;
+	if (!noProxy) {
+		return proxyURl;
+	}
+
+	const rules = noProxy.split(/[\s,]+/);
+	if (rules[0] === '*') {
+		return null;
+	}
+
+	for (const rule of rules) {
+		const ruleMatch = rule.match(/^(.+?)(?::(\d+))?$/);
+		if (!ruleMatch || !ruleMatch[1]) {
+			continue;
+		}
+
+		const ruleHost = ruleMatch[1].replace(/^\.*/, '.');
+		const rulePort = ruleMatch[2];
+		const requestURLHost = requestURL.hostname!.replace(/^\.*/, '.');
+		if (requestURLHost.endsWith(ruleHost) && (!rulePort || requestURL.port && requestURL.port === rulePort)) {
+			return null;
+		}
+	}
+
+	return proxyURl;
+}
+
 export interface IOptions {
 	proxyUrl?: string;
 	strictSSL?: boolean;
 }
 
 export async function getProxyAgent(rawRequestURL: string, env: typeof process.env, options: IOptions = {}): Promise<Agent> {
 	const requestURL = parseUrl(rawRequestURL);
-	const proxyURL = options.proxyUrl || getSystemProxyURI(requestURL, env);
+	const proxyURL = options.proxyUrl || applySystemNoProxyRules(requestURL, getSystemProxyURI(requestURL, env), env);
 
 	if (!proxyURL) {
 		return null;

src/vs/platform/request/node/requestService.ts

@@ -83,9 +83,7 @@ export class RequestService extends AbstractRequestService implements IRequestSe
 			...process.env,
 			...shellEnv
 		};
-		const agent = options.agent ? options.agent : await getProxyAgent(options.url || '', env, { proxyUrl, strictSSL });
 
-		options.agent = agent;
 		options.strictSSL = strictSSL;
 
 		if (this.authorization) {
@@ -95,7 +93,7 @@ export class RequestService extends AbstractRequestService implements IRequestSe
 			};
 		}
 
-		return this.logAndRequest(options, () => nodeRequest(options, token));
+		return this.logAndRequest(options, () => nodeRequest(options, proxyUrl, env, token));
 	}
 
 	async resolveProxy(url: string): Promise<string | undefined> {
@@ -149,21 +147,23 @@ async function getNodeRequest(options: IRequestOptions): Promise<IRawRequestFunc
 	return module.request;
 }
 
-export async function nodeRequest(options: NodeRequestOptions, token: CancellationToken): Promise<IRequestContext> {
+export async function nodeRequest(options: NodeRequestOptions, proxyUrl: string | undefined, env: { [key: string]: string | undefined }, token: CancellationToken): Promise<IRequestContext> {
 	return Promises.withAsyncBody<IRequestContext>(async (resolve, reject) => {
 		const endpoint = parseUrl(options.url!);
 		const rawRequest = options.getRawRequest
 			? options.getRawRequest(options)
 			: await getNodeRequest(options);
 
+		const proxyAgent = options.agent ? options.agent : await getProxyAgent(options.url || '', env, { proxyUrl, strictSSL: options.strictSSL });
+
 		const opts: https.RequestOptions & { cache?: 'default' | 'no-store' | 'reload' | 'no-cache' | 'force-cache' | 'only-if-cached' } = {
 			hostname: endpoint.hostname,
 			port: endpoint.port ? parseInt(endpoint.port) : (endpoint.protocol === 'https:' ? 443 : 80),
 			protocol: endpoint.protocol,
 			path: endpoint.path,
 			method: options.type || 'GET',
 			headers: options.headers,
-			agent: options.agent,
+			agent: proxyAgent,
 			rejectUnauthorized: isBoolean(options.strictSSL) ? options.strictSSL : true
 		};
 
@@ -182,7 +182,7 @@ export async function nodeRequest(options: NodeRequestOptions, token: Cancellati
 					...options,
 					url: res.headers['location'],
 					followRedirects: followRedirects - 1
-				}, token).then(resolve, reject);
+				}, proxyUrl, env, token).then(resolve, reject);
 			} else {
 				let stream: streams.ReadableStreamEvents<Uint8Array> = res;