Merge pull request #286 from microsoft/users/EzzhevNikita/fix-processing-of-proxybypass-variables

Fix processing of proxybypass variables from environment

Author: EzzhevNikita

lib/Constants.ts

@@ -0,0 +1,2 @@
+// Used by buildProxyBypassRegexFromEnv for escaping dot symbols in NO_PROXY hosts' strings
+export const searchRegExpToReplaceSpecialChars: RegExp = new RegExp('(?<!\\\\)([.])(?!\\*)', 'g');

lib/Util.ts

@@ -6,6 +6,7 @@ import * as url from 'url';
 import * as path from 'path';
 import zlib = require('zlib');
 import { IRequestQueryParams, IHttpClientResponse } from './Interfaces';
+import { searchRegExpToReplaceSpecialChars } from './Constants';
 
 /**
  * creates an url from a request url and optional base url (http://server:8080)
@@ -107,17 +108,15 @@ export async function decompressGzippedContent(buffer: Buffer, charset?: string)
  * @return {RegExp}
  */
 export function buildProxyBypassRegexFromEnv(bypass : string) : RegExp {
-    try {
-        // We need to keep this around for back-compat purposes
-        return new RegExp(bypass, 'i')    
-    }
-    catch(err) {
-        if (err instanceof SyntaxError && (bypass || "").startsWith("*")) {            
-            let wildcardEscaped = bypass.replace('*', '(.*)');
-            return new RegExp(wildcardEscaped, 'i');
-        }
-        throw err;
+    // check if expression starts with asterisk and replace it with .*
+    if (bypass && bypass.startsWith("*")) {
+        bypass = bypass.replace("*", ".*");
     }
+
+    // replace all . symbols in string by \. because point is a special character
+    const safeRegex = (bypass || "").replace(searchRegExpToReplaceSpecialChars, '\\$1');
+
+    return new RegExp(safeRegex, 'i');
 }
 
 /**

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "typed-rest-client",
-  "version": "1.8.4",
+  "version": "1.8.5",
   "description": "Node Rest and Http Clients for use with TypeScript",
   "main": "./RestClient.js",
   "scripts": {

package.json

@@ -41,6 +41,28 @@ describe('Util Tests', function () {
             assert.equal(bypassed, true);
         });       
 
-    });
+        it('not bypasses if domain pattern starts with .', () => {
+            let regExp = util.buildProxyBypassRegexFromEnv('.intranet');
+            assert(regExp, 'regExp should not be null');
+            let parsedUrl = url.parse("https://keyvault.vault.azure.net/secrets/test-secret1-intranet");
+            let bypassed = regExp.test(parsedUrl.href);
+            assert.equal(bypassed, false);
+        });
+
+        it('bypasses if domain pattern starts with .', () => {
+            let regExp = util.buildProxyBypassRegexFromEnv('.net');
+            assert(regExp, 'regExp should not be null');
+            let parsedUrl = url.parse("https://keyvault.vault.azure.net/secrets/test-secret1-intranet");
+            let bypassed = regExp.test(parsedUrl.href);
+            assert.equal(bypassed, true);
+        });
 
-});
+        it('bypasses if domain pattern starts with . and contains complex domain', () => {
+            let regExp = util.buildProxyBypassRegexFromEnv('.azure.net');
+            assert(regExp, 'regExp should not be null');
+            let parsedUrl = url.parse("https://keyvault.vault.azure.net/secrets/test-secret1-intranet");
+            let bypassed = regExp.test(parsedUrl.href);
+            assert.equal(bypassed, true);
+        });
+    });
+});