Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: respect https.cacert option #3820

Merged
merged 16 commits into from Sep 9, 2021
Merged

fix: respect https.cacert option #3820

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
16 commits
Select commit Hold shift + click to select a range
e078889
fix: respect `https.cacert` option
snitin315 Sep 9, 2021
36b0465
feat: added `https.ca` option
alexander-akait Sep 9, 2021
5eede7b
Merge branch 'master' into fix-https-cacert
alexander-akait Sep 9, 2021
aea7fa9
Merge remote-tracking branch 'origin/fix-https-cacert' into fix-https…
alexander-akait Sep 9, 2021
c409910
test: more
alexander-akait Sep 9, 2021
d2da02b
feat: allow more https options
alexander-akait Sep 9, 2021
844fb8a
feat: accept `crl` as path to file
alexander-akait Sep 9, 2021
d2c797a
feat: accept https options as array of string/buffers/paths
alexander-akait Sep 9, 2021
c6a2ea7
docs: update examples
alexander-akait Sep 9, 2021
d2d7500
feat: cli options
alexander-akait Sep 9, 2021
29944ce
test: update snapshots
alexander-akait Sep 9, 2021
8970806
docs: update CLI options
alexander-akait Sep 9, 2021
1b533dc
test: fix snapshot
alexander-akait Sep 9, 2021
55ae455
feat: accept `https.pfx` and `https.key` options as `Object`
alexander-akait Sep 9, 2021
5633f82
test: fix
alexander-akait Sep 9, 2021
d30fff7
test: fix
alexander-akait Sep 9, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
15 changes: 14 additions & 1 deletion lib/Server.js
View file
Open in desktop
Expand Up @@ -517,7 +517,8 @@ class Server {

// https option
if (options.https) {
for (const property of ["cacert", "pfx", "key", "cert"]) {
// TODO remove the `cacert` option in favor `ca` in the next major release
for (const property of ["cacert", "ca", "pfx", "key", "cert"]) {
const value = options.https[property];
const isBuffer = value instanceof Buffer;

Expand Down Expand Up @@ -654,6 +655,18 @@ class Server {
this.logger.info(`SSL certificate: ${certificatePath}`);
}

if (options.https.cacert) {
if (options.https.ca) {
this.logger.warn(
"Do not specify 'https.ca' and 'https.cacert' options, the 'https.ca' option will be used"
snitin315 marked this conversation as resolved.
Show resolved Hide resolved
);
} else {
options.https.ca = options.https.cacert;
}

delete options.https.cacert;
}

options.https.key = options.https.key || fakeCert;
options.https.cert = options.https.cert || fakeCert;
}
Expand Down
11 changes: 11 additions & 0 deletions lib/options.json
View file
Open in desktop
Expand Up @@ -211,6 +211,17 @@
"type": "boolean",
"description": "Request for an SSL certificate."
},
"ca": {
"anyOf": [
{
"type": "string"
},
{
"instanceof": "Buffer"
}
],
"description": "Path to an SSL CA certificate."
},
"cacert": {
"anyOf": [
{
Expand Down
4 changes: 2 additions & 2 deletions migration-v4.md
View file
Open in desktop
Expand Up @@ -98,7 +98,7 @@ module.exports = {
```

- The `features` option was removed in favor `onBeforeSetupMiddleware` and `onAfterSetupMiddleware` options.
- The `key`, `cert`, `pfx`, `pfx-passphrase`, `cacert`, and `requestCert` options were moved to `https` options, please use `https.{key|cert|pfx|passphrase|requestCert|cacert}`.
- The `key`, `cert`, `pfx`, `pfx-passphrase`, `cacert`, `ca` and `requestCert` options were moved to `https` options, please use `https.{key|cert|pfx|passphrase|requestCert|ca}`.

v3:

Expand All @@ -121,7 +121,7 @@ v4:
module.exports = {
devServer: {
https: {
cacert: "./server.pem",
ca: "./server.pem",
pfx: "./server.pfx",
key: "./server.key",
cert: "./server.crt",
Expand Down
14 changes: 7 additions & 7 deletions test/__snapshots__/validate-options.test.js.snap.webpack4
View file
Open in desktop
Expand Up @@ -322,19 +322,19 @@ exports[`options validate should throw an error on the "http2" option with '' va
exports[`options validate should throw an error on the "https" option with '' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https should be one of these:
boolean | object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }
boolean | object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }
-> Allows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP).
-> Read more at https://webpack.js.org/configuration/dev-server/#devserverhttps
Details:
* options.https should be a boolean.
* options.https should be an object:
object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }"
object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }"
`;

exports[`options validate should throw an error on the "https" option with '{"cacert":true}' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https should be one of these:
boolean | object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }
boolean | object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }
-> Allows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP).
-> Read more at https://webpack.js.org/configuration/dev-server/#devserverhttps
Details:
Expand All @@ -349,7 +349,7 @@ exports[`options validate should throw an error on the "https" option with '{"ca
exports[`options validate should throw an error on the "https" option with '{"cert":true}' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https should be one of these:
boolean | object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }
boolean | object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }
-> Allows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP).
-> Read more at https://webpack.js.org/configuration/dev-server/#devserverhttps
Details:
Expand All @@ -364,13 +364,13 @@ exports[`options validate should throw an error on the "https" option with '{"ce
exports[`options validate should throw an error on the "https" option with '{"foo":"bar"}' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https has an unknown property 'foo'. These properties are valid:
object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }"
object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }"
`;

exports[`options validate should throw an error on the "https" option with '{"key":10}' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https should be one of these:
boolean | object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }
boolean | object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }
-> Allows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP).
-> Read more at https://webpack.js.org/configuration/dev-server/#devserverhttps
Details:
Expand All @@ -391,7 +391,7 @@ exports[`options validate should throw an error on the "https" option with '{"pa
exports[`options validate should throw an error on the "https" option with '{"pfx":10}' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https should be one of these:
boolean | object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }
boolean | object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }
-> Allows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP).
-> Read more at https://webpack.js.org/configuration/dev-server/#devserverhttps
Details:
Expand Down
14 changes: 7 additions & 7 deletions test/__snapshots__/validate-options.test.js.snap.webpack5
View file
Open in desktop
Expand Up @@ -322,19 +322,19 @@ exports[`options validate should throw an error on the "http2" option with '' va
exports[`options validate should throw an error on the "https" option with '' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https should be one of these:
boolean | object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }
boolean | object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }
-> Allows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP).
-> Read more at https://webpack.js.org/configuration/dev-server/#devserverhttps
Details:
* options.https should be a boolean.
* options.https should be an object:
object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }"
object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }"
`;

exports[`options validate should throw an error on the "https" option with '{"cacert":true}' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https should be one of these:
boolean | object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }
boolean | object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }
-> Allows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP).
-> Read more at https://webpack.js.org/configuration/dev-server/#devserverhttps
Details:
Expand All @@ -349,7 +349,7 @@ exports[`options validate should throw an error on the "https" option with '{"ca
exports[`options validate should throw an error on the "https" option with '{"cert":true}' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https should be one of these:
boolean | object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }
boolean | object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }
-> Allows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP).
-> Read more at https://webpack.js.org/configuration/dev-server/#devserverhttps
Details:
Expand All @@ -364,13 +364,13 @@ exports[`options validate should throw an error on the "https" option with '{"ce
exports[`options validate should throw an error on the "https" option with '{"foo":"bar"}' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https has an unknown property 'foo'. These properties are valid:
object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }"
object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }"
`;

exports[`options validate should throw an error on the "https" option with '{"key":10}' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https should be one of these:
boolean | object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }
boolean | object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }
-> Allows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP).
-> Read more at https://webpack.js.org/configuration/dev-server/#devserverhttps
Details:
Expand All @@ -391,7 +391,7 @@ exports[`options validate should throw an error on the "https" option with '{"pa
exports[`options validate should throw an error on the "https" option with '{"pfx":10}' value 1`] = `
"ValidationError: Invalid options object. Dev Server has been initialized using an options object that does not match the API schema.
- options.https should be one of these:
boolean | object { passphrase?, requestCert?, cacert?, key?, pfx?, cert? }
boolean | object { passphrase?, requestCert?, ca?, cacert?, key?, pfx?, cert? }
-> Allows to configure the server's listening socket for TLS (by default, dev server will be served over HTTP).
-> Read more at https://webpack.js.org/configuration/dev-server/#devserverhttps
Details:
Expand Down