Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface PassThroughHandlerOptions

Hierarchy

Index

Properties

clientCertificateHostMap?: {}

A mapping of hosts to client certificates to use, in the form of { key, cert } objects (none, by default)

Type declaration

  • [host: string]: { passphrase?: string; pfx: Buffer }
    • Optional passphrase?: string
    • pfx: Buffer
forwarding?: ForwardingOptions

The forwarding configuration for the passthrough rule. This generally shouldn't be used explicitly unless you're building rule data by hand. Instead, call thenPassThrough to send data directly or thenForwardTo with options to configure traffic forwarding.

ignoreHostHttpsErrors?: boolean | string[]

A list of hostnames for which server certificate and TLS version errors should be ignored (none, by default).

If set to 'true', HTTPS errors will be ignored for all hosts. WARNING: Use this at your own risk. Setting this to true can open your application to MITM attacks and should never be used over any network that is not completed trusted end-to-end.

lookupOptions?: PassThroughLookupOptions

Custom DNS options, to allow configuration of the resolver used when forwarding requests upstream. Passing any option switches from using node's default dns.lookup function to using the cacheable-lookup module, which will cache responses.

proxyConfig?: ProxyConfig

Upstream proxy configuration: pass through requests via this proxy.

If this is undefined, no proxy will be used. To configure a proxy provide either:

  • a ProxySettings object
  • a callback which will be called with an object containing the hostname, and must return a ProxySettings object or undefined.
  • an array of ProxySettings or callbacks. The array will be processed in order, and the first not-undefined ProxySettings found will be used.

When using a remote client, this parameter or individual array values may be passed by reference, using the name of a rule parameter configured in the admin server.

simulateConnectionErrors?: boolean

Whether to simulate connection errors back to the client.

By default (in most cases - see below) when an upstream request fails outright a 502 "Bad Gateway" response is sent to the downstream client, explicitly indicating the failure and containing the error that caused the issue in the response body.

Only in the case of upstream connection reset errors is a connection reset normally sent back downstream to existing clients (this behaviour exists for backward compatibility, and will change to match other error behaviour in a future version).

When this option is set to true, low-level connection failures will always trigger a downstream connection close/reset, rather than a 502 response.

This includes DNS failures, TLS connection errors, TCP connection resets, etc (but not HTTP non-200 responses, which are still proxied as normal). This is less convenient for debugging in a testing environment or when using a proxy intentionally, but can be more accurate when trying to transparently proxy network traffic, errors and all.

A set of data to automatically transform a request. This includes properties to support many transformation common use cases.

For advanced cases, a custom callback using beforeRequest can be used instead. Using this field however where possible is typically simpler, more declarative, and can be more performant. The two options are mutually exclusive: you cannot use both transformRequest and a beforeRequest callback.

Only one transformation for each target (method, headers & body) can be specified. If more than one is specified then an error will be thrown when the rule is registered.

A set of data to automatically transform a response. This includes properties to support many transformation common use cases.

For advanced cases, a custom callback using beforeResponse can be used instead. Using this field however where possible is typically simpler, more declarative, and can be more performant. The two options are mutually exclusive: you cannot use both transformResponse and a beforeResponse callback.

Only one transformation for each target (status, headers & body) can be specified. If more than one is specified then an error will be thrown when the rule is registered.

trustAdditionalCAs?: ({ cert: string | Buffer } | { certPath: string })[]

An array of additional certificates, which should be trusted as certificate authorities for upstream hosts, in addition to Node.js's built-in certificate authorities.

Each certificate should be an object with either a cert key and a string or buffer value containing the PEM certificate, or a certPath key and a string value containing the local path to the PEM certificate.

Methods

Generated using TypeDoc