From 5c9b7ba125c0e1995f0d7ee114a9fce7dd887e15 Mon Sep 17 00:00:00 2001 From: wolfy1339 Date: Fri, 30 May 2025 00:41:50 -0400 Subject: [PATCH 1/4] fix: don't send the raw Buffer data in the headers Take advantage of the `rawData` field in octokit in order to keep raw payload available to users and not get HTTP 431 Fixes #320 --- index.ts | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/index.ts b/index.ts index c5e2fcba..59e4f06d 100644 --- a/index.ts +++ b/index.ts @@ -65,9 +65,12 @@ class Client { delete data.query; - const body = JSON.stringify(data.body); + const body = data.body; delete data.body; + const rawData = data.rawdata; + delete data.rawdata; + const headers: { [key: string]: any } = {}; Object.keys(data).forEach((key) => { @@ -85,7 +88,8 @@ class Client { const response = await this.#fetch(url.format(target), { method: "POST", mode: data["sec-fetch-mode"], - body, + // Take advantage of the `rawData` field to send the original request body in order to be able to verify the signature + body: JSON.stringify({ body, rawData }), headers, dispatcher: proxyAgent, }); From 74aad5643faaf30a7958a6284c1cce8b767acf0c Mon Sep 17 00:00:00 2001 From: wolfy1339 Date: Fri, 30 May 2025 00:49:59 -0400 Subject: [PATCH 2/4] adapt tests --- test/index.test.ts | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/test/index.test.ts b/test/index.test.ts index aaceb24e..d76bc085 100644 --- a/test/index.test.ts +++ b/test/index.test.ts @@ -40,7 +40,7 @@ describe("client", () => { }); }); - function getPayload(request: IncomingMessage) { + function getPayload(request: IncomingMessage): Promise { return new Promise((resolve, reject) => { let body = ""; request.on("error", reject); @@ -82,7 +82,7 @@ describe("client", () => { expect(req.method).toBe("POST"); expect(req.url).toBe("/"); - const body = await getPayload(req); + const { body } = JSON.parse(await getPayload(req)); expect(body).toBe(JSON.stringify({ hello: "world" })); @@ -135,7 +135,7 @@ describe("client", () => { await fetch(target + "/", { method: "POST", - body: JSON.stringify({ hello: "world" }), + body: JSON.stringify({ body: { hello: "world" } }), headers: { "content-type": "application/json", }, @@ -143,7 +143,7 @@ describe("client", () => { await fetch(source, { method: "POST", - body: JSON.stringify({ hello: "world" }), + body: JSON.stringify({ body: { hello: "world" } }), headers: { "content-type": "application/json", }, From 35db9beb8793a4e5a98d00111cce3d57ef2901c7 Mon Sep 17 00:00:00 2001 From: wolfy1339 Date: Fri, 30 May 2025 01:00:01 -0400 Subject: [PATCH 3/4] Adapt --- index.ts | 6 ++---- test/index.test.ts | 6 +++--- 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/index.ts b/index.ts index 59e4f06d..eabb88e6 100644 --- a/index.ts +++ b/index.ts @@ -65,10 +65,8 @@ class Client { delete data.query; - const body = data.body; + const body = JSON.stringify({ body: data.body, rawdata: data.rawdata }); delete data.body; - - const rawData = data.rawdata; delete data.rawdata; const headers: { [key: string]: any } = {}; @@ -89,7 +87,7 @@ class Client { method: "POST", mode: data["sec-fetch-mode"], // Take advantage of the `rawData` field to send the original request body in order to be able to verify the signature - body: JSON.stringify({ body, rawData }), + body, headers, dispatcher: proxyAgent, }); diff --git a/test/index.test.ts b/test/index.test.ts index d76bc085..2ab4ba2a 100644 --- a/test/index.test.ts +++ b/test/index.test.ts @@ -82,12 +82,12 @@ describe("client", () => { expect(req.method).toBe("POST"); expect(req.url).toBe("/"); - const { body } = JSON.parse(await getPayload(req)); + const reqBody = JSON.parse(await getPayload(req)); - expect(body).toBe(JSON.stringify({ hello: "world" })); + expect(reqBody.body).toEqual({ hello: "world" }); res.writeHead(200, { "content-type": "application/json" }); - res.end(body); + res.end(JSON.stringify(reqBody.body)); ++callCount; From ad0a55283d33b630a7210faf819dae3501f06557 Mon Sep 17 00:00:00 2001 From: wolfy1339 Date: Fri, 30 May 2025 13:48:35 -0400 Subject: [PATCH 4/4] fixup tests --- test/index.test.ts | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/test/index.test.ts b/test/index.test.ts index 2ab4ba2a..e610728e 100644 --- a/test/index.test.ts +++ b/test/index.test.ts @@ -87,7 +87,7 @@ describe("client", () => { expect(reqBody.body).toEqual({ hello: "world" }); res.writeHead(200, { "content-type": "application/json" }); - res.end(JSON.stringify(reqBody.body)); + res.end(JSON.stringify(reqBody)); ++callCount; @@ -132,10 +132,12 @@ describe("client", () => { client.start(); await readyPromise.promise; + const payload = { hello: "world" }; + const rawData = JSON.stringify(payload); await fetch(target + "/", { method: "POST", - body: JSON.stringify({ body: { hello: "world" } }), + body: JSON.stringify({ body: payload, rawdata: rawData }), headers: { "content-type": "application/json", }, @@ -143,7 +145,7 @@ describe("client", () => { await fetch(source, { method: "POST", - body: JSON.stringify({ body: { hello: "world" } }), + body: JSON.stringify(payload), headers: { "content-type": "application/json", },