fix(cache): thread disableCache and hostname through all agent-creation paths

- Forward disableHttpHttpsAgentsCache through getHttpHttpsAgents → createAgents
  so OAuth2 token requests and bru.sendRequest honour the CLI flag
- Add hostname to agent cache keys (getAgentCacheKey, getHttpAgentCacheKey)
  for per-host TLS session reuse; extract hostname at every call site in
  run-single-request.js, proxy-util.js, and http-https-agents.ts
- Add extractHostname helper in http-https-agents.ts to safely parse hostnames
- Add test coverage for cert, key, pfx, passphrase, and hostname cache-key
  differentiation in agent-cache.spec.ts
This commit is contained in:
lohit-bruno
2026-03-03 18:33:58 +05:30
parent b29bdc1e97
commit 3619448d55
5 changed files with 129 additions and 38 deletions

View File

@@ -204,7 +204,8 @@ const runSingleRequest = async function (
shouldVerifyTls: !get(options, 'insecure', false),
shouldUseCustomCaCertificate: !!options['cacert'],
customCaCertificateFilePath: options['cacert'],
shouldKeepDefaultCaCertificates: !options['ignoreTruststore']
shouldKeepDefaultCaCertificates: !options['ignoreTruststore'],
disableHttpHttpsAgentsCache: get(options, 'disableHttpHttpsAgentsCache', false)
},
clientCertificates: rawClientCertificates ? interpolateObject(rawClientCertificates, sendRequestInterpolationOptions) : undefined,
collectionLevelProxy: transformProxyConfig(interpolateObject(rawProxyConfig, sendRequestInterpolationOptions)),
@@ -438,6 +439,7 @@ const runSingleRequest = async function (
const parsedRequestUrl = new URL(request.url);
const isHttpsRequest = parsedRequestUrl.protocol === 'https:';
const hostname = parsedRequestUrl.hostname || null;
if (proxyMode === 'on') {
const shouldProxy = shouldUseProxy(request.url, get(proxyConfig, 'bypassProxy', ''));
@@ -460,15 +462,15 @@ const runSingleRequest = async function (
// Only set the agent needed for the request protocol
if (socksEnabled) {
if (isHttpsRequest) {
request.httpsAgent = getOrCreateAgent({ AgentClass: SocksProxyAgent, options: tlsOptions, proxyUri, disableCache });
request.httpsAgent = getOrCreateAgent({ AgentClass: SocksProxyAgent, options: tlsOptions, proxyUri, disableCache, hostname });
} else {
request.httpAgent = getOrCreateHttpAgent({ AgentClass: SocksProxyAgent, options: httpAgentOptions, proxyUri, disableCache });
request.httpAgent = getOrCreateHttpAgent({ AgentClass: SocksProxyAgent, options: httpAgentOptions, proxyUri, disableCache, hostname });
}
} else {
if (isHttpsRequest) {
request.httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions, proxyUri, disableCache });
request.httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions, proxyUri, disableCache, hostname });
} else {
request.httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: httpAgentOptions, proxyUri, disableCache });
request.httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: httpAgentOptions, proxyUri, disableCache, hostname });
}
}
}
@@ -480,7 +482,7 @@ const runSingleRequest = async function (
try {
if (http_proxy?.length && !isHttpsRequest) {
new URL(http_proxy);
request.httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: httpAgentOptions, proxyUri: http_proxy, disableCache });
request.httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: httpAgentOptions, proxyUri: http_proxy, disableCache, hostname });
}
} catch (error) {
throw new Error('Invalid system http_proxy');
@@ -488,7 +490,7 @@ const runSingleRequest = async function (
try {
if (https_proxy?.length && isHttpsRequest) {
new URL(https_proxy);
request.httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions, proxyUri: https_proxy, disableCache });
request.httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions, proxyUri: https_proxy, disableCache, hostname });
}
} catch (error) {
throw new Error('Invalid system https_proxy');
@@ -502,9 +504,9 @@ const runSingleRequest = async function (
if (!request.httpAgent && !request.httpsAgent) {
if (isHttpsRequest) {
request.httpsAgent = getOrCreateAgent({ AgentClass: https.Agent, options: tlsOptions, disableCache });
request.httpsAgent = getOrCreateAgent({ AgentClass: https.Agent, options: tlsOptions, disableCache, hostname });
} else {
request.httpAgent = getOrCreateHttpAgent({ AgentClass: http.Agent, options: httpAgentOptions, disableCache });
request.httpAgent = getOrCreateHttpAgent({ AgentClass: http.Agent, options: httpAgentOptions, disableCache, hostname });
}
}
@@ -617,7 +619,8 @@ const runSingleRequest = async function (
shouldVerifyTls: !insecure,
shouldUseCustomCaCertificate: !!options['cacert'],
customCaCertificateFilePath: options['cacert'],
shouldKeepDefaultCaCertificates: !options['ignoreTruststore']
shouldKeepDefaultCaCertificates: !options['ignoreTruststore'],
disableHttpHttpsAgentsCache: disableCache
};
const clientCertificates = get(brunoConfig, 'clientCertificates');

View File

@@ -110,6 +110,7 @@ function setupProxyAgents({
const parsedUrl = parseUrl(requestConfig.url);
const isHttpsRequest = parsedUrl.protocol === 'https:';
const hostname = parsedUrl.hostname || null;
if (proxyMode === 'on') {
const shouldProxy = shouldUseProxy(requestConfig.url, get(proxyConfig, 'bypassProxy', ''));
@@ -142,15 +143,15 @@ function setupProxyAgents({
// Only set the agent needed for the request protocol
if (socksEnabled) {
if (isHttpsRequest) {
requestConfig.httpsAgent = getOrCreateAgent({ AgentClass: SocksProxyAgent, options: tlsOptions, proxyUri, timeline, disableCache });
requestConfig.httpsAgent = getOrCreateAgent({ AgentClass: SocksProxyAgent, options: tlsOptions, proxyUri, timeline, disableCache, hostname });
} else {
requestConfig.httpAgent = getOrCreateHttpAgent({ AgentClass: SocksProxyAgent, options: { keepAlive: true }, proxyUri, timeline, disableCache });
requestConfig.httpAgent = getOrCreateHttpAgent({ AgentClass: SocksProxyAgent, options: { keepAlive: true }, proxyUri, timeline, disableCache, hostname });
}
} else {
if (isHttpsRequest) {
requestConfig.httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions, proxyUri, timeline, disableCache });
requestConfig.httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions, proxyUri, timeline, disableCache, hostname });
} else {
requestConfig.httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: { keepAlive: true }, proxyUri, timeline, disableCache });
requestConfig.httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: { keepAlive: true }, proxyUri, timeline, disableCache, hostname });
}
}
}
@@ -168,7 +169,7 @@ function setupProxyAgents({
message: `Using system proxy: ${http_proxy}`
});
}
requestConfig.httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: { keepAlive: true }, proxyUri: http_proxy, timeline, disableCache });
requestConfig.httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: { keepAlive: true }, proxyUri: http_proxy, timeline, disableCache, hostname });
}
} catch (error) {
throw new Error(`Invalid system http_proxy "${http_proxy}": ${error.message}`);
@@ -183,7 +184,7 @@ function setupProxyAgents({
message: `Using system proxy: ${https_proxy}`
});
}
requestConfig.httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions, proxyUri: https_proxy, timeline, disableCache });
requestConfig.httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions, proxyUri: https_proxy, timeline, disableCache, hostname });
}
} catch (error) {
throw new Error(`Invalid system https_proxy "${https_proxy}": ${error.message}`);
@@ -193,9 +194,9 @@ function setupProxyAgents({
if (!requestConfig.httpAgent && !requestConfig.httpsAgent) {
if (isHttpsRequest) {
requestConfig.httpsAgent = getOrCreateAgent({ AgentClass: https.Agent, options: tlsOptions, proxyUri: null, timeline, disableCache });
requestConfig.httpsAgent = getOrCreateAgent({ AgentClass: https.Agent, options: tlsOptions, proxyUri: null, timeline, disableCache, hostname });
} else {
requestConfig.httpAgent = getOrCreateHttpAgent({ AgentClass: http.Agent, options: { keepAlive: true }, proxyUri: null, timeline, disableCache });
requestConfig.httpAgent = getOrCreateHttpAgent({ AgentClass: http.Agent, options: { keepAlive: true }, proxyUri: null, timeline, disableCache, hostname });
}
}
}

View File

@@ -42,6 +42,38 @@ describe('Agent Cache', () => {
expect(getAgentCacheSize()).toBe(2);
});
it('creates separate agents for different cert values', () => {
const agent1 = getOrCreateAgent({ AgentClass: https.Agent, options: { cert: Buffer.from('cert-a') } });
const agent2 = getOrCreateAgent({ AgentClass: https.Agent, options: { cert: Buffer.from('cert-b') } });
expect(agent1).not.toBe(agent2);
expect(getAgentCacheSize()).toBe(2);
});
it('creates separate agents for different key values', () => {
const agent1 = getOrCreateAgent({ AgentClass: https.Agent, options: { key: Buffer.from('key-a') } });
const agent2 = getOrCreateAgent({ AgentClass: https.Agent, options: { key: Buffer.from('key-b') } });
expect(agent1).not.toBe(agent2);
expect(getAgentCacheSize()).toBe(2);
});
it('creates separate agents for different pfx values', () => {
const agent1 = getOrCreateAgent({ AgentClass: https.Agent, options: { pfx: Buffer.from('pfx-a') } });
const agent2 = getOrCreateAgent({ AgentClass: https.Agent, options: { pfx: Buffer.from('pfx-b') } });
expect(agent1).not.toBe(agent2);
expect(getAgentCacheSize()).toBe(2);
});
it('creates separate agents for different passphrase values', () => {
const agent1 = getOrCreateAgent({ AgentClass: https.Agent, options: { passphrase: 'pass-a' } });
const agent2 = getOrCreateAgent({ AgentClass: https.Agent, options: { passphrase: 'pass-b' } });
expect(agent1).not.toBe(agent2);
expect(getAgentCacheSize()).toBe(2);
});
it('creates separate agents for different proxy URIs', () => {
const options = { rejectUnauthorized: true };
@@ -69,6 +101,36 @@ describe('Agent Cache', () => {
expect(agent1).not.toBe(agent2);
expect(getAgentCacheSize()).toBe(2);
});
it('creates separate agents for different hostnames', () => {
const options = { rejectUnauthorized: true };
const agent1 = getOrCreateAgent({ AgentClass: https.Agent, options, hostname: 'api.example.com' });
const agent2 = getOrCreateAgent({ AgentClass: https.Agent, options, hostname: 'auth.example.com' });
expect(agent1).not.toBe(agent2);
expect(getAgentCacheSize()).toBe(2);
});
it('returns cached agent for the same hostname', () => {
const options = { rejectUnauthorized: true };
const agent1 = getOrCreateAgent({ AgentClass: https.Agent, options, hostname: 'api.example.com' });
const agent2 = getOrCreateAgent({ AgentClass: https.Agent, options, hostname: 'api.example.com' });
expect(agent1).toBe(agent2);
expect(getAgentCacheSize()).toBe(1);
});
it('creates separate agents for null hostname vs explicit hostname', () => {
const options = { rejectUnauthorized: true };
const agent1 = getOrCreateAgent({ AgentClass: https.Agent, options, hostname: null });
const agent2 = getOrCreateAgent({ AgentClass: https.Agent, options, hostname: 'api.example.com' });
expect(agent1).not.toBe(agent2);
expect(getAgentCacheSize()).toBe(2);
});
});
describe('timeline support', () => {

View File

@@ -75,10 +75,11 @@ function hashCaValue(value: string | Buffer | (string | Buffer)[] | undefined):
* Generate a cache key from HTTPS agent options.
* Uses a hash of the serialized options to create a compact key.
*/
function getAgentCacheKey(agentClassId: number, options: AgentOptions, proxyUri: string | null = null): string {
function getAgentCacheKey(agentClassId: number, options: AgentOptions, proxyUri: string | null = null, hostname: string | null = null): string {
// Extract the TLS-relevant options for the cache key
const keyData = {
agentClassId,
hostname,
proxyUri,
keepAlive: options.keepAlive,
rejectUnauthorized: options.rejectUnauthorized,
@@ -98,9 +99,10 @@ function getAgentCacheKey(agentClassId: number, options: AgentOptions, proxyUri:
* Generate a cache key from HTTP agent options.
* Simpler than HTTPS since no TLS options are involved.
*/
function getHttpAgentCacheKey(agentClassId: number, options: HttpAgentOptions, proxyUri: string | null = null): string {
function getHttpAgentCacheKey(agentClassId: number, options: HttpAgentOptions, proxyUri: string | null = null, hostname: string | null = null): string {
const keyData = {
agentClassId,
hostname,
proxyUri,
keepAlive: options.keepAlive
};
@@ -136,7 +138,7 @@ function getTimelineHttpAgentClass(BaseAgentClass: any): HttpAgentClass {
/**
* Type for cache key generation functions.
*/
type CacheKeyFn<T> = (classId: number, options: T, proxyUri: string | null) => string;
type CacheKeyFn<T> = (classId: number, options: T, proxyUri: string | null, hostname: string | null) => string;
/**
* Type for timeline class wrapper functions.
@@ -155,10 +157,11 @@ function getOrCreateAgentInternal<TOptions extends HttpAgentOptions>(
getCacheKey: CacheKeyFn<TOptions>,
getTimelineClass: TimelineClassFn,
cacheHitMessage: string,
disableCache: boolean = false
disableCache: boolean = false,
hostname: string | null = null
): HttpAgent | HttpsAgent {
const agentClassId = getAgentClassId(BaseAgentClass);
const cacheKey = getCacheKey(agentClassId, options, proxyUri);
const cacheKey = getCacheKey(agentClassId, options, proxyUri, hostname);
if (!disableCache && agentCache.has(cacheKey)) {
// Move to end for LRU (delete and re-add)
@@ -223,13 +226,15 @@ function getOrCreateAgent({
options,
proxyUri = null,
timeline = null,
disableCache = false
disableCache = false,
hostname = null
}: {
AgentClass: any;
options: AgentOptions;
proxyUri?: string | null;
timeline?: TimelineEntry[] | null;
disableCache?: boolean;
hostname?: string | null;
}): HttpAgent | HttpsAgent {
return getOrCreateAgentInternal(
AgentClass,
@@ -239,7 +244,8 @@ function getOrCreateAgent({
getAgentCacheKey,
getTimelineAgentClass,
'Reusing cached https agent',
disableCache
disableCache,
hostname
);
}
@@ -254,13 +260,15 @@ function getOrCreateHttpAgent({
options,
proxyUri = null,
timeline = null,
disableCache = false
disableCache = false,
hostname = null
}: {
AgentClass: any;
options: HttpAgentOptions;
proxyUri?: string | null;
timeline?: TimelineEntry[] | null;
disableCache?: boolean;
hostname?: string | null;
}): HttpAgent {
return getOrCreateAgentInternal(
AgentClass,
@@ -270,7 +278,8 @@ function getOrCreateHttpAgent({
getHttpAgentCacheKey,
getTimelineHttpAgentClass,
'Reusing cached http agent',
disableCache
disableCache,
hostname
) as HttpAgent;
}

View File

@@ -96,6 +96,7 @@ type ConfigOptions = {
shouldUseCustomCaCertificate: boolean;
customCaCertificateFilePath?: string;
shouldKeepDefaultCaCertificates: boolean;
disableHttpHttpsAgentsCache?: boolean;
};
type GetCertsAndProxyConfigParams = {
@@ -124,6 +125,7 @@ type CreateAgentsParams = {
httpsAgentRequestFields: HttpsAgentRequestFields;
systemProxyConfig?: SystemProxyConfig;
timeline?: TimelineEntry[];
disableCache?: boolean;
};
type GetHttpHttpsAgentsParams = {
@@ -341,6 +343,15 @@ const getCertsAndProxyConfig = ({
return { proxyMode, proxyConfig, certsConfig };
};
function extractHostname(url: string | undefined): string | null {
if (!url) return null;
try {
return new URL(url).hostname || null;
} catch {
return null;
}
}
function createAgents({
requestUrl,
proxyMode,
@@ -348,7 +359,8 @@ function createAgents({
systemProxyConfig,
certsConfig,
httpsAgentRequestFields,
timeline
timeline,
disableCache = false
}: CreateAgentsParams): AgentResult {
// Ensure TLS options are properly set
const tlsOptions: TlsOptions = {
@@ -367,6 +379,9 @@ function createAgents({
// Determine if this is an HTTPS request
const isHttpsRequest = requestUrl ? requestUrl.startsWith('https:') : true;
// Extract hostname for per-host agent caching (enables TLS session reuse per host)
const hostname = extractHostname(requestUrl);
if (proxyMode === 'on') {
const shouldProxy = shouldUseProxy(requestUrl, get(proxyConfig, 'bypassProxy', ''));
if (shouldProxy) {
@@ -393,21 +408,21 @@ function createAgents({
// Only set the agent needed for the request protocol
if (socksEnabled) {
if (isHttpsRequest) {
httpsAgent = getOrCreateAgent({ AgentClass: SocksProxyAgent, options: tlsOptions as any, proxyUri, timeline: timeline || null }) as HttpsAgent;
httpsAgent = getOrCreateAgent({ AgentClass: SocksProxyAgent, options: tlsOptions as any, proxyUri, timeline: timeline || null, disableCache, hostname }) as HttpsAgent;
} else {
httpAgent = getOrCreateHttpAgent({ AgentClass: SocksProxyAgent, options: { keepAlive: true }, proxyUri, timeline: timeline || null });
httpAgent = getOrCreateHttpAgent({ AgentClass: SocksProxyAgent, options: { keepAlive: true }, proxyUri, timeline: timeline || null, disableCache, hostname });
}
} else {
if (isHttpsRequest) {
httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions as any, proxyUri, timeline: timeline || null }) as HttpsAgent;
httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions as any, proxyUri, timeline: timeline || null, disableCache, hostname }) as HttpsAgent;
} else {
httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: { keepAlive: true }, proxyUri, timeline: timeline || null });
httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: { keepAlive: true }, proxyUri, timeline: timeline || null, disableCache, hostname });
}
}
} else {
// If proxy should not be used, only set HTTPS agent for HTTPS requests
if (isHttpsRequest) {
httpsAgent = getOrCreateAgent({ AgentClass: https.Agent, options: tlsOptions as any, timeline: timeline || null }) as HttpsAgent;
httpsAgent = getOrCreateAgent({ AgentClass: https.Agent, options: tlsOptions as any, timeline: timeline || null, disableCache, hostname }) as HttpsAgent;
}
// HTTP requests without proxy don't need a custom agent
}
@@ -420,7 +435,7 @@ function createAgents({
try {
if (http_proxy?.length && !isHttpsRequest) {
new URL(http_proxy);
httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: { keepAlive: true }, proxyUri: http_proxy, timeline: timeline || null });
httpAgent = getOrCreateHttpAgent({ AgentClass: HttpProxyAgent, options: { keepAlive: true }, proxyUri: http_proxy, timeline: timeline || null, disableCache, hostname });
}
} catch (error) {
throw new Error('Invalid system http_proxy');
@@ -428,7 +443,7 @@ function createAgents({
try {
if (https_proxy?.length && isHttpsRequest) {
new URL(https_proxy);
httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions as any, proxyUri: https_proxy, timeline: timeline || null }) as HttpsAgent;
httpsAgent = getOrCreateAgent({ AgentClass: PatchedHttpsProxyAgent, options: tlsOptions as any, proxyUri: https_proxy, timeline: timeline || null, disableCache, hostname }) as HttpsAgent;
}
} catch (error) {
throw new Error('Invalid system https_proxy');
@@ -438,9 +453,9 @@ function createAgents({
if (!httpAgent && !httpsAgent) {
if (isHttpsRequest) {
httpsAgent = getOrCreateAgent({ AgentClass: https.Agent, options: tlsOptions as any, timeline: timeline || null }) as HttpsAgent;
httpsAgent = getOrCreateAgent({ AgentClass: https.Agent, options: tlsOptions as any, timeline: timeline || null, disableCache, hostname }) as HttpsAgent;
} else {
httpAgent = getOrCreateHttpAgent({ AgentClass: http.Agent, options: { keepAlive: true }, timeline: timeline || null });
httpAgent = getOrCreateHttpAgent({ AgentClass: http.Agent, options: { keepAlive: true }, timeline: timeline || null, disableCache, hostname });
}
}
@@ -483,7 +498,8 @@ const getHttpHttpsAgents = async ({
systemProxyConfig,
certsConfig,
httpsAgentRequestFields,
timeline
timeline,
disableCache: options.disableHttpHttpsAgentsCache
});
return { httpAgent, httpsAgent };