I'm currently developing a Visual Studio Code extension that involves making HTTPS GET requests. I'm working on ignoring invalid certificates, specifically expired certificates.
Below is a simple TypeScript script that successfully achieves this:
import * as https from "https";
import axios from "axios";
try {
const test = async () => {
await axios.get(
'https://expired.badssl.com/',
{
httpsAgent: new https.Agent({
rejectUnauthorized: false
})
}
);
};
test();
} catch (e) {
console.log(e);
}
Upon compiling and running the script, the expected outcome is that nothing is returned. If the rejectUnauthorized parameter is set to true, an error related to the expired certificate is logged.
However, when a TypeScript extension is created using the https://code.visualstudio.com/api/get-started/your-first-extension guide with the yo code command, a similar axios request results in a certificate expired error, regardless of the parameter value passed to rejectUnauthorized.
Snippet of TypeScript code generated using yo code:
import * as vscode from 'vscode';
import * as https from "https";
import axios from "axios";
export async function activate(context: vscode.ExtensionContext) {
let disposable = vscode.commands.registerCommand('nameOfExtension.helloWorld', async () => {
try {
await axios.get(
'https://expired.badssl.com/',
{
httpsAgent: new https.Agent({
rejectUnauthorized: false
})
}
);
} catch (e) {
console.log(e);
}
});
context.subscriptions.push(disposable);
}
export function deactivate() {}
(where nameOfExtension corresponds to the extension name in package.json)
Functionality of the extension: Users can trigger the 'hello world' command from the command palette (cmd+P on mac) to execute the axios request. If successful, no action is taken, otherwise, an error message is printed to the console.
One workaround I discovered to make the extension ignore the certificate issue is by adding the line of code
https.globalAgent.options.rejectUnauthorized = falseHowever, I prefer not to set this globally and would like the rejectUnauthorized to function for individual instances.
I'm curious to know why the rejectUnauthorized method in the example does not work within vscode?
Here are a few thoughts I have on this:
- Could it be related to the environment?
- Is the global setting automatically applied when the extension runs, possibly overriding the local setting I'm trying to implement?
Additional information:
"devDependencies": {
"@types/vscode": "^1.61.0",
"@types/glob": "^7.1.4",
"@types/mocha": "^9.0.0",
"@types/node": "14.x",
"@typescript-eslint/eslint-plugin": "^4.31.1",
"@typescript-eslint/parser": "^4.31.1",
"eslint": "^7.32.0",
"glob": "^7.1.7",
"mocha": "^9.1.1",
"typescript": "^4.4.3",
"@vscode/test-electron": "^1.6.2"
},
"dependencies": {
"axios": "^0.21.4",
"https": "^1.0.0"
}