MCPcopy Index your code
hub / github.com/claude-code-best/claude-code / execHttpHook

Function execHttpHook

src/utils/hooks/execHttpHook.ts:124–243  ·  view source on GitHub ↗
(
  hook: HttpHook,
  _hookEvent: HookEvent,
  jsonInput: string,
  signal?: AbortSignal,
)

Source from the content-addressed store, hash-verified

122 * all other references are replaced with empty strings.
123 */
124export async function execHttpHook(
125 hook: HttpHook,
126 _hookEvent: HookEvent,
127 jsonInput: string,
128 signal?: AbortSignal,
129): Promise<{
130 ok: boolean
131 statusCode?: number
132 body: string
133 error?: string
134 aborted?: boolean
135}> {
136 // Enforce URL allowlist before any I/O. Follows allowedMcpServers semantics:
137 // undefined → no restriction; [] → block all; non-empty → must match a pattern.
138 const policy = getHttpHookPolicy()
139 if (policy.allowedUrls !== undefined) {
140 const matched = policy.allowedUrls.some(p => urlMatchesPattern(hook.url, p))
141 if (!matched) {
142 const msg = `HTTP hook blocked: ${hook.url} does not match any pattern in allowedHttpHookUrls`
143 logForDebugging(msg, { level: 'warn' })
144 return { ok: false, body: '', error: msg }
145 }
146 }
147
148 const timeoutMs = hook.timeout
149 ? hook.timeout * 1000
150 : DEFAULT_HTTP_HOOK_TIMEOUT_MS
151
152 const { signal: combinedSignal, cleanup } = createCombinedAbortSignal(
153 signal,
154 { timeoutMs },
155 )
156
157 try {
158 // Build headers with env var interpolation in values
159 const headers: Record<string, string> = {
160 'Content-Type': 'application/json',
161 }
162 if (hook.headers) {
163 // Intersect hook's allowedEnvVars with policy allowlist when policy is set
164 const hookVars = hook.allowedEnvVars ?? []
165 const effectiveVars =
166 policy.allowedEnvVars !== undefined
167 ? hookVars.filter(v => policy.allowedEnvVars!.includes(v))
168 : hookVars
169 const allowedEnvVars = new Set(effectiveVars)
170 for (const [name, value] of Object.entries(hook.headers)) {
171 headers[name] = interpolateEnvVars(value, allowedEnvVars)
172 }
173 }
174
175 // Route through sandbox network proxy when available. The proxy enforces
176 // the domain allowlist and returns 403 for blocked domains.
177 const sandboxProxy = await getSandboxProxyConfig()
178
179 // Detect env var proxy (HTTP_PROXY / HTTPS_PROXY, respecting NO_PROXY).
180 // When set, configureGlobalAgents() has already installed a request
181 // interceptor that sets httpsAgent to an HttpsProxyAgent — the proxy

Callers 2

executeHooksFunction · 0.85
executeHooksOutsideREPLFunction · 0.85

Calls 11

getHttpHookPolicyFunction · 0.85
interpolateEnvVarsFunction · 0.85
getSandboxProxyConfigFunction · 0.85
getProxyUrlFunction · 0.85
shouldBypassProxyFunction · 0.85
entriesMethod · 0.80
urlMatchesPatternFunction · 0.70
logForDebuggingFunction · 0.50
cleanupFunction · 0.50
errorMessageFunction · 0.50

Tested by

no test coverage detected