remove fallback to node-fetch

5 years ago · 8a2b6a5519
parent 8c7c76a5c6
commit 8a2b6a5519
18 changed files with 169 additions and 179 deletions
--- a/app/config.js
+++ b/app/config.js
@ -23,7 +23,6 @@ if (environment === 'production') {
  process.env.HOSTNAME = '';
  process.env.ALLOW_CONFIG_MUTATIONS = '';
  process.env.SUPPRESS_NO_CONFIG_WARNING = '';
  process.env.NODE_TLS_REJECT_UNAUTHORIZED = '';
  // We could be running againt production but still be in dev mode, we need to handle that
  if (!isDevelopment) {
--- a/js/modules/debuglogs.js
+++ b/js/modules/debuglogs.js
@ -2,7 +2,7 @@
 /* global window */
 const FormData = require('form-data');
-const fetch = require('node-fetch');
+const insecureNodeFetch = require('node-fetch');
 const BASE_URL = 'https://debuglogs.org';
 const VERSION = window.getVersion();
@ -10,7 +10,7 @@ const USER_AGENT = `Session ${VERSION}`;
 //      upload :: String -> Promise URL
 exports.upload = async content => {
-  const signedForm = await fetch(BASE_URL, {
+  const signedForm = await insecureNodeFetch(BASE_URL, {
    headers: {
      'user-agent': USER_AGENT,
    },
@ -38,7 +38,7 @@ exports.upload = async content => {
    filename: `session-desktop-debug-log-${VERSION}.txt`,
  });
-  const result = await fetch(url, {
+  const result = await insecureNodeFetch(url, {
    method: 'POST',
    body: form,
  });
--- a/js/modules/loki_app_dot_net_api.js
+++ b/js/modules/loki_app_dot_net_api.js
@ -1,7 +1,7 @@
 /* global log, textsecure, libloki, Signal, Whisper,
 clearTimeout, getMessageController, libsignal, StringView, window, _,
 dcodeIO, Buffer, process */
-const nodeFetch = require('node-fetch');
+const insecureNodeFetch = require('node-fetch');
 const { URL, URLSearchParams } = require('url');
 const FormData = require('form-data');
 const https = require('https');
@ -253,7 +253,7 @@ const serverRequest = async (endpoint, options = {}) => {
  let response;
  let result;
  let txtResponse;
-  let mode = 'nodeFetch';
+  let mode = 'insecureNodeFetch';
  try {
    const host = url.host.toLowerCase();
    // log.info('host', host, FILESERVER_HOSTS);
@ -268,7 +268,12 @@ const serverRequest = async (endpoint, options = {}) => {
        fetchOptions,
        options
      ));
-    } else if (window.lokiFeatureFlags.useFileOnionRequests && srvPubKey) {
+    } else if (window.lokiFeatureFlags.useFileOnionRequests) {
      if (!srvPubKey) {
        throw new Error(
          'useFileOnionRequests=true but we do not have a server pubkey set.'
        );
      }
      mode = 'sendViaOnionOG';
      ({ response, txtResponse, result } = await sendViaOnion(
        srvPubKey,
@ -277,13 +282,9 @@ const serverRequest = async (endpoint, options = {}) => {
        options
      ));
    } else {
-      // disable check for .loki
+      // we end up here only if window.lokiFeatureFlags.useFileOnionRequests is false
-      process.env.NODE_TLS_REJECT_UNAUTHORIZED = host.match(/\.loki$/i)
+      log.info(`insecureNodeFetch => plaintext for ${url}`);
-        ? '0'
+      result = await insecureNodeFetch(url, fetchOptions);
        : '1';
      result = await nodeFetch(url, fetchOptions);
      // always make sure this check is enabled
      process.env.NODE_TLS_REJECT_UNAUTHORIZED = '1';
      txtResponse = await result.text();
      // cloudflare timeouts (504s) will be html...
@ -1395,23 +1396,13 @@ class LokiPublicChannelAPI {
          // do we already have this image? no, then
          // download a copy and save it
-          const imageData = await nodeFetch(avatarAbsUrl);
+          const imageData = await this.serverAPI.downloadAttachment(
-          // eslint-disable-next-line no-inner-declarations
+            avatarAbsUrl
-          function toArrayBuffer(buf) {
+          );
            const ab = new ArrayBuffer(buf.length);
            const view = new Uint8Array(ab);
            // eslint-disable-next-line no-plusplus
            for (let i = 0; i < buf.length; i++) {
              view[i] = buf[i];
            }
            return ab;
          }
          // eslint-enable-next-line no-inner-declarations
          const buffer = await imageData.buffer();
          const newAttributes = await window.Signal.Types.Conversation.maybeUpdateAvatar(
            this.conversation.attributes,
-            toArrayBuffer(buffer),
+            imageData,
            {
              writeNewAttachmentData,
              deleteAttachmentData,
--- a/js/modules/loki_primitives.js
+++ b/js/modules/loki_primitives.js
@ -41,9 +41,14 @@ async function allowOnlyOneAtATime(name, process, timeout) {
      try {
        innerRetVal = await process();
      } catch (e) {
-        log.error(
+        if (typeof e === 'string') {
-          `loki_primitives:::allowOnlyOneAtATime - error ${e.code} ${e.message}`
+          log.error(`loki_primitives:::allowOnlyOneAtATime - error ${e}`);
-        );
+        } else {
          log.error(
            `loki_primitives:::allowOnlyOneAtATime - error ${e.code} ${e.message}`
          );
        }
        // clear timeout timer
        if (timeout) {
          if (timeoutTimer !== null) {
--- a/js/modules/loki_public_chat_api.js
+++ b/js/modules/loki_public_chat_api.js
@ -2,78 +2,93 @@
 const EventEmitter = require('events');
 const LokiAppDotNetAPI = require('./loki_app_dot_net_api');
-const nodeFetch = require('node-fetch');
+const insecureNodeFetch = require('node-fetch');
-
+
 /**
 * Tries to establish a connection with the specified open group url.
 *
 * This will try to do an onion routing call if the `useFileOnionRequests` feature flag is set,
 * or call directly insecureNodeFetch if it's not.
 *
 * Returns
 *  * true if useFileOnionRequests is false and no exception where thrown by insecureNodeFetch
 *  * true if useFileOnionRequests is true and we established a connection to the server with onion routing
 *  * false otherwise
 *
 */
 const validOpenGroupServer = async serverUrl => {
  // test to make sure it's online (and maybe has a valid SSL cert)
  try {
    const url = new URL(serverUrl);
-    if (window.lokiFeatureFlags.useFileOnionRequests) {
+    if (!window.lokiFeatureFlags.useFileOnionRequests) {
-      // check for LSRPC
+      // we are not running with onion request
      // this is an insecure insecureNodeFetch. It will expose the user ip to the serverUrl (not onion routed)
      log.info(`insecureNodeFetch => plaintext for ${url.toString()}`);
-      // this is safe (as long as node's in your trust model)
+      // we probably have to check the response here
-      // because
+      await insecureNodeFetch(serverUrl);
-      const result = await window.tokenlessFileServerAdnAPI.serverRequest(
+      return true;
-        `loki/v1/getOpenGroupKey/${url.hostname}`
+    }
-      );
+    // This MUST be an onion routing call, no nodeFetch calls below here.
    /**
     * this is safe (as long as node's in your trust model)
     *
     * First, we need to fetch the open group public key of this open group.
     * The fileserver have all the open groups public keys.
     * We need the open group public key because for onion routing we will need to encode
     * our request with it.
     * We can just ask the file-server to get the one for the open group we are trying to add.
     */
    const result = await window.tokenlessFileServerAdnAPI.serverRequest(
      `loki/v1/getOpenGroupKey/${url.hostname}`
    );
-      if (result.response.meta.code === 200) {
+    if (result.response.meta.code === 200) {
-        // supports it
+      // we got the public key of the server we are trying to add.
-        const obj = JSON.parse(result.response.data);
+      // decode it.
-        const pubKey = dcodeIO.ByteBuffer.wrap(
+      const obj = JSON.parse(result.response.data);
-          obj.data,
+      const pubKey = dcodeIO.ByteBuffer.wrap(
-          'base64'
+        obj.data,
-        ).toArrayBuffer();
+        'base64'
-        // verify it works...
+      ).toArrayBuffer();
-        // get around the FILESERVER_HOSTS filter by not using serverRequest
+      // verify we can make an onion routed call to that open group with the decoded public key
-        const res = await LokiAppDotNetAPI.sendViaOnion(
+      // get around the FILESERVER_HOSTS filter by not using serverRequest
-          pubKey,
+      const res = await LokiAppDotNetAPI.sendViaOnion(
-          url,
+        pubKey,
-          { method: 'GET' },
+        url,
-          { noJson: true }
+        { method: 'GET' },
-        );
+        { noJson: true }
-        if (res.result && res.result.status === 200) {
+      );
-          log.info(
+      if (res.result && res.result.status === 200) {
-            `loki_public_chat::validOpenGroupServer - onion routing enabled on ${url.toString()}`
+        log.info(
-          );
+          `loki_public_chat::validOpenGroupServer - onion routing enabled on ${url.toString()}`
          // save pubkey for use...
          window.lokiPublicChatAPI.openGroupPubKeys[serverUrl] = pubKey;
          return true;
        }
        // otherwise fall back
      } else if (result.response.meta.code !== 404) {
        // unknown error code
        log.warn(
          'loki_public_chat::validOpenGroupServer - unknown error code',
          result.response.meta
        );
        // save pubkey for use...
        window.lokiPublicChatAPI.openGroupPubKeys[serverUrl] = pubKey;
        return true;
      }
      // return here, just so we are sure adding some code below won't do a nodeFetch fallback
      return false;
    } else if (result.response.meta.code !== 404) {
      // unknown error code
      log.warn(
        'loki_public_chat::validOpenGroupServer - unknown error code',
        result.response.meta
      );
    }
-    // doesn't support it, fallback
+    return false;
    log.info(
      `loki_public_chat::validOpenGroupServer - directly contacting ${url.toString()}`
    );
    // allow .loki (may only need an agent but not sure
    //              until we have a .loki to test with)
    process.env.NODE_TLS_REJECT_UNAUTHORIZED = url.host.match(/\.loki$/i)
      ? '0'
      : '1';
    await nodeFetch(serverUrl);
    process.env.NODE_TLS_REJECT_UNAUTHORIZED = '1';
    // const txt = await res.text();
  } catch (e) {
    process.env.NODE_TLS_REJECT_UNAUTHORIZED = '1';
    log.warn(
      `loki_public_chat::validOpenGroupServer - failing to create ${serverUrl}`,
      e.code,
      e.message
    );
    // bail out if not valid enough
    return false;
  }
-  return true;
+  return false;
 };
 class LokiPublicChatFactoryAPI extends EventEmitter {
--- a/ts/components/session/LeftPaneContactSection.tsx
+++ b/ts/components/session/LeftPaneContactSection.tsx
@ -127,8 +127,7 @@ export class LeftPaneContactSection extends React.Component<Props, State> {
    if (error) {
      ToastUtils.pushToastError('addContact', error);
    } else {
-      // tslint:disable-next-line: no-floating-promises
+      void ConversationController.getInstance()
      ConversationController.getInstance()
        .getOrCreateAndWait(sessionID, 'private')
        .then(() => {
          this.props.openConversationExternal(sessionID);
--- a/ts/components/session/conversation/SessionStagedLinkPreview.tsx
+++ b/ts/components/session/conversation/SessionStagedLinkPreview.tsx
@ -2,7 +2,7 @@ import React from 'react';
 import { arrayBufferFromFile } from '../../../types/Attachment';
 import { AttachmentUtil, LinkPreviewUtil } from '../../../util';
 import { StagedLinkPreviewData } from './SessionCompositionBox';
-import fetch from 'node-fetch';
+import { default as insecureNodeFetch } from 'node-fetch';
 import { fetchLinkPreviewImage } from '../../../util/linkPreviewFetch';
 import { AbortSignal } from 'abort-controller';
 import { StagedLinkPreview } from '../../conversation/StagedLinkPreview';
@ -37,8 +37,10 @@ export const getPreview = async (
    throw new Error('Link not safe for preview');
  }
  window.log.info('insecureNodeFetch => plaintext for getPreview()');
  const linkPreviewMetadata = await LinkPreviewUtil.fetchLinkPreviewMetadata(
-    fetch,
+    insecureNodeFetch,
    url,
    abortSignal
  );
@ -51,8 +53,10 @@ export const getPreview = async (
  if (imageHref && window.Signal.LinkPreviews.isLinkSafeToPreview(imageHref)) {
    let objectUrl: void | string;
    try {
      window.log.info('insecureNodeFetch => plaintext for getPreview()');
      const fullSizeImage = await fetchLinkPreviewImage(
-        fetch,
+        insecureNodeFetch,
        imageHref,
        abortSignal
      );
--- a/ts/models/conversation.ts
+++ b/ts/models/conversation.ts
@ -472,9 +472,9 @@ export class ConversationModel extends Backbone.Model<ConversationAttributes> {
    const newAdmins = _.sortBy(groupAdmins);
    if (_.isEqual(existingAdmins, newAdmins)) {
-      window.log.info(
+      // window.log.info(
-        'Skipping updates of groupAdmins/moderators. No change detected.'
+      //   'Skipping updates of groupAdmins/moderators. No change detected.'
-      );
+      // );
      return;
    }
    this.set({ groupAdmins });
--- a/ts/session/onions/index.ts
+++ b/ts/session/onions/index.ts
@ -2,8 +2,9 @@ import { allowOnlyOneAtATime } from '../../../js/modules/loki_primitives';
 import { getGuardNodes } from '../../../ts/data/data';
 import * as SnodePool from '../snode_api/snodePool';
 import _ from 'lodash';
-import fetch from 'node-fetch';
+import { default as insecureNodeFetch } from 'node-fetch';
 import { UserUtils } from '../utils';
 import { snodeHttpsAgent } from '../snode_api/onions';
 type Snode = SnodePool.Snode;
@ -155,23 +156,22 @@ export class OnionPaths {
      body: JSON.stringify(body),
      headers: { 'Content-Type': 'application/json' },
      timeout: 10000, // 10s, we want a smaller timeout for testing
      agent: snodeHttpsAgent,
    };
    process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
    let response;
    try {
      // Log this line for testing
      // curl -k -X POST -H 'Content-Type: application/json' -d '"+fetchOptions.body.replace(/"/g, "\\'")+"'", url
-      response = await fetch(url, fetchOptions);
+      window.log.info('insecureNodeFetch => plaintext for testGuardNode');
      response = await insecureNodeFetch(url, fetchOptions);
    } catch (e) {
      if (e.type === 'request-timeout') {
        log.warn('test timeout for node,', snode);
      }
      return false;
    } finally {
      process.env.NODE_TLS_REJECT_UNAUTHORIZED = '1';
    }
    if (!response.ok) {
--- a/ts/session/snode_api/lokiRpc.ts
+++ b/ts/session/snode_api/lokiRpc.ts
@ -1,48 +1,15 @@
-import fetch from 'node-fetch';
+import { default as insecureNodeFetch } from 'node-fetch';
 import https from 'https';
 import { Snode } from './snodePool';
-import { lokiOnionFetch, SnodeResponse } from './onions';
+import { lokiOnionFetch, snodeHttpsAgent, SnodeResponse } from './onions';
 const snodeHttpsAgent = new https.Agent({
  rejectUnauthorized: false,
 });
 async function lokiPlainFetch(
  url: string,
  fetchOptions: any
 ): Promise<boolean | SnodeResponse> {
  const { log } = window;
  if (url.match(/https:\/\//)) {
    // import that this does not get set in lokiFetch fetchOptions
    fetchOptions.agent = snodeHttpsAgent;
    process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
  } else {
    log.debug('lokirpc:::lokiFetch - http communication', url);
  }
  const response = await fetch(url, fetchOptions);
  // restore TLS checking
  process.env.NODE_TLS_REJECT_UNAUTHORIZED = '1';
  if (!response.ok) {
    throw new window.textsecure.HTTPError('Loki_rpc error', response);
  }
  const result = await response.text();
  return {
    body: result,
    status: response.status,
  };
 }
 interface FetchOptions {
  method: string;
 }
 // A small wrapper around node-fetch which deserializes response
-// returns nodeFetch response or false
+// returns insecureNodeFetch response or false
 async function lokiFetch(
  url: string,
  options: FetchOptions,
@ -64,7 +31,26 @@ async function lokiFetch(
      return await lokiOnionFetch(fetchOptions.body, targetNode);
    }
-    return await lokiPlainFetch(url, fetchOptions);
+    if (url.match(/https:\/\//)) {
      // import that this does not get set in lokiFetch fetchOptions
      fetchOptions.agent = snodeHttpsAgent;
    } else {
      window.log.warn(
        'lokirpc:::lokiFetch - insecureNodeFetch http communication',
        url
      );
    }
    const response = await insecureNodeFetch(url, fetchOptions);
    if (!response.ok) {
      throw new window.textsecure.HTTPError('Loki_rpc error', response);
    }
    const result = await response.text();
    return {
      body: result,
      status: response.status,
    };
  } catch (e) {
    if (e.code === 'ENOTFOUND') {
      throw new window.textsecure.NotFoundError('Failed to resolve address', e);
--- a/ts/session/snode_api/onions.ts
+++ b/ts/session/snode_api/onions.ts
@ -1,4 +1,4 @@
-import fetch from 'node-fetch';
+import { default as insecureNodeFetch } from 'node-fetch';
 import https from 'https';
 import { Snode } from './snodePool';
@ -353,7 +353,7 @@ const processOnionResponse = async (
  }
 };
-const snodeHttpsAgent = new https.Agent({
+export const snodeHttpsAgent = new https.Agent({
  rejectUnauthorized: false,
 });
@ -457,7 +457,10 @@ const sendOnionRequest = async (
  const target = useV2 ? '/onion_req/v2' : '/onion_req';
  const guardUrl = `https://${nodePath[0].ip}:${nodePath[0].port}${target}`;
-  const response = await fetch(guardUrl, guardFetchOptions);
+  // no logs for that one as we do need to call insecureNodeFetch to our guardNode
  // window.log.info('insecureNodeFetch => plaintext for sendOnionRequest');
  const response = await insecureNodeFetch(guardUrl, guardFetchOptions);
  return processOnionResponse(
    reqIdx,
--- a/ts/session/snode_api/serviceNodeAPI.ts
+++ b/ts/session/snode_api/serviceNodeAPI.ts
@ -1,10 +1,12 @@
 // we don't throw or catch here
-
+import { default as insecureNodeFetch } from 'node-fetch';
 import https from 'https';
 import fetch from 'node-fetch';
 import { snodeRpc } from './lokiRpc';
-import { sendOnionRequestLsrpcDest, SnodeResponse } from './onions';
+import {
  sendOnionRequestLsrpcDest,
  snodeHttpsAgent,
  SnodeResponse,
 } from './onions';
 import { sleepFor } from '../../../js/modules/loki_primitives';
@ -17,10 +19,6 @@ import {
  updateSnodesFor,
 } from './snodePool';
 const snodeHttpsAgent = new https.Agent({
  rejectUnauthorized: false,
 });
 export async function getVersion(
  node: Snode,
  retries: number = 0
@ -30,11 +28,14 @@ export async function getVersion(
  const { log } = window;
  try {
-    process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
+    // window.log.info('insecureNodeFetch => plaintext for getVersion');
-    const result = await fetch(`https://${node.ip}:${node.port}/get_stats/v1`, {
+
-      agent: snodeHttpsAgent,
+    const result = await insecureNodeFetch(
-    });
+      `https://${node.ip}:${node.port}/get_stats/v1`,
-    process.env.NODE_TLS_REJECT_UNAUTHORIZED = '1';
+      {
        agent: snodeHttpsAgent,
      }
    );
    const data = await result.json();
    if (data.version) {
      return data.version;
@ -105,8 +106,9 @@ export async function getSnodesFromSeedUrl(urlObj: URL): Promise<Array<any>> {
    timeout: 10000,
    body: JSON.stringify(body),
  };
  window.log.info('insecureNodeFetch => plaintext for getSnodesFromSeedUrl');
-  const response = await fetch(url, fetchOptions);
+  const response = await insecureNodeFetch(url, fetchOptions);
  if (response.status !== 200) {
    log.error(
--- a/ts/session/snode_api/snodePool.ts
+++ b/ts/session/snode_api/snodePool.ts
@ -108,8 +108,7 @@ export function markNodeUnreachable(snode: Snode): void {
  for (const [pubkey, nodes] of nodesForPubkey) {
    const edkeys = _.filter(nodes, edkey => edkey !== snode.pubkey_ed25519);
-    // tslint:disable-next-line no-floating-promises
+    void internalUpdateSnodesFor(pubkey, edkeys);
    internalUpdateSnodesFor(pubkey, edkeys);
  }
  log.warn(
@ -180,7 +179,7 @@ export function getNodesMinVersion(minVersion: string): Array<Snode> {
 // now get version for all snodes
 // also acts an early online test/purge of bad nodes
-export async function getAllVerionsForRandomSnodePool(): Promise<void> {
+export async function getAllVersionsForRandomSnodePool(): Promise<void> {
  const { log } = window;
  // let count = 0;
@ -192,7 +191,7 @@ export async function getAllVerionsForRandomSnodePool(): Promise<void> {
      await requestVersion(node);
    } catch (e) {
      log.error(
-        'LokiSnodeAPI::_getAllVerionsForRandomSnodePool - error',
+        'LokiSnodeAPI::_getAllVersionsForRandomSnodePool - error',
        e.code,
        e.message
      );
@ -211,7 +210,7 @@ export async function getAllVerionsForRandomSnodePool(): Promise<void> {
    return curVal;
  }, []);
  log.debug(
-    `LokiSnodeAPI::_getAllVerionsForRandomSnodePool - ${versions.length} versions retrieved from network!:`,
+    `LokiSnodeAPI::_getAllVersionsForRandomSnodePool - ${versions.length} versions retrieved from network!:`,
    versions.join(',')
  );
 }
@ -248,8 +247,7 @@ async function getSnodeListFromLokidSeednode(
          'seed nodes total',
          seedNodes.length
        );
-        // tslint:disable-next-line:no-floating-promises
+        void getSnodeListFromLokidSeednode(seedNodes, retries + 1);
        getSnodeListFromLokidSeednode(seedNodes, retries + 1);
      }, retries * retries * 5000);
    } else {
      log.error('loki_snode_api::getSnodeListFromLokidSeednode - failing');
@ -262,7 +260,7 @@ async function getSnodeListFromLokidSeednode(
 async function refreshRandomPoolDetail(seedNodes: Array<any>): Promise<void> {
  const { log } = window;
-  // are we running any _getAllVerionsForRandomSnodePool
+  // are we running any _getAllVersionsForRandomSnodePool
  if (stopGetAllVersionPromiseControl !== false) {
    // we are, stop them
    stopGetAllVersionPromiseControl();
@ -286,8 +284,7 @@ async function refreshRandomPoolDetail(seedNodes: Array<any>): Promise<void> {
      randomSnodePool.length,
      'snodes'
    );
-    // tslint:disable-next-line:no-floating-promises
+    void getAllVersionsForRandomSnodePool();
    getAllVerionsForRandomSnodePool();
  } catch (e) {
    log.warn('LokiSnodeAPI::refreshRandomPool - error', e.code, e.message);
    /*
@ -358,8 +355,7 @@ export async function getSnodesFor(pubkey: string): Promise<Array<Snode>> {
    const freshNodes = _.shuffle(await requestSnodesForPubkey(pubkey));
    const edkeys = freshNodes.map((n: Snode) => n.pubkey_ed25519);
-    // tslint:disable-next-line no-floating-promises
+    void internalUpdateSnodesFor(pubkey, edkeys);
    internalUpdateSnodesFor(pubkey, edkeys);
    // TODO: We could probably check that the retuned sndoes are not "unreachable"
    return freshNodes;
--- a/ts/session/snode_api/swarmPolling.ts
+++ b/ts/session/snode_api/swarmPolling.ts
@ -29,7 +29,6 @@ export function processMessage(message: string, options: any = {}) {
    const dataPlaintext = new Uint8Array(StringUtils.encode(message, 'base64'));
    const messageBuf = SignalService.WebSocketMessage.decode(dataPlaintext);
    if (messageBuf.type === SignalService.WebSocketMessage.Type.REQUEST) {
      // tslint:disable-next-line no-floating-promises
      Receiver.handleRequest(messageBuf.request?.body, options);
    }
  } catch (error) {
--- a/ts/session/snode_api/swarmPollingStub.ts
+++ b/ts/session/snode_api/swarmPollingStub.ts
@ -1,5 +1,5 @@
 import { processMessage, SwarmPolling } from './swarmPolling';
-import fetch from 'node-fetch';
+import { default as insecureNodeFetch } from 'node-fetch';
 import { PubKey } from '../types';
 export class SwarmPollingStub extends SwarmPolling {
@ -12,7 +12,7 @@ export class SwarmPollingStub extends SwarmPolling {
      method: 'GET',
    };
-    const res = await fetch(
+    const res = await insecureNodeFetch(
      `${this.baseUrl}/messages?pubkey=${pubkeyStr}`,
      get
    );
--- a/ts/test/session/integration/stubs/stub_message_api.ts
+++ b/ts/test/session/integration/stubs/stub_message_api.ts
@ -1,6 +1,6 @@
 import { StringUtils } from '../../../../session/utils';
-import fetch from 'node-fetch';
+import { default as insecureNodeFetch } from 'node-fetch';
 class StubMessageAPI {
  public ourKey: string;
@ -23,7 +23,7 @@ class StubMessageAPI {
    };
    const data64 = StringUtils.decode(data, 'base64');
-    await fetch(
+    await insecureNodeFetch(
      `${
        this.baseUrl
      }/messages?pubkey=${pubKey}&timestamp=${messageTimeStamp}&data=${encodeURIComponent(
--- a/ts/util/linkPreviewFetch.ts
+++ b/ts/util/linkPreviewFetch.ts
@ -9,7 +9,6 @@ import {
  IMAGE_WEBP,
  MIMEType,
 } from '../types/MIME';
 import { PromiseUtils } from '../session/utils';
 const MAX_REQUEST_COUNT_WITH_REDIRECTS = 20;
 // tslint:disable: prefer-for-of
--- a/ts/util/lint/exceptions.json
+++ b/ts/util/lint/exceptions.json
@ -4239,14 +4239,6 @@
    "reasonCategory": "falseMatch",
    "updated": "2018-09-19T18:13:29.628Z"
  },
  {
    "rule": "jQuery-append(",
    "path": "node_modules/node-fetch/lib/headers.js",
    "line": "\t\t\t\tself.append(prop, item.toString());",
    "lineNumber": 40,
    "reasonCategory": "falseMatch",
    "updated": "2018-09-19T18:13:29.628Z"
  },
  {
    "rule": "jQuery-$(",
    "path": "node_modules/node-forge/dist/forge.all.min.js",