Why does the nodejs KalturaClient use http module instead of https?

I’ve noticed that the KalturaClientBase.js uses the http module Is there a reason this module is used instead of the https module?

Hello,

Kaltura supports connecting to the endpoint both over HTTPs and plain HTTP. To use SSL you simply pass “https://” as the protocol.

However, the way NodeJS implements things is a bit different [and frankly quite weird] so that, instead of just passing “https://www.kaltura.com” one needs to pass only the hostname and port and if SSL/TLS encryption is required, to use:
var http = require(‘https’);
and if not, use:
var http = require(‘http’);

Explanations and examples for this can be found here:
https://nodejs.org/api/http.html
https://nodejs.org/api/https.html

That makes the code for KalturaClientBase.prototype.doHttpRequest [defined in kaltura/KalturaClientBase.js] look like this:

KalturaClientBase.prototype.doHttpRequest = function (callCompletedCallback, requestUrl, params, files) {
...
        var debugUrl = requestUrl + '?' + data;
// parse the URL passed to the function 
        var urlInfo = url.parse(debugUrl);
// pass along the hostname and path parts of the URL, ignoring the protocol
        var options = {
                host : urlInfo.host,
                path : urlInfo.path,
                method : 'POST'
        };

On our SaaS, we offer both:
https://www.kaltura.com
and:
http://www.kaltura.com

However, we also offer the [Kaltura Community Edition] (https://github.com/kaltura/platform-install-packages) where it is not mandatory [although certainly recommended] to use SSL/TLS termination. And so, using the https module by default will pose an issue, same is true for anyone running test ENVs on their local machines, where proper SSL certs [as opposed to self signed ones which will also cause issues] are not likely to be found.

Long story short, feel free to change the code in kaltura/KalturaClientBase.js to:

var http = require('https');

if you work against our SaaS or against a CE ENV that has SSL/TLS set up but the above is an explanation as to why it is not the default.

1 Like

Thanks for the great explanation Jess. That makes sense. The only reason I was asking/concerned was that I was working on implementing proxy support in KalturaClientBase.js and found that the implementation for proxy support in the http module vs. https module are significantly different.

I wonder if it should be documented in the client lib that if https module is to be used (with a proxy), the code will need to be modified. Alternatively, the proxy code could be modified to conditionally use one implementation or the other based on which module is loaded.