Fixed Non-ASCII attachment filename will crash when downloading.

Thanks to xet7 ! Fixes #2759
2026-03-04 21:00:16 +01:00 · 2021-04-29 13:26:49 +03:00 · 2021-04-29 13:26:49 +03:00 · c2da477735
commit c2da477735
parent 843ff8eaaa
277 changed files with 30568 additions and 52 deletions
--- a/packages/wekan-request/tests/googledoodle.jpg
+++ b/packages/wekan-request/tests/googledoodle.jpg
--- a/packages/wekan-request/tests/run.js
+++ b/packages/wekan-request/tests/run.js
@ -0,0 +1,46 @@
+var spawn = require('child_process').spawn
+  , exitCode = 0
+  , timeout = 10000
+  , fs = require('fs')
+  ;
+
+// clear proxy releated environment variables
+delete process.env.HTTP_PROXY
+delete process.env.http_proxy
+delete process.env.HTTPS_PROXY
+delete process.env.https_proxy
+  
+fs.readdir(__dirname, function (e, files) {
+  if (e) throw e
+
+  var tests = files.filter(function (f) {return f.slice(0, 'test-'.length) === 'test-'})
+
+  var next = function () {
+    if (tests.length === 0) process.exit(exitCode);
+
+    var file = tests.shift()
+    console.log(file)
+    var proc = spawn('node', [ 'tests/' + file ])
+
+    var killed = false
+    var t = setTimeout(function () {
+      proc.kill()
+      exitCode += 1
+      console.error(file + ' timeout')
+      killed = true
+    }, timeout)
+
+    proc.stdout.pipe(process.stdout)
+    proc.stderr.pipe(process.stderr)
+    proc.on('exit', function (code) {
+      if (code && !killed) console.error(file + ' failed')
+      exitCode += code || 0
+      clearTimeout(t)
+      next()
+    })
+  }
+  next()
+    
+})
+
+
--- a/packages/wekan-request/tests/server.js
+++ b/packages/wekan-request/tests/server.js
@ -0,0 +1,90 @@
+var fs = require('fs')
+  , http = require('http')
+  , path = require('path')
+  , https = require('https')
+  , events = require('events')
+  , stream = require('stream')
+  , assert = require('assert')
+  ;
+
+exports.createServer =  function (port) {
+  port = port || 6767
+  var s = http.createServer(function (req, resp) {
+    s.emit(req.url, req, resp);
+  })
+  s.port = port
+  s.url = 'http://localhost:'+port
+  return s;
+}
+
+exports.createSSLServer = function(port, opts) {
+  port = port || 16767
+
+  var options = { 'key' : path.join(__dirname, 'ssl', 'test.key')
+                , 'cert': path.join(__dirname, 'ssl', 'test.crt')
+                }
+  if (opts) {
+    for (var i in opts) options[i] = opts[i]
+  }
+
+  for (var i in options) {
+    options[i] = fs.readFileSync(options[i])
+  }
+
+  var s = https.createServer(options, function (req, resp) {
+    s.emit(req.url, req, resp);
+  })
+  s.port = port
+  s.url = 'https://localhost:'+port
+  return s;
+}
+
+exports.createPostStream = function (text) {
+  var postStream = new stream.Stream();
+  postStream.writeable = true;
+  postStream.readable = true;
+  setTimeout(function () {postStream.emit('data', new Buffer(text)); postStream.emit('end')}, 0);
+  return postStream;
+}
+exports.createPostValidator = function (text, reqContentType) {
+  var l = function (req, resp) {
+    var r = '';
+    req.on('data', function (chunk) {r += chunk})
+    req.on('end', function () {
+      if (req.headers['content-type'] && req.headers['content-type'].indexOf('boundary=') >= 0) {
+        var boundary = req.headers['content-type'].split('boundary=')[1];
+        text = text.replace(/__BOUNDARY__/g, boundary);
+      }
+      if (r !== text) console.log(r, text);
+      assert.equal(r, text)
+      if (reqContentType) {
+        assert.ok(req.headers['content-type'])
+        assert.ok(~req.headers['content-type'].indexOf(reqContentType))
+      }
+      resp.writeHead(200, {'content-type':'text/plain'})
+      resp.write('OK')
+      resp.end()
+    })
+  }
+  return l;
+}
+exports.createGetResponse = function (text, contentType) {
+  var l = function (req, resp) {
+    contentType = contentType || 'text/plain'
+    resp.writeHead(200, {'content-type':contentType})
+    resp.write(text)
+    resp.end()
+  }
+  return l;
+}
+exports.createChunkResponse = function (chunks, contentType) {
+  var l = function (req, resp) {
+    contentType = contentType || 'text/plain'
+    resp.writeHead(200, {'content-type':contentType})
+    chunks.forEach(function (chunk) {
+      resp.write(chunk)
+    })
+    resp.end()
+  }
+  return l;
+}
--- a/packages/wekan-request/tests/squid.conf
+++ b/packages/wekan-request/tests/squid.conf
@ -0,0 +1,77 @@
+#
+# Recommended minimum configuration:
+#
+acl manager proto cache_object
+acl localhost src 127.0.0.1/32 ::1
+acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1
+
+# Example rule allowing access from your local networks.
+# Adapt to list your (internal) IP networks from where browsing
+# should be allowed
+acl localnet src 10.0.0.0/8	# RFC1918 possible internal network
+acl localnet src 172.16.0.0/12	# RFC1918 possible internal network
+acl localnet src 192.168.0.0/16	# RFC1918 possible internal network
+acl localnet src fc00::/7       # RFC 4193 local private network range
+acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
+
+acl SSL_ports port 443
+acl Safe_ports port 80		# http
+acl Safe_ports port 21		# ftp
+acl Safe_ports port 443		# https
+acl Safe_ports port 70		# gopher
+acl Safe_ports port 210		# wais
+acl Safe_ports port 1025-65535	# unregistered ports
+acl Safe_ports port 280		# http-mgmt
+acl Safe_ports port 488		# gss-http
+acl Safe_ports port 591		# filemaker
+acl Safe_ports port 777		# multiling http
+acl CONNECT method CONNECT
+
+#
+# Recommended minimum Access Permission configuration:
+#
+# Only allow cachemgr access from localhost
+http_access allow manager localhost
+http_access deny manager
+
+# Deny requests to certain unsafe ports
+http_access deny !Safe_ports
+
+# Deny CONNECT to other than secure SSL ports
+#http_access deny CONNECT !SSL_ports
+
+# We strongly recommend the following be uncommented to protect innocent
+# web applications running on the proxy server who think the only
+# one who can access services on "localhost" is a local user
+#http_access deny to_localhost
+
+#
+# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
+#
+
+# Example rule allowing access from your local networks.
+# Adapt localnet in the ACL section to list your (internal) IP networks
+# from where browsing should be allowed
+http_access allow localnet
+http_access allow localhost
+
+# And finally deny all other access to this proxy
+http_access deny all
+
+# Squid normally listens to port 3128
+http_port 3128
+
+# We recommend you to use at least the following line.
+hierarchy_stoplist cgi-bin ?
+
+# Uncomment and adjust the following to add a disk cache directory.
+#cache_dir ufs /usr/local/var/cache 100 16 256
+
+# Leave coredumps in the first cache dir
+coredump_dir /usr/local/var/cache
+
+# Add any of your own refresh_pattern entries above these.
+refresh_pattern ^ftp:		1440	20%	10080
+refresh_pattern ^gopher:	1440	0%	1440
+refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
+refresh_pattern .		0	20%	4320
--- a/packages/wekan-request/tests/ssl/ca/ca.cnf
+++ b/packages/wekan-request/tests/ssl/ca/ca.cnf
@ -0,0 +1,20 @@
+[ req ]
+default_bits           = 1024
+days                   = 3650
+distinguished_name     = req_distinguished_name
+attributes             = req_attributes
+prompt                 = no
+output_password        = password
+
+[ req_distinguished_name ]
+C                      = US
+ST                     = CA
+L                      = Oakland
+O                      = request
+OU                     = request Certificate Authority
+CN                     = requestCA
+emailAddress           = mikeal@mikealrogers.com
+
+[ req_attributes ]
+challengePassword              = password challenge
+
--- a/packages/wekan-request/tests/ssl/ca/ca.crl
+++ b/packages/wekan-request/tests/ssl/ca/ca.crl
--- a/packages/wekan-request/tests/ssl/ca/ca.crt
+++ b/packages/wekan-request/tests/ssl/ca/ca.crt
@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICvTCCAiYCCQDn+P/MSbDsWjANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMC
+VVMxCzAJBgNVBAgTAkNBMRAwDgYDVQQHEwdPYWtsYW5kMRAwDgYDVQQKEwdyZXF1
+ZXN0MSYwJAYDVQQLEx1yZXF1ZXN0IENlcnRpZmljYXRlIEF1dGhvcml0eTESMBAG
+A1UEAxMJcmVxdWVzdENBMSYwJAYJKoZIhvcNAQkBFhdtaWtlYWxAbWlrZWFscm9n
+ZXJzLmNvbTAeFw0xMjAzMDEyMjUwNTZaFw0yMjAyMjcyMjUwNTZaMIGiMQswCQYD
+VQQGEwJVUzELMAkGA1UECBMCQ0ExEDAOBgNVBAcTB09ha2xhbmQxEDAOBgNVBAoT
+B3JlcXVlc3QxJjAkBgNVBAsTHXJlcXVlc3QgQ2VydGlmaWNhdGUgQXV0aG9yaXR5
+MRIwEAYDVQQDEwlyZXF1ZXN0Q0ExJjAkBgkqhkiG9w0BCQEWF21pa2VhbEBtaWtl
+YWxyb2dlcnMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7t9pQUAK4
+5XJYTI6NrF0n3G2HZsfN+rPYSVzzL8SuVyb1tHXos+vbPm3NKI4E8X1yVAXU8CjJ
+5SqXnp4DAypAhaseho81cbhk7LXUhFz78OvAa+OD+xTAEAnNQ8tGUr4VGyplEjfD
+xsBVuqV2j8GPNTftr+drOCFlqfAgMrBn4wIDAQABMA0GCSqGSIb3DQEBBQUAA4GB
+ADVdTlVAL45R+PACNS7Gs4o81CwSclukBu4FJbxrkd4xGQmurgfRrYYKjtqiopQm
+D7ysRamS3HMN9/VKq2T7r3z1PMHPAy7zM4uoXbbaTKwlnX4j/8pGPn8Ca3qHXYlo
+88L/OOPc6Di7i7qckS3HFbXQCTiULtxWmy97oEuTwrAj
+-----END CERTIFICATE-----
--- a/packages/wekan-request/tests/ssl/ca/ca.csr
+++ b/packages/wekan-request/tests/ssl/ca/ca.csr
@ -0,0 +1,13 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIICBjCCAW8CAQAwgaIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEQMA4GA1UE
+BxMHT2FrbGFuZDEQMA4GA1UEChMHcmVxdWVzdDEmMCQGA1UECxMdcmVxdWVzdCBD
+ZXJ0aWZpY2F0ZSBBdXRob3JpdHkxEjAQBgNVBAMTCXJlcXVlc3RDQTEmMCQGCSqG
+SIb3DQEJARYXbWlrZWFsQG1pa2VhbHJvZ2Vycy5jb20wgZ8wDQYJKoZIhvcNAQEB
+BQADgY0AMIGJAoGBALu32lBQArjlclhMjo2sXSfcbYdmx836s9hJXPMvxK5XJvW0
+deiz69s+bc0ojgTxfXJUBdTwKMnlKpeengMDKkCFqx6GjzVxuGTstdSEXPvw68Br
+44P7FMAQCc1Dy0ZSvhUbKmUSN8PGwFW6pXaPwY81N+2v52s4IWWp8CAysGfjAgMB
+AAGgIzAhBgkqhkiG9w0BCQcxFBMScGFzc3dvcmQgY2hhbGxlbmdlMA0GCSqGSIb3
+DQEBBQUAA4GBAGJO7grHeVHXetjHEK8urIxdnvfB2qeZeObz4GPKIkqUurjr0rfj
+bA3EK1kDMR5aeQWR8RunixdM16Q6Ry0lEdLVWkdSwRN9dmirIHT9cypqnD/FYOia
+SdezZ0lUzXgmJIwRYRwB1KSMMocIf52ll/xC2bEGg7/ZAEuAyAgcZV3X
+-----END CERTIFICATE REQUEST-----
--- a/packages/wekan-request/tests/ssl/ca/ca.key
+++ b/packages/wekan-request/tests/ssl/ca/ca.key
@ -0,0 +1,18 @@
+-----BEGIN RSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,C8B5887048377F02
+
+nyD5ZH0Wup2uWsDvurq5mKDaDrf8lvNn9w0SH/ZkVnfR1/bkwqrFriqJWvZNUG+q
+nS0iBYczsWLJnbub9a1zLOTENWUKVD5uqbC3aGHhnoUTNSa27DONgP8gHOn6JgR+
+GAKo01HCSTiVT4LjkwN337QKHnMP2fTzg+IoC/CigvMcq09hRLwU1/guq0GJKGwH
+gTxYNuYmQC4Tjh8vdS4liF+Ve/P3qPR2CehZrIOkDT8PHJBGQJRo4xGUIB7Tpk38
+VCk+UZ0JCS2coY8VkY/9tqFJp/ZnnQQVmaNbdRqg7ECKL+bXnNo7yjzmazPZmPe3
+/ShbE0+CTt7LrjCaQAxWbeDzqfo1lQfgN1LulTm8MCXpQaJpv7v1VhIhQ7afjMYb
+4thW/ypHPiYS2YJCAkAVlua9Oxzzh1qJoh8Df19iHtpd79Q77X/qf+1JvITlMu0U
+gi7yEatmQcmYNws1mtTC1q2DXrO90c+NZ0LK/Alse6NRL/xiUdjug2iHeTf/idOR
+Gg/5dSZbnnlj1E5zjSMDkzg6EHAFmHV4jYGSAFLEQgp4V3ZhMVoWZrvvSHgKV/Qh
+FqrAK4INr1G2+/QTd09AIRzfy3/j6yD4A9iNaOsEf9Ua7Qh6RcALRCAZTWR5QtEf
+dX+iSNJ4E85qXs0PqwkMDkoaxIJ+tmIRJY7y8oeylV8cfGAi8Soubt/i3SlR8IHC
+uDMas/2OnwafK3N7ODeE1i7r7wkzQkSHaEz0TrF8XRnP25jAICCSLiMdAAjKfxVb
+EvzsFSuAy3Jt6bU3hSLY9o4YVYKE+68ITMv9yNjvTsEiW+T+IbN34w==
+-----END RSA PRIVATE KEY-----
--- a/packages/wekan-request/tests/ssl/ca/ca.srl
+++ b/packages/wekan-request/tests/ssl/ca/ca.srl
@ -0,0 +1 @@
+ADF62016AA40C9C3
--- a/packages/wekan-request/tests/ssl/ca/server.cnf
+++ b/packages/wekan-request/tests/ssl/ca/server.cnf
@ -0,0 +1,19 @@
+[ req ]
+default_bits           = 1024
+days                   = 3650
+distinguished_name     = req_distinguished_name
+attributes             = req_attributes
+prompt                 = no
+
+[ req_distinguished_name ]
+C                      = US
+ST                     = CA
+L                      = Oakland
+O                      = request
+OU                     = testing
+CN                     = testing.request.mikealrogers.com
+emailAddress           = mikeal@mikealrogers.com
+
+[ req_attributes ]
+challengePassword              = password challenge
+
--- a/packages/wekan-request/tests/ssl/ca/server.crt
+++ b/packages/wekan-request/tests/ssl/ca/server.crt
@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICejCCAeMCCQCt9iAWqkDJwzANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMC
+VVMxCzAJBgNVBAgTAkNBMRAwDgYDVQQHEwdPYWtsYW5kMRAwDgYDVQQKEwdyZXF1
+ZXN0MSYwJAYDVQQLEx1yZXF1ZXN0IENlcnRpZmljYXRlIEF1dGhvcml0eTESMBAG
+A1UEAxMJcmVxdWVzdENBMSYwJAYJKoZIhvcNAQkBFhdtaWtlYWxAbWlrZWFscm9n
+ZXJzLmNvbTAeFw0xMjAzMDEyMjUwNTZaFw0yMjAyMjcyMjUwNTZaMIGjMQswCQYD
+VQQGEwJVUzELMAkGA1UECBMCQ0ExEDAOBgNVBAcTB09ha2xhbmQxEDAOBgNVBAoT
+B3JlcXVlc3QxEDAOBgNVBAsTB3Rlc3RpbmcxKTAnBgNVBAMTIHRlc3RpbmcucmVx
+dWVzdC5taWtlYWxyb2dlcnMuY29tMSYwJAYJKoZIhvcNAQkBFhdtaWtlYWxAbWlr
+ZWFscm9nZXJzLmNvbTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDgVl0jMumvOpmM
+20W5v9yhGgZj8hPhEQF/N7yCBVBn/rWGYm70IHC8T/pR5c0LkWc5gdnCJEvKWQjh
+DBKxZD8FAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEABShRkNgFbgs4vUWW9R9deNJj
+7HJoiTmvkmoOC7QzcYkjdgHbOxsSq3rBnwxsVjY9PAtPwBn0GRspOeG7KzKRgySB
+kb22LyrCFKbEOfKO/+CJc80ioK9zEPVjGsFMyAB+ftYRqM+s/4cQlTg/m89l01wC
+yapjN3RxZbInGhWR+jA=
+-----END CERTIFICATE-----
--- a/packages/wekan-request/tests/ssl/ca/server.csr
+++ b/packages/wekan-request/tests/ssl/ca/server.csr
@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBgjCCASwCAQAwgaMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEQMA4GA1UE
+BxMHT2FrbGFuZDEQMA4GA1UEChMHcmVxdWVzdDEQMA4GA1UECxMHdGVzdGluZzEp
+MCcGA1UEAxMgdGVzdGluZy5yZXF1ZXN0Lm1pa2VhbHJvZ2Vycy5jb20xJjAkBgkq
+hkiG9w0BCQEWF21pa2VhbEBtaWtlYWxyb2dlcnMuY29tMFwwDQYJKoZIhvcNAQEB
+BQADSwAwSAJBAOBWXSMy6a86mYzbRbm/3KEaBmPyE+ERAX83vIIFUGf+tYZibvQg
+cLxP+lHlzQuRZzmB2cIkS8pZCOEMErFkPwUCAwEAAaAjMCEGCSqGSIb3DQEJBzEU
+ExJwYXNzd29yZCBjaGFsbGVuZ2UwDQYJKoZIhvcNAQEFBQADQQBD3E5WekQzCEJw
+7yOcqvtPYIxGaX8gRKkYfLPoj3pm3GF5SGqtJKhylKfi89szHXgktnQgzff9FN+A
+HidVJ/3u
+-----END CERTIFICATE REQUEST-----
--- a/packages/wekan-request/tests/ssl/ca/server.js
+++ b/packages/wekan-request/tests/ssl/ca/server.js
@ -0,0 +1,28 @@
+var fs = require("fs")
+var https = require("https")
+var options = { key: fs.readFileSync("./server.key")
+              , cert: fs.readFileSync("./server.crt") }
+
+var server = https.createServer(options, function (req, res) {
+  res.writeHead(200)
+  res.end()
+  server.close()
+})
+server.listen(1337)
+
+var ca = fs.readFileSync("./ca.crt")
+var agent = new https.Agent({ host: "localhost", port: 1337, ca: ca })
+
+https.request({ host: "localhost"
+              , method: "HEAD"
+              , port: 1337
+              , headers: { host: "testing.request.mikealrogers.com" }
+              , agent: agent
+              , ca: [ ca ]
+              , path: "/" }, function (res) {
+  if (res.client.authorized) {
+    console.log("node test: OK")
+  } else {
+    throw new Error(res.client.authorizationError)
+  }
+}).end()
--- a/packages/wekan-request/tests/ssl/ca/server.key
+++ b/packages/wekan-request/tests/ssl/ca/server.key
@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOwIBAAJBAOBWXSMy6a86mYzbRbm/3KEaBmPyE+ERAX83vIIFUGf+tYZibvQg
+cLxP+lHlzQuRZzmB2cIkS8pZCOEMErFkPwUCAwEAAQJAK+r8ZM2sze8s7FRo/ApB
+iRBtO9fCaIdJwbwJnXKo4RKwZDt1l2mm+fzZ+/QaQNjY1oTROkIIXmnwRvZWfYlW
+gQIhAPKYsG+YSBN9o8Sdp1DMyZ/rUifKX3OE6q9tINkgajDVAiEA7Ltqh01+cnt0
+JEnud/8HHcuehUBLMofeg0G+gCnSbXECIQCqDvkXsWNNLnS/3lgsnvH0Baz4sbeJ
+rjIpuVEeg8eM5QIgbu0+9JmOV6ybdmmiMV4yAncoF35R/iKGVHDZCAsQzDECIQDZ
+0jGz22tlo5YMcYSqrdD3U4sds1pwiAaWFRbCunoUJw==
+-----END RSA PRIVATE KEY-----
--- a/packages/wekan-request/tests/ssl/npm-ca.crt
+++ b/packages/wekan-request/tests/ssl/npm-ca.crt
@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIIChzCCAfACCQDauvz/KHp8ejANBgkqhkiG9w0BAQUFADCBhzELMAkGA1UEBhMC
+VVMxCzAJBgNVBAgTAkNBMRAwDgYDVQQHEwdPYWtsYW5kMQwwCgYDVQQKEwNucG0x
+IjAgBgNVBAsTGW5wbSBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkxDjAMBgNVBAMTBW5w
+bUNBMRcwFQYJKoZIhvcNAQkBFghpQGl6cy5tZTAeFw0xMTA5MDUwMTQ3MTdaFw0y
+MTA5MDIwMTQ3MTdaMIGHMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEDAOBgNV
+BAcTB09ha2xhbmQxDDAKBgNVBAoTA25wbTEiMCAGA1UECxMZbnBtIENlcnRpZmlj
+YXRlIEF1dGhvcml0eTEOMAwGA1UEAxMFbnBtQ0ExFzAVBgkqhkiG9w0BCQEWCGlA
+aXpzLm1lMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDLI4tIqPpRW+ACw9GE
+OgBlJZwK5f8nnKCLK629Pv5yJpQKs3DENExAyOgDcyaF0HD0zk8zTp+ZsLaNdKOz
+Gn2U181KGprGKAXP6DU6ByOJDWmTlY6+Ad1laYT0m64fERSpHw/hjD3D+iX4aMOl
+y0HdbT5m1ZGh6SJz3ZqxavhHLQIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAC4ySDbC
+l7W1WpLmtLGEQ/yuMLUf6Jy/vr+CRp4h+UzL+IQpCv8FfxsYE7dhf/bmWTEupBkv
+yNL18lipt2jSvR3v6oAHAReotvdjqhxddpe5Holns6EQd1/xEZ7sB1YhQKJtvUrl
+ZNufy1Jf1r0ldEGeA+0ISck7s+xSh9rQD2Op
+-----END CERTIFICATE-----
--- a/packages/wekan-request/tests/ssl/test.crt
+++ b/packages/wekan-request/tests/ssl/test.crt
@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICQzCCAawCCQCO/XWtRFck1jANBgkqhkiG9w0BAQUFADBmMQswCQYDVQQGEwJU
+SDEQMA4GA1UECBMHQmFuZ2tvazEOMAwGA1UEBxMFU2lsb20xGzAZBgNVBAoTElRo
+ZSBSZXF1ZXN0IE1vZHVsZTEYMBYGA1UEAxMPcmVxdWVzdC5leGFtcGxlMB4XDTEx
+MTIwMzAyMjkyM1oXDTIxMTEzMDAyMjkyM1owZjELMAkGA1UEBhMCVEgxEDAOBgNV
+BAgTB0Jhbmdrb2sxDjAMBgNVBAcTBVNpbG9tMRswGQYDVQQKExJUaGUgUmVxdWVz
+dCBNb2R1bGUxGDAWBgNVBAMTD3JlcXVlc3QuZXhhbXBsZTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAwmctddZqlA48+NXs0yOy92DijcQV1jf87zMiYAIlNUto
+wghVbTWgJU5r0pdKrD16AptnWJTzKanhItEX8XCCPgsNkq1afgTtJP7rNkwu3xcj
+eIMkhJg/ay4ZnkbnhYdsii5VTU5prix6AqWRAhbkBgoA+iVyHyof8wvZyKBoFTMC
+AwEAATANBgkqhkiG9w0BAQUFAAOBgQB6BybMJbpeiABgihDfEVBcAjDoQ8gUMgwV
+l4NulugfKTDmArqnR9aPd4ET5jX5dkMP4bwCHYsvrcYDeWEQy7x5WWuylOdKhua4
+L4cEi2uDCjqEErIG3cc1MCOk6Cl6Ld6tkIzQSf953qfdEACRytOeUqLNQcrXrqeE
+c7U8F6MWLQ==
+-----END CERTIFICATE-----
--- a/packages/wekan-request/tests/ssl/test.key
+++ b/packages/wekan-request/tests/ssl/test.key
@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQDCZy111mqUDjz41ezTI7L3YOKNxBXWN/zvMyJgAiU1S2jCCFVt
+NaAlTmvSl0qsPXoCm2dYlPMpqeEi0RfxcII+Cw2SrVp+BO0k/us2TC7fFyN4gySE
+mD9rLhmeRueFh2yKLlVNTmmuLHoCpZECFuQGCgD6JXIfKh/zC9nIoGgVMwIDAQAB
+AoGBALXFwfUf8vHTSmGlrdZS2AGFPvEtuvldyoxi9K5u8xmdFCvxnOcLsF2RsTHt
+Mu5QYWhUpNJoG+IGLTPf7RJdj/kNtEs7xXqWy4jR36kt5z5MJzqiK+QIgiO9UFWZ
+fjUb6oeDnTIJA9YFBdYi97MDuL89iU/UK3LkJN3hd4rciSbpAkEA+MCkowF5kSFb
+rkOTBYBXZfiAG78itDXN6DXmqb9XYY+YBh3BiQM28oxCeQYyFy6pk/nstnd4TXk6
+V/ryA2g5NwJBAMgRKTY9KvxJWbESeMEFe2iBIV0c26/72Amgi7ZKUCLukLfD4tLF
+WSZdmTbbqI1079YtwaiOVfiLm45Q/3B0eUCQAaQ/0eWSGE+Yi8tdXoVszjr4GXb
+G81qBi91DMu6U1It+jNfIba+MPsiHLcZJMVb4/oWBNukN7bD1nhwFWdlnu0CQQCf
+Is9WHkdvz2RxbZDxb8verz/7kXXJQJhx5+rZf7jIYFxqX3yvTNv3wf2jcctJaWlZ
+fVZwB193YSivcgt778xlAkEAprYUz3jczjF5r2hrgbizPzPDR94tM5BTO3ki2v3w
+kbf+j2g7FNAx6kZiVN8XwfLc8xEeUGiPKwtq3ddPDFh17w==
+-----END RSA PRIVATE KEY-----
--- a/packages/wekan-request/tests/test-agentOptions.js
+++ b/packages/wekan-request/tests/test-agentOptions.js
@ -0,0 +1,23 @@
+var request = require('../index')
+  , http = require('http')
+  , server = require('./server')
+  , assert = require('assert')
+  ;
+
+var s = http.createServer(function (req, resp) {
+  resp.statusCode = 200
+  resp.end('')
+}).listen(6767, function () {
+  // requests without agentOptions should use global agent
+  var r = request('http://localhost:6767', function (e, resp, body) {
+    assert.deepEqual(r.agent, http.globalAgent);
+    assert.equal(Object.keys(r.pool).length, 0);
+
+    // requests with agentOptions should apply agentOptions to new agent in pool
+    var r2 = request('http://localhost:6767', { agentOptions: { foo: 'bar' } }, function (e, resp, body) {
+      assert.deepEqual(r2.agent.options, { foo: 'bar' });
+      assert.equal(Object.keys(r2.pool).length, 1);
+	    s.close()
+ 	 });
+  })
+})
--- a/packages/wekan-request/tests/test-basic-auth.js
+++ b/packages/wekan-request/tests/test-basic-auth.js
@ -0,0 +1,191 @@
+var assert = require('assert')
+  , http = require('http')
+  , request = require('../index')
+  ;
+
+var numBasicRequests = 0;
+
+var basicServer = http.createServer(function (req, res) {
+  console.error('Basic auth server: ', req.method, req.url);
+  numBasicRequests++;
+
+  var ok;
+
+  if (req.headers.authorization) {
+    if (req.headers.authorization == 'Basic ' + new Buffer('test:testing2').toString('base64')) {
+      ok = true;
+    } else if ( req.headers.authorization == 'Basic ' + new Buffer('test:').toString('base64')) {
+      ok = true;
+    } else if ( req.headers.authorization == 'Basic ' + new Buffer(':apassword').toString('base64')) {
+      ok = true;
+    } else if ( req.headers.authorization == 'Basic ' + new Buffer('justauser').toString('base64')) {
+      ok = true;
+    } else {
+      // Bad auth header, don't send back WWW-Authenticate header
+      ok = false;
+    }
+  } else {
+    // No auth header, send back WWW-Authenticate header
+    ok = false;
+    res.setHeader('www-authenticate', 'Basic realm="Private"');
+  }
+
+  if (req.url == '/post/') {
+    var expectedContent = 'data_key=data_value';
+    req.on('data', function(data) {
+      assert.equal(data, expectedContent);
+      console.log('received request data: ' + data);
+    });
+    assert.equal(req.method, 'POST');
+    assert.equal(req.headers['content-length'], '' + expectedContent.length);
+    assert.equal(req.headers['content-type'], 'application/x-www-form-urlencoded; charset=utf-8');
+  }
+
+  if (ok) {
+    console.log('request ok');
+    res.end('ok');
+  } else {
+    console.log('status=401');
+    res.statusCode = 401;
+    res.end('401');
+  }
+});
+
+basicServer.listen(6767);
+
+var tests = [
+  function(next) {
+    request({
+      'method': 'GET',
+      'uri': 'http://localhost:6767/test/',
+      'auth': {
+        'user': 'test',
+        'pass': 'testing2',
+        'sendImmediately': false
+      }
+    }, function(error, res, body) {
+      assert.equal(res.statusCode, 200);
+      assert.equal(numBasicRequests, 2);
+      next();
+    });
+  },
+
+  function(next) {
+    // If we don't set sendImmediately = false, request will send basic auth
+    request({
+      'method': 'GET',
+      'uri': 'http://localhost:6767/test2/',
+      'auth': {
+        'user': 'test',
+        'pass': 'testing2'
+      }
+    }, function(error, res, body) {
+      assert.equal(res.statusCode, 200);
+      assert.equal(numBasicRequests, 3);
+      next();
+    });
+  },
+
+  function(next) {
+    request({
+      'method': 'GET',
+      'uri': 'http://test:testing2@localhost:6767/test2/'
+    }, function(error, res, body) {
+      assert.equal(res.statusCode, 200);
+      assert.equal(numBasicRequests, 4);
+      next();
+    });
+  },
+
+  function(next) {
+    request({
+      'method': 'POST',
+      'form': { 'data_key': 'data_value' },
+      'uri': 'http://localhost:6767/post/',
+      'auth': {
+        'user': 'test',
+        'pass': 'testing2',
+        'sendImmediately': false
+      }
+    }, function(error, res, body) {
+      assert.equal(res.statusCode, 200);
+      assert.equal(numBasicRequests, 6);
+      next();
+    });
+  },
+
+  function(next) {
+    assert.doesNotThrow( function() {
+      request({
+        'method': 'GET',
+        'uri': 'http://localhost:6767/allow_empty_user/',
+        'auth': {
+          'user': '',
+          'pass': 'apassword',
+          'sendImmediately': false
+        }
+      }, function(error, res, body ) {
+        assert.equal(res.statusCode, 200);
+        assert.equal(numBasicRequests, 8);
+        next();
+      });
+    })
+  },
+
+  function(next) {
+    assert.doesNotThrow( function() {
+      request({
+        'method': 'GET',
+        'uri': 'http://localhost:6767/allow_undefined_password/',
+        'auth': {
+          'user': 'justauser',
+          'pass': undefined,
+          'sendImmediately': false
+        }
+      }, function(error, res, body ) {
+        assert.equal(res.statusCode, 200);
+        assert.equal(numBasicRequests, 10);
+        next();
+      });
+    })
+  },
+
+  function (next) {
+    request
+      .get('http://localhost:6767/test/')
+      .auth("test","",false)
+      .on('response', function (res) {
+        assert.equal(res.statusCode, 200);
+        assert.equal(numBasicRequests, 12);
+        next();
+      })
+  },
+
+  function (next) {
+    request.get('http://localhost:6767/test/',
+      {
+        auth: {
+          user: "test",
+          pass: "",
+          sendImmediately: false
+        }
+      }, function (err, res) {
+        assert.equal(res.statusCode, 200);
+        assert.equal(numBasicRequests, 14);
+        next();
+      })
+  }
+];
+
+function runTest(i) {
+  if (i < tests.length) {
+    tests[i](function() {
+      runTest(i + 1);
+    });
+  } else {
+    console.log('All tests passed');
+    basicServer.close();
+  }
+}
+
+runTest(0);
--- a/packages/wekan-request/tests/test-bearer-auth.js
+++ b/packages/wekan-request/tests/test-bearer-auth.js
@ -0,0 +1,161 @@
+var assert = require('assert')
+  , http = require('http')
+  , request = require('../index')
+  ;
+
+var numBasicRequests = 0;
+
+var basicServer = http.createServer(function (req, res) {
+  console.error('Bearer auth server: ', req.method, req.url);
+  numBasicRequests++;
+
+  var ok;
+
+  if (req.headers.authorization) {
+    if (req.headers.authorization == 'Bearer theToken') {
+      ok = true;
+    } else {
+      // Bad auth header, don't send back WWW-Authenticate header
+      ok = false;
+    }
+  } else {
+    // No auth header, send back WWW-Authenticate header
+    ok = false;
+    res.setHeader('www-authenticate', 'Bearer realm="Private"');
+  }
+
+  if (req.url == '/post/') {
+    var expectedContent = 'data_key=data_value';
+    req.on('data', function(data) {
+      assert.equal(data, expectedContent);
+      console.log('received request data: ' + data);
+    });
+    assert.equal(req.method, 'POST');
+    assert.equal(req.headers['content-length'], '' + expectedContent.length);
+    assert.equal(req.headers['content-type'], 'application/x-www-form-urlencoded; charset=utf-8');
+  }
+
+  if (ok) {
+    console.log('request ok');
+    res.end('ok');
+  } else {
+    console.log('status=401');
+    res.statusCode = 401;
+    res.end('401');
+  }
+});
+
+basicServer.listen(6767);
+
+var tests = [
+  function(next) {
+    request({
+      'method': 'GET',
+      'uri': 'http://localhost:6767/test/',
+      'auth': {
+        'bearer': 'theToken',
+        'sendImmediately': false
+      }
+    }, function(error, res, body) {
+      assert.equal(res.statusCode, 200);
+      assert.equal(numBasicRequests, 2);
+      next();
+    });
+  },
+
+  function(next) {
+    // If we don't set sendImmediately = false, request will send bearer auth
+    request({
+      'method': 'GET',
+      'uri': 'http://localhost:6767/test2/',
+      'auth': {
+        'bearer': 'theToken'
+      }
+    }, function(error, res, body) {
+      assert.equal(res.statusCode, 200);
+      assert.equal(numBasicRequests, 3);
+      next();
+    });
+  },
+
+  function(next) {
+    request({
+      'method': 'POST',
+      'form': { 'data_key': 'data_value' },
+      'uri': 'http://localhost:6767/post/',
+      'auth': {
+        'bearer': 'theToken',
+        'sendImmediately': false
+      }
+    }, function(error, res, body) {
+      assert.equal(res.statusCode, 200);
+      assert.equal(numBasicRequests, 5);
+      next();
+    });
+  },
+
+  function (next) {
+    request
+      .get('http://localhost:6767/test/')
+      .auth(null,null,false,"theToken")
+      .on('response', function (res) {
+        assert.equal(res.statusCode, 200);
+        assert.equal(numBasicRequests, 7);
+        next();
+      })
+  },
+
+  function (next) {
+    request
+      .get('http://localhost:6767/test/')
+      .auth(null,null,true,"theToken")
+      .on('response', function (res) {
+        assert.equal(res.statusCode, 200);
+        assert.equal(numBasicRequests, 8);
+        next();
+      })
+  },
+
+  function(next) {
+    request({
+      'method': 'GET',
+      'uri': 'http://localhost:6767/test/',
+      'auth': {
+        'bearer': function() { return 'theToken' },
+        'sendImmediately': false
+      }
+    }, function(error, res, body) {
+      assert.equal(res.statusCode, 200);
+      assert.equal(numBasicRequests, 10);
+      next();
+    });
+  },
+
+  function(next) {
+    // If we don't set sendImmediately = false, request will send bearer auth
+    request({
+      'method': 'GET',
+      'uri': 'http://localhost:6767/test2/',
+      'auth': {
+        'bearer': function() { return 'theToken' }
+      }
+    }, function(error, res, body) {
+      assert.equal(res.statusCode, 200);
+      assert.equal(numBasicRequests, 11);
+      next();
+    });
+  },
+];
+
+function runTest(i) {
+  if (i < tests.length) {
+    tests[i](function() {
+      runTest(i + 1);
+    });
+  } else {
+    console.log('All tests passed');
+    basicServer.close();
+  }
+}
+
+runTest(0);
--- a/packages/wekan-request/tests/test-body.js
+++ b/packages/wekan-request/tests/test-body.js
@ -0,0 +1,122 @@
+var server = require('./server')
+  , events = require('events')
+  , stream = require('stream')
+  , assert = require('assert')
+  , request = require('../index')
+  ;
+
+var s = server.createServer();
+
+var tests =
+  { testGet :
+    { resp : server.createGetResponse("TESTING!")
+    , expectBody: "TESTING!"
+    }
+  , testGetChunkBreak :
+    { resp : server.createChunkResponse(
+      [ new Buffer([239])
+      , new Buffer([163])
+      , new Buffer([191])
+      , new Buffer([206])
+      , new Buffer([169])
+      , new Buffer([226])
+      , new Buffer([152])
+      , new Buffer([131])
+      ])
+    , expectBody: "Ω☃"
+    }
+  , testGetBuffer :
+    { resp : server.createGetResponse(new Buffer("TESTING!"))
+    , encoding: null
+    , expectBody: new Buffer("TESTING!")
+    }
+  , testGetEncoding :
+    { resp : server.createGetResponse(new Buffer('efa3bfcea9e29883', 'hex'))
+    , encoding: 'hex'
+    , expectBody: "efa3bfcea9e29883"
+    }
+  , testGetUTF8:
+     { resp: server.createGetResponse(new Buffer([0xEF, 0xBB, 0xBF, 226, 152, 131]))
+     , encoding: "utf8"
+     , expectBody: "☃"
+     }
+  , testGetJSON :
+     { resp : server.createGetResponse('{"test":true}', 'application/json')
+     , json : true
+     , expectBody: {"test":true}
+     }
+  , testPutString :
+    { resp : server.createPostValidator("PUTTINGDATA")
+    , method : "PUT"
+    , body : "PUTTINGDATA"
+    }
+  , testPutBuffer :
+    { resp : server.createPostValidator("PUTTINGDATA")
+    , method : "PUT"
+    , body : new Buffer("PUTTINGDATA")
+    }
+  , testPutJSON :
+    { resp : server.createPostValidator(JSON.stringify({foo: 'bar'}))
+    , method: "PUT"
+    , json: {foo: 'bar'}
+    }
+  , testPutMultipart :
+    { resp: server.createPostValidator(
+        '--__BOUNDARY__\r\n' +
+        'content-type: text/html\r\n' +
+        '\r\n' +
+        '<html><body>Oh hi.</body></html>' +
+        '\r\n--__BOUNDARY__\r\n\r\n' +
+        'Oh hi.' +
+        '\r\n--__BOUNDARY__--'
+        )
+    , method: "PUT"
+    , multipart:
+      [ {'content-type': 'text/html', 'body': '<html><body>Oh hi.</body></html>'}
+      , {'body': 'Oh hi.'}
+      ]
+    }
+  , testPutMultipartPreambleCRLF :
+    { resp: server.createPostValidator(
+        '\r\n--__BOUNDARY__\r\n' +
+        'content-type: text/html\r\n' +
+        '\r\n' +
+        '<html><body>Oh hi.</body></html>' +
+        '\r\n--__BOUNDARY__\r\n\r\n' +
+        'Oh hi.' +
+        '\r\n--__BOUNDARY__--'
+        )
+    , method: "PUT"
+    , preambleCRLF: true
+    , multipart:
+      [ {'content-type': 'text/html', 'body': '<html><body>Oh hi.</body></html>'}
+      , {'body': 'Oh hi.'}
+      ]
+    }
+  }
+
+s.listen(s.port, function () {
+
+  var counter = 0
+
+  for (i in tests) {
+    (function () {
+      var test = tests[i]
+      s.on('/'+i, test.resp)
+      test.uri = s.url + '/' + i
+      request(test, function (err, resp, body) {
+        if (err) throw err
+        if (test.expectBody) {
+          assert.deepEqual(test.expectBody, body)
+        }
+        counter = counter - 1;
+        if (counter === 0) {
+          console.log(Object.keys(tests).length+" tests passed.")
+          s.close()
+        }
+      })
+      counter++
+    })()
+  }
+})
+
--- a/packages/wekan-request/tests/test-cookies.js
+++ b/packages/wekan-request/tests/test-cookies.js
@ -0,0 +1,66 @@
+try {
+  require('tough-cookie')
+} catch (e) {
+  console.error('tough-cookie must be installed to run this test.')
+  console.error('skipping this test. please install tough-cookie and run again if you need to test this feature.')
+  process.exit(0)
+}
+
+var assert = require('assert')
+  , http = require('http')
+  , request = require('../index')
+
+
+function simpleCookieCreationTest() {
+  var cookie = request.cookie('foo=bar')
+  assert(cookie.key === 'foo')
+  assert(cookie.value === 'bar')
+}
+
+simpleCookieCreationTest()
+
+var requests = 0;
+var validUrl = 'http://localhost:6767/valid';
+var invalidUrl = 'http://localhost:6767/invalid';
+
+var server = http.createServer(function (req, res) {
+  requests++;
+  if (req.url === '/valid')
+    res.setHeader('set-cookie', 'foo=bar');
+  else if (req.url === '/invalid')
+    res.setHeader('set-cookie', 'foo=bar; Domain=foo.com');
+  res.end('okay');
+  if (requests === 2) server.close();
+});
+server.listen(6767);
+
+var jar1 = request.jar();
+request({
+  method: 'GET',
+  url: validUrl,
+  jar: jar1
+},
+function (error, response, body) {
+  if (error) throw error;
+  assert.equal(jar1.getCookieString(validUrl), 'foo=bar');
+  assert.equal(body, 'okay');
+
+  var cookies = jar1.getCookies(validUrl);
+  assert(cookies.length == 1);
+  assert(cookies[0].key === 'foo');
+  assert(cookies[0].value === 'bar');
+});
+
+var jar2 = request.jar();
+request({
+  method: 'GET',
+  url: invalidUrl,
+  jar: jar2
+},
+function (error, response, body) {
+  if (error) throw error;
+  assert.equal(jar2.getCookieString(validUrl), '');
+  assert.deepEqual(jar2.getCookies(validUrl), []);
+  assert.equal(body, 'okay');
+});
+
--- a/packages/wekan-request/tests/test-defaults.js
+++ b/packages/wekan-request/tests/test-defaults.js
@ -0,0 +1,146 @@
+var server = require('./server')
+  , assert = require('assert')
+  , request = require('../index')
+  ;
+
+var s = server.createServer();
+
+s.listen(s.port, function () {
+  var counter = 0;
+  s.on('/get', function (req, resp) {
+    assert.equal(req.headers.foo, 'bar');
+    assert.equal(req.method, 'GET')
+    resp.writeHead(200, {'Content-Type': 'text/plain'});
+    resp.end('TESTING!');
+  });
+
+  // test get(string, function)
+  request.defaults({headers:{foo:"bar"}})(s.url + '/get', function (e, r, b){
+    if (e) throw e;
+    assert.deepEqual("TESTING!", b);
+    counter += 1;
+  });
+
+  s.on('/merge-headers', function (req, resp) {
+    assert.equal(req.headers.foo, 'bar')
+    assert.equal(req.headers.merged, 'yes')
+    resp.writeHead(200)
+    resp.end()
+  });
+
+  request.defaults({
+    headers:{foo:"bar", merged:"no"}
+  })(s.url + '/merge-headers', {
+    headers:{merged:"yes"}
+  }, function (e, r, b){
+    if (e) throw e
+    assert.equal(r.statusCode, 200)
+    counter += 1
+  });
+
+  s.on('/post', function (req, resp) {
+    assert.equal(req.headers.foo, 'bar');
+    assert.equal(req.headers['content-type'], null);
+    assert.equal(req.method, 'POST')
+    resp.writeHead(200, {'Content-Type': 'application/json'});
+    resp.end(JSON.stringify({foo:'bar'}));
+  });
+
+  // test post(string, object, function)
+  request.defaults({headers:{foo:"bar"}}).post(s.url + '/post', {json: true}, function (e, r, b){
+    if (e) throw e;
+    assert.deepEqual('bar', b.foo);
+    counter += 1;
+  });
+
+  s.on('/patch', function (req, resp) {
+    assert.equal(req.headers.foo, 'bar');
+    assert.equal(req.headers['content-type'], null);
+    assert.equal(req.method, 'PATCH')
+    resp.writeHead(200, {'Content-Type': 'application/json'});
+    resp.end(JSON.stringify({foo:'bar'}));
+  });
+
+  // test post(string, object, function)
+  request.defaults({headers:{foo:"bar"}}).patch(s.url + '/patch', {json: true}, function (e, r, b){
+    if (e) throw e;
+    assert.deepEqual('bar', b.foo);
+    counter += 1;
+  });
+
+  s.on('/post-body', function (req, resp) {
+    assert.equal(req.headers.foo, 'bar');
+    assert.equal(req.headers['content-type'], 'application/json');
+    assert.equal(req.method, 'POST')
+    resp.writeHead(200, {'Content-Type': 'application/json'});
+    resp.end(JSON.stringify({foo:'bar'}));
+  });
+
+  // test post(string, object, function) with body
+  request.defaults({headers:{foo:"bar"}}).post(s.url + '/post-body', {json: true, body:{bar:"baz"}}, function (e, r, b){
+    if (e) throw e;
+    assert.deepEqual('bar', b.foo);
+    counter += 1;
+  });
+
+  s.on('/del', function (req, resp) {
+    assert.equal(req.headers.foo, 'bar');
+    assert.equal(req.method, 'DELETE')
+    resp.writeHead(200, {'Content-Type': 'application/json'});
+    resp.end(JSON.stringify({foo:'bar'}));
+  });
+
+  // test .del(string, function)
+  request.defaults({headers:{foo:"bar"}, json:true}).del(s.url + '/del', function (e, r, b){
+    if (e) throw e;
+    assert.deepEqual('bar', b.foo);
+    counter += 1;
+  });
+
+  s.on('/head', function (req, resp) {
+    assert.equal(req.headers.foo, 'bar');
+    assert.equal(req.method, 'HEAD')
+    resp.writeHead(200, {'Content-Type': 'text/plain'});
+    resp.end();
+  });
+
+  // test head.(object, function)
+  request.defaults({headers:{foo:"bar"}}).head({uri: s.url + '/head'}, function (e, r, b){
+    if (e) throw e;
+    counter += 1;
+  });
+
+  s.on('/get_custom', function(req, resp) {
+    assert.equal(req.headers.foo, 'bar');
+    assert.equal(req.headers.x, 'y');
+    resp.writeHead(200, {'Content-Type': 'text/plain'});
+    resp.end();
+  });
+
+  // test custom request handler function
+  var defaultRequest = request.defaults({
+    headers:{foo:"bar"}
+    , body: 'TESTING!'
+  }, function(uri, options, callback) {
+    var params = request.initParams(uri, options, callback);
+    options = params.options;
+    options.headers.x = 'y';
+
+    return request(params.uri, params.options, params.callback);
+  });
+
+  var msg = 'defaults test failed. head request should throw earlier';
+  assert.throws(function() {
+    defaultRequest.head(s.url + '/get_custom', function(e, r, b) {
+      throw new Error(msg);
+    });
+    counter+=1;
+  }, msg);
+
+  defaultRequest.get(s.url + '/get_custom', function(e, r, b) {
+    if(e) throw e;
+    counter += 1;
+    console.log(counter.toString() + " tests passed.");
+    s.close();
+  });
+})
--- a/packages/wekan-request/tests/test-digest-auth.js
+++ b/packages/wekan-request/tests/test-digest-auth.js
@ -0,0 +1,99 @@
+var assert = require('assert')
+  , http = require('http')
+  , request = require('../index')
+  ;
+
+// Test digest auth
+// Using header values captured from interaction with Apache
+
+var numDigestRequests = 0;
+
+var digestServer = http.createServer(function (req, res) {
+  console.error('Digest auth server: ', req.method, req.url);
+  numDigestRequests++;
+
+  var ok;
+
+  if (req.url === '/test/') {
+    if (req.headers.authorization) {
+      if (/^Digest username="test", realm="Private", nonce="WpcHS2\/TBAA=dffcc0dbd5f96d49a5477166649b7c0ae3866a93", uri="\/test\/", qop=auth, response="[a-f0-9]{32}", nc=00000001, cnonce="[a-f0-9]{32}", algorithm=MD5, opaque="5ccc069c403ebaf9f0171e9517f40e41"$/.exec(req.headers.authorization)) {
+        ok = true;
+      } else {
+        // Bad auth header, don't send back WWW-Authenticate header
+        ok = false;
+      }
+    } else {
+      // No auth header, send back WWW-Authenticate header
+      ok = false;
+      res.setHeader('www-authenticate', 'Digest realm="Private", nonce="WpcHS2/TBAA=dffcc0dbd5f96d49a5477166649b7c0ae3866a93", algorithm=MD5, qop="auth", opaque="5ccc069c403ebaf9f0171e9517f40e41"');
+    }
+  } else if (req.url === '/dir/index.html') {
+    // RFC2069-compatible mode
+    // check: http://www.rfc-editor.org/errata_search.php?rfc=2069
+    if (req.headers.authorization) {
+      if (/^Digest username="Mufasa", realm="testrealm@host.com", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", uri="\/dir\/index.html", response="[a-f0-9]{32}", opaque="5ccc069c403ebaf9f0171e9517f40e41"$/.exec(req.headers.authorization)) {
+        ok = true;
+      } else {
+        // Bad auth header, don't send back WWW-Authenticate header
+        ok = false;
+      }
+    } else {
+      // No auth header, send back WWW-Authenticate header
+      ok = false;
+      res.setHeader('www-authenticate', 'Digest realm="testrealm@host.com", nonce="dcd98b7102dd2f0e8b11d0f600bfb0c093", opaque="5ccc069c403ebaf9f0171e9517f40e41"');
+    }
+  }
+
+  if (ok) {
+    console.log('request ok');
+    res.end('ok');
+  } else {
+    console.log('status=401');
+    res.statusCode = 401;
+    res.end('401');
+  }
+});
+
+digestServer.listen(6767);
+
+request({
+  'method': 'GET',
+  'uri': 'http://localhost:6767/test/',
+  'auth': {
+    'user': 'test',
+    'pass': 'testing',
+    'sendImmediately': false
+  }
+}, function(error, response, body) {
+  assert.equal(response.statusCode, 200);
+  assert.equal(numDigestRequests, 2);
+
+  // If we don't set sendImmediately = false, request will send basic auth
+  request({
+    'method': 'GET',
+    'uri': 'http://localhost:6767/test/',
+    'auth': {
+      'user': 'test',
+      'pass': 'testing'
+    }
+  }, function(error, response, body) {
+    assert.equal(response.statusCode, 401);
+    assert.equal(numDigestRequests, 3);
+
+    request({
+      'method': 'GET',
+      'uri': 'http://localhost:6767/dir/index.html',
+      'auth': {
+        'user': 'Mufasa',
+        'pass': 'CircleOfLife',
+      'sendImmediately': false
+      }
+    }, function(error, response, body) {
+      assert.equal(response.statusCode, 200);
+      assert.equal(numDigestRequests, 5);
+
+      console.log('All tests passed');
+      digestServer.close();
+    });
+  });
+});
--- a/packages/wekan-request/tests/test-emptyBody.js
+++ b/packages/wekan-request/tests/test-emptyBody.js
@ -0,0 +1,20 @@
+var request = require('../index')
+  , http = require('http')
+  , assert = require('assert')
+  ;
+
+var s = http.createServer(function (req, resp) {
+  resp.statusCode = 200
+  resp.end('')
+}).listen(8080, function () {
+  var r = request('http://localhost:8080', function (e, resp, body) {
+    assert.equal(resp.statusCode, 200)
+    assert.equal(body, "")
+
+    var r2 = request({ url: 'http://localhost:8080', json: {} }, function (e, resp, body) {
+	    assert.equal(resp.statusCode, 200)
+	    assert.equal(body, undefined)
+	    s.close()
+ 	 });
+  })
+})
--- a/packages/wekan-request/tests/test-errors.js
+++ b/packages/wekan-request/tests/test-errors.js
@ -0,0 +1,37 @@
+var server = require('./server')
+  , events = require('events')
+  , assert = require('assert')
+  , request = require('../index')
+  ;
+
+var local = 'http://localhost:8888/asdf'
+
+try {
+  request({uri:local, body:{}})
+  assert.fail("Should have throw") 
+} catch(e) {
+  assert.equal(e.message, 'Argument error, options.body.')
+}
+
+try {
+  request({uri:local, multipart: 'foo'})
+  assert.fail("Should have throw")
+} catch(e) {
+  assert.equal(e.message, 'Argument error, options.multipart.')
+}
+
+try {
+  request({uri:local, multipart: [{}]})
+  assert.fail("Should have throw")
+} catch(e) {
+  assert.equal(e.message, 'Body attribute missing in multipart.')
+}
+
+try {
+  request(local, {multipart: [{}]})
+  assert.fail("Should have throw")
+} catch(e) {
+  assert.equal(e.message, 'Body attribute missing in multipart.')
+}
+
+console.log("All tests passed.")
--- a/packages/wekan-request/tests/test-follow-all-303.js
+++ b/packages/wekan-request/tests/test-follow-all-303.js
@ -0,0 +1,30 @@
+var request = require('../index');
+var http = require('http');
+var requests = 0;
+var assert = require('assert');
+
+var server = http.createServer(function (req, res) {
+  console.error(req.method, req.url);
+  requests ++;
+
+  if (req.method === 'POST') {
+    console.error('send 303');
+    res.setHeader('location', req.url);
+    res.statusCode = 303;
+    res.end('try again, i guess\n');
+  } else {
+    console.error('send 200')
+    res.end('ok: ' + requests);
+  }
+});
+server.listen(6767);
+
+request.post({ url: 'http://localhost:6767/foo',
+               followAllRedirects: true,
+               form: { foo: 'bar' } }, function (er, req, body) {
+  if (er) throw er;
+  assert.equal(body, 'ok: 2');
+  assert.equal(requests, 2);
+  console.error('ok - ' + process.version);
+  server.close();
+});
--- a/packages/wekan-request/tests/test-follow-all.js
+++ b/packages/wekan-request/tests/test-follow-all.js
@ -0,0 +1,44 @@
+try {
+  require('tough-cookie')
+} catch (e) {
+  console.error('tough-cookie must be installed to run this test.')
+  console.error('skipping this test. please install tough-cookie and run again if you need to test this feature.')
+  process.exit(0)
+}
+
+var request = require('../index');
+var http = require('http');
+var requests = 0;
+var assert = require('assert');
+
+var server = http.createServer(function (req, res) {
+  requests ++;
+
+  // redirect everything 3 times, no matter what.
+  var c = req.headers.cookie;
+
+  if (!c) c = 0;
+  else c = +c.split('=')[1] || 0;
+
+  if (c > 3) {
+    res.end('ok: '+requests);
+    return;
+  }
+
+  res.setHeader('set-cookie', 'c=' + (c + 1));
+  res.setHeader('location', req.url);
+  res.statusCode = 302;
+  res.end('try again, i guess\n');
+});
+server.listen(6767);
+
+request.post({ url: 'http://localhost:6767/foo',
+               followAllRedirects: true,
+               jar: true,
+               form: { foo: 'bar' } }, function (er, req, body) {
+  if (er) throw er;
+  assert.equal(body, 'ok: 5');
+  assert.equal(requests, 5);
+  console.error('ok - ' + process.version);
+  server.close();
+});
--- a/packages/wekan-request/tests/test-form.js
+++ b/packages/wekan-request/tests/test-form.js
@ -0,0 +1,96 @@
+try {
+  require('form-data')
+} catch (e) {
+  console.error('form-data must be installed to run this test.')
+  console.error('skipping this test. please install form-data and run again if you need to test this feature.')
+  process.exit(0)
+}
+
+var assert = require('assert')
+var http = require('http');
+var path = require('path');
+var mime = require('mime-types');
+var request = require('../index');
+var fs = require('fs');
+
+var remoteFile = 'http://nodejs.org/images/logo.png';
+
+var totalLength = null;
+
+var FIELDS = [
+  {name: 'my_field', value: 'my_value'},
+  {name: 'my_buffer', value: new Buffer([1, 2, 3])},
+  {name: 'my_file', value: fs.createReadStream(__dirname + '/unicycle.jpg')},
+  {name: 'remote_file', value: request(remoteFile) }
+];
+
+var server = http.createServer(function(req, res) {
+
+  // temp workaround
+  var data = '';
+  req.setEncoding('utf8');
+
+  req.on('data', function(d) {
+    data += d;
+  });
+
+  req.on('end', function() {
+    // check for the fields' traces
+
+    // 1st field : my_field
+    var field = FIELDS.shift();
+    assert.ok( data.indexOf('form-data; name="'+field.name+'"') != -1 );
+    assert.ok( data.indexOf(field.value) != -1 );
+
+    // 2nd field : my_buffer
+    var field = FIELDS.shift();
+    assert.ok( data.indexOf('form-data; name="'+field.name+'"') != -1 );
+    assert.ok( data.indexOf(field.value) != -1 );
+
+    // 3rd field : my_file
+    var field = FIELDS.shift();
+    assert.ok( data.indexOf('form-data; name="'+field.name+'"') != -1 );
+    assert.ok( data.indexOf('; filename="'+path.basename(field.value.path)+'"') != -1 );
+    // check for unicycle.jpg traces
+    assert.ok( data.indexOf('2005:06:21 01:44:12') != -1 );
+    assert.ok( data.indexOf('Content-Type: '+mime.lookup(field.value.path) ) != -1 );
+
+    // 4th field : remote_file
+    var field = FIELDS.shift();
+    assert.ok( data.indexOf('form-data; name="'+field.name+'"') != -1 );
+    assert.ok( data.indexOf('; filename="'+path.basename(field.value.path)+'"') != -1 );
+    // check for http://nodejs.org/images/logo.png traces
+    assert.ok( data.indexOf('ImageReady') != -1 );
+    assert.ok( data.indexOf('Content-Type: '+mime.lookup(remoteFile) ) != -1 );
+
+    assert.ok( req.headers['content-length'] == totalLength );
+
+
+    res.writeHead(200);
+    res.end('done');
+
+  });
+
+
+});
+
+server.listen(8080, function() {
+
+  var req = request.post('http://localhost:8080/upload', function () {
+    server.close();
+  })
+  var form = req.form()
+  
+  FIELDS.forEach(function(field) {
+    form.append(field.name, field.value);
+  });
+
+  form.getLength(function (err, length) {
+    totalLength = length;
+  });
+
+});
+
+process.on('exit', function() {
+  assert.strictEqual(FIELDS.length, 0);
+});
--- a/packages/wekan-request/tests/test-gzip.js
+++ b/packages/wekan-request/tests/test-gzip.js
@ -0,0 +1,105 @@
+var request = require('../index')
+  , http = require('http')
+  , assert = require('assert')
+  , zlib = require('zlib')
+
+if (!zlib.Gunzip.prototype.setEncoding) {
+  try {
+    require('stringstream')
+  } catch (e) {
+    console.error('stringstream must be installed to run this test.')
+    console.error('skipping this test. please install stringstream and run again if you need to test this feature.')
+    process.exit(0)
+  }
+}
+
+var testContent = 'Compressible response content.\n'
+  , testContentGzip
+
+var server = http.createServer(function (req, res) {
+  res.statusCode = 200
+  res.setHeader('Content-Type', 'text/plain')
+
+  if (/\bgzip\b/i.test(req.headers['accept-encoding'])) {
+    zlib.gzip(testContent, function (err, data) {
+      assert.ifError(err)
+      testContentGzip = data
+      res.setHeader('Content-Encoding', 'gzip')
+      res.end(data)
+    })
+  } else {
+    res.end(testContent)
+  }
+})
+
+server.listen(6767, function (err) {
+  assert.ifError(err)
+
+  var headers, options
+
+  // Transparently supports gzip decoding to callbacks
+  options = { url: 'http://localhost:6767/foo', gzip: true }
+  request.get(options, function (err, res, body) {
+    assert.ifError(err)
+    assert.strictEqual(res.headers['content-encoding'], 'gzip')
+    assert.strictEqual(body, testContent)
+  })
+
+
+  // Transparently supports gzip decoding to pipes
+  options = { url: 'http://localhost:6767/foo', gzip: true }
+  var chunks = []
+  request.get(options)
+    .on('data', function (chunk) { chunks.push(chunk) })
+    .on('end', function () {
+        assert.strictEqual(Buffer.concat(chunks).toString(), testContent)
+      })
+    .on('error', function (err) { assert.ifError(err) })
+
+
+  // Does not request gzip if user specifies Accepted-Encodings
+  headers = { 'Accept-Encoding': null }
+  options = {
+    url: 'http://localhost:6767/foo',
+    headers: headers,
+    gzip: true
+  }
+  request.get(options, function (err, res, body) {
+    assert.ifError(err)
+    assert.strictEqual(res.headers['content-encoding'], undefined)
+    assert.strictEqual(body, testContent)
+  })
+
+
+  // Does not decode user-requested encoding by default
+  headers = { 'Accept-Encoding': 'gzip' }
+  options = { url: 'http://localhost:6767/foo', headers: headers }
+  request.get(options, function (err, res, body) {
+    assert.ifError(err)
+    assert.strictEqual(res.headers['content-encoding'], 'gzip')
+    assert.strictEqual(body, testContentGzip.toString())
+  })
+
+
+  // Supports character encoding with gzip encoding
+  headers = { 'Accept-Encoding': 'gzip' }
+  options = {
+    url: 'http://localhost:6767/foo',
+    headers: headers,
+    gzip: true,
+    encoding: "utf8"
+  }
+  var strings = []
+  request.get(options)
+    .on('data', function (string) {
+        assert.strictEqual(typeof string, "string")
+        strings.push(string)
+      })
+    .on('end', function () {
+        assert.strictEqual(strings.join(""), testContent)
+
+        // Shutdown server after last test
+        server.close()
+      })
+    .on('error', function (err) { assert.ifError(err) })
+})
--- a/packages/wekan-request/tests/test-hawk.js
+++ b/packages/wekan-request/tests/test-hawk.js
@ -0,0 +1,41 @@
+try {
+  require('hawk')
+} catch (e) {
+  console.error('hawk must be installed to run this test.')
+  console.error('skipping this test. please install hawk and run again if you need to test this feature.')
+  process.exit(0)
+}
+
+var createServer = require('http').createServer
+  , request = require('../index')
+  , hawk = require('hawk')
+  , assert = require('assert')
+  ;
+
+var server = createServer(function (req, resp) {
+  
+  var getCred = function (id, callback) {
+    assert.equal(id, 'dh37fgj492je')
+    var credentials = 
+      { key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn'
+      , algorithm: 'sha256'
+      , user: 'Steve'
+      }
+    return callback(null, credentials)
+  }
+
+  hawk.server.authenticate(req, getCred, {}, function (err, credentials, attributes) {
+    resp.writeHead(!err ? 200 : 401, { 'Content-Type': 'text/plain' })
+    resp.end(!err ? 'Hello ' + credentials.user : 'Shoosh!')
+  })
+  
+})
+
+server.listen(8080, function () {
+  var creds = {key: 'werxhqb98rpaxn39848xrunpaw3489ruxnpa98w4rxn', algorithm: 'sha256', id:'dh37fgj492je'}
+  request('http://localhost:8080', {hawk:{credentials:creds}}, function (e, r, b) {
+    assert.equal(200, r.statusCode)
+    assert.equal(b, 'Hello Steve')
+    server.close()
+  })
+})
--- a/packages/wekan-request/tests/test-headers.js
+++ b/packages/wekan-request/tests/test-headers.js
@ -0,0 +1,79 @@
+try {
+  require('tough-cookie')
+} catch (e) {
+  console.error('tough-cookie must be installed to run this test.')
+  console.error('skipping this test. please install tough-cookie and run again if you need to test this feature.')
+  process.exit(0)
+}
+
+var server = require('./server')
+  , assert = require('assert')
+  , request = require('../index')
+  , s = server.createServer()
+
+s.listen(s.port, function () {
+  var serverUri = 'http://localhost:' + s.port
+    , numTests = 0
+    , numOutstandingTests = 0
+
+  function createTest(requestObj, serverAssertFn) {
+    var testNumber = numTests;
+    numTests += 1;
+    numOutstandingTests += 1;
+    s.on('/' + testNumber, function (req, res) {
+      serverAssertFn(req, res);
+      res.writeHead(200);
+      res.end();
+    });
+    requestObj.url = serverUri + '/' + testNumber
+    request(requestObj, function (err, res, body) {
+      assert.ok(!err)
+      assert.equal(res.statusCode, 200)
+      numOutstandingTests -= 1
+      if (numOutstandingTests === 0) {
+        console.log(numTests + ' tests passed.')
+        s.close()
+      }
+    })
+  }
+
+  // Issue #125: headers.cookie shouldn't be replaced when a cookie jar isn't specified
+  createTest({headers: {cookie: 'foo=bar'}}, function (req, res) {
+    assert.ok(req.headers.cookie)
+    assert.equal(req.headers.cookie, 'foo=bar')
+  })
+
+  // Issue #125: headers.cookie + cookie jar
+  //using new cookie module
+  var jar = request.jar()
+  jar.setCookie('quux=baz', serverUri);
+  createTest({jar: jar, headers: {cookie: 'foo=bar'}}, function (req, res) {
+    assert.ok(req.headers.cookie)
+    assert.equal(req.headers.cookie, 'foo=bar; quux=baz')
+  })
+
+  // Issue #794 add ability to ignore cookie parsing and domain errors
+  var jar2 = request.jar()
+  jar2.setCookie('quux=baz; Domain=foo.bar.com', serverUri, {ignoreError: true});
+  createTest({jar: jar2, headers: {cookie: 'foo=bar'}}, function (req, res) {
+    assert.ok(req.headers.cookie)
+    assert.equal(req.headers.cookie, 'foo=bar')
+  })
+
+  // Issue #784: override content-type when json is used
+  // https://github.com/mikeal/request/issues/784
+  createTest({
+    json: true,
+    method: 'POST',
+    headers: {'content-type': 'application/json; charset=UTF-8'},
+    body: {hello: 'my friend'}},function(req, res) {
+      assert.ok(req.headers['content-type']);
+      assert.equal(req.headers['content-type'], 'application/json; charset=UTF-8');
+    }
+  )
+
+  // There should be no cookie header when neither headers.cookie nor a cookie jar is specified
+  createTest({}, function (req, res) {
+    assert.ok(!req.headers.cookie)
+  })
+})
--- a/packages/wekan-request/tests/test-http-signature.js
+++ b/packages/wekan-request/tests/test-http-signature.js
@ -0,0 +1,114 @@
+try {
+  require('http-signature')
+} catch (e) {
+  console.error('http-signature must be installed to run this test.')
+  console.error('skipping this test. please install http-signature and run again if you need to test this feature.')
+  process.exit(0)
+}
+
+var createServer = require('http').createServer
+  , request = require('../index')
+  , httpSignature = require('http-signature')
+  , assert = require('assert')
+  ;
+
+var privateKeyPEMs = {}
+
+privateKeyPEMs['key-1'] =
+  '-----BEGIN RSA PRIVATE KEY-----\n' +
+  'MIIEpAIBAAKCAQEAzWSJl+Z9Bqv00FVL5N3+JCUoqmQPjIlya1BbeqQroNQ5yG1i\n' +
+  'VbYTTnMRa1zQtR6r2fNvWeg94DvxivxIG9diDMnrzijAnYlTLOl84CK2vOxkj5b6\n' +
+  '8zrLH9b/Gd6NOHsywo8IjvXvCeTfca5WUHcuVi2lT9VjygFs1ILG4RyeX1BXUumu\n' +
+  'Y8fzmposxLYdMxCqUTzAn0u9Saq2H2OVj5u114wS7OQPigu6G99dpn/iPHa3zBm8\n' +
+  '7baBWDbqZWRW0BP3K6eqq8sut1+NLhNW8ADPTdnO/SO+kvXy7fqd8atSn+HlQcx6\n' +
+  'tW42dhXf3E9uE7K78eZtW0KvfyNGAjsI1Fft2QIDAQABAoIBAG1exe3/LEBrPLfb\n' +
+  'U8iRdY0lxFvHYIhDgIwohC3wUdMYb5SMurpNdEZn+7Sh/fkUVgp/GKJViu1mvh52\n' +
+  'bKd2r52DwG9NQBQjVgkqY/auRYSglIPpr8PpYNSZlcneunCDGeqEY9hMmXc5Ssqs\n' +
+  'PQYoEKKPN+IlDTg6PguDgAfLR4IUvt9KXVvmB/SSgV9tSeTy35LECt1Lq3ozbUgu\n' +
+  '30HZI3U6/7H+X22Pxxf8vzBtzkg5rRCLgv+OeNPo16xMnqbutt4TeqEkxRv5rtOo\n' +
+  '/A1i9khBeki0OJAFJsE82qnaSZodaRsxic59VnN8sWBwEKAt87tEu5A3K3j4XSDU\n' +
+  '/avZxAECgYEA+pS3DvpiQLtHlaO3nAH6MxHRrREOARXWRDe5nUQuUNpS1xq9wte6\n' +
+  'DkFtba0UCvDLic08xvReTCbo9kH0y6zEy3zMpZuJlKbcWCkZf4S5miYPI0RTZtF8\n' +
+  'yps6hWqzYFSiO9hMYws9k4OJLxX0x3sLK7iNZ32ujcSrkPBSiBr0gxkCgYEA0dWl\n' +
+  '637K41AJ/zy0FP0syq+r4eIkfqv+/t6y2aQVUBvxJYrj9ci6XHBqoxpDV8lufVYj\n' +
+  'fUAfeI9/MZaWvQJRbnYLre0I6PJfLuCBIL5eflO77BGso165AF7QJZ+fwtgKv3zv\n' +
+  'ZX75eudCSS/cFo0po9hlbcLMT4B82zEkgT8E2MECgYEAnz+3/wrdOmpLGiyL2dff\n' +
+  '3GjsqmJ2VfY8z+niSrI0BSpbD11tT9Ct67VlCBjA7hsOH6uRfpd6/kaUMzzDiFVq\n' +
+  'VDAiFvV8QD6zNkwYalQ9aFvbrvwTTPrBpjl0vamMCiJ/YC0cjq1sGr2zh3sar1Ph\n' +
+  'S43kP+s97dcZeelhaiJHVrECgYEAsx61q/loJ/LDFeYzs1cLTVn4V7I7hQY9fkOM\n' +
+  'WM0AhInVqD6PqdfXfeFYpjJdGisQ7l0BnoGGW9vir+nkcyPvb2PFRIr6+B8tsU5j\n' +
+  '7BeVgjDoUfQkcrEBK5fEBtnj/ud9BUkY8oMZZBjVNLRuI7IMwZiPvMp0rcj4zAN/\n' +
+  'LfUlpgECgYArBvFcBxSkNAzR3Rtteud1YDboSKluRM37Ey5plrn4BS0DD0jm++aD\n' +
+  '0pG2Hsik000hibw92lCkzvvBVAqF8BuAcnPlAeYfsOaa97PGEjSKEN5bJVWZ9/om\n' +
+  '9FV1axotRN2XWlwrhixZLEaagkREXhgQc540FS5O8IaI2Vpa80Atzg==\n' +
+  '-----END RSA PRIVATE KEY-----'
+
+var publicKeyPEMs = {}
+
+publicKeyPEMs['key-1'] =
+  '-----BEGIN PUBLIC KEY-----\n' +
+  'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWSJl+Z9Bqv00FVL5N3+\n' +
+  'JCUoqmQPjIlya1BbeqQroNQ5yG1iVbYTTnMRa1zQtR6r2fNvWeg94DvxivxIG9di\n' +
+  'DMnrzijAnYlTLOl84CK2vOxkj5b68zrLH9b/Gd6NOHsywo8IjvXvCeTfca5WUHcu\n' +
+  'Vi2lT9VjygFs1ILG4RyeX1BXUumuY8fzmposxLYdMxCqUTzAn0u9Saq2H2OVj5u1\n' +
+  '14wS7OQPigu6G99dpn/iPHa3zBm87baBWDbqZWRW0BP3K6eqq8sut1+NLhNW8ADP\n' +
+  'TdnO/SO+kvXy7fqd8atSn+HlQcx6tW42dhXf3E9uE7K78eZtW0KvfyNGAjsI1Fft\n' +
+  '2QIDAQAB\n' +
+  '-----END PUBLIC KEY-----'
+
+publicKeyPEMs['key-2'] =
+  '-----BEGIN PUBLIC KEY-----\n' +
+  'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp04VVr9OThli9b35Omz\n' +
+  'VqSfWbsoQuRrgyWsrNRn3XkFmbWw4FzZwQ42OgGMzQ84Ta4d9zGKKQyFriTiPjPf\n' +
+  'xhhrsaJnDuybcpVhcr7UNKjSZ0S59tU3hpRiEz6hO+Nc/OSSLkvalG0VKrxOln7J\n' +
+  'LK/h3rNS/l6wDZ5S/KqsI6CYtV2ZLpn3ahLrizvEYNY038Qcm38qMWx+VJAvZ4di\n' +
+  'qqmW7RLIsLT59SWmpXdhFKnkYYGhxrk1Mwl22dBTJNY5SbriU5G3gWgzYkm8pgHr\n' +
+  '6CtrXch9ciJAcDJehPrKXNvNDOdUh8EW3fekNJerF1lWcwQg44/12v8sDPyfbaKB\n' +
+  'dQIDAQAB\n' +
+  '-----END PUBLIC KEY-----'
+
+var server = createServer(function (req, res) {
+  var parsed = httpSignature.parseRequest(req)
+  var publicKeyPEM = publicKeyPEMs[parsed.keyId]
+  var verified = httpSignature.verifySignature(parsed, publicKeyPEM)
+  res.writeHead(verified ? 200 : 400)
+  res.end()
+})
+
+server.listen(8080, function () {
+  function correctKeyTest(callback) {
+    var options = {
+      httpSignature: {
+        keyId: 'key-1',
+        key: privateKeyPEMs['key-1']
+      }
+    }
+    request('http://localhost:8080', options, function (e, r, b) {
+      assert.equal(200, r.statusCode)
+      callback()
+    })
+  }
+
+  function incorrectKeyTest(callback) {
+    var options = {
+      httpSignature: {
+        keyId: 'key-2',
+        key: privateKeyPEMs['key-1']
+      }
+    }
+    request('http://localhost:8080', options, function (e, r, b) {
+      assert.equal(400, r.statusCode)
+      callback()
+    })
+  }
+
+  var tests = [correctKeyTest, incorrectKeyTest]
+  var todo = tests.length;
+  for(var i = 0; i < tests.length; ++i) {
+    tests[i](function() {
+      if(!--todo) {
+        server.close()
+      }
+    })
+  }
+})
--- a/packages/wekan-request/tests/test-httpModule.js
+++ b/packages/wekan-request/tests/test-httpModule.js
@ -0,0 +1,94 @@
+var http = require('http')
+  , https = require('https')
+  , server = require('./server')
+  , assert = require('assert')
+  , request = require('../index')
+
+
+var faux_requests_made = {'http':0, 'https':0}
+function wrap_request(name, module) {
+  // Just like the http or https module, but note when a request is made.
+  var wrapped = {}
+  Object.keys(module).forEach(function(key) {
+    var value = module[key];
+
+    if(key != 'request')
+      wrapped[key] = value;
+    else
+      wrapped[key] = function(options, callback) {
+        faux_requests_made[name] += 1
+        return value.apply(this, arguments)
+      }
+  })
+
+  return wrapped;
+}
+
+
+var faux_http = wrap_request('http', http)
+  , faux_https = wrap_request('https', https)
+  , plain_server = server.createServer()
+  , https_server = server.createSSLServer()
+
+
+plain_server.listen(plain_server.port, function() {
+  plain_server.on('/plain', function (req, res) {
+    res.writeHead(200)
+    res.end('plain')
+  })
+  plain_server.on('/to_https', function (req, res) {
+    res.writeHead(301, {'location':'https://localhost:'+https_server.port + '/https'})
+    res.end()
+  })
+
+  https_server.listen(https_server.port, function() {
+    https_server.on('/https', function (req, res) {
+      res.writeHead(200)
+      res.end('https')
+    })
+    https_server.on('/to_plain', function (req, res) {
+      res.writeHead(302, {'location':'http://localhost:'+plain_server.port + '/plain'})
+      res.end()
+    })
+
+    run_tests()
+    run_tests({})
+    run_tests({'http:':faux_http})
+    run_tests({'https:':faux_https})
+    run_tests({'http:':faux_http, 'https:':faux_https})
+  })
+})
+
+function run_tests(httpModules) {
+  var to_https = 'http://localhost:'+plain_server.port+'/to_https'
+  var to_plain = 'https://localhost:'+https_server.port+'/to_plain'
+
+  request(to_https, {'httpModules':httpModules, strictSSL:false}, function (er, res, body) {
+    if (er) throw er
+    assert.equal(body, 'https', 'Received HTTPS server body')
+    done()
+  })
+
+  request(to_plain, {'httpModules':httpModules, strictSSL:false}, function (er, res, body) {
+    if (er) throw er
+    assert.equal(body, 'plain', 'Received HTTPS server body')
+    done()
+  })
+}
+
+
+var passed = 0;
+function done() {
+  passed += 1
+  var expected = 10
+
+  if(passed == expected) {
+    plain_server.close()
+    https_server.close()
+
+    assert.equal(faux_requests_made.http, 4, 'Wrapped http module called appropriately')
+    assert.equal(faux_requests_made.https, 4, 'Wrapped https module called appropriately')
+
+    console.log((expected+2) + ' tests passed.')
+  }
+}
--- a/packages/wekan-request/tests/test-https-strict.js
+++ b/packages/wekan-request/tests/test-https-strict.js
@ -0,0 +1,97 @@
+// a test where we validate the siguature of the keys
+// otherwise exactly the same as the ssl test
+
+var server = require('./server')
+  , assert = require('assert')
+  , request = require('../index')
+  , fs = require('fs')
+  , path = require('path')
+  , opts = { key: path.resolve(__dirname, 'ssl/ca/server.key')
+           , cert: path.resolve(__dirname, 'ssl/ca/server.crt') }
+  , s = server.createSSLServer(null, opts)
+  , caFile = path.resolve(__dirname, 'ssl/ca/ca.crt')
+  , ca = fs.readFileSync(caFile)
+
+var tests =
+  { testGet :
+    { resp : server.createGetResponse("TESTING!")
+    , expectBody: "TESTING!"
+    }
+  , testGetChunkBreak :
+    { resp : server.createChunkResponse(
+      [ new Buffer([239])
+      , new Buffer([163])
+      , new Buffer([191])
+      , new Buffer([206])
+      , new Buffer([169])
+      , new Buffer([226])
+      , new Buffer([152])
+      , new Buffer([131])
+      ])
+    , expectBody: "Ω☃"
+    }
+  , testGetJSON :
+    { resp : server.createGetResponse('{"test":true}', 'application/json')
+    , json : true
+    , expectBody: {"test":true}
+    }
+  , testPutString :
+    { resp : server.createPostValidator("PUTTINGDATA")
+    , method : "PUT"
+    , body : "PUTTINGDATA"
+    }
+  , testPutBuffer :
+    { resp : server.createPostValidator("PUTTINGDATA")
+    , method : "PUT"
+    , body : new Buffer("PUTTINGDATA")
+    }
+  , testPutJSON :
+    { resp : server.createPostValidator(JSON.stringify({foo: 'bar'}))
+    , method: "PUT"
+    , json: {foo: 'bar'}
+    }
+  , testPutMultipart :
+    { resp: server.createPostValidator(
+        '--__BOUNDARY__\r\n' +
+        'content-type: text/html\r\n' +
+        '\r\n' +
+        '<html><body>Oh hi.</body></html>' +
+        '\r\n--__BOUNDARY__\r\n\r\n' +
+        'Oh hi.' +
+        '\r\n--__BOUNDARY__--'
+        )
+    , method: "PUT"
+    , multipart:
+      [ {'content-type': 'text/html', 'body': '<html><body>Oh hi.</body></html>'}
+      , {'body': 'Oh hi.'}
+      ]
+    }
+  }
+
+s.listen(s.port, function () {
+
+  var counter = 0
+
+  for (i in tests) {
+    (function () {
+      var test = tests[i]
+      s.on('/'+i, test.resp)
+      test.uri = s.url + '/' + i
+      test.strictSSL = true
+      test.ca = ca
+      test.headers = { host: 'testing.request.mikealrogers.com' }
+      request(test, function (err, resp, body) {
+        if (err) throw err
+        if (test.expectBody) {
+          assert.deepEqual(test.expectBody, body)
+        }
+        counter = counter - 1;
+        if (counter === 0) {
+          console.log(Object.keys(tests).length+" tests passed.")
+          s.close()
+        }
+      })
+      counter++
+    })()
+  }
+})
--- a/packages/wekan-request/tests/test-https.js
+++ b/packages/wekan-request/tests/test-https.js
@ -0,0 +1,87 @@
+var server = require('./server')
+  , assert = require('assert')
+  , request = require('../index')
+
+var s = server.createSSLServer();
+
+var tests =
+  { testGet :
+    { resp : server.createGetResponse("TESTING!")
+    , expectBody: "TESTING!"
+    }
+  , testGetChunkBreak :
+    { resp : server.createChunkResponse(
+      [ new Buffer([239])
+      , new Buffer([163])
+      , new Buffer([191])
+      , new Buffer([206])
+      , new Buffer([169])
+      , new Buffer([226])
+      , new Buffer([152])
+      , new Buffer([131])
+      ])
+    , expectBody: "Ω☃"
+    }
+  , testGetJSON :
+    { resp : server.createGetResponse('{"test":true}', 'application/json')
+    , json : true
+    , expectBody: {"test":true}
+    }
+  , testPutString :
+    { resp : server.createPostValidator("PUTTINGDATA")
+    , method : "PUT"
+    , body : "PUTTINGDATA"
+    }
+  , testPutBuffer :
+    { resp : server.createPostValidator("PUTTINGDATA")
+    , method : "PUT"
+    , body : new Buffer("PUTTINGDATA")
+    }
+  , testPutJSON :
+    { resp : server.createPostValidator(JSON.stringify({foo: 'bar'}))
+    , method: "PUT"
+    , json: {foo: 'bar'}
+    }
+  , testPutMultipart :
+    { resp: server.createPostValidator(
+        '--__BOUNDARY__\r\n' +
+        'content-type: text/html\r\n' +
+        '\r\n' +
+        '<html><body>Oh hi.</body></html>' +
+        '\r\n--__BOUNDARY__\r\n\r\n' +
+        'Oh hi.' +
+        '\r\n--__BOUNDARY__--'
+        )
+    , method: "PUT"
+    , multipart:
+      [ {'content-type': 'text/html', 'body': '<html><body>Oh hi.</body></html>'}
+      , {'body': 'Oh hi.'}
+      ]
+    }
+  }
+
+s.listen(s.port, function () {
+
+  var counter = 0
+
+  for (i in tests) {
+    (function () {
+      var test = tests[i]
+      s.on('/'+i, test.resp)
+      test.uri = s.url + '/' + i
+      test.rejectUnauthorized = false
+      request(test, function (err, resp, body) {
+        if (err) throw err
+        if (test.expectBody) {
+          assert.deepEqual(test.expectBody, body)
+        }
+        counter = counter - 1;
+        if (counter === 0) {
+          console.log(Object.keys(tests).length+" tests passed.")
+          s.close()
+        }
+      })
+      counter++
+    })()
+  }
+})
--- a/packages/wekan-request/tests/test-isUrl.js
+++ b/packages/wekan-request/tests/test-isUrl.js
@ -0,0 +1,28 @@
+var assert = require('assert')
+  , request = require('../index')
+  , http = require('http')
+  ;
+
+var s = http.createServer(function(req, res) {
+  res.statusCode = 200;
+  res.end('');
+}).listen(6767, function () {
+
+  // Test lowercase
+  request('http://localhost:6767', function (err, resp, body) {
+    // just need to get here without throwing an error
+    assert.equal(true, true);
+  })
+
+  // Test uppercase
+  request('HTTP://localhost:6767', function (err, resp, body) {
+    assert.equal(true, true);
+  })
+
+  // Test mixedcase
+  request('HtTp://localhost:6767', function (err, resp, body) {
+    assert.equal(true, true);
+    // clean up
+    s.close();
+  })
+})
--- a/packages/wekan-request/tests/test-localAddress.js
+++ b/packages/wekan-request/tests/test-localAddress.js
@ -0,0 +1,15 @@
+var request = require('../index')
+  , assert = require('assert')
+  ;
+
+request.get({
+  uri: 'http://www.google.com', localAddress: '1.2.3.4' // some invalid address
+}, function(err, res) {
+  assert(!res) // asserting that no response received
+})
+
+request.get({
+  uri: 'http://www.google.com', localAddress: '127.0.0.1'
+}, function(err, res) {
+  assert(!res) // asserting that no response received
+})
--- a/packages/wekan-request/tests/test-node-debug.js
+++ b/packages/wekan-request/tests/test-node-debug.js
@ -0,0 +1,26 @@
+var assert = require('assert')
+  , request = require('../index')
+  , http = require('http')
+  ;
+
+var s = http.createServer(function(req, res) {
+  res.statusCode = 200
+  res.end('')
+}).listen(6767, function () {
+  // a simple request should not fail with NODE_DEBUG
+  process.env.NODE_DEBUG = 'mumblemumble,request'
+
+  var stderr = ''
+  process.stderr.write = (function(write) {
+    return function(string, encoding, fd) {
+      stderr += string
+    }
+  })(process.stderr.write)
+
+  request('http://localhost:6767', function (err, resp, body) {
+    assert.ifError(err, 'the request did not fail')
+    assert.ok(resp, 'the request did not fail')
+    assert.ok(/REQUEST/.test(stderr), 'stderr has some messages')
+    s.close(); // clean up
+  })
+})
--- a/packages/wekan-request/tests/test-oauth.js
+++ b/packages/wekan-request/tests/test-oauth.js
@ -0,0 +1,125 @@
+try {
+  require('oauth-sign')
+} catch (e) {
+  console.error('oauth-sign must be installed to run this test.')
+  console.error('skipping this test. please install oauth-sign and run again if you need to test this feature.')
+  process.exit(0)
+}
+
+var hmacsign = require('oauth-sign').hmacsign
+  , assert = require('assert')
+  , qs = require('querystring')
+  , request = require('../index')
+  ;
+
+function getsignature (r) {
+  var sign
+  r.headers.Authorization.slice('OAuth '.length).replace(/,\ /g, ',').split(',').forEach(function (v) {
+    if (v.slice(0, 'oauth_signature="'.length) === 'oauth_signature="') sign = v.slice('oauth_signature="'.length, -1)
+  })
+  return decodeURIComponent(sign)
+}
+
+// Tests from Twitter documentation https://dev.twitter.com/docs/auth/oauth
+
+var reqsign = hmacsign('POST', 'https://api.twitter.com/oauth/request_token', 
+  { oauth_callback: 'http://localhost:3005/the_dance/process_callback?service_provider_id=11'
+  , oauth_consumer_key: 'GDdmIQH6jhtmLUypg82g'
+  , oauth_nonce: 'QP70eNmVz8jvdPevU3oJD2AfF7R7odC2XJcn4XlZJqk'
+  , oauth_signature_method: 'HMAC-SHA1'
+  , oauth_timestamp: '1272323042'
+  , oauth_version: '1.0'
+  }, "MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98")
+
+console.log(reqsign)
+console.log('8wUi7m5HFQy76nowoCThusfgB+Q=')
+assert.equal(reqsign, '8wUi7m5HFQy76nowoCThusfgB+Q=')
+
+var accsign = hmacsign('POST', 'https://api.twitter.com/oauth/access_token',
+  { oauth_consumer_key: 'GDdmIQH6jhtmLUypg82g'
+  , oauth_nonce: '9zWH6qe0qG7Lc1telCn7FhUbLyVdjEaL3MO5uHxn8'
+  , oauth_signature_method: 'HMAC-SHA1'
+  , oauth_token: '8ldIZyxQeVrFZXFOZH5tAwj6vzJYuLQpl0WUEYtWc'
+  , oauth_timestamp: '1272323047'
+  , oauth_verifier: 'pDNg57prOHapMbhv25RNf75lVRd6JDsni1AJJIDYoTY'
+  , oauth_version: '1.0'
+  }, "MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98", "x6qpRnlEmW9JbQn4PQVVeVG8ZLPEx6A0TOebgwcuA")
+  
+console.log(accsign)
+console.log('PUw/dHA4fnlJYM6RhXk5IU/0fCc=')
+assert.equal(accsign, 'PUw/dHA4fnlJYM6RhXk5IU/0fCc=')
+
+var upsign = hmacsign('POST', 'http://api.twitter.com/1/statuses/update.json', 
+  { oauth_consumer_key: "GDdmIQH6jhtmLUypg82g"
+  , oauth_nonce: "oElnnMTQIZvqvlfXM56aBLAf5noGD0AQR3Fmi7Q6Y"
+  , oauth_signature_method: "HMAC-SHA1"
+  , oauth_token: "819797-Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw"
+  , oauth_timestamp: "1272325550"
+  , oauth_version: "1.0"
+  , status: 'setting up my twitter 私のさえずりを設定する'
+  }, "MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98", "J6zix3FfA9LofH0awS24M3HcBYXO5nI1iYe8EfBA")
+
+console.log(upsign)
+console.log('yOahq5m0YjDDjfjxHaXEsW9D+X0=')
+assert.equal(upsign, 'yOahq5m0YjDDjfjxHaXEsW9D+X0=')
+
+
+var rsign = request.post(
+  { url: 'https://api.twitter.com/oauth/request_token'
+  , oauth: 
+    { callback: 'http://localhost:3005/the_dance/process_callback?service_provider_id=11'
+    , consumer_key: 'GDdmIQH6jhtmLUypg82g'
+    , nonce: 'QP70eNmVz8jvdPevU3oJD2AfF7R7odC2XJcn4XlZJqk'
+    , timestamp: '1272323042'
+    , version: '1.0'
+    , consumer_secret: "MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98"
+    }
+  })
+
+setTimeout(function () {
+  console.log(getsignature(rsign))
+  assert.equal(reqsign, getsignature(rsign))
+})
+
+var raccsign = request.post(
+  { url: 'https://api.twitter.com/oauth/access_token'
+  , oauth:  
+    { consumer_key: 'GDdmIQH6jhtmLUypg82g'
+    , nonce: '9zWH6qe0qG7Lc1telCn7FhUbLyVdjEaL3MO5uHxn8'
+    , signature_method: 'HMAC-SHA1'
+    , token: '8ldIZyxQeVrFZXFOZH5tAwj6vzJYuLQpl0WUEYtWc'
+    , timestamp: '1272323047'
+    , verifier: 'pDNg57prOHapMbhv25RNf75lVRd6JDsni1AJJIDYoTY'
+    , version: '1.0'
+    , consumer_secret: "MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98"
+    , token_secret: "x6qpRnlEmW9JbQn4PQVVeVG8ZLPEx6A0TOebgwcuA" 
+    }
+  })
+
+setTimeout(function () {
+  console.log(getsignature(raccsign))
+  assert.equal(accsign, getsignature(raccsign))
+}, 1) 
+
+var rupsign = request.post(
+  { url: 'http://api.twitter.com/1/statuses/update.json' 
+  , oauth: 
+    { consumer_key: "GDdmIQH6jhtmLUypg82g"
+    , nonce: "oElnnMTQIZvqvlfXM56aBLAf5noGD0AQR3Fmi7Q6Y"
+    , signature_method: "HMAC-SHA1"
+    , token: "819797-Jxq8aYUDRmykzVKrgoLhXSq67TEa5ruc4GJC2rWimw"
+    , timestamp: "1272325550"
+    , version: "1.0"
+    , consumer_secret: "MCD8BKwGdgPHvAuvgvz4EQpqDAtx89grbuNMRd7Eh98"
+    , token_secret: "J6zix3FfA9LofH0awS24M3HcBYXO5nI1iYe8EfBA"
+    }
+  , form: {status: 'setting up my twitter 私のさえずりを設定する'} 
+  })
+setTimeout(function () {
+  console.log(getsignature(rupsign))
+  assert.equal(upsign, getsignature(rupsign))
+}, 1)
+
+
+
+
--- a/packages/wekan-request/tests/test-onelineproxy.js
+++ b/packages/wekan-request/tests/test-onelineproxy.js
@ -0,0 +1,46 @@
+var http = require('http')
+  , assert = require('assert')
+  , request = require('../index')
+  ;
+
+var server = http.createServer(function (req, resp) {
+  resp.statusCode = 200
+  if (req.url === '/get') {
+    assert.equal(req.method, 'GET')
+    resp.write('content')
+    resp.end()
+    return
+  }
+  if (req.url === '/put') {
+    var x = ''
+    assert.equal(req.method, 'PUT')
+    req.on('data', function (chunk) {
+      x += chunk
+    })
+    req.on('end', function () {
+      assert.equal(x, 'content')
+      resp.write('success')
+      resp.end()
+    })
+    return
+  }
+  if (req.url === '/proxy') {
+    assert.equal(req.method, 'PUT')
+    return req.pipe(request('http://localhost:8080/put')).pipe(resp)
+  }
+
+  if (req.url === '/test') {
+    return request('http://localhost:8080/get').pipe(request.put('http://localhost:8080/proxy')).pipe(resp)
+  }
+  throw new Error('Unknown url', req.url)
+}).listen(8080, function () {
+  request('http://localhost:8080/test', function (e, resp, body) {
+    if (e) throw e
+    if (resp.statusCode !== 200) throw new Error('statusCode not 200 ' + resp.statusCode)
+    assert.equal(body, 'success')
+    server.close()
+  })
+})
+
+
+
--- a/packages/wekan-request/tests/test-option-reuse.js
+++ b/packages/wekan-request/tests/test-option-reuse.js
@ -0,0 +1,38 @@
+var assert = require('assert')
+  , request = require('../index')
+  , http = require('http')
+  ;
+
+var count = 0;
+var methodsSeen = {
+  head: 0
+, get: 0
+};
+
+var s = http.createServer(function(req, res) {
+  res.statusCode = 200;
+  res.end('');
+  count++;
+
+  if (req.method.toLowerCase() === 'head') methodsSeen.head++;
+  if (req.method.toLowerCase() === 'get') methodsSeen.get++;
+
+  if (count < 2) return
+  assert(methodsSeen.head === 1);
+  assert(methodsSeen.get === 1);
+}).listen(6767, function () {
+
+  //this is a simple check to see if the options object is be mutilated
+  var url = 'http://localhost:6767';
+  var options = {url: url};
+
+  request.head(options, function (err, resp, body) {
+    assert(Object.keys(options).length === 1);
+    assert(options.url === url);
+    request.get(options, function (err, resp, body) {
+      assert(Object.keys(options).length === 1);
+      assert(options.url === url);
+      s.close();
+    })
+  })
+})
--- a/packages/wekan-request/tests/test-params.js
+++ b/packages/wekan-request/tests/test-params.js
@ -0,0 +1,93 @@
+var server = require('./server')
+  , assert = require('assert')
+  , request = require('../index')
+  ;
+
+var s = server.createServer();
+
+var tests =
+  { testGet :
+    { resp : server.createGetResponse("TESTING!")
+    , expectBody: "TESTING!"
+    }
+    , testGetChunkBreak :
+      { resp : server.createChunkResponse(
+        [ new Buffer([239])
+        , new Buffer([163])
+        , new Buffer([191])
+        , new Buffer([206])
+        , new Buffer([169])
+        , new Buffer([226])
+        , new Buffer([152])
+        , new Buffer([131])
+        ])
+      , expectBody: "Ω☃"
+      }
+    , testGetBuffer :
+      { resp : server.createGetResponse(new Buffer("TESTING!"))
+      , encoding: null
+      , expectBody: new Buffer("TESTING!")
+      }
+    , testGetJSON :
+       { resp : server.createGetResponse('{"test":true}', 'application/json')
+       , json : true
+       , expectBody: {"test":true}
+       }
+    , testPutString :
+      { resp : server.createPostValidator("PUTTINGDATA")
+      , method : "PUT"
+      , body : "PUTTINGDATA"
+      }
+    , testPutBuffer :
+      { resp : server.createPostValidator("PUTTINGDATA")
+      , method : "PUT"
+      , body : new Buffer("PUTTINGDATA")
+      }
+    , testPutJSON :
+      { resp : server.createPostValidator(JSON.stringify({foo: 'bar'}))
+      , method: "PUT"
+      , json: {foo: 'bar'}
+      }
+    , testPutMultipart :
+      { resp: server.createPostValidator(
+          '--__BOUNDARY__\r\n' +
+          'content-type: text/html\r\n' +
+          '\r\n' +
+          '<html><body>Oh hi.</body></html>' +
+          '\r\n--__BOUNDARY__\r\n\r\n' +
+          'Oh hi.' +
+          '\r\n--__BOUNDARY__--'
+          )
+      , method: "PUT"
+      , multipart:
+        [ {'content-type': 'text/html', 'body': '<html><body>Oh hi.</body></html>'}
+        , {'body': 'Oh hi.'}
+        ]
+      }
+  }
+
+s.listen(s.port, function () {
+
+  var counter = 0
+
+  for (i in tests) {
+    (function () {
+      var test = tests[i]
+      s.on('/'+i, test.resp)
+      //test.uri = s.url + '/' + i
+      request(s.url + '/' + i, test, function (err, resp, body) {
+        if (err) throw err
+        if (test.expectBody) {
+          assert.deepEqual(test.expectBody, body)
+        }
+        counter = counter - 1;
+        if (counter === 0) {
+          assert.notEqual(typeof test.callback, 'function')
+          console.log(1 + Object.keys(tests).length+" tests passed.")
+          s.close()
+        }
+      })
+      counter++
+    })()
+  }
+})
--- a/packages/wekan-request/tests/test-piped-redirect.js
+++ b/packages/wekan-request/tests/test-piped-redirect.js
@ -0,0 +1,42 @@
+var http = require('http')
+  , assert = require('assert')
+  , request = require('../index')
+  ;
+
+var portOne = 8968
+  , portTwo = 8969
+  ;
+
+
+// server one
+var s1 = http.createServer(function (req, resp) {
+  if (req.url == '/original') {
+    resp.writeHeader(302, {'location': '/redirected'})
+    resp.end()
+  } else if (req.url == '/redirected') {
+    resp.writeHeader(200, {'content-type': 'text/plain'})
+    resp.write('OK')
+    resp.end()
+  }
+
+}).listen(portOne);
+
+
+// server two
+var s2 = http.createServer(function (req, resp) {
+  var x = request('http://localhost:'+portOne+'/original')
+  req.pipe(x)
+  x.pipe(resp)
+
+}).listen(portTwo, function () {
+  var r = request('http://localhost:'+portTwo+'/original', function (err, res, body) {
+    assert.equal(body, 'OK')
+
+    s1.close()
+    s2.close()
+  });
+
+  // it hangs, so wait a second :)
+  r.timeout = 1000;
+
+})
--- a/packages/wekan-request/tests/test-pipes.js
+++ b/packages/wekan-request/tests/test-pipes.js
@ -0,0 +1,231 @@
+var server = require('./server')
+  , events = require('events')
+  , stream = require('stream')
+  , assert = require('assert')
+  , fs = require('fs')
+  , request = require('../index')
+  , path = require('path')
+  , util = require('util')
+  ;
+
+var s = server.createServer(3453);
+
+function ValidationStream(str) {
+  this.str = str
+  this.buf = ''
+  this.on('data', function (data) {
+    this.buf += data
+  })
+  this.on('end', function () {
+    assert.equal(this.str, this.buf)
+  })
+  this.writable = true
+}
+util.inherits(ValidationStream, stream.Stream)
+ValidationStream.prototype.write = function (chunk) {
+  this.emit('data', chunk)
+}
+ValidationStream.prototype.end = function (chunk) {
+  if (chunk) this.emit('data', chunk)
+  this.emit('end')
+}
+
+s.listen(s.port, function () {
+  var counter = 0;
+
+  var check = function () {
+    counter = counter - 1
+    if (counter === 0) {
+      console.log('All tests passed.')
+      setTimeout(function () {
+        process.exit();
+      }, 500)
+    }
+  }
+
+  // Test pipeing to a request object
+  s.once('/push', server.createPostValidator("mydata"));
+
+  var mydata = new stream.Stream();
+  mydata.readable = true
+
+  counter++
+  var r1 = request.put({url:'http://localhost:3453/push'}, function () {
+    check();
+  })
+  mydata.pipe(r1)
+
+  mydata.emit('data', 'mydata');
+  mydata.emit('end');
+
+  // Test pipeing to a request object with a json body
+  s.once('/push-json', server.createPostValidator("{\"foo\":\"bar\"}", "application/json"));
+
+  var mybodydata = new stream.Stream();
+  mybodydata.readable = true
+
+  counter++
+  var r2 = request.put({url:'http://localhost:3453/push-json',json:true}, function () {
+    check();
+  })
+  mybodydata.pipe(r2)
+
+  mybodydata.emit('data', JSON.stringify({foo:"bar"}));
+  mybodydata.emit('end');
+
+  // Test pipeing from a request object.
+  s.once('/pull', server.createGetResponse("mypulldata"));
+
+  var mypulldata = new stream.Stream();
+  mypulldata.writable = true
+
+  counter++
+  request({url:'http://localhost:3453/pull'}).pipe(mypulldata)
+
+  var d = '';
+
+  mypulldata.write = function (chunk) {
+    d += chunk;
+  }
+  mypulldata.end = function () {
+    assert.equal(d, 'mypulldata');
+    check();
+  };
+
+
+  s.on('/cat', function (req, resp) {
+    if (req.method === "GET") {
+      resp.writeHead(200, {'content-type':'text/plain-test', 'content-length':4});
+      resp.end('asdf')
+    } else if (req.method === "PUT") {
+      assert.equal(req.headers['content-type'], 'text/plain-test');
+      assert.equal(req.headers['content-length'], 4)
+      var validate = '';
+
+      req.on('data', function (chunk) {validate += chunk})
+      req.on('end', function () {
+        resp.writeHead(201);
+        resp.end();
+        assert.equal(validate, 'asdf');
+        check();
+      })
+    }
+  })
+  s.on('/pushjs', function (req, resp) {
+    if (req.method === "PUT") {
+      assert.equal(req.headers['content-type'], 'application/javascript');
+      check();
+    }
+  })
+  s.on('/catresp', function (req, resp) {
+    request.get('http://localhost:3453/cat').pipe(resp)
+  })
+  s.on('/doodle', function (req, resp) {
+    if (req.headers['x-oneline-proxy']) {
+      resp.setHeader('x-oneline-proxy', 'yup')
+    }
+    resp.writeHead('200', {'content-type':'image/jpeg'})
+    fs.createReadStream(path.join(__dirname, 'googledoodle.jpg')).pipe(resp)
+  })
+  s.on('/onelineproxy', function (req, resp) {
+    var x = request('http://localhost:3453/doodle')
+    req.pipe(x)
+    x.pipe(resp)
+  })
+
+  counter++
+  fs.createReadStream(__filename).pipe(request.put('http://localhost:3453/pushjs'))
+
+  counter++
+  request.get('http://localhost:3453/cat').pipe(request.put('http://localhost:3453/cat'))
+
+  counter++
+  request.get('http://localhost:3453/catresp', function (e, resp, body) {
+    assert.equal(resp.headers['content-type'], 'text/plain-test');
+    assert.equal(resp.headers['content-length'], 4)
+    check();
+  })
+
+  var doodleWrite = fs.createWriteStream(path.join(__dirname, 'test.jpg'))
+
+  counter++
+  request.get('http://localhost:3453/doodle').pipe(doodleWrite)
+
+  doodleWrite.on('close', function () {
+    assert.deepEqual(fs.readFileSync(path.join(__dirname, 'googledoodle.jpg')), fs.readFileSync(path.join(__dirname, 'test.jpg')))
+    check()
+  })
+
+  process.on('exit', function () {
+    fs.unlinkSync(path.join(__dirname, 'test.jpg'))
+  })
+
+  counter++
+  request.get({uri:'http://localhost:3453/onelineproxy', headers:{'x-oneline-proxy':'nope'}}, function (err, resp, body) {
+    assert.equal(resp.headers['x-oneline-proxy'], 'yup')
+    check()
+  })
+
+  s.on('/afterresponse', function (req, resp) {
+    resp.write('d')
+    resp.end()
+  })
+
+  counter++
+  var afterresp = request.post('http://localhost:3453/afterresponse').on('response', function () {
+    var v = new ValidationStream('d')
+    afterresp.pipe(v)
+    v.on('end', check)
+  })
+
+  s.on('/forward1', function (req, resp) {
+   resp.writeHead(302, {location:'/forward2'})
+    resp.end()
+  })
+  s.on('/forward2', function (req, resp) {
+    resp.writeHead('200', {'content-type':'image/png'})
+    resp.write('d')
+    resp.end()
+  })
+
+  counter++
+  var validateForward = new ValidationStream('d')
+  validateForward.on('end', check)
+  request.get('http://localhost:3453/forward1').pipe(validateForward)
+
+  // Test pipe options
+  s.once('/opts', server.createGetResponse('opts response'));
+
+  var optsStream = new stream.Stream();
+  optsStream.writable = true
+
+  var optsData = '';
+  optsStream.write = function (buf) {
+    optsData += buf;
+    if (optsData === 'opts response') {
+      setTimeout(check, 10);
+    }
+  }
+
+  optsStream.end = function () {
+    assert.fail('end called')
+  };
+
+  counter++
+  request({url:'http://localhost:3453/opts'}).pipe(optsStream, { end : false })
+
+  // test request.pipefilter is called correctly
+  counter++
+  s.on('/pipefilter', function(req, resp) {
+    resp.end('d')
+  })
+  var validatePipeFilter = new ValidationStream('d')
+
+  var r3 = request.get('http://localhost:3453/pipefilter')
+  r3.pipe(validatePipeFilter)
+  r3.pipefilter = function(resp, dest) {
+    assert.equal(resp, r3.response)
+    assert.equal(dest, validatePipeFilter)
+    check()
+  }
+})
--- a/packages/wekan-request/tests/test-pool.js
+++ b/packages/wekan-request/tests/test-pool.js
@ -0,0 +1,16 @@
+var request = require('../index')
+  , http = require('http')
+  , assert = require('assert')
+  ;
+
+var s = http.createServer(function (req, resp) {
+  resp.statusCode = 200;
+  resp.end('asdf');
+}).listen(8080, function () {
+  request({'url': 'http://localhost:8080', 'pool': false}, function (e, resp) {
+    var agent = resp.request.agent;
+    assert.strictEqual(typeof agent, 'boolean');
+    assert.strictEqual(agent, false);
+    s.close();
+  });
+});
--- a/packages/wekan-request/tests/test-protocol-changing-redirect.js
+++ b/packages/wekan-request/tests/test-protocol-changing-redirect.js
@ -0,0 +1,61 @@
+var server = require('./server')
+  , assert = require('assert')
+  , request = require('../index')
+
+
+var s = server.createServer()
+var ss = server.createSSLServer()
+var sUrl = 'http://localhost:' + s.port
+var ssUrl = 'https://localhost:' + ss.port
+
+s.listen(s.port, bouncy(s, ssUrl))
+ss.listen(ss.port, bouncy(ss, sUrl))
+
+var hits = {}
+var expect = {}
+var pending = 0
+function bouncy (s, server) { return function () {
+
+  var redirs = { a: 'b'
+               , b: 'c'
+               , c: 'd'
+               , d: 'e'
+               , e: 'f'
+               , f: 'g'
+               , g: 'h'
+               , h: 'end' }
+
+  var perm = true
+  Object.keys(redirs).forEach(function (p) {
+    var t = redirs[p]
+
+    // switch type each time
+    var type = perm ? 301 : 302
+    perm = !perm
+    s.on('/' + p, function (req, res) {
+      res.writeHead(type, { location: server + '/' + t })
+      res.end()
+    })
+  })
+
+  s.on('/end', function (req, res) {
+    var h = req.headers['x-test-key']
+    hits[h] = true
+    pending --
+    if (pending === 0) done()
+  })
+}}
+
+for (var i = 0; i < 5; i ++) {
+  pending ++
+  var val = 'test_' + i
+  expect[val] = true
+  request({ url: (i % 2 ? sUrl : ssUrl) + '/a'
+          , headers: { 'x-test-key': val }
+          , rejectUnauthorized: false })
+}
+
+function done () {
+  assert.deepEqual(hits, expect)
+  process.exit(0)
+}
--- a/packages/wekan-request/tests/test-proxy-env.js
+++ b/packages/wekan-request/tests/test-proxy-env.js
@ -0,0 +1,41 @@
+var server = require('./server')
+  , events = require('events')
+  , stream = require('stream')
+  , assert = require('assert')
+  , fs = require('fs')
+  , request = require('../index')
+  , path = require('path')
+  , util = require('util')
+  ;
+
+var port = 6768
+  , called = false
+  , proxiedHost = 'google.com'
+  ;
+
+// set up environment variable
+process.env.HTTP_PROXY = 'http://localhost:'+port;
+  
+var s = server.createServer(port)
+s.listen(port, function () {
+  s.on('http://google.com/', function (req, res) {
+    called = true
+    assert.equal(req.headers.host, proxiedHost)
+    res.writeHeader(200)
+    res.end()
+  })
+  request ({
+    url: 'http://'+proxiedHost,
+    /* should read from HTTP_PROXY env var and 
+    // behave as if these arguments where passed:
+    url: 'http://localhost:'+port,
+    headers: {host: proxiedHost}
+    //*/
+  }, function (err, res, body) {
+    s.close()
+  })
+})
+
+process.on('exit', function () {
+  assert.ok(called, 'the request must be made to the proxy server')
+})
--- a/packages/wekan-request/tests/test-proxy-null.js
+++ b/packages/wekan-request/tests/test-proxy-null.js
@ -0,0 +1,39 @@
+var server = require('./server')
+  , events = require('events')
+  , stream = require('stream')
+  , assert = require('assert')
+  , fs = require('fs')
+  , request = require('../index')
+  , path = require('path')
+  , util = require('util')
+  ;
+
+var port = 6768
+  , called = false
+  , proxiedHost = 'google.com'
+  ;
+
+// set up environment variable
+process.env.HTTP_PROXY = 'http://localhost:'+port;
+  
+var s = server.createServer(port)
+s.listen(port, function () {
+  s.on('http://google.com/', function (req, res) {
+    called = true
+    assert.equal(req.headers.host, proxiedHost)
+    res.writeHeader(200)
+    res.end()
+  })
+  request ({
+    url: 'http://'+proxiedHost,
+    // should not read from HTTP_PROXY env var
+    proxy: null,
+    timeout: 500,
+  }, function (err, res, body) {
+    s.close()
+  })
+})
+
+process.on('exit', function () {
+  assert.ok(!called, 'the request must not be made to the proxy server')
+})
--- a/packages/wekan-request/tests/test-proxy.js
+++ b/packages/wekan-request/tests/test-proxy.js
@ -0,0 +1,39 @@
+var server = require('./server')
+  , events = require('events')
+  , stream = require('stream')
+  , assert = require('assert')
+  , fs = require('fs')
+  , request = require('../index')
+  , path = require('path')
+  , util = require('util')
+  ;
+
+var port = 6768
+  , called = false
+  , proxiedHost = 'google.com'
+  ;
+
+var s = server.createServer(port)
+s.listen(port, function () {
+  s.on('http://google.com/', function (req, res) {
+    called = true
+    assert.equal(req.headers.host, proxiedHost)
+    res.writeHeader(200)
+    res.end()
+  })
+  request ({
+    url: 'http://'+proxiedHost,
+    proxy: 'http://localhost:'+port
+    /*
+    //should behave as if these arguments where passed:
+    url: 'http://localhost:'+port,
+    headers: {host: proxiedHost}
+    //*/
+  }, function (err, res, body) {
+    s.close()
+  })
+})
+
+process.on('exit', function () {
+  assert.ok(called, 'the request must be made to the proxy server')
+})
--- a/packages/wekan-request/tests/test-qs.js
+++ b/packages/wekan-request/tests/test-qs.js
@ -0,0 +1,42 @@
+var request = request = require('../index')
+  , assert = require('assert')
+  ;
+ 
+
+// Test adding a querystring
+var req1 = request.get({ uri: 'http://www.google.com', qs: { q : 'search' }})
+setTimeout(function() {
+	assert.equal('/?q=search', req1.path)
+}, 1)
+
+// Test replacing a querystring value
+var req2 = request.get({ uri: 'http://www.google.com?q=abc', qs: { q : 'search' }})
+setTimeout(function() {
+	assert.equal('/?q=search', req2.path)
+}, 1)
+
+// Test appending a querystring value to the ones present in the uri
+var req3 = request.get({ uri: 'http://www.google.com?x=y', qs: { q : 'search' }})
+setTimeout(function() {
+	assert.equal('/?x=y&q=search', req3.path)
+}, 1)
+
+// Test leaving a querystring alone
+var req4 = request.get({ uri: 'http://www.google.com?x=y'})
+setTimeout(function() {
+	assert.equal('/?x=y', req4.path)
+}, 1)
+
+// Test giving empty qs property
+var req5 = request.get({ uri: 'http://www.google.com', qs: {}})
+setTimeout(function(){
+	assert.equal('/', req5.path)
+}, 1)
+
+
+// Test modifying the qs after creating the request
+var req6 = request.get({ uri: 'http://www.google.com', qs: {}});
+req6.qs({ q: "test" });
+process.nextTick(function() {
+    assert.equal('/?q=test', req6.path);
+});
--- a/packages/wekan-request/tests/test-redirect.js
+++ b/packages/wekan-request/tests/test-redirect.js
@ -0,0 +1,166 @@
+try {
+  require('tough-cookie')
+} catch (e) {
+  console.error('tough-cookie must be installed to run this test.')
+  console.error('skipping this test. please install tough-cookie and run again if you need to test this feature.')
+  process.exit(0)
+}
+
+var server = require('./server')
+  , assert = require('assert')
+  , request = require('../index')
+  ;
+
+var s = server.createServer()
+
+s.listen(s.port, function () {
+  var server = 'http://localhost:' + s.port;
+  var hits = {}
+  var passed = 0;
+
+  bouncer(301, 'temp')
+  bouncer(302, 'perm')
+  bouncer(302, 'nope')
+  bouncer(307, 'fwd')
+
+  function bouncer(code, label) {
+    var landing = label+'_landing';
+
+    s.on('/'+label, function (req, res) {
+      hits[label] = true;
+      res.writeHead(code, {
+        'location':server + '/'+landing,
+        'set-cookie': 'ham=eggs'
+      })
+      res.end()
+    })
+
+    s.on('/'+landing, function (req, res) {
+      // Make sure the cookie doesn't get included twice, see #139:
+      // Make sure cookies are set properly after redirect
+      assert.equal(req.headers.cookie, 'foo=bar; quux=baz; ham=eggs');
+      hits[landing] = true;
+      res.writeHead(200)
+      res.end(req.method.toUpperCase() + ' ' + landing)
+    })
+  }
+
+  // Permanent bounce
+  var jar = request.jar()
+  jar.setCookie('quux=baz', server);
+  request({uri: server+'/perm', jar: jar, headers: {cookie: 'foo=bar'}}, function (er, res, body) {
+    if (er) throw er
+    if (res.statusCode !== 200) throw new Error('Status is not 200: '+res.statusCode)
+    assert.ok(hits.perm, 'Original request is to /perm')
+    assert.ok(hits.perm_landing, 'Forward to permanent landing URL')
+    assert.equal(body, 'GET perm_landing', 'Got permanent landing content')
+    passed += 1
+    done()
+  })
+  
+  // Temporary bounce
+  request({uri: server+'/temp', jar: jar, headers: {cookie: 'foo=bar'}}, function (er, res, body) {
+    if (er) throw er
+    if (res.statusCode !== 200) throw new Error('Status is not 200: '+res.statusCode)
+    assert.ok(hits.temp, 'Original request is to /temp')
+    assert.ok(hits.temp_landing, 'Forward to temporary landing URL')
+    assert.equal(body, 'GET temp_landing', 'Got temporary landing content')
+    passed += 1
+    done()
+  })
+  
+  // Prevent bouncing.
+  request({uri:server+'/nope', jar: jar, headers: {cookie: 'foo=bar'}, followRedirect:false}, function (er, res, body) {
+    if (er) throw er
+    if (res.statusCode !== 302) throw new Error('Status is not 302: '+res.statusCode)
+    assert.ok(hits.nope, 'Original request to /nope')
+    assert.ok(!hits.nope_landing, 'No chasing the redirect')
+    assert.equal(res.statusCode, 302, 'Response is the bounce itself')
+    passed += 1
+    done()
+  })
+  
+  // Should not follow post redirects by default
+  request.post(server+'/temp', { jar: jar, headers: {cookie: 'foo=bar'}}, function (er, res, body) {
+    if (er) throw er
+    if (res.statusCode !== 301) throw new Error('Status is not 301: '+res.statusCode)
+    assert.ok(hits.temp, 'Original request is to /temp')
+    assert.ok(!hits.temp_landing, 'No chasing the redirect when post')
+    assert.equal(res.statusCode, 301, 'Response is the bounce itself')
+    passed += 1
+    done()
+  })
+  
+  // Should follow post redirects when followAllRedirects true
+  request.post({uri:server+'/temp', followAllRedirects:true, jar: jar, headers: {cookie: 'foo=bar'}}, function (er, res, body) {
+    if (er) throw er
+    if (res.statusCode !== 200) throw new Error('Status is not 200: '+res.statusCode)
+    assert.ok(hits.temp, 'Original request is to /temp')
+    assert.ok(hits.temp_landing, 'Forward to temporary landing URL')
+    assert.equal(body, 'GET temp_landing', 'Got temporary landing content')
+    passed += 1
+    done()
+  })
+  
+  request.post({uri:server+'/temp', followAllRedirects:false, jar: jar, headers: {cookie: 'foo=bar'}}, function (er, res, body) {
+    if (er) throw er
+    if (res.statusCode !== 301) throw new Error('Status is not 301: '+res.statusCode)
+    assert.ok(hits.temp, 'Original request is to /temp')
+    assert.ok(!hits.temp_landing, 'No chasing the redirect')
+    assert.equal(res.statusCode, 301, 'Response is the bounce itself')
+    passed += 1
+    done()
+  })
+
+  // Should not follow delete redirects by default
+  request.del(server+'/temp', { jar: jar, headers: {cookie: 'foo=bar'}}, function (er, res, body) {
+    if (er) throw er
+    if (res.statusCode < 301) throw new Error('Status is not a redirect.')
+    assert.ok(hits.temp, 'Original request is to /temp')
+    assert.ok(!hits.temp_landing, 'No chasing the redirect when delete')
+    assert.equal(res.statusCode, 301, 'Response is the bounce itself')
+    passed += 1
+    done()
+  })
+  
+  // Should not follow delete redirects even if followRedirect is set to true
+  request.del(server+'/temp', { followRedirect: true, jar: jar, headers: {cookie: 'foo=bar'}}, function (er, res, body) {
+    if (er) throw er
+    if (res.statusCode !== 301) throw new Error('Status is not 301: '+res.statusCode)
+    assert.ok(hits.temp, 'Original request is to /temp')
+    assert.ok(!hits.temp_landing, 'No chasing the redirect when delete')
+    assert.equal(res.statusCode, 301, 'Response is the bounce itself')
+    passed += 1
+    done()
+  })
+  
+  // Should follow delete redirects when followAllRedirects true
+  request.del(server+'/temp', {followAllRedirects:true, jar: jar, headers: {cookie: 'foo=bar'}}, function (er, res, body) {
+    if (er) throw er
+    if (res.statusCode !== 200) throw new Error('Status is not 200: '+res.statusCode)
+    assert.ok(hits.temp, 'Original request is to /temp')
+    assert.ok(hits.temp_landing, 'Forward to temporary landing URL')
+    assert.equal(body, 'GET temp_landing', 'Got temporary landing content')
+    passed += 1
+    done()
+  })  
+    
+  request.del(server+'/fwd', {followAllRedirects:true, jar: jar, headers: {cookie: 'foo=bar'}}, function (er, res, body) {
+    if (er) throw er
+    if (res.statusCode !== 200) throw new Error('Status is not 200: '+res.statusCode)
+    assert.ok(hits.fwd, 'Original request is to /fwd')
+    assert.ok(hits.fwd_landing, 'Forward to temporary landing URL')
+    assert.equal(body, 'DELETE fwd_landing', 'Got temporary landing content')
+    passed += 1
+    done()
+  })
+
+  var reqs_done = 0;
+  function done() {
+    reqs_done += 1;
+    if(reqs_done == 10) {
+      console.log(passed + ' tests passed.')
+      s.close()
+    }
+  }
+})
--- a/packages/wekan-request/tests/test-timeout.js
+++ b/packages/wekan-request/tests/test-timeout.js
@ -0,0 +1,100 @@
+var server = require('./server')
+  , events = require('events')
+  , stream = require('stream')
+  , assert = require('assert')
+  , request = require('../index')
+  ;
+
+var s = server.createServer();
+var expectedBody = "waited";
+var remainingTests = 6;
+
+s.listen(s.port, function () {
+  // Request that waits for 200ms
+  s.on('/timeout', function (req, resp) {
+    setTimeout(function(){
+      resp.writeHead(200, {'content-type':'text/plain'})
+      resp.write(expectedBody)
+      resp.end()
+    }, 200);
+  });
+
+  // Scenario that should timeout
+  var shouldTimeout = {
+    url: s.url + "/timeout",
+    timeout:100
+  }
+
+
+  request(shouldTimeout, function (err, resp, body) {
+    assert.equal(err.code, "ETIMEDOUT");
+    checkDone();
+  })
+
+
+  var shouldTimeoutWithEvents = {
+    url: s.url + "/timeout",
+    timeout:100
+  }
+
+  var eventsEmitted = 0;
+  request(shouldTimeoutWithEvents)
+    .on('error', function (err) {
+      eventsEmitted++;
+      assert.equal(err.code, eventsEmitted == 1 ? "ETIMEDOUT" : "ECONNRESET");
+      checkDone();
+    })
+
+  // Scenario that shouldn't timeout
+  var shouldntTimeout = {
+    url: s.url + "/timeout",
+    timeout:300
+  }
+
+  request(shouldntTimeout, function (err, resp, body) {
+    assert.equal(err, null);
+    assert.equal(expectedBody, body)
+    checkDone();
+  })
+
+  // Scenario with no timeout set, so shouldn't timeout
+  var noTimeout = {
+    url: s.url + "/timeout"
+  }
+
+  request(noTimeout, function (err, resp, body) {
+    assert.equal(err);
+    assert.equal(expectedBody, body)
+    checkDone();
+  })
+
+  // Scenario with a negative timeout value, should be treated a zero or the minimum delay
+  var negativeTimeout = {
+    url: s.url + "/timeout",
+    timeout:-1000
+  }
+
+  request(negativeTimeout, function (err, resp, body) {
+    assert.equal(err.code, "ETIMEDOUT");
+    checkDone();
+  })
+
+  // Scenario with a float timeout value, should be rounded by setTimeout anyway
+  var floatTimeout = {
+    url: s.url + "/timeout",
+    timeout: 100.76
+  }
+
+  request(floatTimeout, function (err, resp, body) {
+    assert.equal(err.code, "ETIMEDOUT");
+    checkDone();
+  })
+
+  function checkDone() {
+    if(--remainingTests == 0) {
+      s.close();
+      console.log("All tests passed.");
+    }
+  }
+})
+
--- a/packages/wekan-request/tests/test-toJSON.js
+++ b/packages/wekan-request/tests/test-toJSON.js
@ -0,0 +1,14 @@
+var request = require('../index')
+  , http = require('http')
+  , assert = require('assert')
+  ;
+
+var s = http.createServer(function (req, resp) {
+  resp.statusCode = 200
+  resp.end('asdf')
+}).listen(8080, function () {
+  var r = request('http://localhost:8080', function (e, resp) {
+    assert.equal(JSON.parse(JSON.stringify(r)).response.statusCode, 200)
+    s.close()
+  })
+})
--- a/packages/wekan-request/tests/test-tunnel.js
+++ b/packages/wekan-request/tests/test-tunnel.js
@ -0,0 +1,75 @@
+// test that we can tunnel a https request over an http proxy
+// keeping all the CA and whatnot intact.
+//
+// Note: this requires that squid is installed.
+// If the proxy fails to start, we'll just log a warning and assume success.
+
+var server = require('./server')
+  , assert = require('assert')
+  , request = require('../index')
+  , fs = require('fs')
+  , path = require('path')
+  , caFile = path.resolve(__dirname, 'ssl/npm-ca.crt')
+  , ca = fs.readFileSync(caFile)
+  , child_process = require('child_process')
+  , sqConf = path.resolve(__dirname, 'squid.conf')
+  , sqArgs = ['-f', sqConf, '-N', '-d', '5']
+  , proxy = 'http://localhost:3128'
+  , hadError = null
+
+var squid = child_process.spawn('squid', sqArgs);
+var ready = false
+
+squid.stderr.on('data', function (c) {
+  console.error('SQUIDERR ' + c.toString().trim().split('\n')
+               .join('\nSQUIDERR '))
+  ready = c.toString().match(/ready to serve requests|Accepting HTTP Socket connections/i)
+})
+
+squid.stdout.on('data', function (c) {
+  console.error('SQUIDOUT ' + c.toString().trim().split('\n')
+               .join('\nSQUIDOUT '))
+})
+
+squid.on('error', function (c) {
+  console.error('squid: error '+c)
+  if (c && !ready) {
+    notInstalled()
+    return
+  }
+})
+
+squid.on('exit', function (c) {
+  console.error('squid: exit '+c)
+  if (c && !ready) {
+    notInstalled()
+    return
+  }
+
+  if (c) {
+    hadError = hadError || new Error('Squid exited with '+c)
+  }
+  if (hadError) throw hadError
+})
+
+setTimeout(function F () {
+  if (!ready) return setTimeout(F, 100)
+  request({ uri: 'https://registry.npmjs.org/'
+          , proxy: 'http://localhost:3128'
+          , strictSSL: true
+          , ca: ca
+          , json: true }, function (er, body) {
+    hadError = er
+    console.log(er || typeof body)
+    if (!er) console.log("ok")
+    squid.kill('SIGKILL')
+  })
+}, 100)
+
+function notInstalled() {
+  console.error('squid must be installed to run this test.')
+  console.error('skipping this test. please install squid and run again if you need to test tunneling.')
+  c = null
+  hadError = null
+  process.exit(0)
+}
--- a/packages/wekan-request/tests/test-unix.js
+++ b/packages/wekan-request/tests/test-unix.js
@ -0,0 +1,31 @@
+var assert = require('assert')
+  , request = require('../index')
+  , http = require('http')
+  , fs = require('fs')
+  ;
+  
+var path = [null, 'test', 'path'].join('/');
+var socket = [__dirname, 'tmp-socket'].join('/');
+var body = 'connected';
+var statusCode = 200;
+
+var s = http.createServer(function(req, res) {
+  // Assert requested path is sent to server
+  assert.equal(req.url, path);
+  res.statusCode = statusCode;
+  res.end(body);
+}).listen(socket, function () {
+
+  request(['unix://', socket, path].join(''), function (error, response, response_body) {
+    // Assert no error in connection
+    assert.equal(error, null);
+    // Assert http success status code 
+    assert.equal(response.statusCode, statusCode);
+    // Assert expected response body is recieved
+    assert.equal(response_body, body);
+    // clean up
+    s.close();
+    fs.unlink(socket, function(){});
+  })
+  
+})
--- a/packages/wekan-request/tests/unicycle.jpg
+++ b/packages/wekan-request/tests/unicycle.jpg