diff --git a/src/core/operations/FromPunycode.mjs b/src/core/operations/FromPunycode.mjs
new file mode 100644
index 00000000..1a1cebbf
--- /dev/null
+++ b/src/core/operations/FromPunycode.mjs
@@ -0,0 +1,52 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2016
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation";
+import punycode from "punycode";
+
+/**
+ * From Punycode operation
+ */
+class FromPunycode extends Operation {
+
+ /**
+ * FromPunycode constructor
+ */
+ constructor() {
+ super();
+
+ this.name = "From Punycode";
+ this.module = "Encodings";
+ this.description = "Punycode is a way to represent Unicode with the limited character subset of ASCII supported by the Domain Name System.
e.g. mnchen-3ya
decodes to m\xfcnchen
";
+ this.inputType = "string";
+ this.outputType = "string";
+ this.args = [
+ {
+ "name": "Internationalised domain name",
+ "type": "boolean",
+ "value": false
+ }
+ ];
+ }
+
+ /**
+ * @param {string} input
+ * @param {Object[]} args
+ * @returns {string}
+ */
+ run(input, args) {
+ const idn = args[0];
+
+ if (idn) {
+ return punycode.toUnicode(input);
+ } else {
+ return punycode.decode(input);
+ }
+ }
+
+}
+
+export default FromPunycode;
diff --git a/src/core/operations/HTTPRequest.mjs b/src/core/operations/HTTPRequest.mjs
new file mode 100644
index 00000000..6846f97a
--- /dev/null
+++ b/src/core/operations/HTTPRequest.mjs
@@ -0,0 +1,146 @@
+/**
+ * @author tlwr [toby@toby.codes]
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2016
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation";
+import OperationError from "../errors/OperationError";
+
+/**
+ * HTTP request operation
+ */
+class HTTPRequest extends Operation {
+
+ /**
+ * HTTPRequest constructor
+ */
+ constructor() {
+ super();
+
+ this.name = "HTTP request";
+ this.module = "Default";
+ this.description = [
+ "Makes an HTTP request and returns the response.",
+ "
",
+ "This operation supports different HTTP verbs like GET, POST, PUT, etc.",
+ "
",
+ "You can add headers line by line in the format Key: Value
",
+ "
",
+ "The status code of the response, along with a limited selection of exposed headers, can be viewed by checking the 'Show response metadata' option. Only a limited set of response headers are exposed by the browser for security reasons.",
+ ].join("\n");
+ this.inputType = "string";
+ this.outputType = "string";
+ this.manualBake = true;
+ this.args = [
+ {
+ "name": "Method",
+ "type": "option",
+ "value": [
+ "GET", "POST", "HEAD",
+ "PUT", "PATCH", "DELETE",
+ "CONNECT", "TRACE", "OPTIONS"
+ ]
+ },
+ {
+ "name": "URL",
+ "type": "string",
+ "value": ""
+ },
+ {
+ "name": "Headers",
+ "type": "text",
+ "value": ""
+ },
+ {
+ "name": "Mode",
+ "type": "option",
+ "value": [
+ "Cross-Origin Resource Sharing",
+ "No CORS (limited to HEAD, GET or POST)",
+ ]
+ },
+ {
+ "name": "Show response metadata",
+ "type": "boolean",
+ "value": false
+ }
+ ];
+ }
+
+ /**
+ * @param {string} input
+ * @param {Object[]} args
+ * @returns {string}
+ */
+ run(input, args) {
+ const [method, url, headersText, mode, showResponseMetadata] = args;
+
+ if (url.length === 0) return "";
+
+ const headers = new Headers();
+ headersText.split(/\r?\n/).forEach(line => {
+ line = line.trim();
+
+ if (line.length === 0) return;
+
+ const split = line.split(":");
+ if (split.length !== 2) throw `Could not parse header in line: ${line}`;
+
+ headers.set(split[0].trim(), split[1].trim());
+ });
+
+ const config = {
+ method: method,
+ headers: headers,
+ mode: modeLookup[mode],
+ cache: "no-cache",
+ };
+
+ if (method !== "GET" && method !== "HEAD") {
+ config.body = input;
+ }
+
+ return fetch(url, config)
+ .then(r => {
+ if (r.status === 0 && r.type === "opaque") {
+ throw new OperationError("Error: Null response. Try setting the connection mode to CORS.");
+ }
+
+ if (showResponseMetadata) {
+ let headers = "";
+ for (const pair of r.headers.entries()) {
+ headers += " " + pair[0] + ": " + pair[1] + "\n";
+ }
+ return r.text().then(b => {
+ return "####\n Status: " + r.status + " " + r.statusText +
+ "\n Exposed headers:\n" + headers + "####\n\n" + b;
+ });
+ }
+ return r.text();
+ })
+ .catch(e => {
+ throw new OperationError(e.toString() +
+ "\n\nThis error could be caused by one of the following:\n" +
+ " - An invalid URL\n" +
+ " - Making a request to an insecure resource (HTTP) from a secure source (HTTPS)\n" +
+ " - Making a cross-origin request to a server which does not support CORS\n");
+ });
+ }
+
+}
+
+
+/**
+ * Lookup table for HTTP modes
+ *
+ * @private
+ */
+const modeLookup = {
+ "Cross-Origin Resource Sharing": "cors",
+ "No CORS (limited to HEAD, GET or POST)": "no-cors",
+};
+
+
+export default HTTPRequest;
diff --git a/src/core/operations/ParseUserAgent.mjs b/src/core/operations/ParseUserAgent.mjs
new file mode 100644
index 00000000..c1dda3cf
--- /dev/null
+++ b/src/core/operations/ParseUserAgent.mjs
@@ -0,0 +1,55 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2016
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation";
+import UAParser from "ua-parser-js";
+
+/**
+ * Parse User Agent operation
+ */
+class ParseUserAgent extends Operation {
+
+ /**
+ * ParseUserAgent constructor
+ */
+ constructor() {
+ super();
+
+ this.name = "Parse User Agent";
+ this.module = "UserAgent";
+ this.description = "Attempts to identify and categorise information contained in a user-agent string.";
+ this.inputType = "string";
+ this.outputType = "string";
+ this.args = [];
+ }
+
+ /**
+ * @param {string} input
+ * @param {Object[]} args
+ * @returns {string}
+ */
+ run(input, args) {
+ const ua = UAParser(input);
+ return `Browser
+ Name: ${ua.browser.name || "unknown"}
+ Version: ${ua.browser.version || "unknown"}
+Device
+ Model: ${ua.device.model || "unknown"}
+ Type: ${ua.device.type || "unknown"}
+ Vendor: ${ua.device.vendor || "unknown"}
+Engine
+ Name: ${ua.engine.name || "unknown"}
+ Version: ${ua.engine.version || "unknown"}
+OS
+ Name: ${ua.os.name || "unknown"}
+ Version: ${ua.os.version || "unknown"}
+CPU
+ Architecture: ${ua.cpu.architecture || "unknown"}`;
+ }
+
+}
+
+export default ParseUserAgent;
diff --git a/src/core/operations/PseudoRandomNumberGenerator.mjs b/src/core/operations/PseudoRandomNumberGenerator.mjs
new file mode 100644
index 00000000..0b5e45be
--- /dev/null
+++ b/src/core/operations/PseudoRandomNumberGenerator.mjs
@@ -0,0 +1,80 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2016
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation";
+import Utils from "../Utils";
+import forge from "node-forge/dist/forge.min.js";
+import BigNumber from "bignumber.js";
+
+/**
+ * Pseudo-Random Number Generator operation
+ */
+class PseudoRandomNumberGenerator extends Operation {
+
+ /**
+ * PseudoRandomNumberGenerator constructor
+ */
+ constructor() {
+ super();
+
+ this.name = "Pseudo-Random Number Generator";
+ this.module = "Ciphers";
+ this.description = "A cryptographically-secure pseudo-random number generator (PRNG).
This operation uses the browser's built-in crypto.getRandomValues()
method if available. If this cannot be found, it falls back to a Fortuna-based PRNG algorithm.";
+ this.inputType = "string";
+ this.outputType = "string";
+ this.args = [
+ {
+ "name": "Number of bytes",
+ "type": "number",
+ "value": 32
+ },
+ {
+ "name": "Output as",
+ "type": "option",
+ "value": ["Hex", "Integer", "Byte array", "Raw"]
+ }
+ ];
+ }
+
+ /**
+ * @param {string} input
+ * @param {Object[]} args
+ * @returns {string}
+ */
+ run(input, args) {
+ const [numBytes, outputAs] = args;
+
+ let bytes;
+
+ if (ENVIRONMENT_IS_WORKER() && self.crypto) {
+ bytes = self.crypto.getRandomValues(new Uint8Array(numBytes));
+ bytes = Utils.arrayBufferToStr(bytes.buffer);
+ } else {
+ bytes = forge.random.getBytesSync(numBytes);
+ }
+
+ let value = new BigNumber(0),
+ i;
+
+ switch (outputAs) {
+ case "Hex":
+ return forge.util.bytesToHex(bytes);
+ case "Integer":
+ for (i = bytes.length - 1; i >= 0; i--) {
+ value = value.times(256).plus(bytes.charCodeAt(i));
+ }
+ return value.toFixed();
+ case "Byte array":
+ return JSON.stringify(Utils.strToCharcode(bytes));
+ case "Raw":
+ default:
+ return bytes;
+ }
+ }
+
+}
+
+export default PseudoRandomNumberGenerator;
diff --git a/src/core/operations/StripHTTPHeaders.mjs b/src/core/operations/StripHTTPHeaders.mjs
new file mode 100644
index 00000000..a46e675c
--- /dev/null
+++ b/src/core/operations/StripHTTPHeaders.mjs
@@ -0,0 +1,42 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2016
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation";
+
+/**
+ * Strip HTTP headers operation
+ */
+class StripHTTPHeaders extends Operation {
+
+ /**
+ * StripHTTPHeaders constructor
+ */
+ constructor() {
+ super();
+
+ this.name = "Strip HTTP headers";
+ this.module = "Default";
+ this.description = "Removes HTTP headers from a request or response by looking for the first instance of a double newline.";
+ this.inputType = "string";
+ this.outputType = "string";
+ this.args = [];
+ }
+
+ /**
+ * @param {string} input
+ * @param {Object[]} args
+ * @returns {string}
+ */
+ run(input, args) {
+ let headerEnd = input.indexOf("\r\n\r\n");
+ headerEnd = (headerEnd < 0) ? input.indexOf("\n\n") + 2 : headerEnd + 4;
+
+ return (headerEnd < 2) ? input : input.slice(headerEnd, input.length);
+ }
+
+}
+
+export default StripHTTPHeaders;
diff --git a/src/core/operations/ToPunycode.mjs b/src/core/operations/ToPunycode.mjs
new file mode 100644
index 00000000..8951cb5f
--- /dev/null
+++ b/src/core/operations/ToPunycode.mjs
@@ -0,0 +1,52 @@
+/**
+ * @author n1474335 [n1474335@gmail.com]
+ * @copyright Crown Copyright 2016
+ * @license Apache-2.0
+ */
+
+import Operation from "../Operation";
+import punycode from "punycode";
+
+/**
+ * To Punycode operation
+ */
+class ToPunycode extends Operation {
+
+ /**
+ * ToPunycode constructor
+ */
+ constructor() {
+ super();
+
+ this.name = "To Punycode";
+ this.module = "Encodings";
+ this.description = "Punycode is a way to represent Unicode with the limited character subset of ASCII supported by the Domain Name System.
e.g. m\xfcnchen
encodes to mnchen-3ya
";
+ this.inputType = "string";
+ this.outputType = "string";
+ this.args = [
+ {
+ "name": "Internationalised domain name",
+ "type": "boolean",
+ "value": false
+ }
+ ];
+ }
+
+ /**
+ * @param {string} input
+ * @param {Object[]} args
+ * @returns {string}
+ */
+ run(input, args) {
+ const idn = args[0];
+
+ if (idn) {
+ return punycode.toASCII(input);
+ } else {
+ return punycode.encode(input);
+ }
+ }
+
+}
+
+export default ToPunycode;