Nodejs/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 10:59:27 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity
main
node/test/parallel/test-http-early-hints-invalid-argument.js
Steve Herzog d0531eb752
http: fix validation of "Link" header 
Updated regex for "Link" header validation to better match the
specification in RFC 8288 section 3. Does not check for valid URI
format but handles the rest of the header more permissively than
before. Alternative to another outstanding PR that disables validation
entirely.

Fixes: https://github.com/nodejs/node/issues/46453
Refs: https://www.rfc-editor.org/rfc/rfc8288.html#section-3
Refs: https://github.com/nodejs/node/pull/46464
PR-URL: https://github.com/nodejs/node/pull/46466
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
2023-02-23 09:54:33 +00:00

50 lines
1.2 KiB
JavaScript
Raw Permalink Blame History

'use strict';
const common = require('../common');
const assert = require('node:assert');
const http = require('node:http');
const debug = require('node:util').debuglog('test');
const testResBody = 'response content\n';
{
const server = http.createServer(common.mustCall((req, res) => {
debug('Server sending early hints...');
assert.throws(() => {
res.writeEarlyHints('bad argument type');
}, (err) => err.code === 'ERR_INVALID_ARG_TYPE');
assert.throws(() => {
res.writeEarlyHints({
link: '</>; '
});
}, (err) => err.code === 'ERR_INVALID_ARG_VALUE');
assert.throws(() => {
res.writeEarlyHints({
link: 'rel=preload; </scripts.js>'
});
}, (err) => err.code === 'ERR_INVALID_ARG_VALUE');
assert.throws(() => {
res.writeEarlyHints({
link: 'invalid string'
});
}, (err) => err.code === 'ERR_INVALID_ARG_VALUE');
debug('Server sending full response...');
res.end(testResBody);
server.close();
}));
server.listen(0, common.mustCall(() => {
const req = http.request({
port: server.address().port, path: '/'
});
req.end();
debug('Client sending request...');
req.on('information', common.mustNotCall());
}));
}
Reference in New Issue View Git Blame Copy Permalink