diff options
author | Bert Belder <bertbelder@gmail.com> | 2012-11-19 20:42:35 +0100 |
---|---|---|
committer | isaacs <i@izs.me> | 2012-12-07 17:13:51 -0800 |
commit | 3c293ba27250f1885efa8d8db8e75d3ea033c206 (patch) | |
tree | b7ca8e128589e481844600f5cc9c76e22a644d9c /lib/http.js | |
parent | 0e95ea42ceec77370c97c87d7b027e70c9e10fa0 (diff) | |
download | android-node-v8-3c293ba27250f1885efa8d8db8e75d3ea033c206.tar.gz android-node-v8-3c293ba27250f1885efa8d8db8e75d3ea033c206.tar.bz2 android-node-v8-3c293ba27250f1885efa8d8db8e75d3ea033c206.zip |
http: protect against response splitting attacks
Diffstat (limited to 'lib/http.js')
-rw-r--r-- | lib/http.js | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/http.js b/lib/http.js index ef85c1cddf..62b2ffe052 100644 --- a/lib/http.js +++ b/lib/http.js @@ -551,6 +551,11 @@ OutgoingMessage.prototype._storeHeader = function(firstLine, headers) { var self = this; function store(field, value) { + // Protect against response splitting. The if statement is there to + // minimize the performance impact in the common case. + if (/[\r\n]/.test(value)) + value = value.replace(/[\r\n]+[ \t]*/g, ''); + messageHeader += field + ': ' + value + CRLF; if (connectionExpression.test(field)) { |