diff options
author | Albert Still <albertjamesstill@gmail.com> | 2019-01-21 17:47:32 +1100 |
---|---|---|
committer | Matteo Collina <hello@matteocollina.com> | 2019-02-01 19:48:23 +0100 |
commit | bcf2886a84407028572fd1084242a1c789c056f8 (patch) | |
tree | 7453ccd2287079cc3755ae4f2a3e4e7ab79fc2da /test/parallel/test-http-header-overflow.js | |
parent | a861adde3bc22dec07e67f199be5f2c2aa226b44 (diff) | |
download | android-node-v8-bcf2886a84407028572fd1084242a1c789c056f8.tar.gz android-node-v8-bcf2886a84407028572fd1084242a1c789c056f8.tar.bz2 android-node-v8-bcf2886a84407028572fd1084242a1c789c056f8.zip |
http: return HTTP 431 on HPE_HEADER_OVERFLOW error
Instead of returning a generic 400 response when the
max header size is reached, return a 431 Request Header
Fields Too Large.
This is a semver-major because it changes the HTTP
status code for requests that trigger the header
overflow error.
PR-URL: https://github.com/nodejs/node/pull/25605
Fixes: https://github.com/nodejs/node/issues/25528
Refs: https://tools.ietf.org/html/rfc6585#section-5
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Diffstat (limited to 'test/parallel/test-http-header-overflow.js')
-rw-r--r-- | test/parallel/test-http-header-overflow.js | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/test/parallel/test-http-header-overflow.js b/test/parallel/test-http-header-overflow.js new file mode 100644 index 0000000000..a9bf5cbfa0 --- /dev/null +++ b/test/parallel/test-http-header-overflow.js @@ -0,0 +1,47 @@ +'use strict'; +const assert = require('assert'); +const { createServer, maxHeaderSize } = require('http'); +const { createConnection } = require('net'); +const { expectsError, mustCall } = require('../common'); + +const CRLF = '\r\n'; +const DUMMY_HEADER_NAME = 'Cookie: '; +const DUMMY_HEADER_VALUE = 'a'.repeat( + // plus one is to make it 1 byte too big + maxHeaderSize - DUMMY_HEADER_NAME.length - (2 * CRLF.length) + 1 +); +const PAYLOAD_GET = 'GET /blah HTTP/1.1'; +const PAYLOAD = PAYLOAD_GET + CRLF + + DUMMY_HEADER_NAME + DUMMY_HEADER_VALUE + CRLF.repeat(2); + +const server = createServer(); + +server.on('connection', mustCall((socket) => { + socket.on('error', expectsError({ + type: Error, + message: 'Parse Error', + code: 'HPE_HEADER_OVERFLOW', + bytesParsed: maxHeaderSize + PAYLOAD_GET.length, + rawPacket: Buffer.from(PAYLOAD) + })); +})); + +server.listen(0, mustCall(() => { + const c = createConnection(server.address().port); + let received = ''; + + c.on('connect', mustCall(() => { + c.write(PAYLOAD); + })); + c.on('data', mustCall((data) => { + received += data.toString(); + })); + c.on('end', mustCall(() => { + assert.strictEqual( + received, + 'HTTP/1.1 431 Request Header Fields Too Large\r\n\r\n' + ); + c.end(); + })); + c.on('close', mustCall(() => server.close())); +})); |