You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A useful error or proper network error response as defined by the spec
Actual result:
The runtime throws an "internal error" due to a triggered assert in kj/compat/http.c++
What's the issue:
In the initial request, the runtime will validate that the request URL is http:// or https://, with additional special handling around ws:// and wss:// URLs. When a redirect response is processed and we generate a new request URL from the location header, we are not applying the same checks so we end up passing a non-http URL down to the kj http client, which fails with an assertion. We need to be properly validating the redirect url.
The text was updated successfully, but these errors were encountered:
Hmm... interesting... further testing is showing this case being handled correctly in some instances. I've seen the assertion in some cases (like the repro above) but not others (which end up returning a proper 404 not found)... weird. Will keep investigating.
Reproduction:
Expected result:
A useful error or proper network error response as defined by the spec
Actual result:
The runtime throws an "internal error" due to a triggered assert in
kj/compat/http.c++
What's the issue:
In the initial request, the runtime will validate that the request URL is
http://
orhttps://
, with additional special handling aroundws://
andwss://
URLs. When a redirect response is processed and we generate a new request URL from thelocation
header, we are not applying the same checks so we end up passing a non-http URL down to the kj http client, which fails with an assertion. We need to be properly validating the redirect url.The text was updated successfully, but these errors were encountered: