From 0b4c8e1c8452366673e2943d64ad97c74ab9414c Mon Sep 17 00:00:00 2001 From: Carlos Fuentes Date: Wed, 26 Oct 2022 11:04:14 +0200 Subject: [PATCH] refactor: apply review suggestions --- lib/fetch/constants.js | 14 +++++++++++++- lib/fetch/util.js | 32 +++++--------------------------- 2 files changed, 18 insertions(+), 28 deletions(-) diff --git a/lib/fetch/constants.js b/lib/fetch/constants.js index fe5028304b0..87eea34e0a9 100644 --- a/lib/fetch/constants.js +++ b/lib/fetch/constants.js @@ -8,6 +8,17 @@ const nullBodyStatus = [101, 204, 205, 304] const redirectStatus = [301, 302, 303, 307, 308] +// https://fetch.spec.whatwg.org/#block-bad-port +const badPorts = [ + '1', '7', '9', '11', '13', '15', '17', '19', '20', '21', '22', '23', '25', '37', '42', '43', '53', '69', '77', '79', + '87', '95', '101', '102', '103', '104', '109', '110', '111', '113', '115', '117', '119', '123', '135', '137', + '139', '143', '161', '179', '389', '427', '465', '512', '513', '514', '515', '526', '530', '531', '532', + '540', '548', '554', '556', '563', '587', '601', '636', '989', '990', '993', '995', '1719', '1720', '1723', + '2049', '3659', '4045', '5060', '5061', '6000', '6566', '6665', '6666', '6667', '6668', '6669', '6697', + '10080' +] + +// https://w3c.github.io/webappsec-referrer-policy/#referrer-policies const referrerPolicy = [ '', 'no-referrer', @@ -108,5 +119,6 @@ module.exports = { redirectStatus, corsSafeListedMethods, nullBodyStatus, - safeMethods + safeMethods, + badPorts } diff --git a/lib/fetch/util.js b/lib/fetch/util.js index 3c7d1608077..7d63b405628 100644 --- a/lib/fetch/util.js +++ b/lib/fetch/util.js @@ -1,6 +1,6 @@ 'use strict' -const { redirectStatus } = require('./constants') +const { redirectStatus, badPorts, referrerPolicy: referrerPolicyTokens } = require('./constants') const { performance } = require('perf_hooks') const { isBlobLike, toUSVString, ReadableStreamFrom } = require('../core/util') const assert = require('assert') @@ -16,28 +16,6 @@ try { } -// https://fetch.spec.whatwg.org/#block-bad-port -const badPorts = [ - '1', '7', '9', '11', '13', '15', '17', '19', '20', '21', '22', '23', '25', '37', '42', '43', '53', '69', '77', '79', - '87', '95', '101', '102', '103', '104', '109', '110', '111', '113', '115', '117', '119', '123', '135', '137', - '139', '143', '161', '179', '389', '427', '465', '512', '513', '514', '515', '526', '530', '531', '532', - '540', '548', '554', '556', '563', '587', '601', '636', '989', '990', '993', '995', '1719', '1720', '1723', - '2049', '3659', '4045', '5060', '5061', '6000', '6566', '6665', '6666', '6667', '6668', '6669', '6697', - '10080' -] - -// https://w3c.github.io/webappsec-referrer-policy/#referrer-policies -const referrerPolicyTokens = [ - 'no-referrer', - 'no-referrer-when-downgrade', - 'same-origin', - 'origin', - 'strict-origin', - 'origin-when-cross-origin', - 'strict-origin-when-cross-origin', - 'unsafe-url' -] - function responseURL (response) { // https://fetch.spec.whatwg.org/#responses // A response has an associated URL. It is a pointer to the last URL @@ -219,14 +197,14 @@ function setRequestReferrerPolicyOnRedirect (request, actualResponse) { // 2. Let policy be the empty string. // 3. For each token in policy-tokens, if token is a referrer policy and token is not the empty string, then set policy to token. // 4. Return policy. - const token = headersList.get('referrer-policy') ?? '' + const policy = headersList.get('referrer-policy') ?? '' // 2. If policy is not the empty string, then set request’s referrer policy to policy. - if (token !== '') { + if (policy !== '') { for (const policyToken of referrerPolicyTokens) { // if token is a referrer policy and token is not an empty string, then set policy to token. - if (token === policyToken) { - request.referrerPolicy = token + if (policy === policyToken) { + request.referrerPolicy = policy break } }