Correct the type of DispatchOptions["headers"] #1896
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
According to core/util@parseHeaders, the current behavior is: - By default, the entry type is a `string`. - The type turns to a `string[]` when there are duplicated entries. This behavior is not as same as what `node:http` does currently; therefore, `IncomingHttpHeaders` can't reflect our parsed data. This commit attempts to reflect this parsing behavior by redefining it to `Record<string, string | string[]>`. Fixed nodejs#1892 The simpler solution of nodejs#1893 Signed-off-by: pan93412 <pan93412@gmail.com>
pan93412
force-pushed
the
redefine-type
branch
from
35b391f
to
4bc791f
Compare
Codecov ReportBase: 90.33% // Head: 90.33% // No change to project coverage 👍
Additional details and impacted files@@ Coverage Diff @@
## main #1896 +/- ##
=======================================
Coverage 90.33% 90.33%
=======================================
Files 70 70
Lines 6045 6045
=======================================
Hits 5461 5461
Misses 584 584 Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
SimenB
reviewed
Feb 13, 2023
7 tasks
pan93412
added a commit
to pan93412/undici
that referenced
this pull request
Feb 13, 2023
nodejs#1896 (comment) Signed-off-by: pan93412 <pan93412@gmail.com>
mcollina
pushed a commit
that referenced
this pull request
Feb 15, 2023
* fix: Allow “undefined“ as value in headers #1896 (comment) Signed-off-by: pan93412 <pan93412@gmail.com> * test: Add test for our IncomingHttpHeaders Co-Authored-By: Simen Bekkhus <sbekkhus91@gmail.com> Signed-off-by: pan93412 <pan93412@gmail.com> * chore: Upgrade TypeScript to 4.9.5 Signed-off-by: pan93412 <pan93412@gmail.com> --------- Signed-off-by: pan93412 <pan93412@gmail.com> Co-authored-by: Simen Bekkhus <sbekkhus91@gmail.com>
anonrig
pushed a commit
to anonrig/undici
that referenced
this pull request
Apr 4, 2023
anonrig
pushed a commit
to anonrig/undici
that referenced
this pull request
Apr 4, 2023
* fix: Allow “undefined“ as value in headers nodejs#1896 (comment) Signed-off-by: pan93412 <pan93412@gmail.com> * test: Add test for our IncomingHttpHeaders Co-Authored-By: Simen Bekkhus <sbekkhus91@gmail.com> Signed-off-by: pan93412 <pan93412@gmail.com> * chore: Upgrade TypeScript to 4.9.5 Signed-off-by: pan93412 <pan93412@gmail.com> --------- Signed-off-by: pan93412 <pan93412@gmail.com> Co-authored-by: Simen Bekkhus <sbekkhus91@gmail.com>
7 tasks
metcoder95
pushed a commit
to metcoder95/undici
that referenced
this pull request
Jul 21, 2023
metcoder95
pushed a commit
to metcoder95/undici
that referenced
this pull request
Jul 21, 2023
* fix: Allow “undefined“ as value in headers nodejs#1896 (comment) Signed-off-by: pan93412 <pan93412@gmail.com> * test: Add test for our IncomingHttpHeaders Co-Authored-By: Simen Bekkhus <sbekkhus91@gmail.com> Signed-off-by: pan93412 <pan93412@gmail.com> * chore: Upgrade TypeScript to 4.9.5 Signed-off-by: pan93412 <pan93412@gmail.com> --------- Signed-off-by: pan93412 <pan93412@gmail.com> Co-authored-by: Simen Bekkhus <sbekkhus91@gmail.com>
kodiakhq bot
pushed a commit
to X-oss-byte/Canary-nextjs
that referenced
this pull request
Sep 18, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [undici](https://undici.nodejs.org) ([source](https://togithub.com/nodejs/undici)) | [`5.14.0` -> `5.19.1`](https://renovatebot.com/diffs/npm/undici/5.14.0/5.19.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2023-23936](https://togithub.com/nodejs/undici/security/advisories/GHSA-5r9g-qh6m-jxff) ### Impact undici library does not protect `host` HTTP header from CRLF injection vulnerabilities. ### Patches This issue was patched in Undici v5.19.1. ### Workarounds Sanitize the `headers.host` string before passing to undici. ### References Reported at https://hackerone.com/reports/1820955. ### Credits Thank you to Zhipeng Zhang ([@​timon8](https://hackerone.com/timon8)) for reporting this vulnerability. --- ### Release Notes <details> <summary>nodejs/undici (undici)</summary> ### [`v5.19.1`](https://togithub.com/nodejs/undici/releases/tag/v5.19.1) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.19.0...v5.19.1) ####⚠️ Security Release⚠️ - [Regular Expression Denial of Service in Headers](https://togithub.com/nodejs/undici/security/advisories/GHSA-r6ch-mqf9-qc9w) with CVE-2023-24807 - [CRLF Injection in Nodejs ‘undici’ via host](https://togithub.com/nodejs/undici/security/advisories/GHSA-5r9g-qh6m-jxff) with CVE-2023-23936 This release is part of the Node.js security release train: https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/ ### [`v5.19.0`](https://togithub.com/nodejs/undici/releases/tag/v5.19.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.18.0...v5.19.0) #### What's Changed - fix(fetch): raise AbortSignal max event listeners by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1910 - fix: content-disposition header parsing by [@​climba03003](https://togithub.com/climba03003) in [nodejs/undici#1911 - fix: remove test by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1916 - feat: add Headers.prototype.getSetCookie by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1915 - fix(headers): clone getSetCookie list & add getSetCookie type by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1917 - doc(mock): update out-of-date reply documentation by [@​p9f](https://togithub.com/p9f) in [nodejs/undici#1913 - fix(types): add missing keepAlive params by [@​SkeLLLa](https://togithub.com/SkeLLLa) in [nodejs/undici#1918 - Make the fetch() abort test pass locally, on Linux and Mac, Node 18/19. by [@​mcollina](https://togithub.com/mcollina) in [nodejs/undici#1927 #### New Contributors - [@​climba03003](https://togithub.com/climba03003) made their first contribution in [nodejs/undici#1911 - [@​p9f](https://togithub.com/p9f) made their first contribution in [nodejs/undici#1913 **Full Changelog**: nodejs/undici@v5.18.0...v5.19.0 ### [`v5.18.0`](https://togithub.com/nodejs/undici/releases/tag/v5.18.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.17.1...v5.18.0) ##### What's Changed - Add ability to set TCP keepalive by [@​xconverge](https://togithub.com/xconverge) in [nodejs/undici#1904 - use faster timers by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1908 - fix: ensure header value is a string by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1899 **Full Changelog**: nodejs/undici@v5.17.1...v5.18.0 ### [`v5.17.1`](https://togithub.com/nodejs/undici/releases/tag/v5.17.1) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.17.0...v5.17.1) #### What's Changed - fix: bad buffer slice (nodejs/undici@d2be675) **Full Changelog**: nodejs/undici@v5.17.0...v5.17.1 ### [`v5.17.0`](https://togithub.com/nodejs/undici/releases/tag/v5.17.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.16.0...v5.17.0) #### What's Changed - fix(wpts): Blob is a global getter in >=v19.x.x by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1880 - doc: fix anchor links dispatcher.stream by [@​RafaelGSS](https://togithub.com/RafaelGSS) in [nodejs/undici#1881 - wpt: make runner more resilient by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1884 - Make test pass in v19.x by [@​mcollina](https://togithub.com/mcollina) in [nodejs/undici#1879 - Correct the type of DispatchOptions\["headers"] by [@​pan93412](https://togithub.com/pan93412) in [nodejs/undici#1896 - perf(content-type parser): faster string collector by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1894 - feat: expose content-type parser by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1895 - fix(types): Update DispatchOptions type for missing "blocking" by [@​xconverge](https://togithub.com/xconverge) in [nodejs/undici#1889 - fix(types): update error type definitions by [@​rafaelcr](https://togithub.com/rafaelcr) in [nodejs/undici#1888 - fix: ensure connection header is a string by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1900 - fix: throw if invalid content-type header by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1901 - fix(fetch): use semicolon for Cookie header delimiter by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1906 - Use FastBuffer by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1907 #### New Contributors - [@​pan93412](https://togithub.com/pan93412) made their first contribution in [nodejs/undici#1896 - [@​rafaelcr](https://togithub.com/rafaelcr) made their first contribution in [nodejs/undici#1888 **Full Changelog**: nodejs/undici@v5.16.0...v5.17.0 ### [`v5.16.0`](https://togithub.com/nodejs/undici/releases/tag/v5.16.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.15.2...v5.16.0) #### What's Changed - Add feature to specify custom headers for proxies by [@​Sebmaster](https://togithub.com/Sebmaster) in [nodejs/undici#1877 #### New Contributors - [@​Sebmaster](https://togithub.com/Sebmaster) made their first contribution in [nodejs/undici#1877 **Full Changelog**: nodejs/undici@v5.15.2...v5.16.0 ### [`v5.15.2`](https://togithub.com/nodejs/undici/compare/9d5f23177408dc16d3d4cbb8cebf463081c54e16...9457c9719029945ef9ff36b71d58557443730942) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.15.1...v5.15.2) ### [`v5.15.1`](https://togithub.com/nodejs/undici/releases/tag/v5.15.1) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.15.0...v5.15.1) #### What's Changed - fix(websocket): simplify typedarray copying by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1854 - fix: wpts on node v18.13.0+ by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1859 - perf: allow keep alive for HEAD requests by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1858 - fix: flaky abort test by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1863 **Full Changelog**: nodejs/undici@v5.15.0...v5.15.1 ### [`v5.15.0`](https://togithub.com/nodejs/undici/releases/tag/v5.15.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.14.0...v5.15.0) #### What's Changed - \[types] update ProxyAgent Options (timeout) by [@​sosoba](https://togithub.com/sosoba) in [nodejs/undici#1801 - feat: implement websockets by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1795 - feat(websocket): handle ping/pong frames & fix fragmented frames by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1809 - docs: add basic fetch & company docs by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1810 - make formdata body immutable and encode it only once by [@​jimmywarting](https://togithub.com/jimmywarting) in [nodejs/undici#1814 - test: add regression test for [#​1814](https://togithub.com/nodejs/undici/issues/1814) by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1815 - feat(websocket): only consume necessary bytes by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1812 - websocket: use Buffer.allocUnsafe by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1817 - build(deps-dev): bump [@​sinonjs/fake-timers](https://togithub.com/sinonjs/fake-timers) from 9.1.2 to 10.0.2 by [@​dependabot](https://togithub.com/dependabot) in [nodejs/undici#1819 - fix(websocket): deprecation warning & 64-bit unsigned int body length by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1818 - Use nodejs.stream.destroyed symbol by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1816 - fetch: removal of redundant condition by [@​debadree25](https://togithub.com/debadree25) in [nodejs/undici#1821 - fix(request): request headers array by [@​jd-carroll](https://togithub.com/jd-carroll) in [nodejs/undici#1807 - fix(websocket): validate payload length received by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1822 - fix(websocket): run parser in loop, instead of recursively by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1828 - fix(fetch): weaker refs by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1824 - websocket: add tests for opening handshake by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1831 - websocket: add tests for constructor, close, and send by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1832 - websocket: more test coverage by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1833 - fix(WPTs): flaky abort test by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1835 - wpt: add test by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1836 - fix: don't send keep-alive if we want reset by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1846 - fetch: update body consume to match spec by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1847 - feat: allow connection header in request by [@​metcoder95](https://togithub.com/metcoder95) in [nodejs/undici#1829 - feat: add cookie parsing ability by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1848 - fix(cookie): add docs & expose in node v16 by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1849 - fix(cookies): work with global Headers by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1850 - docs(Dispatcher): adjust documentation for reset flag by [@​metcoder95](https://togithub.com/metcoder95) in [nodejs/undici#1852 - Fix broken interceptor test by [@​mcollina](https://togithub.com/mcollina) in [nodejs/undici#1853 #### New Contributors - [@​sosoba](https://togithub.com/sosoba) made their first contribution in [nodejs/undici#1801 - [@​debadree25](https://togithub.com/debadree25) made their first contribution in [nodejs/undici#1821 - [@​jd-carroll](https://togithub.com/jd-carroll) made their first contribution in [nodejs/undici#1807 **Full Changelog**: nodejs/undici@v5.14.0...v5.15.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/sammyfilly/Canary-nextjs).
crysmags
pushed a commit
to crysmags/undici
that referenced
this pull request
Feb 27, 2024
](https://renovatebot.com){kind=link}
crysmags
pushed a commit
to crysmags/undici
that referenced
this pull request
Feb 27, 2024
* fix: Allow “undefined“ as value in headers nodejs#1896 (comment) Signed-off-by: pan93412 <pan93412@gmail.com> * test: Add test for our IncomingHttpHeaders Co-Authored-By: Simen Bekkhus <sbekkhus91@gmail.com> Signed-off-by: pan93412 <pan93412@gmail.com> * chore: Upgrade TypeScript to 4.9.5 Signed-off-by: pan93412 <pan93412@gmail.com> --------- Signed-off-by: pan93412 <pan93412@gmail.com> Co-authored-by: Simen Bekkhus <sbekkhus91@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This relates to...
Fixed #1892
The simpler solution of #1893
Rationale
According to core/util@parseHeaders, the current behavior is:
string.string[]when there are duplicated entries.This behavior is not as same as what
node:httpdoes currently; therefore,IncomingHttpHeaderscan't reflect our parsed data.Changes
This commit attempts to reflect this parsing behavior by redefining it to
Record<string, string | string[]>.Features
N/A
Bug Fixes
See Changes.
Breaking Changes and Deprecations
Status
KEY: S = Skipped, x = complete
Benchmarked (optional)Note that I can't pass
npm run test. Seems not related: