mirror of
https://github.com/nodejs/node.git
synced 2024-11-21 21:19:50 +01:00
fce53031e5
This change properly decodes the url.username and url.password for the authorization header constructed from the URL object for http(s) requests. Fixes: https://github.com/nodejs/node/issues/31439 PR-URL: https://github.com/nodejs/node/pull/39310 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Robert Nagy <ronagy@icloud.com> Reviewed-By: James M Snell <jasnell@gmail.com>
49 lines
1.1 KiB
JavaScript
49 lines
1.1 KiB
JavaScript
'use strict';
|
|
require('../common');
|
|
const assert = require('assert');
|
|
const http = require('http');
|
|
|
|
const testCases = [
|
|
{
|
|
username: 'test@test"',
|
|
password: '123456^',
|
|
expected: 'dGVzdEB0ZXN0IjoxMjM0NTZe'
|
|
},
|
|
{
|
|
username: 'test%40test',
|
|
password: '123456',
|
|
expected: 'dGVzdEB0ZXN0OjEyMzQ1Ng=='
|
|
},
|
|
{
|
|
username: 'not%3Agood',
|
|
password: 'god',
|
|
expected: 'bm90Omdvb2Q6Z29k'
|
|
},
|
|
{
|
|
username: 'not%22good',
|
|
password: 'g%5Eod',
|
|
expected: 'bm90Imdvb2Q6Z15vZA=='
|
|
},
|
|
{
|
|
username: 'test1234::::',
|
|
password: 'mypass',
|
|
expected: 'dGVzdDEyMzQ6Ojo6Om15cGFzcw=='
|
|
},
|
|
];
|
|
|
|
for (const testCase of testCases) {
|
|
const server = http.createServer(function(request, response) {
|
|
// The correct authorization header is be passed
|
|
assert.strictEqual(request.headers.authorization, `Basic ${testCase.expected}`);
|
|
response.writeHead(200, {});
|
|
response.end('ok');
|
|
server.close();
|
|
});
|
|
|
|
server.listen(0, function() {
|
|
// make the request
|
|
const url = new URL(`http://${testCase.username}:${testCase.password}@localhost:${this.address().port}`);
|
|
http.request(url).end();
|
|
});
|
|
}
|