http: concatenate outgoing Cookie headers

This commit enables automatic concatenation of multiple Cookie header values with a semicolon, except when 2D header arrays are used. Fixes: #11256 PR-URL: #11259 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Roman Reiss <[email protected]> Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
nodejs · Mar 9, 2017 · d348077 · d348077
1 parent 6b2cef6
commit d348077
Show file tree

Hide file tree

Showing 2 changed files with 112 additions and 58 deletions.
diff --git a/lib/_http_outgoing.js b/lib/_http_outgoing.js
@@ -20,6 +20,27 @@ var RE_FIELDS = new RegExp('^(?:Connection|Transfer-Encoding|Content-Length|' +
 var RE_CONN_VALUES = /(?:^|\W)close|upgrade(?:$|\W)/ig;
 var RE_TE_CHUNKED = common.chunkExpression;
 
+// isCookieField performs a case-insensitive comparison of a provided string
+// against the word "cookie." This method (at least as of V8 5.4) is faster than
+// the equivalent case-insensitive regexp, even if isCookieField does not get
+// inlined.
+function isCookieField(s) {
+ if (s.length !== 6) return false;
+ var ch = s.charCodeAt(0);
+ if (ch !== 99 && ch !== 67) return false;
+ ch = s.charCodeAt(1);
+ if (ch !== 111 && ch !== 79) return false;
+ ch = s.charCodeAt(2);
+ if (ch !== 111 && ch !== 79) return false;
+ ch = s.charCodeAt(3);
+ if (ch !== 107 && ch !== 75) return false;
+ ch = s.charCodeAt(4);
+ if (ch !== 105 && ch !== 73) return false;
+ ch = s.charCodeAt(5);
+ if (ch !== 101 && ch !== 69) return false;
+ return true;
+}
+
 var dateCache;
 function utcDate() {
  if (!dateCache) {
@@ -275,12 +296,14 @@ function _storeHeader(firstLine, headers) {
  value = entry[1];
 
  if (value instanceof Array) {
- for (j = 0; j < value.length; j++) {
- storeHeader(this, state, field, value[j], false);
+ if (value.length < 2 || !isCookieField(field)) {
+ for (j = 0; j < value.length; j++)
+ storeHeader(this, state, field, value[j], false);
+ continue;
  }
- } else {
- storeHeader(this, state, field, value, false);
+ value = value.join('; ');
  }
+ storeHeader(this, state, field, value, false);
  }
  } else if (headers instanceof Array) {
  for (i = 0; i < headers.length; i++) {
@@ -302,12 +325,14 @@ function _storeHeader(firstLine, headers) {
  value = headers[field];
 
  if (value instanceof Array) {
- for (j = 0; j < value.length; j++) {
- storeHeader(this, state, field, value[j], true);
+ if (value.length < 2 || !isCookieField(field)) {
+ for (j = 0; j < value.length; j++)
+ storeHeader(this, state, field, value[j], true);
+ continue;
  }
- } else {
- storeHeader(this, state, field, value, true);
+ value = value.join('; ');
  }
+ storeHeader(this, state, field, value, true);
  }
  }
 

diff --git a/test/parallel/test-http.js b/test/parallel/test-http.js
@@ -1,84 +1,113 @@
 'use strict';
-require('../common');
+const common = require('../common');
 const assert = require('assert');
 const http = require('http');
 const url = require('url');
 
-let responses_sent = 0;
-let responses_recvd = 0;
-let body0 = '';
-let body1 = '';
+const expectedRequests = ['/hello', '/there', '/world'];
 
-const server = http.Server(function(req, res) {
- if (responses_sent === 0) {
- assert.strictEqual('GET', req.method);
- assert.strictEqual('/hello', url.parse(req.url).pathname);
+const server = http.Server(common.mustCall(function(req, res) {
+ assert.strictEqual(expectedRequests.shift(), req.url);
 
- console.dir(req.headers);
- assert.strictEqual(true, 'accept' in req.headers);
- assert.strictEqual('*/*', req.headers['accept']);
-
- assert.strictEqual(true, 'foo' in req.headers);
- assert.strictEqual('bar', req.headers['foo']);
+ switch (req.url) {
+ case '/hello':
+ assert.strictEqual(req.method, 'GET');
+ assert.strictEqual(req.headers['accept'], '*/*');
+ assert.strictEqual(req.headers['foo'], 'bar');
+ assert.strictEqual(req.headers.cookie, 'foo=bar; bar=baz; baz=quux');
+ break;
+ case '/there':
+ assert.strictEqual(req.method, 'PUT');
+ assert.strictEqual(req.headers.cookie, 'node=awesome; ta=da');
+ break;
+ case '/world':
+ assert.strictEqual(req.method, 'POST');
+ assert.deepStrictEqual(req.headers.cookie, 'abc=123; def=456; ghi=789');
+ break;
+ default:
+ assert(false, `Unexpected request for ${req.url}`);
  }
 
- if (responses_sent === 1) {
- assert.strictEqual('POST', req.method);
- assert.strictEqual('/world', url.parse(req.url).pathname);
+ if (expectedRequests.length === 0)
  this.close();
- }
 
  req.on('end', function() {
  res.writeHead(200, {'Content-Type': 'text/plain'});
  res.write('The path was ' + url.parse(req.url).pathname);
  res.end();
- responses_sent += 1;
  });
  req.resume();
-
- //assert.strictEqual('127.0.0.1', res.connection.remoteAddress);
-});
+}, 3));
 server.listen(0);
 
 server.on('listening', function() {
  const agent = new http.Agent({ port: this.address().port, maxSockets: 1 });
- http.get({
+ const req = http.get({
  port: this.address().port,
  path: '/hello',
- headers: {'Accept': '*/*', 'Foo': 'bar'},
+ headers: {
+ Accept: '*/*',
+ Foo: 'bar',
+ Cookie: [ 'foo=bar', 'bar=baz', 'baz=quux' ]
+ },
  agent: agent
- }, function(res) {
- assert.strictEqual(200, res.statusCode);
- responses_recvd += 1;
+ }, common.mustCall(function(res) {
+ const cookieHeaders = req._header.match(/^Cookie: .+$/img);
+ assert.deepStrictEqual(cookieHeaders,
+ ['Cookie: foo=bar; bar=baz; baz=quux']);
+ assert.strictEqual(res.statusCode, 200);
+ let body = '';
  res.setEncoding('utf8');
- res.on('data', function(chunk) { body0 += chunk; });
- console.error('Got /hello response');
- });
+ res.on('data', function(chunk) { body += chunk; });
+ res.on('end', common.mustCall(function() {
+ assert.strictEqual(body, 'The path was /hello');
+ }));
+ }));
 
- setTimeout(function() {
+ setTimeout(common.mustCall(function() {
+ const req = http.request({
+ port: server.address().port,
+ method: 'PUT',
+ path: '/there',
+ agent: agent
+ }, common.mustCall(function(res) {
+ const cookieHeaders = req._header.match(/^Cookie: .+$/img);
+ assert.deepStrictEqual(cookieHeaders, ['Cookie: node=awesome; ta=da']);
+ assert.strictEqual(res.statusCode, 200);
+ let body = '';
+ res.setEncoding('utf8');
+ res.on('data', function(chunk) { body += chunk; });
+ res.on('end', common.mustCall(function() {
+ assert.strictEqual(body, 'The path was /there');
+ }));
+ }));
+ req.setHeader('Cookie', ['node=awesome', 'ta=da']);
+ req.end();
+ }), 1);
+
+ setTimeout(common.mustCall(function() {
  const req = http.request({
  port: server.address().port,
  method: 'POST',
  path: '/world',
+ headers: [ ['Cookie', 'abc=123'],
+ ['Cookie', 'def=456'],
+ ['Cookie', 'ghi=789'] ],
  agent: agent
- }, function(res) {
- assert.strictEqual(200, res.statusCode);
- responses_recvd += 1;
+ }, common.mustCall(function(res) {
+ const cookieHeaders = req._header.match(/^Cookie: .+$/img);
+ assert.deepStrictEqual(cookieHeaders,
+ ['Cookie: abc=123',
+ 'Cookie: def=456',
+ 'Cookie: ghi=789']);
+ assert.strictEqual(res.statusCode, 200);
+ let body = '';
  res.setEncoding('utf8');
- res.on('data', function(chunk) { body1 += chunk; });
- console.error('Got /world response');
- });
+ res.on('data', function(chunk) { body += chunk; });
+ res.on('end', common.mustCall(function() {
+ assert.strictEqual(body, 'The path was /world');
+ }));
+ }));
  req.end();
- }, 1);
-});
-
-process.on('exit', function() {
- console.error('responses_recvd: ' + responses_recvd);
- assert.strictEqual(2, responses_recvd);
-
- console.error('responses_sent: ' + responses_sent);
- assert.strictEqual(2, responses_sent);
-
- assert.strictEqual('The path was /hello', body0);
- assert.strictEqual('The path was /world', body1);
+ }), 2);
 });