From 45d419ab1ce5b94023b4ce8d2d8f8d501a8fa189 Mon Sep 17 00:00:00 2001
From: Matteo Collina <hello@matteocollina.com>
Date: Wed, 25 Aug 2021 18:06:51 +0200
Subject: [PATCH] http: add regression test for chunked smuggling

PR-URL: https://github.com/nodejs-private/node-private/pull/284
Reviewed-By: Akshay K <iit.akshay@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Robert Nagy <ronagy@icloud.com>
---
 test/parallel/test-http-chunked-smuggling.js | 43 ++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 test/parallel/test-http-chunked-smuggling.js

diff --git a/test/parallel/test-http-chunked-smuggling.js b/test/parallel/test-http-chunked-smuggling.js
new file mode 100644
index 00000000000000..6ea2614835c009
--- /dev/null
+++ b/test/parallel/test-http-chunked-smuggling.js
@@ -0,0 +1,43 @@
+'use strict';
+
+const common = require('../common');
+const http = require('http');
+const net = require('net');
+const assert = require('assert');
+
+// Verify that a request with a space before the content length will result
+// in a 400 Bad Request.
+
+const server = http.createServer(common.mustCall((request, response) => {
+  assert.notStrictEqual(request.url, '/admin');
+  response.end('hello world');
+}), 1);
+
+server.listen(0, common.mustCall(start));
+
+function start() {
+  const sock = net.connect(server.address().port);
+
+  sock.write('' +
+    'GET / HTTP/1.1\r\n' +
+    'Host: localhost:8080\r\n' +
+    'Transfer-Encoding: chunked\r\n' +
+    '\r\n' +
+    '2 \n' +
+    'xx\r\n' +
+    '4c\r\n' +
+    '0\r\n' +
+    '\r\n' +
+    'GET /admin HTTP/1.1\r\n' +
+    'Host: localhost:8080\r\n' +
+    'Transfer-Encoding: chunked\r\n' +
+    '\r\n' +
+    '0\r\n' +
+    '\r\n'
+  );
+
+  sock.resume();
+  sock.on('end', common.mustCall(function() {
+    server.close();
+  }));
+}