From 9700b0bf7ed5629b7215b243ebbfe0ea1894da18 Mon Sep 17 00:00:00 2001
From: Khafra <42794878+KhafraDev@users.noreply.github.com>
Date: Wed, 13 Apr 2022 12:16:53 -0400
Subject: [PATCH 1/2] fix: headers

---
 lib/fetch/response.js |  8 ++++++--
 test/fetch/headers.js | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 42 insertions(+), 2 deletions(-)

diff --git a/lib/fetch/response.js b/lib/fetch/response.js
index d1ce6ce95bd..b8aa4897c1b 100644
--- a/lib/fetch/response.js
+++ b/lib/fetch/response.js
@@ -393,7 +393,8 @@ function makeFilteredHeadersList (headersList, filter) {
     get (target, prop) {
       // Override methods used by Headers class.
       if (prop === 'get' || prop === 'has') {
-        return (name) => filter(name) ? target[prop](name) : undefined
+        const defaultReturn = prop === 'has' ? false : null
+        return (name) => filter(name) ? target[prop](name) : defaultReturn
       } else if (prop === Symbol.iterator) {
         return function * () {
           for (const entry of target) {
@@ -420,7 +421,10 @@ function filterResponse (response, type) {
 
     return makeFilteredResponse(response, {
       type: 'basic',
-      headersList: makeFilteredHeadersList(response.headersList, (name) => !forbiddenResponseHeaderNames.includes(name))
+      headersList: makeFilteredHeadersList(
+        response.headersList,
+        (name) => !forbiddenResponseHeaderNames.includes(name.toLowerCase())
+      )
     })
   } else if (type === 'cors') {
     // A CORS filtered response is a filtered response whose type is "cors"
diff --git a/test/fetch/headers.js b/test/fetch/headers.js
index 4c4e2171915..779c1e04f00 100644
--- a/test/fetch/headers.js
+++ b/test/fetch/headers.js
@@ -12,6 +12,8 @@ const {
   forbiddenHeaderNames,
   forbiddenResponseHeaderNames
 } = require('../../lib/fetch/constants')
+const { createServer } = require('http')
+const { fetch } = require('../../index')
 
 tap.test('Headers initialization', t => {
   t.plan(7)
@@ -627,3 +629,37 @@ tap.test('response guard', (t) => {
 
   t.end()
 })
+
+tap.test('set-cookie[2] in Headers constructor', (t) => {
+  const headers = new Headers(forbiddenResponseHeaderNames.map(k => [k, 'v']))
+
+  for (const header of forbiddenResponseHeaderNames) {
+    t.ok(headers.has(header))
+    t.equal(headers.get(header), 'v')
+  }
+
+  t.end()
+})
+
+// https://github.com/nodejs/undici/issues/1328
+tap.test('set-cookie[2] received from server - issue #1328', (t) => {
+  const server = createServer((req, res) => {
+    res.setHeader('set-cookie', 'my-cookie; wow')
+    res.end('Goodbye!')
+  }).unref()
+  t.teardown(server.close.bind(server))
+
+  server.listen(0, async () => {
+    const { headers } = await fetch(`http://localhost:${server.address().port}`)
+
+    t.notOk(headers.has('set-cookie'))
+    t.notOk(headers.has('Set-cookie'))
+    t.notOk(headers.has('sEt-CoOkIe'))
+
+    t.equal(headers.get('set-cookie'), null)
+    t.equal(headers.get('Set-cookie'), null)
+    t.equal(headers.get('sEt-CoOkIe'), null)
+
+    t.end()
+  })
+})

From f87b7f79ea5c2930ab032082ea924ea86a724c2f Mon Sep 17 00:00:00 2001
From: Khafra <42794878+KhafraDev@users.noreply.github.com>
Date: Wed, 13 Apr 2022 12:27:50 -0400
Subject: [PATCH 2/2] re-run ci