feat: add Headers.prototype.getSetCookie #1915
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
KhafraDev
commented
Feb 8, 2023
| return this[kHeadersList].cookies ?? [] | ||
| } | ||
|
|
||
| // https://fetch.spec.whatwg.org/#concept-header-list-sort-and-combine | ||
| get [kHeadersSortedMap] () { |
There was a problem hiding this comment.
A Map can't be used anymore because there can now be duplicate set-cookie keys. I could probably work around it but it wouldn't be maintainable. So I chose the spec solution instead, which is probably slower, but much easier to fix issues with in the future.
Codecov ReportBase: 90.42% // Head: 94.93% // Increases project coverage by
Additional details and impacted files@@ Coverage Diff @@
## main #1915 +/- ##
==========================================
+ Coverage 90.42% 94.93% +4.51%
==========================================
Files 71 40 -31
Lines 6107 2944 -3163
==========================================
- Hits 5522 2795 -2727
+ Misses 585 149 -436
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
|
Test failures seem to be due to the server used in the test being down. undici/test/fetch/issue-1137.js Line 11 in c0ba75f |
ronag
approved these changes
Feb 8, 2023
|
No, all tests pass locally CI is about as green as it'll get. |
KhafraDev
force-pushed
the
add-getsetcookie-finally-wow
branch
from
175931b
to
97cf788
Compare
meyfa
added a commit
to meyfa/get-some-rest
that referenced
this pull request
Mar 24, 2023
Since Node.js now has `getSetCookie` available, we can use it instead of splitting the header on comma, which was very error-prone. Ref: nodejs/undici#1915 The linked PR was released as Undici v5.19.0, which is first available in Node.js 18.14.1. Since Node.js 18.14.2 has an even more up-tp-date version of Undici (5.20.0), I figured it'd be sensible to raise our requirement to that. BREAKING CHANGE: Engine version requirement raised to Node `>=18.14.2`.
meyfa
added a commit
to meyfa/get-some-rest
that referenced
this pull request
Mar 24, 2023
Since Node.js now has `getSetCookie` available, we can use it instead of splitting the header on comma, which was very error-prone. Ref: nodejs/undici#1915 The linked PR was released as Undici v5.19.0, which is first available in Node.js 18.14.1. Since Node.js 18.14.2 has an even more up-tp-date version of Undici (5.20.0), I figured it'd be sensible to raise our requirement to that. BREAKING CHANGE: Engine version requirement raised to Node `>=18.14.2`.
meyfa
added a commit
to meyfa/get-some-rest
that referenced
this pull request
Mar 24, 2023
) Since Node.js now has `getSetCookie` available, we can use it instead of splitting the header on comma, which was very error-prone. Ref: nodejs/undici#1915 The linked PR was released as Undici v5.19.0, which is first available in Node.js 18.14.1. Since Node.js 18.14.2 has an even more up-tp-date version of Undici (5.20.0), I figured it'd be sensible to raise our requirement to that. BREAKING CHANGE: Engine version requirement raised to Node `>=18.14.2`.
anonrig
pushed a commit
to anonrig/undici
that referenced
this pull request
Apr 4, 2023
7 tasks
metcoder95
pushed a commit
to metcoder95/undici
that referenced
this pull request
Jul 21, 2023
kodiakhq bot
pushed a commit
to vercel/next.js
that referenced
this pull request
Sep 7, 2023
### What? Upgrade TypeScript to the latest version as of this PR. **This does not affect users, as the change is only for our repository.** ### Why? Part of some upcoming PRs to try to clean up cookie handling, now that `getSetCookie` is available. Since we use `undici`, which [implements it](nodejs/undici#1915), we can get rid of some code to rely more on the platform. This PR is needed to get the types for `Headers#getSetCookie` which was added in 5.2 ### How? I needed to update some dependency types to get build to pass, but other than that, only needed to bump from `5.1.6` to `5.2.2`, so hopefully all is fine.
kodiakhq bot
pushed a commit
to X-oss-byte/Canary-nextjs
that referenced
this pull request
Sep 18, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [undici](https://undici.nodejs.org) ([source](https://togithub.com/nodejs/undici)) | [`5.14.0` -> `5.19.1`](https://renovatebot.com/diffs/npm/undici/5.14.0/5.19.1) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2023-23936](https://togithub.com/nodejs/undici/security/advisories/GHSA-5r9g-qh6m-jxff) ### Impact undici library does not protect `host` HTTP header from CRLF injection vulnerabilities. ### Patches This issue was patched in Undici v5.19.1. ### Workarounds Sanitize the `headers.host` string before passing to undici. ### References Reported at https://hackerone.com/reports/1820955. ### Credits Thank you to Zhipeng Zhang ([@​timon8](https://hackerone.com/timon8)) for reporting this vulnerability. --- ### Release Notes <details> <summary>nodejs/undici (undici)</summary> ### [`v5.19.1`](https://togithub.com/nodejs/undici/releases/tag/v5.19.1) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.19.0...v5.19.1) ####⚠️ Security Release⚠️ - [Regular Expression Denial of Service in Headers](https://togithub.com/nodejs/undici/security/advisories/GHSA-r6ch-mqf9-qc9w) with CVE-2023-24807 - [CRLF Injection in Nodejs ‘undici’ via host](https://togithub.com/nodejs/undici/security/advisories/GHSA-5r9g-qh6m-jxff) with CVE-2023-23936 This release is part of the Node.js security release train: https://nodejs.org/en/blog/vulnerability/february-2023-security-releases/ ### [`v5.19.0`](https://togithub.com/nodejs/undici/releases/tag/v5.19.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.18.0...v5.19.0) #### What's Changed - fix(fetch): raise AbortSignal max event listeners by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1910 - fix: content-disposition header parsing by [@​climba03003](https://togithub.com/climba03003) in [nodejs/undici#1911 - fix: remove test by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1916 - feat: add Headers.prototype.getSetCookie by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1915 - fix(headers): clone getSetCookie list & add getSetCookie type by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1917 - doc(mock): update out-of-date reply documentation by [@​p9f](https://togithub.com/p9f) in [nodejs/undici#1913 - fix(types): add missing keepAlive params by [@​SkeLLLa](https://togithub.com/SkeLLLa) in [nodejs/undici#1918 - Make the fetch() abort test pass locally, on Linux and Mac, Node 18/19. by [@​mcollina](https://togithub.com/mcollina) in [nodejs/undici#1927 #### New Contributors - [@​climba03003](https://togithub.com/climba03003) made their first contribution in [nodejs/undici#1911 - [@​p9f](https://togithub.com/p9f) made their first contribution in [nodejs/undici#1913 **Full Changelog**: nodejs/undici@v5.18.0...v5.19.0 ### [`v5.18.0`](https://togithub.com/nodejs/undici/releases/tag/v5.18.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.17.1...v5.18.0) ##### What's Changed - Add ability to set TCP keepalive by [@​xconverge](https://togithub.com/xconverge) in [nodejs/undici#1904 - use faster timers by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1908 - fix: ensure header value is a string by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1899 **Full Changelog**: nodejs/undici@v5.17.1...v5.18.0 ### [`v5.17.1`](https://togithub.com/nodejs/undici/releases/tag/v5.17.1) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.17.0...v5.17.1) #### What's Changed - fix: bad buffer slice (nodejs/undici@d2be675) **Full Changelog**: nodejs/undici@v5.17.0...v5.17.1 ### [`v5.17.0`](https://togithub.com/nodejs/undici/releases/tag/v5.17.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.16.0...v5.17.0) #### What's Changed - fix(wpts): Blob is a global getter in >=v19.x.x by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1880 - doc: fix anchor links dispatcher.stream by [@​RafaelGSS](https://togithub.com/RafaelGSS) in [nodejs/undici#1881 - wpt: make runner more resilient by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1884 - Make test pass in v19.x by [@​mcollina](https://togithub.com/mcollina) in [nodejs/undici#1879 - Correct the type of DispatchOptions\["headers"] by [@​pan93412](https://togithub.com/pan93412) in [nodejs/undici#1896 - perf(content-type parser): faster string collector by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1894 - feat: expose content-type parser by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1895 - fix(types): Update DispatchOptions type for missing "blocking" by [@​xconverge](https://togithub.com/xconverge) in [nodejs/undici#1889 - fix(types): update error type definitions by [@​rafaelcr](https://togithub.com/rafaelcr) in [nodejs/undici#1888 - fix: ensure connection header is a string by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1900 - fix: throw if invalid content-type header by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1901 - fix(fetch): use semicolon for Cookie header delimiter by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1906 - Use FastBuffer by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1907 #### New Contributors - [@​pan93412](https://togithub.com/pan93412) made their first contribution in [nodejs/undici#1896 - [@​rafaelcr](https://togithub.com/rafaelcr) made their first contribution in [nodejs/undici#1888 **Full Changelog**: nodejs/undici@v5.16.0...v5.17.0 ### [`v5.16.0`](https://togithub.com/nodejs/undici/releases/tag/v5.16.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.15.2...v5.16.0) #### What's Changed - Add feature to specify custom headers for proxies by [@​Sebmaster](https://togithub.com/Sebmaster) in [nodejs/undici#1877 #### New Contributors - [@​Sebmaster](https://togithub.com/Sebmaster) made their first contribution in [nodejs/undici#1877 **Full Changelog**: nodejs/undici@v5.15.2...v5.16.0 ### [`v5.15.2`](https://togithub.com/nodejs/undici/compare/9d5f23177408dc16d3d4cbb8cebf463081c54e16...9457c9719029945ef9ff36b71d58557443730942) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.15.1...v5.15.2) ### [`v5.15.1`](https://togithub.com/nodejs/undici/releases/tag/v5.15.1) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.15.0...v5.15.1) #### What's Changed - fix(websocket): simplify typedarray copying by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1854 - fix: wpts on node v18.13.0+ by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1859 - perf: allow keep alive for HEAD requests by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1858 - fix: flaky abort test by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1863 **Full Changelog**: nodejs/undici@v5.15.0...v5.15.1 ### [`v5.15.0`](https://togithub.com/nodejs/undici/releases/tag/v5.15.0) [Compare Source](https://togithub.com/nodejs/undici/compare/v5.14.0...v5.15.0) #### What's Changed - \[types] update ProxyAgent Options (timeout) by [@​sosoba](https://togithub.com/sosoba) in [nodejs/undici#1801 - feat: implement websockets by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1795 - feat(websocket): handle ping/pong frames & fix fragmented frames by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1809 - docs: add basic fetch & company docs by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1810 - make formdata body immutable and encode it only once by [@​jimmywarting](https://togithub.com/jimmywarting) in [nodejs/undici#1814 - test: add regression test for [#​1814](https://togithub.com/nodejs/undici/issues/1814) by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1815 - feat(websocket): only consume necessary bytes by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1812 - websocket: use Buffer.allocUnsafe by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1817 - build(deps-dev): bump [@​sinonjs/fake-timers](https://togithub.com/sinonjs/fake-timers) from 9.1.2 to 10.0.2 by [@​dependabot](https://togithub.com/dependabot) in [nodejs/undici#1819 - fix(websocket): deprecation warning & 64-bit unsigned int body length by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1818 - Use nodejs.stream.destroyed symbol by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1816 - fetch: removal of redundant condition by [@​debadree25](https://togithub.com/debadree25) in [nodejs/undici#1821 - fix(request): request headers array by [@​jd-carroll](https://togithub.com/jd-carroll) in [nodejs/undici#1807 - fix(websocket): validate payload length received by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1822 - fix(websocket): run parser in loop, instead of recursively by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1828 - fix(fetch): weaker refs by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1824 - websocket: add tests for opening handshake by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1831 - websocket: add tests for constructor, close, and send by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1832 - websocket: more test coverage by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1833 - fix(WPTs): flaky abort test by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1835 - wpt: add test by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1836 - fix: don't send keep-alive if we want reset by [@​ronag](https://togithub.com/ronag) in [nodejs/undici#1846 - fetch: update body consume to match spec by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1847 - feat: allow connection header in request by [@​metcoder95](https://togithub.com/metcoder95) in [nodejs/undici#1829 - feat: add cookie parsing ability by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1848 - fix(cookie): add docs & expose in node v16 by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1849 - fix(cookies): work with global Headers by [@​KhafraDev](https://togithub.com/KhafraDev) in [nodejs/undici#1850 - docs(Dispatcher): adjust documentation for reset flag by [@​metcoder95](https://togithub.com/metcoder95) in [nodejs/undici#1852 - Fix broken interceptor test by [@​mcollina](https://togithub.com/mcollina) in [nodejs/undici#1853 #### New Contributors - [@​sosoba](https://togithub.com/sosoba) made their first contribution in [nodejs/undici#1801 - [@​debadree25](https://togithub.com/debadree25) made their first contribution in [nodejs/undici#1821 - [@​jd-carroll](https://togithub.com/jd-carroll) made their first contribution in [nodejs/undici#1807 **Full Changelog**: nodejs/undici@v5.14.0...v5.15.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/sammyfilly/Canary-nextjs).
crysmags
pushed a commit
to crysmags/undici
that referenced
this pull request
Feb 27, 2024
](https://renovatebot.com){kind=link}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Implements whatwg/fetch@e4d3480
It got merged finally!