feat: upgrade path-to-regexp (#216)

This upgrades path-to-regexp to the latest version. The behaviour has changed quite a lot since the previous version we were using. Some examples of what has changed: - Wildcards are now subpatterns, e.g. `/foo/(.*)` rather than `/foo/*` - Delimeters are parsed everywhere (`http://foo` would think `://foo` or something is a parameter) - Characters need escaping, e.g. `foo?bar` must be `foo\\?bar` since you can now have optional parameters like `/foo/:bar?` To account for this in the most backwards compatible way possible, this change does the following: - Detects `://` in URLs and escapes it to `\\://` - Detects `/*` in URLs and converts it to `/(.*)` - **Breaks URLs with unescaped query strings** (i.e. `foo?bar` will no longer behave the same. you _must_ escape, `foo\\?bar` The breaking change with query strings is because we can't really reliably replace `?` automatically with `\\?`, since consumers may legitimately want to use the new optional parameters functionality.
sinonjs · Nov 26, 2023 · b800ff1 · b800ff1
1 parent e1a6f3d
commit b800ff1
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 22 deletions.
diff --git a/lib/fake-server/index.js b/lib/fake-server/index.js
@@ -4,7 +4,7 @@ var fakeXhr = require("../fake-xhr");
 var push = [].push;
 var log = require("./log");
 var configureLogError = require("../configure-logger");
-var pathToRegexp = require("path-to-regexp");
+var pathToRegexp = require("path-to-regexp").pathToRegexp;
 
 var supportsArrayBuffer = typeof ArrayBuffer !== "undefined";
 
@@ -236,10 +236,20 @@ var fakeServer = {
         }
 
         // Escape port number to prevent "named" parameters in 'path-to-regexp' module
-        if (typeof url === "string" && url !== "" && /:[0-9]+\//.test(url)) {
-            var m = url.match(/^(https?:\/\/.*?):([0-9]+\/.*)$/);
-            // eslint-disable-next-line no-param-reassign
-            url = `${m[1]}\\:${m[2]}`;
+        if (typeof url === "string" && url !== "") {
+            if (/:[0-9]+\//.test(url)) {
+                var m = url.match(/^(https?:\/\/.*?):([0-9]+\/.*)$/);
+                // eslint-disable-next-line no-param-reassign
+                url = `${m[1]}\\:${m[2]}`;
+            }
+            if (/:\/\//.test(url)) {
+                // eslint-disable-next-line no-param-reassign
+                url = url.replace("://", "\\://");
+            }
+            if (/\*/.test(url)) {
+                // eslint-disable-next-line no-param-reassign
+                url = url.replace(/\/\*/g, "/(.*)");
+            }
         }
 
         push.call(this.responses, {

diff --git a/lib/fake-server/index.test.js b/lib/fake-server/index.test.js
@@ -900,7 +900,7 @@ describe("sinonFakeServer", function() {
 
         it("yields response to request function handler when url contains RegExp characters", function() {
             var handler = sinon.spy();
-            this.server.respondWith("GET", "/hello?world", handler);
+            this.server.respondWith("GET", "/hello\\?world", handler);
             var xhr = new FakeXMLHttpRequest();
             xhr.open("GET", "/hello?world");
             xhr.send();

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -67,7 +67,7 @@
     "@sinonjs/fake-timers": "^10.0.2",
     "@sinonjs/text-encoding": "^0.7.1",
     "just-extend": "^4.0.2",
-    "path-to-regexp": "^1.7.0"
+    "path-to-regexp": "^6.2.1"
   },
   "lint-staged": {
     "*.{js,css,md}": "prettier --check",