diff --git a/package-lock.json b/package-lock.json index 24f0d772..2c7e5ae1 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "llhttp", - "version": "2.1.8", + "version": "2.1.9", "lockfileVersion": 1, "requires": true, "dependencies": { diff --git a/package.json b/package.json index 5bb726ba..c40f552f 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "llhttp", - "version": "2.1.8", + "version": "2.1.9", "description": "HTTP parser in LLVM IR", "main": "lib/llhttp.js", "types": "lib/llhttp.d.ts", diff --git a/src/llhttp/http.ts b/src/llhttp/http.ts index 7bffd9cb..f9a733da 100644 --- a/src/llhttp/http.ts +++ b/src/llhttp/http.ts @@ -599,11 +599,14 @@ export class HTTP { 'Missing expected LF after header value')); n('header_value_lws') - .peek([ ' ', '\t' ], - this.load('header_state', { - [HEADER_STATE.TRANSFER_ENCODING_CHUNKED]: - this.resetHeaderState(span.headerValue.start(n('header_value_start'))), - }, span.headerValue.start(n('header_value_start')))) + .peek( + [ ' ', '\t' ], + this.testFlags(FLAGS.LENIENT, { + 1: this.load('header_state', { + [HEADER_STATE.TRANSFER_ENCODING_CHUNKED]: + this.resetHeaderState(span.headerValue.start(n('header_value_start'))), + }, span.headerValue.start(n('header_value_start'))), + }, p.error(ERROR.INVALID_HEADER_TOKEN, 'Unexpected whitespace after header value'))) .otherwise(this.setHeaderFlags('header_field_start')); const checkTrailing = this.testFlags(FLAGS.TRAILING, { diff --git a/test/request/connection.md b/test/request/connection.md index f2b69c7a..ed874942 100644 --- a/test/request/connection.md +++ b/test/request/connection.md @@ -263,7 +263,7 @@ off=75 message complete ### Multiple tokens with folding - + ```http GET /demo HTTP/1.1 Host: example.com @@ -326,7 +326,7 @@ off=75 error code=22 reason="Pause on CONNECT/Upgrade" ### Multiple tokens with folding, LWS, and CRLF - + ```http GET /demo HTTP/1.1 Connection: keep-alive, \r\n upgrade diff --git a/test/request/invalid.md b/test/request/invalid.md index 21ed818b..ba366c5f 100644 --- a/test/request/invalid.md +++ b/test/request/invalid.md @@ -254,4 +254,89 @@ off=22 len=9 span[header_value]="localhost" off=33 len=5 span[header_field]="Dummy" off=40 len=1 span[header_value]="x" off=41 error code=10 reason="Invalid header value char" -``` \ No newline at end of file +``` + +### Spaces before headers + + + +```http +POST /hello HTTP/1.1 +Host: localhost +Foo: bar + Content-Length: 38 + +GET /bye HTTP/1.1 +Host: localhost + + +``` + +```log +off=0 message begin +off=0 len=4 span[method]="POST" +off=4 method complete +off=5 len=6 span[url]="/hello" +off=12 url complete +off=17 len=3 span[version]="1.1" +off=20 version complete +off=22 len=4 span[header_field]="Host" +off=27 header_field complete +off=28 len=9 span[header_value]="localhost" +off=39 header_value complete +off=39 len=3 span[header_field]="Foo" +off=43 header_field complete +off=44 len=3 span[header_value]="bar" +off=49 error code=10 reason="Unexpected whitespace after header value" +``` + +### Spaces before headers (lenient) + + + +```http +POST /hello HTTP/1.1 +Host: localhost +Foo: bar + Content-Length: 38 + +GET /bye HTTP/1.1 +Host: localhost + + +``` + +```log +off=0 message begin +off=0 len=4 span[method]="POST" +off=4 method complete +off=5 len=6 span[url]="/hello" +off=12 url complete +off=17 len=3 span[version]="1.1" +off=20 version complete +off=22 len=4 span[header_field]="Host" +off=27 header_field complete +off=28 len=9 span[header_value]="localhost" +off=39 header_value complete +off=39 len=3 span[header_field]="Foo" +off=43 header_field complete +off=44 len=3 span[header_value]="bar" +off=49 len=19 span[header_value]=" Content-Length: 38" +off=70 header_value complete +off=72 headers complete method=3 v=1/1 flags=0 content_length=0 +off=72 message complete +off=72 reset +off=72 message begin +off=72 len=3 span[method]="GET" +off=75 method complete +off=76 len=4 span[url]="/bye" +off=81 url complete +off=86 len=3 span[version]="1.1" +off=89 version complete +off=91 len=4 span[header_field]="Host" +off=96 header_field complete +off=97 len=9 span[header_value]="localhost" +off=108 header_value complete +off=110 headers complete method=1 v=1/1 flags=0 content_length=0 +off=110 message complete +``` diff --git a/test/request/sample.md b/test/request/sample.md index 5407beb9..75375fd5 100644 --- a/test/request/sample.md +++ b/test/request/sample.md @@ -369,7 +369,7 @@ off=61 message complete See nodejs/test/parallel/test-http-headers-obstext.js - + ```http GET / HTTP/1.1 X-SSL-Nonsense: -----BEGIN CERTIFICATE----- diff --git a/test/request/transfer-encoding.md b/test/request/transfer-encoding.md index ab04c71d..9dfba872 100644 --- a/test/request/transfer-encoding.md +++ b/test/request/transfer-encoding.md @@ -518,7 +518,7 @@ off=50 error code=12 reason="Invalid character in chunk size" ## Invalid OBS fold after chunked value - + ```http PUT /url HTTP/1.1 Transfer-Encoding: chunked diff --git a/test/response/transfer-encoding.md b/test/response/transfer-encoding.md index a825a48b..ee56c375 100644 --- a/test/response/transfer-encoding.md +++ b/test/response/transfer-encoding.md @@ -118,7 +118,7 @@ off=78 len=1 span[body]=lf ## Invalid OBS fold after chunked value - + ```http HTTP/1.1 200 OK Transfer-Encoding: chunked diff --git a/tsconfig.json b/tsconfig.json index 01ec7c26..b0775b15 100644 --- a/tsconfig.json +++ b/tsconfig.json @@ -7,7 +7,8 @@ "outDir": "./lib", "declaration": true, "pretty": true, - "sourceMap": true + "sourceMap": true, + "skipLibCheck": true }, "include": [ "src/**/*.ts"