61 lines
1.6 KiB
JavaScript
61 lines
1.6 KiB
JavaScript
'use strict';
|
|
|
|
import utils from '../utils.js';
|
|
|
|
function trimSPorHTAB(str) {
|
|
let start = 0;
|
|
let end = str.length;
|
|
|
|
while (start < end) {
|
|
const code = str.charCodeAt(start);
|
|
|
|
if (code !== 0x09 && code !== 0x20) {
|
|
break;
|
|
}
|
|
|
|
start += 1;
|
|
}
|
|
|
|
while (end > start) {
|
|
const code = str.charCodeAt(end - 1);
|
|
|
|
if (code !== 0x09 && code !== 0x20) {
|
|
break;
|
|
}
|
|
|
|
end -= 1;
|
|
}
|
|
|
|
return start === 0 && end === str.length ? str : str.slice(start, end);
|
|
}
|
|
|
|
// The control-code ranges are intentional: header sanitization strips C0/DEL bytes.
|
|
// eslint-disable-next-line no-control-regex
|
|
const INVALID_UNICODE_HEADER_VALUE_CHARS = new RegExp('[\\u0000-\\u0008\\u000a-\\u001f\\u007f]+', 'g');
|
|
// eslint-disable-next-line no-control-regex
|
|
const INVALID_BYTE_STRING_HEADER_VALUE_CHARS = new RegExp('[^\\u0009\\u0020-\\u007e\\u0080-\\u00ff]+', 'g');
|
|
|
|
function sanitizeValue(value, invalidChars) {
|
|
if (utils.isArray(value)) {
|
|
return value.map((item) => sanitizeValue(item, invalidChars));
|
|
}
|
|
|
|
return trimSPorHTAB(String(value).replace(invalidChars, ''));
|
|
}
|
|
|
|
export const sanitizeHeaderValue = (value) =>
|
|
sanitizeValue(value, INVALID_UNICODE_HEADER_VALUE_CHARS);
|
|
|
|
export const sanitizeByteStringHeaderValue = (value) =>
|
|
sanitizeValue(value, INVALID_BYTE_STRING_HEADER_VALUE_CHARS);
|
|
|
|
export function toByteStringHeaderObject(headers) {
|
|
const byteStringHeaders = Object.create(null);
|
|
|
|
utils.forEach(headers.toJSON(), (value, header) => {
|
|
byteStringHeaders[header] = sanitizeByteStringHeaderValue(value);
|
|
});
|
|
|
|
return byteStringHeaders;
|
|
}
|