Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
url: trim leading and trailing C0 control chars
Emulate the WHATWHG URL parse behavior of trimming leading and trailing C0 control characters. This moves url.parse() slightly closer to WHATWHG URL behavior. The current behavior is possibly insecure for some uses. (The url.parse() API is marked as Legacy and the documentation specifically says it has known bugs and insecure behaviors. Still this change makes a lot of sense.) This issue was reported by P0cas. https://github.com/P0cas PR-URL: #42196 Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Mestery <mestery@protonmail.com> Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
- Loading branch information
1 parent
c5da1dd
commit 962a8ec350f2d0d7cf09377966bf7dd97ed31dbc
Showing
with
16 additions
and 6 deletions.
- +1 −6 lib/url.js
- +15 −0 test/parallel/test-url-parse-format.js
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters