http: concatenate outgoing Cookie headers

This commit enables automatic concatenation of multiple Cookie header
values with a semicolon, except when 2D header arrays are used.

Fixes: #11256
PR-URL: #11259
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Roman Reiss <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>

Author: mscdex

lib/_http_outgoing.js

@@ -20,6 +20,27 @@ var RE_FIELDS = new RegExp('^(?:Connection|Transfer-Encoding|Content-Length|' +
 var RE_CONN_VALUES = /(?:^|\W)close|upgrade(?:$|\W)/ig;
 var RE_TE_CHUNKED = common.chunkExpression;
 
+// isCookieField performs a case-insensitive comparison of a provided string
+// against the word "cookie." This method (at least as of V8 5.4) is faster than
+// the equivalent case-insensitive regexp, even if isCookieField does not get
+// inlined.
+function isCookieField(s) {
+  if (s.length !== 6) return false;
+  var ch = s.charCodeAt(0);
+  if (ch !== 99 && ch !== 67) return false;
+  ch = s.charCodeAt(1);
+  if (ch !== 111 && ch !== 79) return false;
+  ch = s.charCodeAt(2);
+  if (ch !== 111 && ch !== 79) return false;
+  ch = s.charCodeAt(3);
+  if (ch !== 107 && ch !== 75) return false;
+  ch = s.charCodeAt(4);
+  if (ch !== 105 && ch !== 73) return false;
+  ch = s.charCodeAt(5);
+  if (ch !== 101 && ch !== 69) return false;
+  return true;
+}
+
 var dateCache;
 function utcDate() {
   if (!dateCache) {
@@ -275,12 +296,14 @@ function _storeHeader(firstLine, headers) {
       value = entry[1];
 
       if (value instanceof Array) {
-        for (j = 0; j < value.length; j++) {
-          storeHeader(this, state, field, value[j], false);
+        if (value.length < 2 || !isCookieField(field)) {
+          for (j = 0; j < value.length; j++)
+            storeHeader(this, state, field, value[j], false);
+          continue;
         }
-      } else {
-        storeHeader(this, state, field, value, false);
+        value = value.join('; ');
       }
+      storeHeader(this, state, field, value, false);
     }
   } else if (headers instanceof Array) {
     for (i = 0; i < headers.length; i++) {
@@ -302,12 +325,14 @@ function _storeHeader(firstLine, headers) {
       value = headers[field];
 
       if (value instanceof Array) {
-        for (j = 0; j < value.length; j++) {
-          storeHeader(this, state, field, value[j], true);
+        if (value.length < 2 || !isCookieField(field)) {
+          for (j = 0; j < value.length; j++)
+            storeHeader(this, state, field, value[j], true);
+          continue;
         }
-      } else {
-        storeHeader(this, state, field, value, true);
+        value = value.join('; ');
       }
+      storeHeader(this, state, field, value, true);
     }
   }
 

test/parallel/test-http.js

@@ -1,84 +1,113 @@
 'use strict';
-require('../common');
+const common = require('../common');
 const assert = require('assert');
 const http = require('http');
 const url = require('url');
 
-let responses_sent = 0;
-let responses_recvd = 0;
-let body0 = '';
-let body1 = '';
+const expectedRequests = ['/hello', '/there', '/world'];
 
-const server = http.Server(function(req, res) {
-  if (responses_sent === 0) {
-    assert.strictEqual('GET', req.method);
-    assert.strictEqual('/hello', url.parse(req.url).pathname);
+const server = http.Server(common.mustCall(function(req, res) {
+  assert.strictEqual(expectedRequests.shift(), req.url);
 
-    console.dir(req.headers);
-    assert.strictEqual(true, 'accept' in req.headers);
-    assert.strictEqual('*/*', req.headers['accept']);
-
-    assert.strictEqual(true, 'foo' in req.headers);
-    assert.strictEqual('bar', req.headers['foo']);
+  switch (req.url) {
+    case '/hello':
+      assert.strictEqual(req.method, 'GET');
+      assert.strictEqual(req.headers['accept'], '*/*');
+      assert.strictEqual(req.headers['foo'], 'bar');
+      assert.strictEqual(req.headers.cookie, 'foo=bar; bar=baz; baz=quux');
+      break;
+    case '/there':
+      assert.strictEqual(req.method, 'PUT');
+      assert.strictEqual(req.headers.cookie, 'node=awesome; ta=da');
+      break;
+    case '/world':
+      assert.strictEqual(req.method, 'POST');
+      assert.deepStrictEqual(req.headers.cookie, 'abc=123; def=456; ghi=789');
+      break;
+    default:
+      assert(false, `Unexpected request for ${req.url}`);
   }
 
-  if (responses_sent === 1) {
-    assert.strictEqual('POST', req.method);
-    assert.strictEqual('/world', url.parse(req.url).pathname);
+  if (expectedRequests.length === 0)
     this.close();
-  }
 
   req.on('end', function() {
     res.writeHead(200, {'Content-Type': 'text/plain'});
     res.write('The path was ' + url.parse(req.url).pathname);
     res.end();
-    responses_sent += 1;
   });
   req.resume();
-
-  //assert.strictEqual('127.0.0.1', res.connection.remoteAddress);
-});
+}, 3));
 server.listen(0);
 
 server.on('listening', function() {
   const agent = new http.Agent({ port: this.address().port, maxSockets: 1 });
-  http.get({
+  const req = http.get({
     port: this.address().port,
     path: '/hello',
-    headers: {'Accept': '*/*', 'Foo': 'bar'},
+    headers: {
+      Accept: '*/*',
+      Foo: 'bar',
+      Cookie: [ 'foo=bar', 'bar=baz', 'baz=quux' ]
+    },
     agent: agent
-  }, function(res) {
-    assert.strictEqual(200, res.statusCode);
-    responses_recvd += 1;
+  }, common.mustCall(function(res) {
+    const cookieHeaders = req._header.match(/^Cookie: .+$/img);
+    assert.deepStrictEqual(cookieHeaders,
+                           ['Cookie: foo=bar; bar=baz; baz=quux']);
+    assert.strictEqual(res.statusCode, 200);
+    let body = '';
     res.setEncoding('utf8');
-    res.on('data', function(chunk) { body0 += chunk; });
-    console.error('Got /hello response');
-  });
+    res.on('data', function(chunk) { body += chunk; });
+    res.on('end', common.mustCall(function() {
+      assert.strictEqual(body, 'The path was /hello');
+    }));
+  }));
 
-  setTimeout(function() {
+  setTimeout(common.mustCall(function() {
+    const req = http.request({
+      port: server.address().port,
+      method: 'PUT',
+      path: '/there',
+      agent: agent
+    }, common.mustCall(function(res) {
+      const cookieHeaders = req._header.match(/^Cookie: .+$/img);
+      assert.deepStrictEqual(cookieHeaders, ['Cookie: node=awesome; ta=da']);
+      assert.strictEqual(res.statusCode, 200);
+      let body = '';
+      res.setEncoding('utf8');
+      res.on('data', function(chunk) { body += chunk; });
+      res.on('end', common.mustCall(function() {
+        assert.strictEqual(body, 'The path was /there');
+      }));
+    }));
+    req.setHeader('Cookie', ['node=awesome', 'ta=da']);
+    req.end();
+  }), 1);
+
+  setTimeout(common.mustCall(function() {
     const req = http.request({
       port: server.address().port,
       method: 'POST',
       path: '/world',
+      headers: [ ['Cookie', 'abc=123'],
+                 ['Cookie', 'def=456'],
+                 ['Cookie', 'ghi=789'] ],
       agent: agent
-    }, function(res) {
-      assert.strictEqual(200, res.statusCode);
-      responses_recvd += 1;
+    }, common.mustCall(function(res) {
+      const cookieHeaders = req._header.match(/^Cookie: .+$/img);
+      assert.deepStrictEqual(cookieHeaders,
+                             ['Cookie: abc=123',
+                              'Cookie: def=456',
+                              'Cookie: ghi=789']);
+      assert.strictEqual(res.statusCode, 200);
+      let body = '';
       res.setEncoding('utf8');
-      res.on('data', function(chunk) { body1 += chunk; });
-      console.error('Got /world response');
-    });
+      res.on('data', function(chunk) { body += chunk; });
+      res.on('end', common.mustCall(function() {
+        assert.strictEqual(body, 'The path was /world');
+      }));
+    }));
     req.end();
-  }, 1);
-});
-
-process.on('exit', function() {
-  console.error('responses_recvd: ' + responses_recvd);
-  assert.strictEqual(2, responses_recvd);
-
-  console.error('responses_sent: ' + responses_sent);
-  assert.strictEqual(2, responses_sent);
-
-  assert.strictEqual('The path was /hello', body0);
-  assert.strictEqual('The path was /world', body1);
+  }), 2);
 });