Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(response): new setting strict status codes #5856

Open
wants to merge 1 commit into
base: 5.0
Choose a base branch
from
Open

feat(response): new setting strict status codes #5856

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions History.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@
unreleased
=========================
* remove:
* remove:
- `path-is-absolute` dependency - use `path.isAbsolute` instead
* breaking:
* `res.status()` accepts only integers, and input must be greater than 99 and less than 1000
* will throw a `RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.` for inputs outside this range
* will throw a `TypeError: Invalid status code: ${code}. Status code must be an integer.` for non integer inputs
* By default `res.status()` accepts only integers, and input must be greater than 99 and less than 1000
* Will throw a `RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.` for inputs outside this range.
* Will throw a `TypeError: Invalid status code: ${code}. Status code must be an integer.` for non integer inputs.
* Added a new default setting `strict status codes`, with a default value of false.
* When the variable `strict status codes` is set to true, `res.status()` will throw a `RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 600 in strict status codes.` for inputs outside this range.
* deps: [email protected]
* change:
- `res.clearCookie` will ignore user provided `maxAge` and `expires` options
Expand Down
1 change: 1 addition & 0 deletions lib/application.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,6 +99,7 @@ app.defaultConfiguration = function defaultConfiguration() {
this.set('query parser', 'simple')
this.set('subdomain offset', 2);
this.set('trust proxy', false);
this.set('strict status codes', false);

// trust proxy inherit back-compat
Object.defineProperty(this.settings, trustProxyDefaultSymbol, {
Expand Down
6 changes: 6 additions & 0 deletions lib/response.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,6 +73,12 @@ res.status = function status(code) {
if (!Number.isInteger(code)) {
throw new TypeError(`Invalid status code: ${JSON.stringify(code)}. Status code must be an integer.`);
}

// Check if the status code is outside of strict status codes valid range
if (this.app.get('strict status codes') === true && (code < 100 || code > 599)) {
throw new RangeError(`Invalid status code: ${JSON.stringify(code)}. Status code must be greater than 99 and less than 600 in strict status codes.`);
}

// Check if the status code is outside of Node's valid range
if (code < 100 || code > 999) {
throw new RangeError(`Invalid status code: ${JSON.stringify(code)}. Status code must be greater than 99 and less than 1000.`);
Expand Down
1 change: 1 addition & 0 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,6 +92,7 @@
"scripts": {
"lint": "eslint .",
"test": "mocha --require test/support/env --reporter spec --bail --check-leaks test/ test/acceptance/",
"test-watch": "npm run test -- --watch",
"test-ci": "nyc --reporter=lcovonly --reporter=text npm test",
"test-cov": "nyc --reporter=html --reporter=text npm test",
"test-tap": "mocha --require test/support/env --reporter tap --check-leaks test/ test/acceptance/"
Expand Down
17 changes: 15 additions & 2 deletions test/res.status.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ describe('res', function () {
.expect(200, done);
});

describe('accept valid ranges', function() {
describe('accept valid ranges', function () {
// not testing w/ 100, because that has specific meaning and behavior in Node as Expect: 100-continue
it('should set the response status code to 101', function (done) {
var app = express()
Expand Down Expand Up @@ -129,6 +129,20 @@ describe('res', function () {
.expect(500, /Invalid status code/, done);
});

it('should raise error for status code above 599', function (done) {
var app = express();

app.set('strict status codes', true);

app.use(function (req, res) {
res.status(600).end();
});

request(app)
.get('/')
.expect(500, /Status code must be greater than 99 and less than 600./, done);
});

it('should raise error for status code above 999', function (done) {
var app = express();

Expand Down Expand Up @@ -203,4 +217,3 @@ describe('res', function () {
});
});
});