From d43ab634435d7380dcb0baa8b1a0c26fd8b12e84 Mon Sep 17 00:00:00 2001 From: makserik <15821542+makserik@users.noreply.github.com> Date: Wed, 11 Dec 2024 11:55:27 +0200 Subject: [PATCH] fix(twilio-run): handle adding object as header correclty as an error (#526) handle adding object as header correclty as an error --- .changeset/three-gifts-smash.md | 6 ++++++ .../__tests__/dev-runtime/internal/response.test.ts | 11 +++++++++++ .../src/dev-runtime/internal/response.ts | 5 +++++ .../__tests__/runtime/internal/response.test.ts | 11 +++++++++++ packages/twilio-run/src/runtime/internal/response.ts | 3 +++ 5 files changed, 36 insertions(+) create mode 100644 .changeset/three-gifts-smash.md diff --git a/.changeset/three-gifts-smash.md b/.changeset/three-gifts-smash.md new file mode 100644 index 00000000..79d25951 --- /dev/null +++ b/.changeset/three-gifts-smash.md @@ -0,0 +1,6 @@ +--- +'@twilio/runtime-handler': minor +'twilio-run': minor +--- + +handle adding object as header correctly as an error diff --git a/packages/runtime-handler/__tests__/dev-runtime/internal/response.test.ts b/packages/runtime-handler/__tests__/dev-runtime/internal/response.test.ts index aee87042..70d9ee0f 100644 --- a/packages/runtime-handler/__tests__/dev-runtime/internal/response.test.ts +++ b/packages/runtime-handler/__tests__/dev-runtime/internal/response.test.ts @@ -84,6 +84,17 @@ test('sets headers with string cookies', () => { expect(response['headers']).toEqual(expected); }); +test('object cant be a header', () => { + const response = new Response(); + expect(response['headers']).toEqual({ + 'Set-Cookie': [], + }); + + expect(() => { + response.appendHeader('Access-Control-Allow-Origin', {} as any); + }).toThrow('Header value cannot be an object'); +}); + test('sets headers with an array of cookies', () => { const response = new Response(); expect(response['headers']).toEqual({ diff --git a/packages/runtime-handler/src/dev-runtime/internal/response.ts b/packages/runtime-handler/src/dev-runtime/internal/response.ts index 5f418883..4ea416a9 100644 --- a/packages/runtime-handler/src/dev-runtime/internal/response.ts +++ b/packages/runtime-handler/src/dev-runtime/internal/response.ts @@ -70,6 +70,11 @@ export class Response implements TwilioResponse { appendHeader(key: string, value: HeaderValue): Response { log('Appending header for %s', key, value); this.headers = this.headers || {}; + + if (typeof value === 'object' && !Array.isArray(value)) { + throw new Error('Header value cannot be an object'); + } + let newHeaderValue: HeaderValue = []; if (key.toLowerCase() === COOKIE_HEADER.toLowerCase()) { const existingValue = this.headers[COOKIE_HEADER]; diff --git a/packages/twilio-run/__tests__/runtime/internal/response.test.ts b/packages/twilio-run/__tests__/runtime/internal/response.test.ts index 472a4bdf..5392e2a9 100644 --- a/packages/twilio-run/__tests__/runtime/internal/response.test.ts +++ b/packages/twilio-run/__tests__/runtime/internal/response.test.ts @@ -85,6 +85,17 @@ test('appends a new header correctly', () => { }); }); +test('object cant be a header', () => { + const response = new Response(); + expect(response['headers']).toEqual({ + 'Set-Cookie': [], + }); + + expect(() => { + response.appendHeader('Access-Control-Allow-Origin', {} as any); + }).toThrow('Header value cannot be an object'); +}); + test('appends a header correctly with no existing one', () => { const response = new Response(); expect(response['headers']).toEqual({ diff --git a/packages/twilio-run/src/runtime/internal/response.ts b/packages/twilio-run/src/runtime/internal/response.ts index 4cd32f03..19401042 100644 --- a/packages/twilio-run/src/runtime/internal/response.ts +++ b/packages/twilio-run/src/runtime/internal/response.ts @@ -67,6 +67,9 @@ export class Response implements TwilioResponse { appendHeader(key: string, value: HeaderValue): Response { debug('Appending header for %s', key, value); + if (typeof value === 'object' && !Array.isArray(value)) { + throw new Error('Header value cannot be an object'); + } this.headers = this.headers || {}; let newHeaderValue: HeaderValue = []; if (key.toLowerCase() === COOKIE_HEADER.toLowerCase()) {