diff --git a/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js b/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js index b94d59dc7..9eac4da91 100644 --- a/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js +++ b/packages/node_modules/@node-red/nodes/core/network/21-httprequest.js @@ -86,6 +86,7 @@ in your Node-RED user directory (${RED.settings.userDir}). if (n.paytoqs === true || n.paytoqs === "query") { paytoqs = true; } else if (n.paytoqs === "body") { paytobody = true; } + node.insecureHTTPParser = n.insecureHTTPParser var prox, noprox; if (process.env.http_proxy) { prox = process.env.http_proxy; } diff --git a/test/nodes/core/network/21-httprequest_spec.js b/test/nodes/core/network/21-httprequest_spec.js index 688776289..dff99f3b0 100644 --- a/test/nodes/core/network/21-httprequest_spec.js +++ b/test/nodes/core/network/21-httprequest_spec.js @@ -31,6 +31,8 @@ var multer = require("multer"); var RED = require("nr-test-utils").require("node-red/lib/red"); var fs = require('fs-extra'); var auth = require('basic-auth'); +const { version } = require("os"); +const net = require('net') describe('HTTP Request Node', function() { var testApp; @@ -2265,4 +2267,73 @@ describe('HTTP Request Node', function() { }); }); }); + + describe('should parse broken headers', function(done) { + + const versions = process.versions.node.split('.') + + if (( versions[0] == 14 && versions[1] >= 20 ) || + ( versions[0] == 16 && versions[1] >= 16 ) || + ( versions[0] == 18 && versions[1] >= 5 ) || + ( versions[0] > 18)) { + // only test if on new enough NodeJS version + + let port = testPort++ + + let server; + + before(function() { + server = net.createServer(function (socket) { + socket.write("HTTP/1.0 200\nContent-Type: text/plain\n\nHelloWorld") + socket.end() + }) + + server.listen(port,'127.0.0.1', function(err) { + }) + }); + + after(function() { + server.close() + }); + + it('should accept broken headers', function (done) { + var flow = [{id:'n1',type:'http request',wires:[['n2']],method:'GET',ret:'obj',url:`http://localhost:${port}/`, insecureHTTPParser: true}, + {id:"n2", type:"helper"}]; + helper.load(httpRequestNode, flow, function() { + var n1 = helper.getNode("n1"); + var n2 = helper.getNode("n2"); + n2.on('input', function(msg) { + try { + msg.payload.should.equal('HelloWorld') + done() + } catch (err) { + done(err) + } + }) + n1.receive({payload: 'foo'}) + }); + }); + + it('should reject broken headers', function (done) { + var flow = [{id:'n1',type:'http request',wires:[['n2']],method:'GET',ret:'obj',url:`http://localhost:${port}/`}, + {id:"n2", type:"helper"}]; + helper.load(httpRequestNode, flow, function() { + var n1 = helper.getNode("n1"); + var n2 = helper.getNode("n2"); + n2.on('input', function(msg) { + try{ + msg.payload.should.equal('RequestError: Parse Error: Missing expected CR after header value : http://localhost:10234/') + done() + } catch (err) { + done(err) + } + }) + n1.receive({payload: 'foo'}) + + }); + }); + } else { + done() + } + }); });