-
Notifications
You must be signed in to change notification settings - Fork 567
Closed
Description
You want to:
- report a bug
Current behaviour
polling connection request.headers.origin has invalid characters cause uncaughtException throw.
error stack:
TypeError: The header content contains invalid characters
at storeHeader (_http_outgoing.js:319:11)
at ServerResponse.OutgoingMessage._storeHeader (_http_outgoing.js:228:9)
at ServerResponse.writeHead (_http_server.js:221:8)
at IncomingMessage.onEnd (/opt/pushnode/node_modules/engine.io/lib/transports/polling.js:180:9)
at emitNone (events.js:86:13)
at IncomingMessage.emit (events.js:185:7)
at endReadableNT (_stream_readable.js:974:12)
at _combinedTickCallback (internal/process/next_tick.js:80:11)
at process._tickDomainCallback (internal/process/next_tick.js:128:9)
Steps to reproduce (if the current behaviour is a bug)
- start a socket.io server
- send a polling connection request, headers.origin contain invalid characters(\x027)
echo -en "GET /socket.io/?rid=0&EIO=3&transport=polling HTTP/1.1\r\nHost: 127.0.0.1:3000\r\nOrigin:\x027.com\r\n\r\n" | nc 127.0.0.1 3000
Expected behaviour
disconnect client connection , don't throw error, maybe emit an error event
Setup
- OS: Ubuntu 16.04.2 LTS , NodeJs v6.10.3
- browser:
- engine.io version: 1.6.8 (socket.io 1.4.5)
Other information (e.g. stacktraces, related issues, suggestions how to fix)
check headers.origin value before writeHeader() or just wrap writeHeader() in try/catch
Metadata
Metadata
Assignees
Labels
No labels