Skip to content

Commit

Permalink
fix(middleware): remove unsafe clone
Browse files Browse the repository at this point in the history
  • Loading branch information
@TomokiMiyauci
TomokiMiyauci committed Apr 3, 2023
1 parent 2364fc1 commit 761098d
Show file tree
Hide file tree
Showing 6 changed files with 32 additions and 44 deletions.
6 changes: 3 additions & 3 deletions _dev_deps.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@ export {
assert,
assertEquals,
assertThrows,
} from "https://deno.land/std@0.180.0/testing/asserts.ts";
export { describe, it } from "https://deno.land/std@0.180.0/testing/bdd.ts";
export { equalsResponse } from "https://deno.land/x/http_utils@1.0.0-beta.13/response.ts";
} from "https://deno.land/std@0.181.0/testing/asserts.ts";
export { describe, it } from "https://deno.land/std@0.181.0/testing/bdd.ts";
export { equalsResponse } from "https://deno.land/x/http_utils@1.0.0/response.ts";
5 changes: 5 additions & 0 deletions _tools/meta.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,5 +47,10 @@ export const makeOptions = (version: string): BuildOptions => ({
name: "@httpland/hsts-parser",
version: "1.0.0-beta.1",
},
"https://deno.land/x/http_utils@1.0.0/message.ts": {
name: "@httpland/http-utils",
version: "1.0.0",
subPath: "message.js",
},
},
});
27 changes: 12 additions & 15 deletions deno.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions deps.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ export {
type StrictTransportSecurity,
stringify,
} from "https://deno.land/x/hsts_parser@1.0.0-beta.1/mod.ts";
export { withHeader } from "https://deno.land/x/http_utils@1.0.0/message.ts";

export const enum SecurityHeaders {
StrictTransportSecurity = "strict-transport-security",
Expand Down
21 changes: 10 additions & 11 deletions middleware.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import {
SecurityHeaders,
type StrictTransportSecurity,
stringify,
withHeader,
} from "./deps.ts";

/**
Expand Down Expand Up @@ -52,16 +53,14 @@ export function hsts(
return async (request, next) => {
const response = await next(request);

return withSts(response, stsValue);
};
}

export function withSts(response: Response, fieldValue: string): Response {
response = response.clone();
if (response.headers.has(SecurityHeaders.StrictTransportSecurity)) {
return response;
}

if (!response.headers.has(SecurityHeaders.StrictTransportSecurity)) {
response.headers.set(SecurityHeaders.StrictTransportSecurity, fieldValue);
}

return response;
return withHeader(
response,
SecurityHeaders.StrictTransportSecurity,
stsValue,
);
};
}
16 changes: 1 addition & 15 deletions middleware_test.ts
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { hsts, withSts } from "./middleware.ts";
import { hsts } from "./middleware.ts";
import {
assert,
assertThrows,
Expand Down Expand Up @@ -59,17 +59,3 @@ describe("hsts", () => {
assertThrows(() => hsts({ maxAge: NaN }));
});
});

describe("withSts", () => {
it("should add sts header", async () => {
assert(
await equalsResponse(
withSts(new Response(), "max-age=100"),
new Response(null, {
headers: { "strict-transport-security": "max-age=100" },
}),
true,
),
);
});
});

0 comments on commit 761098d

Please sign in to comment.