feat(serializers): avoid implicit sanitization #2081
Conversation
| } else if (_obj instanceof IncomingMessage) { | ||
| obj = { [requestKey]: _obj } | ||
| } else if (_obj instanceof ServerResponse) { | ||
| obj = { [responseKey]: _obj } |
There was a problem hiding this comment.
If preferred, we can assess type from properties, as previously done in lib/tools.js:
} else if (_obj.method && _obj.headers && _obj.socket) {
obj = { [requestKey]: _obj }
} else if (typeof _obj.setHeader === 'function') {
obj = { [responseKey]: _obj }
| } else if (key === requestKey && serializers.req) { | ||
| value = serializers.req(value) | ||
| } else if (key === responseKey && serializers.res) { | ||
| value = serializers.res(value) |
There was a problem hiding this comment.
Behaviour of all stdSerializers follow the same pattern.
| /** | ||
| * The string key for the 'Request' in the JSON object. Default: "req". | ||
| */ | ||
| requestKey?: string; | ||
| /** | ||
| * The string key for the 'Response' in the JSON object. Default: "res". | ||
| */ | ||
| responseKey?: string; |
There was a problem hiding this comment.
The key for request and response are now explicitly configurable. Previously, these had fixed values, set on pino-std-serializers (mapHttpRequest and mapHttpResponse).
There was a problem hiding this comment.
maybe this change makes the exported functions mapHttpRequest and mapHttpResponse deprecated, in pino-std-serializers?
When serializers are defined for HTTP Request or HTTP Response, do not run the correspondent `stdSerializers` before calling the provided serializer functions. ISSUE pinojs#1991
gerardolima
force-pushed
the
override-http-std-serializers
branch
from
f705b9c
to
a3b1681
Compare
test/http.test.js
Outdated
| @@ -160,34 +154,31 @@ test('http response support', async ({ ok, same, error, teardown }) => { | |||
| server.close() | |||
| }) | |||
|
|
|||
| test('http response support via a serializer', async ({ ok, same, error, teardown }) => { | |||
| test('http response support via a serializer', async ({ match, error }) => { | |||
There was a problem hiding this comment.
can you please keep the previous test and only add a new one?
There was a problem hiding this comment.
Original tests restored. Also fixed linter issues.
|
ok, I was running isolated tests and only now I noticed there were some assertions on the default serialisers; I am fixing them right now and soon the tests will be fixed; sorry for the silly mistake |
When serializers are defined for HTTP Request or HTTP Response, do not run the correspondent
stdSerializersbefore calling the provided serializer functions.ISSUE #1991