Skip to content

Commit

Permalink
feat(http) add unsafe-headers feature flag (#1050)
Browse files Browse the repository at this point in the history
* [http] add unsafe-headers feature flag

* change file

* fmt
  • Loading branch information
Dreaming-Codes authored Mar 8, 2024
1 parent bff7224 commit 753c7be
Show file tree
Hide file tree
Showing 4 changed files with 40 additions and 31 deletions.
5 changes: 5 additions & 0 deletions .changes/http-unsafe-headers.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"http": patch
---

Add `unsafe-headers` cargo feature flag to allow using [forbidden headers](https://fetch.spec.whatwg.org/#terminology-headers).
58 changes: 29 additions & 29 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions plugins/http/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -53,3 +53,4 @@ deflate = [ "reqwest/deflate" ]
trust-dns = [ "reqwest/trust-dns" ]
socks = [ "reqwest/socks" ]
http3 = [ "reqwest/http3" ]
unsafe-headers = []
7 changes: 5 additions & 2 deletions plugins/http/src/commands.rs
Original file line number Diff line number Diff line change
Expand Up @@ -195,7 +195,8 @@ pub async fn fetch<R: Runtime>(
for (name, value) in &headers {
let name = HeaderName::from_bytes(name.as_bytes())?;
let value = HeaderValue::from_bytes(value.as_bytes())?;
if !matches!(
#[cfg(not(feature = "unsafe-headers"))]
if matches!(
name,
// forbidden headers per fetch spec https://fetch.spec.whatwg.org/#terminology-headers
header::ACCEPT_CHARSET
Expand All @@ -218,8 +219,10 @@ pub async fn fetch<R: Runtime>(
| header::UPGRADE
| header::VIA
) {
request = request.header(name, value);
continue;
}

request = request.header(name, value);
}

// POST and PUT requests should always have a 0 length content-length,
Expand Down

0 comments on commit 753c7be

Please sign in to comment.