From 0c1d2b97b7edf636323534b13626a8bb9f5fe22d Mon Sep 17 00:00:00 2001 From: Jake Champion Date: Mon, 17 Jul 2023 23:38:00 +0100 Subject: [PATCH] validate status is in range fixes https://github.com/JakeChampion/fetch/issues/1213 --- fetch.js | 6 +++++- test/test.js | 15 +++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/fetch.js b/fetch.js index 0063db7c..37b98218 100644 --- a/fetch.js +++ b/fetch.js @@ -462,6 +462,9 @@ export function Response(bodyInit, options) { this.type = 'default' this.status = options.status === undefined ? 200 : options.status + if (this.status < 200 || this.status > 599) { + throw new RangeError("Failed to construct 'Response': The status provided (0) is outside the range [200, 599].") + } this.ok = this.status >= 200 && this.status < 300 this.statusText = options.statusText === undefined ? '' : '' + options.statusText this.headers = new Headers(options.headers) @@ -481,7 +484,8 @@ Response.prototype.clone = function() { } Response.error = function() { - var response = new Response(null, {status: 0, statusText: ''}) + var response = new Response(null, {status: 200, statusText: ''}) + response.status = 0 response.type = 'error' return response } diff --git a/test/test.js b/test/test.js index 2dff92ab..d6431f40 100644 --- a/test/test.js +++ b/test/test.js @@ -623,6 +623,21 @@ exercise.forEach(function(exerciseMode) { Response('{"foo":"bar"}', {headers: {'content-type': 'application/json'}}) }) }) + test('status outside inclusive range 200-599 ', function() { + assert.throws(function() { + new Response('', {status: 199}) + }) + for (var i = 0; i < 200; i++) { + assert.throws(function() { + new Response('', {status: i}) + }) + } + for (i = 999; i > 599; i--) { + assert.throws(function() { + new Response('', {status: i}) + }) + } + }) test('creates Headers object from raw headers', function() { var r = new Response('{"foo":"bar"}', {headers: {'content-type': 'application/json'}}) assert.equal(r.headers instanceof Headers, true)