Caseless header comparing in HTTP adapter. (#2880)

* Caseless header comparing in HTTP adapter. It was adding User-Agent and removing Authorization, but only when existing headers had the exact right casing. Node uses caseless logic when managing headers. This was causing some requests to have `User-Agent` appended to the headers object and overriding provided agent strings. Also included is an update to not override the `Content-Length` if it was already defined in the options. It can be desirable to manually specify a content length that does not match the data on hand. Especially for testing. * Fix eslint error * fixup: update state UA logic Play nice with #3703 Co-authored-by: Jay <[email protected]>
axios · Sep 7, 2021 · f3ca637 · f3ca637
1 parent 4091b07
commit f3ca637
Show file tree

Hide file tree

Showing 2 changed files with 50 additions and 9 deletions.
diff --git a/lib/adapters/http.js b/lib/adapters/http.js
@@ -52,14 +52,18 @@ module.exports = function httpAdapter(config) {
     };
     var data = config.data;
     var headers = config.headers;
+    var headerNames = {};
+
+    Object.keys(headers).forEach(function storeLowerName(name) {
+      headerNames[name.toLowerCase()] = name;
+    });
 
     // Set User-Agent (required by some servers)
     // See https://github.com/axios/axios/issues/69
-    if ('User-Agent' in headers || 'user-agent' in headers) {
+    if ('user-agent' in headerNames) {
       // User-Agent is specified; handle case where no UA header is desired
-      if (!headers['User-Agent'] && !headers['user-agent']) {
-        delete headers['User-Agent'];
-        delete headers['user-agent'];
+      if (!headers[headerNames['user-agent']]) {
+        delete headers[headerNames['user-agent']];
       }
       // Otherwise, use specified value
     } else {
@@ -82,7 +86,9 @@ module.exports = function httpAdapter(config) {
       }
 
       // Add Content-Length header if data exists
-      headers['Content-Length'] = data.length;
+      if (!headerNames['content-length']) {
+        headers['Content-Length'] = data.length;
+      }
     }
 
     // HTTP basic authentication
@@ -105,8 +111,8 @@ module.exports = function httpAdapter(config) {
       auth = urlUsername + ':' + urlPassword;
     }
 
-    if (auth) {
-      delete headers.Authorization;
+    if (auth && headerNames.authorization) {
+      delete headers[headerNames.authorization];
     }
 
     var isHttpsRequest = isHttps.test(protocol);

diff --git a/test/unit/adapters/http.js b/test/unit/adapters/http.js
@@ -18,7 +18,7 @@ describe('supports http with nodejs', function () {
       server = null;
     }
     if (proxy) {
-      proxy.close()
+      proxy.close();
       proxy = null;
     }
     if (process.env.http_proxy) {
@@ -326,7 +326,7 @@ describe('supports http with nodejs', function () {
       res.end(req.headers.authorization);
     }).listen(4444, function () {
       var auth = { username: 'foo', password: 'bar' };
-      var headers = { Authorization: 'Bearer 1234' };
+      var headers = { AuThOrIzAtIoN: 'Bearer 1234' }; // wonky casing to ensure caseless comparison
       axios.get('http://localhost:4444/', { auth: auth, headers: headers }).then(function (res) {
         var base64 = Buffer.from('foo:bar', 'utf8').toString('base64');
         assert.equal(res.data, 'Basic ' + base64);
@@ -335,6 +335,41 @@ describe('supports http with nodejs', function () {
     });
   });
 
+  it('should provides a default User-Agent header', function (done) {
+    server = http.createServer(function (req, res) {
+      res.end(req.headers['user-agent']);
+    }).listen(4444, function () {
+      axios.get('http://localhost:4444/').then(function (res) {
+        assert.ok(/^axios\/[\d.]+$/.test(res.data), `User-Agent header does not match: ${res.data}`);
+        done();
+      });
+    });
+  });
+
+  it('should allow the User-Agent header to be overridden', function (done) {
+    server = http.createServer(function (req, res) {
+      res.end(req.headers['user-agent']);
+    }).listen(4444, function () {
+      var headers = { 'UsEr-AgEnT': 'foo bar' }; // wonky casing to ensure caseless comparison
+      axios.get('http://localhost:4444/', { headers }).then(function (res) {
+        assert.equal(res.data, 'foo bar');
+        done();
+      });
+    });
+  });
+
+  it('should allow the Content-Length header to be overridden', function (done) {
+    server = http.createServer(function (req, res) {
+      assert.strictEqual(req.headers['content-length'], '42');
+      res.end();
+    }).listen(4444, function () {
+      var headers = { 'CoNtEnT-lEnGtH': '42' }; // wonky casing to ensure caseless comparison
+      axios.post('http://localhost:4444/', 'foo', { headers }).then(function () {
+        done();
+      });
+    });
+  });
+
   it('should support max content length', function (done) {
     var str = Array(100000).join('ж');