refactor: Remove code that handles invalid Content-Length headers

Node's HTTP parser already rejects requests with an invalid Content-Length header, so there's no need to handle it in Medley.
medleyjs · Jun 19, 2019 · 8b4d3b6 · 8b4d3b6
1 parent 2983213
commit 8b4d3b6
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 48 deletions.
diff --git a/lib/RequestHandlers.js b/lib/RequestHandlers.js
@@ -76,31 +76,17 @@ for (const method of http.METHODS) {
  * Determine when to parse a body based on RFC 7230:
  * https://tools.ietf.org/html/rfc7230#section-3.3
  */
-
 function handlePostPutPatch(res) {
-  var {request: req, route} = res
-  var {headers} = req
-
-  if (headers['transfer-encoding'] !== undefined) {
-    route.bodyParser.run(headers['content-type'], req, res, runPreHandlerHooks)
-    return
-  }
+  const req = res.request
+  const {headers} = req
 
-  var contentLength = 0
-
-  if (headers['content-length'] !== undefined) {
-    contentLength = Number.parseInt(headers['content-length'], 10)
-
-    if (!(contentLength >= 0)) {
-      res.error(400, new Error(`Invalid Content-Length: "${headers['content-length']}"`))
-      return
-    }
-  }
-
-  if (headers['content-type'] === undefined && contentLength === 0) {
+  if (
+    headers['transfer-encoding'] === undefined && headers['content-type'] === undefined &&
+    (headers['content-length'] === undefined || Number(headers['content-length']) === 0)
+  ) {
     runPreHandlerHooks(res)
   } else {
-    route.bodyParser.run(headers['content-type'], req, res, runPreHandlerHooks)
+    res.route.bodyParser.run(headers['content-type'], req, res, runPreHandlerHooks)
   }
 }
 
@@ -111,17 +97,14 @@ function handlePostPutPatch(res) {
  * only parse the body if the headers indicate there is one.
  */
 function handleOptions(res) {
-  var req = res.request
-  var {headers} = req
+  const req = res.request
+  const {headers} = req
 
-  if (headers['content-type'] === undefined) {
-    runPreHandlerHooks(res)
-  } else if (headers['transfer-encoding'] !== undefined) {
-    res.route.bodyParser.run(headers['content-type'], req, res, runPreHandlerHooks)
-  } else if (headers['content-length'] === undefined) {
+  if (
+    headers['content-type'] === undefined ||
+    headers['transfer-encoding'] === undefined && headers['content-length'] === undefined
+  ) {
     runPreHandlerHooks(res)
-  } else if (!(Number.parseInt(headers['content-length'], 10) >= 0)) { // eslint-disable-line no-negated-condition, max-len
-    res.error(400, new Error(`Invalid Content-Length: "${headers['content-length']}"`))
   } else {
     res.route.bodyParser.run(headers['content-type'], req, res, runPreHandlerHooks)
   }

diff --git a/test/http-methods/body-tests.js b/test/http-methods/body-tests.js
@@ -254,22 +254,4 @@ module.exports = function bodyTests(method, config) {
       })
     })
   })
-
-  test(`${method} returns 400 - Bad Request with invalid Content-Length header`, (t) => {
-    t.plan(3)
-
-    app.inject({
-      method,
-      url: '/',
-      body: '{}',
-      headers: {
-        'Content-Type': 'application/json',
-        'Content-Length': 'not a number',
-      },
-    }, (err, res) => {
-      t.error(err)
-      t.equal(res.statusCode, 400)
-      t.equal(JSON.parse(res.payload).message, 'Invalid Content-Length: "not a number"')
-    })
-  })
 }