fix: fix referrer-policy enum check#50
Conversation
lib/middlewares/referrerPolicy.js
Outdated
| if (utils.checkIfIgnore(opts, ctx)) { return; } | ||
| const policy = opts.value; | ||
| if (policy in ALLOWED_POLICIES_ENUM) { | ||
| if (ALLOWED_POLICIES_ENUM.indexOf(policy) < 0) { |
There was a problem hiding this comment.
| if (ALLOWED_POLICIES_ENUM.indexOf(policy) < 0) { | |
| if (!ALLOWED_POLICIES_ENUM.includes(policy)) { |
| }); | ||
|
|
||
| it('should throw error when Referrer-Policy settings is invalid when configured', function(done) { | ||
| const policy = 'oorigin'; |
There was a problem hiding this comment.
加上 '0' in ALLOWED_POLICIES_ENUM返回true 的测试用例。
There was a problem hiding this comment.
Referrer-Policy 设置为0 应该是不合法的Referrer-Policy的处理,这个测试用例已经在测试非法的Referrer-Policy应该抛出异常的情况了,抱歉其实我没看懂什么是'0' in ALLOWED_POLICIES_ENUM返回true的测试用例
There was a problem hiding this comment.
我的意思是加上这个测试用例,如果我们不修复代码的话,就会触发这个 bug 了。
There was a problem hiding this comment.
好的,已经添加了这个测试用例,并添加了针对这个测试用例的注释link到这个pull request
|
我的坑。。这个是bug |
Codecov Report
@@ Coverage Diff @@
## master #50 +/- ##
=========================================
+ Coverage 95.92% 96.13% +0.2%
=========================================
Files 30 30
Lines 491 491
=========================================
+ Hits 471 472 +1
+ Misses 20 19 -1
Continue to review full report at Codecov.
|
Codecov Report
@@ Coverage Diff @@
## master #50 +/- ##
=========================================
+ Coverage 95.92% 96.13% +0.2%
=========================================
Files 30 30
Lines 491 491
=========================================
+ Hits 471 472 +1
+ Misses 20 19 -1
Continue to review full report at Codecov.
|
…is exist in ALLOWED_POLICIES_ENUM
|
+1 |
|
这个PR还有什么问题么? |
|
2.4.2 |
5 participants
不知道是不是理解错了,这里的
ALLOWED_POLICIES_ENUM是用于校验设定的referrer-policy是否合法的,而源代码只有数组下标才会进入判断
比如
'origin' in ALLOWED_POLICIES_ENUM返回false'oorigin' in ALLOWED_POLICIES_ENUM也返回false'0' in ALLOWED_POLICIES_ENUM返回true这就失去了判断的意义