fastify 5.3.3 → 5.5.0

package/test/body-limit.test.js

@@ -1,12 +1,11 @@
 'use strict'
 
 const Fastify = require('../fastify')
-const sget = require('simple-get').concat
 const zlib = require('node:zlib')
 const { test } = require('node:test')
 
-test('bodyLimit', (t, done) => {
-  t.plan(5)
+test('bodyLimit', async t => {
+  t.plan(4)
 
   try {
     Fastify({ bodyLimit: 1.3 })
@@ -28,22 +27,17 @@ test('bodyLimit', (t, done) => {
     reply.send({ error: 'handler should not be called' })
   })
 
-  fastify.listen({ port: 0 }, function (err) {
-    t.assert.ifError(err)
-    t.after(() => { fastify.close() })
+  const fastifyServer = await fastify.listen({ port: 0 })
+  t.after(() => { fastify.close() })
 
-    sget({
-      method: 'POST',
-      url: 'http://localhost:' + fastify.server.address().port,
-      headers: { 'Content-Type': 'application/json' },
-      body: [],
-      json: true
-    }, (err, response, body) => {
-      t.assert.ifError(err)
-      t.assert.strictEqual(response.statusCode, 413)
-      done()
-    })
+  const result = await fetch(fastifyServer, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify([])
   })
+
+  t.assert.ok(!result.ok)
+  t.assert.strictEqual(result.status, 413)
 })
 
 test('bodyLimit is applied to decoded content', async (t) => {
@@ -114,8 +108,8 @@ test('bodyLimit is applied to decoded content', async (t) => {
   })
 })
 
-test('default request.routeOptions.bodyLimit should be 1048576', (t, done) => {
-  t.plan(4)
+test('default request.routeOptions.bodyLimit should be 1048576', async t => {
+  t.plan(3)
   const fastify = Fastify()
   fastify.post('/default-bodylimit', {
     handler (request, reply) {
@@ -123,26 +117,20 @@ test('default request.routeOptions.bodyLimit should be 1048576', (t, done) => {
       reply.send({ })
     }
   })
-  fastify.listen({ port: 0 }, function (err) {
-    t.assert.ifError(err)
-    t.after(() => { fastify.close() })
+  const fastifyServer = await fastify.listen({ port: 0 })
+  t.after(() => { fastify.close() })
 
-    sget({
-      method: 'POST',
-      url: 'http://localhost:' + fastify.server.address().port + '/default-bodylimit',
-      headers: { 'Content-Type': 'application/json' },
-      body: [],
-      json: true
-    }, (err, response, body) => {
-      t.assert.ifError(err)
-      t.assert.strictEqual(response.statusCode, 200)
-      done()
-    })
+  const result = await fetch(fastifyServer + '/default-bodylimit', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify([])
   })
+  t.assert.ok(result.ok)
+  t.assert.strictEqual(result.status, 200)
 })
 
-test('request.routeOptions.bodyLimit should be equal to route limit', (t, done) => {
-  t.plan(4)
+test('request.routeOptions.bodyLimit should be equal to route limit', async t => {
+  t.plan(3)
   const fastify = Fastify({ bodyLimit: 1 })
   fastify.post('/route-limit', {
     bodyLimit: 1000,
@@ -151,26 +139,20 @@ test('request.routeOptions.bodyLimit should be equal to route limit', (t, done)
       reply.send({})
     }
   })
-  fastify.listen({ port: 0 }, function (err) {
-    t.assert.ifError(err)
-    t.after(() => { fastify.close() })
+  const fastifyServer = await fastify.listen({ port: 0 })
+  t.after(() => { fastify.close() })
 
-    sget({
-      method: 'POST',
-      url: 'http://localhost:' + fastify.server.address().port + '/route-limit',
-      headers: { 'Content-Type': 'application/json' },
-      body: [],
-      json: true
-    }, (err, response, body) => {
-      t.assert.ifError(err)
-      t.assert.strictEqual(response.statusCode, 200)
-      done()
-    })
+  const result = await fetch(fastifyServer + '/route-limit', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify([])
   })
+  t.assert.ok(result.ok)
+  t.assert.strictEqual(result.status, 200)
 })
 
-test('request.routeOptions.bodyLimit should be equal to server limit', (t, done) => {
-  t.plan(4)
+test('request.routeOptions.bodyLimit should be equal to server limit', async t => {
+  t.plan(3)
   const fastify = Fastify({ bodyLimit: 100 })
   fastify.post('/server-limit', {
     handler (request, reply) {
@@ -178,20 +160,65 @@ test('request.routeOptions.bodyLimit should be equal to server limit', (t, done)
       reply.send({})
     }
   })
-  fastify.listen({ port: 0 }, function (err) {
-    t.assert.ifError(err)
-    t.after(() => { fastify.close() })
+  const fastifyServer = await fastify.listen({ port: 0 })
+  t.after(() => { fastify.close() })
+
+  const result = await fetch(fastifyServer + '/server-limit', {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/json' },
+    body: JSON.stringify([])
+  })
+  t.assert.ok(result.ok)
+  t.assert.strictEqual(result.status, 200)
+})
 
-    sget({
+test('bodyLimit should use byte length for UTF-8 strings, not character length', async t => {
+  t.plan(4)
+
+  // Create a string with multi-byte UTF-8 characters
+  // Use Japanese characters that are 3 bytes each in UTF-8
+  const multiByteString = 'あああ' // 3 characters, 9 bytes in UTF-8
+  t.assert.strictEqual(multiByteString.length, 3) // 3 characters
+  t.assert.strictEqual(Buffer.byteLength(multiByteString, 'utf8'), 9) // 9 bytes
+
+  const fastify = Fastify()
+
+  // Add a custom text parser that returns the string as-is
+  fastify.addContentTypeParser('text/plain', { parseAs: 'string' }, (req, body, done) => {
+    done(null, body)
+  })
+
+  // Set body limit to 7 bytes - this should reject the string (9 bytes)
+  // even though string.length (3) would be under any reasonable limit
+  fastify.post('/test-utf8', {
+    bodyLimit: 7
+  }, (request, reply) => {
+    reply.send({ body: request.body, length: request.body.length })
+  })
+
+  await t.test('should reject body when byte length exceeds limit', async (t) => {
+    const result = await fastify.inject({
       method: 'POST',
-      url: 'http://localhost:' + fastify.server.address().port + '/server-limit',
-      headers: { 'Content-Type': 'application/json' },
-      body: [],
-      json: true
-    }, (err, response, body) => {
-      t.assert.ifError(err)
-      t.assert.strictEqual(response.statusCode, 200)
-      done()
+      url: '/test-utf8',
+      headers: { 'Content-Type': 'text/plain', 'Content-Length': null },
+      payload: multiByteString
     })
+
+    t.assert.strictEqual(result.statusCode, 413)
+  })
+
+  await t.test('should accept body when byte length is within limit', async (t) => {
+    const smallString = 'あ' // 1 character, 3 bytes, under the 7 byte limit
+
+    const result = await fastify.inject({
+      method: 'POST',
+      url: '/test-utf8',
+      headers: { 'Content-Type': 'text/plain' },
+      payload: smallString
+    })
+
+    t.assert.strictEqual(result.statusCode, 200)
+    t.assert.strictEqual(result.json().body, smallString)
+    t.assert.strictEqual(result.json().length, 1) // 1 character
   })
 })

package/test/buffer.test.js

@@ -49,4 +49,26 @@ test('Buffer test', async t => {
       statusCode: 400
     })
   })
+
+  await test('should return 400 if the body is invalid json', async t => {
+    t.plan(3)
+
+    const response = await fastify.inject({
+      method: 'DELETE',
+      url: '/',
+      payload: Buffer.from(']'),
+      headers: {
+        'content-type': 'application/json'
+      }
+    })
+
+    t.assert.ifError(response.error)
+    t.assert.strictEqual(response.statusCode, 400)
+    t.assert.deepStrictEqual(JSON.parse(response.payload.toString()), {
+      error: 'Bad Request',
+      code: 'FST_ERR_CTP_INVALID_JSON_BODY',
+      message: 'Body is not valid JSON but content-type is set to \'application/json\'',
+      statusCode: 400
+    })
+  })
 })

package/test/build-certificate.js

@@ -91,7 +91,7 @@ function selfCert (opts) {
   }
 }
 
-async function buildCertificate () {
+function buildCertificate () {
   // "global" is used in here because "t.context" is only supported by "t.beforeEach" and "t.afterEach"
   // For the test case which execute this code which will be using `t.before` and it can reduce the
   // number of times executing it.

package/test/case-insensitive.test.js

@@ -2,10 +2,9 @@
 
 const { test } = require('node:test')
 const Fastify = require('..')
-const sget = require('simple-get').concat
 
-test('case insensitive', (t, done) => {
-  t.plan(4)
+test('case insensitive', async (t) => {
+  t.plan(3)
 
   const fastify = Fastify({
     caseSensitive: false
@@ -16,25 +15,19 @@ test('case insensitive', (t, done) => {
     reply.send({ hello: 'world' })
   })
 
-  fastify.listen({ port: 0 }, err => {
-    t.assert.ifError(err)
-
-    sget({
-      method: 'GET',
-      url: 'http://localhost:' + fastify.server.address().port + '/FOO'
-    }, (err, response, body) => {
-      t.assert.ifError(err)
-      t.assert.strictEqual(response.statusCode, 200)
-      t.assert.deepStrictEqual(JSON.parse(body), {
-        hello: 'world'
-      })
-      done()
-    })
+  const fastifyServer = await fastify.listen({ port: 0 })
+
+  const result = await fetch(`${fastifyServer}/FOO`)
+
+  t.assert.ok(result.ok)
+  t.assert.strictEqual(result.status, 200)
+  t.assert.deepStrictEqual(await result.json(), {
+    hello: 'world'
   })
 })
 
-test('case insensitive inject', (t, done) => {
-  t.plan(4)
+test('case insensitive inject', async t => {
+  t.plan(2)
 
   const fastify = Fastify({
     caseSensitive: false
@@ -45,25 +38,21 @@ test('case insensitive inject', (t, done) => {
     reply.send({ hello: 'world' })
   })
 
-  fastify.listen({ port: 0 }, err => {
-    t.assert.ifError(err)
-
-    fastify.inject({
-      method: 'GET',
-      url: 'http://localhost:' + fastify.server.address().port + '/FOO'
-    }, (err, response) => {
-      t.assert.ifError(err)
-      t.assert.strictEqual(response.statusCode, 200)
-      t.assert.deepStrictEqual(JSON.parse(response.payload), {
-        hello: 'world'
-      })
-      done()
-    })
+  const fastifyServer = await fastify.listen({ port: 0 })
+
+  const result = await fastify.inject({
+    method: 'GET',
+    url: fastifyServer + '/FOO'
+  })
+
+  t.assert.strictEqual(result.statusCode, 200)
+  t.assert.deepStrictEqual(result.json(), {
+    hello: 'world'
   })
 })
 
-test('case insensitive (parametric)', (t, done) => {
-  t.plan(5)
+test('case insensitive (parametric)', async (t) => {
+  t.plan(4)
 
   const fastify = Fastify({
     caseSensitive: false
@@ -75,25 +64,21 @@ test('case insensitive (parametric)', (t, done) => {
     reply.send({ hello: 'world' })
   })
 
-  fastify.listen({ port: 0 }, err => {
-    t.assert.ifError(err)
-
-    sget({
-      method: 'GET',
-      url: 'http://localhost:' + fastify.server.address().port + '/FoO/bAr'
-    }, (err, response, body) => {
-      t.assert.ifError(err)
-      t.assert.strictEqual(response.statusCode, 200)
-      t.assert.deepStrictEqual(JSON.parse(body), {
-        hello: 'world'
-      })
-      done()
-    })
+  const fastifyServer = await fastify.listen({ port: 0 })
+
+  const result = await fetch(`${fastifyServer}/FoO/bAr`, {
+    method: 'GET'
+  })
+
+  t.assert.ok(result.ok)
+  t.assert.strictEqual(result.status, 200)
+  t.assert.deepStrictEqual(await result.json(), {
+    hello: 'world'
   })
 })
 
-test('case insensitive (wildcard)', (t, done) => {
-  t.plan(5)
+test('case insensitive (wildcard)', async (t) => {
+  t.plan(4)
 
   const fastify = Fastify({
     caseSensitive: false
@@ -105,19 +90,13 @@ test('case insensitive (wildcard)', (t, done) => {
     reply.send({ hello: 'world' })
   })
 
-  fastify.listen({ port: 0 }, err => {
-    t.assert.ifError(err)
-
-    sget({
-      method: 'GET',
-      url: 'http://localhost:' + fastify.server.address().port + '/FoO/bAr/baZ'
-    }, (err, response, body) => {
-      t.assert.ifError(err)
-      t.assert.strictEqual(response.statusCode, 200)
-      t.assert.deepStrictEqual(JSON.parse(body), {
-        hello: 'world'
-      })
-      done()
-    })
+  const fastifyServer = await fastify.listen({ port: 0 })
+
+  const result = await fetch(`${fastifyServer}/FoO/bAr/baZ`)
+
+  t.assert.ok(result.ok)
+  t.assert.strictEqual(result.status, 200)
+  t.assert.deepStrictEqual(await result.json(), {
+    hello: 'world'
   })
 })

package/test/check.test.js

@@ -3,7 +3,6 @@
 const { test } = require('node:test')
 const { S } = require('fluent-json-schema')
 const Fastify = require('..')
-const sget = require('simple-get').concat
 
 const BadRequestSchema = S.object()
   .prop('statusCode', S.number())
@@ -105,32 +104,29 @@ const handler = (request, reply) => {
   })
 }
 
-test('serialize the response for a Bad Request error, as defined on the schema', (t, done) => {
+test('serialize the response for a Bad Request error, as defined on the schema', async t => {
   const fastify = Fastify({})
 
   t.after(() => fastify.close())
 
   fastify.post('/', options, handler)
 
-  fastify.listen({ port: 0 }, err => {
-    t.assert.ifError(err)
-
-    const url = `http://localhost:${fastify.server.address().port}/`
-
-    sget({
-      method: 'POST',
-      url,
-      json: true
-    }, (err, response, body) => {
-      t.assert.ifError(err)
-      t.assert.strictEqual(response.statusCode, 400)
-      t.assert.deepStrictEqual(body, {
-        statusCode: 400,
-        error: 'Bad Request',
-        message: 'body must be object'
-      })
-      done()
-    })
+  const fastifyServer = await fastify.listen({ port: 0 })
+
+  const result = await fetch(fastifyServer, {
+    method: 'POST',
+    headers: {
+      'Content-Type': 'application/json'
+    },
+    body: '12'
+  })
+
+  t.assert.ok(!result.ok)
+  t.assert.strictEqual(result.status, 400)
+  t.assert.deepStrictEqual(await result.json(), {
+    statusCode: 400,
+    error: 'Bad Request',
+    message: 'body must be object'
   })
 })
 

package/test/close-pipelining.test.js

@@ -11,8 +11,10 @@ test('Should return 503 while closing - pipelining', async t => {
   })
 
   fastify.get('/', async (req, reply) => {
+    // Simulate a delay to allow pipelining to kick in
+    await new Promise(resolve => setTimeout(resolve, 5))
+    reply.send({ hello: 'world' })
     fastify.close()
-    return { hello: 'world' }
   })
 
   await fastify.listen({ port: 0 })
@@ -21,14 +23,19 @@ test('Should return 503 while closing - pipelining', async t => {
     pipelining: 2
   })
 
-  const codes = [200, 200, 503]
-  const responses = await Promise.all([
-    instance.request({ path: '/', method: 'GET' }),
-    instance.request({ path: '/', method: 'GET' }),
-    instance.request({ path: '/', method: 'GET' })
+  const [firstRequest, secondRequest, thirdRequest] = await Promise.allSettled([
+    instance.request({ path: '/', method: 'GET', blocking: false }),
+    instance.request({ path: '/', method: 'GET', blocking: false }),
+    instance.request({ path: '/', method: 'GET', blocking: false })
   ])
-  const actual = responses.map(r => r.statusCode)
-  t.assert.deepStrictEqual(actual, codes)
+  t.assert.strictEqual(firstRequest.status, 'fulfilled')
+  t.assert.strictEqual(secondRequest.status, 'fulfilled')
+
+  t.assert.strictEqual(firstRequest.value.statusCode, 200)
+  t.assert.strictEqual(secondRequest.value.statusCode, 200)
+
+  t.assert.strictEqual(thirdRequest.status, 'fulfilled')
+  t.assert.strictEqual(thirdRequest.value.statusCode, 503)
 
   await instance.close()
 })
@@ -42,6 +49,8 @@ test('Should close the socket abruptly - pipelining - return503OnClosing: false'
   })
 
   fastify.get('/', async (req, reply) => {
+    // Simulate a delay to allow pipelining to kick in
+    await new Promise(resolve => setTimeout(resolve, 5))
     reply.send({ hello: 'world' })
     fastify.close()
   })
@@ -49,21 +58,21 @@ test('Should close the socket abruptly - pipelining - return503OnClosing: false'
   await fastify.listen({ port: 0 })
 
   const instance = new Client('http://localhost:' + fastify.server.address().port, {
-    pipelining: 2
+    pipelining: 1
   })
 
   const responses = await Promise.allSettled([
-    instance.request({ path: '/', method: 'GET' }),
-    instance.request({ path: '/', method: 'GET' }),
-    instance.request({ path: '/', method: 'GET' }),
-    instance.request({ path: '/', method: 'GET' })
+    instance.request({ path: '/', method: 'GET', blocking: false }),
+    instance.request({ path: '/', method: 'GET', blocking: false }),
+    instance.request({ path: '/', method: 'GET', blocking: false }),
+    instance.request({ path: '/', method: 'GET', blocking: false })
   ])
 
   const fulfilled = responses.filter(r => r.status === 'fulfilled')
   const rejected = responses.filter(r => r.status === 'rejected')
 
-  t.assert.strictEqual(fulfilled.length, 2)
-  t.assert.strictEqual(rejected.length, 2)
+  t.assert.strictEqual(fulfilled.length, 1)
+  t.assert.strictEqual(rejected.length, 3)
 
   await instance.close()
 })