fastify 5.8.2 → 5.8.3

package/docs/Reference/Validation-and-Serialization.md

@@ -12,14 +12,14 @@ a `content` field, it must enumerate all possible content types the
 application expects to handle with the associated handler.
 
 All examples use the
-[JSON Schema Draft 7](https://json-schema.org/specification-links.html#draft-7)
+[JSON Schema Draft 7](https://json-schema.org/draft-07)
 specification.
 
 > ⚠ Warning:
 > Treat schema definitions as application code. Validation and serialization
 > features use `new Function()`, which is unsafe with user-provided schemas. See
-> [Ajv](https://npm.im/ajv) and
-> [fast-json-stringify](https://npm.im/fast-json-stringify) for details.
+> [Ajv](https://www.npmjs.com/package/ajv) and
+> [fast-json-stringify](https://www.npmjs.com/package/fast-json-stringify) for details.
 >
 > Whilst Fastify supports the
 > [`$async` Ajv feature](https://ajv.js.org/guide/async-validation.html),
@@ -50,7 +50,7 @@ The `addSchema` API allows adding multiple schemas to the Fastify instance for
 reuse throughout the application. This API is encapsulated.
 
 Shared schemas can be reused with the JSON Schema
-[**`$ref`**](https://tools.ietf.org/html/draft-handrews-json-schema-01#section-8)
+[**`$ref`**](https://datatracker.ietf.org/doc/html/draft-handrews-json-schema-01#section-8)
 keyword. Here is an overview of how references work:
 
 + `myField: { $ref: '#foo' }` searches for `$id: '#foo'` in the current schema
@@ -67,7 +67,7 @@ keyword. Here is an overview of how references work:
 
 ```js
 fastify.addSchema({
-  $id: 'http://example.com/',
+  $id: 'http://fastify.example/',
   type: 'object',
   properties: {
     hello: { type: 'string' }
@@ -79,7 +79,7 @@ fastify.post('/', {
   schema: {
     body: {
       type: 'array',
-      items: { $ref: 'http://example.com#/properties/hello' }
+      items: { $ref: 'http://fastify.example#/properties/hello' }
     }
   }
 })
@@ -257,12 +257,21 @@ fastify.post('/the/url', {
 }, handler)
 ```
 
-> **Important:** When using [custom content type
-> parsers](./ContentTypeParser.md), the parsed body will **only** be validated
-> if the request's content type is listed in the `content` object above. If
-> a parser for a content type (e.g., `application/yaml`) is defined,
-> but it is not not included in the body schema's `content` property,
-> the incoming data will be parsed but **not validated**.
+> ⚠ Warning:
+> When using [custom content type parsers](./ContentTypeParser.md), the parsed
+> body is validated **only** when the request content type matches a key in the
+> schema `content` map.
+>
+> Schema selection uses an exact match on the request's
+> [essence MIME type](https://mimesniff.spec.whatwg.org/#mime-type-miscellaneous)
+> (for example, `application/json`). If a parser is registered with a regular
+> expression (for example, `/^application\/.*json$/`), the parser can accept
+> more content types than the `content` map covers. Requests in that gap are
+> parsed but **not validated**.
+>
+> Ensure every content type accepted by the parser has a corresponding key in
+> the `content` map, or use a catch-all body schema without `content` when
+> strict per-content-type discrimination is not required.
 >
 > ```js
 > // Add a custom parser for YAML
@@ -579,13 +588,13 @@ fastify.post('/the/url', {
 When implementing custom validators, follow these patterns to ensure compatibility
 with all Fastify features:
 
-** Always return objects, never throw:**
+**Always return objects, never throw:**
 ```js
 return { value: validatedData }  // On success
 return { error: validationError } // On failure
 ```
 
-** Use try-catch for safety:**
+**Use try-catch for safety:**
 ```js
 fastify.setValidatorCompiler(({ schema }) => {
   return (data) => {
@@ -907,7 +916,7 @@ fastify.setErrorHandler(function (error, request, reply) {
 ```
 
 For custom error responses in the schema, see
-[`ajv-errors`](https://github.com/epoberezkin/ajv-errors). Check out the
+[`ajv-errors`](https://github.com/ajv-validator/ajv-errors). Check out the
 [example](https://github.com/fastify/example/blob/HEAD/validation-messages/custom-errors-messages.js)
 usage.
 
@@ -969,7 +978,7 @@ fastify.post('/', { schema, }, (request, reply) => {
 ```
 
 To return localized error messages, see
-[ajv-i18n](https://github.com/epoberezkin/ajv-i18n).
+[ajv-i18n](https://github.com/ajv-validator/ajv-i18n).
 
 ```js
 const localize = require('ajv-i18n')
@@ -1114,8 +1123,8 @@ const refToSharedSchemaDefinitions = {
   Schema](https://json-schema.org/understanding-json-schema/about)
 - [fast-json-stringify
   documentation](https://github.com/fastify/fast-json-stringify)
-- [Ajv documentation](https://github.com/epoberezkin/ajv/blob/master/README.md)
-- [Ajv i18n](https://github.com/epoberezkin/ajv-i18n)
-- [Ajv custom errors](https://github.com/epoberezkin/ajv-errors)
+- [Ajv documentation](https://github.com/ajv-validator/ajv/blob/master/README.md)
+- [Ajv i18n](https://github.com/ajv-validator/ajv-i18n)
+- [Ajv custom errors](https://github.com/ajv-validator/ajv-errors)
 - Custom error handling with core methods with error file dumping
   [example](https://github.com/fastify/example/tree/main/validation-messages)

package/docs/Reference/Warnings.md

@@ -18,8 +18,8 @@ Fastify uses Node.js's [warning event](https://nodejs.org/api/process.html#event
 API to notify users of deprecated features and coding mistakes. Fastify's
 warnings are recognizable by the `FSTWRN` and `FSTDEP` prefixes. When
 encountering such a warning, it is highly recommended to determine the cause
-using the [`--trace-warnings`](https://nodejs.org/api/cli.html#--trace-warnings)
-and [`--trace-deprecation`](https://nodejs.org/api/cli.html#--trace-deprecation)
+using the [`--trace-warnings`](https://nodejs.org/api/cli.html#trace-warnings)
+and [`--trace-deprecation`](https://nodejs.org/api/cli.html#trace-deprecation)
 flags. These produce stack traces pointing to where the issue occurs in the
 application's code. Issues opened about warnings without this information will
 be closed due to lack of details.
@@ -48,9 +48,9 @@ experienced users should consider disabling warnings.
 
 Deprecation codes are supported by the Node.js CLI options:
 
-- [--no-deprecation](https://nodejs.org/api/cli.html#--no-deprecation)
-- [--throw-deprecation](https://nodejs.org/api/cli.html#--throw-deprecation)
-- [--trace-deprecation](https://nodejs.org/api/cli.html#--trace-deprecation)
+- [--no-deprecation](https://nodejs.org/api/cli.html#no-deprecation)
+- [--throw-deprecation](https://nodejs.org/api/cli.html#throw-deprecation)
+- [--trace-deprecation](https://nodejs.org/api/cli.html#trace-deprecation)
 
 
 | Code | Description | How to solve | Discussion |

package/fastify.js

@@ -922,7 +922,7 @@ function defaultBuildPrettyMeta (route) {
 
 function defaultClientErrorHandler (err, socket) {
   // In case of a connection reset, the socket has been destroyed and there is nothing that needs to be done.
-  // https://nodejs.org/api/http.html#http_event_clienterror
+  // https://nodejs.org/api/http.html#event-clienterror
   if (err.code === 'ECONNRESET' || socket.destroyed) {
     return
   }

package/lib/request.js

@@ -43,18 +43,20 @@ function getTrustProxyFn (tp) {
   }
   if (tp === true) {
     // Support trusting everything
-    return null
+    return function () { return true }
   }
   if (typeof tp === 'number') {
     // Support trusting hop count
-    return function (a, i) { return i < tp }
+    return function (a, i) { return a != null && i < tp }
   }
   if (typeof tp === 'string') {
     // Support comma-separated tps
     const values = tp.split(',').map(it => it.trim())
-    return proxyAddr.compile(values)
+    const trust = proxyAddr.compile(values)
+    return function (a, i) { return a != null && trust(a, i) }
   }
-  return proxyAddr.compile(tp)
+  const trust = proxyAddr.compile(tp)
+  return function (a, i) { return a != null && trust(a, i) }
 }
 
 function buildRequest (R, trustProxy) {
@@ -117,7 +119,7 @@ function buildRequestWithTrustProxy (R, trustProxy) {
     },
     host: {
       get () {
-        if (this.ip !== undefined && this.headers['x-forwarded-host']) {
+        if (this.headers['x-forwarded-host'] && proxyFn(this.raw.socket?.remoteAddress, 0)) {
           return getLastEntryInMultiHeaderValue(this.headers['x-forwarded-host'])
         }
         /**
@@ -131,7 +133,7 @@ function buildRequestWithTrustProxy (R, trustProxy) {
     },
     protocol: {
       get () {
-        if (this.headers['x-forwarded-proto']) {
+        if (this.headers['x-forwarded-proto'] && proxyFn(this.raw.socket?.remoteAddress, 0)) {
           return getLastEntryInMultiHeaderValue(this.headers['x-forwarded-proto'])
         }
         if (this.socket) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "fastify",
-  "version": "5.8.2",
+  "version": "5.8.3",
   "description": "Fast and low overhead web framework, for Node.js",
   "main": "fastify.js",
   "type": "commonjs",

package/test/client-timeout.test.js

@@ -24,7 +24,7 @@ test('requestTimeout should return 408', (t, done) => {
     let data = Buffer.alloc(0)
     const socket = connect(fastify.server.address().port)
 
-    socket.write('POST / HTTP/1.1\r\nHost: example.com\r\nConnection-Length: 1\r\n')
+    socket.write('POST / HTTP/1.1\r\nHost: fastify.test\r\nConnection-Length: 1\r\n')
 
     socket.on('data', c => (data = Buffer.concat([data, c])))
     socket.on('end', () => {

package/test/close.test.js

@@ -230,7 +230,7 @@ test('Current opened connection should NOT continue to work after closing and re
 
     const port = fastify.server.address().port
     const client = net.createConnection({ port }, () => {
-      client.write('GET / HTTP/1.1\r\nHost: example.com\r\n\r\n')
+      client.write('GET / HTTP/1.1\r\nHost: fastify.test\r\n\r\n')
 
       client.on('error', function () {
         // Depending on the Operating System
@@ -247,7 +247,7 @@ test('Current opened connection should NOT continue to work after closing and re
         t.assert.match(data.toString(), /Connection:\s*keep-alive/i)
         t.assert.match(data.toString(), /200 OK/i)
 
-        client.write('GET / HTTP/1.1\r\nHost: example.com\r\n\r\n')
+        client.write('GET / HTTP/1.1\r\nHost: fastify.test\r\n\r\n')
       })
     })
   })

package/test/constrained-routes.test.js

@@ -33,7 +33,7 @@ test('Should register a host constrained route', async t => {
       method: 'GET',
       url: '/',
       headers: {
-        host: 'example.com'
+        host: 'fastify.test'
       }
     })
 
@@ -65,9 +65,9 @@ test('Should register the same route with host constraints', async t => {
   fastify.route({
     method: 'GET',
     url: '/',
-    constraints: { host: 'example.com' },
+    constraints: { host: 'fastify.test' },
     handler: (req, reply) => {
-      reply.send('example.com')
+      reply.send('fastify.test')
     }
   })
 
@@ -88,12 +88,12 @@ test('Should register the same route with host constraints', async t => {
       method: 'GET',
       url: '/',
       headers: {
-        host: 'example.com'
+        host: 'fastify.test'
       }
     })
 
     t.assert.strictEqual(res.statusCode, 200)
-    t.assert.strictEqual(res.payload, 'example.com')
+    t.assert.strictEqual(res.payload, 'fastify.test')
   }
 
   {
@@ -568,7 +568,7 @@ test('Should allow registering an unconstrained route after a constrained route'
       method: 'GET',
       url: '/',
       headers: {
-        host: 'example.com'
+        host: 'fastify.test'
       }
     })
     t.assert.deepStrictEqual(JSON.parse(res.payload), { hello: 'from any other domain' })

package/test/hooks.test.js

@@ -204,10 +204,10 @@ test('onRequest hook should support encapsulation / 2', (t, testDone) => {
   const fastify = Fastify()
   let pluginInstance
 
-  fastify.addHook('onRequest', () => {})
+  fastify.addHook('onRequest', () => { })
 
   fastify.register((instance, opts, done) => {
-    instance.addHook('onRequest', () => {})
+    instance.addHook('onRequest', () => { })
     pluginInstance = instance
     done()
   })
@@ -650,7 +650,7 @@ test('onRoute hook should preserve system route configuration', (t, testDone) =>
 test('onRoute hook should preserve handler function in options of shorthand route system configuration', (t, testDone) => {
   t.plan(2)
 
-  const handler = (req, reply) => {}
+  const handler = (req, reply) => { }
 
   const fastify = Fastify({ exposeHeadRoutes: false })
   fastify.register((instance, opts, done) => {
@@ -889,10 +889,10 @@ test('onResponse hook should support encapsulation / 2', (t, testDone) => {
   const fastify = Fastify()
   let pluginInstance
 
-  fastify.addHook('onResponse', () => {})
+  fastify.addHook('onResponse', () => { })
 
   fastify.register((instance, opts, done) => {
-    instance.addHook('onResponse', () => {})
+    instance.addHook('onResponse', () => { })
     pluginInstance = instance
     done()
   })
@@ -959,10 +959,10 @@ test('onSend hook should support encapsulation / 1', (t, testDone) => {
   const fastify = Fastify()
   let pluginInstance
 
-  fastify.addHook('onSend', () => {})
+  fastify.addHook('onSend', () => { })
 
   fastify.register((instance, opts, done) => {
-    instance.addHook('onSend', () => {})
+    instance.addHook('onSend', () => { })
     pluginInstance = instance
     done()
   })
@@ -1426,7 +1426,7 @@ test('cannot add hook after binding', (t, testDone) => {
     t.assert.ifError(err)
 
     try {
-      instance.addHook('onRequest', () => {})
+      instance.addHook('onRequest', () => { })
       t.assert.fail()
     } catch (e) {
       testDone()
@@ -2396,10 +2396,10 @@ test('preValidation hook should support encapsulation / 2', (t, testDone) => {
   const fastify = Fastify()
   let pluginInstance
 
-  fastify.addHook('preValidation', () => {})
+  fastify.addHook('preValidation', () => { })
 
   fastify.register((instance, opts, done) => {
-    instance.addHook('preValidation', () => {})
+    instance.addHook('preValidation', () => { })
     pluginInstance = instance
     done()
   })
@@ -2739,10 +2739,10 @@ test('preParsing hook should support encapsulation / 2', (t, testDone) => {
   const fastify = Fastify()
   let pluginInstance
 
-  fastify.addHook('preParsing', function a () {})
+  fastify.addHook('preParsing', function a () { })
 
   fastify.register((instance, opts, done) => {
-    instance.addHook('preParsing', function b () {})
+    instance.addHook('preParsing', function b () { })
     pluginInstance = instance
     done()
   })
@@ -3383,7 +3383,7 @@ test('onRequestAbort should be triggered', (t, testDone) => {
 
     const socket = connect(fastify.server.address().port)
 
-    socket.write('GET / HTTP/1.1\r\nHost: example.com\r\n\r\n')
+    socket.write('GET / HTTP/1.1\r\nHost: fastify.test\r\n\r\n')
 
     sleep(500).then(() => socket.destroy())
   })
@@ -3434,7 +3434,7 @@ test('onRequestAbort should support encapsulation', (t, testDone) => {
 
     const socket = connect(fastify.server.address().port)
 
-    socket.write('GET / HTTP/1.1\r\nHost: example.com\r\n\r\n')
+    socket.write('GET / HTTP/1.1\r\nHost: fastify.test\r\n\r\n')
 
     sleep(500).then(() => socket.destroy())
   })
@@ -3468,7 +3468,7 @@ test('onRequestAbort should handle errors / 1', (t, testDone) => {
 
     const socket = connect(fastify.server.address().port)
 
-    socket.write('GET / HTTP/1.1\r\nHost: example.com\r\n\r\n')
+    socket.write('GET / HTTP/1.1\r\nHost: fastify.test\r\n\r\n')
 
     sleep(500).then(() => socket.destroy())
   })
@@ -3502,7 +3502,7 @@ test('onRequestAbort should handle errors / 2', (t, testDone) => {
 
     const socket = connect(fastify.server.address().port)
 
-    socket.write('GET / HTTP/1.1\r\nHost: example.com\r\n\r\n')
+    socket.write('GET / HTTP/1.1\r\nHost: fastify.test\r\n\r\n')
 
     sleep(500).then(() => socket.destroy())
   })
@@ -3536,7 +3536,7 @@ test('onRequestAbort should handle async errors / 1', (t, testDone) => {
 
     const socket = connect(fastify.server.address().port)
 
-    socket.write('GET / HTTP/1.1\r\nHost: example.com\r\n\r\n')
+    socket.write('GET / HTTP/1.1\r\nHost: fastify.test\r\n\r\n')
 
     sleep(500).then(() => socket.destroy())
   })
@@ -3571,7 +3571,7 @@ test('onRequestAbort should handle async errors / 2', (t, testDone) => {
 
     const socket = connect(fastify.server.address().port)
 
-    socket.write('GET / HTTP/1.1\r\nHost: example.com\r\n\r\n')
+    socket.write('GET / HTTP/1.1\r\nHost: fastify.test\r\n\r\n')
 
     sleep(500).then(() => socket.destroy())
   })

package/test/http-methods/get.test.js

@@ -401,7 +401,7 @@ test('get test', async t => {
       path: '/port',
       method: 'GET',
       headers: {
-        host: 'example.com'
+        host: 'fastify.test'
       }
     })
 

package/test/http-methods/lock.test.js

@@ -9,7 +9,7 @@ const bodySample = `<?xml version="1.0" encoding="utf-8" ?>
           <D:lockscope> <D:exclusive/> </D:lockscope>
           <D:locktype> <D:write/> </D:locktype>
           <D:owner>
-            <D:href>http://example.org/~ejw/contact.html</D:href>
+            <D:href>http://fastify.test/~ejw/contact.html</D:href>
           </D:owner>
         </D:lockinfo> `
 
@@ -34,14 +34,14 @@ test('can be created - lock', t => {
                   </D:lockscope>
                   <D:depth>infinity</D:depth>
                   <D:owner>
-                    <D:href>http://example.org/~ejw/contact.html</D:href>
+                    <D:href>http://fastify.test/~ejw/contact.html</D:href>
                   </D:owner>
                   <D:timeout>Second-604800</D:timeout>
                   <D:locktoken>
                     <D:href>urn:uuid:e71d4fae-5dec-22d6-fea5-00a0c91e6be4</:href>
                   </D:locktoken>
                   <D:lockroot>
-                    <D:href>http://example.com/workspace/webdav/proposal.oc</D:href>
+                    <D:href>http://fastify.test/workspace/webdav/proposal.oc</D:href>
                   </D:lockroot>
                 </D:activelock>
               </D:lockdiscovery>

package/test/http-methods/propfind.test.js

@@ -6,7 +6,7 @@ fastify.addHttpMethod('PROPFIND', { hasBody: true })
 
 const bodySample = `<?xml version="1.0" encoding="utf-8" ?>
         <D:propfind xmlns:D="DAV:">
-          <D:prop xmlns:R="http://ns.example.com/boxschema/">
+          <D:prop xmlns:R="http://ns.fastify.test/boxschema/">
             <R:bigbox/> <R:author/> <R:DingALing/> <R:Random/>
           </D:prop>
         </D:propfind>

package/test/http-methods/proppatch.test.js

@@ -6,7 +6,7 @@ fastify.addHttpMethod('PROPPATCH', { hasBody: true })
 
 const bodySample = `<?xml version="1.0" encoding="utf-8" ?>
         <D:propertyupdate xmlns:D="DAV:"
-          xmlns:Z="http://ns.example.com/standards/z39.50/">
+          xmlns:Z="http://ns.fastify.test/standards/z39.50/">
           <D:set>
             <D:prop>
               <Z:Authors>
@@ -33,9 +33,9 @@ test('shorthand - proppatch', t => {
           .code(207)
           .send(`<?xml version="1.0" encoding="utf-8" ?>
             <D:multistatus xmlns:D="DAV:"
-              xmlns:Z="http://ns.example.com/standards/z39.50/">
+              xmlns:Z="http://ns.fastify.test/standards/z39.50/">
               <D:response>
-                <D:href>http://www.example.com/bar.html</D:href>
+                <D:href>http://www.fastify.test/bar.html</D:href>
                 <D:propstat>
                   <D:prop>
                     <Z:Authors/>

package/test/https/https.test.js

@@ -121,7 +121,7 @@ test('https - headers', async (t) => {
     const result = await request('https://localhost:' + fastify.server.address().port, {
       method: 'GET',
       headers: {
-        host: 'example.com'
+        host: 'fastify.test'
       },
       dispatcher: new Agent({
         connect: {
@@ -131,6 +131,6 @@ test('https - headers', async (t) => {
     })
 
     t.assert.strictEqual(result.statusCode, 200)
-    t.assert.deepStrictEqual(await result.body.json(), { hello: 'world', hostname: 'example.com', port: null })
+    t.assert.deepStrictEqual(await result.body.json(), { hello: 'world', hostname: 'fastify.test', port: null })
   })
 })

package/test/internals/reply.test.js

@@ -692,11 +692,11 @@ test('plain string with custom json content type should NOT be serialized as jso
   const customSamples = {
     collectionjson: {
       mimeType: 'application/vnd.collection+json',
-      sample: '{"collection":{"version":"1.0","href":"http://api.example.com/people/"}}'
+      sample: '{"collection":{"version":"1.0","href":"http://api.fastify.test/people/"}}'
     },
     hal: {
       mimeType: 'application/hal+json',
-      sample: '{"_links":{"self":{"href":"https://api.example.com/people/1"}},"name":"John Doe"}'
+      sample: '{"_links":{"self":{"href":"https://api.fastify.test/people/1"}},"name":"John Doe"}'
     },
     jsonapi: {
       mimeType: 'application/vnd.api+json',
@@ -777,11 +777,11 @@ test('non-string with custom json content type SHOULD be serialized as json', as
   const customSamples = {
     collectionjson: {
       mimeType: 'application/vnd.collection+json',
-      sample: JSON.parse('{"collection":{"version":"1.0","href":"http://api.example.com/people/"}}')
+      sample: JSON.parse('{"collection":{"version":"1.0","href":"http://api.fastify.test/people/"}}')
     },
     hal: {
       mimeType: 'application/hal+json',
-      sample: JSON.parse('{"_links":{"self":{"href":"https://api.example.com/people/1"}},"name":"John Doe"}')
+      sample: JSON.parse('{"_links":{"self":{"href":"https://api.fastify.test/people/1"}},"name":"John Doe"}')
     },
     jsonapi: {
       mimeType: 'application/vnd.api+json',

package/test/internals/request.test.js

@@ -214,7 +214,7 @@ test('Request with trust proxy', t => {
   t.plan(18)
   const headers = {
     'x-forwarded-for': '2.2.2.2, 1.1.1.1',
-    'x-forwarded-host': 'example.com'
+    'x-forwarded-host': 'fastify.test'
   }
   const req = {
     method: 'GET',
@@ -257,7 +257,7 @@ test('Request with trust proxy', t => {
   t.assert.strictEqual(request.log, 'log')
   t.assert.strictEqual(request.ip, '2.2.2.2')
   t.assert.deepStrictEqual(request.ips, ['ip', '1.1.1.1', '2.2.2.2'])
-  t.assert.strictEqual(request.host, 'example.com')
+  t.assert.strictEqual(request.host, 'fastify.test')
   t.assert.strictEqual(request.body, undefined)
   t.assert.strictEqual(request.method, 'GET')
   t.assert.strictEqual(request.url, '/')
@@ -272,7 +272,7 @@ test('Request with trust proxy, encrypted', t => {
   t.plan(2)
   const headers = {
     'x-forwarded-for': '2.2.2.2, 1.1.1.1',
-    'x-forwarded-host': 'example.com'
+    'x-forwarded-host': 'fastify.test'
   }
   const req = {
     method: 'GET',
@@ -377,7 +377,7 @@ test('Request with trust proxy - x-forwarded-host header has precedence over hos
   t.plan(2)
   const headers = {
     'x-forwarded-for': ' 2.2.2.2, 1.1.1.1',
-    'x-forwarded-host': 'example.com',
+    'x-forwarded-host': 'fastify.test',
     host: 'hostname'
   }
   const req = {
@@ -390,13 +390,13 @@ test('Request with trust proxy - x-forwarded-host header has precedence over hos
   const TpRequest = Request.buildRequest(Request, true)
   const request = new TpRequest('id', 'params', req, 'query', 'log')
   t.assert.ok(request instanceof TpRequest)
-  t.assert.strictEqual(request.host, 'example.com')
+  t.assert.strictEqual(request.host, 'fastify.test')
 })
 
 test('Request with trust proxy - handles multiple entries in x-forwarded-host/proto', t => {
   t.plan(3)
   const headers = {
-    'x-forwarded-host': 'example2.com, example.com',
+    'x-forwarded-host': 'example2.com, fastify.test',
     'x-forwarded-proto': 'http, https'
   }
   const req = {
@@ -409,7 +409,7 @@ test('Request with trust proxy - handles multiple entries in x-forwarded-host/pr
   const TpRequest = Request.buildRequest(Request, true)
   const request = new TpRequest('id', 'params', req, 'query', 'log')
   t.assert.ok(request instanceof TpRequest)
-  t.assert.strictEqual(request.host, 'example.com')
+  t.assert.strictEqual(request.host, 'fastify.test')
   t.assert.strictEqual(request.protocol, 'https')
 })
 
@@ -417,7 +417,7 @@ test('Request with trust proxy - plain', t => {
   t.plan(1)
   const headers = {
     'x-forwarded-for': '2.2.2.2, 1.1.1.1',
-    'x-forwarded-host': 'example.com'
+    'x-forwarded-host': 'fastify.test'
   }
   const req = {
     method: 'GET',
@@ -491,7 +491,7 @@ test('Request with trust proxy and undefined socket', t => {
   t.plan(1)
   const headers = {
     'x-forwarded-for': '2.2.2.2, 1.1.1.1',
-    'x-forwarded-host': 'example.com'
+    'x-forwarded-host': 'fastify.test'
   }
   const req = {
     method: 'GET',