undici 6.21.0 → 7.0.0-alpha.10

package/lib/util/cache.js

@@ -0,0 +1,360 @@
+'use strict'
+
+const {
+  safeHTTPMethods
+} = require('../core/util')
+
+/**
+ *
+ * @param {import('../../types/dispatcher.d.ts').default.DispatchOptions} opts
+ */
+function makeCacheKey (opts) {
+  if (!opts.origin) {
+    throw new Error('opts.origin is undefined')
+  }
+
+  /** @type {Record<string, string[] | string>} */
+  let headers
+  if (opts.headers == null) {
+    headers = {}
+  } else if (typeof opts.headers[Symbol.iterator] === 'function') {
+    headers = {}
+    for (const x of opts.headers) {
+      if (!Array.isArray(x)) {
+        throw new Error('opts.headers is not a valid header map')
+      }
+      const [key, val] = x
+      if (typeof key !== 'string' || typeof val !== 'string') {
+        throw new Error('opts.headers is not a valid header map')
+      }
+      headers[key] = val
+    }
+  } else if (typeof opts.headers === 'object') {
+    headers = opts.headers
+  } else {
+    throw new Error('opts.headers is not an object')
+  }
+
+  return {
+    origin: opts.origin.toString(),
+    method: opts.method,
+    path: opts.path,
+    headers
+  }
+}
+
+/**
+ * @param {any} key
+ */
+function assertCacheKey (key) {
+  if (typeof key !== 'object') {
+    throw new TypeError(`expected key to be object, got ${typeof key}`)
+  }
+
+  for (const property of ['origin', 'method', 'path']) {
+    if (typeof key[property] !== 'string') {
+      throw new TypeError(`expected key.${property} to be string, got ${typeof key[property]}`)
+    }
+  }
+
+  if (key.headers !== undefined && typeof key.headers !== 'object') {
+    throw new TypeError(`expected headers to be object, got ${typeof key}`)
+  }
+}
+
+/**
+ * @param {any} value
+ */
+function assertCacheValue (value) {
+  if (typeof value !== 'object') {
+    throw new TypeError(`expected value to be object, got ${typeof value}`)
+  }
+
+  for (const property of ['statusCode', 'cachedAt', 'staleAt', 'deleteAt']) {
+    if (typeof value[property] !== 'number') {
+      throw new TypeError(`expected value.${property} to be number, got ${typeof value[property]}`)
+    }
+  }
+
+  if (typeof value.statusMessage !== 'string') {
+    throw new TypeError(`expected value.statusMessage to be string, got ${typeof value.statusMessage}`)
+  }
+
+  if (value.headers != null && typeof value.headers !== 'object') {
+    throw new TypeError(`expected value.rawHeaders to be object, got ${typeof value.headers}`)
+  }
+
+  if (value.vary !== undefined && typeof value.vary !== 'object') {
+    throw new TypeError(`expected value.vary to be object, got ${typeof value.vary}`)
+  }
+
+  if (value.etag !== undefined && typeof value.etag !== 'string') {
+    throw new TypeError(`expected value.etag to be string, got ${typeof value.etag}`)
+  }
+}
+
+/**
+ * @see https://www.rfc-editor.org/rfc/rfc9111.html#name-cache-control
+ * @see https://www.iana.org/assignments/http-cache-directives/http-cache-directives.xhtml
+
+ * @param {string | string[]} header
+ * @returns {import('../../types/cache-interceptor.d.ts').default.CacheControlDirectives}
+ */
+function parseCacheControlHeader (header) {
+  /**
+   * @type {import('../../types/cache-interceptor.d.ts').default.CacheControlDirectives}
+   */
+  const output = {}
+
+  let directives
+  if (Array.isArray(header)) {
+    directives = []
+
+    for (const directive of header) {
+      directives.push(...directive.split(','))
+    }
+  } else {
+    directives = header.split(',')
+  }
+
+  for (let i = 0; i < directives.length; i++) {
+    const directive = directives[i].toLowerCase()
+    const keyValueDelimiter = directive.indexOf('=')
+
+    let key
+    let value
+    if (keyValueDelimiter !== -1) {
+      key = directive.substring(0, keyValueDelimiter).trimStart()
+      value = directive.substring(keyValueDelimiter + 1)
+    } else {
+      key = directive.trim()
+    }
+
+    switch (key) {
+      case 'min-fresh':
+      case 'max-stale':
+      case 'max-age':
+      case 's-maxage':
+      case 'stale-while-revalidate':
+      case 'stale-if-error': {
+        if (value === undefined || value[0] === ' ') {
+          continue
+        }
+
+        if (
+          value.length >= 2 &&
+          value[0] === '"' &&
+          value[value.length - 1] === '"'
+        ) {
+          value = value.substring(1, value.length - 1)
+        }
+
+        const parsedValue = parseInt(value, 10)
+        // eslint-disable-next-line no-self-compare
+        if (parsedValue !== parsedValue) {
+          continue
+        }
+
+        if (key === 'max-age' && key in output && output[key] >= parsedValue) {
+          continue
+        }
+
+        output[key] = parsedValue
+
+        break
+      }
+      case 'private':
+      case 'no-cache': {
+        if (value) {
+          // The private and no-cache directives can be unqualified (aka just
+          //  `private` or `no-cache`) or qualified (w/ a value). When they're
+          //  qualified, it's a list of headers like `no-cache=header1`,
+          //  `no-cache="header1"`, or `no-cache="header1, header2"`
+          // If we're given multiple headers, the comma messes us up since
+          //  we split the full header by commas. So, let's loop through the
+          //  remaining parts in front of us until we find one that ends in a
+          //  quote. We can then just splice all of the parts in between the
+          //  starting quote and the ending quote out of the directives array
+          //  and continue parsing like normal.
+          // https://www.rfc-editor.org/rfc/rfc9111.html#name-no-cache-2
+          if (value[0] === '"') {
+            // Something like `no-cache="some-header"` OR `no-cache="some-header, another-header"`.
+
+            // Add the first header on and cut off the leading quote
+            const headers = [value.substring(1)]
+
+            let foundEndingQuote = value[value.length - 1] === '"'
+            if (!foundEndingQuote) {
+              // Something like `no-cache="some-header, another-header"`
+              //  This can still be something invalid, e.g. `no-cache="some-header, ...`
+              for (let j = i + 1; j < directives.length; j++) {
+                const nextPart = directives[j]
+                const nextPartLength = nextPart.length
+
+                headers.push(nextPart.trim())
+
+                if (nextPartLength !== 0 && nextPart[nextPartLength - 1] === '"') {
+                  foundEndingQuote = true
+                  break
+                }
+              }
+            }
+
+            if (foundEndingQuote) {
+              let lastHeader = headers[headers.length - 1]
+              if (lastHeader[lastHeader.length - 1] === '"') {
+                lastHeader = lastHeader.substring(0, lastHeader.length - 1)
+                headers[headers.length - 1] = lastHeader
+              }
+
+              if (key in output) {
+                output[key] = output[key].concat(headers)
+              } else {
+                output[key] = headers
+              }
+            }
+          } else {
+            // Something like `no-cache=some-header`
+            if (key in output) {
+              output[key] = output[key].concat(value)
+            } else {
+              output[key] = [value]
+            }
+          }
+
+          break
+        }
+      }
+      // eslint-disable-next-line no-fallthrough
+      case 'public':
+      case 'no-store':
+      case 'must-revalidate':
+      case 'proxy-revalidate':
+      case 'immutable':
+      case 'no-transform':
+      case 'must-understand':
+      case 'only-if-cached':
+        if (value) {
+          // These are qualified (something like `public=...`) when they aren't
+          //  allowed to be, skip
+          continue
+        }
+
+        output[key] = true
+        break
+      default:
+        // Ignore unknown directives as per https://www.rfc-editor.org/rfc/rfc9111.html#section-5.2.3-1
+        continue
+    }
+  }
+
+  return output
+}
+
+/**
+ * @param {string | string[]} varyHeader Vary header from the server
+ * @param {Record<string, string | string[]>} headers Request headers
+ * @returns {Record<string, string | string[]>}
+ */
+function parseVaryHeader (varyHeader, headers) {
+  if (typeof varyHeader === 'string' && varyHeader.includes('*')) {
+    return headers
+  }
+
+  const output = /** @type {Record<string, string | string[]>} */ ({})
+
+  const varyingHeaders = typeof varyHeader === 'string'
+    ? varyHeader.split(',')
+    : varyHeader
+  for (const header of varyingHeaders) {
+    const trimmedHeader = header.trim().toLowerCase()
+
+    if (headers[trimmedHeader]) {
+      output[trimmedHeader] = headers[trimmedHeader]
+    } else {
+      return undefined
+    }
+  }
+
+  return output
+}
+
+/**
+ * Note: this deviates from the spec a little. Empty etags ("", W/"") are valid,
+ *  however, including them in cached resposnes serves little to no purpose.
+ *
+ * @see https://www.rfc-editor.org/rfc/rfc9110.html#name-etag
+ *
+ * @param {string} etag
+ * @returns {boolean}
+ */
+function isEtagUsable (etag) {
+  if (etag.length <= 2) {
+    // Shortest an etag can be is two chars (just ""). This is where we deviate
+    //  from the spec requiring a min of 3 chars however
+    return false
+  }
+
+  if (etag[0] === '"' && etag[etag.length - 1] === '"') {
+    // ETag: ""asd123"" or ETag: "W/"asd123"", kinda undefined behavior in the
+    //  spec. Some servers will accept these while others don't.
+    // ETag: "asd123"
+    return !(etag[1] === '"' || etag.startsWith('"W/'))
+  }
+
+  if (etag.startsWith('W/"') && etag[etag.length - 1] === '"') {
+    // ETag: W/"", also where we deviate from the spec & require a min of 3
+    //  chars
+    // ETag: for W/"", W/"asd123"
+    return etag.length !== 4
+  }
+
+  // Anything else
+  return false
+}
+
+/**
+ * @param {unknown} store
+ * @returns {asserts store is import('../../types/cache-interceptor.d.ts').default.CacheStore}
+ */
+function assertCacheStore (store, name = 'CacheStore') {
+  if (typeof store !== 'object' || store === null) {
+    throw new TypeError(`expected type of ${name} to be a CacheStore, got ${store === null ? 'null' : typeof store}`)
+  }
+
+  for (const fn of ['get', 'createWriteStream', 'delete']) {
+    if (typeof store[fn] !== 'function') {
+      throw new TypeError(`${name} needs to have a \`${fn}()\` function`)
+    }
+  }
+}
+/**
+ * @param {unknown} methods
+ * @returns {asserts methods is import('../../types/cache-interceptor.d.ts').default.CacheMethods[]}
+ */
+function assertCacheMethods (methods, name = 'CacheMethods') {
+  if (!Array.isArray(methods)) {
+    throw new TypeError(`expected type of ${name} needs to be an array, got ${methods === null ? 'null' : typeof methods}`)
+  }
+
+  if (methods.length === 0) {
+    throw new TypeError(`${name} needs to have at least one method`)
+  }
+
+  for (const method of methods) {
+    if (!safeHTTPMethods.includes(method)) {
+      throw new TypeError(`element of ${name}-array needs to be one of following values: ${safeHTTPMethods.join(', ')}, got ${method}`)
+    }
+  }
+}
+
+module.exports = {
+  makeCacheKey,
+  assertCacheKey,
+  assertCacheValue,
+  parseCacheControlHeader,
+  parseVaryHeader,
+  isEtagUsable,
+  assertCacheMethods,
+  assertCacheStore
+}

package/lib/web/cache/cache.js

@@ -1,12 +1,11 @@
 'use strict'
 
-const { kConstruct } = require('./symbols')
+const { kConstruct } = require('../../core/symbols')
 const { urlEquals, getFieldValues } = require('./util')
 const { kEnumerableProperty, isDisturbed } = require('../../core/util')
 const { webidl } = require('../fetch/webidl')
-const { Response, cloneResponse, fromInnerResponse } = require('../fetch/response')
-const { Request, fromInnerRequest } = require('../fetch/request')
-const { kState } = require('../fetch/symbols')
+const { cloneResponse, fromInnerResponse, getResponseState } = require('../fetch/response')
+const { Request, fromInnerRequest, getRequestState } = require('../fetch/request')
 const { fetching } = require('../fetch/index')
 const { urlIsHttpHttpsScheme, createDeferredPromise, readAllBytes } = require('../fetch/util')
 const assert = require('node:assert')
@@ -116,7 +115,7 @@ class Cache {
       }
 
       // 3.1
-      const r = request[kState]
+      const r = getRequestState(request)
 
       // 3.2
       if (!urlIsHttpHttpsScheme(r.url) || r.method !== 'GET') {
@@ -134,7 +133,7 @@ class Cache {
     // 5.
     for (const request of requests) {
       // 5.1
-      const r = new Request(request)[kState]
+      const r = getRequestState(new Request(request))
 
       // 5.2
       if (!urlIsHttpHttpsScheme(r.url)) {
@@ -270,10 +269,10 @@ class Cache {
     let innerRequest = null
 
     // 2.
-    if (request instanceof Request) {
-      innerRequest = request[kState]
+    if (webidl.is.Request(request)) {
+      innerRequest = getRequestState(request)
     } else { // 3.
-      innerRequest = new Request(request)[kState]
+      innerRequest = getRequestState(new Request(request))
     }
 
     // 4.
@@ -285,7 +284,7 @@ class Cache {
     }
 
     // 5.
-    const innerResponse = response[kState]
+    const innerResponse = getResponseState(response)
 
     // 6.
     if (innerResponse.status === 206) {
@@ -335,7 +334,7 @@ class Cache {
       const reader = stream.getReader()
 
       // 11.3
-      readAllBytes(reader).then(bodyReadPromise.resolve, bodyReadPromise.reject)
+      readAllBytes(reader, bodyReadPromise.resolve, bodyReadPromise.reject)
     } else {
       bodyReadPromise.resolve(undefined)
     }
@@ -402,8 +401,8 @@ class Cache {
      */
     let r = null
 
-    if (request instanceof Request) {
-      r = request[kState]
+    if (webidl.is.Request(request)) {
+      r = getRequestState(request)
 
       if (r.method !== 'GET' && !options.ignoreMethod) {
         return false
@@ -411,7 +410,7 @@ class Cache {
     } else {
       assert(typeof request === 'string')
 
-      r = new Request(request)[kState]
+      r = getRequestState(new Request(request))
     }
 
     /** @type {CacheBatchOperation[]} */
@@ -468,16 +467,16 @@ class Cache {
     // 2.
     if (request !== undefined) {
       // 2.1
-      if (request instanceof Request) {
+      if (webidl.is.Request(request)) {
         // 2.1.1
-        r = request[kState]
+        r = getRequestState(request)
 
         // 2.1.2
         if (r.method !== 'GET' && !options.ignoreMethod) {
           return []
         }
       } else if (typeof request === 'string') { // 2.2
-        r = new Request(request)[kState]
+        r = getRequestState(new Request(request))
       }
     }
 
@@ -515,6 +514,7 @@ class Cache {
       for (const request of requests) {
         const requestObject = fromInnerRequest(
           request,
+          undefined,
           new AbortController().signal,
           'immutable'
         )
@@ -749,9 +749,9 @@ class Cache {
 
     // 2.
     if (request !== undefined) {
-      if (request instanceof Request) {
+      if (webidl.is.Request(request)) {
         // 2.1.1
-        r = request[kState]
+        r = getRequestState(request)
 
         // 2.1.2
         if (r.method !== 'GET' && !options.ignoreMethod) {
@@ -759,7 +759,7 @@ class Cache {
         }
       } else if (typeof request === 'string') {
         // 2.2.1
-        r = new Request(request)[kState]
+        r = getRequestState(new Request(request))
       }
     }
 
@@ -848,7 +848,10 @@ webidl.converters.MultiCacheQueryOptions = webidl.dictionaryConverter([
   }
 ])
 
-webidl.converters.Response = webidl.interfaceConverter(Response)
+webidl.converters.Response = webidl.interfaceConverter(
+  webidl.is.Response,
+  'Response'
+)
 
 webidl.converters['sequence<RequestInfo>'] = webidl.sequenceConverter(
   webidl.converters.RequestInfo

package/lib/web/cache/cachestorage.js

@@ -1,9 +1,9 @@
 'use strict'
 
-const { kConstruct } = require('./symbols')
 const { Cache } = require('./cache')
 const { webidl } = require('../fetch/webidl')
 const { kEnumerableProperty } = require('../../core/util')
+const { kConstruct } = require('../../core/symbols')
 
 class CacheStorage {
   /**

package/lib/web/cookies/index.js

@@ -5,18 +5,20 @@ const { stringify } = require('./util')
 const { webidl } = require('../fetch/webidl')
 const { Headers } = require('../fetch/headers')
 
+const brandChecks = webidl.brandCheckMultiple([Headers, globalThis.Headers].filter(Boolean))
+
 /**
  * @typedef {Object} Cookie
  * @property {string} name
  * @property {string} value
- * @property {Date|number|undefined} expires
- * @property {number|undefined} maxAge
- * @property {string|undefined} domain
- * @property {string|undefined} path
- * @property {boolean|undefined} secure
- * @property {boolean|undefined} httpOnly
- * @property {'Strict'|'Lax'|'None'} sameSite
- * @property {string[]} unparsed
+ * @property {Date|number} [expires]
+ * @property {number} [maxAge]
+ * @property {string} [domain]
+ * @property {string} [path]
+ * @property {boolean} [secure]
+ * @property {boolean} [httpOnly]
+ * @property {'Strict'|'Lax'|'None'} [sameSite]
+ * @property {string[]} [unparsed]
  */
 
 /**
@@ -26,9 +28,11 @@ const { Headers } = require('../fetch/headers')
 function getCookies (headers) {
   webidl.argumentLengthCheck(arguments, 1, 'getCookies')
 
-  webidl.brandCheck(headers, Headers, { strict: false })
+  brandChecks(headers)
 
   const cookie = headers.get('cookie')
+
+  /** @type {Record<string, string>} */
   const out = {}
 
   if (!cookie) {
@@ -51,7 +55,7 @@ function getCookies (headers) {
  * @returns {void}
  */
 function deleteCookie (headers, name, attributes) {
-  webidl.brandCheck(headers, Headers, { strict: false })
+  brandChecks(headers)
 
   const prefix = 'deleteCookie'
   webidl.argumentLengthCheck(arguments, 2, prefix)
@@ -76,7 +80,7 @@ function deleteCookie (headers, name, attributes) {
 function getSetCookies (headers) {
   webidl.argumentLengthCheck(arguments, 1, 'getSetCookies')
 
-  webidl.brandCheck(headers, Headers, { strict: false })
+  brandChecks(headers)
 
   const cookies = headers.getSetCookie()
 
@@ -87,6 +91,16 @@ function getSetCookies (headers) {
   return cookies.map((pair) => parseSetCookie(pair))
 }
 
+/**
+ * Parses a cookie string
+ * @param {string} cookie
+ */
+function parseCookie (cookie) {
+  cookie = webidl.converters.DOMString(cookie)
+
+  return parseSetCookie(cookie)
+}
+
 /**
  * @param {Headers} headers
  * @param {Cookie} cookie
@@ -95,14 +109,14 @@ function getSetCookies (headers) {
 function setCookie (headers, cookie) {
   webidl.argumentLengthCheck(arguments, 2, 'setCookie')
 
-  webidl.brandCheck(headers, Headers, { strict: false })
+  brandChecks(headers)
 
   cookie = webidl.converters.Cookie(cookie)
 
   const str = stringify(cookie)
 
   if (str) {
-    headers.append('Set-Cookie', str)
+    headers.append('set-cookie', str, true)
   }
 }
 
@@ -180,5 +194,6 @@ module.exports = {
   getCookies,
   deleteCookie,
   getSetCookies,
-  setCookie
+  setCookie,
+  parseCookie
 }

package/lib/web/cookies/parse.js

@@ -4,12 +4,13 @@ const { maxNameValuePairSize, maxAttributeValueSize } = require('./constants')
 const { isCTLExcludingHtab } = require('./util')
 const { collectASequenceOfCodePointsFast } = require('../fetch/data-url')
 const assert = require('node:assert')
+const { unescape } = require('node:querystring')
 
 /**
  * @description Parses the field-value attributes of a set-cookie header string.
  * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4
  * @param {string} header
- * @returns if the header is invalid, null will be returned
+ * @returns {import('./index').Cookie|null} if the header is invalid, null will be returned
  */
 function parseSetCookie (header) {
   // 1. If the set-cookie-string contains a %x00-08 / %x0A-1F / %x7F
@@ -76,8 +77,12 @@ function parseSetCookie (header) {
 
   // 6. The cookie-name is the name string, and the cookie-value is the
   //    value string.
+  // https://datatracker.ietf.org/doc/html/rfc6265
+  // To maximize compatibility with user agents, servers that wish to
+  // store arbitrary data in a cookie-value SHOULD encode that data, for
+  // example, using Base64 [RFC4648].
   return {
-    name, value, ...parseUnparsedAttributes(unparsedAttributes)
+    name, value: unescape(value), ...parseUnparsedAttributes(unparsedAttributes)
   }
 }
 
@@ -85,7 +90,7 @@ function parseSetCookie (header) {
  * Parses the remaining attributes of a set-cookie header
  * @see https://datatracker.ietf.org/doc/html/draft-ietf-httpbis-rfc6265bis#section-5.4
  * @param {string} unparsedAttributes
- * @param {[Object.<string, unknown>]={}} cookieAttributeList
+ * @param {Object.<string, unknown>} [cookieAttributeList={}]
  */
 function parseUnparsedAttributes (unparsedAttributes, cookieAttributeList = {}) {
   // 1. If the unparsed-attributes string is empty, skip the rest of