kyfx
/
playwright
mirror of https://github.com/microsoft/playwright.git
4
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: do not hang in route.continue with unsafe header (#35201)

This commit is contained in:
Yury Semikhatsky 2025-03-14 14:02:45 -07:00 committed by GitHub
parent 90f6a657a1
commit ba0bb01114
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 30 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
packages/playwright-core/src/server/chromium/crNetworkManager.ts
View File

@ -660,6 +660,8 @@ async function catchDisallowedErrors(callback: () => Promise<void>) {
} catch (e) { } catch (e) {
if (isProtocolError(e) && e.message.includes('Invalid http status code or phrase')) if (isProtocolError(e) && e.message.includes('Invalid http status code or phrase'))
throw e; throw e;
if (isProtocolError(e) && e.message.includes('Unsafe header'))
throw e;
} }
} }

30
tests/page/page-request-continue.spec.ts
View File

@ -26,8 +26,10 @@ it('should work', async ({ page, server }) => {
it('should amend HTTP headers', async ({ page, server }) => { it('should amend HTTP headers', async ({ page, server }) => {
await page.route('**/*', route => { await page.route('**/*', route => {
const headers = Object.assign({}, route.request().headers()); const headers = {
headers['FOO'] = 'bar'; ...route.request().headers(),
FOO: 'bar'
};
void route.continue({ headers }); void route.continue({ headers });
}); });
await page.goto(server.EMPTY_PAGE); await page.goto(server.EMPTY_PAGE);
@ -38,6 +40,30 @@ it('should amend HTTP headers', async ({ page, server }) => {
expect(request.headers['foo']).toBe('bar'); expect(request.headers['foo']).toBe('bar');
}); });
it('should not allow to override unsafe HTTP headers', async ({ page, server, browserName }) => {
let resolve;
const routePromise = new Promise<Route>(f => resolve = f);
await page.route('**/*', route => resolve(route));
const serverRequestPromise = server.waitForRequest('/empty.html');
page.goto(server.EMPTY_PAGE).catch(() => {});
const route = await routePromise;
const error = await route.continue({
headers: {
...route.request().headers(),
host: 'bar'
}
}).catch(e => e);
if (browserName === 'chromium') {
expect(error.message).toContain('Unsafe header: host');
} else {
expect(error).toBeFalsy();
// These lines just document current behavior in FF and WK,
// we don't necessarily want to maintain this behavior.
const serverRequest = await serverRequestPromise;
expect(serverRequest.headers['host']).toBe('bar');
}
});
it('should delete header with undefined value', async ({ page, server, browserName }) => { it('should delete header with undefined value', async ({ page, server, browserName }) => {
it.info().annotations.push({ type: 'issue', description: 'https://github.com/microsoft/playwright/issues/13106' }); it.info().annotations.push({ type: 'issue', description: 'https://github.com/microsoft/playwright/issues/13106' });