1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-01-16 10:54:14 -05:00
Commit graph

3456 commits

Author SHA1 Message Date
Yusuke Sakurai
b9e5e4c7ec
fix: test_create_cache_if_dir_not_exit (#4636)
This test doesn't remove created directory after test. It will fail on next run.
2020-04-06 10:08:53 -04:00
Andrew Stucki
1e478d73e3
Drop headers with trailing whitespace in header name (#4642)
This relates directly to [an
issue](https://github.com/denoland/deno_std/issues/620) that I initially
raised in `deno_std` awhile back, and was reminded about it today when
the `oak` project popped up on my github recommended repos.

As of now Deno's http servers are vulnerable to the same underlying
issue of go CVE-2019-16276 due to the fact that it's based off of ported
go code from their old standard library. [Here's the commit that fixed
the
CVE.](6e6f4aaf70)

Long story short, some off the shelf proxies and caching servers allow
for passing unaltered malformed headers to backends that they're
fronting. When they pass invalid headers that they don't understand this
can cause issues with HTTP request smuggling. I believe that to this
date, this is the default behavior of AWS ALBs--meaning any server that
strips whitespace from the tail end of header field names and then
interprets the header, when placed behind an ALB, is susceptible to
request smuggling.

The current behavior is actually specifically called out in [RFC
7230](https://tools.ietf.org/html/rfc7230#section-3.2.4) as something
that MUST result in a rejected message, but the change corresponding to
this PR, is more lenient and what both go and nginx currently do, and is
better than the current behavior.
2020-04-06 09:58:46 -04:00
Andreas
703c0b7c17
feat(std/flags): pass key and value to unknown (#4637) 2020-04-06 09:27:10 -04:00
Ondřej Žára
0ea9562933
docs: add README to cli/js/web/ (#4578) 2020-04-06 13:06:11 +02:00
crowlKats
6720a0dc02
feat: Add File support in FormData (#4632) 2020-04-05 15:49:04 -04:00
Andres Villegas
2911fcc78d
Enable inspector tests (#4628) 2020-04-04 14:46:09 -04:00
Khải
788a6abfd3
fix(std/testing): formatting bigint (#4626) 2020-04-04 13:13:37 -04:00
Nayeem Rahman
faa0f520cf
doc: Improve the style guide (#4627) 2020-04-04 13:11:43 -04:00
Lorran Rosa
b017409dcd
on init create disk_cache directory if it doesn't already exists (#4617) 2020-04-03 22:43:49 -04:00
Kitson Kelly
f527407287
clippy (#4618) 2020-04-03 22:41:16 -04:00
Parker Gabel
0db04d6a42
fix(#4546) Added Math.trunc to toSecondsFromEpoch to conform the result to u64 (#4575) 2020-04-03 15:20:40 -04:00
Yusuke Sakurai
2426174485
feat: Expose ReadableStream and make Blob more standardized (#4581)
Co-authored-by: crowlkats <crowlkats@gmail.com>
2020-04-03 14:55:23 -04:00
Ryan Dahl
cb0acfe305
v0.39.0 2020-04-03 14:38:56 -04:00
dubiousjim
a5fc505edb
fix erroneous assert (#4608) 2020-04-03 13:49:05 -04:00
dubiousjim
6f9c78979d
Properly handle invalid utf8 in paths (#4609) 2020-04-03 13:47:57 -04:00
dubiousjim
c5c3abc517
adjust docs for Deno.seek (#4610) 2020-04-03 13:45:44 -04:00
Bert Belder
c0cb198114
Make inspector more robust, add --inspect-brk support (#4552) 2020-04-03 13:40:11 -04:00
Bartek Iwańczuk
3f489ae1ae
fix: async ops sanitizer false positives in timers (#4602) 2020-04-03 19:20:36 +02:00
Bartek Iwańczuk
efb022a50c
upgrade dprint to 0.9.10 (#4601) 2020-04-03 18:35:03 +02:00
Ryan Dahl
13db64fbc6
Remove /std/media_types (#4594) 2020-04-03 12:11:52 -04:00
Bartek Iwańczuk
e99374a0a3
make Worker.poll private (#4603) 2020-04-03 18:01:45 +02:00
dubiousjim
ce02167c75
Improve tests and docs for Deno.rename (#4597) 2020-04-03 11:00:16 -04:00
Andy Finch
d8f32c7eff
remove Send trait requirement from the Resource trait (#4585) 2020-04-03 10:35:28 -04:00
Ondřej Žára
6204555be3
"deno doc" parses the "implements" clause of a class def (#4604) 2020-04-03 14:11:50 +02:00
Ondřej Žára
b57d075c07
deno doc parses super-class names (#4595)
Co-Authored-By: Luca Casonato <luca.casonato@antipy.com>
2020-04-03 10:32:46 +02:00
Ryan Dahl
c8fc29fcca
Revert "Respond with 400 on request parse failure" (#4593)
readRequest should not write a response.

This reverts commit 017a611131.
2020-04-02 15:20:17 -04:00
dubiousjim
7a9273d9cf
Refactor and expand mkdir tests (#4579) 2020-04-02 14:54:33 -04:00
Luca Casonato
470681cd3c
Publish deno types on release (#4583) 2020-04-02 11:56:09 -04:00
Ryan Dahl
c738797944
feat: deno test --filter (#4570) 2020-04-02 09:26:40 -04:00
Ryan Dahl
ff0b32f81d
upgrade: rusty_v8 v0.3.10 (#4576) 2020-04-02 09:24:29 -04:00
Luca Casonato
3d56f3afca
Added 'declare' handling to 'deno doc' (#4573) 2020-04-02 11:38:13 +02:00
Kitson Kelly
2e24385c48
Support dynamic import in bundles. (#4561) 2020-04-01 23:14:30 -04:00
Marcus Weiner
2ff8012dcc
Expose global state publicly (#4572) 2020-04-01 19:41:32 -04:00
Ryan Dahl
12c6b2395b
Move encode, decode helpers to /std/encoding/utf8.ts, delete /std/strings/ (#4565)
also removes std/encoding/mod.ts and std/archive/mod.ts which are useless.
2020-04-01 15:23:39 -04:00
木杉
3a0b617503
std(media_types): change .ts content type to application/typescript (#4563) 2020-04-01 15:04:36 -04:00
Ryan Dahl
578138a930
Remove std/strings/pad.ts because String.prototype.padStart exists (#4564) 2020-04-01 20:28:16 +02:00
Chris Knight
1c30d755bf
better parameter names for a couple functions (#4559) 2020-04-01 12:57:33 -04:00
Khải
fa7929ad2c
fix(file_server): use media_types for Content-Type header (#4555) 2020-04-01 12:51:01 -04:00
木杉
5ac2c4aa2e
fix(#4550): setCookie should append cookies (#4558) 2020-04-01 09:37:11 -04:00
木杉
6291ac82ee
fix(#4554): use --inspect in repl & eval (#4562) 2020-04-01 09:35:34 -04:00
Nayeem Rahman
270e87d9db
refactor(cli/js/testing): Reduce testing interfaces (#4451)
* Reduce "testing" interfaces
* Use a callback instead of a generator for Deno.runTests()
* Default RunTestsOptions::reportToConsole to true
* Compose TestMessage into a single interface
2020-04-01 10:47:23 +02:00
Nayeem Rahman
017a611131
feat(std/http/server): Respond with 400 on request parse failure (#4551) 2020-04-01 10:24:05 +02:00
Chris Knight
857d96001d
doc: Improve API documentation and add examples (#4548) 2020-03-31 23:21:37 -04:00
Ryan Dahl
8a6b8faeb5
Remove old release files (#4545)
deno_install scripts were updated in
b635b52584
2020-03-31 23:30:09 +02:00
crowlKats
7b675a332c
fix: invalid blob type (#4536) 2020-03-31 14:42:18 -04:00
dubiousjim
d4d0b5d90c
Properly track isFile, isSymlink, isDirectory (#4541)
* Properly track isFile, isSymlink, isDirectory

These don't exhaust all the possibilities, so none of them should be
defined as "neither of the others".

* empty
2020-03-31 13:46:25 -04:00
Ondřej Žára
a86b07f2df
used native padStart/End where possible (#4537) 2020-03-31 12:34:13 +02:00
dubiousjim
bdcb926b37
Fix umask test (#4533) 2020-03-30 19:02:02 -04:00
Michał Sabiniarz
30fdf6dc83
console: print promise details (#4524) 2020-03-30 19:01:19 -04:00
Andres Villegas
3892d49165
fix: Add check to fail the benchmark test on server error (#4519) 2020-03-30 14:04:45 -04:00