diff --git a/packages/verified-fetch/src/utils/request-headers.ts b/packages/verified-fetch/src/utils/request-headers.ts index 124f4209..109bae8f 100644 --- a/packages/verified-fetch/src/utils/request-headers.ts +++ b/packages/verified-fetch/src/utils/request-headers.ts @@ -13,14 +13,12 @@ export function getHeader (headers: HeadersInit | undefined, header: string): st const entry = headers.find(([key]) => key.toLowerCase() === header.toLowerCase()) return entry?.[1] } - if (typeof headers === 'object') { - const key = Object.keys(headers).find(k => k.toLowerCase() === header.toLowerCase()) - if (key == null) { - return undefined - } - return headers[key] + const key = Object.keys(headers).find(k => k.toLowerCase() === header.toLowerCase()) + if (key == null) { + return undefined } - return headers[header] + + return headers[key] } /** diff --git a/packages/verified-fetch/src/verified-fetch.ts b/packages/verified-fetch/src/verified-fetch.ts index 3da6f074..60cde747 100644 --- a/packages/verified-fetch/src/verified-fetch.ts +++ b/packages/verified-fetch/src/verified-fetch.ts @@ -378,28 +378,9 @@ export class VerifiedFetch { length = rangeWithSize.length } } - - if (offset != null) { - if (offset < 0) { - // the requested range start is negative - this.log.error('range start %d is negative', offset) - return badRangeResponse(resource) - } else if (stat.fileSize < offset) { - // the requested range start is larger than the requested content size - this.log.error('range start %d is larger than the requested content size %d', offset, stat.fileSize) - return badRangeResponse(resource) - } else if (length != null && Number(stat.fileSize) < (offset + length)) { - // the requested range is larger than the requested content size - this.log.error('range end %d is larger than the requested content size %d', offset + length, stat.fileSize) - return badRangeResponse(resource) - } - } - if (length != null) { - if (Number(stat.fileSize) < length) { - // the requested range is larger than the requested content size - this.log.error('range end %d is larger than the requested content size %d', length, stat.fileSize) - return badRangeResponse(resource) - } + const resp = this.checkForInvalidRangeRequest({ stat, offset, length, resource }) + if (resp != null) { + return resp } } @@ -487,6 +468,31 @@ export class VerifiedFetch { response.headers.set('content-type', contentType) } + private checkForInvalidRangeRequest ({ offset, length, resource, stat }: { offset?: number, length?: number, resource: string, stat: UnixFSStats }): Response | undefined { + if (offset != null) { + if (offset < 0) { + // the requested range start is negative + this.log.error('range start %d is negative', offset) + return badRangeResponse(resource) + } else if (stat.fileSize < offset) { + // the requested range start is larger than the requested content size + this.log.error('range start %d is larger than the requested content size %d', offset, stat.fileSize) + return badRangeResponse(resource) + } else if (length != null && Number(stat.fileSize) < (offset + length)) { + // the requested range is larger than the requested content size + this.log.error('range end %d is larger than the requested content size %d', offset + length, stat.fileSize) + return badRangeResponse(resource) + } + } + if (length != null) { + if (Number(stat.fileSize) < length) { + // the requested range is larger than the requested content size + this.log.error('range end %d is larger than the requested content size %d', length, stat.fileSize) + return badRangeResponse(resource) + } + } + } + /** * If the user has not specified an Accept header or format query string arg, * use the CID codec to choose an appropriate handler for the block data. diff --git a/packages/verified-fetch/test/utils/request-headers.spec.ts b/packages/verified-fetch/test/utils/request-headers.spec.ts index 12d7b730..9bfbbae3 100644 --- a/packages/verified-fetch/test/utils/request-headers.spec.ts +++ b/packages/verified-fetch/test/utils/request-headers.spec.ts @@ -4,8 +4,10 @@ import { getHeader, getRequestRange } from '../../src/utils/request-headers.js' describe('request-headers', () => { describe('getHeader', () => { it('should return undefined when headers are undefined', () => { - const result = getHeader(undefined, 'dummy') - expect(result).to.be.undefined() + expect(getHeader(undefined, 'dummy')).to.be.undefined() + expect(getHeader(new Headers(), 'dummy')).to.be.undefined() + expect(getHeader({}, 'dummy')).to.be.undefined() + expect(getHeader([], 'dummy')).to.be.undefined() }) it('should return correct header value for Headers instance', () => {