Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Factory
nodejs-electron
CVE-2024-30260-undici-clear-proxy-authorization...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2024-30260-undici-clear-proxy-authorization.patch of Package nodejs-electron
Manual backport of https://github.com/nodejs/undici/commit/6805746680d27a5369d7fb67bc05f95a28247d75 --- src/third_party/electron_node/deps/undici/src/lib/handler/RedirectHandler.js.old 2024-04-04 09:55:39.696980900 +0000 +++ src/third_party/electron_node/deps/undici/src/lib/handler/RedirectHandler.js 2024-04-09 16:52:37.888616200 +0000 @@ -188,7 +188,8 @@ function shouldRemoveHeader (header, rem (header.length === 4 && header.toString().toLowerCase() === 'host') || (removeContent && header.toString().toLowerCase().indexOf('content-') === 0) || (unknownOrigin && header.length === 13 && header.toString().toLowerCase() === 'authorization') || - (unknownOrigin && header.length === 6 && header.toString().toLowerCase() === 'cookie') + (unknownOrigin && header.length === 6 && header.toString().toLowerCase() === 'cookie') || + (unknownOrigin && header.length === 19 && header.toString().toLowerCase() === 'proxy-authorization') ) } --- src/third_party/electron_node/deps/undici/undici.js.old 2024-04-04 10:02:38.059765300 +0000 +++ src/third_party/electron_node/deps/undici/undici.js 2024-04-09 16:51:15.754041100 +0000 @@ -7902,7 +7902,7 @@ var require_RedirectHandler = __commonJS } __name(parseLocation, "parseLocation"); function shouldRemoveHeader(header, removeContent, unknownOrigin) { - return header.length === 4 && header.toString().toLowerCase() === "host" || removeContent && header.toString().toLowerCase().indexOf("content-") === 0 || unknownOrigin && header.length === 13 && header.toString().toLowerCase() === "authorization" || unknownOrigin && header.length === 6 && header.toString().toLowerCase() === "cookie"; + return header.length === 4 && header.toString().toLowerCase() === "host" || removeContent && header.toString().toLowerCase().indexOf("content-") === 0 || unknownOrigin && header.length === 13 && header.toString().toLowerCase() === "authorization" || unknownOrigin && header.length === 6 && header.toString().toLowerCase() === "cookie" || unknownOrigin && header.length === 19 && header.toString().toLowerCase() === "proxy-authorization" } __name(shouldRemoveHeader, "shouldRemoveHeader"); function cleanRequestHeaders(headers, removeContent, unknownOrigin) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor