Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Header validation is incorrect #132

Open
domenic opened this issue Sep 17, 2020 · 2 comments
Open

Header validation is incorrect #132

domenic opened this issue Sep 17, 2020 · 2 comments

Comments

@domenic
Copy link

domenic commented Sep 17, 2020

Using serve with the following serve.json:

{
  "headers": [
    {
      "source": "index.html",
      "headers": [{
        "key": "Origin-Isolation",
        "value": "?1"
      }]
    }
  ]
}

gives the following:

$ serve
INFO: Discovered configuration in `serve.json`
ERROR: The configuration you provided is wrong:
should match pattern "^[a-zA-Z0-9_!#$%&'*+.;/:, =^`|~-]+$"
{"pattern":"^[a-zA-Z0-9_!#$%&'*+.;/:, =^`|~-]+$"}

I eventually figured out it was complaining about the ? in my header value.

? is a perfectly valid value to find in headers. It is in fact required if you are using structured headers.
@gaelbonjour
Copy link

It is also a valid in report-uri directive of CSP headers.

@warren-bank
Copy link

warren-bank commented Feb 16, 2022
edited

shameless self-promotion alert:
this feature is fixed in my @warren-bank/serve fork of serve

rather than updating the regex pattern to include missing characters,
the regex pattern to validate string content in header key/value pairs is simply removed.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@domenic @warren-bank @gaelbonjour