mirrors/bun.sh
1
0
Fork 0
mirror of https://github.com/oven-sh/bun synced 2026-02-16 22:01:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

test: rename to issue number and improve filename regex

Browse Source 
- Rename test file to 26959.test.ts per regression test convention
- Fix Content-Disposition regex to match filename parameter anywhere
  in the header value, not just as the entire value
- Assert the regex match is found before checking captured group

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Claude Bot
2026-02-12 07:17:17 +00:00
parent 0177c433ec
commit 79ebfc8a24
1 changed files with 4 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
test/regression/issue/header-injection-content-disposition.test.ts → test/regression/issue/26959.test.ts
View File

@@ -47,11 +47,10 @@ test("Content-Disposition header injection via quotes in File name", async () =>
if (contentDisposition) {
expect(contentDisposition).not.toContain("\r");
expect(contentDisposition).not.toContain("\n");
// The inner filename value should not contain unescaped double quotes
const match = contentDisposition.match(/^filename="(.*)"$/);
if (match) {
expect(match[1]).not.toContain('"');
}
// The filename parameter value should not contain unescaped double quotes
const match = contentDisposition.match(/filename="([^"]*)"/);
expect(match).not.toBeNull();
expect(match![1]).not.toContain('"');
}
expect(body).toBe("hello");