From cc74f3c67c9ca5f266d0f64f8e63fc6b6cd1dac5 Mon Sep 17 00:00:00 2001 From: Pranshu Srivastava Date: Sat, 25 Apr 2020 15:47:37 +0530 Subject: [PATCH] http2: use `Object.create(null)` for `getHeaders` refactor `getHeaders` to initialize headers using `Object.create(null)` Refs: https://github.com/nodejs/node/issues/29829 PR-URL: https://github.com/nodejs/node/pull/33188 Reviewed-By: Ruben Bridgewater Reviewed-By: Matteo Collina Reviewed-By: James M Snell Reviewed-By: Sebastiaan Deckers Reviewed-By: Trivikram Kamat --- lib/internal/http2/compat.js | 3 ++- test/parallel/test-http2-compat-serverresponse-headers.js | 4 +++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/internal/http2/compat.js b/lib/internal/http2/compat.js index 851fec4b3a6ae5..742f8cb10e5459 100644 --- a/lib/internal/http2/compat.js +++ b/lib/internal/http2/compat.js @@ -555,7 +555,8 @@ class Http2ServerResponse extends Stream { } getHeaders() { - return { ...this[kHeaders] }; + const headers = ObjectCreate(null); + return ObjectAssign(headers, this[kHeaders]); } hasHeader(name) { diff --git a/test/parallel/test-http2-compat-serverresponse-headers.js b/test/parallel/test-http2-compat-serverresponse-headers.js index 14e480f611857a..96875e1bce3400 100644 --- a/test/parallel/test-http2-compat-serverresponse-headers.js +++ b/test/parallel/test-http2-compat-serverresponse-headers.js @@ -102,11 +102,13 @@ server.listen(0, common.mustCall(function() { response.setHeader(real, expectedValue); const expectedHeaderNames = [real]; assert.deepStrictEqual(response.getHeaderNames(), expectedHeaderNames); - const expectedHeaders = { [real]: expectedValue }; + const expectedHeaders = Object.create(null); + expectedHeaders[real] = expectedValue; assert.deepStrictEqual(response.getHeaders(), expectedHeaders); response.getHeaders()[fake] = fake; assert.strictEqual(response.hasHeader(fake), false); + assert.strictEqual(Object.getPrototypeOf(response.getHeaders()), null); assert.strictEqual(response.sendDate, true); response.sendDate = false;