weird headers getting passed through
mandric opened this issue · comments
There are two headers, uri and statusCode which are not valid http that are being returned from the httpAgent code see lib/nano.js line 195. This could lead to some sensitive information being leaked to the client if you're just passing headers through from CouchDB. Let me know if you think this is a real problem, I'd be happy to try to come up with a valid patch.
Here's an example:
$ curl -I http://localhost:3333
HTTP/1.1 200 OK
X-Powered-By: Express
etag: "2-8f443270fec4fb34bbc4ebca93a565d3"
date: Tue, 09 Feb 2016 05:24:29 GMT
Content-Type: application/json; charset=utf-8
cache-control: must-revalidate
statusCode: 200
uri: http://admin:secret@localhost:5984/test/foo
Content-Length: 713
Connection: keep-alive
var express = require('express'),
db = require('nano')('http://admin:secret@localhost:5984/test'),
app = module.exports = express();
app.get('/', function(request,response) {
db.get('foo', function (error, body, headers) {
for (var k in headers) {
response.header(k, headers[k]);
}
if (error) {
return response.status(error.statusCode).send(error.reason);
}
response.send(body, 200);
});
});
app.listen(3333);
Just checking back here, any comments? Do you agree this is a bug/potential security issue?
This repository has been merged into apache/couchdb-nano, please continue the discussion here