Ensure canonicalHeaders respects extraHeadersToInclude/Ignore

Fixes #157 #158 #168 We introduce an extra function here, filterHeaders, and a cached value filteredHeaders similar to parsedPath. Code isn't exactly as I'd write it using modern JS, but this fits in with the current style and ensures we don't accidentally use any newer JS APIs.
mhart · Aug 6, 2024 · 658294c · 658294c
1 parent c6eb3a2
commit 658294c
Show file tree

Hide file tree

Showing 2 changed files with 63 additions and 21 deletions.
diff --git a/aws4.js b/aws4.js
@@ -295,36 +295,31 @@ RequestSigner.prototype.canonicalString = function() {
   ].join('\n')
 }
 
-RequestSigner.prototype.canonicalHeaders = function() {
+RequestSigner.prototype.filterHeaders = function() {
   var headers = this.request.headers,
       extraHeadersToInclude = this.extraHeadersToInclude,
       extraHeadersToIgnore = this.extraHeadersToIgnore
-  function trimAll(header) {
-    return header.toString().trim().replace(/\s+/g, ' ')
-  }
-  return Object.entries(headers)
-    .map(function(entry) { return [entry[0].toLowerCase(), entry[1]] })
+  this.filteredHeaders = Object.keys(headers)
+    .map(function(key) { return [key.toLowerCase(), headers[key]] })
     .filter(function(entry) {
-      var key = entry[0]
-      return extraHeadersToInclude[key] ||
-        (HEADERS_TO_IGNORE[key] == null && !extraHeadersToIgnore[key])
+      return extraHeadersToInclude[entry[0]] ||
+        (HEADERS_TO_IGNORE[entry[0]] == null && !extraHeadersToIgnore[entry[0]])
     })
     .sort(function(a, b) { return a[0] < b[0] ? -1 : 1 })
-    .map(function(entry) { return entry[0] + ':' + trimAll(entry[1]) })
-    .join('\n')
+}
+
+RequestSigner.prototype.canonicalHeaders = function() {
+  if (!this.filteredHeaders) this.filterHeaders()
+
+  return this.filteredHeaders.map(function(entry) {
+    return entry[0] + ':' + entry[1].toString().trim().replace(/\s+/g, ' ')
+  }).join('\n')
 }
 
 RequestSigner.prototype.signedHeaders = function() {
-  var extraHeadersToInclude = this.extraHeadersToInclude,
-      extraHeadersToIgnore = this.extraHeadersToIgnore
-  return Object.keys(this.request.headers)
-    .map(function(key) { return key.toLowerCase() })
-    .filter(function(key) {
-      return extraHeadersToInclude[key] ||
-        (HEADERS_TO_IGNORE[key] == null && !extraHeadersToIgnore[key])
-    })
-    .sort()
-    .join(';')
+  if (!this.filteredHeaders) this.filterHeaders()
+
+  return this.filteredHeaders.map(function(entry) { return entry[0] }).join(';')
 }
 
 RequestSigner.prototype.credentialString = function() {

diff --git a/test/fast.js b/test/fast.js
@@ -746,6 +746,53 @@ describe('aws4', function() {
       signer.sign().path.should.equal('/?a=&A=')
     })
 
+    it('should deal with extraHeadersToIgnore', function() {
+      var signer = new RequestSigner({
+        host: '07tjusf2h91cunochc.us-east-1.aoss.amazonaws.com',
+        method: 'PUT',
+        path: '/my-index',
+        body: '{"mappings":{}}',
+        headers: {
+          Date: date,
+          'Content-Type': 'application/json',
+          'X-Amz-Content-Sha256': 'UNSIGNED-PAYLOAD',
+        },
+        extraHeadersToIgnore: {
+          'content-length': true
+        },
+      })
+      var canonical = signer.canonicalString().split('\n')
+
+      canonical[3].should.equal('content-type:application/json')
+      canonical[4].should.equal('date:Wed, 26 Dec 2012 06:10:30 GMT')
+      canonical[5].should.equal('host:07tjusf2h91cunochc.us-east-1.aoss.amazonaws.com')
+      canonical[6].should.equal('x-amz-content-sha256:UNSIGNED-PAYLOAD')
+      canonical[7].should.equal('x-amz-date:20121226T061030Z')
+      canonical[8].should.equal('')
+      canonical[9].should.equal('content-type;date;host;x-amz-content-sha256;x-amz-date')
+    })
+
+    it('should deal with extraHeadersToInclude', function() {
+      var signer = new RequestSigner({
+        service: 'someservice',
+        path: '/whatever',
+        headers: {
+          Date: date,
+          'Range': 'bytes=200-1000, 2000-6576, 19000-',
+        },
+        extraHeadersToInclude: {
+          'range': true
+        },
+      })
+      var canonical = signer.canonicalString().split('\n')
+
+      canonical[3].should.equal('date:Wed, 26 Dec 2012 06:10:30 GMT')
+      canonical[4].should.equal('host:someservice.us-east-1.amazonaws.com')
+      canonical[5].should.equal('range:bytes=200-1000, 2000-6576, 19000-')
+      canonical[6].should.equal('x-amz-date:20121226T061030Z')
+      canonical[7].should.equal('')
+      canonical[8].should.equal('date;host;range;x-amz-date')
+    })
   })
 
   describe('with AWS test suite', function() {