@@ -77,6 +77,7 @@ describe('node', () => {
7777 ...mockNodeRequest ,
7878 headers : {
7979 'x-forwarded-host' : 'www2.example.com,www3.example.com' ,
80+ 'x-forwarded-proto' : 'https' ,
8081 } ,
8182 } ,
8283 { allowedDomains : [ { hostname : '**.example.com' } ] } ,
@@ -324,6 +325,7 @@ describe('node', () => {
324325 ...mockNodeRequest ,
325326 headers : {
326327 host : 'example.com' ,
328+ 'x-forwarded-host' : 'example.com' ,
327329 'x-forwarded-proto' : 'http' ,
328330 'x-forwarded-port' : '80' ,
329331 } ,
@@ -339,6 +341,7 @@ describe('node', () => {
339341 ...mockNodeRequest ,
340342 headers : {
341343 host : 'example.com' ,
344+ 'x-forwarded-host' : 'example.com' ,
342345 'x-forwarded-proto' : 'http,https' ,
343346 'x-forwarded-port' : '80,443' ,
344347 } ,
@@ -354,6 +357,7 @@ describe('node', () => {
354357 ...mockNodeRequest ,
355358 headers : {
356359 host : 'example.com' ,
360+ 'x-forwarded-host' : 'example.com' ,
357361 } ,
358362 } ,
359363 { allowedDomains : [ { hostname : 'example.com' } ] } ,
@@ -367,6 +371,7 @@ describe('node', () => {
367371 ...mockNodeRequest ,
368372 headers : {
369373 host : 'example.com' ,
374+ 'x-forwarded-host' : 'example.com' ,
370375 'x-forwarded-proto' : 'https://www.malicious-url.com/?tank=' ,
371376 } ,
372377 } ,
@@ -381,6 +386,7 @@ describe('node', () => {
381386 ...mockNodeRequest ,
382387 headers : {
383388 host : 'example.com' ,
389+ 'x-forwarded-host' : 'example.com' ,
384390 'x-forwarded-proto' : 'x:admin?' ,
385391 } ,
386392 } ,
@@ -395,6 +401,7 @@ describe('node', () => {
395401 ...mockNodeRequest ,
396402 headers : {
397403 host : 'example.com' ,
404+ 'x-forwarded-host' : 'example.com' ,
398405 'x-forwarded-proto' : 'https://localhost/vulnerable?' ,
399406 } ,
400407 } ,
@@ -409,6 +416,7 @@ describe('node', () => {
409416 ...mockNodeRequest ,
410417 headers : {
411418 host : 'example.com' ,
419+ 'x-forwarded-host' : 'example.com' ,
412420 'x-forwarded-proto' : 'javascript:alert(document.cookie)//' ,
413421 } ,
414422 } ,
@@ -423,6 +431,7 @@ describe('node', () => {
423431 ...mockNodeRequest ,
424432 headers : {
425433 host : 'example.com' ,
434+ 'x-forwarded-host' : 'example.com' ,
426435 'x-forwarded-proto' : '' ,
427436 } ,
428437 } ,
@@ -439,12 +448,12 @@ describe('node', () => {
439448 ...mockNodeRequest ,
440449 headers : {
441450 host : 'example.com' ,
451+ 'x-forwarded-host' : 'example.com' ,
442452 'x-forwarded-port' : '8443' ,
443453 } ,
444454 } ,
445455 {
446456 allowedDomains : [
447- { hostname : 'example.com' } ,
448457 { hostname : 'example.com' , port : '8443' } ,
449458 ] ,
450459 } ,
@@ -458,12 +467,12 @@ describe('node', () => {
458467 ...mockNodeRequest ,
459468 headers : {
460469 host : 'example.com' ,
470+ 'x-forwarded-host' : 'example.com' ,
461471 'x-forwarded-port' : '8443,3000' ,
462472 } ,
463473 } ,
464474 {
465475 allowedDomains : [
466- { hostname : 'example.com' } ,
467476 { hostname : 'example.com' , port : '8443' } ,
468477 ] ,
469478 } ,
@@ -477,6 +486,7 @@ describe('node', () => {
477486 ...mockNodeRequest ,
478487 headers : {
479488 host : 'example.com' ,
489+ 'x-forwarded-host' : 'example.com' ,
480490 'x-forwarded-port' : '8443' ,
481491 } ,
482492 } ,
@@ -491,6 +501,7 @@ describe('node', () => {
491501 ...mockNodeRequest ,
492502 headers : {
493503 host : 'example.com:3000' ,
504+ 'x-forwarded-host' : 'example.com' ,
494505 'x-forwarded-port' : '443' ,
495506 } ,
496507 } ,
0 commit comments