@@ -20,8 +20,6 @@ const querystring_parse = require('querystring').decode;
2020const request_ip_get = require ( 'ipware' ) ( ) . get_ip ;
2121
2222// constants
23- const AGENT_CHECK_BOT = / b o t | g o o g l e b o t | c r a w l e r | s p i d e r | r o b o t | c r a w l i n g | f a v i c o n / i;
24- const AGENT_CHECK_MOBIL = / ( a n d r o i d | b b \d + | m e e g o ) .+ m o b i l e | a v a n t g o | b a d a \/ | b l a c k b e r r y | b l a z e r | c o m p a l | e l a i n e | f e n n e c | h i p t o p | i e m o b i l e | i p ( h o n e | o d ) | i r i s | k i n d l e | l g e | m a e m o | m i d p | m m p | m o b i l e .+ f i r e f o x | n e t f r o n t | o p e r a m ( o b | i n ) i | p a l m ( o s ) ? | p h o n e | p ( i x i | r e ) \/ | p l u c k e r | p o c k e t | p s p | s e r i e s ( 4 | 6 ) 0 | s y m b i a n | t r e o | u p \. ( b r o w s e r | l i n k ) | v o d a f o n e | w a p | w i n d o w s c e | x d a | x i i n o | a n d r o i d | i p a d | p l a y b o o k | s i l k / i;
2523const GZIP_OPTIONS = { level : 9 } ;
2624const HTTP_LIST_REG = / , \s * / ;
2725const IMPORT_REG = / \b i m p o r t \( / g;
@@ -778,6 +776,7 @@ const request_handle = async (request, response, https) => {
778776 const request_method = request . method ;
779777 const request_headers = request . headers ;
780778 const request_ip = request_ip_get ( request ) . clientIp ;
779+ const request_method_head = request_method === 'HEAD' ;
781780
782781 if ( 'x-forwarded-proto' in request_headers ) {
783782 https = request_headers [ 'x-forwarded-proto' ] === 'https' ;
@@ -866,6 +865,7 @@ const request_handle = async (request, response, https) => {
866865
867866 let file_gz_enabled = (
868867 gz_enabled &&
868+ ! request_method_head &&
869869 'accept-encoding' in request_headers &&
870870 ! type_raws . has ( file_type ) &&
871871 request_headers [ 'accept-encoding' ] . split ( HTTP_LIST_REG ) . includes ( 'gzip' )
@@ -876,7 +876,10 @@ const request_handle = async (request, response, https) => {
876876 ! path_statics . has ( path )
877877 ) ;
878878
879- if ( request_method !== 'GET' ) {
879+ if (
880+ ! request_method_head &&
881+ request_method !== 'GET'
882+ ) {
880883 if ( ! file_dyn_enabled ) throw 405 ;
881884 if ( 'content-length' in request_headers ) {
882885 request_body_promise = new Promise ( resolve => {
@@ -923,6 +926,12 @@ const request_handle = async (request, response, https) => {
923926 if ( file_content . includes ( '\r' ) ) {
924927 throw 'illegal line break, must be unix' ;
925928 }
929+ if (
930+ file_content . includes ( 'response.write(' ) ||
931+ file_content . includes ( 'response.end(' )
932+ ) {
933+ throw 'response.write() not allowed, use output.write()' ;
934+ }
926935 if ( file_content . includes ( 'globals.' ) ) {
927936 log ( `[deprecated] ${ path } ) ;
928937 }
@@ -1120,14 +1129,15 @@ const request_handle = async (request, response, https) => {
11201129 }
11211130 }
11221131
1123- const request_headers_user_agent = file_function_input [ 'user_agent' ] = request_headers [ 'user-agent' ] ;
1124- file_function_input [ 'bot' ] = AGENT_CHECK_BOT . test ( request_headers_user_agent ) ;
1125- file_function_input [ 'mobil' ] = AGENT_CHECK_MOBIL . test ( request_headers_user_agent ) ;
1126-
11271132 file_function_input [ 'https' ] = https ;
11281133 file_function_input [ 'ip' ] = request_ip ;
1129- file_function_input [ 'method' ] = request_method . toLowerCase ( ) ;
1134+ file_function_input [ 'method' ] = (
1135+ request_method_head
1136+ ? 'get'
1137+ : request_method . toLowerCase ( )
1138+ ) ;
11301139 file_function_input [ 'path' ] = request_url_parsed . pathname ;
1140+ file_function_input [ 'user_agent' ] = request_headers [ 'user-agent' ] ;
11311141
11321142 let file_function_output ;
11331143 response . setHeader ( 'Cache-Control' , 'no-cache, no-store' ) ;
@@ -1155,6 +1165,13 @@ const request_handle = async (request, response, https) => {
11551165 )
11561166 ] ) ;
11571167
1168+ if ( request_method_head ) {
1169+ file_function_output . write =
1170+ file_function_output . end = ( ) => {
1171+ throw null ;
1172+ }
1173+ }
1174+
11581175 await services_loaded_promise ;
11591176
11601177 let returned ;
@@ -1183,11 +1200,15 @@ const request_handle = async (request, response, https) => {
11831200 log ( `[deprecated] ${ path } ) ;
11841201 returned = err ;
11851202 }
1186- else {
1203+ else if ( err !== null ) {
11871204 log ( `[error] ${ path } ${ typeof err } ) ;
11881205 returned = 500 ;
11891206 }
11901207 }
1208+ if ( request_method_head ) {
1209+ delete file_function_output . write ;
1210+ delete file_function_output . end ;
1211+ }
11911212 if ( returned != null ) {
11921213 if ( response . headersSent ) {
11931214 if (
@@ -1244,7 +1265,12 @@ const request_handle = async (request, response, https) => {
12441265 response . setHeader ( 'Content-Length' , file_stat . size ) ;
12451266 }
12461267
1247- file_data . pipe ( response ) ;
1268+ if ( request_method_head ) {
1269+ response . end ( ) ;
1270+ }
1271+ else {
1272+ file_data . pipe ( response ) ;
1273+ }
12481274 }
12491275 }
12501276 catch ( err ) {
0 commit comments