fix!: immutable headers guards for incoming response and downstream request

Guy Bedford · Guy Bedford · commit e8c1af13e500 · 2024-10-11T17:31:32.000-07:00
diff --git a/integration-tests/js-compute/fixtures/app/src/request-headers.js b/integration-tests/js-compute/fixtures/app/src/request-headers.js
@@ -1,4 +1,5 @@
 /* eslint-env serviceworker */
+import { assertThrows } from './assertions.js';
 import { routes } from './routes.js';
 
 {
@@ -7,6 +8,11 @@ import { routes } from './routes.js';
      * @type {Request} request
      **/
     const request = event.request;
+
+    assertThrows(() => {
+      request.headers.set('should-be', 'immutable');
+    }, TypeError);
+
     const headers = {};
     for (const [name, value] of request.headers.entries()) {
       if (!headers[name]) {
diff --git a/integration-tests/js-compute/fixtures/app/src/response.js b/integration-tests/js-compute/fixtures/app/src/response.js
@@ -1,7 +1,7 @@
 /* eslint-env serviceworker */
 
 import { routes } from './routes.js';
-import { assert } from './assertions.js';
+import { assert, assertThrows } from './assertions.js';
 import { allowDynamicBackends } from 'fastly:experimental';
 
 routes.set('/response/stall', async (event) => {
@@ -64,6 +64,11 @@ routes.set('/response/request-body-init', async () => {
       accept: 'image/webp',
     },
   });
+
+  assertThrows(() => {
+    downloadResp.headers.set('should-be', 'immutable');
+  }, TypeError);
+
   // stream it through an echo proxy
   const postResp = await fetch(
     new Request('https://httpbin.org/anything', {
diff --git a/runtime/fastly/builtins/fetch/request-response.cpp b/runtime/fastly/builtins/fetch/request-response.cpp
@@ -459,7 +459,7 @@ JSObject *Request::headers(JSContext *cx, JS::HandleObject obj) {
   if (!headers) {
     MOZ_ASSERT(is_instance(obj));
     if (is_downstream(obj)) {
-      headers = Headers::create(cx, request_handle(obj).headers(), Headers::HeadersGuard::Request);
+      headers = Headers::create(cx, request_handle(obj).headers(), Headers::HeadersGuard::Immutable);
     } else {
       headers = Headers::create(cx, Headers::HeadersGuard::Request);
     }
@@ -481,7 +481,7 @@ JSObject *Response::headers(JSContext *cx, JS::HandleObject obj) {
       headers =
           Headers::create(cx, response_handle(obj).headers(), Headers::HeadersGuard::Response);
     } else {
-      headers = Headers::create(cx, Headers::HeadersGuard::Response);
+      headers = Headers::create(cx, Headers::HeadersGuard::Immutable);
     }
     if (!headers) {
       return nullptr;
