mirror of
https://github.com/axios/axios.git
synced 2026-04-15 03:26:10 +08:00
945435fc51
* fix(node): enforce maxContentLength for data: URLs (pre-decode size check)- CVE-2025-58754 * feat(utils): add estimateDataURLDecodedBytes helper and fix duplicate condition in base64 padding check * feat: add estimateDataURLDecodedBytes helper with tests
31 lines
1.1 KiB
JavaScript
31 lines
1.1 KiB
JavaScript
import assert from 'assert';
|
|
import estimateDataURLDecodedBytes from '../../../lib/helpers/estimateDataURLDecodedBytes.js';
|
|
|
|
describe('estimateDataURLDecodedBytes', () => {
|
|
it('should return 0 for non-data URLs', () => {
|
|
assert.strictEqual(estimateDataURLDecodedBytes('http://example.com'), 0);
|
|
});
|
|
|
|
it('should calculate length for simple non-base64 data URL', () => {
|
|
const url = 'data:,Hello';
|
|
assert.strictEqual(estimateDataURLDecodedBytes(url), Buffer.byteLength('Hello', 'utf8'));
|
|
});
|
|
|
|
it('should calculate decoded length for base64 data URL', () => {
|
|
const str = 'Hello';
|
|
const b64 = Buffer.from(str, 'utf8').toString('base64');
|
|
const url = `data:text/plain;base64,${b64}`;
|
|
assert.strictEqual(estimateDataURLDecodedBytes(url), str.length);
|
|
});
|
|
|
|
it('should handle base64 with = padding', () => {
|
|
const url = 'data:text/plain;base64,TQ=='; // "M"
|
|
assert.strictEqual(estimateDataURLDecodedBytes(url), 1);
|
|
});
|
|
|
|
it('should handle base64 with %3D padding', () => {
|
|
const url = 'data:text/plain;base64,TQ%3D%3D'; // "M"
|
|
assert.strictEqual(estimateDataURLDecodedBytes(url), 1);
|
|
});
|
|
});
|