Skip to content

Commit f53edbb

Browse files
committed
Limit the headers removed for 304 response
closes #204
1 parent 706d6dd commit f53edbb

File tree

3 files changed

+28
-8
lines changed

3 files changed

+28
-8
lines changed

HISTORY.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ unreleased
22
==========
33

44
* Fix emitted 416 error missing headers property
5+
* Limit the headers removed for 304 response
56
* deps: depd@2.0.0
67
- Replace internal `eval` usage with `Function` constructor
78
- Use instance methods on `process` to check for listeners

index.js

Lines changed: 6 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -347,21 +347,19 @@ SendStream.prototype.isPreconditionFailure = function isPreconditionFailure () {
347347
}
348348

349349
/**
350-
* Strip content-* header fields.
350+
* Strip various content header fields for a change in entity.
351351
*
352352
* @private
353353
*/
354354

355355
SendStream.prototype.removeContentHeaderFields = function removeContentHeaderFields () {
356356
var res = this.res
357-
var headers = getHeaderNames(res)
358357

359-
for (var i = 0; i < headers.length; i++) {
360-
var header = headers[i]
361-
if (header.substr(0, 8) === 'content-' && header !== 'content-location') {
362-
res.removeHeader(header)
363-
}
364-
}
358+
res.removeHeader('Content-Encoding')
359+
res.removeHeader('Content-Language')
360+
res.removeHeader('Content-Length')
361+
res.removeHeader('Content-Range')
362+
res.removeHeader('Content-Type')
365363
}
366364

367365
/**

test/send.js

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -440,6 +440,27 @@ describe('send(file).pipe(res)', function () {
440440
})
441441
})
442442

443+
it('should not remove all Content-* headers', function (done) {
444+
var server = createServer({ root: fixtures }, function (req, res) {
445+
res.setHeader('Content-Location', 'http://localhost/name.txt')
446+
res.setHeader('Content-Security-Policy', 'default-src \'self\'')
447+
})
448+
449+
request(server)
450+
.get('/name.txt')
451+
.expect(200, function (err, res) {
452+
if (err) return done(err)
453+
request(server)
454+
.get('/name.txt')
455+
.set('If-None-Match', res.headers.etag)
456+
.expect(shouldNotHaveHeader('Content-Length'))
457+
.expect(shouldNotHaveHeader('Content-Type'))
458+
.expect('Content-Location', 'http://localhost/name.txt')
459+
.expect('Content-Security-Policy', 'default-src \'self\'')
460+
.expect(304, done)
461+
})
462+
})
463+
443464
describe('where "If-Match" is set', function () {
444465
it('should respond with 200 when "*"', function (done) {
445466
request(app)

0 commit comments

Comments
 (0)