Comparing version 0.4.0 to 0.4.1
{ | ||
"name": "fast-jwt", | ||
"version": "0.4.0", | ||
"version": "0.4.1", | ||
"description": "Fast JSON Web Token implementation", | ||
@@ -5,0 +5,0 @@ "author": "NearForm Ltd", |
@@ -176,4 +176,3 @@ 'use strict' | ||
if (checkTyp) { | ||
const headerTyp = (header.typ || '').toLowerCase().replace(/^application\//, '') | ||
if (checkTyp !== headerTyp) { | ||
if (typeof header.typ !== 'string' || checkTyp !== header.typ.toLowerCase().replace(/^application\//, '')) { | ||
throw new TokenError(TokenError.codes.invalidType, 'Invalid typ.') | ||
@@ -180,0 +179,0 @@ } |
@@ -82,2 +82,13 @@ 'use strict' | ||
t.throws( | ||
() => | ||
verify( | ||
'eyJhbGciOiJIUzI1NiIsInR5cCI6MX0.eyJhIjoxfQ.V6I7eoKYlMG7ipqpsWoZcNZaGOVGPom0rnztq1q2tS4', | ||
{ checkTyp: 'JWT' } | ||
), | ||
{ | ||
message: 'Invalid typ.' | ||
} | ||
) | ||
t.strictDeepEqual( | ||
@@ -84,0 +95,0 @@ verify('eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhIjoxfQ.57TF7smP9XDhIexBqPC-F1toZReYZLWb_YRU5tv0sxM', { |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
198401
3617