hapi-swagger - npm Package Compare versions

Comparing version 9.1.2 to 9.1.3

lib/builder.js

@@ -150,4 +150,10 @@ const Hoek = require('hoek');
 internals.getHost = function(request) {
-    let host = request.info.hostname;
-    const port = request.server.info.port;
+    const proxyHost = request.headers['x-forwarded-host'] || request.headers['disguised-host'] || '';
+    if (proxyHost) {
+        return proxyHost;
+    }
+
+    const reqHost = request.info.host.split(':');
+    const host = reqHost[0];
+    const port = parseInt(reqHost[1] || '', 10);
     const protocol = request.server.info.protocol;
@@ -158,15 +164,11 @@
     /* $lab:coverage:off$ */
-    if (
-        (port && (protocol === 'http' && port !== 80)) ||
-        (protocol === 'https' && port !== 443)
+    if (!isNaN(port) &&
+        ((protocol === 'http' && port !== 80) ||
+        (protocol === 'https' && port !== 443))
     ) {
-        host += ':' + port;
+        return host + ':' + port;
     }
     /* $lab:coverage:on$ */
 
-    return (
-        request.headers['x-forwarded-host'] ||
-        request.headers['disguised-host'] ||
-        host
-    );
+    return host;
 };
@@ -173,0 +175,0 @@

package.json

 {
   "name": "hapi-swagger",
   "description": "A swagger documentation UI generator plugin for hapi",
-  "version": "9.1.2",
+  "version": "9.1.3",
   "author": "Glenn Jones",
@@ -6,0 +6,0 @@ "repository": {

test/Integration/builder-test.js

@@ -253,2 +253,22 @@ const Joi = require('joi');
 
+    lab.test('getSwaggerJSON determines host and port from request info', async () => {
+
+        const server = await Helper.createServer({});
+
+        const response = await server.inject({ method: 'GET', headers: { host: '194.418.15.24:7645' }, url: '/swagger.json' });
+
+        expect(response.statusCode).to.equal(200);
+        expect(response.result.host).to.equal('194.418.15.24:7645');
+    });
+
+    lab.test('getSwaggerJSON doesn\'t specify port from request info when port is default', async () => {
+
+        const server = await Helper.createServer({});
+
+        const response = await server.inject({ method: 'GET', headers: { host: '194.418.15.24:80' }, url: '/swagger.json' });
+
+        expect(response.statusCode).to.equal(200);
+        expect(response.result.host).to.equal('194.418.15.24');
+    });
+
 });
@@ -255,0 +275,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

New author

Supply chain risk

A new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

3901604

increased by0.02%

Lines of code

47977

increased by0.03%

Number of medium supply chain risk alerts

6

decreased by-14.29%

No dependency changes