Skip to content

Commit 8509fdb

Browse files
semantic-release-botsemantic-release-bot
committed
build(release): compiled action for 2.1.6
[skip ci]
1 parent 1fa9ddd commit 8509fdb

File tree

1 file changed

+29
-3
lines changed

1 file changed

+29
-3
lines changed

Diff for: dist/index.js

+29-3
Original file line numberDiff line numberDiff line change
@@ -32647,7 +32647,7 @@ Object.defineProperty(Response.prototype, Symbol.toStringTag, {
3264732647
});
3264832648

3264932649
const INTERNALS$2 = Symbol('Request internals');
32650-
const URL = whatwgUrl.URL;
32650+
const URL = Url.URL || whatwgUrl.URL;
3265132651

3265232652
// fix an issue where "format", "parse" aren't a named export for node <10
3265332653
const parse_url = Url.parse;
@@ -32910,9 +32910,17 @@ AbortError.prototype = Object.create(Error.prototype);
3291032910
AbortError.prototype.constructor = AbortError;
3291132911
AbortError.prototype.name = 'AbortError';
3291232912

32913+
const URL$1 = Url.URL || whatwgUrl.URL;
32914+
3291332915
// fix an issue where "PassThrough", "resolve" aren't a named export for node <10
3291432916
const PassThrough$1 = Stream.PassThrough;
32915-
const resolve_url = Url.resolve;
32917+
32918+
const isDomainOrSubdomain = function isDomainOrSubdomain(destination, original) {
32919+
const orig = new URL$1(original).hostname;
32920+
const dest = new URL$1(destination).hostname;
32921+
32922+
return orig === dest || orig[orig.length - dest.length - 1] === '.' && orig.endsWith(dest);
32923+
};
3291632924

3291732925
/**
3291832926
* Fetch function
@@ -33000,7 +33008,19 @@ function fetch(url, opts) {
3300033008
const location = headers.get('Location');
3300133009

3300233010
// HTTP fetch step 5.3
33003-
const locationURL = location === null ? null : resolve_url(request.url, location);
33011+
let locationURL = null;
33012+
try {
33013+
locationURL = location === null ? null : new URL$1(location, request.url).toString();
33014+
} catch (err) {
33015+
// error here can only be invalid URL in Location: header
33016+
// do not throw when options.redirect == manual
33017+
// let the user extract the errorneous redirect URL
33018+
if (request.redirect !== 'manual') {
33019+
reject(new FetchError(`uri requested responds with an invalid redirect URL: ${location}`, 'invalid-redirect'));
33020+
finalize();
33021+
return;
33022+
}
33023+
}
3300433024

3300533025
// HTTP fetch step 5.5
3300633026
switch (request.redirect) {
@@ -33048,6 +33068,12 @@ function fetch(url, opts) {
3304833068
size: request.size
3304933069
};
3305033070

33071+
if (!isDomainOrSubdomain(request.url, locationURL)) {
33072+
for (const name of ['authorization', 'www-authenticate', 'cookie', 'cookie2']) {
33073+
requestOpts.headers.delete(name);
33074+
}
33075+
}
33076+
3305133077
// HTTP-redirect fetch step 9
3305233078
if (res.statusCode !== 303 && request.body && getTotalBytes(request) === null) {
3305333079
reject(new FetchError('Cannot follow redirect with body being a readable stream', 'unsupported-redirect'));

0 commit comments

Comments
 (0)