Undici does not like lowercase method names #2079
Comments
|
I don't think the spec disallows lower case methods. This looks more like a user error than a bug. |
|
I am going to try to distill a use case that proves the problem that happens when method is |
|
I believe you. But I am not convinced this is a undici bug. |
|
Let me dig a bit deeper - if it is me I will happily close :-). |
|
Here is a snippet where I can reproduce it without fail: const {
request,
Agent
} = require("undici");
function testUndici() {
const token = process.env.TOKEN;
if (!token) {
exit("Missing token - exiting");
return;
}
// Making a put
const options = {
headers: {
"Authorization": "Bearer " + token,
"Accept": "application/json"
},
method: "GET",
dispatcher: new Agent({ connect: { rejectUnauthorized: false } })
};
request("https://localhost:9442/v2/user_profiles/dejan@ca.ibm.com", options)
.then((response) => {
if (response.statusCode !== 200) {
throw new Error("Unexpected status code: " + response.statusCode);
}
return response.statusCode < 400 ? response.body.json() : response.body.text();
})
.then((result) => {
console.log("Response from reload profile: " + JSON.stringify(result));
exit();
})
.catch((err) => {
exit("Error detected: " + err.message);
})
;
}
function exit(message) {
if (message) {
console.log(message);
}
// eslint-disable-next-line no-process-exit
process.exit(message ? 1 : 0);
}
testUndici();If I use |
|
The only quirk above is this: dispatcher: new Agent({ connect: { rejectUnauthorized: false } })as I am running this in localhost using https and my server is using self-signed certificate. We use default global dispatcher when deployed in the cluster. |
|
Don't use lowercase if your server doesn't support it... |
|
Sure, so your position is that you are passing the method 'as is' and it is the caller's responsibility to use the method that the target server can support? I think Note that this happens in both localhost nginx (for testing) and k8s ingress based on nginx - same behaviour. Many of your users will use this against a service running in k8s. I am surprised it wasn't flagged before. |
|
From a quick scavenge in the RFCs: https://datatracker.ietf.org/doc/html/rfc7231#section-4.1
Apparently method names are all in uppercase. |
|
I understand that, but if that is a spec, undici should reject 'options' object with a method that is not in uppercase (as 'invalid method value' error or something). |
|
I understand this goes into the same grey area where RFC for bearer tokens states it should be "Authorization: Bearer {token}" and some services can handle both "Bearer" and "bearer" and some throw a hissy fit on "bearer" because RFC. |
|
The standard methods are uppercase but servers are not forbidden from implementing whatever method name and casing they wish. The upper casing is more of a convention than a rule. |
|
Correct, and it looks like nginx (and nginx-based k8s ingress) does not like lowercase. OK, I can close this and we will make sure we don't use methods not supported by the APIs we are calling. |
Bug Description
When using
requestwith lowercase method (say,put) undici accepts the method name but nginx complains about it and throws error 400.Reproducible By
Make a
requestcall by explicitly specifyingmethodproperty as lowercase (say,put).Expected Behavior
Method names should be case-insensitive.
Logs & Screenshots
Error from nginx proxy when
putis used:Environment
Using Node.js v18.14.2, and the latest version of undici.
The text was updated successfully, but these errors were encountered: