The value of headerValue is not tested before it is passed into _parseHeaderValue here:
https://github.com/digitalbazaar/http-digest-header/blob/master/lib/httpDigest.js#L41
Therefore, it is possible that an unexpected error can occur when calling .split on undefined here:
|
function _parseHeaderValue(headerValue) { |
|
const [key, encodedDigest] = headerValue.split(/=(.+)/); |
There should be a check to ensure that headerValue is a string and if not, an appropriate TypeError should be thrown.
Related: https://github.com/digitalbazaar/bedrock-edv-storage/pull/70/files#r555269144
The value of
headerValueis not tested before it is passed into_parseHeaderValuehere:https://github.com/digitalbazaar/http-digest-header/blob/master/lib/httpDigest.js#L41
Therefore, it is possible that an unexpected error can occur when calling
.spliton undefined here:http-digest-header/lib/httpDigest.js
Lines 65 to 66 in 581fded
There should be a check to ensure that
headerValueis a string and if not, an appropriateTypeErrorshould be thrown.Related: https://github.com/digitalbazaar/bedrock-edv-storage/pull/70/files#r555269144