堆栈内存溢出
  简体   繁体   English

如何删除JavaScript / node.js中HTTP响应头中的无效字符?

[英]How to remove invalid characters in an HTTP response header in JavaScript/node.js?

 原文  2017-07-21 13:41:32       javascript/ node.js/ http/ express/ http-headers

问题描述

I have the following problem: When a client enters a certain URL it receives an .mp3 file back via sendFile() from Express. 我有以下问题:当客户端输入某个URL时,它会通过sendFile()从Express接收.mp3文件。 The name of the file is defined in the response header as follow: 该文件的名称在响应头中定义如下: 

var fileName = (JSON.stringify(data.videoTitle).replace(/["']/g, "") + fileType);

headers: {
        'x-timestamp': Date.now(),
        'x-sent': true,
        'Content-type': 'application/octet-stream',
        'Content-Disposition': 'attachment; filename="' + fileName + '"'
    }

The problem is that fileName is fetched from another website and I have no control over what the title of the file will be. 问题是fileName是从另一个网站获取的,我无法控制文件的标题。 So far it was no problem but it just happened to me that a file contained the character ú which lead to the following error: 到目前为止它没有问题,但只是在我身上发现一个文件包含字符ú导致以下错误: 

throw new TypeError('The header content contains invalid characters');

This could potentially happen very often as there are many characters that the headers might not like. 这可能经常发生,因为标题可能不喜欢许多字符。 Is there any possibility that I only keep valid characters before setting the header? 在设置标题之前,我是否有可能只保留有效字符? I assume a whitelist approach would be better than a blacklist approach as there are nearly infinite possibilities of invalid characters. 我认为白名单方法比黑名单方法更好,因为无效字符几乎无限可能。

Thank you very much in advance 非常感谢你提前

1 个解决方案

解决方案1
 3 已采纳  2017-07-21 13:53:27

Here is an extended answer which basically tells you that only a subset of ASCII or ISO-8859-1 is allowed. 这是一个扩展的答案,它基本上告诉您只允许ASCII或ISO-8859-1的子集。

What character encoding should I use for a HTTP header? 我应该为HTTP标头使用什么字符编码?

And here is your solution: transliterate the filename into ASCII characters to make it safe for use in a header value: 这是您的解决方案:将文件名音译为ASCII字符,以便在标头值中使用安全:

https://www.npmjs.com/package/transliteration https://www.npmjs.com/package/transliteration

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在node.js中,如何获取Content-Length头以响应http.get()? - In node.js, how do I get the Content-Length header in response to http.get()? 如何修复node.js服务器上的bitmovin-javascript中的'HTTP Response Code was 403 Forbidden'错误 - How to fix 'HTTP Response Code was 403 Forbidden' error in bitmovin-javascript on node.js server 如何在Node.js中使用无效的路由参数获取404响应 - How to get a 404 response with a invalid route parameter in Node.js 如何在node.js响应中添加跨域标头 - how to add a cross domain header to node.js response 如何使用node.js和Request包禁用HTTP头中的“withcredentials”? - How to disable 'withcredentials' in HTTP header with node.js and Request package? 如何将自定义HTTP标头发送到Node.js - How do I send custom HTTP header to Node.js 如何在node.js的http响应中获取主机名? - How to get host name in http response in node.js? 如何在Node.js中推广http响应处理程序? - How could I generalize a http response handler in Node.js? 如何将 HTTP 响应主体编码为 node.js 中的 UTF-8 - How to encode HTTP response body as UTF-8 in node.js 使用Node.js设置HTTP标头Cookie - Set HTTP Header Cookie with Node.js
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM