http: unify header treatment

PR-URL: #46528
Fixes: #46395
Reviewed-By: Paolo Insogna <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Robert Nagy <[email protected]>

Author: marco-ippolito

lib/_http_outgoing.js

@@ -101,6 +101,10 @@ function isCookieField(s) {
   return s.length === 6 && StringPrototypeToLowerCase(s) === 'cookie';
 }
 
+function isContentDispositionField(s) {
+  return s.length === 19 && StringPrototypeToLowerCase(s) === 'content-disposition';
+}
+
 function OutgoingMessage() {
   Stream.call(this);
 
@@ -570,6 +574,15 @@ function _storeHeader(firstLine, headers) {
 function processHeader(self, state, key, value, validate) {
   if (validate)
     validateHeaderName(key);
+
+  // If key is content-disposition and there is content-length
+  // encode the value in latin1
+  // https://www.rfc-editor.org/rfc/rfc6266#section-4.3
+  // Refs: https://github.com/nodejs/node/pull/46528
+  if (isContentDispositionField(key) && self._contentLength) {
+    value = Buffer.from(value, 'latin1');
+  }
+
   if (ArrayIsArray(value)) {
     if (
       (value.length < 2 || !isCookieField(key)) &&

test/parallel/test-http-server-non-utf8-header.js

@@ -0,0 +1,48 @@
+'use strict';
+const common = require('../common');
+const http = require('http');
+const assert = require('assert');
+
+const nonUtf8Header = 'bår';
+const nonUtf8ToLatin1 = Buffer.from(nonUtf8Header).toString('latin1');
+
+{
+  const server = http.createServer(common.mustCall((req, res) => {
+    res.writeHead(200, [
+      'content-disposition',
+      Buffer.from(nonUtf8Header).toString('binary'),
+    ]);
+    res.end('hello');
+  }));
+
+  server.listen(0, common.mustCall(() => {
+    http.get({ port: server.address().port }, (res) => {
+      assert.strictEqual(res.statusCode, 200);
+      assert.strictEqual(res.headers['content-disposition'], nonUtf8ToLatin1);
+      res.resume().on('end', common.mustCall(() => {
+        server.close();
+      }));
+    });
+  }));
+}
+
+{
+  const server = http.createServer(common.mustCall((req, res) => {
+    res.writeHead(200, [
+      'Content-Length', '5',
+      'content-disposition',
+      Buffer.from(nonUtf8Header).toString('binary'),
+    ]);
+    res.end('hello');
+  }));
+
+  server.listen(0, common.mustCall(() => {
+    http.get({ port: server.address().port }, (res) => {
+      assert.strictEqual(res.statusCode, 200);
+      assert.strictEqual(res.headers['content-disposition'], nonUtf8ToLatin1);
+      res.resume().on('end', common.mustCall(() => {
+        server.close();
+      }));
+    });
+  }));
+}