Incoming messages cut at ";" #4
Description
Bug: If someone sends you a message with ; character (like Hi; how are you?), then symbols starting with ; go to internal request attributes and disappear from the message:
// server.onReceive(message => { console.log(message) })
Receive {
_request: Request {
_buffer: 'RECEIVE:<snip>;id:1;password:1;srcnum:<snip>;msg:Hi; how are you?',
_address: '<snip>',
_port: 11017,
_attributes: {
receive: '<snip>',
id: '1',
password: '1',
srcnum: '<snip>',
msg: 'hi',
' how are you?': ''
}
}
}
More funny things happen when someone sends you Hi;srcnum:<fake number> or Hi;id:<other id>, which could lead to security issues in some use cases.
This can be solved by monkey-patching Request.prototype._parse method as such:
const Request = require('goip/lib/request')
Request.prototype._parse = function (buffer) {
let attributes = { }
let arr = buffer.split(';')
while (arr.length > 0) {
let item = arr.shift()
let parts = item.split(':')
let key = parts.shift()
let val = parts.join(':')
if (key.toLowerCase() == 'msg') {
arr.unshift(val)
attributes.msg = arr.join(';') // join the rest back
break
}
else if (key.length > 0) {
attributes[key.toLowerCase()] = val.toLowerCase()
}
}
return attributes
}
// Receive {
// _request: Request {
// _attributes: {
// ...
// msg: 'Hi; how are you?',
// }
// }
// }The function above also retains the case (upper/lower) of the incoming message. This can break if GOIP server will ever reorder its protocol keys, such that msg:... wouldn't go last in _buffer. But this manual says that msg always goes last in section 4, so it's probably safe to assume.
I can't make a pull request right now, but would you maybe accept one later?
PS. It seems that php-based version of this library also mirrors this issue.