Skip to content

bugfix: ignore enumerable functions when copying headers in Pages-router #2225

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

bugfix: ignore enumerable functions when copying headers in Pages-router #2225

wants to merge 2 commits into from

Conversation

tusharpandey13
Copy link
Contributor

@tusharpandey13 tusharpandey13 commented Jul 13, 2025
edited
Loading

Updates createRequestCookies to avoid treating helper functions on req.headers as header values, preventing runtime crashes on Node 20+.

  • All new/changed/fixed functionality is covered by tests
  • I have added documentation for all new/changed functionality (N/A)

🔍 RCA

for…in over req.headers also enumerated prototype helper methods (append, delete, …) starting Node 20. Passing these functions to the WHATWG Headers API raised TypeError: <fn> is an invalid header value when auth0.updateSession() ran in a Pages-router route.

📋 Changes

Changed nextjs-auth0/src/server/client.ts: iterate over Object.entries(req.headers) and copy only string|string[] values; updated docstring
Added nextjs-auth0/tests/createRequestCookies-header-copy.test.ts: regression tests that reproduce the crash and assert correct cookie parsing

📎 References

🎯 Testing

Automated:

  • New Vitest spec tests/createRequestCookies-header-copy.test.ts fails on pre-patch code, passes now.
  • pnpm run test:coverage shows all 248 tests passing with > 84 % coverage.

Manual:

  1. Build SDK: pnpm run build
  2. Integrate via yalc into sample app on Node 22
  3. Hit endpoint that calls auth0.updateSession
  4. Confirm no Headers.append error and session updates as expected.

@tusharpandey13 tusharpandey13 requested a review from a team as a code owner July 13, 2025 14:10
@codecov-commenter
Copy link

codecov-commenter commented Jul 13, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 77.77778% with 2 lines in your changes missing coverage. Please review.

Project coverage is 85.01%. Comparing base (15e7511) to head (b455689).

Files with missing lines Patch % Lines
src/server/client.ts 77.77% 2 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #2225      +/-   ##
==========================================
+ Coverage   84.54%   85.01%   +0.46%     
==========================================
  Files          22       22              
  Lines        2233     2236       +3     
  Branches      406      413       +7     
==========================================
+ Hits         1888     1901      +13     
+ Misses        339      329      -10     
  Partials        6        6

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@tusharpandey13 tusharpandey13 changed the title bugfix: ignore enumerable functions in Pages-router header copy bugfix: ignore enumerable functions when copying headers in Pages-router Jul 13, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Headers.append: xxx is an invalid header value
2 participants
@tusharpandey13 @codecov-commenter