Regression causes hammerhead to apparently execute arbitrary remote code

[aeneasr]

What is your Scenario?

After the recent fix for HTTP2 GOAWAY I upgraded from hammerhead 23.0.0 to 24.4.2. Unfortunately there appears to be a regression when loading the URL https://cdn.jsdelivr.net/npm/monaco-editor@0.25.2/min/vs/editor/editor.main.js via the proxy.

What is the Current behavior?

Loading https://cdn.jsdelivr.net/npm/monaco-editor@0.25.2/min/vs/editor/editor.main.js via the proxy (e.g. http://localhost:50406/S6CRz7GiD!s!utf-8/https://cdn.jsdelivr.net/npm/monaco-editor@0.25.2/min/vs/editor/editor.main.js) ends up with:

TypeError: Cannot read property 'name' of null

What is the Expected behavior?

Loading the URL https://cdn.jsdelivr.net/npm/monaco-editor@0.25.2/min/vs/editor/editor.main.js ends up with the expected JavaScript text.

What is your public web site URL?

See above, I also attached a screenshot:

Steps to Reproduce:

test('reproduce', async (t) => {
  await t.navigateTo('https://cdn.jsdelivr.net/npm/monaco-editor@0.25.2/min/vs/editor/editor.main.js')
  await t.wait(5000)
})

Your Environment details:

testcafe versions:

    "testcafe": "1.15.1",
    "testcafe-reporter-html": "1.4.6",
    "testcafe-hammerhead": "24.4.2",
    "testcafe-reporter-spec-time": "4.0.0",
    "testcafe-browser-tools": "2.0.16"

config:

{
  "disableScreenshots": true,
  "stopOnFirstFail": true,
  "debugOnFail": true,
  "speed": 1,
  "selectorTimeout": 20000,
  "assertionTimeout": 10000,
  "pageLoadTimeout": 20000,
  "pageRequestTimeout": 30000,
  "retryTestPages": false,
  "disableMultipleWindows": true,
  "src": ["tests"],
  "skipJsErrors": true,
  "reporter": [
    {
      "name": "spec-time"
    },
    {
      "name": "xunit",
      "output": "reports/testcafe-unit-tests.xml"
    },
    {
      "name": "html",
      "output": "reports/testcafe-report.html"
    }
  ],
  "browsers": "firefox --width 1920 --height 1280",
  "concurrency": 2,
  "quarantine": true,
  "hostname": "localhost",
  "live": true
}

• node.js version: v16.5.0
• browser name and version: FireFox 89.0.2
• platform and version: latest macOS

[aeneasr]

By the way, the execution is just an assumption based on the error I am seeing. Maybe the issue is another one :)

[Dmitry-Ostashev]

Thank you for your report. I've reproduced the issue. We will research it. We will update this thread once we have any news.

For the team:
It can be reproduced with http-playground and the Monaco Editor Playground page:https://microsoft.github.io/monaco-editor/playground.html

[aeneasr]

Thank you for the patch! However, the issue is not resolved I believe. I am still getting the same error. My dependencies are:

    "testcafe": "1.15.1",
    "testcafe-reporter-html": "1.4.6",
    "testcafe-hammerhead": "24.4.3",
    "testcafe-reporter-spec-time": "4.0.0",
    "testcafe-browser-tools": "2.0.16"

[LavrovArtem]

testcafe@1.15.2-rc.1