From 2daf883a18951b4cf48216f60859ceda9dec9873 Mon Sep 17 00:00:00 2001
From: Giorgos Ntemiris <ntemirisgiorgos3@gmail.com>
Date: Thu, 12 Sep 2019 09:22:05 +0200
Subject: [PATCH] http: throw if 'host' agent header is not a string value

If the 'host' agent header is an array or other non-string value, throw.

PR-URL: https://github.com/nodejs/node/pull/29568
Fixes: https://github.com/nodejs/node/issues/29408
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
---
 lib/_http_agent.js                            | 11 ++++++++-
 .../test-http-client-headers-host-array.js    | 23 +++++++++++++++++++
 2 files changed, 33 insertions(+), 1 deletion(-)
 create mode 100644 test/parallel/test-http-client-headers-host-array.js

diff --git a/lib/_http_agent.js b/lib/_http_agent.js
index e1cfa6d7fc9d17..25ff16fea186da 100644
--- a/lib/_http_agent.js
+++ b/lib/_http_agent.js
@@ -27,7 +27,11 @@ const net = require('net');
 const EventEmitter = require('events');
 const debug = require('internal/util/debuglog').debuglog('http');
 const { async_id_symbol } = require('internal/async_hooks').symbols;
-
+const {
+  codes: {
+    ERR_INVALID_ARG_TYPE,
+  },
+} = require('internal/errors');
 // New Agent code.
 
 // The largest departure from the previous implementation is that
@@ -240,6 +244,11 @@ function calculateServerName(options, req) {
   let servername = options.host;
   const hostHeader = req.getHeader('host');
   if (hostHeader) {
+    if (typeof hostHeader !== 'string') {
+      throw new ERR_INVALID_ARG_TYPE('options.headers.host',
+                                     'String', hostHeader);
+    }
+
     // abc => abc
     // abc:123 => abc
     // [::1] => ::1
diff --git a/test/parallel/test-http-client-headers-host-array.js b/test/parallel/test-http-client-headers-host-array.js
new file mode 100644
index 00000000000000..53b25951413302
--- /dev/null
+++ b/test/parallel/test-http-client-headers-host-array.js
@@ -0,0 +1,23 @@
+'use strict';
+
+require('../common');
+
+const assert = require('assert');
+const http = require('http');
+
+{
+
+  const options = {
+    port: '80',
+    path: '/',
+    headers: {
+      host: []
+    }
+  };
+
+  assert.throws(() => {
+    http.request(options);
+  }, {
+    code: /ERR_INVALID_ARG_TYPE/
+  }, 'http request should throw when passing array as header host');
+}