raise error if value contains CR/LF in iniheader of initialize_http_header

like r59693, initialize_http_header also should raise error. [Bug #14208] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61359 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2017-12-20 12:06:59 +0000
committer: naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2017-12-20 12:06:59 +0000
commit: 0078e40115fd53e2cafd4e8cfb6ff5fd7f87c3db (patch)
tree: 0318cd8f4c8ad5b0f5bfd787fbbf61d081f8b554 /lib/net
parent: 677c539d1fc873507bc172855c14a727ba74d0ad (diff)
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/net/http/header.rb b/lib/net/http/header.rb
index 5c543e769d..96d898c89f 100644
--- a/lib/net/http/header.rb
+++ b/lib/net/http/header.rb
@@ -18,7 +18,11 @@ module Net::HTTPHeader
       if value.nil?
         warn "net/http: nil HTTP header: #{key}", uplevel: 1 if $VERBOSE
       else
-        @header[key.downcase] = [value.strip]
+        value = value.strip # raise error for invalid byte sequences
+        if value.count("\r\n") > 0
+          raise ArgumentError, 'header field value cannot include CR/LF'
+        end
+        @header[key.downcase] = [value]
       end
     end
   end
@@ -75,8 +79,8 @@ module Net::HTTPHeader
       append_field_value(ary, val)
       @header[key.downcase] = ary
     else
-      val = val.to_s
-      if /[\r\n]/n.match?(val.b)
+      val = val.to_s # for compatibility use to_s instead of to_str
+      if val.b.count("\r\n") > 0
         raise ArgumentError, 'header field value cannot include CR/LF'
       end
       @header[key.downcase] = [val]
author	naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2017-12-20 12:06:59 +0000
committer	naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2017-12-20 12:06:59 +0000
commit	0078e40115fd53e2cafd4e8cfb6ff5fd7f87c3db (patch)
tree	0318cd8f4c8ad5b0f5bfd787fbbf61d081f8b554 /lib/net
parent	677c539d1fc873507bc172855c14a727ba74d0ad (diff)