Open bojavou opened 2 weeks ago
@nodejs/loaders
I'm probably saying things you already know about, but here is it anyway: a workaround is to encode the data (e.g. data:text/javascript,console.log(%22Whither wanders thy distempered mind%3F%22)
) so there's no ambiguity on how to parse the URL.
Should URL
be fixed to not report "fake" query string for data:
URLs? I would expect it to parse URL strings as spec'd.
I'm probably saying things you already know about, but here is it anyway: a workaround is to encode the data (e.g.
data:text/javascript,console.log(%22Whither wanders thy distempered mind%3F%22)
) so there's no ambiguity on how to parse the URL.
thumbsup
Also could base64 it.
Should
URL
be fixed to not report "fake" query string fordata:
URLs? I would expect it to parse URL strings as spec'd.
I know it, it does this simplified parsing. I've never really been happy with it.
I opened https://github.com/nodejs/node/pull/53778 with a fix.
Version
v22.4.0
Platform
Subsystem
loaders
What steps will reproduce the bug?
This snippet reproduces.
This is the embedded data URL.
How often does it reproduce? Is there a required condition?
Always.
What is the expected behavior? Why is that the expected behavior?
By the spec, data URLs do not have a query string or fragment.
Characters
?
#
should be allowed in the URL body.This file loads the same data URL successfully in a browser.
What do you see instead?
SyntaxError: Invalid or unexpected token
Additional information
There's a correct regex that extracts the data URL body.
https://github.com/nodejs/node/blob/b9289a6e29e54beeaa3f781bde1195e48df0da75/lib/internal/modules/esm/load.js#L29
But it's run on
URL#pathname
, which chops off query string and fragment.https://github.com/nodejs/node/blob/b9289a6e29e54beeaa3f781bde1195e48df0da75/lib/internal/modules/esm/load.js#L44
This might be a quick fix: