amirho/express
1
0
Fork 0
mirror of https://github.com/expressjs/express.git synced 2026-02-26 02:54:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Polish HTML structure of the response in the res.redirect() function (#5167)

Browse Source 
* structure the DOM body

* structure the DOM body

* test: add html title to redirect test

* fix: update HTML structure for include body and head tags

* docs: improve HTML structure in res.redirect() responses for better browser compatibility

---------

Co-authored-by: Sebastian Beltran <bjohansebas@gmail.com>
This commit is contained in:
Bernice Wu
2026-01-16 23:29:01 +08:00
committed by GitHub
parent 2cd372e34c
commit 9a3f7ff412
3 changed files with 12 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
History.md
View File

@@ -1,3 +1,9 @@
# Unreleased Changes
## 🚀 Improvements
- Improve HTML structure in `res.redirect()` responses when HTML format is accepted by adding `<!DOCTYPE html>`, `<title>`, and `<body>` tags for better browser compatibility - by [@Bernice55231](https://github.com/Bernice55231) in [#5167](https://github.com/expressjs/express/pull/5167)
5.2.1 / 2025-12-01
=======================

3
lib/response.js
View File

@@ -850,7 +850,8 @@ res.redirect = function redirect(url) {
html: function(){
var u = escapeHtml(address);
body = '<p>' + statuses.message[status] + '. Redirecting to ' + u + '</p>'
body = '<!DOCTYPE html><head><title>' + statuses.message[status] + '</title></head>'
+ '<body><p>' + statuses.message[status] + '. Redirecting to ' + u + '</p></body>'
},
default: function(){

8
test/res.redirect.js
View File

@@ -91,7 +91,7 @@ describe('res', function(){
.set('Accept', 'text/html')
.expect('Content-Type', /html/)
.expect('Location', 'http://google.com')
.expect(302, '<p>Found. Redirecting to http://google.com</p>', done)
.expect(302, '<!DOCTYPE html><head><title>Found</title></head><body><p>Found. Redirecting to http://google.com</p></body>', done)
})
it('should escape the url', function(done){
@@ -107,7 +107,7 @@ describe('res', function(){
.set('Accept', 'text/html')
.expect('Content-Type', /html/)
.expect('Location', '%3Cla\'me%3E')
.expect(302, '<p>Found. Redirecting to %3Cla&#39;me%3E</p>', done)
.expect(302, '<!DOCTYPE html><head><title>Found</title></head><body><p>Found. Redirecting to %3Cla&#39;me%3E</p></body>', done)
})
it('should not render evil javascript links in anchor href (prevent XSS)', function(done){
@@ -125,7 +125,7 @@ describe('res', function(){
.set('Accept', 'text/html')
.expect('Content-Type', /html/)
.expect('Location', encodedXss)
.expect(302, '<p>Found. Redirecting to ' + encodedXss +'</p>', done);
.expect(302, '<!DOCTYPE html><head><title>Found</title></head><body><p>Found. Redirecting to ' + encodedXss +'</p></body>', done);
});
it('should include the redirect type', function(done){
@@ -140,7 +140,7 @@ describe('res', function(){
.set('Accept', 'text/html')
.expect('Content-Type', /html/)
.expect('Location', 'http://google.com')
.expect(301, '<p>Moved Permanently. Redirecting to http://google.com</p>', done);
.expect(301, '<!DOCTYPE html><head><title>Moved Permanently</title></head><body><p>Moved Permanently. Redirecting to http://google.com</p></body>', done);
})
})