diff --git a/lib/url.js b/lib/url.js index 50b776d38539a7..a6b74c0b3a7902 100644 --- a/lib/url.js +++ b/lib/url.js @@ -143,6 +143,10 @@ function urlParse(url, parseQueryString, slashesDenoteHost) { ); } + return internalUrlParse(url, parseQueryString, slashesDenoteHost); +} + +function internalUrlParse(url, parseQueryString, slashesDenoteHost) { if (url instanceof Url) return url; const urlObject = new Url(); @@ -578,7 +582,7 @@ function urlFormat(urlObject, options) { // this way, you can call urlParse() on strings // to clean up potentially wonky urls. if (typeof urlObject === 'string') { - urlObject = urlParse(urlObject); + urlObject = internalUrlParse(urlObject); } else if (typeof urlObject !== 'object' || urlObject === null) { throw new ERR_INVALID_ARG_TYPE('urlObject', ['Object', 'string'], urlObject); @@ -718,16 +722,16 @@ Url.prototype.format = function format() { }; function urlResolve(source, relative) { - return urlParse(source, false, true).resolve(relative); + return internalUrlParse(source, false, true).resolve(relative); } Url.prototype.resolve = function resolve(relative) { - return this.resolveObject(urlParse(relative, false, true)).format(); + return this.resolveObject(internalUrlParse(relative, false, true)).format(); }; function urlResolveObject(source, relative) { if (!source) return relative; - return urlParse(source, false, true).resolveObject(relative); + return internalUrlParse(source, false, true).resolveObject(relative); } Url.prototype.resolveObject = function resolveObject(relative) { diff --git a/test/parallel/test-url-parse-dep0169.js b/test/parallel/test-url-parse-dep0169.js new file mode 100644 index 00000000000000..b7db62c8a2f498 --- /dev/null +++ b/test/parallel/test-url-parse-dep0169.js @@ -0,0 +1,13 @@ +'use strict'; + +const common = require('../common'); +const url = require('node:url'); + +// Warning should only happen once per process. +common.expectWarning({ + DeprecationWarning: { + // eslint-disable-next-line @stylistic/js/max-len + DEP0169: '`url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.', + }, +}); +url.parse('https://nodejs.org'); diff --git a/test/parallel/test-url-parse-invalid-input.js b/test/parallel/test-url-parse-invalid-input.js index 036b8ff5e68feb..368ebff451c40f 100644 --- a/test/parallel/test-url-parse-invalid-input.js +++ b/test/parallel/test-url-parse-invalid-input.js @@ -87,13 +87,6 @@ if (common.hasIntl) { })); }); - // Warning should only happen once per process. - common.expectWarning({ - DeprecationWarning: { - // eslint-disable-next-line @stylistic/js/max-len - DEP0169: '`url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.', - }, - }); badURLs.forEach((badURL) => { assert.throws(() => url.parse(badURL), { code: 'ERR_INVALID_ARG_VALUE', diff --git a/test/parallel/test-url-parse-no-dep0169.js b/test/parallel/test-url-parse-no-dep0169.js new file mode 100644 index 00000000000000..cf9b9b20328a72 --- /dev/null +++ b/test/parallel/test-url-parse-no-dep0169.js @@ -0,0 +1,19 @@ +'use strict'; + +const common = require('../common'); +const url = require('node:url'); + +process.on('warning', common.mustNotCall()); + +// Both `url.resolve` and `url.format` should not trigger warnings even if +// they internally depend on `url.parse`. +url.resolve('https://nodejs.org', '/dist'); +url.format({ + protocol: 'https', + hostname: 'nodejs.org', + pathname: '/some/path', + query: { + page: 1, + format: 'json', + }, +});