From d5a681b86084ef1cb70c7685d780abf86ca80484 Mon Sep 17 00:00:00 2001
From: FDrag0n <34733637+FDrag0n@users.noreply.github.com>
Date: Thu, 21 Mar 2024 16:23:36 +0800
Subject: [PATCH 1/2] fix: handle upper case protocol like HTTP or HTTPS
 (#1805)

Co-authored-by: fengmk2 <suqian.yf@antgroup.com>
---
 __tests__/response/redirect.js | 7 +++++++
 lib/response.js                | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/__tests__/response/redirect.js b/__tests__/response/redirect.js
index db2844460..432408d01 100644
--- a/__tests__/response/redirect.js
+++ b/__tests__/response/redirect.js
@@ -21,6 +21,13 @@ describe('ctx.redirect(url)', () => {
     assert.strictEqual(ctx.status, 302);
   });
 
+  it('should formatting url before redirect', () => {
+    const ctx = context();
+    ctx.redirect('HTTP://google.com\\@apple.coM/okoK');
+    assert.strictEqual(ctx.response.header.location, 'http://google.com/@apple.coM/okoK');
+    assert.strictEqual(ctx.status, 302);
+  })
+
   it('should auto fix not encode url', done => {
     const app = new Koa();
 
diff --git a/lib/response.js b/lib/response.js
index 2eec2dc26..65aa8ec63 100644
--- a/lib/response.js
+++ b/lib/response.js
@@ -261,7 +261,7 @@ module.exports = {
   redirect(url, alt) {
     // location
     if ('back' === url) url = this.ctx.get('Referrer') || alt || '/';
-    if (url.startsWith('https://') || url.startsWith('http://')) {
+    if (/^https?:\/\//i.test(url)) {
       // formatting url again avoid security escapes
       url = new URL(url).toString();
     }

From 11352da00bd3b652531540b7db33edc1531705e3 Mon Sep 17 00:00:00 2001
From: fengmk2 <fengmk2@gmail.com>
Date: Thu, 21 Mar 2024 16:31:40 +0800
Subject: [PATCH 2/2] f

---
 __tests__/response/redirect.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/__tests__/response/redirect.js b/__tests__/response/redirect.js
index 432408d01..5ef41d133 100644
--- a/__tests__/response/redirect.js
+++ b/__tests__/response/redirect.js
@@ -26,7 +26,7 @@ describe('ctx.redirect(url)', () => {
     ctx.redirect('HTTP://google.com\\@apple.coM/okoK');
     assert.strictEqual(ctx.response.header.location, 'http://google.com/@apple.coM/okoK');
     assert.strictEqual(ctx.status, 302);
-  })
+  });
 
   it('should auto fix not encode url', done => {
     const app = new Koa();