Fetching headers of small files causes node process to terminate after 8 seconds since GHSA-9f24-jqhm-jfcw

[unilynx]

Bug Description

Since undici 6.6.1, which fixes GHSA-9f24-jqhm-jfcw), a process fetching a small file but not fetching the body does not terminate until 8 seconds have passed.

Before 6.6.1, the process would terminate immediately.

I wonder if this is indeed a bug or intentional behavior caused by the fix and I need to work around it myself

(The advisory mentioned that fetching the body is a workaround for the security issue, so I would assume that undici^6.6.1 wouldnt require fetching bodies)

Reproducible By

test.js:

const { fetch } = require ("undici");
async function main() {
  const x = await fetch (process.argv[2]);
  console.log(x);
}
main()

running it:

npm i undici@6.6.0
node test.js http://cms6-sites.webhare.com/test-arnold/empty-40kb.docx  # works, process terminates immediately
node test.js http://cms6-sites.webhare.com/test-arnold/empty-160kb.docx. # works, process terminates immediately

npm i undici@6.6.1
node test.js http://cms6-sites.webhare.com/test-arnold/empty-40kb.docx  # FAILS: process hangs for 8 seconds
node test.js http://cms6-sites.webhare.com/test-arnold/empty-160kb.docx. # works, process terminates immediately

Reproduction will probably depend on your latency to Amsterdam.

Locally I found the cutoff point to be between 91kb and 92kb (more details here nodejs/node#52909)

The issue still exists in undici@6.16.0. It also affects the fetch currently shipped in nodejs v2.13.0 (nodejs v2.12.2 worked fine)

Actually fetching the body (await x.arrayBuffer()) fixes the issue.

Expected Behavior

I would expect the process to be allowed to terminate even if I don't fetch the body

Environment

Docker container node:20.13.0 (reproduced on both arm64 and x86_64)

[mcollina]

Can you try to assemble a server to reproduce locally?