x509.subjectAltName


为此证书指定的使用者备用名称。

这是一个以逗号分隔的主题替代名称列表。 每个条目都以一个字符串开头,该字符串标识主题替代名称的种类,后跟一个冒号以及与该条目关联的值。

早期版本的 Node.js 错误地假设在两个字符序列 ', ' 处拆分此属性是安全的(请参阅 CVE-2021-44532)。 但是,恶意证书和合法证书都可以包含主题替代名称,当表示为字符串时,这些名称包含此序列。

在表示条目类型的前缀之后,每个条目的其余部分可能用引号括起来,以指示该值是 JSON 字符串文字。 为了向后兼容,Node.js 仅在必要时在此属性中使用 JSON 字符串文字以避免歧义。 第三方代码应准备好处理这两种可能的输入格式

The subject alternative name specified for this certificate.

This is a comma-separated list of subject alternative names. Each entry begins with a string identifying the kind of the subject alternative name followed by a colon and the value associated with the entry.

Earlier versions of Node.js incorrectly assumed that it is safe to split this property at the two-character sequence ', ' (see CVE-2021-44532). However, both malicious and legitimate certificates can contain subject alternative names that include this sequence when represented as a string.

After the prefix denoting the type of the entry, the remainder of each entry might be enclosed in quotes to indicate that the value is a JSON string literal. For backward compatibility, Node.js only uses JSON string literals within this property when necessary to avoid ambiguity. Third-party code should be prepared to handle both possible entry formats.