Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@astrojs/node

Package Overview
Dependencies
Maintainers
4
Versions
112
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@astrojs/node - npm Package Compare versions

Comparing version 5.1.0 to 5.1.1

test/bad-urls.test.js

9

CHANGELOG.md
# @astrojs/node
## 5.1.1
### Patch Changes
- [#6746](https://github.com/withastro/astro/pull/6746) [`4cc1bf61b`](https://github.com/withastro/astro/commit/4cc1bf61b832dba9aab1916b56f5260ceac2d97d) Thanks [@Princesseuh](https://github.com/Princesseuh)! - Fix malformed URLs crashing the server in certain cases
- Updated dependencies [[`489dd8d69`](https://github.com/withastro/astro/commit/489dd8d69cdd9d7c243cf8bec96051a914984b9c), [`a1a4f45b5`](https://github.com/withastro/astro/commit/a1a4f45b51a80215fa7598da83bd0d9c5acd20d2), [`a1108e037`](https://github.com/withastro/astro/commit/a1108e037115cdb67d03505286c7d3a4fc2a1ff5), [`8b88e4cf1`](https://github.com/withastro/astro/commit/8b88e4cf15c8bea7942b3985380164e0edf7250b), [`d54cbe413`](https://github.com/withastro/astro/commit/d54cbe41349e55f8544212ad9320705f07325920), [`4c347ab51`](https://github.com/withastro/astro/commit/4c347ab51e46f2319d614f8577fe502e3dc816e2), [`ff0430786`](https://github.com/withastro/astro/commit/ff043078630e678348ae4f4757b3015b3b862c16), [`2f2e572e9`](https://github.com/withastro/astro/commit/2f2e572e937fd25451bbc78a05d55b7caa1ca3ec), [`7116c021a`](https://github.com/withastro/astro/commit/7116c021a39eac15a6e1264dfbd11bef0f5d618a)]:
- astro@2.2.0
## 5.1.0

@@ -4,0 +13,0 @@

17

dist/http-server.js

@@ -7,2 +7,10 @@ import fs from "fs";

import { fileURLToPath } from "url";
function parsePathname(pathname, host, port) {
try {
const urlPathname = new URL(pathname, `http://${host}:${port}`).pathname;
return decodeURI(encodeURI(urlPathname));
} catch (err) {
return void 0;
}
}
function createServer({ client, port, host, removeBase }, handler) {

@@ -13,4 +21,9 @@ const listener = (req, res) => {

pathname = pathname[0] === "/" ? pathname : "/" + pathname;
pathname = new URL(pathname, `http://${host}:${port}`).pathname;
const stream = send(req, encodeURI(decodeURI(pathname)), {
const encodedURI = parsePathname(pathname, host, port);
if (!encodedURI) {
res.writeHead(400);
res.end("Bad request.");
return res;
}
const stream = send(req, encodedURI, {
root: fileURLToPath(client),

@@ -17,0 +30,0 @@ dotfiles: pathname.startsWith("/.well-known/") ? "allow" : "deny"

@@ -27,2 +27,3 @@ import { Readable as NodeReadableStream } from "stream";

const iterator = {
//@ts-expect-error
next() {

@@ -29,0 +30,0 @@ return reader.read();

6

package.json
{
"name": "@astrojs/node",
"description": "Deploy your site to a Node.js server",
"version": "5.1.0",
"version": "5.1.1",
"type": "module",

@@ -32,3 +32,3 @@ "types": "./dist/index.d.ts",

"peerDependencies": {
"astro": "^2.1.0"
"astro": "^2.2.0"
},

@@ -38,3 +38,3 @@ "devDependencies": {

"@types/server-destroy": "^1.0.1",
"astro": "2.1.0",
"astro": "2.2.0",
"astro-scripts": "0.0.14",

@@ -41,0 +41,0 @@ "chai": "^4.3.6",

@@ -15,2 +15,11 @@ import fs from 'fs';

function parsePathname(pathname: string, host: string | undefined, port: number) {
try {
const urlPathname = new URL(pathname, `http://${host}:${port}`).pathname;
return decodeURI(encodeURI(urlPathname));
} catch (err) {
return undefined;
}
}
export function createServer(

@@ -22,6 +31,13 @@ { client, port, host, removeBase }: CreateServerOptions,

if (req.url) {
let pathname = removeBase(req.url);
let pathname: string | undefined = removeBase(req.url);
pathname = pathname[0] === '/' ? pathname : '/' + pathname;
pathname = new URL(pathname, `http://${host}:${port}`).pathname;
const stream = send(req, encodeURI(decodeURI(pathname)), {
const encodedURI = parsePathname(pathname, host, port);
if (!encodedURI) {
res.writeHead(400);
res.end('Bad request.');
return res;
}
const stream = send(req, encodedURI, {
root: fileURLToPath(client),

@@ -28,0 +44,0 @@ dotfiles: pathname.startsWith('/.well-known/') ? 'allow' : 'deny',

import type { CreatePreviewServer } from 'astro';
import http from 'http';
import type http from 'http';
import { fileURLToPath } from 'url';

@@ -4,0 +4,0 @@ import { createServer } from './http-server.js';

@@ -7,2 +7,3 @@ /**

import type { ReadableStreamDefaultReadResult } from 'node:stream/web';
import { Readable as NodeReadableStream } from 'stream';

@@ -67,2 +68,3 @@ import type { Response as NodeResponse } from 'undici';

const iterator: ReaderIterator<T> = {
//@ts-expect-error
next() {

@@ -69,0 +71,0 @@ return reader.read();

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc