@friendofsvelte/django-kit - npm Package Compare versions

Comparing version 0.0.1-dev.118 to 0.0.1-dev.119

dist/server/actions.d.ts

@@ -16,2 +16,3 @@ import { type Actions } from '@sveltejs/kit';
     allow_cookies?: boolean;
+    add_headers?: boolean;
 };
@@ -18,0 +19,0 @@ type PrefixOptions = {

dist/server/actions.js

 import { fail, redirect } from '@sveltejs/kit';
 import { SECRET_BASE_API } from "$env/static/private";
-import { assign_cookies } from "./utils.js";
+import { assign_cookies, get_headers } from "./utils.js";
 import { put_flash } from "./flash.js";
 const default_options = {
     django_base_api: SECRET_BASE_API,
-    allow_cookies: false
+    allow_cookies: true,
+    add_headers: true
 };
@@ -29,2 +30,4 @@ /*
                 let options = { method: proxy_action.method };
+                if (opt_.add_headers)
+                    options = { ...options, headers: get_headers(event) };
                 if (proxy_action.method === 'POST' || proxy_action.method === 'PUT')
@@ -101,2 +104,4 @@ options = { ...options, body: form_data };
                     let options = { method: proxy_action.method };
+                    if (opt_.add_headers)
+                        options = { ...options, headers: get_headers(event) };
                     if (proxy_action.method === "POST" || proxy_action.method === "PUT") {
@@ -103,0 +108,0 @@ options = { ...options, body: form_data };

dist/server/handle.js

 import { SECRET_BASE_API } from "$env/static/private";
+import { assign_headers, get_headers } from "./utils.js";
 /*
@@ -11,23 +12,5 @@ This function is used to send fetch requests to the django api endpoints; you can use it in `hooks.server.ts` as:
     if (is_api_req) {
-        const SESSION_ID = event.cookies.get('sessionid');
-        const CSRF_TOKEN = event.cookies.get('csrftoken');
-        const headers = {
-            'Content-Type': 'application/json',
-            'Cookie': `sessionid=${SESSION_ID};csrftoken=${CSRF_TOKEN}`,
-            'X-CSRFToken': CSRF_TOKEN,
-            'X-Forwarded-For': event.request.headers.get('X-Forwarded-For') || event.getClientAddress() || 'unknown',
-            'Referer': event.url.pathname,
-            'X-Referer-URL': event.url.href,
-            'Route-ID': event.route.id || '',
-            'Origin': event.url.origin || '',
-            'User-Agent': event.request.headers.get('User-Agent') || ''
-        };
-        let req_url;
-        req_url = request.url.split('$api/')[1];
-        req_url = `${SECRET_BASE_API}/${req_url}`;
-        Object.keys(headers).forEach((key) => {
-            if (!request.headers.has(key)) {
-                request.headers.set(key, headers[key]);
-            }
-        });
+        const headers = get_headers(event);
+        assign_headers(request, headers);
+        const req_url = `${SECRET_BASE_API}/${request.url.split('$api/')[1]}`;
         const options = {
@@ -34,0 +17,0 @@ method: request.method,

dist/server/utils.d.ts

 import type { RequestEvent } from "@sveltejs/kit";
+import type { AuthHeader } from "../types.js";
 export declare const assign_cookies: (event: RequestEvent, response: Response) => void;
+export declare const get_headers: (event: RequestEvent) => AuthHeader;
+export declare const assign_headers: (request: Request, headers: AuthHeader) => void;

dist/server/utils.js

@@ -12,1 +12,23 @@ import { parseString, splitCookiesString } from 'set-cookie-parser';
 };
+export const get_headers = (event) => {
+    const SESSION_ID = event.cookies.get('sessionid');
+    const CSRF_TOKEN = event.cookies.get('csrftoken');
+    return {
+        'Content-Type': 'application/json',
+        'Cookie': `sessionid=${SESSION_ID};csrftoken=${CSRF_TOKEN}`,
+        'X-CSRFToken': CSRF_TOKEN,
+        'X-Forwarded-For': event.request.headers.get('X-Forwarded-For') || event.getClientAddress() || 'unknown',
+        'Referer': event.url.pathname,
+        'X-Referer-URL': event.url.href,
+        'Route-ID': event.route.id || '',
+        'Origin': event.url.origin || '',
+        'User-Agent': event.request.headers.get('User-Agent') || ''
+    };
+};
+export const assign_headers = (request, headers) => {
+    Object.keys(headers).forEach((key) => {
+        if (!request.headers.has(key)) {
+            request.headers.set(key, headers[key]);
+        }
+    });
+};

dist/types.d.ts

@@ -9,2 +9,13 @@ import { type Cookies, redirect } from "@sveltejs/kit";
 };
+export type AuthHeader = {
+    'Content-Type': 'application/json';
+    Cookie: string;
+    'X-CSRFToken': string;
+    'X-Forwarded-For': string;
+    Referer: string;
+    'X-Referer-URL': string;
+    'Route-ID': string;
+    Origin: string;
+    'User-Agent': string;
+};
 export type BaseMessage = {
@@ -11,0 +22,0 @@ message_type: MessageType;

package.json

 {
   "name": "@friendofsvelte/django-kit",
-  "version": "0.0.1-dev.118",
+  "version": "0.0.1-dev.119",
   "scripts": {
@@ -5,0 +5,0 @@ "dev": "vite dev",

New alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Fixed alerts

Network access

Supply chain risk

This module accesses the network.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

24586

3.75%

Lines of code

496

5.31%

No dependency changes