@sanity/preview-url-secret - npm Package Compare versions

Comparing version 2.0.6-release.3 to 2.0.6

CHANGELOG.md

		@@ -9,2 +9,9 @@ <!-- markdownlint-disable --><!-- textlint-disable -->

		## [2.0.6](https://github.com/sanity-io/visual-editing/compare/preview-url-secret-v2.0.5...preview-url-secret-v2.0.6) (2025-01-09)


		### Bug Fixes

		* forward vercel protection bypass params ([#2468](https://github.com/sanity-io/visual-editing/issues/2468)) ([e3d5baf](https://github.com/sanity-io/visual-editing/commit/e3d5baf9aba752febd9ef2cca8533b612771e45b))

		## [2.0.5](https://github.com/sanity-io/visual-editing/compare/preview-url-secret-v2.0.4...preview-url-secret-v2.0.5) (2024-12-02)
		@@ -11,0 +18,0 @@

dist/index.js

		@@ -27,3 +27,8 @@ import { apiVersion, urlSearchParamPreviewSecret, urlSearchParamPreviewPerspective, urlSearchParamPreviewPathname, fetchSecretQuery, fetchSharedAccessSecretQuery, tag, isDev } from "./constants.js";
		if (unsafeRedirectTo) {
		const { pathname, search, hash } = new URL(unsafeRedirectTo, "http://localhost");
		const redirectUrl = new URL(unsafeRedirectTo, "http://localhost");
		url.searchParams.has("x-vercel-protection-bypass") && (redirectUrl.searchParams.set(
		"x-vercel-protection-bypass",
		url.searchParams.get("x-vercel-protection-bypass")
		), redirectUrl.searchParams.set("x-vercel-set-bypass-cookie", "samesitenone"));
		const { pathname, search, hash } = redirectUrl;
		redirectTo = `${pathname}${search}${hash}`;
		@@ -30,0 +35,0 @@ }

dist/sanity-plugin-debug-secrets.js

		@@ -6,2 +6,3 @@ import { defineType, definePlugin } from "sanity";
		type: "document",
		// @ts-expect-error - fix later
		icon: LockIcon,
		@@ -39,2 +40,3 @@ name: schemaType,
		},
		// @ts-expect-error - fix later
		prepare(data) {
		@@ -41,0 +43,0 @@ const url = data.studioUrl ? new URL(data.studioUrl, location.origin) : void 0, updatedAt = new Date(data.updatedAt).getTime(), expiresAt = new Date(updatedAt + 1e3 * SECRET_TTL), expired = expiresAt < /* @__PURE__ */ new Date(), icon = expired ? CloseCircleIcon : CheckmarkCircleIcon;

package.json

		{
		"name": "@sanity/preview-url-secret",
		"version": "2.0.6-release.3",
		"version": "2.0.6",
		"homepage": "https://github.com/sanity-io/visual-editing/tree/main/packages/preview-url-secret#readme",
		@@ -116,11 +116,11 @@ "bugs": {
		"@sanity/client": "^6.24.1",
		"@sanity/icons": "^3.5.0",
		"@sanity/pkg-utils": "6.11.14",
		"@sanity/icons": "^3.5.7",
		"@sanity/pkg-utils": "6.13.1",
		"eslint": "^8.57.1",
		"sanity": "^3.65.1",
		"sanity": "3.69.0",
		"typescript": "5.7.2",
		"vitest": "^2.1.8",
		"@repo/prettier-config": "0.0.0",
		"@repo/package.config": "0.0.0",
		"@repo/eslint-config": "0.0.0"
		"@repo/eslint-config": "0.0.0",
		"@repo/package.config": "0.0.0"
		},
		@@ -127,0 +127,0 @@ "peerDependencies": {

src/parsePreviewUrl.ts

		@@ -21,3 +21,15 @@ import {
		if (unsafeRedirectTo) {
		const {pathname, search, hash} = new URL(unsafeRedirectTo, 'http://localhost')
		const redirectUrl = new URL(unsafeRedirectTo, 'http://localhost')

		// If there's a vercel bypass secret in the redirect URL, we forward it to the redirect to ensure it's set
		if (url.searchParams.has('x-vercel-protection-bypass')) {
		redirectUrl.searchParams.set(
		'x-vercel-protection-bypass',
		url.searchParams.get('x-vercel-protection-bypass')!,
		)
		// samesitenone is required since the request is from an iframe
		redirectUrl.searchParams.set('x-vercel-set-bypass-cookie', 'samesitenone')
		}

		const {pathname, search, hash} = redirectUrl
		redirectTo = `${pathname}${search}${hash}`
		@@ -24,0 +36,0 @@ }

dist/index.cjs