find-my-way - npm Package Compare versions

Comparing version 4.4.0 to 5.0.0

bench.js

@@ -82,2 +82,8 @@ 'use strict'
   })
+  .add('find dynamic route with encoded parameter unoptimized', function () {
+    findMyWay.find('GET', '/user/maintainer%2Btomas', undefined)
+  })
+  .add('find dynamic route with encoded parameter optimized', function () {
+    findMyWay.find('GET', '/user/maintainer%20tomas', undefined)
+  })
   .add('find dynamic multi-parametric route', function () {
@@ -98,2 +104,8 @@ findMyWay.find('GET', '/customer/john-doe', undefined)
   })
+  .add('find long nested dynamic route with encoded parameter unoptimized', function () {
+    findMyWay.find('GET', '/posts/10%2C10/comments/42%2C42/author', undefined)
+  })
+  .add('find long nested dynamic route with encoded parameter optimized', function () {
+    findMyWay.find('GET', '/posts/10%2510/comments/42%2542/author', undefined)
+  })
   .add('find long nested dynamic route with other method', function () {
@@ -100,0 +112,0 @@ findMyWay.find('POST', '/posts/10/comments', undefined)

index.js

@@ -5,10 +5,23 @@ 'use strict'
   Char codes:
-    '#': 35
-    '*': 42
-    '-': 45
-    '.': 46
-    '/': 47
-    ':': 58
-    ';': 59
-    '?': 63
+    '!': 33 - !
+    '#': 35 - %23
+    '$': 36 - %24
+    '%': 37 - %25
+    '&': 38 - %26
+    ''': 39 - '
+    '(': 40 - (
+    ')': 41 - )
+    '*': 42 - *
+    '+': 43 - %2B
+    ',': 44 - %2C
+    '-': 45 - -
+    '.': 46 - .
+    '/': 47 - %2F
+    ':': 58 - %3A
+    ';': 59 - %3B
+    '=': 61 - %3D
+    '?': 63 - %3F
+    '@': 64 - %40
+    '_': 95 - _
+    '~': 126 - ~
 */
@@ -18,3 +31,2 @@
 const http = require('http')
-const fastDecode = require('fast-decode-uri-component')
 const isRegexSafe = require('safe-regex2')
@@ -24,2 +36,3 @@ const { flattenNode, compressFlattenedNode, prettyPrintFlattenedNode, prettyPrintRoutesArray } = require('./lib/pretty-print')
 const Constrainer = require('./lib/constrainer')
+const sanitizeUrl = require('./lib/url-sanitizer')
 
@@ -378,3 +391,3 @@ const NODE_TYPES = Node.prototype.types
 Router.prototype.lookup = function lookup (req, res, ctx) {
-  var handle = this.find(req.method, sanitizeUrl(req.url), this.constrainer.deriveConstraints(req, ctx))
+  var handle = this.find(req.method, req.url, this.constrainer.deriveConstraints(req, ctx))
   if (handle === null) return this._defaultRoute(req, res, ctx)
@@ -394,2 +407,10 @@ return ctx === undefined
 
+  let sanitizedUrl
+  try {
+    sanitizedUrl = sanitizeUrl(path)
+    path = sanitizedUrl.path
+  } catch (error) {
+    return this._onBadUrl(path)
+  }
+
   var originalPath = path
@@ -502,7 +523,5 @@ var originalPathLength = path.length
       if (i > maxParamLength) return null
-      decoded = fastDecode(originalPath.slice(idxInOriginalPath, idxInOriginalPath + i))
+      decoded = sanitizedUrl.sliceParameter(idxInOriginalPath, idxInOriginalPath + i)
       if (decoded === null) {
-        return this.onBadUrl !== null
-          ? this._onBadUrl(originalPath.slice(idxInOriginalPath, idxInOriginalPath + i))
-          : null
+        return this._onBadUrl(originalPath.slice(idxInOriginalPath, idxInOriginalPath + i))
       }
@@ -518,7 +537,5 @@ params || (params = [])
     if (kind === NODE_TYPES.MATCH_ALL) {
-      decoded = fastDecode(originalPath.slice(idxInOriginalPath))
+      decoded = sanitizedUrl.sliceParameter(idxInOriginalPath)
       if (decoded === null) {
-        return this.onBadUrl !== null
-          ? this._onBadUrl(originalPath.slice(idxInOriginalPath))
-          : null
+        return this._onBadUrl(originalPath.slice(idxInOriginalPath))
       }
@@ -538,7 +555,5 @@ params || (params = [])
       if (i > maxParamLength) return null
-      decoded = fastDecode(originalPath.slice(idxInOriginalPath, idxInOriginalPath + i))
+      decoded = sanitizedUrl.sliceParameter(idxInOriginalPath, idxInOriginalPath + i)
       if (decoded === null) {
-        return this.onBadUrl !== null
-          ? this._onBadUrl(originalPath.slice(idxInOriginalPath, idxInOriginalPath + i))
-          : null
+        return this._onBadUrl(originalPath.slice(idxInOriginalPath, idxInOriginalPath + i))
       }
@@ -565,7 +580,5 @@ if (!node.regex.test(decoded)) return null
       }
-      decoded = fastDecode(originalPath.slice(idxInOriginalPath, idxInOriginalPath + i))
+      decoded = sanitizedUrl.sliceParameter(idxInOriginalPath, idxInOriginalPath + i)
       if (decoded === null) {
-        return this.onBadUrl !== null
-          ? this._onBadUrl(originalPath.slice(idxInOriginalPath, idxInOriginalPath + i))
-          : null
+        return this._onBadUrl(originalPath.slice(idxInOriginalPath, idxInOriginalPath + i))
       }
@@ -583,9 +596,7 @@ params || (params = [])
 
-Router.prototype._getWildcardNode = function (node, path, len, derivedConstraints, params) {
+Router.prototype._getWildcardNode = function (node, sanitizedUrl, len, derivedConstraints, params) {
   if (node === null) return null
-  var decoded = fastDecode(path.slice(-len))
+  var decoded = sanitizedUrl.slice(-len)
   if (decoded === null) {
-    return this.onBadUrl !== null
-      ? this._onBadUrl(path.slice(-len))
-      : null
+    return this._onBadUrl(sanitizedUrl.slice(-len))
   }
@@ -629,2 +640,5 @@
 Router.prototype._onBadUrl = function (path) {
+  if (this.onBadUrl === null) {
+    return null
+  }
   const onBadUrl = this.onBadUrl
@@ -677,15 +691,2 @@ return {
 
-function sanitizeUrl (url) {
-  for (var i = 0, len = url.length; i < len; i++) {
-    var charCode = url.charCodeAt(i)
-    // Some systems do not follow RFC and separate the path and query
-    // string with a `;` character (code 59), e.g. `/foo;jsessionid=123456`.
-    // Thus, we need to split on `;` as well as `?` and `#`.
-    if (charCode === 63 || charCode === 59 || charCode === 35) {
-      return url.slice(0, i)
-    }
-  }
-  return url
-}
-
 function getClosingParenthensePosition (path, idx) {
@@ -692,0 +693,0 @@ // `path.indexOf()` will always return the first position of the closing parenthese,

package.json

 {
   "name": "find-my-way",
-  "version": "4.4.0",
+  "version": "5.0.0",
   "description": "Crazy fast http radix based router",
@@ -27,3 +27,3 @@ "main": "index.js",
   "engines": {
-    "node": ">=10"
+    "node": ">=12"
   },
@@ -30,0 +30,0 @@ "author": "Tomas Della Vedova - @delvedor (http://delved.org)",

README.md

@@ -324,2 +324,4 @@ # find-my-way
 
+**Note** that you must encode the parameters containing [reserved characters](https://www.rfc-editor.org/rfc/rfc3986#section-2.2).
+
 <a name="match-order"></a>
@@ -326,0 +328,0 @@ ##### Match order

test/on-bad-url.test.js

@@ -14,3 +14,3 @@ 'use strict'
     onBadUrl: (path, req, res) => {
-      t.equal(path, '/%world')
+      t.equal(path, '/%world', { todo: 'this is not executed' })
     }
@@ -34,3 +34,3 @@ })
     onBadUrl: (path, req, res) => {
-      t.equal(path, '%world')
+      t.equal(path, '/hello/%world')
     }
@@ -37,0 +37,0 @@ })

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

258379

increased by3%

Number of package files

61

increased by3.39%

Lines of code

6508

increased by2.76%

Number of lines in readme file

564

increased by0.36%

No dependency changes