Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

remix-utils

Package Overview
Dependencies
Maintainers
1
Versions
59
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

remix-utils - npm Package Compare versions

Comparing version 3.3.0 to 3.4.0

browser/server/get-client-ip-address.d.ts
browser/server/get-client-ip-address.js
build/server/get-client-ip-address.d.ts
build/server/get-client-ip-address.js

2

browser/server.d.ts
export * from "./server/cors";
export * from "./server/csrf";
export * from "./server/get-client-id-address";
export * from "./server/get-client-ip-address";
export * from "./server/get-client-locales";
export * from "./server/is-prefetch";
export * from "./server/responses";

2

browser/server.js
export * from "./server/cors";
export * from "./server/csrf";
export * from "./server/get-client-id-address";
export * from "./server/get-client-ip-address";
export * from "./server/get-client-locales";
export * from "./server/is-prefetch";
export * from "./server/responses";

11

browser/server/csrf.d.ts

@@ -13,3 +13,3 @@ import { Session } from "@remix-run/server-runtime";

*/
export declare function createAuthenticityToken(session: Session, sessionKey?: string): string;
export declare function createAuthenticityToken(session: Session, sessionKey?: string): any;
/**

@@ -29,3 +29,10 @@ * Verify if a request and session has a valid CSRF token.

* }
* @example
* let action: ActionFunction = async ({ request }) => {
* let session = await getSession(request.headers.get("Cookie"));
* let formData = await unstable_parseMultipartFormData(request, uploadHandler);
* await verifyAuthenticityToken(formData, session);
* // the request is authenticated and you can do anything here
* }
*/
export declare function verifyAuthenticityToken(request: Request, session: Session, sessionKey?: string): Promise<void>;
export declare function verifyAuthenticityToken(data: Request | FormData, session: Session, sessionKey?: string): Promise<void>;

18

browser/server/csrf.js

@@ -15,3 +15,6 @@ import { v4 as uuid } from "uuid";

export function createAuthenticityToken(session, sessionKey = "csrf") {
let token = uuid();
let token = session.get(sessionKey);
if (token)
return token;
token = uuid();
session.set(sessionKey, token);

@@ -34,5 +37,12 @@ return token;

* }
* @example
* let action: ActionFunction = async ({ request }) => {
* let session = await getSession(request.headers.get("Cookie"));
* let formData = await unstable_parseMultipartFormData(request, uploadHandler);
* await verifyAuthenticityToken(formData, session);
* // the request is authenticated and you can do anything here
* }
*/
export async function verifyAuthenticityToken(request, session, sessionKey = "csrf") {
if (request.bodyUsed) {
export async function verifyAuthenticityToken(data, session, sessionKey = "csrf") {
if (data instanceof Request && data.bodyUsed) {
throw new Error("The body of the request was read before calling verifyAuthenticityToken. Ensure you clone it before reading it.");

@@ -43,3 +53,3 @@ }

// still be used and parsed without errors.
let formData = await request.clone().formData();
let formData = data instanceof FormData ? data : await data.clone().formData();
// if the session doesn't have a csrf token, throw an error

@@ -46,0 +56,0 @@ if (!session.has(sessionKey)) {

2

build/server.d.ts
export * from "./server/cors";
export * from "./server/csrf";
export * from "./server/get-client-id-address";
export * from "./server/get-client-ip-address";
export * from "./server/get-client-locales";
export * from "./server/is-prefetch";
export * from "./server/responses";

2

build/server.js

@@ -19,5 +19,5 @@ "use strict";

__exportStar(require("./server/csrf"), exports);
__exportStar(require("./server/get-client-id-address"), exports);
__exportStar(require("./server/get-client-ip-address"), exports);
__exportStar(require("./server/get-client-locales"), exports);
__exportStar(require("./server/is-prefetch"), exports);
__exportStar(require("./server/responses"), exports);

11

build/server/csrf.d.ts

@@ -13,3 +13,3 @@ import { Session } from "@remix-run/server-runtime";

*/
export declare function createAuthenticityToken(session: Session, sessionKey?: string): string;
export declare function createAuthenticityToken(session: Session, sessionKey?: string): any;
/**

@@ -29,3 +29,10 @@ * Verify if a request and session has a valid CSRF token.

* }
* @example
* let action: ActionFunction = async ({ request }) => {
* let session = await getSession(request.headers.get("Cookie"));
* let formData = await unstable_parseMultipartFormData(request, uploadHandler);
* await verifyAuthenticityToken(formData, session);
* // the request is authenticated and you can do anything here
* }
*/
export declare function verifyAuthenticityToken(request: Request, session: Session, sessionKey?: string): Promise<void>;
export declare function verifyAuthenticityToken(data: Request | FormData, session: Session, sessionKey?: string): Promise<void>;

18

build/server/csrf.js

@@ -18,3 +18,6 @@ "use strict";

function createAuthenticityToken(session, sessionKey = "csrf") {
let token = (0, uuid_1.v4)();
let token = session.get(sessionKey);
if (token)
return token;
token = (0, uuid_1.v4)();
session.set(sessionKey, token);

@@ -38,5 +41,12 @@ return token;

* }
* @example
* let action: ActionFunction = async ({ request }) => {
* let session = await getSession(request.headers.get("Cookie"));
* let formData = await unstable_parseMultipartFormData(request, uploadHandler);
* await verifyAuthenticityToken(formData, session);
* // the request is authenticated and you can do anything here
* }
*/
async function verifyAuthenticityToken(request, session, sessionKey = "csrf") {
if (request.bodyUsed) {
async function verifyAuthenticityToken(data, session, sessionKey = "csrf") {
if (data instanceof Request && data.bodyUsed) {
throw new Error("The body of the request was read before calling verifyAuthenticityToken. Ensure you clone it before reading it.");

@@ -47,3 +57,3 @@ }

// still be used and parsed without errors.
let formData = await request.clone().formData();
let formData = data instanceof FormData ? data : await data.clone().formData();
// if the session doesn't have a csrf token, throw an error

@@ -50,0 +60,0 @@ if (!session.has(sessionKey)) {

2

package.json
{
"name": "remix-utils",
"version": "3.3.0",
"version": "3.4.0",
"license": "MIT",

@@ -5,0 +5,0 @@ "engines": {

2

README.md

@@ -580,3 +580,3 @@ # Remix Utils

This hook lets you know if the global transition or if one of any active fetchers is either loading or submittin.
This hook lets you know if the global transition or if one of any active fetchers is either loading or submitting.

@@ -583,0 +583,0 @@ ```ts

browser/server/get-client-id-address.d.ts
browser/server/get-client-id-address.js
build/server/get-client-id-address.d.ts
build/server/get-client-id-address.js
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc