supertokens-website - npm Package Compare versions

Comparing version 20.1.1 to 20.1.2

CHANGELOG.md

@@ -10,6 +10,12 @@ # Changelog
 
-## [20.1.1] - 2024-07-13
+## [20.1.2] - 2024-06-26
 
 ### Changes
 
+- Fixed a session refresh loop caused by blocked cookie writes. The SDK would throw/log a helpful error message when this happens.
+
+## [20.1.1] - 2024-06-13
+
+### Changes
+
 - Added a warning if the SDK can't save to cookies to help people notice/debug these issues faster.
@@ -16,0 +22,0 @@

lib/build/axios.js

@@ -383,7 +383,8 @@ "use strict";
                         if (!_a) return [3 /*break*/, 10];
-                        return [4 /*yield*/, (0, fetch_1.getLocalSessionState)(true)];
+                        return [4 /*yield*/, (0, fetch_1.getLocalSessionState)(false)];
                     case 9:
                         // we do not call doesSessionExist here cause the user might override that
                         // function here and then it may break the logic of our original implementation.
-                        _a = !(_b.sent().status === "EXISTS");
+                        // Calling getLocalSessionState with tryRefresh: false, since the session would have been refreshed in the try block if expired.
+                        _a = _b.sent().status === "NOT_EXISTS";
                         _b.label = 10;
@@ -853,3 +854,3 @@ case 10:
                     if (!(antiCsrfToken !== undefined)) return [3 /*break*/, 9];
-                    return [4 /*yield*/, (0, fetch_1.getLocalSessionState)(true)];
+                    return [4 /*yield*/, (0, fetch_1.getLocalSessionState)(false)];
                 case 7:
@@ -856,0 +857,0 @@ tok = _b.sent();

lib/build/version.d.ts

@@ -1,2 +0,2 @@
-export declare const package_version = "20.1.1";
+export declare const package_version = "20.1.2";
 export declare const supported_fdi: string[];

lib/build/version.js

@@ -18,3 +18,3 @@ "use strict";
  */
-exports.package_version = "20.1.1";
+exports.package_version = "20.1.2";
 exports.supported_fdi = ["1.16", "1.17", "1.18", "1.19", "2.0", "3.0"];

lib/build/xmlhttprequest.js

@@ -164,2 +164,8 @@ "use strict";
         var actual = new oldXMLHttpRequest();
+        var self = this;
+        var listOfFunctionCallsInProxy = [];
+        var requestHeaders = [];
+        var customGetterValues = {};
+        var customResponseHeaders;
+        var eventHandlers = new Map();
         var delayedQueue = firstEventLoopDone;
@@ -169,11 +175,15 @@ function delayIfNecessary(cb) {
                 var _a;
-                return (_a = cb()) === null || _a === void 0 ? void 0 : _a.catch(console.error);
+                return (_a = cb()) === null || _a === void 0
+                    ? void 0
+                    : _a.catch(function (err) {
+                          // Call the onerror handler to ensure XHR throws this error.
+                          var ev = new ProgressEvent("error");
+                          ev.error = err;
+                          if (self.onerror !== undefined && self.onerror !== null) {
+                              self.onerror(ev);
+                          }
+                          redispatchEvent("error", ev);
+                      });
             });
         }
-        var self = this;
-        var listOfFunctionCallsInProxy = [];
-        var requestHeaders = [];
-        var customGetterValues = {};
-        var customResponseHeaders;
-        var eventHandlers = new Map();
         // We define these during open
@@ -344,3 +354,3 @@ // let method: string = "";
                         case 9:
-                            if (!!(_a.sent().status === "EXISTS")) return [3 /*break*/, 12];
+                            if (!(_a.sent().status === "NOT_EXISTS")) return [3 /*break*/, 12];
                             (0,
@@ -864,3 +874,3 @@ logger_1.logDebugMessage)("XHRInterceptor.handleResponse: local session doesn't exist, so removing anti-csrf and sFrontToken");
                     if (!(antiCsrfToken !== null)) return [3 /*break*/, 9];
-                    return [4 /*yield*/, (0, fetch_1.getLocalSessionState)(true)];
+                    return [4 /*yield*/, (0, fetch_1.getLocalSessionState)(false)];
                 case 7:
@@ -867,0 +877,0 @@ tok = _a.sent();

package.json

 {
   "name": "supertokens-website",
-  "version": "20.1.1",
+  "version": "20.1.2",
   "description": "frontend sdk for website to be used for auth solution.",
@@ -5,0 +5,0 @@ "main": "index.js",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

416779

increased by0.8%

Lines of code

8033

increased by0.61%

No dependency changes