Skip to content

Commit

Permalink
decode header to avoid index out of bounds
Browse files Browse the repository at this point in the history
  • Loading branch information
@ematipico
ematipico committed Oct 11, 2024
1 parent ada0ae6 commit 6b1d0e8
Show file tree
Hide file tree
Showing 3 changed files with 17 additions and 3 deletions.
3 changes: 2 additions & 1 deletion packages/astro/src/actions/runtime/middleware.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import {
type SerializedActionResult,
serializeActionResult,
} from './virtual/shared.js';
import {getOriginHeader} from "../../core/routing/rewrite.js";

export type ActionPayload = {
actionResult: SerializedActionResult;
Expand Down Expand Up @@ -136,7 +137,7 @@ async function redirectWithResult({
return context.redirect(referer);
}

const referer = context.request.headers.get(ASTRO_ORIGIN_HEADER);
const referer = getOriginHeader(context.request);
if (referer) {
return context.redirect(referer);
}
Expand Down
4 changes: 2 additions & 2 deletions packages/astro/src/core/render-context.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ import { callMiddleware } from './middleware/callMiddleware.js';
import { sequence } from './middleware/index.js';
import { renderRedirect } from './redirects/render.js';
import { type Pipeline, Slots, getParams, getProps } from './render/index.js';
import { copyRequest } from './routing/rewrite.js';
import {copyRequest, setOriginHeader} from './routing/rewrite.js';

export const apiContextRoutesSymbol = Symbol.for('context.routes');

Expand Down Expand Up @@ -83,7 +83,7 @@ export class RenderContext {
Pick<RenderContext, 'locals' | 'middleware' | 'status' | 'props'>
>): Promise<RenderContext> {
const pipelineMiddleware = await pipeline.getMiddleware();
request.headers.set(ASTRO_ORIGIN_HEADER, pathname);
setOriginHeader(request, pathname)
return new RenderContext(
pipeline,
locals,
Expand Down
13 changes: 13 additions & 0 deletions packages/astro/src/core/routing/rewrite.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ import { shouldAppendForwardSlash } from '../build/util.js';
import { AstroError, AstroErrorData } from '../errors/index.js';
import { appendForwardSlash, removeTrailingForwardSlash } from '../path.js';
import { DEFAULT_404_ROUTE } from './astro-designed-error-pages.js';
import {ASTRO_ORIGIN_HEADER} from "../constants.js";

export type FindRouteToRewrite = {
payload: RewritePayload;
Expand Down Expand Up @@ -100,3 +101,15 @@ export function copyRequest(newUrl: URL, oldRequest: Request): Request {
duplex: 'half',
});
}

export function setOriginHeader(request: Request, pathname: string): void {
request.headers.set(ASTRO_ORIGIN_HEADER, encodeURIComponent(pathname));
}

export function getOriginHeader(request: Request): string | undefined {
const origin = request.headers.get(ASTRO_ORIGIN_HEADER);
if (origin) {
return decodeURIComponent(origin)
}
return undefined
}

0 comments on commit 6b1d0e8

Please sign in to comment.