@abtnode/router-provider 1.16.13 → 1.16.14-beta-0c29907f
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/lib/default/daemon.js
CHANGED
|
@@ -175,6 +175,7 @@ const corsHandler = (host, req, res) => {
|
|
|
175
175
|
if (allowedOrigins.includes('*')) {
|
|
176
176
|
res.writeHead(204, {
|
|
177
177
|
Vary: 'Origin',
|
|
178
|
+
// TODO: @zhanghan 需要优先读取应用代码透传的 header
|
|
178
179
|
'Access-Control-Allow-Origin': '*',
|
|
179
180
|
'Access-Control-Allow-Credentials': false,
|
|
180
181
|
'Access-Control-Allow-Methods': 'POST, GET, HEAD, PUT, DELETE, OPTIONS',
|
|
@@ -189,6 +190,7 @@ const corsHandler = (host, req, res) => {
|
|
|
189
190
|
if (allowedOrigins.some((x) => checkDomainMatch(x, currentOrigin))) {
|
|
190
191
|
res.writeHead(204, {
|
|
191
192
|
Vary: 'Origin',
|
|
193
|
+
// TODO: @zhanghan 需要优先读取应用代码透传的 header
|
|
192
194
|
'Access-Control-Allow-Origin': currentOrigin,
|
|
193
195
|
'Access-Control-Allow-Credentials': false,
|
|
194
196
|
'Access-Control-Allow-Methods': 'POST, GET, HEAD, PUT, DELETE, OPTIONS',
|
|
@@ -1,6 +1,8 @@
|
|
|
1
|
-
|
|
1
|
+
# TODO: 需要优先读取应用代码透传的 header
|
|
2
|
+
# add_header Access-Control-Allow-Credentials false always;
|
|
2
3
|
add_header Vary Origin always;
|
|
3
4
|
add_header Access-Control-Allow-Methods "POST, GET, HEAD, PUT, DELETE, OPTIONS" always;
|
|
4
5
|
add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,$http_access_control_request_headers";
|
|
5
|
-
|
|
6
|
+
# TODO: 需要优先读取应用代码透传的 header
|
|
7
|
+
# add_header Access-Control-Allow-Origin * always;
|
|
6
8
|
add_header Access-Control-Max-Age 1800;
|
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
|
|
1
|
+
# TODO: 需要优先读取应用代码透传的 header
|
|
2
|
+
# add_header Access-Control-Allow-Credentials false always;
|
|
2
3
|
add_header Vary Origin always;
|
|
3
4
|
add_header Access-Control-Allow-Methods "POST, GET, HEAD, PUT, DELETE, OPTIONS" always;
|
|
4
5
|
add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,$http_access_control_request_headers";
|
package/lib/nginx/includes/proxy
CHANGED
|
@@ -1,8 +1,9 @@
|
|
|
1
|
-
|
|
2
|
-
proxy_hide_header
|
|
3
|
-
proxy_hide_header
|
|
4
|
-
proxy_hide_header Access-Control-Allow-
|
|
5
|
-
proxy_hide_header
|
|
1
|
+
# TODO: 需要优先读取应用代码透传的 header
|
|
2
|
+
# proxy_hide_header Access-Control-Allow-Credentials;
|
|
3
|
+
# proxy_hide_header Vary;
|
|
4
|
+
# proxy_hide_header Access-Control-Allow-Origin;
|
|
5
|
+
# proxy_hide_header Access-Control-Allow-Methods;
|
|
6
|
+
# proxy_hide_header X-Powered-By;
|
|
6
7
|
|
|
7
8
|
proxy_set_header Host $host;
|
|
8
9
|
proxy_set_header X-Real-IP $remote_addr;
|
package/lib/nginx/index.js
CHANGED
|
@@ -9,13 +9,11 @@ const kill = require('fkill');
|
|
|
9
9
|
const getPort = require('get-port');
|
|
10
10
|
const uniqBy = require('lodash/uniqBy');
|
|
11
11
|
const isEmpty = require('lodash/isEmpty');
|
|
12
|
-
const cloneDeep = require('lodash/cloneDeep');
|
|
13
12
|
const formatBackSlash = require('@abtnode/util/lib/format-back-slash');
|
|
14
13
|
const {
|
|
15
14
|
DOMAIN_FOR_DEFAULT_SITE,
|
|
16
15
|
ROUTING_RULE_TYPES,
|
|
17
16
|
CONFIG_FOLDER_NAME,
|
|
18
|
-
DEFAULT_ADMIN_PATH,
|
|
19
17
|
SLOT_FOR_IP_DNS_SITE,
|
|
20
18
|
WELLKNOWN_SERVICE_PATH_PREFIX,
|
|
21
19
|
USER_AVATAR_PATH_PREFIX,
|
|
@@ -57,9 +55,6 @@ const {
|
|
|
57
55
|
|
|
58
56
|
const REQUIRED_MODULES = [{ configName: 'with-stream', moduleBinaryName: 'ngx_stream_module.so' }];
|
|
59
57
|
|
|
60
|
-
// TODO: move the did-auth-path-prefix to a constant
|
|
61
|
-
const ADMIN_DID_AUTH_PATH_PREFIX = `${DEFAULT_ADMIN_PATH}/api/did`;
|
|
62
|
-
|
|
63
58
|
// convert wildcard domain and ipDnsDomain template to regex
|
|
64
59
|
const parseServerName = (domain) => {
|
|
65
60
|
// ipDnsDomain template
|
|
@@ -136,10 +131,6 @@ class NginxProvider extends BaseProvider {
|
|
|
136
131
|
this.initialize();
|
|
137
132
|
}
|
|
138
133
|
|
|
139
|
-
static isDidAuthPrefix(prefix) {
|
|
140
|
-
return prefix === ADMIN_DID_AUTH_PATH_PREFIX;
|
|
141
|
-
}
|
|
142
|
-
|
|
143
134
|
getRelativeConfigDir(dir) {
|
|
144
135
|
return path.relative(this.configDir, dir);
|
|
145
136
|
}
|
|
@@ -190,14 +181,7 @@ class NginxProvider extends BaseProvider {
|
|
|
190
181
|
conf.on('flushed', () => resolve());
|
|
191
182
|
conf.live(this.configPath);
|
|
192
183
|
|
|
193
|
-
const { sites, configs: siteCorsConfigs } = formatRoutingTable(routingTable
|
|
194
|
-
// TODO: this is really hacky, and should be abstracted out
|
|
195
|
-
if (rule.type === ROUTING_RULE_TYPES.DAEMON && rule.prefix === DEFAULT_ADMIN_PATH) {
|
|
196
|
-
const clonedRule = cloneDeep(rule);
|
|
197
|
-
clonedRule.prefix = ADMIN_DID_AUTH_PATH_PREFIX;
|
|
198
|
-
rules.push(clonedRule);
|
|
199
|
-
}
|
|
200
|
-
});
|
|
184
|
+
const { sites, configs: siteCorsConfigs } = formatRoutingTable(routingTable);
|
|
201
185
|
|
|
202
186
|
this._addCorsMap(conf, siteCorsConfigs);
|
|
203
187
|
conf.nginx.http._add('server_tokens', 'off');
|
|
@@ -475,10 +459,9 @@ class NginxProvider extends BaseProvider {
|
|
|
475
459
|
server._add('location', concatPath(prefix, suffix));
|
|
476
460
|
|
|
477
461
|
const location = this._getLastLocation(server);
|
|
478
|
-
const isDidAuthPath = NginxProvider.isDidAuthPrefix(prefix);
|
|
479
462
|
|
|
480
463
|
// Note: 下面这段代码比较 tricky,不要在这段代码之前添加任何 add_header, proxy_set_header, proxy_hide_header 的语句,否则 nginx 配置可能无法按预期工作
|
|
481
|
-
this._addCors({ location, corsAllowedOrigins, serverName
|
|
464
|
+
this._addCors({ location, corsAllowedOrigins, serverName });
|
|
482
465
|
|
|
483
466
|
this._addCommonResHeaders(location, commonHeaders);
|
|
484
467
|
if (!cacheGroup && !suffix) {
|
|
@@ -539,10 +522,9 @@ class NginxProvider extends BaseProvider {
|
|
|
539
522
|
}
|
|
540
523
|
|
|
541
524
|
// Redirect daemon traffic
|
|
542
|
-
|
|
543
|
-
location._add('proxy_set_header', `X-Path-Prefix "${rewritePathPrefix}"`);
|
|
525
|
+
location._add('proxy_set_header', `X-Path-Prefix "${prefix}"`);
|
|
544
526
|
if (!suffix && prefix !== target) {
|
|
545
|
-
location._add('rewrite', `^${
|
|
527
|
+
location._add('rewrite', `^${prefix}/?(.*) ${`${target}/`.replace(/\/\//g, '/')}$1 break`);
|
|
546
528
|
}
|
|
547
529
|
|
|
548
530
|
location._add('proxy_pass', `http://${getUpstreamName(port)}`);
|
|
@@ -553,9 +535,7 @@ class NginxProvider extends BaseProvider {
|
|
|
553
535
|
server._add('location', `${concatPath(prefix, suffix)}`);
|
|
554
536
|
const location = this._getLastLocation(server);
|
|
555
537
|
|
|
556
|
-
|
|
557
|
-
|
|
558
|
-
this._addCors({ location, corsAllowedOrigins, serverName, isDidAuthPath });
|
|
538
|
+
this._addCors({ location, corsAllowedOrigins, serverName });
|
|
559
539
|
|
|
560
540
|
location._add('set $abt_query_string', '""');
|
|
561
541
|
location._addVerbatimBlock('if ($query_string)', 'set $abt_query_string "?$query_string";');
|
|
@@ -897,18 +877,20 @@ class NginxProvider extends BaseProvider {
|
|
|
897
877
|
});
|
|
898
878
|
}
|
|
899
879
|
|
|
900
|
-
_addCors({ location, corsAllowedOrigins, serverName
|
|
880
|
+
_addCors({ location, corsAllowedOrigins, serverName }) {
|
|
901
881
|
if (!isEmpty(corsAllowedOrigins)) {
|
|
902
|
-
if (corsAllowedOrigins.includes(DOMAIN_FOR_DEFAULT_SITE)
|
|
882
|
+
if (corsAllowedOrigins.includes(DOMAIN_FOR_DEFAULT_SITE)) {
|
|
903
883
|
location._add('include', 'includes/cors-loose');
|
|
904
884
|
location._add('include', 'includes/security');
|
|
905
885
|
} else {
|
|
886
|
+
// TODO: @zhanghan 此处是否需要变更默认的值,如果在逻辑代码中有指定的 Access-Control-Allow-Origin,则应该优先遵守逻辑代码中的配置
|
|
906
887
|
location._add('add_header', `Access-Control-Allow-Origin $allow_origin_${md5(serverName)} always`);
|
|
907
888
|
location._add('include', 'includes/cors-strict');
|
|
908
889
|
location._add('include', 'includes/security');
|
|
909
890
|
}
|
|
910
891
|
|
|
911
|
-
|
|
892
|
+
// TODO: @zhanghan 统一登录需要自行处理 options 请求的逻辑
|
|
893
|
+
// location._addVerbatimBlock('if ($request_method = "OPTIONS")', 'return 204;');
|
|
912
894
|
} else {
|
|
913
895
|
location._add('include', 'includes/security');
|
|
914
896
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@abtnode/router-provider",
|
|
3
|
-
"version": "1.16.
|
|
3
|
+
"version": "1.16.14-beta-0c29907f",
|
|
4
4
|
"description": "Routing engine implementations for abt node",
|
|
5
5
|
"author": "polunzh <polunzh@gmail.com>",
|
|
6
6
|
"homepage": "https://github.com/ArcBlock/blocklet-server#readme",
|
|
@@ -32,10 +32,10 @@
|
|
|
32
32
|
"url": "https://github.com/ArcBlock/blocklet-server/issues"
|
|
33
33
|
},
|
|
34
34
|
"dependencies": {
|
|
35
|
-
"@abtnode/constant": "1.16.
|
|
36
|
-
"@abtnode/logger": "1.16.
|
|
37
|
-
"@abtnode/router-templates": "1.16.
|
|
38
|
-
"@abtnode/util": "1.16.
|
|
35
|
+
"@abtnode/constant": "1.16.14-beta-0c29907f",
|
|
36
|
+
"@abtnode/logger": "1.16.14-beta-0c29907f",
|
|
37
|
+
"@abtnode/router-templates": "1.16.14-beta-0c29907f",
|
|
38
|
+
"@abtnode/util": "1.16.14-beta-0c29907f",
|
|
39
39
|
"@arcblock/http-proxy": "^1.19.1",
|
|
40
40
|
"axios": "^0.27.2",
|
|
41
41
|
"debug": "^4.3.4",
|
|
@@ -59,5 +59,5 @@
|
|
|
59
59
|
"bluebird": "^3.7.2",
|
|
60
60
|
"fs-extra": "^10.1.0"
|
|
61
61
|
},
|
|
62
|
-
"gitHead": "
|
|
62
|
+
"gitHead": "1f02851a71861dbf09bfedfa9df6d9fc6d2355a3"
|
|
63
63
|
}
|