@adobe/helix-html-pipeline 1.0.5 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/CHANGELOG.md +22 -0
  2. package/package.json +2 -2
  3. package/src/html-pipe.js +7 -0
  4. package/src/steps/extract-metadata.js +4 -3
  5. package/src/steps/folder-mapping.js +2 -3
  6. package/src/steps/set-x-surrogate-key-header.js +2 -2
  7. package/src/steps/utils.js +60 -22
  8. package/src/utils/path.js +11 -0
package/CHANGELOG.md CHANGED
@@ -1,3 +1,25 @@
1
+ ## [1.1.2](https://github.com/adobe/helix-html-pipeline/compare/v1.1.1...v1.1.2) (2022-03-11)
2
+
3
+
4
+ ### Bug Fixes
5
+
6
+ * handling invalid input url with 400 ([#16](https://github.com/adobe/helix-html-pipeline/issues/16)) ([4491691](https://github.com/adobe/helix-html-pipeline/commit/449169107cc1d6a3b7b5fd211b39174d59fb2a8e)), closes [#15](https://github.com/adobe/helix-html-pipeline/issues/15)
7
+
8
+ ## [1.1.1](https://github.com/adobe/helix-html-pipeline/compare/v1.1.0...v1.1.1) (2022-03-10)
9
+
10
+
11
+ ### Bug Fixes
12
+
13
+ * adapt to breaking change (computeSurrogateKey is async) ([9c8830d](https://github.com/adobe/helix-html-pipeline/commit/9c8830dc8db3007921dd85f27537c030d80c0cbf))
14
+ * **deps:** update dependency @adobe/helix-shared-utils to v2.0.4 ([b5cd927](https://github.com/adobe/helix-html-pipeline/commit/b5cd92783f03c47f7f26fbaa6c9438ea11c1e05b))
15
+
16
+ # [1.1.0](https://github.com/adobe/helix-html-pipeline/compare/v1.0.5...v1.1.0) (2022-03-10)
17
+
18
+
19
+ ### Features
20
+
21
+ * avoid node built-ins (path and url) ([9e315df](https://github.com/adobe/helix-html-pipeline/commit/9e315df46fc7f473e437feb2e2d3dfdf9c6ddfc2))
22
+
1
23
  ## [1.0.5](https://github.com/adobe/helix-html-pipeline/compare/v1.0.4...v1.0.5) (2022-03-08)
2
24
 
3
25
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@adobe/helix-html-pipeline",
3
- "version": "1.0.5",
3
+ "version": "1.1.2",
4
4
  "description": "Helix HTML Pipeline",
5
5
  "main": "src/index.js",
6
6
  "types": "src/index.d.ts",
@@ -33,7 +33,7 @@
33
33
  },
34
34
  "dependencies": {
35
35
  "@adobe/helix-markdown-support": "3.1.2",
36
- "@adobe/helix-shared-utils": "2.0.3",
36
+ "@adobe/helix-shared-utils": "2.0.4",
37
37
  "github-slugger": "1.4.0",
38
38
  "hast-util-to-html": "8.0.3",
39
39
  "jsdom": "19.0.0",
package/src/html-pipe.js CHANGED
@@ -110,6 +110,13 @@ export async function htmlPipe(state, req) {
110
110
  }
111
111
  log.error(`error running pipeline: ${res.status} ${res.error}`, e);
112
112
  res.headers.set('x-error', cleanupHeaderValue(res.error));
113
+
114
+ // turn any URL errors into a 400, since they are user input
115
+ // see https://github.com/adobe/helix-pipeline-service/issues/346
116
+ if (e.code === 'ERR_INVALID_URL') {
117
+ res.status = 400;
118
+ res.headers.set('x-error', cleanupHeaderValue(`invalid url: ${e.input}`));
119
+ }
113
120
  }
114
121
 
115
122
  return res;
package/src/steps/extract-metadata.js CHANGED
@@ -9,8 +9,9 @@
9
9
  * OF ANY KIND, either express or implied. See the License for the specific language
10
10
  * governing permissions and limitations under the License.
11
11
  */
12
- import { resolve } from 'url';
13
- import { getAbsoluteUrl, makeCanonicalHtmlUrl, optimizeImageURL } from './utils.js';
12
+ import {
13
+ getAbsoluteUrl, makeCanonicalHtmlUrl, optimizeImageURL, resolveUrl,
14
+ } from './utils.js';
14
15
  import { filterGlobalMetadata, toMetaName, ALLOWED_RESPONSE_HEADERS } from '../utils/metadata.js';
15
16
 
16
17
  /**
@@ -110,7 +111,7 @@ function getLocalMetadata(document) {
110
111
  * @returns The optimized image URL
111
112
  */
112
113
  function optimizeMetaImage(pagePath, imgUrl) {
113
- const src = resolve(pagePath, imgUrl);
114
+ const src = resolveUrl(pagePath, imgUrl);
114
115
  if (src.startsWith('/')) {
115
116
  return optimizeImageURL(src, 1200, 'pjpg');
116
117
  }
package/src/steps/folder-mapping.js CHANGED
@@ -9,8 +9,7 @@
9
9
  * OF ANY KIND, either express or implied. See the License for the specific language
10
10
  * governing permissions and limitations under the License.
11
11
  */
12
- import { extname } from 'path';
13
- import { getPathInfo } from '../utils/path.js';
12
+ import { getPathInfo, getExtension } from '../utils/path.js';
14
13
 
15
14
  /**
16
15
  * Finds the mapping from path to folders in fstab
@@ -49,7 +48,7 @@ export default function folderMapping(state) {
49
48
  const mapped = mapPath(folders, path);
50
49
  if (mapped) {
51
50
  state.info = getPathInfo(mapped);
52
- if (extname(mapped)) {
51
+ if (getExtension(mapped)) {
53
52
  // special case: use code-bus
54
53
  state.content.sourceBus = 'code';
55
54
  state.info.resourcePath = mapped;
package/src/steps/set-x-surrogate-key-header.js CHANGED
@@ -18,14 +18,14 @@ import { computeSurrogateKey } from '@adobe/helix-shared-utils';
18
18
  * @param {PipelineResponse} res
19
19
  * @returns {Promise<void>}
20
20
  */
21
- export default function setXSurrogateKeyHeader(state, req, res) {
21
+ export default async function setXSurrogateKeyHeader(state, req, res) {
22
22
  const {
23
23
  content, contentBusId, info, owner, repo, ref,
24
24
  } = state;
25
25
 
26
26
  const keys = [];
27
27
  if (content.sourceLocation) {
28
- keys.push(computeSurrogateKey(content.sourceLocation));
28
+ keys.push(await computeSurrogateKey(content.sourceLocation));
29
29
  }
30
30
  if (info.selector !== 'plain') {
31
31
  keys.push(`${contentBusId}_metadata`);
package/src/steps/utils.js CHANGED
@@ -9,7 +9,6 @@
9
9
  * OF ANY KIND, either express or implied. See the License for the specific language
10
10
  * governing permissions and limitations under the License.
11
11
  */
12
- import { parse, resolve } from 'url';
13
12
 
14
13
  /**
15
14
  * Returns the original host name from the request to the outer CDN.
@@ -25,21 +24,7 @@ export function getOriginalHost(headers) {
25
24
  }
26
25
 
27
26
  /**
28
- * Turns a relative into an absolute URL.
29
- * @param {object} headers The request headers
30
- * @param {string} url The relative or absolute URL
31
- * @returns {string} The absolute URL or <code>null</code>
32
- * if <code>url</code> is not a string
33
- */
34
- export function getAbsoluteUrl(headers, url) {
35
- if (typeof url !== 'string') {
36
- return null;
37
- }
38
- return resolve(`https://${getOriginalHost(headers)}/`, url);
39
- }
40
-
41
- /**
42
- * Returns the canonical HTML url for the give one by
27
+ * Returns the canonical HTML url for the given one by
43
28
  *
44
29
  * - removing .html extension
45
30
  * - removing index
@@ -95,13 +80,66 @@ export function toClassName(text) {
95
80
  * @returns {string}
96
81
  */
97
82
  export function optimizeImageURL(src, width, format = 'webply', optimize = 'medium') {
98
- // use deprecated api to avoid complexity with non absolute paths
99
- const url = parse(src, true);
83
+ if (typeof src !== 'string') {
84
+ throw new TypeError(`Parameter 'url' must be a string, not ${typeof src}`);
85
+ }
86
+
87
+ const simplePath = (uri) => uri.startsWith('/') || uri.startsWith('./');
88
+
89
+ const uri = src.trim();
90
+
91
+ let url;
92
+ if (simplePath(uri)) {
93
+ url = new URL(`https://dummy${uri[0] !== '/' ? '/' : ''}${uri}`);
94
+ } else {
95
+ url = new URL(uri);
96
+ }
100
97
  delete url.search;
101
98
  if (width) {
102
- url.query.width = String(width);
99
+ url.searchParams.set('width', String(width));
100
+ }
101
+ url.searchParams.set('format', format);
102
+ url.searchParams.set('optimize', optimize);
103
+
104
+ if (simplePath(uri)) {
105
+ // preserve original path over url.pathname
106
+ const pos = uri.search(/[?#]/g);
107
+ if (pos > -1) {
108
+ return `${uri.substring(0, pos)}${url.search}${url.hash}`;
109
+ } else {
110
+ return `${uri}${url.search}${url.hash}`;
111
+ }
112
+ }
113
+ return url.toString();
114
+ }
115
+
116
+ /**
117
+ * Resolves a target URL relative to a base URL in a manner similar
118
+ * to that of a web browser resolving an anchor tag.
119
+ * @param {string} from
120
+ * @param {string} to
121
+ * @returns {string} resolved url
122
+ */
123
+ export function resolveUrl(from, to) {
124
+ const resolvedUrl = new URL(to, new URL(from, 'resolve://'));
125
+ if (resolvedUrl.protocol === 'resolve:') {
126
+ // `from` is a relative URL.
127
+ const { pathname, search, hash } = resolvedUrl;
128
+ return pathname + search + hash;
129
+ }
130
+ return resolvedUrl.toString();
131
+ }
132
+
133
+ /**
134
+ * Turns a relative into an absolute URL.
135
+ * @param {object} headers The request headers
136
+ * @param {string} url The relative or absolute URL
137
+ * @returns {string} The absolute URL or <code>null</code>
138
+ * if <code>url</code> is not a string
139
+ */
140
+ export function getAbsoluteUrl(headers, url) {
141
+ if (typeof url !== 'string') {
142
+ return null;
103
143
  }
104
- url.query.format = format;
105
- url.query.optimize = optimize;
106
- return url.format();
144
+ return resolveUrl(`https://${getOriginalHost(headers)}/`, url);
107
145
  }
package/src/utils/path.js CHANGED
@@ -101,3 +101,14 @@ export function validatePathInfo(info) {
101
101
  }
102
102
  return true;
103
103
  }
104
+
105
+ /**
106
+ * Returns the file extension (e.g. '.html') of the given parh
107
+ * @param {string} path the path to get the extension from
108
+ * @return {string} the file extension or '' if there's no extension
109
+ */
110
+ export function getExtension(path) {
111
+ const basename = path.split('/').pop();
112
+ const pos = basename.lastIndexOf('.');
113
+ return (basename === '' || pos < 1) ? '' : basename.slice(pos);
114
+ }