npm - @carno.js/core - Versions diffs - 0.2.3 → 0.2.4 - Mend

@carno.js/core 0.2.3 → 0.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/dist/Carno.d.ts +1 -1
package/dist/Carno.js +6 -34
package/dist/domain/Context.d.ts +5 -0
package/dist/domain/Context.js +45 -5
package/dist/domain/cors-headers-cache.d.ts +15 -0
package/dist/domain/cors-headers-cache.js +57 -0
package/package.json +3 -3

package/dist/Carno.d.ts CHANGED Viewed

@@ -16,6 +16,7 @@ export declare class Carno {
     config: ApplicationConfig;
     router: Memoirist<TokenRouteWithProvider>;
     private injector;
+    private corsCache?;
     private fetch;
     private server;
     constructor(config?: ApplicationConfig);
@@ -57,7 +58,6 @@ export declare class Carno {
     private reportHookFailure;
     private isCorsEnabled;
     private isOriginAllowed;
-    private buildCorsHeaders;
     private handlePreflightRequest;
     private applyCorsHeaders;
     close(closeActiveConnections?: boolean): void;

package/dist/Carno.js CHANGED Viewed

@@ -12,7 +12,7 @@ const createInjector_1 = require("./container/createInjector");
 const domain_1 = require("./domain");
 const Context_1 = require("./domain/Context");
 const LocalsContainer_1 = require("./domain/LocalsContainer");
-const cors_config_1 = require("./domain/cors-config");
+const cors_headers_cache_1 = require("./domain/cors-headers-cache");
 const on_event_1 = require("./events/on-event");
 const HttpException_1 = require("./exceptions/HttpException");
 const RouteExecutor_1 = require("./route/RouteExecutor");
@@ -53,6 +53,9 @@ class Carno {
             console.error("Unhandled error:", error);
             return new Response("Internal Server Error", { status: 500 });
         };
+        if (config.cors) {
+            this.corsCache = new cors_headers_cache_1.CorsHeadersCache(config.cors);
+        }
         void this.bootstrapApplication();
     }
     /**
@@ -249,50 +252,19 @@ class Carno {
         }
         return false;
     }
-    buildCorsHeaders(origin) {
-        const cors = this.config.cors;
-        const headers = {};
-        const allowedOrigin = typeof cors.origins === "string" && cors.origins === "*"
-            ? "*"
-            : origin;
-        headers["Access-Control-Allow-Origin"] = allowedOrigin;
-        if (cors.credentials) {
-            headers["Access-Control-Allow-Credentials"] = "true";
-        }
-        const methods = cors.methods || cors_config_1.DEFAULT_CORS_METHODS;
-        headers["Access-Control-Allow-Methods"] = methods.join(", ");
-        const allowedHeaders = cors.allowedHeaders || cors_config_1.DEFAULT_CORS_ALLOWED_HEADERS;
-        headers["Access-Control-Allow-Headers"] = allowedHeaders.join(", ");
-        if (cors.exposedHeaders && cors.exposedHeaders.length > 0) {
-            headers["Access-Control-Expose-Headers"] = cors.exposedHeaders.join(", ");
-        }
-        if (cors.maxAge !== undefined) {
-            headers["Access-Control-Max-Age"] = cors.maxAge.toString();
-        }
-        return headers;
-    }
     handlePreflightRequest(request) {
         const origin = request.headers.get("origin");
         if (!this.isOriginAllowed(origin)) {
             return new Response(null, { status: 403 });
         }
-        const corsHeaders = this.buildCorsHeaders(origin);
+        const corsHeaders = this.corsCache.get(origin);
         return new Response(null, {
             status: 204,
             headers: corsHeaders,
         });
     }
     applyCorsHeaders(response, origin) {
-        const corsHeaders = this.buildCorsHeaders(origin);
-        const newHeaders = new Headers(response.headers);
-        for (const [key, value] of Object.entries(corsHeaders)) {
-            newHeaders.set(key, value);
-        }
-        return new Response(response.body, {
-            status: response.status,
-            statusText: response.statusText,
-            headers: newHeaders,
-        });
+        return this.corsCache.applyToResponse(response, origin);
     }
     close(closeActiveConnections = false) {
         this.server?.stop(closeActiveConnections);

package/dist/domain/Context.d.ts CHANGED Viewed

@@ -23,4 +23,9 @@ export declare class Context {
     getResponseStatus(): number;
     private buildQueryObject;
     private resolveBody;
+    private parseJsonFromBuffer;
+    private parseJsonText;
+    private isEmptyBuffer;
+    private parseUrlEncodedFromBuffer;
+    private decodeBuffer;
 }

package/dist/domain/Context.js CHANGED Viewed

@@ -11,7 +11,9 @@ var __metadata = (this && this.__metadata) || function (k, v) {
 var Context_1;
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.Context = void 0;
+const http_code_enum_1 = require("../commons/http-code.enum");
 const Injectable_decorator_1 = require("../commons/decorators/Injectable.decorator");
+const HttpException_1 = require("../exceptions/HttpException");
 const provider_scope_1 = require("./provider-scope");
 let Context = Context_1 = class Context {
     constructor() {
@@ -88,16 +90,54 @@ let Context = Context_1 = class Context {
     }
     async resolveBody(request) {
         const contentType = request.headers.get('content-type') || '';
-        this.rawBody = await request.clone().arrayBuffer();
+        // Clone request once - preserve original request untouched
+        const clonedRequest = request.clone();
+        // FormData multipart requires consuming as formData
+        if (contentType.includes('multipart/form-data')) {
+            // Need separate clone for rawBody since formData() consumes the body
+            this.rawBody = await request.clone().arrayBuffer();
+            this.setBody(await clonedRequest.formData());
+            return;
+        }
+        // For all other content types, consume body once as ArrayBuffer from clone
+        this.rawBody = await clonedRequest.arrayBuffer();
         if (contentType.includes('application/json')) {
-            this.body = await request.clone().json();
+            this.body = this.parseJsonFromBuffer(this.rawBody);
             return;
         }
-        if (contentType.includes('application/x-www-form-urlencoded') || contentType.includes('multipart/form-data')) {
-            this.setBody(await request.clone().formData());
+        if (contentType.includes('application/x-www-form-urlencoded')) {
+            this.body = this.parseUrlEncodedFromBuffer(this.rawBody);
             return;
         }
-        this.body = { body: await request.clone().text() };
+        // Plain text or unknown content type
+        this.body = { body: this.decodeBuffer(this.rawBody) };
+    }
+    parseJsonFromBuffer(buffer) {
+        if (this.isEmptyBuffer(buffer)) {
+            return {};
+        }
+        return this.parseJsonText(this.decodeBuffer(buffer));
+    }
+    parseJsonText(text) {
+        try {
+            return JSON.parse(text);
+        }
+        catch {
+            throw new HttpException_1.HttpException("Invalid JSON body", http_code_enum_1.HttpCode.BAD_REQUEST);
+        }
+    }
+    isEmptyBuffer(buffer) {
+        return buffer.byteLength === 0;
+    }
+    parseUrlEncodedFromBuffer(buffer) {
+        if (buffer.byteLength === 0) {
+            return {};
+        }
+        const text = this.decodeBuffer(buffer);
+        return Object.fromEntries(new URLSearchParams(text));
+    }
+    decodeBuffer(buffer) {
+        return new TextDecoder().decode(buffer);
     }
 };
 exports.Context = Context;

package/dist/domain/cors-headers-cache.d.ts ADDED Viewed

@@ -0,0 +1,15 @@
+import { CorsConfig } from './cors-config';
+export declare class CorsHeadersCache {
+    private readonly config;
+    private readonly cache;
+    private readonly methodsString;
+    private readonly allowedHeadersString;
+    private readonly exposedHeadersString;
+    private readonly maxAgeString;
+    private readonly hasCredentials;
+    private readonly isWildcard;
+    constructor(config: CorsConfig);
+    get(origin: string): Record<string, string>;
+    private buildHeaders;
+    applyToResponse(response: Response, origin: string): Response;
+}

package/dist/domain/cors-headers-cache.js ADDED Viewed

@@ -0,0 +1,57 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CorsHeadersCache = void 0;
+const cors_config_1 = require("./cors-config");
+class CorsHeadersCache {
+    constructor(config) {
+        this.config = config;
+        this.cache = new Map();
+        const methods = config.methods || cors_config_1.DEFAULT_CORS_METHODS;
+        this.methodsString = methods.join(', ');
+        const allowedHeaders = config.allowedHeaders || cors_config_1.DEFAULT_CORS_ALLOWED_HEADERS;
+        this.allowedHeadersString = allowedHeaders.join(', ');
+        this.exposedHeadersString = config.exposedHeaders?.length
+            ? config.exposedHeaders.join(', ')
+            : null;
+        this.maxAgeString = config.maxAge !== undefined
+            ? config.maxAge.toString()
+            : null;
+        this.hasCredentials = !!config.credentials;
+        this.isWildcard = config.origins === '*';
+    }
+    get(origin) {
+        const cacheKey = this.isWildcard ? '*' : origin;
+        let cached = this.cache.get(cacheKey);
+        if (cached) {
+            return cached;
+        }
+        cached = this.buildHeaders(origin);
+        this.cache.set(cacheKey, cached);
+        return cached;
+    }
+    buildHeaders(origin) {
+        const headers = {
+            'Access-Control-Allow-Origin': this.isWildcard ? '*' : origin,
+            'Access-Control-Allow-Methods': this.methodsString,
+            'Access-Control-Allow-Headers': this.allowedHeadersString,
+        };
+        if (this.hasCredentials) {
+            headers['Access-Control-Allow-Credentials'] = 'true';
+        }
+        if (this.exposedHeadersString) {
+            headers['Access-Control-Expose-Headers'] = this.exposedHeadersString;
+        }
+        if (this.maxAgeString) {
+            headers['Access-Control-Max-Age'] = this.maxAgeString;
+        }
+        return headers;
+    }
+    applyToResponse(response, origin) {
+        const corsHeaders = this.get(origin);
+        for (const key in corsHeaders) {
+            response.headers.set(key, corsHeaders[key]);
+        }
+        return response;
+    }
+}
+exports.CorsHeadersCache = CorsHeadersCache;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@carno.js/core",
-  "version": "0.2.3",
+  "version": "0.2.4",
   "description": "Carno.js is a framework for building web applications object oriented with TypeScript and Bun.sh",
   "keywords": [
     "bun",
@@ -28,7 +28,7 @@
   },
   "repository": {
     "type": "git",
-    "url": "git+ssh://git@github.com:mlusca/carno.js.git"
+    "url": "git+ssh://git@github.com:carnojs/carno.js.git"
   },
   "license": "MIT",
   "dependencies": {
@@ -51,5 +51,5 @@
   "publishConfig": {
     "access": "public"
   },
-  "gitHead": "179037d66f41ab7014a008b141afce3c9232190e"
+  "gitHead": "91d257751a1386de821cd4dd3252fce3c070cfca"
 }