@decocms/start 6.3.1 → 6.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/sdk/workerEntry.ts +26 -1
package/package.json
CHANGED
package/src/sdk/workerEntry.ts
CHANGED
|
@@ -662,7 +662,7 @@ export function createDecoWorkerEntry(
|
|
|
662
662
|
admin,
|
|
663
663
|
detectProfile: customDetect,
|
|
664
664
|
deviceSpecificKeys = true,
|
|
665
|
-
buildSegment,
|
|
665
|
+
buildSegment: rawBuildSegment,
|
|
666
666
|
purgeTokenEnv = "PURGE_TOKEN",
|
|
667
667
|
bypassPaths,
|
|
668
668
|
extraBypassPaths = [],
|
|
@@ -678,6 +678,31 @@ export function createDecoWorkerEntry(
|
|
|
678
678
|
cdnCacheControl: cdnCacheControlOpt = "no-store",
|
|
679
679
|
} = options;
|
|
680
680
|
|
|
681
|
+
// Backfill `regionId` from Cloudflare geo when the consumer's buildSegment
|
|
682
|
+
// doesn't set one. Without this, sites using website/matchers/location.ts
|
|
683
|
+
// get a single cached response per device that leaks across regions: the
|
|
684
|
+
// first visitor's resolved variant gets served to everyone. With this,
|
|
685
|
+
// existing sites get region-segmented cache "for free" on bump — no
|
|
686
|
+
// worker-entry.ts edit required.
|
|
687
|
+
function readRegionFromRequest(request: Request): string | undefined {
|
|
688
|
+
// Trust the Cloudflare-injected `request.cf` first — it can't be spoofed
|
|
689
|
+
// by clients. Fall back to the `cf-region-code` header for environments
|
|
690
|
+
// that surface geo only via headers (e.g. tests, non-CF proxies).
|
|
691
|
+
const cf = (request as unknown as { cf?: { regionCode?: string } }).cf;
|
|
692
|
+
if (cf?.regionCode) return cf.regionCode;
|
|
693
|
+
const fromHeader = request.headers.get("cf-region-code");
|
|
694
|
+
return fromHeader || undefined;
|
|
695
|
+
}
|
|
696
|
+
|
|
697
|
+
const buildSegment = rawBuildSegment
|
|
698
|
+
? (request: Request): SegmentKey => {
|
|
699
|
+
const seg = rawBuildSegment(request);
|
|
700
|
+
if (seg.regionId) return seg;
|
|
701
|
+
const region = readRegionFromRequest(request);
|
|
702
|
+
return region ? { ...seg, regionId: region } : seg;
|
|
703
|
+
}
|
|
704
|
+
: undefined;
|
|
705
|
+
|
|
681
706
|
const safeCookieSet = new Set(safeCookiesOpt);
|
|
682
707
|
|
|
683
708
|
// Build the final security headers map (merged defaults + custom + CSP)
|