npm - @depup/hapi - Versions diffs - 18.1.0-depup.0 - Mend

@depup/hapi 18.1.0-depup.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

package/lib/cors.js ADDED Viewed

@@ -0,0 +1,207 @@
+'use strict';
+const Boom = require('boom');
+const Hoek = require('hoek');
+let Route = null;                           // Delayed load due to circular dependency
+const internals = {};
+exports.route = function (options) {
+    if (!options) {
+        return false;
+    }
+    const settings = Hoek.clone(options);
+    settings._headers = settings.headers.concat(settings.additionalHeaders);
+    settings._headersString = settings._headers.join(',');
+    for (let i = 0; i < settings._headers.length; ++i) {
+        settings._headers[i] = settings._headers[i].toLowerCase();
+    }
+    if (settings._headers.indexOf('origin') === -1) {
+        settings._headers.push('origin');
+    }
+    settings._exposedHeaders = settings.exposedHeaders.concat(settings.additionalExposedHeaders).join(',');
+    if (settings.origin === 'ignore') {
+        settings._origin = false;
+    }
+    else if (settings.origin.indexOf('*') !== -1) {
+        Hoek.assert(settings.origin.length === 1, 'Cannot specify cors.origin * together with other values');
+        settings._origin = true;
+    }
+    else {
+        settings._origin = {
+            qualified: [],
+            wildcards: []
+        };
+        for (const origin of settings.origin) {
+            if (origin.indexOf('*') !== -1) {
+                settings._origin.wildcards.push(new RegExp('^' + Hoek.escapeRegex(origin).replace(/\\\*/g, '.*').replace(/\\\?/g, '.') + '$'));
+            }
+            else {
+                settings._origin.qualified.push(origin);
+            }
+        }
+    }
+    return settings;
+};
+exports.options = function (route, server) {
+    if (route.method === 'options' ||
+        !route.settings.cors) {
+        return;
+    }
+    exports.handler(server);
+};
+exports.handler = function (server) {
+    Route = Route || require('./route');
+    if (server._core.router.specials.options) {
+        return;
+    }
+    const definition = {
+        method: '_special',
+        path: '/{p*}',
+        handler: internals.handler,
+        options: {
+            cors: false
+        }
+    };
+    const route = new Route(definition, server, { special: true });
+    server._core.router.special('options', route);
+};
+internals.handler = function (request, h) {
+    // Validate CORS preflight request
+    const method = request.headers['access-control-request-method'];
+    if (!method) {
+        throw Boom.notFound('CORS error: Missing Access-Control-Request-Method header');
+    }
+    // Lookup route
+    const route = request.server.match(method, request.path, request.info.hostname);
+    if (!route) {
+        throw Boom.notFound();
+    }
+    const settings = route.settings.cors;
+    if (!settings) {
+        return { message: 'CORS is disabled for this route' };
+    }
+    // Validate Origin header
+    const origin = request.headers.origin;
+    if (!origin &&
+        settings._origin !== false) {
+        throw Boom.notFound('CORS error: Missing Origin header');
+    }
+    if (!exports.matchOrigin(origin, settings)) {
+        return { message: 'CORS error: Origin not allowed' };
+    }
+    // Validate allowed headers
+    let headers = request.headers['access-control-request-headers'];
+    if (headers) {
+        headers = headers.toLowerCase().split(/\s*,\s*/);
+        if (Hoek.intersect(headers, settings._headers).length !== headers.length) {
+            return { message: 'CORS error: Some headers are not allowed' };
+        }
+    }
+    // Reply with the route CORS headers
+    const response = h.response();
+    response._header('access-control-allow-origin', settings._origin ? origin : '*');
+    response._header('access-control-allow-methods', method);
+    response._header('access-control-allow-headers', settings._headersString);
+    response._header('access-control-max-age', settings.maxAge);
+    if (settings.credentials) {
+        response._header('access-control-allow-credentials', 'true');
+    }
+    if (settings._exposedHeaders) {
+        response._header('access-control-expose-headers', settings._exposedHeaders);
+    }
+    return response;
+};
+exports.headers = function (request) {
+    const settings = request.route.settings.cors;
+    const response = request.response;
+    if (settings._origin !== false) {
+        response.vary('origin');
+    }
+    if ((request.info.cors && !request.info.cors.isOriginMatch) ||                          // After route lookup
+        !exports.matchOrigin(request.headers.origin, request.route.settings.cors)) {        // Response from onRequest
+        return;
+    }
+    response._header('access-control-allow-origin', settings._origin ? request.headers.origin : '*');
+    if (settings.credentials) {
+        response._header('access-control-allow-credentials', 'true');
+    }
+    if (settings._exposedHeaders) {
+        response._header('access-control-expose-headers', settings._exposedHeaders, { append: true });
+    }
+};
+exports.matchOrigin = function (origin, settings) {
+    if (settings._origin === true ||
+        settings._origin === false) {
+        return true;
+    }
+    if (!origin) {
+        return false;
+    }
+    if (settings._origin.qualified.indexOf(origin) !== -1) {
+        return true;
+    }
+    for (const wildcard of settings._origin.wildcards) {
+        if (origin.match(wildcard)) {
+            return true;
+        }
+    }
+    return false;
+};

package/lib/ext.js ADDED Viewed

@@ -0,0 +1,94 @@
+'use strict';
+const Hoek = require('hoek');
+const Topo = require('topo');
+const internals = {};
+exports = module.exports = internals.Ext = class {
+    constructor(type, core) {
+        this._topo = new Topo();
+        this._core = core;
+        this._routes = [];
+        this.type = type;
+        this.nodes = null;
+    }
+    add(event) {
+        const methods = [].concat(event.method);
+        const options = event.options;
+        for (const method of methods) {
+            const settings = {
+                before: options.before,
+                after: options.after,
+                group: event.realm.plugin,
+                sort: this._core.extensionsSeq++
+            };
+            const node = {
+                func: method,                       // Request: function (request, h), Server: function (server)
+                bind: options.bind,
+                server: event.server,               // Server event
+                realm: event.realm
+            };
+            this._topo.add(node, settings);
+        }
+        this.nodes = this._topo.nodes;
+        // Notify routes
+        for (const route of this._routes) {
+            route.rebuild(event);
+        }
+    }
+    merge(others) {
+        const merge = [];
+        for (const other of others) {
+            merge.push(other._topo);
+        }
+        this._topo.merge(merge);
+        this.nodes = (this._topo.nodes.length ? this._topo.nodes : null);
+    }
+    subscribe(route) {
+        this._routes.push(route);
+    }
+    static combine(route, type) {
+        const ext = new internals.Ext(type, route._core);
+        const events = route.settings.ext[type];
+        if (events) {
+            for (let event of events) {
+                event = Object.assign({}, event);       // Shallow cloned
+                Hoek.assert(!event.options.sandbox, 'Cannot specify sandbox option for route extension');
+                event.realm = route.realm;
+                ext.add(event);
+            }
+        }
+        const server = route._core.extensions.route[type];
+        const realm = route.realm._extensions[type];
+        ext.merge([server, realm]);
+        server.subscribe(route);
+        realm.subscribe(route);
+        return ext;
+    }
+};

package/lib/handler.js ADDED Viewed

@@ -0,0 +1,165 @@
+'use strict';
+const Hoek = require('hoek');
+const internals = {};
+exports.execute = async function (request) {
+    // Prerequisites
+    if (request._route._prerequisites) {
+        for (const set of request._route._prerequisites) {      // Serial execution of each set
+            const pres = [];
+            for (const item of set) {
+                pres.push(internals.handler(request, item.method, item));
+            }
+            const responses = await Promise.all(pres);                          // Parallel execution within sets
+            for (const response of responses) {
+                if (response !== undefined) {
+                    return response;
+                }
+            }
+        }
+    }
+    // Handler
+    const result = await internals.handler(request, request.route.settings.handler);
+    if (result._takeover ||
+        typeof result === 'symbol') {
+        return result;
+    }
+    request._setResponse(result);
+};
+internals.handler = async function (request, method, pre) {
+    const bind = request.route.settings.bind;
+    const realm = request.route.realm;
+    let response = await request._core.toolkit.execute(method, request, { bind, realm, continue: 'null' });
+    // Handler
+    if (!pre) {
+        if (response.isBoom) {
+            request._log(['handler', 'error'], response);
+            throw response;
+        }
+        return response;
+    }
+    // Pre
+    if (response.isBoom) {
+        response.assign = pre.assign;
+        response = await request._core.toolkit.failAction(request, pre.failAction, response, { tags: ['pre', 'error'], retain: true });
+    }
+    if (typeof response === 'symbol') {
+        return response;
+    }
+    if (pre.assign) {
+        request.pre[pre.assign] = (response.isBoom ? response : response.source);
+        request.preResponses[pre.assign] = response;
+    }
+    if (response._takeover) {
+        return response;
+    }
+};
+exports.defaults = function (method, handler, core) {
+    let defaults = null;
+    if (typeof handler === 'object') {
+        const type = Object.keys(handler)[0];
+        const serverHandler = core._decorations.handler[type];
+        Hoek.assert(serverHandler, 'Unknown handler:', type);
+        if (serverHandler.defaults) {
+            defaults = (typeof serverHandler.defaults === 'function' ? serverHandler.defaults(method) : serverHandler.defaults);
+        }
+    }
+    return defaults || {};
+};
+exports.configure = function (handler, route) {
+    if (typeof handler === 'object') {
+        const type = Object.keys(handler)[0];
+        const serverHandler = route._core._decorations.handler[type];
+        Hoek.assert(serverHandler, 'Unknown handler:', type);
+        return serverHandler(route.public, handler[type]);
+    }
+    return handler;
+};
+exports.prerequisitesConfig = function (config) {
+    if (!config) {
+        return null;
+    }
+    /*
+        [
+            [
+                function (request, h) { },
+                {
+                    method: function (request, h) { }
+                    assign: key1
+                },
+                {
+                    method: function (request, h) { },
+                    assign: key2
+                }
+            ],
+            {
+                method: function (request, h) { },
+                assign: key3
+            }
+        ]
+    */
+    const prerequisites = [];
+    for (let pres of config) {
+        pres = [].concat(pres);
+        const set = [];
+        for (let pre of pres) {
+            if (typeof pre !== 'object') {
+                pre = { method: pre };
+            }
+            const item = {
+                method: pre.method,
+                assign: pre.assign,
+                failAction: pre.failAction || 'error'
+            };
+            set.push(item);
+        }
+        prerequisites.push(set);
+    }
+    return prerequisites.length ? prerequisites : null;
+};

package/lib/headers.js ADDED Viewed

@@ -0,0 +1,200 @@
+'use strict';
+const Stream = require('stream');
+const Boom = require('boom');
+const Response = require('./response');
+const internals = {};
+exports.cache = function (request) {
+    const response = request.response;
+    if (response.headers['cache-control']) {
+        return;
+    }
+    const settings = request.route.settings.cache;
+    const policy = settings && request._route._cache && (settings._statuses.has(response.statusCode) || (response.statusCode === 304 && settings._statuses.has(200)));
+    if (policy ||
+        response.settings.ttl) {
+        const ttl = (response.settings.ttl !== null ? response.settings.ttl : request._route._cache.ttl());
+        const privacy = (request.auth.isAuthenticated || response.headers['set-cookie'] ? 'private' : settings.privacy || 'default');
+        response._header('cache-control', 'max-age=' + Math.floor(ttl / 1000) + ', must-revalidate' + (privacy !== 'default' ? ', ' + privacy : ''));
+    }
+    else if (settings) {
+        response._header('cache-control', settings.otherwise);
+    }
+};
+exports.content = async function (request) {
+    const response = request.response;
+    if (response._isPayloadSupported() ||
+        request.method === 'head') {
+        await response._marshal();
+        if (request.jsonp &&
+            response._payload.jsonp) {
+            response._header('content-type', 'text/javascript' + (response.settings.charset ? '; charset=' + response.settings.charset : ''));
+            response._header('x-content-type-options', 'nosniff');
+            response._payload.jsonp(request.jsonp);
+        }
+        if (response._payload.size &&
+            typeof response._payload.size === 'function') {
+            response._header('content-length', response._payload.size(), { override: false });
+        }
+        if (!response._isPayloadSupported()) {
+            response._close(request);                       // Close unused file streams
+            response._payload = new internals.Empty();      // Set empty stream
+        }
+        exports.type(request, true);
+    }
+    else {
+        // Set empty stream
+        response._close(request);                           // Close unused file streams
+        response._payload = new internals.Empty();
+        delete response.headers['content-length'];
+    }
+};
+exports.state = async function (request) {
+    const response = request.response;
+    const states = [];
+    for (const stateName in request._states) {
+        states.push(request._states[stateName]);
+    }
+    try {
+        for (const name in request._core.states.cookies) {
+            const autoValue = request._core.states.cookies[name].autoValue;
+            if (!autoValue || name in request._states || name in request.state) {
+                continue;
+            }
+            if (typeof autoValue !== 'function') {
+                states.push({ name, value: autoValue });
+                continue;
+            }
+            const value = await autoValue(request);
+            states.push({ name, value });
+        }
+        if (!states.length) {
+            return;
+        }
+        let header = await request._core.states.format(states);
+        const existing = response.headers['set-cookie'];
+        if (existing) {
+            header = (Array.isArray(existing) ? existing : [existing]).concat(header);
+        }
+        response._header('set-cookie', header);
+    }
+    catch (err) {
+        const error = Boom.boomify(err);
+        request._log(['state', 'response', 'error'], error);
+        request._states = {};                                           // Clear broken state
+        throw error;
+    }
+};
+exports.type = function (request, postMarshal) {
+    const response = request.response;
+    let type = response.headers['content-type'];
+    if (!type) {
+        if (response._contentType) {
+            const charset = (response.settings.charset && response._contentType !== 'application/octet-stream' ? '; charset=' + response.settings.charset : '');
+            response.type(response._contentType + charset);
+        }
+    }
+    else {
+        type = type.trim();
+        if ((!response._contentType || !postMarshal) &&
+            response.settings.charset &&
+            type.match(/^(?:text\/)|(?:application\/(?:json)|(?:javascript))/)) {
+            if (!type.match(/; *charset=/)) {
+                const semi = (type[type.length - 1] === ';');
+                response.type(type + (semi ? ' ' : '; ') + 'charset=' + (response.settings.charset));
+            }
+        }
+    }
+};
+exports.entity = function (request) {
+    if (!request._entity) {
+        return;
+    }
+    const response = request.response;
+    if (request._entity.etag &&
+        !response.headers.etag) {
+        response.etag(request._entity.etag, { vary: request._entity.vary });
+    }
+    if (request._entity.modified &&
+        !response.headers['last-modified']) {
+        response.header('last-modified', request._entity.modified);
+    }
+};
+exports.unmodified = function (request) {
+    const response = request.response;
+    if (response.statusCode === 304) {
+        return;
+    }
+    const entity = {
+        etag: response.headers.etag,
+        vary: response.settings.varyEtag,
+        modified: response.headers['last-modified']
+    };
+    if (Response.unmodified(request, entity)) {
+        response.code(304);
+    }
+};
+internals.Empty = class extends Stream.Readable {
+    _read(/* size */) {
+        this.push(null);
+    }
+    writeToStream(stream) {
+        stream.end();
+    }
+};

package/lib/index.js ADDED Viewed

@@ -0,0 +1,11 @@
+'use strict';
+const Server = require('./server');
+const internals = {};
+exports.Server = Server;
+exports.server = Server;