@dr.pogodin/react-utils 1.48.6 → 1.48.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. package/build/development/server/server.js +2 -1
  2. package/build/development/server/server.js.map +1 -1
  3. package/build/development/shared/components/Input/index.js +4 -1
  4. package/build/development/shared/components/Input/index.js.map +1 -1
  5. package/build/production/server/server.js +1 -1
  6. package/build/production/server/server.js.map +1 -1
  7. package/build/production/shared/components/Input/index.js +1 -1
  8. package/build/production/shared/components/Input/index.js.map +1 -1
  9. package/build/types-code/server/server.d.ts +1 -0
  10. package/build/types-code/shared/components/Input/index.d.ts +2 -1
  11. package/build/web/server/server.js +2 -1
  12. package/build/web/server/server.js.map +1 -1
  13. package/build/web/shared/components/Input/index.js +4 -1
  14. package/build/web/shared/components/Input/index.js.map +1 -1
  15. package/package.json +17 -17
package/build/development/server/server.js CHANGED
@@ -128,7 +128,8 @@ export default async function factory(webpackConfig, options) {
128
128
  server.use(cookieParser(options.cookieSignatureSecret));
129
129
  server.use(requestIp.mw());
130
130
  server.use(csrf({
131
- cookie: true
131
+ cookie: true,
132
+ ignoreRequest: options.csrfIgnoreRequest
132
133
  }));
133
134
  loggerMiddleware.token('ip', req => req.clientIp);
134
135
  const FORMAT = ':ip > :status :method :url :response-time ms :res[content-length] :referrer :user-agent';
package/build/development/server/server.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"server.js","names":["sep","pathToFileURL","cloneDeep","mapValues","pick","compression","cookieParser","csrf","express","favicon","helmet","loggerMiddleware","requestIp","v4","uuid","rendererFactory","CODES","ERRORS","getErrorForCode","newError","defaultCspSettings","directives","contentSecurityPolicy","getDefaultDirectives","array","filter","item","push","getDefaultCspSettings","factory","webpackConfig","options","rendererOps","renderer","publicPath","output","server","beforeExpressJsSetup","logger","httpsRedirect","use","req","res","next","schema","headers","url","host","originalUrl","redirect","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","noCsp","req2","nonce","cspNonce","cspSettings","cspSettingsHook","send","json","limit","urlencoded","extended","cookieSignatureSecret","mw","cookie","token","clientIp","FORMAT","stream","write","info","bind","get","static","path","setHeaders","set","devMode","global","location","href","process","cwd","default","webpack","webpackDevMiddleware","webpackHotMiddleware","compiler","serverSideRender","onExpressJsSetup","NOT_FOUND","dontAttachDefaultErrorHandler","beforeExpressJsError","error","headersSent","status","INTERNAL_SERVER_ERROR","serverSide","log","toString","message","env","NODE_ENV"],"sources":["../../../src/server/server.ts"],"sourcesContent":["/**\n * Creation of standard ExpressJS server for ReactJS apps.\n */\n\nimport { sep } from 'node:path';\nimport { pathToFileURL } from 'node:url';\n\nimport { cloneDeep, mapValues, pick } from 'lodash-es';\n\nimport compression from 'compression';\nimport cookieParser from 'cookie-parser';\nimport csrf from '@dr.pogodin/csurf';\n\nimport express, {\n type Express,\n type NextFunction,\n type Request,\n type Response,\n} from 'express';\n\nimport favicon from 'serve-favicon';\nimport helmet, { type HelmetOptions } from 'helmet';\nimport loggerMiddleware from 'morgan';\nimport requestIp from 'request-ip';\nimport { v4 as uuid } from 'uuid';\n\nimport type { Configuration } from 'webpack';\n\nimport rendererFactory, {\n type LoggerI,\n type OptionsT as RendererOptionsT,\n} from './renderer';\n\nimport {\n CODES,\n ERRORS,\n getErrorForCode,\n newError,\n} from './utils/errors';\n\nexport type CspOptionsT = Exclude<HelmetOptions['contentSecurityPolicy'], boolean | undefined>;\n\n// eslint-disable-next-line @typescript-eslint/consistent-type-definitions\ninterface RequestT extends Request {\n cspNonce: string;\n nonce: string;\n}\n\n/**\n * Default Content Security Policy settings.\n * @ignore\n */\nconst defaultCspSettings = {\n directives: mapValues(\n helmet.contentSecurityPolicy.getDefaultDirectives(),\n\n // 'https:' options (automatic re-write of insecure URLs to secure ones)\n // is removed to facilitate local development with HTTP server. In cloud\n // deployments we assume Apache or Nginx server in front of out app takes\n // care about such re-writes.\n (array) => (array as string[]).filter((item: string) => item !== 'https:'),\n ),\n};\ndefaultCspSettings.directives['frame-src'] = [\n \"'self'\",\n\n // YouTube domain is whitelisted to allow <YouTubeVideo> component to work\n // out of box.\n 'https://*.youtube.com',\n];\n\n{\n const directives = defaultCspSettings.directives['script-src'];\n if (directives) directives.push(\"'unsafe-eval'\");\n else defaultCspSettings.directives['script-src'] = [\"'unsafe-eval'\"];\n}\n\n// No need for automatic re-writes via Content Security Policy settings:\n// the forefront Apache or Nginx server is supposed to take care of this\n// in production cloud deployments.\ndelete defaultCspSettings.directives['upgrade-insecure-requests'];\n\n/**\n * @category Utilities\n * @func server/getDefaultCspSettings\n * @global\n * @desc\n * ```js\n * import { server } from '@dr.pogodin/react-utils';\n * const { getDefaultCspSettings } from '@dr.pogodin/react-utils';\n * ```\n * @return {{\n * directives: object\n * }} A deep copy of default CSP settings object used by `react-utils`,\n * with the exception of `nonce-xxx` clause in `script-src` directive,\n * which is added dynamically for each request.\n */\nexport function getDefaultCspSettings(): {\n directives: Record<string, string[]>;\n} {\n return cloneDeep(defaultCspSettings);\n}\n\nexport type ServerT = Express & {\n logger: LoggerI;\n};\n\nexport type OptionsT = RendererOptionsT & {\n beforeExpressJsError?:\n (server: ServerT) => boolean | Promise<boolean>;\n\n beforeExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n cookieSignatureSecret?: string;\n cspSettingsHook?: (\n defaultOptions: CspOptionsT,\n req: Request,\n ) => CspOptionsT;\n devMode?: boolean;\n httpsRedirect?: boolean;\n onExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n};\n\nexport default async function factory(\n webpackConfig: Configuration,\n options: OptionsT,\n): Promise<ServerT> {\n const rendererOps: RendererOptionsT = pick(options, [\n 'Application',\n 'beforeRender',\n 'favicon',\n 'logger',\n 'maxSsrRounds',\n 'noCsp',\n 'ssrTimeout',\n 'staticCacheController',\n 'staticCacheSize',\n ]);\n const renderer = rendererFactory(webpackConfig, rendererOps);\n const { publicPath } = webpackConfig.output!;\n\n const server = express() as ServerT;\n\n if (options.beforeExpressJsSetup) {\n await options.beforeExpressJsSetup(server);\n }\n\n if (options.logger) server.logger = options.logger;\n\n if (options.httpsRedirect) {\n server.use((req, res, next) => {\n const schema = req.headers['x-forwarded-proto'];\n if (schema === 'http') {\n let url = `https://${req.headers.host}`;\n if (req.originalUrl !== '/') url += req.originalUrl;\n res.redirect(url);\n return;\n }\n next();\n });\n }\n\n server.use(compression());\n server.use(\n helmet({\n contentSecurityPolicy: false,\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n }),\n );\n\n if (!options.noCsp) {\n server.use(\n (req: Request, res: Response, next: NextFunction) => {\n const req2 = req as RequestT;\n\n req2.nonce = uuid();\n\n // TODO: This is deprecated, but it is kept for now for backward\n // compatibility. Should be removed sometime later.\n req2.cspNonce = req2.nonce;\n\n // The deep clone is necessary here to ensure that default value can't be\n // mutated during request processing.\n let cspSettings: CspOptionsT = cloneDeep(defaultCspSettings);\n (cspSettings.directives?.['script-src'] as string[]).push(`'nonce-${req2.nonce}'`);\n if (options.cspSettingsHook) {\n cspSettings = options.cspSettingsHook(cspSettings, req);\n }\n helmet.contentSecurityPolicy(cspSettings)(req, res, next);\n },\n );\n }\n\n if (options.favicon) {\n server.use(favicon(options.favicon));\n }\n\n server.use('/robots.txt', (req, res) => {\n res.send('User-agent: *\\nDisallow:');\n });\n\n server.use(express.json({ limit: '300kb' }));\n server.use(express.urlencoded({ extended: false }));\n server.use(cookieParser(options.cookieSignatureSecret));\n server.use(requestIp.mw());\n\n server.use(csrf({ cookie: true }));\n\n loggerMiddleware.token(\n 'ip',\n (req: Request & { clientIp: string }) => req.clientIp,\n );\n const FORMAT = ':ip > :status :method :url :response-time ms :res[content-length] :referrer :user-agent';\n server.use(loggerMiddleware(FORMAT, {\n stream: {\n // TODO: This implies the logger is always set. Is it on a higher level?\n // then mark it as always present.\n write: options.logger!.info.bind(options.logger),\n },\n }));\n\n // Note: no matter the \"public path\", we want the service worker, if any,\n // to be served from the root, to have all web app pages in its scope.\n // Thus, this setup to serve it. Probably, need some more configuration\n // for special cases, but this will do for now.\n server.get('/__service-worker.js', express.static(\n webpackConfig.output?.path ?? '',\n {\n setHeaders: (res) => res.set('Cache-Control', 'no-cache'),\n },\n ));\n\n /* Setup of Hot Module Reloading for development environment.\n * These dependencies are not used, nor installed for production use,\n * hence we should violate some import-related lint rules. */\n /* eslint-disable import/no-extraneous-dependencies */\n if (options.devMode) {\n // This is a workaround for SASS bug:\n // https://github.com/dart-lang/sdk/issues/27979\n // which manifests itself sometimes when webpack dev middleware is used\n // (in dev mode), and app modules are imported in some unfortunate ways.\n // TODO: Double-check, what is going on here.\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n if (!global.location) {\n global.location = {\n href: `${pathToFileURL(process.cwd()).href}${sep}`,\n } as Location;\n }\n\n const { default: webpack } = await import(/* webpackChunkName: \"server-side-code\" */ 'webpack');\n\n const { default: webpackDevMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-dev-middleware'\n );\n\n const { default: webpackHotMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-hot-middleware'\n );\n\n const compiler = webpack(webpackConfig);\n\n server.use(webpackDevMiddleware(compiler, {\n publicPath,\n serverSideRender: true,\n }));\n server.use(webpackHotMiddleware(compiler));\n }\n /* eslint-enable import/no-extraneous-dependencies */\n\n server.use(publicPath as string, express.static(webpackConfig.output!.path!));\n\n if (options.onExpressJsSetup) {\n await options.onExpressJsSetup(server);\n }\n server.use(renderer);\n\n /* Detects 404 errors, and forwards them to the error handler. */\n server.use((req, res, next) => {\n next(newError(ERRORS.NOT_FOUND, CODES.NOT_FOUND));\n });\n\n let dontAttachDefaultErrorHandler;\n if (options.beforeExpressJsError) {\n dontAttachDefaultErrorHandler = await options.beforeExpressJsError(server);\n }\n\n /* Error handler. */\n if (!dontAttachDefaultErrorHandler) {\n // TODO: Do we need this error handler at all? It actually seems to do\n // what the default ExpressJS error handler does anyway, see:\n // https://expressjs.com/en/guide/error-handling.html\n //\n // TODO: It is better to move the default error handler definition\n // to a stand-alone function at top-level, but the use of options.logger\n // prevents to do it without some extra refactoring. Should be done sometime\n // though.\n server.use((\n error: Error & {\n status?: number;\n },\n req: Request,\n res: Response,\n next: NextFunction,\n ) => {\n // TODO: This is needed to correctly handled any errors thrown after\n // sending initial response to the client.\n if (res.headersSent) {\n next(error);\n return;\n }\n\n const status = error.status ?? CODES.INTERNAL_SERVER_ERROR;\n const serverSide = status >= (CODES.INTERNAL_SERVER_ERROR as number);\n\n // Log server-side errors always, client-side at debug level only.\n options.logger!.log(serverSide ? 'error' : 'debug', error.toString());\n\n let message = error.message || getErrorForCode(status);\n if (serverSide && process.env.NODE_ENV === 'production') {\n message = ERRORS.INTERNAL_SERVER_ERROR;\n }\n\n res.status(status).send(message);\n });\n }\n\n return server;\n}\n"],"mappings":";;;;AAAA;AACA;AACA;;AAEA,SAASA,GAAG,QAAQ,WAAW;AAC/B,SAASC,aAAa,QAAQ,UAAU;AAExC,SAASC,SAAS,EAAEC,SAAS,EAAEC,IAAI,QAAQ,WAAW;AAEtD,OAAOC,WAAW,MAAM,aAAa;AACrC,OAAOC,YAAY,MAAM,eAAe;AACxC,OAAOC,IAAI,MAAM,mBAAmB;AAEpC,OAAOC,OAAO,MAKP,SAAS;AAEhB,OAAOC,OAAO,MAAM,eAAe;AACnC,OAAOC,MAAM,MAA8B,QAAQ;AACnD,OAAOC,gBAAgB,MAAM,QAAQ;AACrC,OAAOC,SAAS,MAAM,YAAY;AAClC,SAASC,EAAE,IAAIC,IAAI,QAAQ,MAAM;AAAA,OAI1BC,eAAe;AAAA,SAMpBC,KAAK,EACLC,MAAM,EACNC,eAAe,EACfC,QAAQ,6BAKV;AAMA;AACA;AACA;AACA;AACA,MAAMC,kBAAkB,GAAG;EACzBC,UAAU,EAAElB,SAAS,CACnBO,MAAM,CAACY,qBAAqB,CAACC,oBAAoB,CAAC,CAAC;EAEnD;EACA;EACA;EACA;EACCC,KAAK,IAAMA,KAAK,CAAcC,MAAM,CAAEC,IAAY,IAAKA,IAAI,KAAK,QAAQ,CAC3E;AACF,CAAC;AACDN,kBAAkB,CAACC,UAAU,CAAC,WAAW,CAAC,GAAG,CAC3C,QAAQ;AAER;AACA;AACA,uBAAuB,CACxB;AAED;EACE,MAAMA,UAAU,GAAGD,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC;EAC9D,IAAIA,UAAU,EAAEA,UAAU,CAACM,IAAI,CAAC,eAAe,CAAC,CAAC,KAC5CP,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC;AACtE;;AAEA;AACA;AACA;AACA,OAAOD,kBAAkB,CAACC,UAAU,CAAC,2BAA2B,CAAC;;AAEjE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASO,qBAAqBA,CAAA,EAEnC;EACA,OAAO1B,SAAS,CAACkB,kBAAkB,CAAC;AACtC;AAqBA,eAAe,eAAeS,OAAOA,CACnCC,aAA4B,EAC5BC,OAAiB,EACC;EAClB,MAAMC,WAA6B,GAAG5B,IAAI,CAAC2B,OAAO,EAAE,CAClD,aAAa,EACb,cAAc,EACd,SAAS,EACT,QAAQ,EACR,cAAc,EACd,OAAO,EACP,YAAY,EACZ,uBAAuB,EACvB,iBAAiB,CAClB,CAAC;EACF,MAAME,QAAQ,GAAGlB,eAAe,CAACe,aAAa,EAAEE,WAAW,CAAC;EAC5D,MAAM;IAAEE;EAAW,CAAC,GAAGJ,aAAa,CAACK,MAAO;EAE5C,MAAMC,MAAM,GAAG5B,OAAO,CAAC,CAAY;EAEnC,IAAIuB,OAAO,CAACM,oBAAoB,EAAE;IAChC,MAAMN,OAAO,CAACM,oBAAoB,CAACD,MAAM,CAAC;EAC5C;EAEA,IAAIL,OAAO,CAACO,MAAM,EAAEF,MAAM,CAACE,MAAM,GAAGP,OAAO,CAACO,MAAM;EAElD,IAAIP,OAAO,CAACQ,aAAa,EAAE;IACzBH,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,EAAEC,GAAG,EAAEC,IAAI,KAAK;MAC7B,MAAMC,MAAM,GAAGH,GAAG,CAACI,OAAO,CAAC,mBAAmB,CAAC;MAC/C,IAAID,MAAM,KAAK,MAAM,EAAE;QACrB,IAAIE,GAAG,GAAG,WAAWL,GAAG,CAACI,OAAO,CAACE,IAAI,EAAE;QACvC,IAAIN,GAAG,CAACO,WAAW,KAAK,GAAG,EAAEF,GAAG,IAAIL,GAAG,CAACO,WAAW;QACnDN,GAAG,CAACO,QAAQ,CAACH,GAAG,CAAC;QACjB;MACF;MACAH,IAAI,CAAC,CAAC;IACR,CAAC,CAAC;EACJ;EAEAP,MAAM,CAACI,GAAG,CAACnC,WAAW,CAAC,CAAC,CAAC;EACzB+B,MAAM,CAACI,GAAG,CACR9B,MAAM,CAAC;IACLY,qBAAqB,EAAE,KAAK;IAC5B4B,yBAAyB,EAAE,KAAK;IAChCC,uBAAuB,EAAE,KAAK;IAC9BC,yBAAyB,EAAE;EAC7B,CAAC,CACH,CAAC;EAED,IAAI,CAACrB,OAAO,CAACsB,KAAK,EAAE;IAClBjB,MAAM,CAACI,GAAG,CACR,CAACC,GAAY,EAAEC,GAAa,EAAEC,IAAkB,KAAK;MACnD,MAAMW,IAAI,GAAGb,GAAe;MAE5Ba,IAAI,CAACC,KAAK,GAAGzC,IAAI,CAAC,CAAC;;MAEnB;MACA;MACAwC,IAAI,CAACE,QAAQ,GAAGF,IAAI,CAACC,KAAK;;MAE1B;MACA;MACA,IAAIE,WAAwB,GAAGvD,SAAS,CAACkB,kBAAkB,CAAC;MAC5D,CAACqC,WAAW,CAACpC,UAAU,GAAG,YAAY,CAAC,EAAcM,IAAI,CAAC,UAAU2B,IAAI,CAACC,KAAK,GAAG,CAAC;MAClF,IAAIxB,OAAO,CAAC2B,eAAe,EAAE;QAC3BD,WAAW,GAAG1B,OAAO,CAAC2B,eAAe,CAACD,WAAW,EAAEhB,GAAG,CAAC;MACzD;MACA/B,MAAM,CAACY,qBAAqB,CAACmC,WAAW,CAAC,CAAChB,GAAG,EAAEC,GAAG,EAAEC,IAAI,CAAC;IAC3D,CACF,CAAC;EACH;EAEA,IAAIZ,OAAO,CAACtB,OAAO,EAAE;IACnB2B,MAAM,CAACI,GAAG,CAAC/B,OAAO,CAACsB,OAAO,CAACtB,OAAO,CAAC,CAAC;EACtC;EAEA2B,MAAM,CAACI,GAAG,CAAC,aAAa,EAAE,CAACC,GAAG,EAAEC,GAAG,KAAK;IACtCA,GAAG,CAACiB,IAAI,CAAC,0BAA0B,CAAC;EACtC,CAAC,CAAC;EAEFvB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACoD,IAAI,CAAC;IAAEC,KAAK,EAAE;EAAQ,CAAC,CAAC,CAAC;EAC5CzB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACsD,UAAU,CAAC;IAAEC,QAAQ,EAAE;EAAM,CAAC,CAAC,CAAC;EACnD3B,MAAM,CAACI,GAAG,CAAClC,YAAY,CAACyB,OAAO,CAACiC,qBAAqB,CAAC,CAAC;EACvD5B,MAAM,CAACI,GAAG,CAAC5B,SAAS,CAACqD,EAAE,CAAC,CAAC,CAAC;EAE1B7B,MAAM,CAACI,GAAG,CAACjC,IAAI,CAAC;IAAE2D,MAAM,EAAE;EAAK,CAAC,CAAC,CAAC;EAElCvD,gBAAgB,CAACwD,KAAK,CACpB,IAAI,EACH1B,GAAmC,IAAKA,GAAG,CAAC2B,QAC/C,CAAC;EACD,MAAMC,MAAM,GAAG,yFAAyF;EACxGjC,MAAM,CAACI,GAAG,CAAC7B,gBAAgB,CAAC0D,MAAM,EAAE;IAClCC,MAAM,EAAE;MACN;MACA;MACAC,KAAK,EAAExC,OAAO,CAACO,MAAM,CAAEkC,IAAI,CAACC,IAAI,CAAC1C,OAAO,CAACO,MAAM;IACjD;EACF,CAAC,CAAC,CAAC;;EAEH;EACA;EACA;EACA;EACAF,MAAM,CAACsC,GAAG,CAAC,sBAAsB,EAAElE,OAAO,CAACmE,MAAM,CAC/C7C,aAAa,CAACK,MAAM,EAAEyC,IAAI,IAAI,EAAE,EAChC;IACEC,UAAU,EAAGnC,GAAG,IAAKA,GAAG,CAACoC,GAAG,CAAC,eAAe,EAAE,UAAU;EAC1D,CACF,CAAC,CAAC;;EAEF;AACF;AACA;EACE;EACA,IAAI/C,OAAO,CAACgD,OAAO,EAAE;IACnB;IACA;IACA;IACA;IACA;IACA;IACA,IAAI,CAACC,MAAM,CAACC,QAAQ,EAAE;MACpBD,MAAM,CAACC,QAAQ,GAAG;QAChBC,IAAI,EAAE,GAAGjF,aAAa,CAACkF,OAAO,CAACC,GAAG,CAAC,CAAC,CAAC,CAACF,IAAI,GAAGlF,GAAG;MAClD,CAAa;IACf;IAEA,MAAM;MAAEqF,OAAO,EAAEC;IAAQ,CAAC,GAAG,MAAM,MAAM,CAAC,0CAA2C,SAAS,CAAC;IAE/F,MAAM;MAAED,OAAO,EAAEE;IAAqB,CAAC,GAAG,MAAM,MAAM,CACpD,0CAA2C,wBAC7C,CAAC;IAED,MAAM;MAAEF,OAAO,EAAEG;IAAqB,CAAC,GAAG,MAAM,MAAM,CACpD,0CAA2C,wBAC7C,CAAC;IAED,MAAMC,QAAQ,GAAGH,OAAO,CAACxD,aAAa,CAAC;IAEvCM,MAAM,CAACI,GAAG,CAAC+C,oBAAoB,CAACE,QAAQ,EAAE;MACxCvD,UAAU;MACVwD,gBAAgB,EAAE;IACpB,CAAC,CAAC,CAAC;IACHtD,MAAM,CAACI,GAAG,CAACgD,oBAAoB,CAACC,QAAQ,CAAC,CAAC;EAC5C;EACA;;EAEArD,MAAM,CAACI,GAAG,CAACN,UAAU,EAAY1B,OAAO,CAACmE,MAAM,CAAC7C,aAAa,CAACK,MAAM,CAAEyC,IAAK,CAAC,CAAC;EAE7E,IAAI7C,OAAO,CAAC4D,gBAAgB,EAAE;IAC5B,MAAM5D,OAAO,CAAC4D,gBAAgB,CAACvD,MAAM,CAAC;EACxC;EACAA,MAAM,CAACI,GAAG,CAACP,QAAQ,CAAC;;EAEpB;EACAG,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,EAAEC,GAAG,EAAEC,IAAI,KAAK;IAC7BA,IAAI,CAACxB,QAAQ,CAACF,MAAM,CAAC2E,SAAS,EAAE5E,KAAK,CAAC4E,SAAS,CAAC,CAAC;EACnD,CAAC,CAAC;EAEF,IAAIC,6BAA6B;EACjC,IAAI9D,OAAO,CAAC+D,oBAAoB,EAAE;IAChCD,6BAA6B,GAAG,MAAM9D,OAAO,CAAC+D,oBAAoB,CAAC1D,MAAM,CAAC;EAC5E;;EAEA;EACA,IAAI,CAACyD,6BAA6B,EAAE;IAClC;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACAzD,MAAM,CAACI,GAAG,CAAC,CACTuD,KAEC,EACDtD,GAAY,EACZC,GAAa,EACbC,IAAkB,KACf;MACH;MACA;MACA,IAAID,GAAG,CAACsD,WAAW,EAAE;QACnBrD,IAAI,CAACoD,KAAK,CAAC;QACX;MACF;MAEA,MAAME,MAAM,GAAGF,KAAK,CAACE,MAAM,IAAIjF,KAAK,CAACkF,qBAAqB;MAC1D,MAAMC,UAAU,GAAGF,MAAM,IAAKjF,KAAK,CAACkF,qBAAgC;;MAEpE;MACAnE,OAAO,CAACO,MAAM,CAAE8D,GAAG,CAACD,UAAU,GAAG,OAAO,GAAG,OAAO,EAAEJ,KAAK,CAACM,QAAQ,CAAC,CAAC,CAAC;MAErE,IAAIC,OAAO,GAAGP,KAAK,CAACO,OAAO,IAAIpF,eAAe,CAAC+E,MAAM,CAAC;MACtD,IAAIE,UAAU,IAAIhB,OAAO,CAACoB,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;QACvDF,OAAO,GAAGrF,MAAM,CAACiF,qBAAqB;MACxC;MAEAxD,GAAG,CAACuD,MAAM,CAACA,MAAM,CAAC,CAACtC,IAAI,CAAC2C,OAAO,CAAC;IAClC,CAAC,CAAC;EACJ;EAEA,OAAOlE,MAAM;AACf","ignoreList":[]}
1
+ {"version":3,"file":"server.js","names":["sep","pathToFileURL","cloneDeep","mapValues","pick","compression","cookieParser","csrf","express","favicon","helmet","loggerMiddleware","requestIp","v4","uuid","rendererFactory","CODES","ERRORS","getErrorForCode","newError","defaultCspSettings","directives","contentSecurityPolicy","getDefaultDirectives","array","filter","item","push","getDefaultCspSettings","factory","webpackConfig","options","rendererOps","renderer","publicPath","output","server","beforeExpressJsSetup","logger","httpsRedirect","use","req","res","next","schema","headers","url","host","originalUrl","redirect","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","noCsp","req2","nonce","cspNonce","cspSettings","cspSettingsHook","send","json","limit","urlencoded","extended","cookieSignatureSecret","mw","cookie","ignoreRequest","csrfIgnoreRequest","token","clientIp","FORMAT","stream","write","info","bind","get","static","path","setHeaders","set","devMode","global","location","href","process","cwd","default","webpack","webpackDevMiddleware","webpackHotMiddleware","compiler","serverSideRender","onExpressJsSetup","NOT_FOUND","dontAttachDefaultErrorHandler","beforeExpressJsError","error","headersSent","status","INTERNAL_SERVER_ERROR","serverSide","log","toString","message","env","NODE_ENV"],"sources":["../../../src/server/server.ts"],"sourcesContent":["/**\n * Creation of standard ExpressJS server for ReactJS apps.\n */\n\nimport { sep } from 'node:path';\nimport { pathToFileURL } from 'node:url';\n\nimport { cloneDeep, mapValues, pick } from 'lodash-es';\n\nimport compression from 'compression';\nimport cookieParser from 'cookie-parser';\nimport csrf from '@dr.pogodin/csurf';\n\nimport express, {\n type Express,\n type NextFunction,\n type Request,\n type Response,\n} from 'express';\n\nimport favicon from 'serve-favicon';\nimport helmet, { type HelmetOptions } from 'helmet';\nimport loggerMiddleware from 'morgan';\nimport requestIp from 'request-ip';\nimport { v4 as uuid } from 'uuid';\n\nimport type { Configuration } from 'webpack';\n\nimport rendererFactory, {\n type LoggerI,\n type OptionsT as RendererOptionsT,\n} from './renderer';\n\nimport {\n CODES,\n ERRORS,\n getErrorForCode,\n newError,\n} from './utils/errors';\n\nexport type CspOptionsT = Exclude<HelmetOptions['contentSecurityPolicy'], boolean | undefined>;\n\n// eslint-disable-next-line @typescript-eslint/consistent-type-definitions\ninterface RequestT extends Request {\n cspNonce: string;\n nonce: string;\n}\n\n/**\n * Default Content Security Policy settings.\n * @ignore\n */\nconst defaultCspSettings = {\n directives: mapValues(\n helmet.contentSecurityPolicy.getDefaultDirectives(),\n\n // 'https:' options (automatic re-write of insecure URLs to secure ones)\n // is removed to facilitate local development with HTTP server. In cloud\n // deployments we assume Apache or Nginx server in front of out app takes\n // care about such re-writes.\n (array) => (array as string[]).filter((item: string) => item !== 'https:'),\n ),\n};\ndefaultCspSettings.directives['frame-src'] = [\n \"'self'\",\n\n // YouTube domain is whitelisted to allow <YouTubeVideo> component to work\n // out of box.\n 'https://*.youtube.com',\n];\n\n{\n const directives = defaultCspSettings.directives['script-src'];\n if (directives) directives.push(\"'unsafe-eval'\");\n else defaultCspSettings.directives['script-src'] = [\"'unsafe-eval'\"];\n}\n\n// No need for automatic re-writes via Content Security Policy settings:\n// the forefront Apache or Nginx server is supposed to take care of this\n// in production cloud deployments.\ndelete defaultCspSettings.directives['upgrade-insecure-requests'];\n\n/**\n * @category Utilities\n * @func server/getDefaultCspSettings\n * @global\n * @desc\n * ```js\n * import { server } from '@dr.pogodin/react-utils';\n * const { getDefaultCspSettings } from '@dr.pogodin/react-utils';\n * ```\n * @return {{\n * directives: object\n * }} A deep copy of default CSP settings object used by `react-utils`,\n * with the exception of `nonce-xxx` clause in `script-src` directive,\n * which is added dynamically for each request.\n */\nexport function getDefaultCspSettings(): {\n directives: Record<string, string[]>;\n} {\n return cloneDeep(defaultCspSettings);\n}\n\nexport type ServerT = Express & {\n logger: LoggerI;\n};\n\nexport type OptionsT = RendererOptionsT & {\n beforeExpressJsError?:\n (server: ServerT) => boolean | Promise<boolean>;\n\n beforeExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n cookieSignatureSecret?: string;\n cspSettingsHook?: (\n defaultOptions: CspOptionsT,\n req: Request,\n ) => CspOptionsT;\n csrfIgnoreRequest?: (req: Request) => boolean;\n devMode?: boolean;\n httpsRedirect?: boolean;\n onExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n};\n\nexport default async function factory(\n webpackConfig: Configuration,\n options: OptionsT,\n): Promise<ServerT> {\n const rendererOps: RendererOptionsT = pick(options, [\n 'Application',\n 'beforeRender',\n 'favicon',\n 'logger',\n 'maxSsrRounds',\n 'noCsp',\n 'ssrTimeout',\n 'staticCacheController',\n 'staticCacheSize',\n ]);\n const renderer = rendererFactory(webpackConfig, rendererOps);\n const { publicPath } = webpackConfig.output!;\n\n const server = express() as ServerT;\n\n if (options.beforeExpressJsSetup) {\n await options.beforeExpressJsSetup(server);\n }\n\n if (options.logger) server.logger = options.logger;\n\n if (options.httpsRedirect) {\n server.use((req, res, next) => {\n const schema = req.headers['x-forwarded-proto'];\n if (schema === 'http') {\n let url = `https://${req.headers.host}`;\n if (req.originalUrl !== '/') url += req.originalUrl;\n res.redirect(url);\n return;\n }\n next();\n });\n }\n\n server.use(compression());\n server.use(\n helmet({\n contentSecurityPolicy: false,\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n }),\n );\n\n if (!options.noCsp) {\n server.use(\n (req: Request, res: Response, next: NextFunction) => {\n const req2 = req as RequestT;\n\n req2.nonce = uuid();\n\n // TODO: This is deprecated, but it is kept for now for backward\n // compatibility. Should be removed sometime later.\n req2.cspNonce = req2.nonce;\n\n // The deep clone is necessary here to ensure that default value can't be\n // mutated during request processing.\n let cspSettings: CspOptionsT = cloneDeep(defaultCspSettings);\n (cspSettings.directives?.['script-src'] as string[]).push(`'nonce-${req2.nonce}'`);\n if (options.cspSettingsHook) {\n cspSettings = options.cspSettingsHook(cspSettings, req);\n }\n helmet.contentSecurityPolicy(cspSettings)(req, res, next);\n },\n );\n }\n\n if (options.favicon) {\n server.use(favicon(options.favicon));\n }\n\n server.use('/robots.txt', (req, res) => {\n res.send('User-agent: *\\nDisallow:');\n });\n\n server.use(express.json({ limit: '300kb' }));\n server.use(express.urlencoded({ extended: false }));\n server.use(cookieParser(options.cookieSignatureSecret));\n server.use(requestIp.mw());\n\n server.use(csrf({\n cookie: true,\n ignoreRequest: options.csrfIgnoreRequest,\n }));\n\n loggerMiddleware.token(\n 'ip',\n (req: Request & { clientIp: string }) => req.clientIp,\n );\n const FORMAT = ':ip > :status :method :url :response-time ms :res[content-length] :referrer :user-agent';\n server.use(loggerMiddleware(FORMAT, {\n stream: {\n // TODO: This implies the logger is always set. Is it on a higher level?\n // then mark it as always present.\n write: options.logger!.info.bind(options.logger),\n },\n }));\n\n // Note: no matter the \"public path\", we want the service worker, if any,\n // to be served from the root, to have all web app pages in its scope.\n // Thus, this setup to serve it. Probably, need some more configuration\n // for special cases, but this will do for now.\n server.get('/__service-worker.js', express.static(\n webpackConfig.output?.path ?? '',\n {\n setHeaders: (res) => res.set('Cache-Control', 'no-cache'),\n },\n ));\n\n /* Setup of Hot Module Reloading for development environment.\n * These dependencies are not used, nor installed for production use,\n * hence we should violate some import-related lint rules. */\n /* eslint-disable import/no-extraneous-dependencies */\n if (options.devMode) {\n // This is a workaround for SASS bug:\n // https://github.com/dart-lang/sdk/issues/27979\n // which manifests itself sometimes when webpack dev middleware is used\n // (in dev mode), and app modules are imported in some unfortunate ways.\n // TODO: Double-check, what is going on here.\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n if (!global.location) {\n global.location = {\n href: `${pathToFileURL(process.cwd()).href}${sep}`,\n } as Location;\n }\n\n const { default: webpack } = await import(/* webpackChunkName: \"server-side-code\" */ 'webpack');\n\n const { default: webpackDevMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-dev-middleware'\n );\n\n const { default: webpackHotMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-hot-middleware'\n );\n\n const compiler = webpack(webpackConfig);\n\n server.use(webpackDevMiddleware(compiler, {\n publicPath,\n serverSideRender: true,\n }));\n server.use(webpackHotMiddleware(compiler));\n }\n /* eslint-enable import/no-extraneous-dependencies */\n\n server.use(publicPath as string, express.static(webpackConfig.output!.path!));\n\n if (options.onExpressJsSetup) {\n await options.onExpressJsSetup(server);\n }\n server.use(renderer);\n\n /* Detects 404 errors, and forwards them to the error handler. */\n server.use((req, res, next) => {\n next(newError(ERRORS.NOT_FOUND, CODES.NOT_FOUND));\n });\n\n let dontAttachDefaultErrorHandler;\n if (options.beforeExpressJsError) {\n dontAttachDefaultErrorHandler = await options.beforeExpressJsError(server);\n }\n\n /* Error handler. */\n if (!dontAttachDefaultErrorHandler) {\n // TODO: Do we need this error handler at all? It actually seems to do\n // what the default ExpressJS error handler does anyway, see:\n // https://expressjs.com/en/guide/error-handling.html\n //\n // TODO: It is better to move the default error handler definition\n // to a stand-alone function at top-level, but the use of options.logger\n // prevents to do it without some extra refactoring. Should be done sometime\n // though.\n server.use((\n error: Error & {\n status?: number;\n },\n req: Request,\n res: Response,\n next: NextFunction,\n ) => {\n // TODO: This is needed to correctly handled any errors thrown after\n // sending initial response to the client.\n if (res.headersSent) {\n next(error);\n return;\n }\n\n const status = error.status ?? CODES.INTERNAL_SERVER_ERROR;\n const serverSide = status >= (CODES.INTERNAL_SERVER_ERROR as number);\n\n // Log server-side errors always, client-side at debug level only.\n options.logger!.log(serverSide ? 'error' : 'debug', error.toString());\n\n let message = error.message || getErrorForCode(status);\n if (serverSide && process.env.NODE_ENV === 'production') {\n message = ERRORS.INTERNAL_SERVER_ERROR;\n }\n\n res.status(status).send(message);\n });\n }\n\n return server;\n}\n"],"mappings":";;;;AAAA;AACA;AACA;;AAEA,SAASA,GAAG,QAAQ,WAAW;AAC/B,SAASC,aAAa,QAAQ,UAAU;AAExC,SAASC,SAAS,EAAEC,SAAS,EAAEC,IAAI,QAAQ,WAAW;AAEtD,OAAOC,WAAW,MAAM,aAAa;AACrC,OAAOC,YAAY,MAAM,eAAe;AACxC,OAAOC,IAAI,MAAM,mBAAmB;AAEpC,OAAOC,OAAO,MAKP,SAAS;AAEhB,OAAOC,OAAO,MAAM,eAAe;AACnC,OAAOC,MAAM,MAA8B,QAAQ;AACnD,OAAOC,gBAAgB,MAAM,QAAQ;AACrC,OAAOC,SAAS,MAAM,YAAY;AAClC,SAASC,EAAE,IAAIC,IAAI,QAAQ,MAAM;AAAA,OAI1BC,eAAe;AAAA,SAMpBC,KAAK,EACLC,MAAM,EACNC,eAAe,EACfC,QAAQ,6BAKV;AAMA;AACA;AACA;AACA;AACA,MAAMC,kBAAkB,GAAG;EACzBC,UAAU,EAAElB,SAAS,CACnBO,MAAM,CAACY,qBAAqB,CAACC,oBAAoB,CAAC,CAAC;EAEnD;EACA;EACA;EACA;EACCC,KAAK,IAAMA,KAAK,CAAcC,MAAM,CAAEC,IAAY,IAAKA,IAAI,KAAK,QAAQ,CAC3E;AACF,CAAC;AACDN,kBAAkB,CAACC,UAAU,CAAC,WAAW,CAAC,GAAG,CAC3C,QAAQ;AAER;AACA;AACA,uBAAuB,CACxB;AAED;EACE,MAAMA,UAAU,GAAGD,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC;EAC9D,IAAIA,UAAU,EAAEA,UAAU,CAACM,IAAI,CAAC,eAAe,CAAC,CAAC,KAC5CP,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC;AACtE;;AAEA;AACA;AACA;AACA,OAAOD,kBAAkB,CAACC,UAAU,CAAC,2BAA2B,CAAC;;AAEjE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASO,qBAAqBA,CAAA,EAEnC;EACA,OAAO1B,SAAS,CAACkB,kBAAkB,CAAC;AACtC;AAsBA,eAAe,eAAeS,OAAOA,CACnCC,aAA4B,EAC5BC,OAAiB,EACC;EAClB,MAAMC,WAA6B,GAAG5B,IAAI,CAAC2B,OAAO,EAAE,CAClD,aAAa,EACb,cAAc,EACd,SAAS,EACT,QAAQ,EACR,cAAc,EACd,OAAO,EACP,YAAY,EACZ,uBAAuB,EACvB,iBAAiB,CAClB,CAAC;EACF,MAAME,QAAQ,GAAGlB,eAAe,CAACe,aAAa,EAAEE,WAAW,CAAC;EAC5D,MAAM;IAAEE;EAAW,CAAC,GAAGJ,aAAa,CAACK,MAAO;EAE5C,MAAMC,MAAM,GAAG5B,OAAO,CAAC,CAAY;EAEnC,IAAIuB,OAAO,CAACM,oBAAoB,EAAE;IAChC,MAAMN,OAAO,CAACM,oBAAoB,CAACD,MAAM,CAAC;EAC5C;EAEA,IAAIL,OAAO,CAACO,MAAM,EAAEF,MAAM,CAACE,MAAM,GAAGP,OAAO,CAACO,MAAM;EAElD,IAAIP,OAAO,CAACQ,aAAa,EAAE;IACzBH,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,EAAEC,GAAG,EAAEC,IAAI,KAAK;MAC7B,MAAMC,MAAM,GAAGH,GAAG,CAACI,OAAO,CAAC,mBAAmB,CAAC;MAC/C,IAAID,MAAM,KAAK,MAAM,EAAE;QACrB,IAAIE,GAAG,GAAG,WAAWL,GAAG,CAACI,OAAO,CAACE,IAAI,EAAE;QACvC,IAAIN,GAAG,CAACO,WAAW,KAAK,GAAG,EAAEF,GAAG,IAAIL,GAAG,CAACO,WAAW;QACnDN,GAAG,CAACO,QAAQ,CAACH,GAAG,CAAC;QACjB;MACF;MACAH,IAAI,CAAC,CAAC;IACR,CAAC,CAAC;EACJ;EAEAP,MAAM,CAACI,GAAG,CAACnC,WAAW,CAAC,CAAC,CAAC;EACzB+B,MAAM,CAACI,GAAG,CACR9B,MAAM,CAAC;IACLY,qBAAqB,EAAE,KAAK;IAC5B4B,yBAAyB,EAAE,KAAK;IAChCC,uBAAuB,EAAE,KAAK;IAC9BC,yBAAyB,EAAE;EAC7B,CAAC,CACH,CAAC;EAED,IAAI,CAACrB,OAAO,CAACsB,KAAK,EAAE;IAClBjB,MAAM,CAACI,GAAG,CACR,CAACC,GAAY,EAAEC,GAAa,EAAEC,IAAkB,KAAK;MACnD,MAAMW,IAAI,GAAGb,GAAe;MAE5Ba,IAAI,CAACC,KAAK,GAAGzC,IAAI,CAAC,CAAC;;MAEnB;MACA;MACAwC,IAAI,CAACE,QAAQ,GAAGF,IAAI,CAACC,KAAK;;MAE1B;MACA;MACA,IAAIE,WAAwB,GAAGvD,SAAS,CAACkB,kBAAkB,CAAC;MAC5D,CAACqC,WAAW,CAACpC,UAAU,GAAG,YAAY,CAAC,EAAcM,IAAI,CAAC,UAAU2B,IAAI,CAACC,KAAK,GAAG,CAAC;MAClF,IAAIxB,OAAO,CAAC2B,eAAe,EAAE;QAC3BD,WAAW,GAAG1B,OAAO,CAAC2B,eAAe,CAACD,WAAW,EAAEhB,GAAG,CAAC;MACzD;MACA/B,MAAM,CAACY,qBAAqB,CAACmC,WAAW,CAAC,CAAChB,GAAG,EAAEC,GAAG,EAAEC,IAAI,CAAC;IAC3D,CACF,CAAC;EACH;EAEA,IAAIZ,OAAO,CAACtB,OAAO,EAAE;IACnB2B,MAAM,CAACI,GAAG,CAAC/B,OAAO,CAACsB,OAAO,CAACtB,OAAO,CAAC,CAAC;EACtC;EAEA2B,MAAM,CAACI,GAAG,CAAC,aAAa,EAAE,CAACC,GAAG,EAAEC,GAAG,KAAK;IACtCA,GAAG,CAACiB,IAAI,CAAC,0BAA0B,CAAC;EACtC,CAAC,CAAC;EAEFvB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACoD,IAAI,CAAC;IAAEC,KAAK,EAAE;EAAQ,CAAC,CAAC,CAAC;EAC5CzB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACsD,UAAU,CAAC;IAAEC,QAAQ,EAAE;EAAM,CAAC,CAAC,CAAC;EACnD3B,MAAM,CAACI,GAAG,CAAClC,YAAY,CAACyB,OAAO,CAACiC,qBAAqB,CAAC,CAAC;EACvD5B,MAAM,CAACI,GAAG,CAAC5B,SAAS,CAACqD,EAAE,CAAC,CAAC,CAAC;EAE1B7B,MAAM,CAACI,GAAG,CAACjC,IAAI,CAAC;IACd2D,MAAM,EAAE,IAAI;IACZC,aAAa,EAAEpC,OAAO,CAACqC;EACzB,CAAC,CAAC,CAAC;EAEHzD,gBAAgB,CAAC0D,KAAK,CACpB,IAAI,EACH5B,GAAmC,IAAKA,GAAG,CAAC6B,QAC/C,CAAC;EACD,MAAMC,MAAM,GAAG,yFAAyF;EACxGnC,MAAM,CAACI,GAAG,CAAC7B,gBAAgB,CAAC4D,MAAM,EAAE;IAClCC,MAAM,EAAE;MACN;MACA;MACAC,KAAK,EAAE1C,OAAO,CAACO,MAAM,CAAEoC,IAAI,CAACC,IAAI,CAAC5C,OAAO,CAACO,MAAM;IACjD;EACF,CAAC,CAAC,CAAC;;EAEH;EACA;EACA;EACA;EACAF,MAAM,CAACwC,GAAG,CAAC,sBAAsB,EAAEpE,OAAO,CAACqE,MAAM,CAC/C/C,aAAa,CAACK,MAAM,EAAE2C,IAAI,IAAI,EAAE,EAChC;IACEC,UAAU,EAAGrC,GAAG,IAAKA,GAAG,CAACsC,GAAG,CAAC,eAAe,EAAE,UAAU;EAC1D,CACF,CAAC,CAAC;;EAEF;AACF;AACA;EACE;EACA,IAAIjD,OAAO,CAACkD,OAAO,EAAE;IACnB;IACA;IACA;IACA;IACA;IACA;IACA,IAAI,CAACC,MAAM,CAACC,QAAQ,EAAE;MACpBD,MAAM,CAACC,QAAQ,GAAG;QAChBC,IAAI,EAAE,GAAGnF,aAAa,CAACoF,OAAO,CAACC,GAAG,CAAC,CAAC,CAAC,CAACF,IAAI,GAAGpF,GAAG;MAClD,CAAa;IACf;IAEA,MAAM;MAAEuF,OAAO,EAAEC;IAAQ,CAAC,GAAG,MAAM,MAAM,CAAC,0CAA2C,SAAS,CAAC;IAE/F,MAAM;MAAED,OAAO,EAAEE;IAAqB,CAAC,GAAG,MAAM,MAAM,CACpD,0CAA2C,wBAC7C,CAAC;IAED,MAAM;MAAEF,OAAO,EAAEG;IAAqB,CAAC,GAAG,MAAM,MAAM,CACpD,0CAA2C,wBAC7C,CAAC;IAED,MAAMC,QAAQ,GAAGH,OAAO,CAAC1D,aAAa,CAAC;IAEvCM,MAAM,CAACI,GAAG,CAACiD,oBAAoB,CAACE,QAAQ,EAAE;MACxCzD,UAAU;MACV0D,gBAAgB,EAAE;IACpB,CAAC,CAAC,CAAC;IACHxD,MAAM,CAACI,GAAG,CAACkD,oBAAoB,CAACC,QAAQ,CAAC,CAAC;EAC5C;EACA;;EAEAvD,MAAM,CAACI,GAAG,CAACN,UAAU,EAAY1B,OAAO,CAACqE,MAAM,CAAC/C,aAAa,CAACK,MAAM,CAAE2C,IAAK,CAAC,CAAC;EAE7E,IAAI/C,OAAO,CAAC8D,gBAAgB,EAAE;IAC5B,MAAM9D,OAAO,CAAC8D,gBAAgB,CAACzD,MAAM,CAAC;EACxC;EACAA,MAAM,CAACI,GAAG,CAACP,QAAQ,CAAC;;EAEpB;EACAG,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,EAAEC,GAAG,EAAEC,IAAI,KAAK;IAC7BA,IAAI,CAACxB,QAAQ,CAACF,MAAM,CAAC6E,SAAS,EAAE9E,KAAK,CAAC8E,SAAS,CAAC,CAAC;EACnD,CAAC,CAAC;EAEF,IAAIC,6BAA6B;EACjC,IAAIhE,OAAO,CAACiE,oBAAoB,EAAE;IAChCD,6BAA6B,GAAG,MAAMhE,OAAO,CAACiE,oBAAoB,CAAC5D,MAAM,CAAC;EAC5E;;EAEA;EACA,IAAI,CAAC2D,6BAA6B,EAAE;IAClC;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA3D,MAAM,CAACI,GAAG,CAAC,CACTyD,KAEC,EACDxD,GAAY,EACZC,GAAa,EACbC,IAAkB,KACf;MACH;MACA;MACA,IAAID,GAAG,CAACwD,WAAW,EAAE;QACnBvD,IAAI,CAACsD,KAAK,CAAC;QACX;MACF;MAEA,MAAME,MAAM,GAAGF,KAAK,CAACE,MAAM,IAAInF,KAAK,CAACoF,qBAAqB;MAC1D,MAAMC,UAAU,GAAGF,MAAM,IAAKnF,KAAK,CAACoF,qBAAgC;;MAEpE;MACArE,OAAO,CAACO,MAAM,CAAEgE,GAAG,CAACD,UAAU,GAAG,OAAO,GAAG,OAAO,EAAEJ,KAAK,CAACM,QAAQ,CAAC,CAAC,CAAC;MAErE,IAAIC,OAAO,GAAGP,KAAK,CAACO,OAAO,IAAItF,eAAe,CAACiF,MAAM,CAAC;MACtD,IAAIE,UAAU,IAAIhB,OAAO,CAACoB,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;QACvDF,OAAO,GAAGvF,MAAM,CAACmF,qBAAqB;MACxC;MAEA1D,GAAG,CAACyD,MAAM,CAACA,MAAM,CAAC,CAACxC,IAAI,CAAC6C,OAAO,CAAC;IAClC,CAAC,CAAC;EACJ;EAEA,OAAOpE,MAAM;AACf","ignoreList":[]}
package/build/development/shared/components/Input/index.js CHANGED
@@ -22,6 +22,7 @@ import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
22
22
  */
23
23
  const Input = ({
24
24
  children,
25
+ composeAdhocTheme,
25
26
  error,
26
27
  label,
27
28
  ref,
@@ -29,7 +30,9 @@ const Input = ({
29
30
  theme,
30
31
  ...rest
31
32
  }) => {
32
- const composed = useTheme('Input', defaultTheme, theme);
33
+ const composed = useTheme('Input', defaultTheme, theme, {
34
+ composeAdhocTheme
35
+ });
33
36
 
34
37
  // NOTE: As of now, it is only updated when "theme.focused" is defined,
35
38
  // as otherwise its value is not used.
package/build/development/shared/components/Input/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","names":["useRef","useState","useTheme","defaultTheme","jsx","_jsx","jsxs","_jsxs","Input","children","error","label","ref","testId","theme","rest","composed","focused","setFocused","localRef","containerClassName","container","value","empty","className","onFocus","current","focus","undefined","input","process","env","NODE_ENV","onBlur","e","errorMessage"],"sources":["../../../../../src/shared/components/Input/index.tsx"],"sourcesContent":["import {\n type FunctionComponent,\n type ReactNode,\n type Ref,\n useRef,\n useState,\n} from 'react';\n\nimport { type Theme, useTheme } from '@dr.pogodin/react-themes';\n\nimport defaultTheme from './theme.scss';\n\ntype ThemeKeyT = 'children' | 'container' | 'empty' | 'error' | 'errorMessage'\n | 'focused' | 'input' | 'label';\n\ntype PropsT = React.InputHTMLAttributes<HTMLInputElement> & {\n children?: ReactNode;\n error?: ReactNode;\n label?: React.ReactNode;\n ref?: Ref<HTMLInputElement>;\n testId?: string;\n theme?: Theme<ThemeKeyT>;\n};\n\n/**\n * Themeable input field, based on the standard HTML `<input>` element.\n * @param [props.label] Input label.\n * @param [props.theme] _Ad hoc_ theme.\n * @param [props...] [Other theming properties](https://www.npmjs.com/package/@dr.pogodin/react-themes#themed-component-properties)\n * @param [props...] Any other properties are passed to the underlying\n * `<input>` element.\n */\nconst Input: FunctionComponent<PropsT> = ({\n children,\n error,\n label,\n ref,\n testId,\n theme,\n ...rest\n}) => {\n const composed = useTheme('Input', defaultTheme, theme);\n\n // NOTE: As of now, it is only updated when \"theme.focused\" is defined,\n // as otherwise its value is not used.\n const [focused, setFocused] = useState(false);\n\n const localRef = useRef<HTMLInputElement>(null);\n\n let containerClassName = composed.container;\n\n // NOTE: As of now, \"focused\" can be true only when \"theme.focused\"\n // is provided.\n if (focused /* && theme.focused */) containerClassName += ` ${composed.focused}`;\n\n if (!rest.value && composed.empty) containerClassName += ` ${composed.empty}`;\n\n if (error) containerClassName += ` ${composed.error}`;\n\n return (\n <div\n className={containerClassName}\n onFocus={() => {\n // TODO: It does not really work if a callback-style `ref` is passed in,\n // we need a more complex logic to cover that case, but for now this serves\n // the case we need it for.\n if (typeof ref === 'object') ref?.current?.focus();\n else localRef.current?.focus();\n }}\n >\n {label === undefined\n ? null : <div className={composed.label}>{label}</div>}\n <input\n className={composed.input}\n data-testid={process.env.NODE_ENV === 'production' ? undefined : testId}\n ref={ref ?? localRef}\n\n // TODO: Avoid the spreading later.\n // eslint-disable-next-line react/jsx-props-no-spreading\n {...rest}\n\n onBlur={composed.focused ? (e) => {\n setFocused(false);\n rest.onBlur?.(e);\n } : rest.onBlur}\n onFocus={composed.focused ? (e) => {\n setFocused(true);\n rest.onFocus?.(e);\n } : rest.onFocus}\n />\n {error && error !== true\n ? <div className={composed.errorMessage}>{error}</div>\n : null}\n {children ? <div className={composed.children}>{children}</div> : null}\n </div>\n );\n};\n\nexport default Input;\n"],"mappings":"AAAA,SAIEA,MAAM,EACNC,QAAQ,QACH,OAAO;AAEd,SAAqBC,QAAQ,QAAQ,0BAA0B;AAAA,MAAAC,YAAA;EAAA;EAAA;EAAA;EAAA;EAAA;EAAA;EAAA;EAAA;EAAA;AAAA;AAEvB,SAAAC,GAAA,IAAAC,IAAA,EAAAC,IAAA,IAAAC,KAAA;AAcxC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,KAAgC,GAAGA,CAAC;EACxCC,QAAQ;EACRC,KAAK;EACLC,KAAK;EACLC,GAAG;EACHC,MAAM;EACNC,KAAK;EACL,GAAGC;AACL,CAAC,KAAK;EACJ,MAAMC,QAAQ,GAAGd,QAAQ,CAAC,OAAO,EAAEC,YAAY,EAAEW,KAAK,CAAC;;EAEvD;EACA;EACA,MAAM,CAACG,OAAO,EAAEC,UAAU,CAAC,GAAGjB,QAAQ,CAAC,KAAK,CAAC;EAE7C,MAAMkB,QAAQ,GAAGnB,MAAM,CAAmB,IAAI,CAAC;EAE/C,IAAIoB,kBAAkB,GAAGJ,QAAQ,CAACK,SAAS;;EAE3C;EACA;EACA,IAAIJ,OAAO,CAAC,wBAAwBG,kBAAkB,IAAI,IAAIJ,QAAQ,CAACC,OAAO,EAAE;EAEhF,IAAI,CAACF,IAAI,CAACO,KAAK,IAAIN,QAAQ,CAACO,KAAK,EAAEH,kBAAkB,IAAI,IAAIJ,QAAQ,CAACO,KAAK,EAAE;EAE7E,IAAIb,KAAK,EAAEU,kBAAkB,IAAI,IAAIJ,QAAQ,CAACN,KAAK,EAAE;EAErD,oBACEH,KAAA;IACEiB,SAAS,EAAEJ,kBAAmB;IAC9BK,OAAO,EAAEA,CAAA,KAAM;MACb;MACA;MACA;MACA,IAAI,OAAOb,GAAG,KAAK,QAAQ,EAAEA,GAAG,EAAEc,OAAO,EAAEC,KAAK,CAAC,CAAC,CAAC,KAC9CR,QAAQ,CAACO,OAAO,EAAEC,KAAK,CAAC,CAAC;IAChC,CAAE;IAAAlB,QAAA,GAEDE,KAAK,KAAKiB,SAAS,GAChB,IAAI,gBAAGvB,IAAA;MAAKmB,SAAS,EAAER,QAAQ,CAACL,KAAM;MAAAF,QAAA,EAAEE;IAAK,CAAM,CAAC,eACxDN,IAAA;MACEmB,SAAS,EAAER,QAAQ,CAACa,KAAM;MAC1B,eAAaC,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,GAAGJ,SAAS,GAAGf,MAAO;MACxED,GAAG,EAAEA,GAAG,IAAIO;;MAEZ;MACA;MAAA;;MAAA,GACIJ,IAAI;MAERkB,MAAM,EAAEjB,QAAQ,CAACC,OAAO,GAAIiB,CAAC,IAAK;QAChChB,UAAU,CAAC,KAAK,CAAC;QACjBH,IAAI,CAACkB,MAAM,GAAGC,CAAC,CAAC;MAClB,CAAC,GAAGnB,IAAI,CAACkB,MAAO;MAChBR,OAAO,EAAET,QAAQ,CAACC,OAAO,GAAIiB,CAAC,IAAK;QACjChB,UAAU,CAAC,IAAI,CAAC;QAChBH,IAAI,CAACU,OAAO,GAAGS,CAAC,CAAC;MACnB,CAAC,GAAGnB,IAAI,CAACU;IAAQ,CAClB,CAAC,EACDf,KAAK,IAAIA,KAAK,KAAK,IAAI,gBACpBL,IAAA;MAAKmB,SAAS,EAAER,QAAQ,CAACmB,YAAa;MAAA1B,QAAA,EAAEC;IAAK,CAAM,CAAC,GACpD,IAAI,EACPD,QAAQ,gBAAGJ,IAAA;MAAKmB,SAAS,EAAER,QAAQ,CAACP,QAAS;MAAAA,QAAA,EAAEA;IAAQ,CAAM,CAAC,GAAG,IAAI;EAAA,CACnE,CAAC;AAEV,CAAC;AAED,eAAeD,KAAK","ignoreList":[]}
1
+ {"version":3,"file":"index.js","names":["useRef","useState","useTheme","defaultTheme","jsx","_jsx","jsxs","_jsxs","Input","children","composeAdhocTheme","error","label","ref","testId","theme","rest","composed","focused","setFocused","localRef","containerClassName","container","value","empty","className","onFocus","current","focus","undefined","input","process","env","NODE_ENV","onBlur","e","errorMessage"],"sources":["../../../../../src/shared/components/Input/index.tsx"],"sourcesContent":["import {\n type FunctionComponent,\n type ReactNode,\n type Ref,\n useRef,\n useState,\n} from 'react';\n\nimport { type COMPOSE, type Theme, useTheme } from '@dr.pogodin/react-themes';\n\nimport defaultTheme from './theme.scss';\n\ntype ThemeKeyT = 'children' | 'container' | 'empty' | 'error' | 'errorMessage'\n | 'focused' | 'input' | 'label';\n\ntype PropsT = React.InputHTMLAttributes<HTMLInputElement> & {\n children?: ReactNode;\n composeAdhocTheme?: COMPOSE;\n error?: ReactNode;\n label?: React.ReactNode;\n ref?: Ref<HTMLInputElement>;\n testId?: string;\n theme?: Theme<ThemeKeyT>;\n};\n\n/**\n * Themeable input field, based on the standard HTML `<input>` element.\n * @param [props.label] Input label.\n * @param [props.theme] _Ad hoc_ theme.\n * @param [props...] [Other theming properties](https://www.npmjs.com/package/@dr.pogodin/react-themes#themed-component-properties)\n * @param [props...] Any other properties are passed to the underlying\n * `<input>` element.\n */\nconst Input: FunctionComponent<PropsT> = ({\n children,\n composeAdhocTheme,\n error,\n label,\n ref,\n testId,\n theme,\n ...rest\n}) => {\n const composed = useTheme('Input', defaultTheme, theme, {\n composeAdhocTheme,\n });\n\n // NOTE: As of now, it is only updated when \"theme.focused\" is defined,\n // as otherwise its value is not used.\n const [focused, setFocused] = useState(false);\n\n const localRef = useRef<HTMLInputElement>(null);\n\n let containerClassName = composed.container;\n\n // NOTE: As of now, \"focused\" can be true only when \"theme.focused\"\n // is provided.\n if (focused /* && theme.focused */) containerClassName += ` ${composed.focused}`;\n\n if (!rest.value && composed.empty) containerClassName += ` ${composed.empty}`;\n\n if (error) containerClassName += ` ${composed.error}`;\n\n return (\n <div\n className={containerClassName}\n onFocus={() => {\n // TODO: It does not really work if a callback-style `ref` is passed in,\n // we need a more complex logic to cover that case, but for now this serves\n // the case we need it for.\n if (typeof ref === 'object') ref?.current?.focus();\n else localRef.current?.focus();\n }}\n >\n {label === undefined\n ? null : <div className={composed.label}>{label}</div>}\n <input\n className={composed.input}\n data-testid={process.env.NODE_ENV === 'production' ? undefined : testId}\n ref={ref ?? localRef}\n\n // TODO: Avoid the spreading later.\n // eslint-disable-next-line react/jsx-props-no-spreading\n {...rest}\n\n onBlur={composed.focused ? (e) => {\n setFocused(false);\n rest.onBlur?.(e);\n } : rest.onBlur}\n onFocus={composed.focused ? (e) => {\n setFocused(true);\n rest.onFocus?.(e);\n } : rest.onFocus}\n />\n {error && error !== true\n ? <div className={composed.errorMessage}>{error}</div>\n : null}\n {children ? <div className={composed.children}>{children}</div> : null}\n </div>\n );\n};\n\nexport default Input;\n"],"mappings":"AAAA,SAIEA,MAAM,EACNC,QAAQ,QACH,OAAO;AAEd,SAAmCC,QAAQ,QAAQ,0BAA0B;AAAA,MAAAC,YAAA;EAAA;EAAA;EAAA;EAAA;EAAA;EAAA;EAAA;EAAA;EAAA;AAAA;AAErC,SAAAC,GAAA,IAAAC,IAAA,EAAAC,IAAA,IAAAC,KAAA;AAexC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,KAAgC,GAAGA,CAAC;EACxCC,QAAQ;EACRC,iBAAiB;EACjBC,KAAK;EACLC,KAAK;EACLC,GAAG;EACHC,MAAM;EACNC,KAAK;EACL,GAAGC;AACL,CAAC,KAAK;EACJ,MAAMC,QAAQ,GAAGf,QAAQ,CAAC,OAAO,EAAEC,YAAY,EAAEY,KAAK,EAAE;IACtDL;EACF,CAAC,CAAC;;EAEF;EACA;EACA,MAAM,CAACQ,OAAO,EAAEC,UAAU,CAAC,GAAGlB,QAAQ,CAAC,KAAK,CAAC;EAE7C,MAAMmB,QAAQ,GAAGpB,MAAM,CAAmB,IAAI,CAAC;EAE/C,IAAIqB,kBAAkB,GAAGJ,QAAQ,CAACK,SAAS;;EAE3C;EACA;EACA,IAAIJ,OAAO,CAAC,wBAAwBG,kBAAkB,IAAI,IAAIJ,QAAQ,CAACC,OAAO,EAAE;EAEhF,IAAI,CAACF,IAAI,CAACO,KAAK,IAAIN,QAAQ,CAACO,KAAK,EAAEH,kBAAkB,IAAI,IAAIJ,QAAQ,CAACO,KAAK,EAAE;EAE7E,IAAIb,KAAK,EAAEU,kBAAkB,IAAI,IAAIJ,QAAQ,CAACN,KAAK,EAAE;EAErD,oBACEJ,KAAA;IACEkB,SAAS,EAAEJ,kBAAmB;IAC9BK,OAAO,EAAEA,CAAA,KAAM;MACb;MACA;MACA;MACA,IAAI,OAAOb,GAAG,KAAK,QAAQ,EAAEA,GAAG,EAAEc,OAAO,EAAEC,KAAK,CAAC,CAAC,CAAC,KAC9CR,QAAQ,CAACO,OAAO,EAAEC,KAAK,CAAC,CAAC;IAChC,CAAE;IAAAnB,QAAA,GAEDG,KAAK,KAAKiB,SAAS,GAChB,IAAI,gBAAGxB,IAAA;MAAKoB,SAAS,EAAER,QAAQ,CAACL,KAAM;MAAAH,QAAA,EAAEG;IAAK,CAAM,CAAC,eACxDP,IAAA;MACEoB,SAAS,EAAER,QAAQ,CAACa,KAAM;MAC1B,eAAaC,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,GAAGJ,SAAS,GAAGf,MAAO;MACxED,GAAG,EAAEA,GAAG,IAAIO;;MAEZ;MACA;MAAA;;MAAA,GACIJ,IAAI;MAERkB,MAAM,EAAEjB,QAAQ,CAACC,OAAO,GAAIiB,CAAC,IAAK;QAChChB,UAAU,CAAC,KAAK,CAAC;QACjBH,IAAI,CAACkB,MAAM,GAAGC,CAAC,CAAC;MAClB,CAAC,GAAGnB,IAAI,CAACkB,MAAO;MAChBR,OAAO,EAAET,QAAQ,CAACC,OAAO,GAAIiB,CAAC,IAAK;QACjChB,UAAU,CAAC,IAAI,CAAC;QAChBH,IAAI,CAACU,OAAO,GAAGS,CAAC,CAAC;MACnB,CAAC,GAAGnB,IAAI,CAACU;IAAQ,CAClB,CAAC,EACDf,KAAK,IAAIA,KAAK,KAAK,IAAI,gBACpBN,IAAA;MAAKoB,SAAS,EAAER,QAAQ,CAACmB,YAAa;MAAA3B,QAAA,EAAEE;IAAK,CAAM,CAAC,GACpD,IAAI,EACPF,QAAQ,gBAAGJ,IAAA;MAAKoB,SAAS,EAAER,QAAQ,CAACR,QAAS;MAAAA,QAAA,EAAEA;IAAQ,CAAM,CAAC,GAAG,IAAI;EAAA,CACnE,CAAC;AAEV,CAAC;AAED,eAAeD,KAAK","ignoreList":[]}
package/build/production/server/server.js CHANGED
@@ -31,7 +31,7 @@ delete defaultCspSettings.directives["upgrade-insecure-requests"];/**
31
31
  // compatibility. Should be removed sometime later.
32
32
  req2.cspNonce=req2.nonce;// The deep clone is necessary here to ensure that default value can't be
33
33
  // mutated during request processing.
34
- let cspSettings=cloneDeep(defaultCspSettings);(cspSettings.directives?.["script-src"]).push(`'nonce-${req2.nonce}'`);if(options.cspSettingsHook){cspSettings=options.cspSettingsHook(cspSettings,req)}helmet.contentSecurityPolicy(cspSettings)(req,res,next)})}if(options.favicon){server.use(favicon(options.favicon))}server.use("/robots.txt",(req,res)=>{res.send("User-agent: *\nDisallow:")});server.use(express.json({limit:"300kb"}));server.use(express.urlencoded({extended:false}));server.use(cookieParser(options.cookieSignatureSecret));server.use(requestIp.mw());server.use(csrf({cookie:true}));loggerMiddleware.token("ip",req=>req.clientIp);const FORMAT=":ip > :status :method :url :response-time ms :res[content-length] :referrer :user-agent";server.use(loggerMiddleware(FORMAT,{stream:{// TODO: This implies the logger is always set. Is it on a higher level?
34
+ let cspSettings=cloneDeep(defaultCspSettings);(cspSettings.directives?.["script-src"]).push(`'nonce-${req2.nonce}'`);if(options.cspSettingsHook){cspSettings=options.cspSettingsHook(cspSettings,req)}helmet.contentSecurityPolicy(cspSettings)(req,res,next)})}if(options.favicon){server.use(favicon(options.favicon))}server.use("/robots.txt",(req,res)=>{res.send("User-agent: *\nDisallow:")});server.use(express.json({limit:"300kb"}));server.use(express.urlencoded({extended:false}));server.use(cookieParser(options.cookieSignatureSecret));server.use(requestIp.mw());server.use(csrf({cookie:true,ignoreRequest:options.csrfIgnoreRequest}));loggerMiddleware.token("ip",req=>req.clientIp);const FORMAT=":ip > :status :method :url :response-time ms :res[content-length] :referrer :user-agent";server.use(loggerMiddleware(FORMAT,{stream:{// TODO: This implies the logger is always set. Is it on a higher level?
35
35
  // then mark it as always present.
36
36
  write:options.logger.info.bind(options.logger)}}));// Note: no matter the "public path", we want the service worker, if any,
37
37
  // to be served from the root, to have all web app pages in its scope.
package/build/production/server/server.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"server.js","names":["sep","pathToFileURL","cloneDeep","mapValues","pick","compression","cookieParser","csrf","express","favicon","helmet","loggerMiddleware","requestIp","v4","uuid","rendererFactory","CODES","ERRORS","getErrorForCode","newError","defaultCspSettings","directives","contentSecurityPolicy","getDefaultDirectives","array","filter","item","push","getDefaultCspSettings","factory","webpackConfig","options","rendererOps","renderer","publicPath","output","server","beforeExpressJsSetup","logger","httpsRedirect","use","req","res","next","schema","headers","url","host","originalUrl","redirect","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","noCsp","req2","nonce","cspNonce","cspSettings","cspSettingsHook","send","json","limit","urlencoded","extended","cookieSignatureSecret","mw","cookie","token","clientIp","FORMAT","stream","write","info","bind","get","static","path","setHeaders","set","devMode","global","location","href","process","cwd","default","webpack","webpackDevMiddleware","webpackHotMiddleware","compiler","serverSideRender","onExpressJsSetup","NOT_FOUND","dontAttachDefaultErrorHandler","beforeExpressJsError","error","headersSent","status","INTERNAL_SERVER_ERROR","serverSide","log","toString","message","env","NODE_ENV"],"sources":["../../../src/server/server.ts"],"sourcesContent":["/**\n * Creation of standard ExpressJS server for ReactJS apps.\n */\n\nimport { sep } from 'node:path';\nimport { pathToFileURL } from 'node:url';\n\nimport { cloneDeep, mapValues, pick } from 'lodash-es';\n\nimport compression from 'compression';\nimport cookieParser from 'cookie-parser';\nimport csrf from '@dr.pogodin/csurf';\n\nimport express, {\n type Express,\n type NextFunction,\n type Request,\n type Response,\n} from 'express';\n\nimport favicon from 'serve-favicon';\nimport helmet, { type HelmetOptions } from 'helmet';\nimport loggerMiddleware from 'morgan';\nimport requestIp from 'request-ip';\nimport { v4 as uuid } from 'uuid';\n\nimport type { Configuration } from 'webpack';\n\nimport rendererFactory, {\n type LoggerI,\n type OptionsT as RendererOptionsT,\n} from './renderer';\n\nimport {\n CODES,\n ERRORS,\n getErrorForCode,\n newError,\n} from './utils/errors';\n\nexport type CspOptionsT = Exclude<HelmetOptions['contentSecurityPolicy'], boolean | undefined>;\n\n// eslint-disable-next-line @typescript-eslint/consistent-type-definitions\ninterface RequestT extends Request {\n cspNonce: string;\n nonce: string;\n}\n\n/**\n * Default Content Security Policy settings.\n * @ignore\n */\nconst defaultCspSettings = {\n directives: mapValues(\n helmet.contentSecurityPolicy.getDefaultDirectives(),\n\n // 'https:' options (automatic re-write of insecure URLs to secure ones)\n // is removed to facilitate local development with HTTP server. In cloud\n // deployments we assume Apache or Nginx server in front of out app takes\n // care about such re-writes.\n (array) => (array as string[]).filter((item: string) => item !== 'https:'),\n ),\n};\ndefaultCspSettings.directives['frame-src'] = [\n \"'self'\",\n\n // YouTube domain is whitelisted to allow <YouTubeVideo> component to work\n // out of box.\n 'https://*.youtube.com',\n];\n\n{\n const directives = defaultCspSettings.directives['script-src'];\n if (directives) directives.push(\"'unsafe-eval'\");\n else defaultCspSettings.directives['script-src'] = [\"'unsafe-eval'\"];\n}\n\n// No need for automatic re-writes via Content Security Policy settings:\n// the forefront Apache or Nginx server is supposed to take care of this\n// in production cloud deployments.\ndelete defaultCspSettings.directives['upgrade-insecure-requests'];\n\n/**\n * @category Utilities\n * @func server/getDefaultCspSettings\n * @global\n * @desc\n * ```js\n * import { server } from '@dr.pogodin/react-utils';\n * const { getDefaultCspSettings } from '@dr.pogodin/react-utils';\n * ```\n * @return {{\n * directives: object\n * }} A deep copy of default CSP settings object used by `react-utils`,\n * with the exception of `nonce-xxx` clause in `script-src` directive,\n * which is added dynamically for each request.\n */\nexport function getDefaultCspSettings(): {\n directives: Record<string, string[]>;\n} {\n return cloneDeep(defaultCspSettings);\n}\n\nexport type ServerT = Express & {\n logger: LoggerI;\n};\n\nexport type OptionsT = RendererOptionsT & {\n beforeExpressJsError?:\n (server: ServerT) => boolean | Promise<boolean>;\n\n beforeExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n cookieSignatureSecret?: string;\n cspSettingsHook?: (\n defaultOptions: CspOptionsT,\n req: Request,\n ) => CspOptionsT;\n devMode?: boolean;\n httpsRedirect?: boolean;\n onExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n};\n\nexport default async function factory(\n webpackConfig: Configuration,\n options: OptionsT,\n): Promise<ServerT> {\n const rendererOps: RendererOptionsT = pick(options, [\n 'Application',\n 'beforeRender',\n 'favicon',\n 'logger',\n 'maxSsrRounds',\n 'noCsp',\n 'ssrTimeout',\n 'staticCacheController',\n 'staticCacheSize',\n ]);\n const renderer = rendererFactory(webpackConfig, rendererOps);\n const { publicPath } = webpackConfig.output!;\n\n const server = express() as ServerT;\n\n if (options.beforeExpressJsSetup) {\n await options.beforeExpressJsSetup(server);\n }\n\n if (options.logger) server.logger = options.logger;\n\n if (options.httpsRedirect) {\n server.use((req, res, next) => {\n const schema = req.headers['x-forwarded-proto'];\n if (schema === 'http') {\n let url = `https://${req.headers.host}`;\n if (req.originalUrl !== '/') url += req.originalUrl;\n res.redirect(url);\n return;\n }\n next();\n });\n }\n\n server.use(compression());\n server.use(\n helmet({\n contentSecurityPolicy: false,\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n }),\n );\n\n if (!options.noCsp) {\n server.use(\n (req: Request, res: Response, next: NextFunction) => {\n const req2 = req as RequestT;\n\n req2.nonce = uuid();\n\n // TODO: This is deprecated, but it is kept for now for backward\n // compatibility. Should be removed sometime later.\n req2.cspNonce = req2.nonce;\n\n // The deep clone is necessary here to ensure that default value can't be\n // mutated during request processing.\n let cspSettings: CspOptionsT = cloneDeep(defaultCspSettings);\n (cspSettings.directives?.['script-src'] as string[]).push(`'nonce-${req2.nonce}'`);\n if (options.cspSettingsHook) {\n cspSettings = options.cspSettingsHook(cspSettings, req);\n }\n helmet.contentSecurityPolicy(cspSettings)(req, res, next);\n },\n );\n }\n\n if (options.favicon) {\n server.use(favicon(options.favicon));\n }\n\n server.use('/robots.txt', (req, res) => {\n res.send('User-agent: *\\nDisallow:');\n });\n\n server.use(express.json({ limit: '300kb' }));\n server.use(express.urlencoded({ extended: false }));\n server.use(cookieParser(options.cookieSignatureSecret));\n server.use(requestIp.mw());\n\n server.use(csrf({ cookie: true }));\n\n loggerMiddleware.token(\n 'ip',\n (req: Request & { clientIp: string }) => req.clientIp,\n );\n const FORMAT = ':ip > :status :method :url :response-time ms :res[content-length] :referrer :user-agent';\n server.use(loggerMiddleware(FORMAT, {\n stream: {\n // TODO: This implies the logger is always set. Is it on a higher level?\n // then mark it as always present.\n write: options.logger!.info.bind(options.logger),\n },\n }));\n\n // Note: no matter the \"public path\", we want the service worker, if any,\n // to be served from the root, to have all web app pages in its scope.\n // Thus, this setup to serve it. Probably, need some more configuration\n // for special cases, but this will do for now.\n server.get('/__service-worker.js', express.static(\n webpackConfig.output?.path ?? '',\n {\n setHeaders: (res) => res.set('Cache-Control', 'no-cache'),\n },\n ));\n\n /* Setup of Hot Module Reloading for development environment.\n * These dependencies are not used, nor installed for production use,\n * hence we should violate some import-related lint rules. */\n /* eslint-disable import/no-extraneous-dependencies */\n if (options.devMode) {\n // This is a workaround for SASS bug:\n // https://github.com/dart-lang/sdk/issues/27979\n // which manifests itself sometimes when webpack dev middleware is used\n // (in dev mode), and app modules are imported in some unfortunate ways.\n // TODO: Double-check, what is going on here.\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n if (!global.location) {\n global.location = {\n href: `${pathToFileURL(process.cwd()).href}${sep}`,\n } as Location;\n }\n\n const { default: webpack } = await import(/* webpackChunkName: \"server-side-code\" */ 'webpack');\n\n const { default: webpackDevMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-dev-middleware'\n );\n\n const { default: webpackHotMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-hot-middleware'\n );\n\n const compiler = webpack(webpackConfig);\n\n server.use(webpackDevMiddleware(compiler, {\n publicPath,\n serverSideRender: true,\n }));\n server.use(webpackHotMiddleware(compiler));\n }\n /* eslint-enable import/no-extraneous-dependencies */\n\n server.use(publicPath as string, express.static(webpackConfig.output!.path!));\n\n if (options.onExpressJsSetup) {\n await options.onExpressJsSetup(server);\n }\n server.use(renderer);\n\n /* Detects 404 errors, and forwards them to the error handler. */\n server.use((req, res, next) => {\n next(newError(ERRORS.NOT_FOUND, CODES.NOT_FOUND));\n });\n\n let dontAttachDefaultErrorHandler;\n if (options.beforeExpressJsError) {\n dontAttachDefaultErrorHandler = await options.beforeExpressJsError(server);\n }\n\n /* Error handler. */\n if (!dontAttachDefaultErrorHandler) {\n // TODO: Do we need this error handler at all? It actually seems to do\n // what the default ExpressJS error handler does anyway, see:\n // https://expressjs.com/en/guide/error-handling.html\n //\n // TODO: It is better to move the default error handler definition\n // to a stand-alone function at top-level, but the use of options.logger\n // prevents to do it without some extra refactoring. Should be done sometime\n // though.\n server.use((\n error: Error & {\n status?: number;\n },\n req: Request,\n res: Response,\n next: NextFunction,\n ) => {\n // TODO: This is needed to correctly handled any errors thrown after\n // sending initial response to the client.\n if (res.headersSent) {\n next(error);\n return;\n }\n\n const status = error.status ?? CODES.INTERNAL_SERVER_ERROR;\n const serverSide = status >= (CODES.INTERNAL_SERVER_ERROR as number);\n\n // Log server-side errors always, client-side at debug level only.\n options.logger!.log(serverSide ? 'error' : 'debug', error.toString());\n\n let message = error.message || getErrorForCode(status);\n if (serverSide && process.env.NODE_ENV === 'production') {\n message = ERRORS.INTERNAL_SERVER_ERROR;\n }\n\n res.status(status).send(message);\n });\n }\n\n return server;\n}\n"],"mappings":"wLAAA;AACA;AACA,GAEA,OAASA,GAAG,KAAQ,WAAW,CAC/B,OAASC,aAAa,KAAQ,UAAU,CAExC,OAASC,SAAS,CAAEC,SAAS,CAAEC,IAAI,KAAQ,WAAW,CAEtD,MAAO,CAAAC,WAAW,KAAM,aAAa,CACrC,MAAO,CAAAC,YAAY,KAAM,eAAe,CACxC,MAAO,CAAAC,IAAI,KAAM,mBAAmB,CAEpC,MAAO,CAAAC,OAAO,KAKP,SAAS,CAEhB,MAAO,CAAAC,OAAO,KAAM,eAAe,CACnC,MAAO,CAAAC,MAAM,KAA8B,QAAQ,CACnD,MAAO,CAAAC,gBAAgB,KAAM,QAAQ,CACrC,MAAO,CAAAC,SAAS,KAAM,YAAY,CAClC,OAASC,EAAE,GAAI,CAAAC,IAAI,KAAQ,MAAM,OAI1B,CAAAC,eAAe,4BAMpBC,KAAK,CACLC,MAAM,CACNC,eAAe,CACfC,QAAQ,yBAKV;AAMA;AACA;AACA;AACA,GACA,KAAM,CAAAC,kBAAkB,CAAG,CACzBC,UAAU,CAAElB,SAAS,CACnBO,MAAM,CAACY,qBAAqB,CAACC,oBAAoB,CAAC,CAAC,CAEnD;AACA;AACA;AACA;AACCC,KAAK,EAAMA,KAAK,CAAcC,MAAM,CAAEC,IAAY,EAAKA,IAAI,GAAK,QAAQ,CAC3E,CACF,CAAC,CACDN,kBAAkB,CAACC,UAAU,CAAC,WAAW,CAAC,CAAG,CAC3C,QAAQ,CAER;AACA;AACA,uBAAuB,CACxB,CAED,CACE,KAAM,CAAAA,UAAU,CAAGD,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC,CAC9D,GAAIA,UAAU,CAAEA,UAAU,CAACM,IAAI,CAAC,eAAe,CAAC,CAAC,IAC5C,CAAAP,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC,CAAG,CAAC,eAAe,CACrE,CAEA;AACA;AACA;AACA,MAAO,CAAAD,kBAAkB,CAACC,UAAU,CAAC,2BAA2B,CAAC,CAEjE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,GACA,MAAO,SAAS,CAAAO,qBAAqBA,CAAA,CAEnC,CACA,MAAO,CAAA1B,SAAS,CAACkB,kBAAkB,CACrC,CAqBA,cAAe,eAAe,CAAAS,OAAOA,CACnCC,aAA4B,CAC5BC,OAAiB,CACC,CAClB,KAAM,CAAAC,WAA6B,CAAG5B,IAAI,CAAC2B,OAAO,CAAE,CAClD,aAAa,CACb,cAAc,CACd,SAAS,CACT,QAAQ,CACR,cAAc,CACd,OAAO,CACP,YAAY,CACZ,uBAAuB,CACvB,iBAAiB,CAClB,CAAC,CACF,KAAM,CAAAE,QAAQ,CAAGlB,eAAe,CAACe,aAAa,CAAEE,WAAW,CAAC,CAC5D,KAAM,CAAEE,UAAW,CAAC,CAAGJ,aAAa,CAACK,MAAO,CAE5C,KAAM,CAAAC,MAAM,CAAG5B,OAAO,CAAC,CAAY,CAEnC,GAAIuB,OAAO,CAACM,oBAAoB,CAAE,CAChC,KAAM,CAAAN,OAAO,CAACM,oBAAoB,CAACD,MAAM,CAC3C,CAEA,GAAIL,OAAO,CAACO,MAAM,CAAEF,MAAM,CAACE,MAAM,CAAGP,OAAO,CAACO,MAAM,CAElD,GAAIP,OAAO,CAACQ,aAAa,CAAE,CACzBH,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,CAAEC,GAAG,CAAEC,IAAI,GAAK,CAC7B,KAAM,CAAAC,MAAM,CAAGH,GAAG,CAACI,OAAO,CAAC,mBAAmB,CAAC,CAC/C,GAAID,MAAM,GAAK,MAAM,CAAE,CACrB,GAAI,CAAAE,GAAG,CAAG,WAAWL,GAAG,CAACI,OAAO,CAACE,IAAI,EAAE,CACvC,GAAIN,GAAG,CAACO,WAAW,GAAK,GAAG,CAAEF,GAAG,EAAIL,GAAG,CAACO,WAAW,CACnDN,GAAG,CAACO,QAAQ,CAACH,GAAG,CAAC,CACjB,MACF,CACAH,IAAI,CAAC,CACP,CAAC,CACH,CAEAP,MAAM,CAACI,GAAG,CAACnC,WAAW,CAAC,CAAC,CAAC,CACzB+B,MAAM,CAACI,GAAG,CACR9B,MAAM,CAAC,CACLY,qBAAqB,CAAE,KAAK,CAC5B4B,yBAAyB,CAAE,KAAK,CAChCC,uBAAuB,CAAE,KAAK,CAC9BC,yBAAyB,CAAE,KAC7B,CAAC,CACH,CAAC,CAED,GAAI,CAACrB,OAAO,CAACsB,KAAK,CAAE,CAClBjB,MAAM,CAACI,GAAG,CACR,CAACC,GAAY,CAAEC,GAAa,CAAEC,IAAkB,GAAK,CACnD,KAAM,CAAAW,IAAI,CAAGb,GAAe,CAE5Ba,IAAI,CAACC,KAAK,CAAGzC,IAAI,CAAC,CAAC,CAEnB;AACA;AACAwC,IAAI,CAACE,QAAQ,CAAGF,IAAI,CAACC,KAAK,CAE1B;AACA;AACA,GAAI,CAAAE,WAAwB,CAAGvD,SAAS,CAACkB,kBAAkB,CAAC,CAC5D,CAACqC,WAAW,CAACpC,UAAU,GAAG,YAAY,CAAC,EAAcM,IAAI,CAAC,UAAU2B,IAAI,CAACC,KAAK,GAAG,CAAC,CAClF,GAAIxB,OAAO,CAAC2B,eAAe,CAAE,CAC3BD,WAAW,CAAG1B,OAAO,CAAC2B,eAAe,CAACD,WAAW,CAAEhB,GAAG,CACxD,CACA/B,MAAM,CAACY,qBAAqB,CAACmC,WAAW,CAAC,CAAChB,GAAG,CAAEC,GAAG,CAAEC,IAAI,CAC1D,CACF,CACF,CAEA,GAAIZ,OAAO,CAACtB,OAAO,CAAE,CACnB2B,MAAM,CAACI,GAAG,CAAC/B,OAAO,CAACsB,OAAO,CAACtB,OAAO,CAAC,CACrC,CAEA2B,MAAM,CAACI,GAAG,CAAC,aAAa,CAAE,CAACC,GAAG,CAAEC,GAAG,GAAK,CACtCA,GAAG,CAACiB,IAAI,CAAC,0BAA0B,CACrC,CAAC,CAAC,CAEFvB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACoD,IAAI,CAAC,CAAEC,KAAK,CAAE,OAAQ,CAAC,CAAC,CAAC,CAC5CzB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACsD,UAAU,CAAC,CAAEC,QAAQ,CAAE,KAAM,CAAC,CAAC,CAAC,CACnD3B,MAAM,CAACI,GAAG,CAAClC,YAAY,CAACyB,OAAO,CAACiC,qBAAqB,CAAC,CAAC,CACvD5B,MAAM,CAACI,GAAG,CAAC5B,SAAS,CAACqD,EAAE,CAAC,CAAC,CAAC,CAE1B7B,MAAM,CAACI,GAAG,CAACjC,IAAI,CAAC,CAAE2D,MAAM,CAAE,IAAK,CAAC,CAAC,CAAC,CAElCvD,gBAAgB,CAACwD,KAAK,CACpB,IAAI,CACH1B,GAAmC,EAAKA,GAAG,CAAC2B,QAC/C,CAAC,CACD,KAAM,CAAAC,MAAM,CAAG,yFAAyF,CACxGjC,MAAM,CAACI,GAAG,CAAC7B,gBAAgB,CAAC0D,MAAM,CAAE,CAClCC,MAAM,CAAE,CACN;AACA;AACAC,KAAK,CAAExC,OAAO,CAACO,MAAM,CAAEkC,IAAI,CAACC,IAAI,CAAC1C,OAAO,CAACO,MAAM,CACjD,CACF,CAAC,CAAC,CAAC,CAEH;AACA;AACA;AACA;AACAF,MAAM,CAACsC,GAAG,CAAC,sBAAsB,CAAElE,OAAO,CAACmE,MAAM,CAC/C7C,aAAa,CAACK,MAAM,EAAEyC,IAAI,EAAI,EAAE,CAChC,CACEC,UAAU,CAAGnC,GAAG,EAAKA,GAAG,CAACoC,GAAG,CAAC,eAAe,CAAE,UAAU,CAC1D,CACF,CAAC,CAAC,CAEF;AACF;AACA,+DACE,sDACA,GAAI/C,OAAO,CAACgD,OAAO,CAAE,CACnB;AACA;AACA;AACA;AACA;AACA;AACA,GAAI,CAACC,MAAM,CAACC,QAAQ,CAAE,CACpBD,MAAM,CAACC,QAAQ,CAAG,CAChBC,IAAI,CAAE,GAAGjF,aAAa,CAACkF,OAAO,CAACC,GAAG,CAAC,CAAC,CAAC,CAACF,IAAI,GAAGlF,GAAG,EAClD,CACF,CAEA,KAAM,CAAEqF,OAAO,CAAEC,OAAQ,CAAC,CAAG,KAAM,OAAM,CAAC,0CAA2C,SAAS,CAAC,CAE/F,KAAM,CAAED,OAAO,CAAEE,oBAAqB,CAAC,CAAG,KAAM,OAAM,CACpD,0CAA2C,wBAC7C,CAAC,CAED,KAAM,CAAEF,OAAO,CAAEG,oBAAqB,CAAC,CAAG,KAAM,OAAM,CACpD,0CAA2C,wBAC7C,CAAC,CAED,KAAM,CAAAC,QAAQ,CAAGH,OAAO,CAACxD,aAAa,CAAC,CAEvCM,MAAM,CAACI,GAAG,CAAC+C,oBAAoB,CAACE,QAAQ,CAAE,CACxCvD,UAAU,CACVwD,gBAAgB,CAAE,IACpB,CAAC,CAAC,CAAC,CACHtD,MAAM,CAACI,GAAG,CAACgD,oBAAoB,CAACC,QAAQ,CAAC,CAC3C,CACA,qDAEArD,MAAM,CAACI,GAAG,CAACN,UAAU,CAAY1B,OAAO,CAACmE,MAAM,CAAC7C,aAAa,CAACK,MAAM,CAAEyC,IAAK,CAAC,CAAC,CAE7E,GAAI7C,OAAO,CAAC4D,gBAAgB,CAAE,CAC5B,KAAM,CAAA5D,OAAO,CAAC4D,gBAAgB,CAACvD,MAAM,CACvC,CACAA,MAAM,CAACI,GAAG,CAACP,QAAQ,CAAC,CAEpB,iEACAG,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,CAAEC,GAAG,CAAEC,IAAI,GAAK,CAC7BA,IAAI,CAACxB,QAAQ,CAACF,MAAM,CAAC2E,SAAS,CAAE5E,KAAK,CAAC4E,SAAS,CAAC,CAClD,CAAC,CAAC,CAEF,GAAI,CAAAC,6BAA6B,CACjC,GAAI9D,OAAO,CAAC+D,oBAAoB,CAAE,CAChCD,6BAA6B,CAAG,KAAM,CAAA9D,OAAO,CAAC+D,oBAAoB,CAAC1D,MAAM,CAC3E,CAEA,oBACA,GAAI,CAACyD,6BAA6B,CAAE,CAClC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACAzD,MAAM,CAACI,GAAG,CAAC,CACTuD,KAEC,CACDtD,GAAY,CACZC,GAAa,CACbC,IAAkB,GACf,CACH;AACA;AACA,GAAID,GAAG,CAACsD,WAAW,CAAE,CACnBrD,IAAI,CAACoD,KAAK,CAAC,CACX,MACF,CAEA,KAAM,CAAAE,MAAM,CAAGF,KAAK,CAACE,MAAM,EAAIjF,KAAK,CAACkF,qBAAqB,CAC1D,KAAM,CAAAC,UAAU,CAAGF,MAAM,EAAKjF,KAAK,CAACkF,qBAAgC,CAEpE;AACAnE,OAAO,CAACO,MAAM,CAAE8D,GAAG,CAACD,UAAU,CAAG,OAAO,CAAG,OAAO,CAAEJ,KAAK,CAACM,QAAQ,CAAC,CAAC,CAAC,CAErE,GAAI,CAAAC,OAAO,CAAGP,KAAK,CAACO,OAAO,EAAIpF,eAAe,CAAC+E,MAAM,CAAC,CACtD,GAAIE,UAAU,EAAIhB,OAAO,CAACoB,GAAG,CAACC,QAAQ,GAAK,YAAY,CAAE,CACvDF,OAAO,CAAGrF,MAAM,CAACiF,qBACnB,CAEAxD,GAAG,CAACuD,MAAM,CAACA,MAAM,CAAC,CAACtC,IAAI,CAAC2C,OAAO,CACjC,CAAC,CACH,CAEA,MAAO,CAAAlE,MACT","ignoreList":[]}
1
+ {"version":3,"file":"server.js","names":["sep","pathToFileURL","cloneDeep","mapValues","pick","compression","cookieParser","csrf","express","favicon","helmet","loggerMiddleware","requestIp","v4","uuid","rendererFactory","CODES","ERRORS","getErrorForCode","newError","defaultCspSettings","directives","contentSecurityPolicy","getDefaultDirectives","array","filter","item","push","getDefaultCspSettings","factory","webpackConfig","options","rendererOps","renderer","publicPath","output","server","beforeExpressJsSetup","logger","httpsRedirect","use","req","res","next","schema","headers","url","host","originalUrl","redirect","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","noCsp","req2","nonce","cspNonce","cspSettings","cspSettingsHook","send","json","limit","urlencoded","extended","cookieSignatureSecret","mw","cookie","ignoreRequest","csrfIgnoreRequest","token","clientIp","FORMAT","stream","write","info","bind","get","static","path","setHeaders","set","devMode","global","location","href","process","cwd","default","webpack","webpackDevMiddleware","webpackHotMiddleware","compiler","serverSideRender","onExpressJsSetup","NOT_FOUND","dontAttachDefaultErrorHandler","beforeExpressJsError","error","headersSent","status","INTERNAL_SERVER_ERROR","serverSide","log","toString","message","env","NODE_ENV"],"sources":["../../../src/server/server.ts"],"sourcesContent":["/**\n * Creation of standard ExpressJS server for ReactJS apps.\n */\n\nimport { sep } from 'node:path';\nimport { pathToFileURL } from 'node:url';\n\nimport { cloneDeep, mapValues, pick } from 'lodash-es';\n\nimport compression from 'compression';\nimport cookieParser from 'cookie-parser';\nimport csrf from '@dr.pogodin/csurf';\n\nimport express, {\n type Express,\n type NextFunction,\n type Request,\n type Response,\n} from 'express';\n\nimport favicon from 'serve-favicon';\nimport helmet, { type HelmetOptions } from 'helmet';\nimport loggerMiddleware from 'morgan';\nimport requestIp from 'request-ip';\nimport { v4 as uuid } from 'uuid';\n\nimport type { Configuration } from 'webpack';\n\nimport rendererFactory, {\n type LoggerI,\n type OptionsT as RendererOptionsT,\n} from './renderer';\n\nimport {\n CODES,\n ERRORS,\n getErrorForCode,\n newError,\n} from './utils/errors';\n\nexport type CspOptionsT = Exclude<HelmetOptions['contentSecurityPolicy'], boolean | undefined>;\n\n// eslint-disable-next-line @typescript-eslint/consistent-type-definitions\ninterface RequestT extends Request {\n cspNonce: string;\n nonce: string;\n}\n\n/**\n * Default Content Security Policy settings.\n * @ignore\n */\nconst defaultCspSettings = {\n directives: mapValues(\n helmet.contentSecurityPolicy.getDefaultDirectives(),\n\n // 'https:' options (automatic re-write of insecure URLs to secure ones)\n // is removed to facilitate local development with HTTP server. In cloud\n // deployments we assume Apache or Nginx server in front of out app takes\n // care about such re-writes.\n (array) => (array as string[]).filter((item: string) => item !== 'https:'),\n ),\n};\ndefaultCspSettings.directives['frame-src'] = [\n \"'self'\",\n\n // YouTube domain is whitelisted to allow <YouTubeVideo> component to work\n // out of box.\n 'https://*.youtube.com',\n];\n\n{\n const directives = defaultCspSettings.directives['script-src'];\n if (directives) directives.push(\"'unsafe-eval'\");\n else defaultCspSettings.directives['script-src'] = [\"'unsafe-eval'\"];\n}\n\n// No need for automatic re-writes via Content Security Policy settings:\n// the forefront Apache or Nginx server is supposed to take care of this\n// in production cloud deployments.\ndelete defaultCspSettings.directives['upgrade-insecure-requests'];\n\n/**\n * @category Utilities\n * @func server/getDefaultCspSettings\n * @global\n * @desc\n * ```js\n * import { server } from '@dr.pogodin/react-utils';\n * const { getDefaultCspSettings } from '@dr.pogodin/react-utils';\n * ```\n * @return {{\n * directives: object\n * }} A deep copy of default CSP settings object used by `react-utils`,\n * with the exception of `nonce-xxx` clause in `script-src` directive,\n * which is added dynamically for each request.\n */\nexport function getDefaultCspSettings(): {\n directives: Record<string, string[]>;\n} {\n return cloneDeep(defaultCspSettings);\n}\n\nexport type ServerT = Express & {\n logger: LoggerI;\n};\n\nexport type OptionsT = RendererOptionsT & {\n beforeExpressJsError?:\n (server: ServerT) => boolean | Promise<boolean>;\n\n beforeExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n cookieSignatureSecret?: string;\n cspSettingsHook?: (\n defaultOptions: CspOptionsT,\n req: Request,\n ) => CspOptionsT;\n csrfIgnoreRequest?: (req: Request) => boolean;\n devMode?: boolean;\n httpsRedirect?: boolean;\n onExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n};\n\nexport default async function factory(\n webpackConfig: Configuration,\n options: OptionsT,\n): Promise<ServerT> {\n const rendererOps: RendererOptionsT = pick(options, [\n 'Application',\n 'beforeRender',\n 'favicon',\n 'logger',\n 'maxSsrRounds',\n 'noCsp',\n 'ssrTimeout',\n 'staticCacheController',\n 'staticCacheSize',\n ]);\n const renderer = rendererFactory(webpackConfig, rendererOps);\n const { publicPath } = webpackConfig.output!;\n\n const server = express() as ServerT;\n\n if (options.beforeExpressJsSetup) {\n await options.beforeExpressJsSetup(server);\n }\n\n if (options.logger) server.logger = options.logger;\n\n if (options.httpsRedirect) {\n server.use((req, res, next) => {\n const schema = req.headers['x-forwarded-proto'];\n if (schema === 'http') {\n let url = `https://${req.headers.host}`;\n if (req.originalUrl !== '/') url += req.originalUrl;\n res.redirect(url);\n return;\n }\n next();\n });\n }\n\n server.use(compression());\n server.use(\n helmet({\n contentSecurityPolicy: false,\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n }),\n );\n\n if (!options.noCsp) {\n server.use(\n (req: Request, res: Response, next: NextFunction) => {\n const req2 = req as RequestT;\n\n req2.nonce = uuid();\n\n // TODO: This is deprecated, but it is kept for now for backward\n // compatibility. Should be removed sometime later.\n req2.cspNonce = req2.nonce;\n\n // The deep clone is necessary here to ensure that default value can't be\n // mutated during request processing.\n let cspSettings: CspOptionsT = cloneDeep(defaultCspSettings);\n (cspSettings.directives?.['script-src'] as string[]).push(`'nonce-${req2.nonce}'`);\n if (options.cspSettingsHook) {\n cspSettings = options.cspSettingsHook(cspSettings, req);\n }\n helmet.contentSecurityPolicy(cspSettings)(req, res, next);\n },\n );\n }\n\n if (options.favicon) {\n server.use(favicon(options.favicon));\n }\n\n server.use('/robots.txt', (req, res) => {\n res.send('User-agent: *\\nDisallow:');\n });\n\n server.use(express.json({ limit: '300kb' }));\n server.use(express.urlencoded({ extended: false }));\n server.use(cookieParser(options.cookieSignatureSecret));\n server.use(requestIp.mw());\n\n server.use(csrf({\n cookie: true,\n ignoreRequest: options.csrfIgnoreRequest,\n }));\n\n loggerMiddleware.token(\n 'ip',\n (req: Request & { clientIp: string }) => req.clientIp,\n );\n const FORMAT = ':ip > :status :method :url :response-time ms :res[content-length] :referrer :user-agent';\n server.use(loggerMiddleware(FORMAT, {\n stream: {\n // TODO: This implies the logger is always set. Is it on a higher level?\n // then mark it as always present.\n write: options.logger!.info.bind(options.logger),\n },\n }));\n\n // Note: no matter the \"public path\", we want the service worker, if any,\n // to be served from the root, to have all web app pages in its scope.\n // Thus, this setup to serve it. Probably, need some more configuration\n // for special cases, but this will do for now.\n server.get('/__service-worker.js', express.static(\n webpackConfig.output?.path ?? '',\n {\n setHeaders: (res) => res.set('Cache-Control', 'no-cache'),\n },\n ));\n\n /* Setup of Hot Module Reloading for development environment.\n * These dependencies are not used, nor installed for production use,\n * hence we should violate some import-related lint rules. */\n /* eslint-disable import/no-extraneous-dependencies */\n if (options.devMode) {\n // This is a workaround for SASS bug:\n // https://github.com/dart-lang/sdk/issues/27979\n // which manifests itself sometimes when webpack dev middleware is used\n // (in dev mode), and app modules are imported in some unfortunate ways.\n // TODO: Double-check, what is going on here.\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n if (!global.location) {\n global.location = {\n href: `${pathToFileURL(process.cwd()).href}${sep}`,\n } as Location;\n }\n\n const { default: webpack } = await import(/* webpackChunkName: \"server-side-code\" */ 'webpack');\n\n const { default: webpackDevMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-dev-middleware'\n );\n\n const { default: webpackHotMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-hot-middleware'\n );\n\n const compiler = webpack(webpackConfig);\n\n server.use(webpackDevMiddleware(compiler, {\n publicPath,\n serverSideRender: true,\n }));\n server.use(webpackHotMiddleware(compiler));\n }\n /* eslint-enable import/no-extraneous-dependencies */\n\n server.use(publicPath as string, express.static(webpackConfig.output!.path!));\n\n if (options.onExpressJsSetup) {\n await options.onExpressJsSetup(server);\n }\n server.use(renderer);\n\n /* Detects 404 errors, and forwards them to the error handler. */\n server.use((req, res, next) => {\n next(newError(ERRORS.NOT_FOUND, CODES.NOT_FOUND));\n });\n\n let dontAttachDefaultErrorHandler;\n if (options.beforeExpressJsError) {\n dontAttachDefaultErrorHandler = await options.beforeExpressJsError(server);\n }\n\n /* Error handler. */\n if (!dontAttachDefaultErrorHandler) {\n // TODO: Do we need this error handler at all? It actually seems to do\n // what the default ExpressJS error handler does anyway, see:\n // https://expressjs.com/en/guide/error-handling.html\n //\n // TODO: It is better to move the default error handler definition\n // to a stand-alone function at top-level, but the use of options.logger\n // prevents to do it without some extra refactoring. Should be done sometime\n // though.\n server.use((\n error: Error & {\n status?: number;\n },\n req: Request,\n res: Response,\n next: NextFunction,\n ) => {\n // TODO: This is needed to correctly handled any errors thrown after\n // sending initial response to the client.\n if (res.headersSent) {\n next(error);\n return;\n }\n\n const status = error.status ?? CODES.INTERNAL_SERVER_ERROR;\n const serverSide = status >= (CODES.INTERNAL_SERVER_ERROR as number);\n\n // Log server-side errors always, client-side at debug level only.\n options.logger!.log(serverSide ? 'error' : 'debug', error.toString());\n\n let message = error.message || getErrorForCode(status);\n if (serverSide && process.env.NODE_ENV === 'production') {\n message = ERRORS.INTERNAL_SERVER_ERROR;\n }\n\n res.status(status).send(message);\n });\n }\n\n return server;\n}\n"],"mappings":"wLAAA;AACA;AACA,GAEA,OAASA,GAAG,KAAQ,WAAW,CAC/B,OAASC,aAAa,KAAQ,UAAU,CAExC,OAASC,SAAS,CAAEC,SAAS,CAAEC,IAAI,KAAQ,WAAW,CAEtD,MAAO,CAAAC,WAAW,KAAM,aAAa,CACrC,MAAO,CAAAC,YAAY,KAAM,eAAe,CACxC,MAAO,CAAAC,IAAI,KAAM,mBAAmB,CAEpC,MAAO,CAAAC,OAAO,KAKP,SAAS,CAEhB,MAAO,CAAAC,OAAO,KAAM,eAAe,CACnC,MAAO,CAAAC,MAAM,KAA8B,QAAQ,CACnD,MAAO,CAAAC,gBAAgB,KAAM,QAAQ,CACrC,MAAO,CAAAC,SAAS,KAAM,YAAY,CAClC,OAASC,EAAE,GAAI,CAAAC,IAAI,KAAQ,MAAM,OAI1B,CAAAC,eAAe,4BAMpBC,KAAK,CACLC,MAAM,CACNC,eAAe,CACfC,QAAQ,yBAKV;AAMA;AACA;AACA;AACA,GACA,KAAM,CAAAC,kBAAkB,CAAG,CACzBC,UAAU,CAAElB,SAAS,CACnBO,MAAM,CAACY,qBAAqB,CAACC,oBAAoB,CAAC,CAAC,CAEnD;AACA;AACA;AACA;AACCC,KAAK,EAAMA,KAAK,CAAcC,MAAM,CAAEC,IAAY,EAAKA,IAAI,GAAK,QAAQ,CAC3E,CACF,CAAC,CACDN,kBAAkB,CAACC,UAAU,CAAC,WAAW,CAAC,CAAG,CAC3C,QAAQ,CAER;AACA;AACA,uBAAuB,CACxB,CAED,CACE,KAAM,CAAAA,UAAU,CAAGD,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC,CAC9D,GAAIA,UAAU,CAAEA,UAAU,CAACM,IAAI,CAAC,eAAe,CAAC,CAAC,IAC5C,CAAAP,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC,CAAG,CAAC,eAAe,CACrE,CAEA;AACA;AACA;AACA,MAAO,CAAAD,kBAAkB,CAACC,UAAU,CAAC,2BAA2B,CAAC,CAEjE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,GACA,MAAO,SAAS,CAAAO,qBAAqBA,CAAA,CAEnC,CACA,MAAO,CAAA1B,SAAS,CAACkB,kBAAkB,CACrC,CAsBA,cAAe,eAAe,CAAAS,OAAOA,CACnCC,aAA4B,CAC5BC,OAAiB,CACC,CAClB,KAAM,CAAAC,WAA6B,CAAG5B,IAAI,CAAC2B,OAAO,CAAE,CAClD,aAAa,CACb,cAAc,CACd,SAAS,CACT,QAAQ,CACR,cAAc,CACd,OAAO,CACP,YAAY,CACZ,uBAAuB,CACvB,iBAAiB,CAClB,CAAC,CACF,KAAM,CAAAE,QAAQ,CAAGlB,eAAe,CAACe,aAAa,CAAEE,WAAW,CAAC,CAC5D,KAAM,CAAEE,UAAW,CAAC,CAAGJ,aAAa,CAACK,MAAO,CAE5C,KAAM,CAAAC,MAAM,CAAG5B,OAAO,CAAC,CAAY,CAEnC,GAAIuB,OAAO,CAACM,oBAAoB,CAAE,CAChC,KAAM,CAAAN,OAAO,CAACM,oBAAoB,CAACD,MAAM,CAC3C,CAEA,GAAIL,OAAO,CAACO,MAAM,CAAEF,MAAM,CAACE,MAAM,CAAGP,OAAO,CAACO,MAAM,CAElD,GAAIP,OAAO,CAACQ,aAAa,CAAE,CACzBH,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,CAAEC,GAAG,CAAEC,IAAI,GAAK,CAC7B,KAAM,CAAAC,MAAM,CAAGH,GAAG,CAACI,OAAO,CAAC,mBAAmB,CAAC,CAC/C,GAAID,MAAM,GAAK,MAAM,CAAE,CACrB,GAAI,CAAAE,GAAG,CAAG,WAAWL,GAAG,CAACI,OAAO,CAACE,IAAI,EAAE,CACvC,GAAIN,GAAG,CAACO,WAAW,GAAK,GAAG,CAAEF,GAAG,EAAIL,GAAG,CAACO,WAAW,CACnDN,GAAG,CAACO,QAAQ,CAACH,GAAG,CAAC,CACjB,MACF,CACAH,IAAI,CAAC,CACP,CAAC,CACH,CAEAP,MAAM,CAACI,GAAG,CAACnC,WAAW,CAAC,CAAC,CAAC,CACzB+B,MAAM,CAACI,GAAG,CACR9B,MAAM,CAAC,CACLY,qBAAqB,CAAE,KAAK,CAC5B4B,yBAAyB,CAAE,KAAK,CAChCC,uBAAuB,CAAE,KAAK,CAC9BC,yBAAyB,CAAE,KAC7B,CAAC,CACH,CAAC,CAED,GAAI,CAACrB,OAAO,CAACsB,KAAK,CAAE,CAClBjB,MAAM,CAACI,GAAG,CACR,CAACC,GAAY,CAAEC,GAAa,CAAEC,IAAkB,GAAK,CACnD,KAAM,CAAAW,IAAI,CAAGb,GAAe,CAE5Ba,IAAI,CAACC,KAAK,CAAGzC,IAAI,CAAC,CAAC,CAEnB;AACA;AACAwC,IAAI,CAACE,QAAQ,CAAGF,IAAI,CAACC,KAAK,CAE1B;AACA;AACA,GAAI,CAAAE,WAAwB,CAAGvD,SAAS,CAACkB,kBAAkB,CAAC,CAC5D,CAACqC,WAAW,CAACpC,UAAU,GAAG,YAAY,CAAC,EAAcM,IAAI,CAAC,UAAU2B,IAAI,CAACC,KAAK,GAAG,CAAC,CAClF,GAAIxB,OAAO,CAAC2B,eAAe,CAAE,CAC3BD,WAAW,CAAG1B,OAAO,CAAC2B,eAAe,CAACD,WAAW,CAAEhB,GAAG,CACxD,CACA/B,MAAM,CAACY,qBAAqB,CAACmC,WAAW,CAAC,CAAChB,GAAG,CAAEC,GAAG,CAAEC,IAAI,CAC1D,CACF,CACF,CAEA,GAAIZ,OAAO,CAACtB,OAAO,CAAE,CACnB2B,MAAM,CAACI,GAAG,CAAC/B,OAAO,CAACsB,OAAO,CAACtB,OAAO,CAAC,CACrC,CAEA2B,MAAM,CAACI,GAAG,CAAC,aAAa,CAAE,CAACC,GAAG,CAAEC,GAAG,GAAK,CACtCA,GAAG,CAACiB,IAAI,CAAC,0BAA0B,CACrC,CAAC,CAAC,CAEFvB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACoD,IAAI,CAAC,CAAEC,KAAK,CAAE,OAAQ,CAAC,CAAC,CAAC,CAC5CzB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACsD,UAAU,CAAC,CAAEC,QAAQ,CAAE,KAAM,CAAC,CAAC,CAAC,CACnD3B,MAAM,CAACI,GAAG,CAAClC,YAAY,CAACyB,OAAO,CAACiC,qBAAqB,CAAC,CAAC,CACvD5B,MAAM,CAACI,GAAG,CAAC5B,SAAS,CAACqD,EAAE,CAAC,CAAC,CAAC,CAE1B7B,MAAM,CAACI,GAAG,CAACjC,IAAI,CAAC,CACd2D,MAAM,CAAE,IAAI,CACZC,aAAa,CAAEpC,OAAO,CAACqC,iBACzB,CAAC,CAAC,CAAC,CAEHzD,gBAAgB,CAAC0D,KAAK,CACpB,IAAI,CACH5B,GAAmC,EAAKA,GAAG,CAAC6B,QAC/C,CAAC,CACD,KAAM,CAAAC,MAAM,CAAG,yFAAyF,CACxGnC,MAAM,CAACI,GAAG,CAAC7B,gBAAgB,CAAC4D,MAAM,CAAE,CAClCC,MAAM,CAAE,CACN;AACA;AACAC,KAAK,CAAE1C,OAAO,CAACO,MAAM,CAAEoC,IAAI,CAACC,IAAI,CAAC5C,OAAO,CAACO,MAAM,CACjD,CACF,CAAC,CAAC,CAAC,CAEH;AACA;AACA;AACA;AACAF,MAAM,CAACwC,GAAG,CAAC,sBAAsB,CAAEpE,OAAO,CAACqE,MAAM,CAC/C/C,aAAa,CAACK,MAAM,EAAE2C,IAAI,EAAI,EAAE,CAChC,CACEC,UAAU,CAAGrC,GAAG,EAAKA,GAAG,CAACsC,GAAG,CAAC,eAAe,CAAE,UAAU,CAC1D,CACF,CAAC,CAAC,CAEF;AACF;AACA,+DACE,sDACA,GAAIjD,OAAO,CAACkD,OAAO,CAAE,CACnB;AACA;AACA;AACA;AACA;AACA;AACA,GAAI,CAACC,MAAM,CAACC,QAAQ,CAAE,CACpBD,MAAM,CAACC,QAAQ,CAAG,CAChBC,IAAI,CAAE,GAAGnF,aAAa,CAACoF,OAAO,CAACC,GAAG,CAAC,CAAC,CAAC,CAACF,IAAI,GAAGpF,GAAG,EAClD,CACF,CAEA,KAAM,CAAEuF,OAAO,CAAEC,OAAQ,CAAC,CAAG,KAAM,OAAM,CAAC,0CAA2C,SAAS,CAAC,CAE/F,KAAM,CAAED,OAAO,CAAEE,oBAAqB,CAAC,CAAG,KAAM,OAAM,CACpD,0CAA2C,wBAC7C,CAAC,CAED,KAAM,CAAEF,OAAO,CAAEG,oBAAqB,CAAC,CAAG,KAAM,OAAM,CACpD,0CAA2C,wBAC7C,CAAC,CAED,KAAM,CAAAC,QAAQ,CAAGH,OAAO,CAAC1D,aAAa,CAAC,CAEvCM,MAAM,CAACI,GAAG,CAACiD,oBAAoB,CAACE,QAAQ,CAAE,CACxCzD,UAAU,CACV0D,gBAAgB,CAAE,IACpB,CAAC,CAAC,CAAC,CACHxD,MAAM,CAACI,GAAG,CAACkD,oBAAoB,CAACC,QAAQ,CAAC,CAC3C,CACA,qDAEAvD,MAAM,CAACI,GAAG,CAACN,UAAU,CAAY1B,OAAO,CAACqE,MAAM,CAAC/C,aAAa,CAACK,MAAM,CAAE2C,IAAK,CAAC,CAAC,CAE7E,GAAI/C,OAAO,CAAC8D,gBAAgB,CAAE,CAC5B,KAAM,CAAA9D,OAAO,CAAC8D,gBAAgB,CAACzD,MAAM,CACvC,CACAA,MAAM,CAACI,GAAG,CAACP,QAAQ,CAAC,CAEpB,iEACAG,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,CAAEC,GAAG,CAAEC,IAAI,GAAK,CAC7BA,IAAI,CAACxB,QAAQ,CAACF,MAAM,CAAC6E,SAAS,CAAE9E,KAAK,CAAC8E,SAAS,CAAC,CAClD,CAAC,CAAC,CAEF,GAAI,CAAAC,6BAA6B,CACjC,GAAIhE,OAAO,CAACiE,oBAAoB,CAAE,CAChCD,6BAA6B,CAAG,KAAM,CAAAhE,OAAO,CAACiE,oBAAoB,CAAC5D,MAAM,CAC3E,CAEA,oBACA,GAAI,CAAC2D,6BAA6B,CAAE,CAClC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA3D,MAAM,CAACI,GAAG,CAAC,CACTyD,KAEC,CACDxD,GAAY,CACZC,GAAa,CACbC,IAAkB,GACf,CACH;AACA;AACA,GAAID,GAAG,CAACwD,WAAW,CAAE,CACnBvD,IAAI,CAACsD,KAAK,CAAC,CACX,MACF,CAEA,KAAM,CAAAE,MAAM,CAAGF,KAAK,CAACE,MAAM,EAAInF,KAAK,CAACoF,qBAAqB,CAC1D,KAAM,CAAAC,UAAU,CAAGF,MAAM,EAAKnF,KAAK,CAACoF,qBAAgC,CAEpE;AACArE,OAAO,CAACO,MAAM,CAAEgE,GAAG,CAACD,UAAU,CAAG,OAAO,CAAG,OAAO,CAAEJ,KAAK,CAACM,QAAQ,CAAC,CAAC,CAAC,CAErE,GAAI,CAAAC,OAAO,CAAGP,KAAK,CAACO,OAAO,EAAItF,eAAe,CAACiF,MAAM,CAAC,CACtD,GAAIE,UAAU,EAAIhB,OAAO,CAACoB,GAAG,CAACC,QAAQ,GAAK,YAAY,CAAE,CACvDF,OAAO,CAAGvF,MAAM,CAACmF,qBACnB,CAEA1D,GAAG,CAACyD,MAAM,CAACA,MAAM,CAAC,CAACxC,IAAI,CAAC6C,OAAO,CACjC,CAAC,CACH,CAEA,MAAO,CAAApE,MACT","ignoreList":[]}
package/build/production/shared/components/Input/index.js CHANGED
@@ -5,7 +5,7 @@ import{useRef,useState}from"react";import{useTheme}from"@dr.pogodin/react-themes
5
5
  * @param [props...] [Other theming properties](https://www.npmjs.com/package/@dr.pogodin/react-themes#themed-component-properties)
6
6
  * @param [props...] Any other properties are passed to the underlying
7
7
  * `<input>` element.
8
- */const Input=({children,error,label,ref,testId,theme,...rest})=>{const composed=useTheme("Input",defaultTheme,theme);// NOTE: As of now, it is only updated when "theme.focused" is defined,
8
+ */const Input=({children,composeAdhocTheme,error,label,ref,testId,theme,...rest})=>{const composed=useTheme("Input",defaultTheme,theme,{composeAdhocTheme});// NOTE: As of now, it is only updated when "theme.focused" is defined,
9
9
  // as otherwise its value is not used.
10
10
  const[focused,setFocused]=useState(false);const localRef=useRef(null);let containerClassName=composed.container;// NOTE: As of now, "focused" can be true only when "theme.focused"
11
11
  // is provided.
package/build/production/shared/components/Input/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","names":["useRef","useState","useTheme","defaultTheme","jsx","_jsx","jsxs","_jsxs","Input","children","error","label","ref","testId","theme","rest","composed","focused","setFocused","localRef","containerClassName","container","value","empty","className","onFocus","current","focus","undefined","input","process","env","NODE_ENV","onBlur","e","errorMessage"],"sources":["../../../../../src/shared/components/Input/index.tsx"],"sourcesContent":["import {\n type FunctionComponent,\n type ReactNode,\n type Ref,\n useRef,\n useState,\n} from 'react';\n\nimport { type Theme, useTheme } from '@dr.pogodin/react-themes';\n\nimport defaultTheme from './theme.scss';\n\ntype ThemeKeyT = 'children' | 'container' | 'empty' | 'error' | 'errorMessage'\n | 'focused' | 'input' | 'label';\n\ntype PropsT = React.InputHTMLAttributes<HTMLInputElement> & {\n children?: ReactNode;\n error?: ReactNode;\n label?: React.ReactNode;\n ref?: Ref<HTMLInputElement>;\n testId?: string;\n theme?: Theme<ThemeKeyT>;\n};\n\n/**\n * Themeable input field, based on the standard HTML `<input>` element.\n * @param [props.label] Input label.\n * @param [props.theme] _Ad hoc_ theme.\n * @param [props...] [Other theming properties](https://www.npmjs.com/package/@dr.pogodin/react-themes#themed-component-properties)\n * @param [props...] Any other properties are passed to the underlying\n * `<input>` element.\n */\nconst Input: FunctionComponent<PropsT> = ({\n children,\n error,\n label,\n ref,\n testId,\n theme,\n ...rest\n}) => {\n const composed = useTheme('Input', defaultTheme, theme);\n\n // NOTE: As of now, it is only updated when \"theme.focused\" is defined,\n // as otherwise its value is not used.\n const [focused, setFocused] = useState(false);\n\n const localRef = useRef<HTMLInputElement>(null);\n\n let containerClassName = composed.container;\n\n // NOTE: As of now, \"focused\" can be true only when \"theme.focused\"\n // is provided.\n if (focused /* && theme.focused */) containerClassName += ` ${composed.focused}`;\n\n if (!rest.value && composed.empty) containerClassName += ` ${composed.empty}`;\n\n if (error) containerClassName += ` ${composed.error}`;\n\n return (\n <div\n className={containerClassName}\n onFocus={() => {\n // TODO: It does not really work if a callback-style `ref` is passed in,\n // we need a more complex logic to cover that case, but for now this serves\n // the case we need it for.\n if (typeof ref === 'object') ref?.current?.focus();\n else localRef.current?.focus();\n }}\n >\n {label === undefined\n ? null : <div className={composed.label}>{label}</div>}\n <input\n className={composed.input}\n data-testid={process.env.NODE_ENV === 'production' ? undefined : testId}\n ref={ref ?? localRef}\n\n // TODO: Avoid the spreading later.\n // eslint-disable-next-line react/jsx-props-no-spreading\n {...rest}\n\n onBlur={composed.focused ? (e) => {\n setFocused(false);\n rest.onBlur?.(e);\n } : rest.onBlur}\n onFocus={composed.focused ? (e) => {\n setFocused(true);\n rest.onFocus?.(e);\n } : rest.onFocus}\n />\n {error && error !== true\n ? <div className={composed.errorMessage}>{error}</div>\n : null}\n {children ? <div className={composed.children}>{children}</div> : null}\n </div>\n );\n};\n\nexport default Input;\n"],"mappings":"AAAA,OAIEA,MAAM,CACNC,QAAQ,KACH,OAAO,CAEd,OAAqBC,QAAQ,KAAQ,0BAA0B,OAAAC,YAAA,wKAEvB,OAAAC,GAAA,IAAAC,IAAA,CAAAC,IAAA,IAAAC,KAAA,yBAcxC;AACA;AACA;AACA;AACA;AACA;AACA;AACA,GACA,KAAM,CAAAC,KAAgC,CAAGA,CAAC,CACxCC,QAAQ,CACRC,KAAK,CACLC,KAAK,CACLC,GAAG,CACHC,MAAM,CACNC,KAAK,CACL,GAAGC,IACL,CAAC,GAAK,CACJ,KAAM,CAAAC,QAAQ,CAAGd,QAAQ,CAAC,OAAO,CAAEC,YAAY,CAAEW,KAAK,CAAC,CAEvD;AACA;AACA,KAAM,CAACG,OAAO,CAAEC,UAAU,CAAC,CAAGjB,QAAQ,CAAC,KAAK,CAAC,CAE7C,KAAM,CAAAkB,QAAQ,CAAGnB,MAAM,CAAmB,IAAI,CAAC,CAE/C,GAAI,CAAAoB,kBAAkB,CAAGJ,QAAQ,CAACK,SAAS,CAE3C;AACA;AACA,GAAIJ,OAAQ,uBAAwBG,kBAAkB,EAAI,IAAIJ,QAAQ,CAACC,OAAO,EAAE,CAEhF,GAAI,CAACF,IAAI,CAACO,KAAK,EAAIN,QAAQ,CAACO,KAAK,CAAEH,kBAAkB,EAAI,IAAIJ,QAAQ,CAACO,KAAK,EAAE,CAE7E,GAAIb,KAAK,CAAEU,kBAAkB,EAAI,IAAIJ,QAAQ,CAACN,KAAK,EAAE,CAErD,mBACEH,KAAA,QACEiB,SAAS,CAAEJ,kBAAmB,CAC9BK,OAAO,CAAEA,CAAA,GAAM,CACb;AACA;AACA;AACA,GAAI,MAAO,CAAAb,GAAG,GAAK,QAAQ,CAAEA,GAAG,EAAEc,OAAO,EAAEC,KAAK,CAAC,CAAC,CAAC,IAC9C,CAAAR,QAAQ,CAACO,OAAO,EAAEC,KAAK,CAAC,CAC/B,CAAE,CAAAlB,QAAA,EAEDE,KAAK,GAAKiB,SAAS,CAChB,IAAI,cAAGvB,IAAA,QAAKmB,SAAS,CAAER,QAAQ,CAACL,KAAM,CAAAF,QAAA,CAAEE,KAAK,CAAM,CAAC,cACxDN,IAAA,UACEmB,SAAS,CAAER,QAAQ,CAACa,KAAM,CAC1B,cAAaC,OAAO,CAACC,GAAG,CAACC,QAAQ,GAAK,YAAY,CAAGJ,SAAS,CAAGf,MAAO,CACxED,GAAG,CAAEA,GAAG,EAAIO,QAEZ;AACA;AAAA,IACIJ,IAAI,CAERkB,MAAM,CAAEjB,QAAQ,CAACC,OAAO,CAAIiB,CAAC,EAAK,CAChChB,UAAU,CAAC,KAAK,CAAC,CACjBH,IAAI,CAACkB,MAAM,GAAGC,CAAC,CACjB,CAAC,CAAGnB,IAAI,CAACkB,MAAO,CAChBR,OAAO,CAAET,QAAQ,CAACC,OAAO,CAAIiB,CAAC,EAAK,CACjChB,UAAU,CAAC,IAAI,CAAC,CAChBH,IAAI,CAACU,OAAO,GAAGS,CAAC,CAClB,CAAC,CAAGnB,IAAI,CAACU,OAAQ,CAClB,CAAC,CACDf,KAAK,EAAIA,KAAK,GAAK,IAAI,cACpBL,IAAA,QAAKmB,SAAS,CAAER,QAAQ,CAACmB,YAAa,CAAA1B,QAAA,CAAEC,KAAK,CAAM,CAAC,CACpD,IAAI,CACPD,QAAQ,cAAGJ,IAAA,QAAKmB,SAAS,CAAER,QAAQ,CAACP,QAAS,CAAAA,QAAA,CAAEA,QAAQ,CAAM,CAAC,CAAG,IAAI,EACnE,CAET,CAAC,CAED,cAAe,CAAAD,KAAK","ignoreList":[]}
1
+ {"version":3,"file":"index.js","names":["useRef","useState","useTheme","defaultTheme","jsx","_jsx","jsxs","_jsxs","Input","children","composeAdhocTheme","error","label","ref","testId","theme","rest","composed","focused","setFocused","localRef","containerClassName","container","value","empty","className","onFocus","current","focus","undefined","input","process","env","NODE_ENV","onBlur","e","errorMessage"],"sources":["../../../../../src/shared/components/Input/index.tsx"],"sourcesContent":["import {\n type FunctionComponent,\n type ReactNode,\n type Ref,\n useRef,\n useState,\n} from 'react';\n\nimport { type COMPOSE, type Theme, useTheme } from '@dr.pogodin/react-themes';\n\nimport defaultTheme from './theme.scss';\n\ntype ThemeKeyT = 'children' | 'container' | 'empty' | 'error' | 'errorMessage'\n | 'focused' | 'input' | 'label';\n\ntype PropsT = React.InputHTMLAttributes<HTMLInputElement> & {\n children?: ReactNode;\n composeAdhocTheme?: COMPOSE;\n error?: ReactNode;\n label?: React.ReactNode;\n ref?: Ref<HTMLInputElement>;\n testId?: string;\n theme?: Theme<ThemeKeyT>;\n};\n\n/**\n * Themeable input field, based on the standard HTML `<input>` element.\n * @param [props.label] Input label.\n * @param [props.theme] _Ad hoc_ theme.\n * @param [props...] [Other theming properties](https://www.npmjs.com/package/@dr.pogodin/react-themes#themed-component-properties)\n * @param [props...] Any other properties are passed to the underlying\n * `<input>` element.\n */\nconst Input: FunctionComponent<PropsT> = ({\n children,\n composeAdhocTheme,\n error,\n label,\n ref,\n testId,\n theme,\n ...rest\n}) => {\n const composed = useTheme('Input', defaultTheme, theme, {\n composeAdhocTheme,\n });\n\n // NOTE: As of now, it is only updated when \"theme.focused\" is defined,\n // as otherwise its value is not used.\n const [focused, setFocused] = useState(false);\n\n const localRef = useRef<HTMLInputElement>(null);\n\n let containerClassName = composed.container;\n\n // NOTE: As of now, \"focused\" can be true only when \"theme.focused\"\n // is provided.\n if (focused /* && theme.focused */) containerClassName += ` ${composed.focused}`;\n\n if (!rest.value && composed.empty) containerClassName += ` ${composed.empty}`;\n\n if (error) containerClassName += ` ${composed.error}`;\n\n return (\n <div\n className={containerClassName}\n onFocus={() => {\n // TODO: It does not really work if a callback-style `ref` is passed in,\n // we need a more complex logic to cover that case, but for now this serves\n // the case we need it for.\n if (typeof ref === 'object') ref?.current?.focus();\n else localRef.current?.focus();\n }}\n >\n {label === undefined\n ? null : <div className={composed.label}>{label}</div>}\n <input\n className={composed.input}\n data-testid={process.env.NODE_ENV === 'production' ? undefined : testId}\n ref={ref ?? localRef}\n\n // TODO: Avoid the spreading later.\n // eslint-disable-next-line react/jsx-props-no-spreading\n {...rest}\n\n onBlur={composed.focused ? (e) => {\n setFocused(false);\n rest.onBlur?.(e);\n } : rest.onBlur}\n onFocus={composed.focused ? (e) => {\n setFocused(true);\n rest.onFocus?.(e);\n } : rest.onFocus}\n />\n {error && error !== true\n ? <div className={composed.errorMessage}>{error}</div>\n : null}\n {children ? <div className={composed.children}>{children}</div> : null}\n </div>\n );\n};\n\nexport default Input;\n"],"mappings":"AAAA,OAIEA,MAAM,CACNC,QAAQ,KACH,OAAO,CAEd,OAAmCC,QAAQ,KAAQ,0BAA0B,OAAAC,YAAA,wKAErC,OAAAC,GAAA,IAAAC,IAAA,CAAAC,IAAA,IAAAC,KAAA,yBAexC;AACA;AACA;AACA;AACA;AACA;AACA;AACA,GACA,KAAM,CAAAC,KAAgC,CAAGA,CAAC,CACxCC,QAAQ,CACRC,iBAAiB,CACjBC,KAAK,CACLC,KAAK,CACLC,GAAG,CACHC,MAAM,CACNC,KAAK,CACL,GAAGC,IACL,CAAC,GAAK,CACJ,KAAM,CAAAC,QAAQ,CAAGf,QAAQ,CAAC,OAAO,CAAEC,YAAY,CAAEY,KAAK,CAAE,CACtDL,iBACF,CAAC,CAAC,CAEF;AACA;AACA,KAAM,CAACQ,OAAO,CAAEC,UAAU,CAAC,CAAGlB,QAAQ,CAAC,KAAK,CAAC,CAE7C,KAAM,CAAAmB,QAAQ,CAAGpB,MAAM,CAAmB,IAAI,CAAC,CAE/C,GAAI,CAAAqB,kBAAkB,CAAGJ,QAAQ,CAACK,SAAS,CAE3C;AACA;AACA,GAAIJ,OAAQ,uBAAwBG,kBAAkB,EAAI,IAAIJ,QAAQ,CAACC,OAAO,EAAE,CAEhF,GAAI,CAACF,IAAI,CAACO,KAAK,EAAIN,QAAQ,CAACO,KAAK,CAAEH,kBAAkB,EAAI,IAAIJ,QAAQ,CAACO,KAAK,EAAE,CAE7E,GAAIb,KAAK,CAAEU,kBAAkB,EAAI,IAAIJ,QAAQ,CAACN,KAAK,EAAE,CAErD,mBACEJ,KAAA,QACEkB,SAAS,CAAEJ,kBAAmB,CAC9BK,OAAO,CAAEA,CAAA,GAAM,CACb;AACA;AACA;AACA,GAAI,MAAO,CAAAb,GAAG,GAAK,QAAQ,CAAEA,GAAG,EAAEc,OAAO,EAAEC,KAAK,CAAC,CAAC,CAAC,IAC9C,CAAAR,QAAQ,CAACO,OAAO,EAAEC,KAAK,CAAC,CAC/B,CAAE,CAAAnB,QAAA,EAEDG,KAAK,GAAKiB,SAAS,CAChB,IAAI,cAAGxB,IAAA,QAAKoB,SAAS,CAAER,QAAQ,CAACL,KAAM,CAAAH,QAAA,CAAEG,KAAK,CAAM,CAAC,cACxDP,IAAA,UACEoB,SAAS,CAAER,QAAQ,CAACa,KAAM,CAC1B,cAAaC,OAAO,CAACC,GAAG,CAACC,QAAQ,GAAK,YAAY,CAAGJ,SAAS,CAAGf,MAAO,CACxED,GAAG,CAAEA,GAAG,EAAIO,QAEZ;AACA;AAAA,IACIJ,IAAI,CAERkB,MAAM,CAAEjB,QAAQ,CAACC,OAAO,CAAIiB,CAAC,EAAK,CAChChB,UAAU,CAAC,KAAK,CAAC,CACjBH,IAAI,CAACkB,MAAM,GAAGC,CAAC,CACjB,CAAC,CAAGnB,IAAI,CAACkB,MAAO,CAChBR,OAAO,CAAET,QAAQ,CAACC,OAAO,CAAIiB,CAAC,EAAK,CACjChB,UAAU,CAAC,IAAI,CAAC,CAChBH,IAAI,CAACU,OAAO,GAAGS,CAAC,CAClB,CAAC,CAAGnB,IAAI,CAACU,OAAQ,CAClB,CAAC,CACDf,KAAK,EAAIA,KAAK,GAAK,IAAI,cACpBN,IAAA,QAAKoB,SAAS,CAAER,QAAQ,CAACmB,YAAa,CAAA3B,QAAA,CAAEE,KAAK,CAAM,CAAC,CACpD,IAAI,CACPF,QAAQ,cAAGJ,IAAA,QAAKoB,SAAS,CAAER,QAAQ,CAACR,QAAS,CAAAA,QAAA,CAAEA,QAAQ,CAAM,CAAC,CAAG,IAAI,EACnE,CAET,CAAC,CAED,cAAe,CAAAD,KAAK","ignoreList":[]}
package/build/types-code/server/server.d.ts CHANGED
@@ -32,6 +32,7 @@ export type OptionsT = RendererOptionsT & {
32
32
  beforeExpressJsSetup?: (server: ServerT) => Promise<void> | void;
33
33
  cookieSignatureSecret?: string;
34
34
  cspSettingsHook?: (defaultOptions: CspOptionsT, req: Request) => CspOptionsT;
35
+ csrfIgnoreRequest?: (req: Request) => boolean;
35
36
  devMode?: boolean;
36
37
  httpsRedirect?: boolean;
37
38
  onExpressJsSetup?: (server: ServerT) => Promise<void> | void;
package/build/types-code/shared/components/Input/index.d.ts CHANGED
@@ -1,8 +1,9 @@
1
1
  import { type FunctionComponent, type ReactNode, type Ref } from 'react';
2
- import { type Theme } from '@dr.pogodin/react-themes';
2
+ import { type COMPOSE, type Theme } from '@dr.pogodin/react-themes';
3
3
  type ThemeKeyT = 'children' | 'container' | 'empty' | 'error' | 'errorMessage' | 'focused' | 'input' | 'label';
4
4
  type PropsT = React.InputHTMLAttributes<HTMLInputElement> & {
5
5
  children?: ReactNode;
6
+ composeAdhocTheme?: COMPOSE;
6
7
  error?: ReactNode;
7
8
  label?: React.ReactNode;
8
9
  ref?: Ref<HTMLInputElement>;
package/build/web/server/server.js CHANGED
@@ -130,7 +130,8 @@ export default async function factory(webpackConfig, options) {
130
130
  server.use(cookieParser(options.cookieSignatureSecret));
131
131
  server.use(requestIp.mw());
132
132
  server.use(csrf({
133
- cookie: true
133
+ cookie: true,
134
+ ignoreRequest: options.csrfIgnoreRequest
134
135
  }));
135
136
  loggerMiddleware.token('ip', req => req.clientIp);
136
137
  const FORMAT = ':ip > :status :method :url :response-time ms :res[content-length] :referrer :user-agent';
package/build/web/server/server.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"server.js","names":["sep","pathToFileURL","cloneDeep","mapValues","pick","compression","cookieParser","csrf","express","favicon","helmet","loggerMiddleware","requestIp","v4","uuid","rendererFactory","CODES","ERRORS","getErrorForCode","newError","defaultCspSettings","directives","contentSecurityPolicy","getDefaultDirectives","array","filter","item","push","getDefaultCspSettings","factory","webpackConfig","options","rendererOps","renderer","publicPath","output","server","beforeExpressJsSetup","logger","httpsRedirect","use","req","res","next","schema","headers","url","host","originalUrl","redirect","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","noCsp","req2","nonce","cspNonce","cspSettings","cspSettingsHook","send","json","limit","urlencoded","extended","cookieSignatureSecret","mw","cookie","token","clientIp","FORMAT","stream","write","info","bind","get","static","path","setHeaders","set","devMode","global","location","href","process","cwd","default","webpack","webpackDevMiddleware","webpackHotMiddleware","compiler","serverSideRender","onExpressJsSetup","NOT_FOUND","dontAttachDefaultErrorHandler","beforeExpressJsError","error","headersSent","status","INTERNAL_SERVER_ERROR","serverSide","log","toString","message","env","NODE_ENV"],"sources":["../../../src/server/server.ts"],"sourcesContent":["/**\n * Creation of standard ExpressJS server for ReactJS apps.\n */\n\nimport { sep } from 'node:path';\nimport { pathToFileURL } from 'node:url';\n\nimport { cloneDeep, mapValues, pick } from 'lodash-es';\n\nimport compression from 'compression';\nimport cookieParser from 'cookie-parser';\nimport csrf from '@dr.pogodin/csurf';\n\nimport express, {\n type Express,\n type NextFunction,\n type Request,\n type Response,\n} from 'express';\n\nimport favicon from 'serve-favicon';\nimport helmet, { type HelmetOptions } from 'helmet';\nimport loggerMiddleware from 'morgan';\nimport requestIp from 'request-ip';\nimport { v4 as uuid } from 'uuid';\n\nimport type { Configuration } from 'webpack';\n\nimport rendererFactory, {\n type LoggerI,\n type OptionsT as RendererOptionsT,\n} from './renderer';\n\nimport {\n CODES,\n ERRORS,\n getErrorForCode,\n newError,\n} from './utils/errors';\n\nexport type CspOptionsT = Exclude<HelmetOptions['contentSecurityPolicy'], boolean | undefined>;\n\n// eslint-disable-next-line @typescript-eslint/consistent-type-definitions\ninterface RequestT extends Request {\n cspNonce: string;\n nonce: string;\n}\n\n/**\n * Default Content Security Policy settings.\n * @ignore\n */\nconst defaultCspSettings = {\n directives: mapValues(\n helmet.contentSecurityPolicy.getDefaultDirectives(),\n\n // 'https:' options (automatic re-write of insecure URLs to secure ones)\n // is removed to facilitate local development with HTTP server. In cloud\n // deployments we assume Apache or Nginx server in front of out app takes\n // care about such re-writes.\n (array) => (array as string[]).filter((item: string) => item !== 'https:'),\n ),\n};\ndefaultCspSettings.directives['frame-src'] = [\n \"'self'\",\n\n // YouTube domain is whitelisted to allow <YouTubeVideo> component to work\n // out of box.\n 'https://*.youtube.com',\n];\n\n{\n const directives = defaultCspSettings.directives['script-src'];\n if (directives) directives.push(\"'unsafe-eval'\");\n else defaultCspSettings.directives['script-src'] = [\"'unsafe-eval'\"];\n}\n\n// No need for automatic re-writes via Content Security Policy settings:\n// the forefront Apache or Nginx server is supposed to take care of this\n// in production cloud deployments.\ndelete defaultCspSettings.directives['upgrade-insecure-requests'];\n\n/**\n * @category Utilities\n * @func server/getDefaultCspSettings\n * @global\n * @desc\n * ```js\n * import { server } from '@dr.pogodin/react-utils';\n * const { getDefaultCspSettings } from '@dr.pogodin/react-utils';\n * ```\n * @return {{\n * directives: object\n * }} A deep copy of default CSP settings object used by `react-utils`,\n * with the exception of `nonce-xxx` clause in `script-src` directive,\n * which is added dynamically for each request.\n */\nexport function getDefaultCspSettings(): {\n directives: Record<string, string[]>;\n} {\n return cloneDeep(defaultCspSettings);\n}\n\nexport type ServerT = Express & {\n logger: LoggerI;\n};\n\nexport type OptionsT = RendererOptionsT & {\n beforeExpressJsError?:\n (server: ServerT) => boolean | Promise<boolean>;\n\n beforeExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n cookieSignatureSecret?: string;\n cspSettingsHook?: (\n defaultOptions: CspOptionsT,\n req: Request,\n ) => CspOptionsT;\n devMode?: boolean;\n httpsRedirect?: boolean;\n onExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n};\n\nexport default async function factory(\n webpackConfig: Configuration,\n options: OptionsT,\n): Promise<ServerT> {\n const rendererOps: RendererOptionsT = pick(options, [\n 'Application',\n 'beforeRender',\n 'favicon',\n 'logger',\n 'maxSsrRounds',\n 'noCsp',\n 'ssrTimeout',\n 'staticCacheController',\n 'staticCacheSize',\n ]);\n const renderer = rendererFactory(webpackConfig, rendererOps);\n const { publicPath } = webpackConfig.output!;\n\n const server = express() as ServerT;\n\n if (options.beforeExpressJsSetup) {\n await options.beforeExpressJsSetup(server);\n }\n\n if (options.logger) server.logger = options.logger;\n\n if (options.httpsRedirect) {\n server.use((req, res, next) => {\n const schema = req.headers['x-forwarded-proto'];\n if (schema === 'http') {\n let url = `https://${req.headers.host}`;\n if (req.originalUrl !== '/') url += req.originalUrl;\n res.redirect(url);\n return;\n }\n next();\n });\n }\n\n server.use(compression());\n server.use(\n helmet({\n contentSecurityPolicy: false,\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n }),\n );\n\n if (!options.noCsp) {\n server.use(\n (req: Request, res: Response, next: NextFunction) => {\n const req2 = req as RequestT;\n\n req2.nonce = uuid();\n\n // TODO: This is deprecated, but it is kept for now for backward\n // compatibility. Should be removed sometime later.\n req2.cspNonce = req2.nonce;\n\n // The deep clone is necessary here to ensure that default value can't be\n // mutated during request processing.\n let cspSettings: CspOptionsT = cloneDeep(defaultCspSettings);\n (cspSettings.directives?.['script-src'] as string[]).push(`'nonce-${req2.nonce}'`);\n if (options.cspSettingsHook) {\n cspSettings = options.cspSettingsHook(cspSettings, req);\n }\n helmet.contentSecurityPolicy(cspSettings)(req, res, next);\n },\n );\n }\n\n if (options.favicon) {\n server.use(favicon(options.favicon));\n }\n\n server.use('/robots.txt', (req, res) => {\n res.send('User-agent: *\\nDisallow:');\n });\n\n server.use(express.json({ limit: '300kb' }));\n server.use(express.urlencoded({ extended: false }));\n server.use(cookieParser(options.cookieSignatureSecret));\n server.use(requestIp.mw());\n\n server.use(csrf({ cookie: true }));\n\n loggerMiddleware.token(\n 'ip',\n (req: Request & { clientIp: string }) => req.clientIp,\n );\n const FORMAT = ':ip > :status :method :url :response-time ms :res[content-length] :referrer :user-agent';\n server.use(loggerMiddleware(FORMAT, {\n stream: {\n // TODO: This implies the logger is always set. Is it on a higher level?\n // then mark it as always present.\n write: options.logger!.info.bind(options.logger),\n },\n }));\n\n // Note: no matter the \"public path\", we want the service worker, if any,\n // to be served from the root, to have all web app pages in its scope.\n // Thus, this setup to serve it. Probably, need some more configuration\n // for special cases, but this will do for now.\n server.get('/__service-worker.js', express.static(\n webpackConfig.output?.path ?? '',\n {\n setHeaders: (res) => res.set('Cache-Control', 'no-cache'),\n },\n ));\n\n /* Setup of Hot Module Reloading for development environment.\n * These dependencies are not used, nor installed for production use,\n * hence we should violate some import-related lint rules. */\n /* eslint-disable import/no-extraneous-dependencies */\n if (options.devMode) {\n // This is a workaround for SASS bug:\n // https://github.com/dart-lang/sdk/issues/27979\n // which manifests itself sometimes when webpack dev middleware is used\n // (in dev mode), and app modules are imported in some unfortunate ways.\n // TODO: Double-check, what is going on here.\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n if (!global.location) {\n global.location = {\n href: `${pathToFileURL(process.cwd()).href}${sep}`,\n } as Location;\n }\n\n const { default: webpack } = await import(/* webpackChunkName: \"server-side-code\" */ 'webpack');\n\n const { default: webpackDevMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-dev-middleware'\n );\n\n const { default: webpackHotMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-hot-middleware'\n );\n\n const compiler = webpack(webpackConfig);\n\n server.use(webpackDevMiddleware(compiler, {\n publicPath,\n serverSideRender: true,\n }));\n server.use(webpackHotMiddleware(compiler));\n }\n /* eslint-enable import/no-extraneous-dependencies */\n\n server.use(publicPath as string, express.static(webpackConfig.output!.path!));\n\n if (options.onExpressJsSetup) {\n await options.onExpressJsSetup(server);\n }\n server.use(renderer);\n\n /* Detects 404 errors, and forwards them to the error handler. */\n server.use((req, res, next) => {\n next(newError(ERRORS.NOT_FOUND, CODES.NOT_FOUND));\n });\n\n let dontAttachDefaultErrorHandler;\n if (options.beforeExpressJsError) {\n dontAttachDefaultErrorHandler = await options.beforeExpressJsError(server);\n }\n\n /* Error handler. */\n if (!dontAttachDefaultErrorHandler) {\n // TODO: Do we need this error handler at all? It actually seems to do\n // what the default ExpressJS error handler does anyway, see:\n // https://expressjs.com/en/guide/error-handling.html\n //\n // TODO: It is better to move the default error handler definition\n // to a stand-alone function at top-level, but the use of options.logger\n // prevents to do it without some extra refactoring. Should be done sometime\n // though.\n server.use((\n error: Error & {\n status?: number;\n },\n req: Request,\n res: Response,\n next: NextFunction,\n ) => {\n // TODO: This is needed to correctly handled any errors thrown after\n // sending initial response to the client.\n if (res.headersSent) {\n next(error);\n return;\n }\n\n const status = error.status ?? CODES.INTERNAL_SERVER_ERROR;\n const serverSide = status >= (CODES.INTERNAL_SERVER_ERROR as number);\n\n // Log server-side errors always, client-side at debug level only.\n options.logger!.log(serverSide ? 'error' : 'debug', error.toString());\n\n let message = error.message || getErrorForCode(status);\n if (serverSide && process.env.NODE_ENV === 'production') {\n message = ERRORS.INTERNAL_SERVER_ERROR;\n }\n\n res.status(status).send(message);\n });\n }\n\n return server;\n}\n"],"mappings":";;;AAAA;AACA;AACA;;AAEA,SAASA,GAAG,QAAQ,WAAW;AAC/B,SAASC,aAAa,QAAQ,UAAU;AAExC,SAASC,SAAS,EAAEC,SAAS,EAAEC,IAAI,QAAQ,WAAW;AAEtD,OAAOC,WAAW,MAAM,aAAa;AACrC,OAAOC,YAAY,MAAM,eAAe;AACxC,OAAOC,IAAI,MAAM,mBAAmB;AAEpC,OAAOC,OAAO,MAKP,SAAS;AAEhB,OAAOC,OAAO,MAAM,eAAe;AACnC,OAAOC,MAAM,MAA8B,QAAQ;AACnD,OAAOC,gBAAgB,MAAM,QAAQ;AACrC,OAAOC,SAAS,MAAM,YAAY;AAClC,SAASC,EAAE,IAAIC,IAAI,QAAQ,MAAM;AAIjC,OAAOC,eAAe;AAKtB,SACEC,KAAK,EACLC,MAAM,EACNC,eAAe,EACfC,QAAQ;;AAKV;;AAMA;AACA;AACA;AACA;AACA,MAAMC,kBAAkB,GAAG;EACzBC,UAAU,EAAElB,SAAS,CACnBO,MAAM,CAACY,qBAAqB,CAACC,oBAAoB,CAAC,CAAC;EAEnD;EACA;EACA;EACA;EACCC,KAAK,IAAMA,KAAK,CAAcC,MAAM,CAAEC,IAAY,IAAKA,IAAI,KAAK,QAAQ,CAC3E;AACF,CAAC;AACDN,kBAAkB,CAACC,UAAU,CAAC,WAAW,CAAC,GAAG,CAC3C,QAAQ;AAER;AACA;AACA,uBAAuB,CACxB;AAED;EACE,MAAMA,UAAU,GAAGD,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC;EAC9D,IAAIA,UAAU,EAAEA,UAAU,CAACM,IAAI,CAAC,eAAe,CAAC,CAAC,KAC5CP,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC;AACtE;;AAEA;AACA;AACA;AACA,OAAOD,kBAAkB,CAACC,UAAU,CAAC,2BAA2B,CAAC;;AAEjE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASO,qBAAqBA,CAAA,EAEnC;EACA,OAAO1B,SAAS,CAACkB,kBAAkB,CAAC;AACtC;AAqBA,eAAe,eAAeS,OAAOA,CACnCC,aAA4B,EAC5BC,OAAiB,EACC;EAClB,MAAMC,WAA6B,GAAG5B,IAAI,CAAC2B,OAAO,EAAE,CAClD,aAAa,EACb,cAAc,EACd,SAAS,EACT,QAAQ,EACR,cAAc,EACd,OAAO,EACP,YAAY,EACZ,uBAAuB,EACvB,iBAAiB,CAClB,CAAC;EACF,MAAME,QAAQ,GAAGlB,eAAe,CAACe,aAAa,EAAEE,WAAW,CAAC;EAC5D,MAAM;IAAEE;EAAW,CAAC,GAAGJ,aAAa,CAACK,MAAO;EAE5C,MAAMC,MAAM,GAAG5B,OAAO,CAAC,CAAY;EAEnC,IAAIuB,OAAO,CAACM,oBAAoB,EAAE;IAChC,MAAMN,OAAO,CAACM,oBAAoB,CAACD,MAAM,CAAC;EAC5C;EAEA,IAAIL,OAAO,CAACO,MAAM,EAAEF,MAAM,CAACE,MAAM,GAAGP,OAAO,CAACO,MAAM;EAElD,IAAIP,OAAO,CAACQ,aAAa,EAAE;IACzBH,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,EAAEC,GAAG,EAAEC,IAAI,KAAK;MAC7B,MAAMC,MAAM,GAAGH,GAAG,CAACI,OAAO,CAAC,mBAAmB,CAAC;MAC/C,IAAID,MAAM,KAAK,MAAM,EAAE;QACrB,IAAIE,GAAG,GAAG,WAAWL,GAAG,CAACI,OAAO,CAACE,IAAI,EAAE;QACvC,IAAIN,GAAG,CAACO,WAAW,KAAK,GAAG,EAAEF,GAAG,IAAIL,GAAG,CAACO,WAAW;QACnDN,GAAG,CAACO,QAAQ,CAACH,GAAG,CAAC;QACjB;MACF;MACAH,IAAI,CAAC,CAAC;IACR,CAAC,CAAC;EACJ;EAEAP,MAAM,CAACI,GAAG,CAACnC,WAAW,CAAC,CAAC,CAAC;EACzB+B,MAAM,CAACI,GAAG,CACR9B,MAAM,CAAC;IACLY,qBAAqB,EAAE,KAAK;IAC5B4B,yBAAyB,EAAE,KAAK;IAChCC,uBAAuB,EAAE,KAAK;IAC9BC,yBAAyB,EAAE;EAC7B,CAAC,CACH,CAAC;EAED,IAAI,CAACrB,OAAO,CAACsB,KAAK,EAAE;IAClBjB,MAAM,CAACI,GAAG,CACR,CAACC,GAAY,EAAEC,GAAa,EAAEC,IAAkB,KAAK;MACnD,MAAMW,IAAI,GAAGb,GAAe;MAE5Ba,IAAI,CAACC,KAAK,GAAGzC,IAAI,CAAC,CAAC;;MAEnB;MACA;MACAwC,IAAI,CAACE,QAAQ,GAAGF,IAAI,CAACC,KAAK;;MAE1B;MACA;MACA,IAAIE,WAAwB,GAAGvD,SAAS,CAACkB,kBAAkB,CAAC;MAC5D,CAACqC,WAAW,CAACpC,UAAU,GAAG,YAAY,CAAC,EAAcM,IAAI,CAAC,UAAU2B,IAAI,CAACC,KAAK,GAAG,CAAC;MAClF,IAAIxB,OAAO,CAAC2B,eAAe,EAAE;QAC3BD,WAAW,GAAG1B,OAAO,CAAC2B,eAAe,CAACD,WAAW,EAAEhB,GAAG,CAAC;MACzD;MACA/B,MAAM,CAACY,qBAAqB,CAACmC,WAAW,CAAC,CAAChB,GAAG,EAAEC,GAAG,EAAEC,IAAI,CAAC;IAC3D,CACF,CAAC;EACH;EAEA,IAAIZ,OAAO,CAACtB,OAAO,EAAE;IACnB2B,MAAM,CAACI,GAAG,CAAC/B,OAAO,CAACsB,OAAO,CAACtB,OAAO,CAAC,CAAC;EACtC;EAEA2B,MAAM,CAACI,GAAG,CAAC,aAAa,EAAE,CAACC,GAAG,EAAEC,GAAG,KAAK;IACtCA,GAAG,CAACiB,IAAI,CAAC,0BAA0B,CAAC;EACtC,CAAC,CAAC;EAEFvB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACoD,IAAI,CAAC;IAAEC,KAAK,EAAE;EAAQ,CAAC,CAAC,CAAC;EAC5CzB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACsD,UAAU,CAAC;IAAEC,QAAQ,EAAE;EAAM,CAAC,CAAC,CAAC;EACnD3B,MAAM,CAACI,GAAG,CAAClC,YAAY,CAACyB,OAAO,CAACiC,qBAAqB,CAAC,CAAC;EACvD5B,MAAM,CAACI,GAAG,CAAC5B,SAAS,CAACqD,EAAE,CAAC,CAAC,CAAC;EAE1B7B,MAAM,CAACI,GAAG,CAACjC,IAAI,CAAC;IAAE2D,MAAM,EAAE;EAAK,CAAC,CAAC,CAAC;EAElCvD,gBAAgB,CAACwD,KAAK,CACpB,IAAI,EACH1B,GAAmC,IAAKA,GAAG,CAAC2B,QAC/C,CAAC;EACD,MAAMC,MAAM,GAAG,yFAAyF;EACxGjC,MAAM,CAACI,GAAG,CAAC7B,gBAAgB,CAAC0D,MAAM,EAAE;IAClCC,MAAM,EAAE;MACN;MACA;MACAC,KAAK,EAAExC,OAAO,CAACO,MAAM,CAAEkC,IAAI,CAACC,IAAI,CAAC1C,OAAO,CAACO,MAAM;IACjD;EACF,CAAC,CAAC,CAAC;;EAEH;EACA;EACA;EACA;EACAF,MAAM,CAACsC,GAAG,CAAC,sBAAsB,EAAElE,OAAO,CAACmE,MAAM,CAC/C7C,aAAa,CAACK,MAAM,EAAEyC,IAAI,IAAI,EAAE,EAChC;IACEC,UAAU,EAAGnC,GAAG,IAAKA,GAAG,CAACoC,GAAG,CAAC,eAAe,EAAE,UAAU;EAC1D,CACF,CAAC,CAAC;;EAEF;AACF;AACA;EACE;EACA,IAAI/C,OAAO,CAACgD,OAAO,EAAE;IACnB;IACA;IACA;IACA;IACA;IACA;IACA,IAAI,CAACC,MAAM,CAACC,QAAQ,EAAE;MACpBD,MAAM,CAACC,QAAQ,GAAG;QAChBC,IAAI,EAAE,GAAGjF,aAAa,CAACkF,OAAO,CAACC,GAAG,CAAC,CAAC,CAAC,CAACF,IAAI,GAAGlF,GAAG;MAClD,CAAa;IACf;IAEA,MAAM;MAAEqF,OAAO,EAAEC;IAAQ,CAAC,GAAG,MAAM,MAAM,CAAC,0CAA2C,SAAS,CAAC;IAE/F,MAAM;MAAED,OAAO,EAAEE;IAAqB,CAAC,GAAG,MAAM,MAAM,CACpD,0CAA2C,wBAC7C,CAAC;IAED,MAAM;MAAEF,OAAO,EAAEG;IAAqB,CAAC,GAAG,MAAM,MAAM,CACpD,0CAA2C,wBAC7C,CAAC;IAED,MAAMC,QAAQ,GAAGH,OAAO,CAACxD,aAAa,CAAC;IAEvCM,MAAM,CAACI,GAAG,CAAC+C,oBAAoB,CAACE,QAAQ,EAAE;MACxCvD,UAAU;MACVwD,gBAAgB,EAAE;IACpB,CAAC,CAAC,CAAC;IACHtD,MAAM,CAACI,GAAG,CAACgD,oBAAoB,CAACC,QAAQ,CAAC,CAAC;EAC5C;EACA;;EAEArD,MAAM,CAACI,GAAG,CAACN,UAAU,EAAY1B,OAAO,CAACmE,MAAM,CAAC7C,aAAa,CAACK,MAAM,CAAEyC,IAAK,CAAC,CAAC;EAE7E,IAAI7C,OAAO,CAAC4D,gBAAgB,EAAE;IAC5B,MAAM5D,OAAO,CAAC4D,gBAAgB,CAACvD,MAAM,CAAC;EACxC;EACAA,MAAM,CAACI,GAAG,CAACP,QAAQ,CAAC;;EAEpB;EACAG,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,EAAEC,GAAG,EAAEC,IAAI,KAAK;IAC7BA,IAAI,CAACxB,QAAQ,CAACF,MAAM,CAAC2E,SAAS,EAAE5E,KAAK,CAAC4E,SAAS,CAAC,CAAC;EACnD,CAAC,CAAC;EAEF,IAAIC,6BAA6B;EACjC,IAAI9D,OAAO,CAAC+D,oBAAoB,EAAE;IAChCD,6BAA6B,GAAG,MAAM9D,OAAO,CAAC+D,oBAAoB,CAAC1D,MAAM,CAAC;EAC5E;;EAEA;EACA,IAAI,CAACyD,6BAA6B,EAAE;IAClC;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACAzD,MAAM,CAACI,GAAG,CAAC,CACTuD,KAEC,EACDtD,GAAY,EACZC,GAAa,EACbC,IAAkB,KACf;MACH;MACA;MACA,IAAID,GAAG,CAACsD,WAAW,EAAE;QACnBrD,IAAI,CAACoD,KAAK,CAAC;QACX;MACF;MAEA,MAAME,MAAM,GAAGF,KAAK,CAACE,MAAM,IAAIjF,KAAK,CAACkF,qBAAqB;MAC1D,MAAMC,UAAU,GAAGF,MAAM,IAAKjF,KAAK,CAACkF,qBAAgC;;MAEpE;MACAnE,OAAO,CAACO,MAAM,CAAE8D,GAAG,CAACD,UAAU,GAAG,OAAO,GAAG,OAAO,EAAEJ,KAAK,CAACM,QAAQ,CAAC,CAAC,CAAC;MAErE,IAAIC,OAAO,GAAGP,KAAK,CAACO,OAAO,IAAIpF,eAAe,CAAC+E,MAAM,CAAC;MACtD,IAAIE,UAAU,IAAIhB,OAAO,CAACoB,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;QACvDF,OAAO,GAAGrF,MAAM,CAACiF,qBAAqB;MACxC;MAEAxD,GAAG,CAACuD,MAAM,CAACA,MAAM,CAAC,CAACtC,IAAI,CAAC2C,OAAO,CAAC;IAClC,CAAC,CAAC;EACJ;EAEA,OAAOlE,MAAM;AACf","ignoreList":[]}
1
+ {"version":3,"file":"server.js","names":["sep","pathToFileURL","cloneDeep","mapValues","pick","compression","cookieParser","csrf","express","favicon","helmet","loggerMiddleware","requestIp","v4","uuid","rendererFactory","CODES","ERRORS","getErrorForCode","newError","defaultCspSettings","directives","contentSecurityPolicy","getDefaultDirectives","array","filter","item","push","getDefaultCspSettings","factory","webpackConfig","options","rendererOps","renderer","publicPath","output","server","beforeExpressJsSetup","logger","httpsRedirect","use","req","res","next","schema","headers","url","host","originalUrl","redirect","crossOriginEmbedderPolicy","crossOriginOpenerPolicy","crossOriginResourcePolicy","noCsp","req2","nonce","cspNonce","cspSettings","cspSettingsHook","send","json","limit","urlencoded","extended","cookieSignatureSecret","mw","cookie","ignoreRequest","csrfIgnoreRequest","token","clientIp","FORMAT","stream","write","info","bind","get","static","path","setHeaders","set","devMode","global","location","href","process","cwd","default","webpack","webpackDevMiddleware","webpackHotMiddleware","compiler","serverSideRender","onExpressJsSetup","NOT_FOUND","dontAttachDefaultErrorHandler","beforeExpressJsError","error","headersSent","status","INTERNAL_SERVER_ERROR","serverSide","log","toString","message","env","NODE_ENV"],"sources":["../../../src/server/server.ts"],"sourcesContent":["/**\n * Creation of standard ExpressJS server for ReactJS apps.\n */\n\nimport { sep } from 'node:path';\nimport { pathToFileURL } from 'node:url';\n\nimport { cloneDeep, mapValues, pick } from 'lodash-es';\n\nimport compression from 'compression';\nimport cookieParser from 'cookie-parser';\nimport csrf from '@dr.pogodin/csurf';\n\nimport express, {\n type Express,\n type NextFunction,\n type Request,\n type Response,\n} from 'express';\n\nimport favicon from 'serve-favicon';\nimport helmet, { type HelmetOptions } from 'helmet';\nimport loggerMiddleware from 'morgan';\nimport requestIp from 'request-ip';\nimport { v4 as uuid } from 'uuid';\n\nimport type { Configuration } from 'webpack';\n\nimport rendererFactory, {\n type LoggerI,\n type OptionsT as RendererOptionsT,\n} from './renderer';\n\nimport {\n CODES,\n ERRORS,\n getErrorForCode,\n newError,\n} from './utils/errors';\n\nexport type CspOptionsT = Exclude<HelmetOptions['contentSecurityPolicy'], boolean | undefined>;\n\n// eslint-disable-next-line @typescript-eslint/consistent-type-definitions\ninterface RequestT extends Request {\n cspNonce: string;\n nonce: string;\n}\n\n/**\n * Default Content Security Policy settings.\n * @ignore\n */\nconst defaultCspSettings = {\n directives: mapValues(\n helmet.contentSecurityPolicy.getDefaultDirectives(),\n\n // 'https:' options (automatic re-write of insecure URLs to secure ones)\n // is removed to facilitate local development with HTTP server. In cloud\n // deployments we assume Apache or Nginx server in front of out app takes\n // care about such re-writes.\n (array) => (array as string[]).filter((item: string) => item !== 'https:'),\n ),\n};\ndefaultCspSettings.directives['frame-src'] = [\n \"'self'\",\n\n // YouTube domain is whitelisted to allow <YouTubeVideo> component to work\n // out of box.\n 'https://*.youtube.com',\n];\n\n{\n const directives = defaultCspSettings.directives['script-src'];\n if (directives) directives.push(\"'unsafe-eval'\");\n else defaultCspSettings.directives['script-src'] = [\"'unsafe-eval'\"];\n}\n\n// No need for automatic re-writes via Content Security Policy settings:\n// the forefront Apache or Nginx server is supposed to take care of this\n// in production cloud deployments.\ndelete defaultCspSettings.directives['upgrade-insecure-requests'];\n\n/**\n * @category Utilities\n * @func server/getDefaultCspSettings\n * @global\n * @desc\n * ```js\n * import { server } from '@dr.pogodin/react-utils';\n * const { getDefaultCspSettings } from '@dr.pogodin/react-utils';\n * ```\n * @return {{\n * directives: object\n * }} A deep copy of default CSP settings object used by `react-utils`,\n * with the exception of `nonce-xxx` clause in `script-src` directive,\n * which is added dynamically for each request.\n */\nexport function getDefaultCspSettings(): {\n directives: Record<string, string[]>;\n} {\n return cloneDeep(defaultCspSettings);\n}\n\nexport type ServerT = Express & {\n logger: LoggerI;\n};\n\nexport type OptionsT = RendererOptionsT & {\n beforeExpressJsError?:\n (server: ServerT) => boolean | Promise<boolean>;\n\n beforeExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n cookieSignatureSecret?: string;\n cspSettingsHook?: (\n defaultOptions: CspOptionsT,\n req: Request,\n ) => CspOptionsT;\n csrfIgnoreRequest?: (req: Request) => boolean;\n devMode?: boolean;\n httpsRedirect?: boolean;\n onExpressJsSetup?: (server: ServerT) => Promise<void> | void;\n};\n\nexport default async function factory(\n webpackConfig: Configuration,\n options: OptionsT,\n): Promise<ServerT> {\n const rendererOps: RendererOptionsT = pick(options, [\n 'Application',\n 'beforeRender',\n 'favicon',\n 'logger',\n 'maxSsrRounds',\n 'noCsp',\n 'ssrTimeout',\n 'staticCacheController',\n 'staticCacheSize',\n ]);\n const renderer = rendererFactory(webpackConfig, rendererOps);\n const { publicPath } = webpackConfig.output!;\n\n const server = express() as ServerT;\n\n if (options.beforeExpressJsSetup) {\n await options.beforeExpressJsSetup(server);\n }\n\n if (options.logger) server.logger = options.logger;\n\n if (options.httpsRedirect) {\n server.use((req, res, next) => {\n const schema = req.headers['x-forwarded-proto'];\n if (schema === 'http') {\n let url = `https://${req.headers.host}`;\n if (req.originalUrl !== '/') url += req.originalUrl;\n res.redirect(url);\n return;\n }\n next();\n });\n }\n\n server.use(compression());\n server.use(\n helmet({\n contentSecurityPolicy: false,\n crossOriginEmbedderPolicy: false,\n crossOriginOpenerPolicy: false,\n crossOriginResourcePolicy: false,\n }),\n );\n\n if (!options.noCsp) {\n server.use(\n (req: Request, res: Response, next: NextFunction) => {\n const req2 = req as RequestT;\n\n req2.nonce = uuid();\n\n // TODO: This is deprecated, but it is kept for now for backward\n // compatibility. Should be removed sometime later.\n req2.cspNonce = req2.nonce;\n\n // The deep clone is necessary here to ensure that default value can't be\n // mutated during request processing.\n let cspSettings: CspOptionsT = cloneDeep(defaultCspSettings);\n (cspSettings.directives?.['script-src'] as string[]).push(`'nonce-${req2.nonce}'`);\n if (options.cspSettingsHook) {\n cspSettings = options.cspSettingsHook(cspSettings, req);\n }\n helmet.contentSecurityPolicy(cspSettings)(req, res, next);\n },\n );\n }\n\n if (options.favicon) {\n server.use(favicon(options.favicon));\n }\n\n server.use('/robots.txt', (req, res) => {\n res.send('User-agent: *\\nDisallow:');\n });\n\n server.use(express.json({ limit: '300kb' }));\n server.use(express.urlencoded({ extended: false }));\n server.use(cookieParser(options.cookieSignatureSecret));\n server.use(requestIp.mw());\n\n server.use(csrf({\n cookie: true,\n ignoreRequest: options.csrfIgnoreRequest,\n }));\n\n loggerMiddleware.token(\n 'ip',\n (req: Request & { clientIp: string }) => req.clientIp,\n );\n const FORMAT = ':ip > :status :method :url :response-time ms :res[content-length] :referrer :user-agent';\n server.use(loggerMiddleware(FORMAT, {\n stream: {\n // TODO: This implies the logger is always set. Is it on a higher level?\n // then mark it as always present.\n write: options.logger!.info.bind(options.logger),\n },\n }));\n\n // Note: no matter the \"public path\", we want the service worker, if any,\n // to be served from the root, to have all web app pages in its scope.\n // Thus, this setup to serve it. Probably, need some more configuration\n // for special cases, but this will do for now.\n server.get('/__service-worker.js', express.static(\n webpackConfig.output?.path ?? '',\n {\n setHeaders: (res) => res.set('Cache-Control', 'no-cache'),\n },\n ));\n\n /* Setup of Hot Module Reloading for development environment.\n * These dependencies are not used, nor installed for production use,\n * hence we should violate some import-related lint rules. */\n /* eslint-disable import/no-extraneous-dependencies */\n if (options.devMode) {\n // This is a workaround for SASS bug:\n // https://github.com/dart-lang/sdk/issues/27979\n // which manifests itself sometimes when webpack dev middleware is used\n // (in dev mode), and app modules are imported in some unfortunate ways.\n // TODO: Double-check, what is going on here.\n // eslint-disable-next-line @typescript-eslint/no-unnecessary-condition\n if (!global.location) {\n global.location = {\n href: `${pathToFileURL(process.cwd()).href}${sep}`,\n } as Location;\n }\n\n const { default: webpack } = await import(/* webpackChunkName: \"server-side-code\" */ 'webpack');\n\n const { default: webpackDevMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-dev-middleware'\n );\n\n const { default: webpackHotMiddleware } = await import(\n /* webpackChunkName: \"server-side-code\" */ 'webpack-hot-middleware'\n );\n\n const compiler = webpack(webpackConfig);\n\n server.use(webpackDevMiddleware(compiler, {\n publicPath,\n serverSideRender: true,\n }));\n server.use(webpackHotMiddleware(compiler));\n }\n /* eslint-enable import/no-extraneous-dependencies */\n\n server.use(publicPath as string, express.static(webpackConfig.output!.path!));\n\n if (options.onExpressJsSetup) {\n await options.onExpressJsSetup(server);\n }\n server.use(renderer);\n\n /* Detects 404 errors, and forwards them to the error handler. */\n server.use((req, res, next) => {\n next(newError(ERRORS.NOT_FOUND, CODES.NOT_FOUND));\n });\n\n let dontAttachDefaultErrorHandler;\n if (options.beforeExpressJsError) {\n dontAttachDefaultErrorHandler = await options.beforeExpressJsError(server);\n }\n\n /* Error handler. */\n if (!dontAttachDefaultErrorHandler) {\n // TODO: Do we need this error handler at all? It actually seems to do\n // what the default ExpressJS error handler does anyway, see:\n // https://expressjs.com/en/guide/error-handling.html\n //\n // TODO: It is better to move the default error handler definition\n // to a stand-alone function at top-level, but the use of options.logger\n // prevents to do it without some extra refactoring. Should be done sometime\n // though.\n server.use((\n error: Error & {\n status?: number;\n },\n req: Request,\n res: Response,\n next: NextFunction,\n ) => {\n // TODO: This is needed to correctly handled any errors thrown after\n // sending initial response to the client.\n if (res.headersSent) {\n next(error);\n return;\n }\n\n const status = error.status ?? CODES.INTERNAL_SERVER_ERROR;\n const serverSide = status >= (CODES.INTERNAL_SERVER_ERROR as number);\n\n // Log server-side errors always, client-side at debug level only.\n options.logger!.log(serverSide ? 'error' : 'debug', error.toString());\n\n let message = error.message || getErrorForCode(status);\n if (serverSide && process.env.NODE_ENV === 'production') {\n message = ERRORS.INTERNAL_SERVER_ERROR;\n }\n\n res.status(status).send(message);\n });\n }\n\n return server;\n}\n"],"mappings":";;;AAAA;AACA;AACA;;AAEA,SAASA,GAAG,QAAQ,WAAW;AAC/B,SAASC,aAAa,QAAQ,UAAU;AAExC,SAASC,SAAS,EAAEC,SAAS,EAAEC,IAAI,QAAQ,WAAW;AAEtD,OAAOC,WAAW,MAAM,aAAa;AACrC,OAAOC,YAAY,MAAM,eAAe;AACxC,OAAOC,IAAI,MAAM,mBAAmB;AAEpC,OAAOC,OAAO,MAKP,SAAS;AAEhB,OAAOC,OAAO,MAAM,eAAe;AACnC,OAAOC,MAAM,MAA8B,QAAQ;AACnD,OAAOC,gBAAgB,MAAM,QAAQ;AACrC,OAAOC,SAAS,MAAM,YAAY;AAClC,SAASC,EAAE,IAAIC,IAAI,QAAQ,MAAM;AAIjC,OAAOC,eAAe;AAKtB,SACEC,KAAK,EACLC,MAAM,EACNC,eAAe,EACfC,QAAQ;;AAKV;;AAMA;AACA;AACA;AACA;AACA,MAAMC,kBAAkB,GAAG;EACzBC,UAAU,EAAElB,SAAS,CACnBO,MAAM,CAACY,qBAAqB,CAACC,oBAAoB,CAAC,CAAC;EAEnD;EACA;EACA;EACA;EACCC,KAAK,IAAMA,KAAK,CAAcC,MAAM,CAAEC,IAAY,IAAKA,IAAI,KAAK,QAAQ,CAC3E;AACF,CAAC;AACDN,kBAAkB,CAACC,UAAU,CAAC,WAAW,CAAC,GAAG,CAC3C,QAAQ;AAER;AACA;AACA,uBAAuB,CACxB;AAED;EACE,MAAMA,UAAU,GAAGD,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC;EAC9D,IAAIA,UAAU,EAAEA,UAAU,CAACM,IAAI,CAAC,eAAe,CAAC,CAAC,KAC5CP,kBAAkB,CAACC,UAAU,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,CAAC;AACtE;;AAEA;AACA;AACA;AACA,OAAOD,kBAAkB,CAACC,UAAU,CAAC,2BAA2B,CAAC;;AAEjE;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,OAAO,SAASO,qBAAqBA,CAAA,EAEnC;EACA,OAAO1B,SAAS,CAACkB,kBAAkB,CAAC;AACtC;AAsBA,eAAe,eAAeS,OAAOA,CACnCC,aAA4B,EAC5BC,OAAiB,EACC;EAClB,MAAMC,WAA6B,GAAG5B,IAAI,CAAC2B,OAAO,EAAE,CAClD,aAAa,EACb,cAAc,EACd,SAAS,EACT,QAAQ,EACR,cAAc,EACd,OAAO,EACP,YAAY,EACZ,uBAAuB,EACvB,iBAAiB,CAClB,CAAC;EACF,MAAME,QAAQ,GAAGlB,eAAe,CAACe,aAAa,EAAEE,WAAW,CAAC;EAC5D,MAAM;IAAEE;EAAW,CAAC,GAAGJ,aAAa,CAACK,MAAO;EAE5C,MAAMC,MAAM,GAAG5B,OAAO,CAAC,CAAY;EAEnC,IAAIuB,OAAO,CAACM,oBAAoB,EAAE;IAChC,MAAMN,OAAO,CAACM,oBAAoB,CAACD,MAAM,CAAC;EAC5C;EAEA,IAAIL,OAAO,CAACO,MAAM,EAAEF,MAAM,CAACE,MAAM,GAAGP,OAAO,CAACO,MAAM;EAElD,IAAIP,OAAO,CAACQ,aAAa,EAAE;IACzBH,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,EAAEC,GAAG,EAAEC,IAAI,KAAK;MAC7B,MAAMC,MAAM,GAAGH,GAAG,CAACI,OAAO,CAAC,mBAAmB,CAAC;MAC/C,IAAID,MAAM,KAAK,MAAM,EAAE;QACrB,IAAIE,GAAG,GAAG,WAAWL,GAAG,CAACI,OAAO,CAACE,IAAI,EAAE;QACvC,IAAIN,GAAG,CAACO,WAAW,KAAK,GAAG,EAAEF,GAAG,IAAIL,GAAG,CAACO,WAAW;QACnDN,GAAG,CAACO,QAAQ,CAACH,GAAG,CAAC;QACjB;MACF;MACAH,IAAI,CAAC,CAAC;IACR,CAAC,CAAC;EACJ;EAEAP,MAAM,CAACI,GAAG,CAACnC,WAAW,CAAC,CAAC,CAAC;EACzB+B,MAAM,CAACI,GAAG,CACR9B,MAAM,CAAC;IACLY,qBAAqB,EAAE,KAAK;IAC5B4B,yBAAyB,EAAE,KAAK;IAChCC,uBAAuB,EAAE,KAAK;IAC9BC,yBAAyB,EAAE;EAC7B,CAAC,CACH,CAAC;EAED,IAAI,CAACrB,OAAO,CAACsB,KAAK,EAAE;IAClBjB,MAAM,CAACI,GAAG,CACR,CAACC,GAAY,EAAEC,GAAa,EAAEC,IAAkB,KAAK;MACnD,MAAMW,IAAI,GAAGb,GAAe;MAE5Ba,IAAI,CAACC,KAAK,GAAGzC,IAAI,CAAC,CAAC;;MAEnB;MACA;MACAwC,IAAI,CAACE,QAAQ,GAAGF,IAAI,CAACC,KAAK;;MAE1B;MACA;MACA,IAAIE,WAAwB,GAAGvD,SAAS,CAACkB,kBAAkB,CAAC;MAC5D,CAACqC,WAAW,CAACpC,UAAU,GAAG,YAAY,CAAC,EAAcM,IAAI,CAAC,UAAU2B,IAAI,CAACC,KAAK,GAAG,CAAC;MAClF,IAAIxB,OAAO,CAAC2B,eAAe,EAAE;QAC3BD,WAAW,GAAG1B,OAAO,CAAC2B,eAAe,CAACD,WAAW,EAAEhB,GAAG,CAAC;MACzD;MACA/B,MAAM,CAACY,qBAAqB,CAACmC,WAAW,CAAC,CAAChB,GAAG,EAAEC,GAAG,EAAEC,IAAI,CAAC;IAC3D,CACF,CAAC;EACH;EAEA,IAAIZ,OAAO,CAACtB,OAAO,EAAE;IACnB2B,MAAM,CAACI,GAAG,CAAC/B,OAAO,CAACsB,OAAO,CAACtB,OAAO,CAAC,CAAC;EACtC;EAEA2B,MAAM,CAACI,GAAG,CAAC,aAAa,EAAE,CAACC,GAAG,EAAEC,GAAG,KAAK;IACtCA,GAAG,CAACiB,IAAI,CAAC,0BAA0B,CAAC;EACtC,CAAC,CAAC;EAEFvB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACoD,IAAI,CAAC;IAAEC,KAAK,EAAE;EAAQ,CAAC,CAAC,CAAC;EAC5CzB,MAAM,CAACI,GAAG,CAAChC,OAAO,CAACsD,UAAU,CAAC;IAAEC,QAAQ,EAAE;EAAM,CAAC,CAAC,CAAC;EACnD3B,MAAM,CAACI,GAAG,CAAClC,YAAY,CAACyB,OAAO,CAACiC,qBAAqB,CAAC,CAAC;EACvD5B,MAAM,CAACI,GAAG,CAAC5B,SAAS,CAACqD,EAAE,CAAC,CAAC,CAAC;EAE1B7B,MAAM,CAACI,GAAG,CAACjC,IAAI,CAAC;IACd2D,MAAM,EAAE,IAAI;IACZC,aAAa,EAAEpC,OAAO,CAACqC;EACzB,CAAC,CAAC,CAAC;EAEHzD,gBAAgB,CAAC0D,KAAK,CACpB,IAAI,EACH5B,GAAmC,IAAKA,GAAG,CAAC6B,QAC/C,CAAC;EACD,MAAMC,MAAM,GAAG,yFAAyF;EACxGnC,MAAM,CAACI,GAAG,CAAC7B,gBAAgB,CAAC4D,MAAM,EAAE;IAClCC,MAAM,EAAE;MACN;MACA;MACAC,KAAK,EAAE1C,OAAO,CAACO,MAAM,CAAEoC,IAAI,CAACC,IAAI,CAAC5C,OAAO,CAACO,MAAM;IACjD;EACF,CAAC,CAAC,CAAC;;EAEH;EACA;EACA;EACA;EACAF,MAAM,CAACwC,GAAG,CAAC,sBAAsB,EAAEpE,OAAO,CAACqE,MAAM,CAC/C/C,aAAa,CAACK,MAAM,EAAE2C,IAAI,IAAI,EAAE,EAChC;IACEC,UAAU,EAAGrC,GAAG,IAAKA,GAAG,CAACsC,GAAG,CAAC,eAAe,EAAE,UAAU;EAC1D,CACF,CAAC,CAAC;;EAEF;AACF;AACA;EACE;EACA,IAAIjD,OAAO,CAACkD,OAAO,EAAE;IACnB;IACA;IACA;IACA;IACA;IACA;IACA,IAAI,CAACC,MAAM,CAACC,QAAQ,EAAE;MACpBD,MAAM,CAACC,QAAQ,GAAG;QAChBC,IAAI,EAAE,GAAGnF,aAAa,CAACoF,OAAO,CAACC,GAAG,CAAC,CAAC,CAAC,CAACF,IAAI,GAAGpF,GAAG;MAClD,CAAa;IACf;IAEA,MAAM;MAAEuF,OAAO,EAAEC;IAAQ,CAAC,GAAG,MAAM,MAAM,CAAC,0CAA2C,SAAS,CAAC;IAE/F,MAAM;MAAED,OAAO,EAAEE;IAAqB,CAAC,GAAG,MAAM,MAAM,CACpD,0CAA2C,wBAC7C,CAAC;IAED,MAAM;MAAEF,OAAO,EAAEG;IAAqB,CAAC,GAAG,MAAM,MAAM,CACpD,0CAA2C,wBAC7C,CAAC;IAED,MAAMC,QAAQ,GAAGH,OAAO,CAAC1D,aAAa,CAAC;IAEvCM,MAAM,CAACI,GAAG,CAACiD,oBAAoB,CAACE,QAAQ,EAAE;MACxCzD,UAAU;MACV0D,gBAAgB,EAAE;IACpB,CAAC,CAAC,CAAC;IACHxD,MAAM,CAACI,GAAG,CAACkD,oBAAoB,CAACC,QAAQ,CAAC,CAAC;EAC5C;EACA;;EAEAvD,MAAM,CAACI,GAAG,CAACN,UAAU,EAAY1B,OAAO,CAACqE,MAAM,CAAC/C,aAAa,CAACK,MAAM,CAAE2C,IAAK,CAAC,CAAC;EAE7E,IAAI/C,OAAO,CAAC8D,gBAAgB,EAAE;IAC5B,MAAM9D,OAAO,CAAC8D,gBAAgB,CAACzD,MAAM,CAAC;EACxC;EACAA,MAAM,CAACI,GAAG,CAACP,QAAQ,CAAC;;EAEpB;EACAG,MAAM,CAACI,GAAG,CAAC,CAACC,GAAG,EAAEC,GAAG,EAAEC,IAAI,KAAK;IAC7BA,IAAI,CAACxB,QAAQ,CAACF,MAAM,CAAC6E,SAAS,EAAE9E,KAAK,CAAC8E,SAAS,CAAC,CAAC;EACnD,CAAC,CAAC;EAEF,IAAIC,6BAA6B;EACjC,IAAIhE,OAAO,CAACiE,oBAAoB,EAAE;IAChCD,6BAA6B,GAAG,MAAMhE,OAAO,CAACiE,oBAAoB,CAAC5D,MAAM,CAAC;EAC5E;;EAEA;EACA,IAAI,CAAC2D,6BAA6B,EAAE;IAClC;IACA;IACA;IACA;IACA;IACA;IACA;IACA;IACA3D,MAAM,CAACI,GAAG,CAAC,CACTyD,KAEC,EACDxD,GAAY,EACZC,GAAa,EACbC,IAAkB,KACf;MACH;MACA;MACA,IAAID,GAAG,CAACwD,WAAW,EAAE;QACnBvD,IAAI,CAACsD,KAAK,CAAC;QACX;MACF;MAEA,MAAME,MAAM,GAAGF,KAAK,CAACE,MAAM,IAAInF,KAAK,CAACoF,qBAAqB;MAC1D,MAAMC,UAAU,GAAGF,MAAM,IAAKnF,KAAK,CAACoF,qBAAgC;;MAEpE;MACArE,OAAO,CAACO,MAAM,CAAEgE,GAAG,CAACD,UAAU,GAAG,OAAO,GAAG,OAAO,EAAEJ,KAAK,CAACM,QAAQ,CAAC,CAAC,CAAC;MAErE,IAAIC,OAAO,GAAGP,KAAK,CAACO,OAAO,IAAItF,eAAe,CAACiF,MAAM,CAAC;MACtD,IAAIE,UAAU,IAAIhB,OAAO,CAACoB,GAAG,CAACC,QAAQ,KAAK,YAAY,EAAE;QACvDF,OAAO,GAAGvF,MAAM,CAACmF,qBAAqB;MACxC;MAEA1D,GAAG,CAACyD,MAAM,CAACA,MAAM,CAAC,CAACxC,IAAI,CAAC6C,OAAO,CAAC;IAClC,CAAC,CAAC;EACJ;EAEA,OAAOpE,MAAM;AACf","ignoreList":[]}
package/build/web/shared/components/Input/index.js CHANGED
@@ -12,6 +12,7 @@ import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
12
12
  */
13
13
  const Input = ({
14
14
  children,
15
+ composeAdhocTheme,
15
16
  error,
16
17
  label,
17
18
  ref,
@@ -19,7 +20,9 @@ const Input = ({
19
20
  theme,
20
21
  ...rest
21
22
  }) => {
22
- const composed = useTheme('Input', defaultTheme, theme);
23
+ const composed = useTheme('Input', defaultTheme, theme, {
24
+ composeAdhocTheme
25
+ });
23
26
 
24
27
  // NOTE: As of now, it is only updated when "theme.focused" is defined,
25
28
  // as otherwise its value is not used.
package/build/web/shared/components/Input/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","names":["useRef","useState","useTheme","defaultTheme","jsx","_jsx","jsxs","_jsxs","Input","children","error","label","ref","testId","theme","rest","composed","focused","setFocused","localRef","containerClassName","container","value","empty","className","onFocus","current","focus","undefined","input","process","env","NODE_ENV","onBlur","e","errorMessage"],"sources":["../../../../../src/shared/components/Input/index.tsx"],"sourcesContent":["import {\n type FunctionComponent,\n type ReactNode,\n type Ref,\n useRef,\n useState,\n} from 'react';\n\nimport { type Theme, useTheme } from '@dr.pogodin/react-themes';\n\nimport defaultTheme from './theme.scss';\n\ntype ThemeKeyT = 'children' | 'container' | 'empty' | 'error' | 'errorMessage'\n | 'focused' | 'input' | 'label';\n\ntype PropsT = React.InputHTMLAttributes<HTMLInputElement> & {\n children?: ReactNode;\n error?: ReactNode;\n label?: React.ReactNode;\n ref?: Ref<HTMLInputElement>;\n testId?: string;\n theme?: Theme<ThemeKeyT>;\n};\n\n/**\n * Themeable input field, based on the standard HTML `<input>` element.\n * @param [props.label] Input label.\n * @param [props.theme] _Ad hoc_ theme.\n * @param [props...] [Other theming properties](https://www.npmjs.com/package/@dr.pogodin/react-themes#themed-component-properties)\n * @param [props...] Any other properties are passed to the underlying\n * `<input>` element.\n */\nconst Input: FunctionComponent<PropsT> = ({\n children,\n error,\n label,\n ref,\n testId,\n theme,\n ...rest\n}) => {\n const composed = useTheme('Input', defaultTheme, theme);\n\n // NOTE: As of now, it is only updated when \"theme.focused\" is defined,\n // as otherwise its value is not used.\n const [focused, setFocused] = useState(false);\n\n const localRef = useRef<HTMLInputElement>(null);\n\n let containerClassName = composed.container;\n\n // NOTE: As of now, \"focused\" can be true only when \"theme.focused\"\n // is provided.\n if (focused /* && theme.focused */) containerClassName += ` ${composed.focused}`;\n\n if (!rest.value && composed.empty) containerClassName += ` ${composed.empty}`;\n\n if (error) containerClassName += ` ${composed.error}`;\n\n return (\n <div\n className={containerClassName}\n onFocus={() => {\n // TODO: It does not really work if a callback-style `ref` is passed in,\n // we need a more complex logic to cover that case, but for now this serves\n // the case we need it for.\n if (typeof ref === 'object') ref?.current?.focus();\n else localRef.current?.focus();\n }}\n >\n {label === undefined\n ? null : <div className={composed.label}>{label}</div>}\n <input\n className={composed.input}\n data-testid={process.env.NODE_ENV === 'production' ? undefined : testId}\n ref={ref ?? localRef}\n\n // TODO: Avoid the spreading later.\n // eslint-disable-next-line react/jsx-props-no-spreading\n {...rest}\n\n onBlur={composed.focused ? (e) => {\n setFocused(false);\n rest.onBlur?.(e);\n } : rest.onBlur}\n onFocus={composed.focused ? (e) => {\n setFocused(true);\n rest.onFocus?.(e);\n } : rest.onFocus}\n />\n {error && error !== true\n ? <div className={composed.errorMessage}>{error}</div>\n : null}\n {children ? <div className={composed.children}>{children}</div> : null}\n </div>\n );\n};\n\nexport default Input;\n"],"mappings":"AAAA,SAIEA,MAAM,EACNC,QAAQ,QACH,OAAO;AAEd,SAAqBC,QAAQ,QAAQ,0BAA0B;AAE/D,OAAOC,YAAY;AAAqB,SAAAC,GAAA,IAAAC,IAAA,EAAAC,IAAA,IAAAC,KAAA;AAcxC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,KAAgC,GAAGA,CAAC;EACxCC,QAAQ;EACRC,KAAK;EACLC,KAAK;EACLC,GAAG;EACHC,MAAM;EACNC,KAAK;EACL,GAAGC;AACL,CAAC,KAAK;EACJ,MAAMC,QAAQ,GAAGd,QAAQ,CAAC,OAAO,EAAEC,YAAY,EAAEW,KAAK,CAAC;;EAEvD;EACA;EACA,MAAM,CAACG,OAAO,EAAEC,UAAU,CAAC,GAAGjB,QAAQ,CAAC,KAAK,CAAC;EAE7C,MAAMkB,QAAQ,GAAGnB,MAAM,CAAmB,IAAI,CAAC;EAE/C,IAAIoB,kBAAkB,GAAGJ,QAAQ,CAACK,SAAS;;EAE3C;EACA;EACA,IAAIJ,OAAO,CAAC,wBAAwBG,kBAAkB,IAAI,IAAIJ,QAAQ,CAACC,OAAO,EAAE;EAEhF,IAAI,CAACF,IAAI,CAACO,KAAK,IAAIN,QAAQ,CAACO,KAAK,EAAEH,kBAAkB,IAAI,IAAIJ,QAAQ,CAACO,KAAK,EAAE;EAE7E,IAAIb,KAAK,EAAEU,kBAAkB,IAAI,IAAIJ,QAAQ,CAACN,KAAK,EAAE;EAErD,oBACEH,KAAA;IACEiB,SAAS,EAAEJ,kBAAmB;IAC9BK,OAAO,EAAEA,CAAA,KAAM;MACb;MACA;MACA;MACA,IAAI,OAAOb,GAAG,KAAK,QAAQ,EAAEA,GAAG,EAAEc,OAAO,EAAEC,KAAK,CAAC,CAAC,CAAC,KAC9CR,QAAQ,CAACO,OAAO,EAAEC,KAAK,CAAC,CAAC;IAChC,CAAE;IAAAlB,QAAA,GAEDE,KAAK,KAAKiB,SAAS,GAChB,IAAI,gBAAGvB,IAAA;MAAKmB,SAAS,EAAER,QAAQ,CAACL,KAAM;MAAAF,QAAA,EAAEE;IAAK,CAAM,CAAC,eACxDN,IAAA;MACEmB,SAAS,EAAER,QAAQ,CAACa,KAAM;MAC1B,eAAaC,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,GAAGJ,SAAS,GAAGf,MAAO;MACxED,GAAG,EAAEA,GAAG,IAAIO;;MAEZ;MACA;MAAA;MAAA,GACIJ,IAAI;MAERkB,MAAM,EAAEjB,QAAQ,CAACC,OAAO,GAAIiB,CAAC,IAAK;QAChChB,UAAU,CAAC,KAAK,CAAC;QACjBH,IAAI,CAACkB,MAAM,GAAGC,CAAC,CAAC;MAClB,CAAC,GAAGnB,IAAI,CAACkB,MAAO;MAChBR,OAAO,EAAET,QAAQ,CAACC,OAAO,GAAIiB,CAAC,IAAK;QACjChB,UAAU,CAAC,IAAI,CAAC;QAChBH,IAAI,CAACU,OAAO,GAAGS,CAAC,CAAC;MACnB,CAAC,GAAGnB,IAAI,CAACU;IAAQ,CAClB,CAAC,EACDf,KAAK,IAAIA,KAAK,KAAK,IAAI,gBACpBL,IAAA;MAAKmB,SAAS,EAAER,QAAQ,CAACmB,YAAa;MAAA1B,QAAA,EAAEC;IAAK,CAAM,CAAC,GACpD,IAAI,EACPD,QAAQ,gBAAGJ,IAAA;MAAKmB,SAAS,EAAER,QAAQ,CAACP,QAAS;MAAAA,QAAA,EAAEA;IAAQ,CAAM,CAAC,GAAG,IAAI;EAAA,CACnE,CAAC;AAEV,CAAC;AAED,eAAeD,KAAK","ignoreList":[]}
1
+ {"version":3,"file":"index.js","names":["useRef","useState","useTheme","defaultTheme","jsx","_jsx","jsxs","_jsxs","Input","children","composeAdhocTheme","error","label","ref","testId","theme","rest","composed","focused","setFocused","localRef","containerClassName","container","value","empty","className","onFocus","current","focus","undefined","input","process","env","NODE_ENV","onBlur","e","errorMessage"],"sources":["../../../../../src/shared/components/Input/index.tsx"],"sourcesContent":["import {\n type FunctionComponent,\n type ReactNode,\n type Ref,\n useRef,\n useState,\n} from 'react';\n\nimport { type COMPOSE, type Theme, useTheme } from '@dr.pogodin/react-themes';\n\nimport defaultTheme from './theme.scss';\n\ntype ThemeKeyT = 'children' | 'container' | 'empty' | 'error' | 'errorMessage'\n | 'focused' | 'input' | 'label';\n\ntype PropsT = React.InputHTMLAttributes<HTMLInputElement> & {\n children?: ReactNode;\n composeAdhocTheme?: COMPOSE;\n error?: ReactNode;\n label?: React.ReactNode;\n ref?: Ref<HTMLInputElement>;\n testId?: string;\n theme?: Theme<ThemeKeyT>;\n};\n\n/**\n * Themeable input field, based on the standard HTML `<input>` element.\n * @param [props.label] Input label.\n * @param [props.theme] _Ad hoc_ theme.\n * @param [props...] [Other theming properties](https://www.npmjs.com/package/@dr.pogodin/react-themes#themed-component-properties)\n * @param [props...] Any other properties are passed to the underlying\n * `<input>` element.\n */\nconst Input: FunctionComponent<PropsT> = ({\n children,\n composeAdhocTheme,\n error,\n label,\n ref,\n testId,\n theme,\n ...rest\n}) => {\n const composed = useTheme('Input', defaultTheme, theme, {\n composeAdhocTheme,\n });\n\n // NOTE: As of now, it is only updated when \"theme.focused\" is defined,\n // as otherwise its value is not used.\n const [focused, setFocused] = useState(false);\n\n const localRef = useRef<HTMLInputElement>(null);\n\n let containerClassName = composed.container;\n\n // NOTE: As of now, \"focused\" can be true only when \"theme.focused\"\n // is provided.\n if (focused /* && theme.focused */) containerClassName += ` ${composed.focused}`;\n\n if (!rest.value && composed.empty) containerClassName += ` ${composed.empty}`;\n\n if (error) containerClassName += ` ${composed.error}`;\n\n return (\n <div\n className={containerClassName}\n onFocus={() => {\n // TODO: It does not really work if a callback-style `ref` is passed in,\n // we need a more complex logic to cover that case, but for now this serves\n // the case we need it for.\n if (typeof ref === 'object') ref?.current?.focus();\n else localRef.current?.focus();\n }}\n >\n {label === undefined\n ? null : <div className={composed.label}>{label}</div>}\n <input\n className={composed.input}\n data-testid={process.env.NODE_ENV === 'production' ? undefined : testId}\n ref={ref ?? localRef}\n\n // TODO: Avoid the spreading later.\n // eslint-disable-next-line react/jsx-props-no-spreading\n {...rest}\n\n onBlur={composed.focused ? (e) => {\n setFocused(false);\n rest.onBlur?.(e);\n } : rest.onBlur}\n onFocus={composed.focused ? (e) => {\n setFocused(true);\n rest.onFocus?.(e);\n } : rest.onFocus}\n />\n {error && error !== true\n ? <div className={composed.errorMessage}>{error}</div>\n : null}\n {children ? <div className={composed.children}>{children}</div> : null}\n </div>\n );\n};\n\nexport default Input;\n"],"mappings":"AAAA,SAIEA,MAAM,EACNC,QAAQ,QACH,OAAO;AAEd,SAAmCC,QAAQ,QAAQ,0BAA0B;AAE7E,OAAOC,YAAY;AAAqB,SAAAC,GAAA,IAAAC,IAAA,EAAAC,IAAA,IAAAC,KAAA;AAexC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,MAAMC,KAAgC,GAAGA,CAAC;EACxCC,QAAQ;EACRC,iBAAiB;EACjBC,KAAK;EACLC,KAAK;EACLC,GAAG;EACHC,MAAM;EACNC,KAAK;EACL,GAAGC;AACL,CAAC,KAAK;EACJ,MAAMC,QAAQ,GAAGf,QAAQ,CAAC,OAAO,EAAEC,YAAY,EAAEY,KAAK,EAAE;IACtDL;EACF,CAAC,CAAC;;EAEF;EACA;EACA,MAAM,CAACQ,OAAO,EAAEC,UAAU,CAAC,GAAGlB,QAAQ,CAAC,KAAK,CAAC;EAE7C,MAAMmB,QAAQ,GAAGpB,MAAM,CAAmB,IAAI,CAAC;EAE/C,IAAIqB,kBAAkB,GAAGJ,QAAQ,CAACK,SAAS;;EAE3C;EACA;EACA,IAAIJ,OAAO,CAAC,wBAAwBG,kBAAkB,IAAI,IAAIJ,QAAQ,CAACC,OAAO,EAAE;EAEhF,IAAI,CAACF,IAAI,CAACO,KAAK,IAAIN,QAAQ,CAACO,KAAK,EAAEH,kBAAkB,IAAI,IAAIJ,QAAQ,CAACO,KAAK,EAAE;EAE7E,IAAIb,KAAK,EAAEU,kBAAkB,IAAI,IAAIJ,QAAQ,CAACN,KAAK,EAAE;EAErD,oBACEJ,KAAA;IACEkB,SAAS,EAAEJ,kBAAmB;IAC9BK,OAAO,EAAEA,CAAA,KAAM;MACb;MACA;MACA;MACA,IAAI,OAAOb,GAAG,KAAK,QAAQ,EAAEA,GAAG,EAAEc,OAAO,EAAEC,KAAK,CAAC,CAAC,CAAC,KAC9CR,QAAQ,CAACO,OAAO,EAAEC,KAAK,CAAC,CAAC;IAChC,CAAE;IAAAnB,QAAA,GAEDG,KAAK,KAAKiB,SAAS,GAChB,IAAI,gBAAGxB,IAAA;MAAKoB,SAAS,EAAER,QAAQ,CAACL,KAAM;MAAAH,QAAA,EAAEG;IAAK,CAAM,CAAC,eACxDP,IAAA;MACEoB,SAAS,EAAER,QAAQ,CAACa,KAAM;MAC1B,eAAaC,OAAO,CAACC,GAAG,CAACC,QAAQ,KAAK,YAAY,GAAGJ,SAAS,GAAGf,MAAO;MACxED,GAAG,EAAEA,GAAG,IAAIO;;MAEZ;MACA;MAAA;MAAA,GACIJ,IAAI;MAERkB,MAAM,EAAEjB,QAAQ,CAACC,OAAO,GAAIiB,CAAC,IAAK;QAChChB,UAAU,CAAC,KAAK,CAAC;QACjBH,IAAI,CAACkB,MAAM,GAAGC,CAAC,CAAC;MAClB,CAAC,GAAGnB,IAAI,CAACkB,MAAO;MAChBR,OAAO,EAAET,QAAQ,CAACC,OAAO,GAAIiB,CAAC,IAAK;QACjChB,UAAU,CAAC,IAAI,CAAC;QAChBH,IAAI,CAACU,OAAO,GAAGS,CAAC,CAAC;MACnB,CAAC,GAAGnB,IAAI,CAACU;IAAQ,CAClB,CAAC,EACDf,KAAK,IAAIA,KAAK,KAAK,IAAI,gBACpBN,IAAA;MAAKoB,SAAS,EAAER,QAAQ,CAACmB,YAAa;MAAA3B,QAAA,EAAEE;IAAK,CAAM,CAAC,GACpD,IAAI,EACPF,QAAQ,gBAAGJ,IAAA;MAAKoB,SAAS,EAAER,QAAQ,CAACR,QAAS;MAAAA,QAAA,EAAEA;IAAQ,CAAM,CAAC,GAAG,IAAI;EAAA,CACnE,CAAC;AAEV,CAAC;AAED,eAAeD,KAAK","ignoreList":[]}
package/package.json CHANGED
@@ -1,5 +1,5 @@
1
1
  {
2
- "version": "1.48.6",
2
+ "version": "1.48.8",
3
3
  "bin": {
4
4
  "react-utils-build": "bin/build.js",
5
5
  "react-utils-setup": "bin/setup.js"
@@ -8,9 +8,9 @@
8
8
  "url": "https://github.com/birdofpreyru/react-utils/issues"
9
9
  },
10
10
  "dependencies": {
11
- "@babel/runtime": "^7.28.4",
11
+ "@babel/runtime": "^7.28.6",
12
12
  "@dr.pogodin/babel-plugin-react-css-modules": "^6.13.8",
13
- "@dr.pogodin/csurf": "^1.16.7",
13
+ "@dr.pogodin/csurf": "^1.16.8",
14
14
  "@dr.pogodin/js-utils": "^0.1.5",
15
15
  "@dr.pogodin/react-global-state": "^0.21.2",
16
16
  "@dr.pogodin/react-helmet": "^3.0.5",
@@ -19,7 +19,7 @@
19
19
  "axios": "^1.13.2",
20
20
  "commander": "^14.0.2",
21
21
  "compression": "^1.8.1",
22
- "config": "^4.1.1",
22
+ "config": "^4.2.0",
23
23
  "cookie": "^1.1.0",
24
24
  "cookie-parser": "^1.4.7",
25
25
  "core-js": "^3.47.0",
@@ -34,7 +34,7 @@
34
34
  "raf": "^3.4.1",
35
35
  "react": "^19.2.3",
36
36
  "react-dom": "^19.2.3",
37
- "react-router": "^7.11.0",
37
+ "react-router": "^7.12.0",
38
38
  "request-ip": "^3.3.0",
39
39
  "rimraf": "^6.1.2",
40
40
  "serialize-javascript": "^7.0.2",
@@ -45,14 +45,14 @@
45
45
  },
46
46
  "description": "Collection of generic ReactJS components and utils",
47
47
  "devDependencies": {
48
- "@babel/cli": "^7.28.3",
49
- "@babel/core": "^7.28.5",
50
- "@babel/node": "^7.28.0",
48
+ "@babel/cli": "^7.28.6",
49
+ "@babel/core": "^7.28.6",
50
+ "@babel/node": "^7.28.6",
51
51
  "@babel/plugin-transform-runtime": "^7.28.5",
52
- "@babel/preset-env": "^7.28.5",
52
+ "@babel/preset-env": "^7.28.6",
53
53
  "@babel/preset-react": "^7.28.5",
54
54
  "@babel/preset-typescript": "^7.28.5",
55
- "@babel/register": "^7.28.3",
55
+ "@babel/register": "^7.28.6",
56
56
  "@dr.pogodin/babel-plugin-transform-assets": "^1.2.5",
57
57
  "@dr.pogodin/babel-preset-svgr": "^1.9.2",
58
58
  "@dr.pogodin/eslint-configs": "^0.1.3",
@@ -68,11 +68,11 @@
68
68
  "@types/cookie-parser": "^1.4.10",
69
69
  "@types/express": "^5.0.6",
70
70
  "@types/jest": "^30.0.0",
71
- "@types/lodash": "^4.17.21",
71
+ "@types/lodash": "^4.17.23",
72
72
  "@types/lodash-es": "^4.17.12",
73
73
  "@types/morgan": "^1.9.10",
74
74
  "@types/pretty": "^2.0.3",
75
- "@types/react": "^19.2.7",
75
+ "@types/react": "^19.2.8",
76
76
  "@types/react-dom": "^19.2.3",
77
77
  "@types/request-ip": "^0.0.41",
78
78
  "@types/serialize-javascript": "^5.0.4",
@@ -91,8 +91,8 @@
91
91
  "identity-obj-proxy": "^3.0.0",
92
92
  "jest": "^30.2.0",
93
93
  "jest-environment-jsdom": "^30.2.0",
94
- "memfs": "^4.51.1",
95
- "mini-css-extract-plugin": "^2.9.4",
94
+ "memfs": "^4.53.0",
95
+ "mini-css-extract-plugin": "^2.10.0",
96
96
  "mockdate": "^3.0.5",
97
97
  "nodelist-foreach-polyfill": "^1.2.0",
98
98
  "postcss": "^8.5.6",
@@ -101,15 +101,15 @@
101
101
  "pretty": "^2.0.0",
102
102
  "react-refresh": "^0.18.0",
103
103
  "resolve-url-loader": "^5.0.0",
104
- "sass": "^1.97.1",
104
+ "sass": "^1.97.2",
105
105
  "sass-loader": "^16.0.6",
106
106
  "sitemap": "^9.0.0",
107
107
  "source-map-loader": "^5.0.0",
108
108
  "stylelint": "^16.26.1",
109
109
  "stylelint-config-standard-scss": "^16.0.0",
110
- "supertest": "^7.1.4",
110
+ "supertest": "^7.2.2",
111
111
  "tsc-alias": "1.8.16",
112
- "tstyche": "^5.0.2",
112
+ "tstyche": "^6.0.2",
113
113
  "typed-scss-modules": "^8.1.1",
114
114
  "typescript": "^5.9.3",
115
115
  "webpack": "^5.104.1",