@electron-memory/monitor 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +26 -7
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +26 -7
- package/dist/index.mjs.map +1 -1
- package/dist/ui/index.html +3 -3
- package/package.json +70 -70
package/dist/index.js
CHANGED
|
@@ -1142,8 +1142,18 @@ function isPathInsideRoot(filePath, root) {
|
|
|
1142
1142
|
if (f === r) {
|
|
1143
1143
|
return true;
|
|
1144
1144
|
}
|
|
1145
|
-
const
|
|
1146
|
-
|
|
1145
|
+
const rel = path2.relative(r, f);
|
|
1146
|
+
if (!rel || rel.startsWith("..") || path2.isAbsolute(rel)) {
|
|
1147
|
+
return false;
|
|
1148
|
+
}
|
|
1149
|
+
return true;
|
|
1150
|
+
}
|
|
1151
|
+
function corsHeaders() {
|
|
1152
|
+
return {
|
|
1153
|
+
"Access-Control-Allow-Origin": "*",
|
|
1154
|
+
"Access-Control-Allow-Methods": "GET, OPTIONS",
|
|
1155
|
+
"Access-Control-Allow-Headers": "*"
|
|
1156
|
+
};
|
|
1147
1157
|
}
|
|
1148
1158
|
function registerDashboardSchemePrivileged() {
|
|
1149
1159
|
if (privilegedRegistered) {
|
|
@@ -1175,15 +1185,23 @@ function ensureDashboardProtocolHandler(uiRoot) {
|
|
|
1175
1185
|
handlerRegistered = true;
|
|
1176
1186
|
const base = path2.resolve(uiRoot);
|
|
1177
1187
|
import_electron2.protocol.handle(SCHEME, async (request) => {
|
|
1188
|
+
if (request.method === "OPTIONS") {
|
|
1189
|
+
return new Response(null, { status: 204, headers: corsHeaders() });
|
|
1190
|
+
}
|
|
1178
1191
|
try {
|
|
1179
|
-
|
|
1180
|
-
|
|
1192
|
+
let pathname;
|
|
1193
|
+
try {
|
|
1194
|
+
pathname = decodeURIComponent(new URL(request.url).pathname);
|
|
1195
|
+
} catch {
|
|
1196
|
+
return new Response("Bad URL", { status: 400, headers: corsHeaders() });
|
|
1197
|
+
}
|
|
1198
|
+
let rel = pathname.replace(/^\/+/, "");
|
|
1181
1199
|
if (!rel) {
|
|
1182
1200
|
rel = "index.html";
|
|
1183
1201
|
}
|
|
1184
1202
|
const filePath = path2.resolve(path2.join(base, rel));
|
|
1185
1203
|
if (!isPathInsideRoot(filePath, base)) {
|
|
1186
|
-
return new Response("Forbidden", { status: 403 });
|
|
1204
|
+
return new Response("Forbidden", { status: 403, headers: corsHeaders() });
|
|
1187
1205
|
}
|
|
1188
1206
|
const body = await (0, import_promises.readFile)(filePath);
|
|
1189
1207
|
const ext = path2.extname(filePath).toLowerCase();
|
|
@@ -1192,12 +1210,13 @@ function ensureDashboardProtocolHandler(uiRoot) {
|
|
|
1192
1210
|
status: 200,
|
|
1193
1211
|
headers: {
|
|
1194
1212
|
"Content-Type": mime,
|
|
1195
|
-
"Cache-Control": "no-store"
|
|
1213
|
+
"Cache-Control": "no-store",
|
|
1214
|
+
...corsHeaders()
|
|
1196
1215
|
}
|
|
1197
1216
|
});
|
|
1198
1217
|
} catch (err) {
|
|
1199
1218
|
const msg = err instanceof Error ? err.message : String(err);
|
|
1200
|
-
return new Response(msg, { status: 404 });
|
|
1219
|
+
return new Response(msg, { status: 404, headers: corsHeaders() });
|
|
1201
1220
|
}
|
|
1202
1221
|
});
|
|
1203
1222
|
}
|