@electron-memory/monitor 0.2.1 → 0.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +26 -7
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +26 -7
- package/dist/index.mjs.map +1 -1
- package/dist/ui/index.html +3 -3
- package/package.json +70 -70
package/dist/index.mjs
CHANGED
|
@@ -1104,8 +1104,18 @@ function isPathInsideRoot(filePath, root) {
|
|
|
1104
1104
|
if (f === r) {
|
|
1105
1105
|
return true;
|
|
1106
1106
|
}
|
|
1107
|
-
const
|
|
1108
|
-
|
|
1107
|
+
const rel = path2.relative(r, f);
|
|
1108
|
+
if (!rel || rel.startsWith("..") || path2.isAbsolute(rel)) {
|
|
1109
|
+
return false;
|
|
1110
|
+
}
|
|
1111
|
+
return true;
|
|
1112
|
+
}
|
|
1113
|
+
function corsHeaders() {
|
|
1114
|
+
return {
|
|
1115
|
+
"Access-Control-Allow-Origin": "*",
|
|
1116
|
+
"Access-Control-Allow-Methods": "GET, OPTIONS",
|
|
1117
|
+
"Access-Control-Allow-Headers": "*"
|
|
1118
|
+
};
|
|
1109
1119
|
}
|
|
1110
1120
|
function registerDashboardSchemePrivileged() {
|
|
1111
1121
|
if (privilegedRegistered) {
|
|
@@ -1137,15 +1147,23 @@ function ensureDashboardProtocolHandler(uiRoot) {
|
|
|
1137
1147
|
handlerRegistered = true;
|
|
1138
1148
|
const base = path2.resolve(uiRoot);
|
|
1139
1149
|
protocol.handle(SCHEME, async (request) => {
|
|
1150
|
+
if (request.method === "OPTIONS") {
|
|
1151
|
+
return new Response(null, { status: 204, headers: corsHeaders() });
|
|
1152
|
+
}
|
|
1140
1153
|
try {
|
|
1141
|
-
|
|
1142
|
-
|
|
1154
|
+
let pathname;
|
|
1155
|
+
try {
|
|
1156
|
+
pathname = decodeURIComponent(new URL(request.url).pathname);
|
|
1157
|
+
} catch {
|
|
1158
|
+
return new Response("Bad URL", { status: 400, headers: corsHeaders() });
|
|
1159
|
+
}
|
|
1160
|
+
let rel = pathname.replace(/^\/+/, "");
|
|
1143
1161
|
if (!rel) {
|
|
1144
1162
|
rel = "index.html";
|
|
1145
1163
|
}
|
|
1146
1164
|
const filePath = path2.resolve(path2.join(base, rel));
|
|
1147
1165
|
if (!isPathInsideRoot(filePath, base)) {
|
|
1148
|
-
return new Response("Forbidden", { status: 403 });
|
|
1166
|
+
return new Response("Forbidden", { status: 403, headers: corsHeaders() });
|
|
1149
1167
|
}
|
|
1150
1168
|
const body = await readFile(filePath);
|
|
1151
1169
|
const ext = path2.extname(filePath).toLowerCase();
|
|
@@ -1154,12 +1172,13 @@ function ensureDashboardProtocolHandler(uiRoot) {
|
|
|
1154
1172
|
status: 200,
|
|
1155
1173
|
headers: {
|
|
1156
1174
|
"Content-Type": mime,
|
|
1157
|
-
"Cache-Control": "no-store"
|
|
1175
|
+
"Cache-Control": "no-store",
|
|
1176
|
+
...corsHeaders()
|
|
1158
1177
|
}
|
|
1159
1178
|
});
|
|
1160
1179
|
} catch (err) {
|
|
1161
1180
|
const msg = err instanceof Error ? err.message : String(err);
|
|
1162
|
-
return new Response(msg, { status: 404 });
|
|
1181
|
+
return new Response(msg, { status: 404, headers: corsHeaders() });
|
|
1163
1182
|
}
|
|
1164
1183
|
});
|
|
1165
1184
|
}
|