@jaypie/express 1.2.5 → 1.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.cjs +34 -4
- package/dist/cjs/index.cjs.map +1 -1
- package/dist/esm/index.js +34 -4
- package/dist/esm/index.js.map +1 -1
- package/package.json +1 -1
package/dist/cjs/index.cjs
CHANGED
|
@@ -151,7 +151,8 @@ function buildQueryFromMultiValue(multiValueParams) {
|
|
|
151
151
|
const existingValues = result[key];
|
|
152
152
|
if (existingValues === undefined) {
|
|
153
153
|
// First occurrence - use array if multiple values or bracket notation
|
|
154
|
-
result[key] =
|
|
154
|
+
result[key] =
|
|
155
|
+
values.length === 1 && !rawKey.endsWith("[]") ? values[0] : values;
|
|
155
156
|
}
|
|
156
157
|
else if (Array.isArray(existingValues)) {
|
|
157
158
|
existingValues.push(...values);
|
|
@@ -1049,7 +1050,9 @@ function createLambdaHandler(app, _options) {
|
|
|
1049
1050
|
{
|
|
1050
1051
|
status: 500,
|
|
1051
1052
|
title: "Internal Server Error",
|
|
1052
|
-
detail: error instanceof Error
|
|
1053
|
+
detail: error instanceof Error
|
|
1054
|
+
? error.message
|
|
1055
|
+
: "Unknown error occurred",
|
|
1053
1056
|
},
|
|
1054
1057
|
],
|
|
1055
1058
|
}),
|
|
@@ -1136,6 +1139,33 @@ const ensureProtocol = (url) => {
|
|
|
1136
1139
|
return url;
|
|
1137
1140
|
return HTTPS_PROTOCOL + url;
|
|
1138
1141
|
};
|
|
1142
|
+
const extractHostname = (origin) => {
|
|
1143
|
+
try {
|
|
1144
|
+
const url = new URL(origin);
|
|
1145
|
+
return url.hostname;
|
|
1146
|
+
}
|
|
1147
|
+
catch {
|
|
1148
|
+
return undefined;
|
|
1149
|
+
}
|
|
1150
|
+
};
|
|
1151
|
+
const isOriginAllowed = (requestOrigin, allowed) => {
|
|
1152
|
+
const normalizedAllowed = ensureProtocol(allowed);
|
|
1153
|
+
const normalizedRequest = ensureProtocol(requestOrigin);
|
|
1154
|
+
const allowedHostname = extractHostname(normalizedAllowed);
|
|
1155
|
+
const requestHostname = extractHostname(normalizedRequest);
|
|
1156
|
+
if (!allowedHostname || !requestHostname) {
|
|
1157
|
+
return false;
|
|
1158
|
+
}
|
|
1159
|
+
// Exact match
|
|
1160
|
+
if (requestHostname === allowedHostname) {
|
|
1161
|
+
return true;
|
|
1162
|
+
}
|
|
1163
|
+
// Subdomain match
|
|
1164
|
+
if (requestHostname.endsWith(`.${allowedHostname}`)) {
|
|
1165
|
+
return true;
|
|
1166
|
+
}
|
|
1167
|
+
return false;
|
|
1168
|
+
};
|
|
1139
1169
|
const dynamicOriginCallbackHandler = (origin) => {
|
|
1140
1170
|
return (requestOrigin, callback) => {
|
|
1141
1171
|
// Handle wildcard origin
|
|
@@ -1169,7 +1199,7 @@ const dynamicOriginCallbackHandler = (origin) => {
|
|
|
1169
1199
|
if (allowed instanceof RegExp) {
|
|
1170
1200
|
return allowed.test(requestOrigin);
|
|
1171
1201
|
}
|
|
1172
|
-
return requestOrigin
|
|
1202
|
+
return isOriginAllowed(requestOrigin, allowed);
|
|
1173
1203
|
});
|
|
1174
1204
|
if (isAllowed) {
|
|
1175
1205
|
callback(null, true);
|
|
@@ -1440,7 +1470,7 @@ const logger$1 = logger$2.log;
|
|
|
1440
1470
|
* Uses Symbol marker to survive prototype chain modifications from Express and dd-trace.
|
|
1441
1471
|
*/
|
|
1442
1472
|
function isLambdaMockResponse(res) {
|
|
1443
|
-
return res[JAYPIE_LAMBDA_MOCK] === true;
|
|
1473
|
+
return (res[JAYPIE_LAMBDA_MOCK] === true);
|
|
1444
1474
|
}
|
|
1445
1475
|
/**
|
|
1446
1476
|
* Safely send a JSON response, avoiding dd-trace interception.
|