@jaypie/express 1.2.5 → 1.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.cjs +34 -4
- package/dist/cjs/index.cjs.map +1 -1
- package/dist/esm/index.js +34 -4
- package/dist/esm/index.js.map +1 -1
- package/package.json +1 -1
package/dist/esm/index.js
CHANGED
|
@@ -149,7 +149,8 @@ function buildQueryFromMultiValue(multiValueParams) {
|
|
|
149
149
|
const existingValues = result[key];
|
|
150
150
|
if (existingValues === undefined) {
|
|
151
151
|
// First occurrence - use array if multiple values or bracket notation
|
|
152
|
-
result[key] =
|
|
152
|
+
result[key] =
|
|
153
|
+
values.length === 1 && !rawKey.endsWith("[]") ? values[0] : values;
|
|
153
154
|
}
|
|
154
155
|
else if (Array.isArray(existingValues)) {
|
|
155
156
|
existingValues.push(...values);
|
|
@@ -1047,7 +1048,9 @@ function createLambdaHandler(app, _options) {
|
|
|
1047
1048
|
{
|
|
1048
1049
|
status: 500,
|
|
1049
1050
|
title: "Internal Server Error",
|
|
1050
|
-
detail: error instanceof Error
|
|
1051
|
+
detail: error instanceof Error
|
|
1052
|
+
? error.message
|
|
1053
|
+
: "Unknown error occurred",
|
|
1051
1054
|
},
|
|
1052
1055
|
],
|
|
1053
1056
|
}),
|
|
@@ -1134,6 +1137,33 @@ const ensureProtocol = (url) => {
|
|
|
1134
1137
|
return url;
|
|
1135
1138
|
return HTTPS_PROTOCOL + url;
|
|
1136
1139
|
};
|
|
1140
|
+
const extractHostname = (origin) => {
|
|
1141
|
+
try {
|
|
1142
|
+
const url = new URL(origin);
|
|
1143
|
+
return url.hostname;
|
|
1144
|
+
}
|
|
1145
|
+
catch {
|
|
1146
|
+
return undefined;
|
|
1147
|
+
}
|
|
1148
|
+
};
|
|
1149
|
+
const isOriginAllowed = (requestOrigin, allowed) => {
|
|
1150
|
+
const normalizedAllowed = ensureProtocol(allowed);
|
|
1151
|
+
const normalizedRequest = ensureProtocol(requestOrigin);
|
|
1152
|
+
const allowedHostname = extractHostname(normalizedAllowed);
|
|
1153
|
+
const requestHostname = extractHostname(normalizedRequest);
|
|
1154
|
+
if (!allowedHostname || !requestHostname) {
|
|
1155
|
+
return false;
|
|
1156
|
+
}
|
|
1157
|
+
// Exact match
|
|
1158
|
+
if (requestHostname === allowedHostname) {
|
|
1159
|
+
return true;
|
|
1160
|
+
}
|
|
1161
|
+
// Subdomain match
|
|
1162
|
+
if (requestHostname.endsWith(`.${allowedHostname}`)) {
|
|
1163
|
+
return true;
|
|
1164
|
+
}
|
|
1165
|
+
return false;
|
|
1166
|
+
};
|
|
1137
1167
|
const dynamicOriginCallbackHandler = (origin) => {
|
|
1138
1168
|
return (requestOrigin, callback) => {
|
|
1139
1169
|
// Handle wildcard origin
|
|
@@ -1167,7 +1197,7 @@ const dynamicOriginCallbackHandler = (origin) => {
|
|
|
1167
1197
|
if (allowed instanceof RegExp) {
|
|
1168
1198
|
return allowed.test(requestOrigin);
|
|
1169
1199
|
}
|
|
1170
|
-
return requestOrigin
|
|
1200
|
+
return isOriginAllowed(requestOrigin, allowed);
|
|
1171
1201
|
});
|
|
1172
1202
|
if (isAllowed) {
|
|
1173
1203
|
callback(null, true);
|
|
@@ -1438,7 +1468,7 @@ const logger$1 = log;
|
|
|
1438
1468
|
* Uses Symbol marker to survive prototype chain modifications from Express and dd-trace.
|
|
1439
1469
|
*/
|
|
1440
1470
|
function isLambdaMockResponse(res) {
|
|
1441
|
-
return res[JAYPIE_LAMBDA_MOCK] === true;
|
|
1471
|
+
return (res[JAYPIE_LAMBDA_MOCK] === true);
|
|
1442
1472
|
}
|
|
1443
1473
|
/**
|
|
1444
1474
|
* Safely send a JSON response, avoiding dd-trace interception.
|