@lark-apaas/fullstack-nestjs-core 1.1.12-alpha.2 → 1.1.12-alpha.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +46 -6
- package/dist/index.js +46 -6
- package/package.json +2 -3
package/dist/index.cjs
CHANGED
|
@@ -170,7 +170,47 @@ CsrfMiddleware = _ts_decorate2([
|
|
|
170
170
|
// src/middlewares/view-context/index.ts
|
|
171
171
|
var import_common3 = require("@nestjs/common");
|
|
172
172
|
var import_nestjs_common = require("@lark-apaas/nestjs-common");
|
|
173
|
-
|
|
173
|
+
|
|
174
|
+
// src/utils/safe-stringify.ts
|
|
175
|
+
function safeStringify(obj) {
|
|
176
|
+
const json = JSON.stringify(obj);
|
|
177
|
+
return safeEscape(json);
|
|
178
|
+
}
|
|
179
|
+
__name(safeStringify, "safeStringify");
|
|
180
|
+
function safeEscape(s) {
|
|
181
|
+
return s.replace(/[<>&='\u2028\u2029]/g, function(c) {
|
|
182
|
+
switch (c.charCodeAt(0)) {
|
|
183
|
+
case 60:
|
|
184
|
+
return "\\u003c";
|
|
185
|
+
// <
|
|
186
|
+
case 62:
|
|
187
|
+
return "\\u003e";
|
|
188
|
+
// >
|
|
189
|
+
case 38:
|
|
190
|
+
return "\\u0026";
|
|
191
|
+
// &
|
|
192
|
+
case 61:
|
|
193
|
+
return "\\u003d";
|
|
194
|
+
// =
|
|
195
|
+
case 39:
|
|
196
|
+
return "\\u0027";
|
|
197
|
+
// '
|
|
198
|
+
// 正常来说用户无法输入这几个字符, 现代浏览器也修复了这个问题
|
|
199
|
+
// https://zhuanlan.zhihu.com/p/29958439
|
|
200
|
+
case 8232:
|
|
201
|
+
return "\\u2028";
|
|
202
|
+
// 行分隔符
|
|
203
|
+
case 8233:
|
|
204
|
+
return "\\u2029";
|
|
205
|
+
// 段落分隔符
|
|
206
|
+
default:
|
|
207
|
+
return c;
|
|
208
|
+
}
|
|
209
|
+
});
|
|
210
|
+
}
|
|
211
|
+
__name(safeEscape, "safeEscape");
|
|
212
|
+
|
|
213
|
+
// src/middlewares/view-context/index.ts
|
|
174
214
|
function _ts_decorate3(decorators, target, key, desc) {
|
|
175
215
|
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
176
216
|
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
@@ -226,9 +266,9 @@ var ViewContextMiddleware = class _ViewContextMiddleware {
|
|
|
226
266
|
csrfToken: csrfToken ?? "",
|
|
227
267
|
userId: userId ?? "",
|
|
228
268
|
appId: appId ?? "",
|
|
229
|
-
appName: (
|
|
269
|
+
appName: safeStringify(appInfo?.app_name ?? ""),
|
|
230
270
|
appAvatar: appInfo?.app_avatar ?? "",
|
|
231
|
-
appDescription: (
|
|
271
|
+
appDescription: safeStringify(appInfo?.app_description ?? ""),
|
|
232
272
|
tenantId
|
|
233
273
|
};
|
|
234
274
|
res.locals = {
|
|
@@ -237,9 +277,9 @@ var ViewContextMiddleware = class _ViewContextMiddleware {
|
|
|
237
277
|
userId: userId ?? "",
|
|
238
278
|
tenantId: tenantId ?? "",
|
|
239
279
|
appId: appId ?? "",
|
|
240
|
-
appName: (
|
|
280
|
+
appName: safeStringify(appInfo?.app_name ?? "\u5999\u642D\u5E94\u7528"),
|
|
241
281
|
appAvatar: appInfo?.app_avatar ?? "",
|
|
242
|
-
appDescription: (
|
|
282
|
+
appDescription: safeStringify(appInfo?.app_description ?? "")
|
|
243
283
|
};
|
|
244
284
|
next();
|
|
245
285
|
}
|
|
@@ -718,7 +758,7 @@ PlatformHttpClientService = _ts_decorate8([
|
|
|
718
758
|
], PlatformHttpClientService);
|
|
719
759
|
|
|
720
760
|
// src/modules/platform/config/feature-switch.ts
|
|
721
|
-
var DISABLE_DATAPASS = process.env.
|
|
761
|
+
var DISABLE_DATAPASS = process.env.FORCE_FRAMEWORK_DISABLE_DATAPASS === "true";
|
|
722
762
|
|
|
723
763
|
// src/modules/platform/module.ts
|
|
724
764
|
function _ts_decorate9(decorators, target, key, desc) {
|
package/dist/index.js
CHANGED
|
@@ -128,7 +128,47 @@ CsrfMiddleware = _ts_decorate2([
|
|
|
128
128
|
// src/middlewares/view-context/index.ts
|
|
129
129
|
import { Inject, Injectable as Injectable3, Logger } from "@nestjs/common";
|
|
130
130
|
import { PLATFORM_HTTP_CLIENT } from "@lark-apaas/nestjs-common";
|
|
131
|
-
|
|
131
|
+
|
|
132
|
+
// src/utils/safe-stringify.ts
|
|
133
|
+
function safeStringify(obj) {
|
|
134
|
+
const json = JSON.stringify(obj);
|
|
135
|
+
return safeEscape(json);
|
|
136
|
+
}
|
|
137
|
+
__name(safeStringify, "safeStringify");
|
|
138
|
+
function safeEscape(s) {
|
|
139
|
+
return s.replace(/[<>&='\u2028\u2029]/g, function(c) {
|
|
140
|
+
switch (c.charCodeAt(0)) {
|
|
141
|
+
case 60:
|
|
142
|
+
return "\\u003c";
|
|
143
|
+
// <
|
|
144
|
+
case 62:
|
|
145
|
+
return "\\u003e";
|
|
146
|
+
// >
|
|
147
|
+
case 38:
|
|
148
|
+
return "\\u0026";
|
|
149
|
+
// &
|
|
150
|
+
case 61:
|
|
151
|
+
return "\\u003d";
|
|
152
|
+
// =
|
|
153
|
+
case 39:
|
|
154
|
+
return "\\u0027";
|
|
155
|
+
// '
|
|
156
|
+
// 正常来说用户无法输入这几个字符, 现代浏览器也修复了这个问题
|
|
157
|
+
// https://zhuanlan.zhihu.com/p/29958439
|
|
158
|
+
case 8232:
|
|
159
|
+
return "\\u2028";
|
|
160
|
+
// 行分隔符
|
|
161
|
+
case 8233:
|
|
162
|
+
return "\\u2029";
|
|
163
|
+
// 段落分隔符
|
|
164
|
+
default:
|
|
165
|
+
return c;
|
|
166
|
+
}
|
|
167
|
+
});
|
|
168
|
+
}
|
|
169
|
+
__name(safeEscape, "safeEscape");
|
|
170
|
+
|
|
171
|
+
// src/middlewares/view-context/index.ts
|
|
132
172
|
function _ts_decorate3(decorators, target, key, desc) {
|
|
133
173
|
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
|
|
134
174
|
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
|
|
@@ -184,9 +224,9 @@ var ViewContextMiddleware = class _ViewContextMiddleware {
|
|
|
184
224
|
csrfToken: csrfToken ?? "",
|
|
185
225
|
userId: userId ?? "",
|
|
186
226
|
appId: appId ?? "",
|
|
187
|
-
appName:
|
|
227
|
+
appName: safeStringify(appInfo?.app_name ?? ""),
|
|
188
228
|
appAvatar: appInfo?.app_avatar ?? "",
|
|
189
|
-
appDescription:
|
|
229
|
+
appDescription: safeStringify(appInfo?.app_description ?? ""),
|
|
190
230
|
tenantId
|
|
191
231
|
};
|
|
192
232
|
res.locals = {
|
|
@@ -195,9 +235,9 @@ var ViewContextMiddleware = class _ViewContextMiddleware {
|
|
|
195
235
|
userId: userId ?? "",
|
|
196
236
|
tenantId: tenantId ?? "",
|
|
197
237
|
appId: appId ?? "",
|
|
198
|
-
appName:
|
|
238
|
+
appName: safeStringify(appInfo?.app_name ?? "\u5999\u642D\u5E94\u7528"),
|
|
199
239
|
appAvatar: appInfo?.app_avatar ?? "",
|
|
200
|
-
appDescription:
|
|
240
|
+
appDescription: safeStringify(appInfo?.app_description ?? "")
|
|
201
241
|
};
|
|
202
242
|
next();
|
|
203
243
|
}
|
|
@@ -676,7 +716,7 @@ PlatformHttpClientService = _ts_decorate8([
|
|
|
676
716
|
], PlatformHttpClientService);
|
|
677
717
|
|
|
678
718
|
// src/modules/platform/config/feature-switch.ts
|
|
679
|
-
var DISABLE_DATAPASS = process.env.
|
|
719
|
+
var DISABLE_DATAPASS = process.env.FORCE_FRAMEWORK_DISABLE_DATAPASS === "true";
|
|
680
720
|
|
|
681
721
|
// src/modules/platform/module.ts
|
|
682
722
|
function _ts_decorate9(decorators, target, key, desc) {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@lark-apaas/fullstack-nestjs-core",
|
|
3
|
-
"version": "1.1.12-alpha.
|
|
3
|
+
"version": "1.1.12-alpha.3",
|
|
4
4
|
"description": "FullStack Nestjs Core",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -49,8 +49,7 @@
|
|
|
49
49
|
"@lark-apaas/nestjs-trigger": "^0.0.1",
|
|
50
50
|
"@nestjs/axios": "^4.0.1",
|
|
51
51
|
"axios": "^1.13.2",
|
|
52
|
-
"cookie-parser": "^1.4.7"
|
|
53
|
-
"serialize-javascript": "^7.0.2"
|
|
52
|
+
"cookie-parser": "^1.4.7"
|
|
54
53
|
},
|
|
55
54
|
"devDependencies": {
|
|
56
55
|
"@nestjs/common": "^10.4.20",
|