@middy/http-router 4.6.1 → 4.6.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.cjs +14 -3
- package/index.js +14 -3
- package/package.json +4 -4
package/index.cjs
CHANGED
|
@@ -15,16 +15,20 @@ const httpRouteHandler = (routes)=>{
|
|
|
15
15
|
const enumMethods = methods.concat('ANY');
|
|
16
16
|
for (const route of routes){
|
|
17
17
|
let { method, path, handler } = route;
|
|
18
|
+
// Prevents `routesType[method][path] = handler` from flagging: This assignment may alter Object.prototype if a malicious '__proto__' string is injected from library input.
|
|
18
19
|
if (!enumMethods.includes(method)) {
|
|
19
20
|
throw new Error('[http-router] Method not allowed');
|
|
20
21
|
}
|
|
22
|
+
// remove trailing slash, but not if it's the first one
|
|
21
23
|
if (path.endsWith('/') && path !== '/') {
|
|
22
24
|
path = path.substr(0, path.length - 1);
|
|
23
25
|
}
|
|
26
|
+
// Static
|
|
24
27
|
if (path.indexOf('{') < 0) {
|
|
25
28
|
attachStaticRoute(method, path, handler, routesStatic);
|
|
26
29
|
continue;
|
|
27
30
|
}
|
|
31
|
+
// Dynamic
|
|
28
32
|
attachDynamicRoute(method, path, handler, routesDynamic);
|
|
29
33
|
}
|
|
30
34
|
return (event, context, abort)=>{
|
|
@@ -32,10 +36,12 @@ const httpRouteHandler = (routes)=>{
|
|
|
32
36
|
if (!method) {
|
|
33
37
|
throw new Error('[http-router] Unknown http event format');
|
|
34
38
|
}
|
|
39
|
+
// Static
|
|
35
40
|
const handler = routesStatic[method]?.[path];
|
|
36
41
|
if (typeof handler !== 'undefined') {
|
|
37
42
|
return handler(event, context, abort);
|
|
38
43
|
}
|
|
44
|
+
// Dynamic
|
|
39
45
|
for (const route of routesDynamic[method] ?? []){
|
|
40
46
|
const match = path.match(route.path);
|
|
41
47
|
if (match) {
|
|
@@ -46,6 +52,7 @@ const httpRouteHandler = (routes)=>{
|
|
|
46
52
|
return route.handler(event, context, abort);
|
|
47
53
|
}
|
|
48
54
|
}
|
|
55
|
+
// Not Found
|
|
49
56
|
throw (0, _util.createError)(404, 'Route does not exist');
|
|
50
57
|
};
|
|
51
58
|
};
|
|
@@ -59,7 +66,8 @@ const methods = [
|
|
|
59
66
|
'DELETE',
|
|
60
67
|
'OPTIONS',
|
|
61
68
|
'HEAD'
|
|
62
|
-
]
|
|
69
|
+
] // ANY excluded by design
|
|
70
|
+
;
|
|
63
71
|
const attachStaticRoute = (method, path, handler, routesType)=>{
|
|
64
72
|
if (method === 'ANY') {
|
|
65
73
|
for (const method of methods){
|
|
@@ -71,7 +79,8 @@ const attachStaticRoute = (method, path, handler, routesType)=>{
|
|
|
71
79
|
routesType[method] = {};
|
|
72
80
|
}
|
|
73
81
|
routesType[method][path] = handler;
|
|
74
|
-
routesType[method][path + '/'] = handler
|
|
82
|
+
routesType[method][path + '/'] = handler // Optional `/`
|
|
83
|
+
;
|
|
75
84
|
};
|
|
76
85
|
const attachDynamicRoute = (method, path, handler, routesType)=>{
|
|
77
86
|
if (method === 'ANY') {
|
|
@@ -84,13 +93,15 @@ const attachDynamicRoute = (method, path, handler, routesType)=>{
|
|
|
84
93
|
routesType[method] = [];
|
|
85
94
|
}
|
|
86
95
|
path = path.replace(regexpDynamicWildcards, '/?(?<$1>.*)').replace(regexpDynamicParameters, '/(?<$1>[^/]+)');
|
|
87
|
-
path = new RegExp(`^${path}/?$`)
|
|
96
|
+
path = new RegExp(`^${path}/?$`) // Adds in optional `/`
|
|
97
|
+
;
|
|
88
98
|
routesType[method].push({
|
|
89
99
|
path,
|
|
90
100
|
handler
|
|
91
101
|
});
|
|
92
102
|
};
|
|
93
103
|
const pickVersion = (event)=>{
|
|
104
|
+
// '1.0' is a safer default
|
|
94
105
|
return event.version ?? (event.method ? 'vpc' : '1.0');
|
|
95
106
|
};
|
|
96
107
|
const getVersionRoute = {
|
package/index.js
CHANGED
|
@@ -5,16 +5,20 @@ const httpRouteHandler = (routes)=>{
|
|
|
5
5
|
const enumMethods = methods.concat('ANY');
|
|
6
6
|
for (const route of routes){
|
|
7
7
|
let { method, path, handler } = route;
|
|
8
|
+
// Prevents `routesType[method][path] = handler` from flagging: This assignment may alter Object.prototype if a malicious '__proto__' string is injected from library input.
|
|
8
9
|
if (!enumMethods.includes(method)) {
|
|
9
10
|
throw new Error('[http-router] Method not allowed');
|
|
10
11
|
}
|
|
12
|
+
// remove trailing slash, but not if it's the first one
|
|
11
13
|
if (path.endsWith('/') && path !== '/') {
|
|
12
14
|
path = path.substr(0, path.length - 1);
|
|
13
15
|
}
|
|
16
|
+
// Static
|
|
14
17
|
if (path.indexOf('{') < 0) {
|
|
15
18
|
attachStaticRoute(method, path, handler, routesStatic);
|
|
16
19
|
continue;
|
|
17
20
|
}
|
|
21
|
+
// Dynamic
|
|
18
22
|
attachDynamicRoute(method, path, handler, routesDynamic);
|
|
19
23
|
}
|
|
20
24
|
return (event, context, abort)=>{
|
|
@@ -22,10 +26,12 @@ const httpRouteHandler = (routes)=>{
|
|
|
22
26
|
if (!method) {
|
|
23
27
|
throw new Error('[http-router] Unknown http event format');
|
|
24
28
|
}
|
|
29
|
+
// Static
|
|
25
30
|
const handler = routesStatic[method]?.[path];
|
|
26
31
|
if (typeof handler !== 'undefined') {
|
|
27
32
|
return handler(event, context, abort);
|
|
28
33
|
}
|
|
34
|
+
// Dynamic
|
|
29
35
|
for (const route of routesDynamic[method] ?? []){
|
|
30
36
|
const match = path.match(route.path);
|
|
31
37
|
if (match) {
|
|
@@ -36,6 +42,7 @@ const httpRouteHandler = (routes)=>{
|
|
|
36
42
|
return route.handler(event, context, abort);
|
|
37
43
|
}
|
|
38
44
|
}
|
|
45
|
+
// Not Found
|
|
39
46
|
throw createError(404, 'Route does not exist');
|
|
40
47
|
};
|
|
41
48
|
};
|
|
@@ -49,7 +56,8 @@ const methods = [
|
|
|
49
56
|
'DELETE',
|
|
50
57
|
'OPTIONS',
|
|
51
58
|
'HEAD'
|
|
52
|
-
]
|
|
59
|
+
] // ANY excluded by design
|
|
60
|
+
;
|
|
53
61
|
const attachStaticRoute = (method, path, handler, routesType)=>{
|
|
54
62
|
if (method === 'ANY') {
|
|
55
63
|
for (const method of methods){
|
|
@@ -61,7 +69,8 @@ const attachStaticRoute = (method, path, handler, routesType)=>{
|
|
|
61
69
|
routesType[method] = {};
|
|
62
70
|
}
|
|
63
71
|
routesType[method][path] = handler;
|
|
64
|
-
routesType[method][path + '/'] = handler
|
|
72
|
+
routesType[method][path + '/'] = handler // Optional `/`
|
|
73
|
+
;
|
|
65
74
|
};
|
|
66
75
|
const attachDynamicRoute = (method, path, handler, routesType)=>{
|
|
67
76
|
if (method === 'ANY') {
|
|
@@ -74,13 +83,15 @@ const attachDynamicRoute = (method, path, handler, routesType)=>{
|
|
|
74
83
|
routesType[method] = [];
|
|
75
84
|
}
|
|
76
85
|
path = path.replace(regexpDynamicWildcards, '/?(?<$1>.*)').replace(regexpDynamicParameters, '/(?<$1>[^/]+)');
|
|
77
|
-
path = new RegExp(`^${path}/?$`)
|
|
86
|
+
path = new RegExp(`^${path}/?$`) // Adds in optional `/`
|
|
87
|
+
;
|
|
78
88
|
routesType[method].push({
|
|
79
89
|
path,
|
|
80
90
|
handler
|
|
81
91
|
});
|
|
82
92
|
};
|
|
83
93
|
const pickVersion = (event)=>{
|
|
94
|
+
// '1.0' is a safer default
|
|
84
95
|
return event.version ?? (event.method ? 'vpc' : '1.0');
|
|
85
96
|
};
|
|
86
97
|
const getVersionRoute = {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@middy/http-router",
|
|
3
|
-
"version": "4.6.
|
|
3
|
+
"version": "4.6.3",
|
|
4
4
|
"description": "HTTP event router for the middy framework",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"engines": {
|
|
@@ -66,11 +66,11 @@
|
|
|
66
66
|
"url": "https://github.com/sponsors/willfarrell"
|
|
67
67
|
},
|
|
68
68
|
"dependencies": {
|
|
69
|
-
"@middy/util": "4.6.
|
|
69
|
+
"@middy/util": "4.6.3"
|
|
70
70
|
},
|
|
71
71
|
"devDependencies": {
|
|
72
|
-
"@middy/core": "4.6.
|
|
72
|
+
"@middy/core": "4.6.3",
|
|
73
73
|
"@types/aws-lambda": "^8.10.97"
|
|
74
74
|
},
|
|
75
|
-
"gitHead": "
|
|
75
|
+
"gitHead": "4873f6e64cc4a7dbe8739ed3e45ef458dfe0dba1"
|
|
76
76
|
}
|