@payloadcms/storage-s3 3.82.0 → 3.83.0-internal.791f423

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/staticHandler.d.ts.map +1 -1
  2. package/dist/staticHandler.js +20 -18
  3. package/dist/staticHandler.js.map +1 -1
  4. package/package.json +4 -4
package/dist/staticHandler.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"staticHandler.d.ts","sourceRoot":"","sources":["../src/staticHandler.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,GAAG,MAAM,oBAAoB,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,wCAAwC,CAAA;AAC3E,OAAO,KAAK,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,SAAS,CAAA;AAU/D,MAAM,MAAM,qBAAqB,GAC7B;IACE,oBAAoB;IACpB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,kBAAkB,CAAC,CAAC,IAAI,EAAE;QACxB,UAAU,EAAE,gBAAgB,CAAA;QAC5B,QAAQ,EAAE,MAAM,CAAA;QAChB,GAAG,EAAE,cAAc,CAAA;KACpB,GAAG,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CAC/B,GACD,OAAO,CAAA;AAEX,UAAU,IAAI;IACZ,MAAM,EAAE,MAAM,CAAA;IACd,UAAU,EAAE,gBAAgB,CAAA;IAC5B,gBAAgB,EAAE,MAAM,GAAG,CAAC,EAAE,CAAA;IAC9B,eAAe,CAAC,EAAE,qBAAqB,CAAA;CACxC;AA8BD,eAAO,MAAM,UAAU,+DAKpB,IAAI,KAAG,aA+JT,CAAA"}
1
+ {"version":3,"file":"staticHandler.d.ts","sourceRoot":"","sources":["../src/staticHandler.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,KAAK,GAAG,MAAM,oBAAoB,CAAA;AAC9C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,wCAAwC,CAAA;AAC3E,OAAO,KAAK,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,SAAS,CAAA;AAU/D,MAAM,MAAM,qBAAqB,GAC7B;IACE,oBAAoB;IACpB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,kBAAkB,CAAC,CAAC,IAAI,EAAE;QACxB,UAAU,EAAE,gBAAgB,CAAA;QAC5B,QAAQ,EAAE,MAAM,CAAA;QAChB,GAAG,EAAE,cAAc,CAAA;KACpB,GAAG,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAA;CAC/B,GACD,OAAO,CAAA;AAEX,UAAU,IAAI;IACZ,MAAM,EAAE,MAAM,CAAA;IACd,UAAU,EAAE,gBAAgB,CAAA;IAC5B,gBAAgB,EAAE,MAAM,GAAG,CAAC,EAAE,CAAA;IAC9B,eAAe,CAAC,EAAE,qBAAqB,CAAA;CACxC;AA8BD,eAAO,MAAM,UAAU,+DAKpB,IAAI,KAAG,aAiKT,CAAA"}
package/dist/staticHandler.js CHANGED
@@ -58,7 +58,7 @@ export const getHandler = ({ bucket, collection, getStorageClient, signedDownloa
58
58
  return Response.redirect(signedUrl, 302);
59
59
  }
60
60
  }
61
- // Get file size first for range validation
61
+ // Get file size first for range validation and to set Content-Length header before streaming
62
62
  const headObject = await getStorageClient().headObject({
63
63
  Bucket: bucket,
64
64
  Key: key
@@ -82,32 +82,21 @@ export const getHandler = ({ bucket, collection, getStorageClient, signedDownloa
82
82
  });
83
83
  }
84
84
  const rangeForS3 = rangeResult.type === 'partial' ? `bytes=${rangeResult.rangeStart}-${rangeResult.rangeEnd}` : undefined;
85
- object = await getStorageClient().getObject({
86
- Bucket: bucket,
87
- Key: key,
88
- Range: rangeForS3
89
- }, {
90
- abortSignal: abortController.signal
91
- });
92
- if (!object.Body) {
93
- return new Response(null, {
94
- status: 404,
95
- statusText: 'Not Found'
96
- });
97
- }
98
85
  let headers = new Headers(incomingHeaders);
99
86
  // Add range-related headers from the result
100
87
  for (const [key, value] of Object.entries(rangeResult.headers)){
101
88
  headers.append(key, value);
102
89
  }
103
- headers.append('Content-Type', String(object.ContentType));
104
- headers.append('ETag', String(object.ETag));
90
+ headers.append('Content-Type', String(headObject.ContentType));
91
+ if (headObject.ETag) {
92
+ headers.append('ETag', headObject.ETag);
93
+ }
105
94
  // Add Content-Security-Policy header for SVG files to prevent executable code
106
- if (object.ContentType === 'image/svg+xml') {
95
+ if (headObject.ContentType === 'image/svg+xml') {
107
96
  headers.append('Content-Security-Policy', "script-src 'none'");
108
97
  }
109
98
  const etagFromHeaders = req.headers.get('etag') || req.headers.get('if-none-match');
110
- const objectEtag = object.ETag;
99
+ const objectEtag = headObject.ETag;
111
100
  if (collection.upload && typeof collection.upload === 'object' && typeof collection.upload.modifyResponseHeaders === 'function') {
112
101
  headers = collection.upload.modifyResponseHeaders({
113
102
  headers
@@ -119,6 +108,19 @@ export const getHandler = ({ bucket, collection, getStorageClient, signedDownloa
119
108
  status: 304
120
109
  });
121
110
  }
111
+ object = await getStorageClient().getObject({
112
+ Bucket: bucket,
113
+ Key: key,
114
+ Range: rangeForS3
115
+ }, {
116
+ abortSignal: abortController.signal
117
+ });
118
+ if (!object.Body) {
119
+ return new Response(null, {
120
+ status: 404,
121
+ statusText: 'Not Found'
122
+ });
123
+ }
122
124
  if (!isNodeReadableStream(object.Body)) {
123
125
  req.payload.logger.error({
124
126
  key,
package/dist/staticHandler.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"sources":["../src/staticHandler.ts"],"sourcesContent":["import type * as AWS from '@aws-sdk/client-s3'\nimport type { StaticHandler } from '@payloadcms/plugin-cloud-storage/types'\nimport type { CollectionConfig, PayloadRequest } from 'payload'\nimport type { Readable } from 'stream'\n\nimport { GetObjectCommand } from '@aws-sdk/client-s3'\nimport { getSignedUrl } from '@aws-sdk/s3-request-presigner'\nimport { getFilePrefix } from '@payloadcms/plugin-cloud-storage/utilities'\nimport path from 'path'\nimport { getRangeRequestInfo } from 'payload/internal'\nimport { sanitizeFilename } from 'payload/shared'\n\nexport type SignedDownloadsConfig =\n | {\n /** @default 7200 */\n expiresIn?: number\n shouldUseSignedURL?(args: {\n collection: CollectionConfig\n filename: string\n req: PayloadRequest\n }): boolean | Promise<boolean>\n }\n | boolean\n\ninterface Args {\n bucket: string\n collection: CollectionConfig\n getStorageClient: () => AWS.S3\n signedDownloads?: SignedDownloadsConfig\n}\n\nconst isNodeReadableStream = (body: AWS.GetObjectOutput['Body']): body is Readable => {\n return (\n typeof body === 'object' &&\n body !== null &&\n 'pipe' in body &&\n typeof body.pipe === 'function' &&\n 'destroy' in body &&\n typeof body.destroy === 'function'\n )\n}\n\nconst abortRequestAndDestroyStream = ({\n abortController,\n object,\n}: {\n abortController: AbortController\n object?: AWS.GetObjectOutput\n}) => {\n try {\n abortController.abort()\n } catch {\n /* noop */\n }\n if (object?.Body && isNodeReadableStream(object.Body)) {\n object.Body.destroy()\n }\n}\n\nexport const getHandler = ({\n bucket,\n collection,\n getStorageClient,\n signedDownloads,\n}: Args): StaticHandler => {\n return async (\n req,\n {\n headers: incomingHeaders,\n params: { clientUploadContext, filename, prefix: prefixQueryParam },\n },\n ) => {\n let object: AWS.GetObjectOutput | undefined = undefined\n let streamed = false\n\n const abortController = new AbortController()\n if (req.signal) {\n req.signal.addEventListener('abort', () => {\n abortRequestAndDestroyStream({ abortController, object })\n })\n }\n\n try {\n const prefix = await getFilePrefix({\n clientUploadContext,\n collection,\n filename,\n prefixQueryParam,\n req,\n })\n\n const key = path.posix.join(prefix, sanitizeFilename(filename))\n\n if (signedDownloads && !clientUploadContext) {\n let useSignedURL = true\n if (\n typeof signedDownloads === 'object' &&\n typeof signedDownloads.shouldUseSignedURL === 'function'\n ) {\n useSignedURL = await signedDownloads.shouldUseSignedURL({ collection, filename, req })\n }\n\n if (useSignedURL) {\n const command = new GetObjectCommand({ Bucket: bucket, Key: key })\n const signedUrl = await getSignedUrl(\n getStorageClient(),\n command,\n typeof signedDownloads === 'object' ? signedDownloads : { expiresIn: 7200 },\n )\n return Response.redirect(signedUrl, 302)\n }\n }\n\n // Get file size first for range validation\n const headObject = await getStorageClient().headObject({\n Bucket: bucket,\n Key: key,\n })\n const fileSize = headObject.ContentLength\n\n if (!fileSize) {\n return new Response('Internal Server Error', { status: 500 })\n }\n\n // Handle range request\n const rangeHeader = req.headers.get('range')\n const rangeResult = getRangeRequestInfo({ fileSize, rangeHeader })\n\n if (rangeResult.type === 'invalid') {\n return new Response(null, {\n headers: new Headers(rangeResult.headers),\n status: rangeResult.status,\n })\n }\n\n const rangeForS3 =\n rangeResult.type === 'partial'\n ? `bytes=${rangeResult.rangeStart}-${rangeResult.rangeEnd}`\n : undefined\n\n object = await getStorageClient().getObject(\n {\n Bucket: bucket,\n Key: key,\n Range: rangeForS3,\n },\n { abortSignal: abortController.signal },\n )\n\n if (!object.Body) {\n return new Response(null, { status: 404, statusText: 'Not Found' })\n }\n\n let headers = new Headers(incomingHeaders)\n\n // Add range-related headers from the result\n for (const [key, value] of Object.entries(rangeResult.headers)) {\n headers.append(key, value)\n }\n\n headers.append('Content-Type', String(object.ContentType))\n headers.append('ETag', String(object.ETag))\n\n // Add Content-Security-Policy header for SVG files to prevent executable code\n if (object.ContentType === 'image/svg+xml') {\n headers.append('Content-Security-Policy', \"script-src 'none'\")\n }\n\n const etagFromHeaders = req.headers.get('etag') || req.headers.get('if-none-match')\n const objectEtag = object.ETag\n\n if (\n collection.upload &&\n typeof collection.upload === 'object' &&\n typeof collection.upload.modifyResponseHeaders === 'function'\n ) {\n headers = collection.upload.modifyResponseHeaders({ headers }) || headers\n }\n\n if (etagFromHeaders && etagFromHeaders === objectEtag) {\n return new Response(null, {\n headers,\n status: 304,\n })\n }\n\n if (!isNodeReadableStream(object.Body)) {\n req.payload.logger.error({\n key,\n msg: 'S3 object body is not a readable stream',\n })\n return new Response('Internal Server Error', { status: 500 })\n }\n\n const stream = object.Body\n stream.on('error', (err: Error) => {\n req.payload.logger.error({\n err,\n key,\n msg: 'Error while streaming S3 object (aborting)',\n })\n abortRequestAndDestroyStream({ abortController, object })\n })\n\n streamed = true\n return new Response(stream, { headers, status: rangeResult.status })\n } catch (err) {\n if (\n err &&\n typeof err === 'object' &&\n (('name' in err && (err.name === 'NoSuchKey' || err.name === 'NotFound')) ||\n ('httpStatusCode' in err && err.httpStatusCode === 404))\n ) {\n return new Response(null, { status: 404, statusText: 'Not Found' })\n }\n req.payload.logger.error(err)\n return new Response('Internal Server Error', { status: 500 })\n } finally {\n if (!streamed) {\n abortRequestAndDestroyStream({ abortController, object })\n }\n }\n }\n}\n"],"names":["GetObjectCommand","getSignedUrl","getFilePrefix","path","getRangeRequestInfo","sanitizeFilename","isNodeReadableStream","body","pipe","destroy","abortRequestAndDestroyStream","abortController","object","abort","Body","getHandler","bucket","collection","getStorageClient","signedDownloads","req","headers","incomingHeaders","params","clientUploadContext","filename","prefix","prefixQueryParam","undefined","streamed","AbortController","signal","addEventListener","key","posix","join","useSignedURL","shouldUseSignedURL","command","Bucket","Key","signedUrl","expiresIn","Response","redirect","headObject","fileSize","ContentLength","status","rangeHeader","get","rangeResult","type","Headers","rangeForS3","rangeStart","rangeEnd","getObject","Range","abortSignal","statusText","value","Object","entries","append","String","ContentType","ETag","etagFromHeaders","objectEtag","upload","modifyResponseHeaders","payload","logger","error","msg","stream","on","err","name","httpStatusCode"],"mappings":"AAKA,SAASA,gBAAgB,QAAQ,qBAAoB;AACrD,SAASC,YAAY,QAAQ,gCAA+B;AAC5D,SAASC,aAAa,QAAQ,6CAA4C;AAC1E,OAAOC,UAAU,OAAM;AACvB,SAASC,mBAAmB,QAAQ,mBAAkB;AACtD,SAASC,gBAAgB,QAAQ,iBAAgB;AAqBjD,MAAMC,uBAAuB,CAACC;IAC5B,OACE,OAAOA,SAAS,YAChBA,SAAS,QACT,UAAUA,QACV,OAAOA,KAAKC,IAAI,KAAK,cACrB,aAAaD,QACb,OAAOA,KAAKE,OAAO,KAAK;AAE5B;AAEA,MAAMC,+BAA+B,CAAC,EACpCC,eAAe,EACfC,MAAM,EAIP;IACC,IAAI;QACFD,gBAAgBE,KAAK;IACvB,EAAE,OAAM;IACN,QAAQ,GACV;IACA,IAAID,QAAQE,QAAQR,qBAAqBM,OAAOE,IAAI,GAAG;QACrDF,OAAOE,IAAI,CAACL,OAAO;IACrB;AACF;AAEA,OAAO,MAAMM,aAAa,CAAC,EACzBC,MAAM,EACNC,UAAU,EACVC,gBAAgB,EAChBC,eAAe,EACV;IACL,OAAO,OACLC,KACA,EACEC,SAASC,eAAe,EACxBC,QAAQ,EAAEC,mBAAmB,EAAEC,QAAQ,EAAEC,QAAQC,gBAAgB,EAAE,EACpE;QAED,IAAIf,SAA0CgB;QAC9C,IAAIC,WAAW;QAEf,MAAMlB,kBAAkB,IAAImB;QAC5B,IAAIV,IAAIW,MAAM,EAAE;YACdX,IAAIW,MAAM,CAACC,gBAAgB,CAAC,SAAS;gBACnCtB,6BAA6B;oBAAEC;oBAAiBC;gBAAO;YACzD;QACF;QAEA,IAAI;YACF,MAAMc,SAAS,MAAMxB,cAAc;gBACjCsB;gBACAP;gBACAQ;gBACAE;gBACAP;YACF;YAEA,MAAMa,MAAM9B,KAAK+B,KAAK,CAACC,IAAI,CAACT,QAAQrB,iBAAiBoB;YAErD,IAAIN,mBAAmB,CAACK,qBAAqB;gBAC3C,IAAIY,eAAe;gBACnB,IACE,OAAOjB,oBAAoB,YAC3B,OAAOA,gBAAgBkB,kBAAkB,KAAK,YAC9C;oBACAD,eAAe,MAAMjB,gBAAgBkB,kBAAkB,CAAC;wBAAEpB;wBAAYQ;wBAAUL;oBAAI;gBACtF;gBAEA,IAAIgB,cAAc;oBAChB,MAAME,UAAU,IAAItC,iBAAiB;wBAAEuC,QAAQvB;wBAAQwB,KAAKP;oBAAI;oBAChE,MAAMQ,YAAY,MAAMxC,aACtBiB,oBACAoB,SACA,OAAOnB,oBAAoB,WAAWA,kBAAkB;wBAAEuB,WAAW;oBAAK;oBAE5E,OAAOC,SAASC,QAAQ,CAACH,WAAW;gBACtC;YACF;YAEA,2CAA2C;YAC3C,MAAMI,aAAa,MAAM3B,mBAAmB2B,UAAU,CAAC;gBACrDN,QAAQvB;gBACRwB,KAAKP;YACP;YACA,MAAMa,WAAWD,WAAWE,aAAa;YAEzC,IAAI,CAACD,UAAU;gBACb,OAAO,IAAIH,SAAS,yBAAyB;oBAAEK,QAAQ;gBAAI;YAC7D;YAEA,uBAAuB;YACvB,MAAMC,cAAc7B,IAAIC,OAAO,CAAC6B,GAAG,CAAC;YACpC,MAAMC,cAAc/C,oBAAoB;gBAAE0C;gBAAUG;YAAY;YAEhE,IAAIE,YAAYC,IAAI,KAAK,WAAW;gBAClC,OAAO,IAAIT,SAAS,MAAM;oBACxBtB,SAAS,IAAIgC,QAAQF,YAAY9B,OAAO;oBACxC2B,QAAQG,YAAYH,MAAM;gBAC5B;YACF;YAEA,MAAMM,aACJH,YAAYC,IAAI,KAAK,YACjB,CAAC,MAAM,EAAED,YAAYI,UAAU,CAAC,CAAC,EAAEJ,YAAYK,QAAQ,EAAE,GACzD5B;YAENhB,SAAS,MAAMM,mBAAmBuC,SAAS,CACzC;gBACElB,QAAQvB;gBACRwB,KAAKP;gBACLyB,OAAOJ;YACT,GACA;gBAAEK,aAAahD,gBAAgBoB,MAAM;YAAC;YAGxC,IAAI,CAACnB,OAAOE,IAAI,EAAE;gBAChB,OAAO,IAAI6B,SAAS,MAAM;oBAAEK,QAAQ;oBAAKY,YAAY;gBAAY;YACnE;YAEA,IAAIvC,UAAU,IAAIgC,QAAQ/B;YAE1B,4CAA4C;YAC5C,KAAK,MAAM,CAACW,KAAK4B,MAAM,IAAIC,OAAOC,OAAO,CAACZ,YAAY9B,OAAO,EAAG;gBAC9DA,QAAQ2C,MAAM,CAAC/B,KAAK4B;YACtB;YAEAxC,QAAQ2C,MAAM,CAAC,gBAAgBC,OAAOrD,OAAOsD,WAAW;YACxD7C,QAAQ2C,MAAM,CAAC,QAAQC,OAAOrD,OAAOuD,IAAI;YAEzC,8EAA8E;YAC9E,IAAIvD,OAAOsD,WAAW,KAAK,iBAAiB;gBAC1C7C,QAAQ2C,MAAM,CAAC,2BAA2B;YAC5C;YAEA,MAAMI,kBAAkBhD,IAAIC,OAAO,CAAC6B,GAAG,CAAC,WAAW9B,IAAIC,OAAO,CAAC6B,GAAG,CAAC;YACnE,MAAMmB,aAAazD,OAAOuD,IAAI;YAE9B,IACElD,WAAWqD,MAAM,IACjB,OAAOrD,WAAWqD,MAAM,KAAK,YAC7B,OAAOrD,WAAWqD,MAAM,CAACC,qBAAqB,KAAK,YACnD;gBACAlD,UAAUJ,WAAWqD,MAAM,CAACC,qBAAqB,CAAC;oBAAElD;gBAAQ,MAAMA;YACpE;YAEA,IAAI+C,mBAAmBA,oBAAoBC,YAAY;gBACrD,OAAO,IAAI1B,SAAS,MAAM;oBACxBtB;oBACA2B,QAAQ;gBACV;YACF;YAEA,IAAI,CAAC1C,qBAAqBM,OAAOE,IAAI,GAAG;gBACtCM,IAAIoD,OAAO,CAACC,MAAM,CAACC,KAAK,CAAC;oBACvBzC;oBACA0C,KAAK;gBACP;gBACA,OAAO,IAAIhC,SAAS,yBAAyB;oBAAEK,QAAQ;gBAAI;YAC7D;YAEA,MAAM4B,SAAShE,OAAOE,IAAI;YAC1B8D,OAAOC,EAAE,CAAC,SAAS,CAACC;gBAClB1D,IAAIoD,OAAO,CAACC,MAAM,CAACC,KAAK,CAAC;oBACvBI;oBACA7C;oBACA0C,KAAK;gBACP;gBACAjE,6BAA6B;oBAAEC;oBAAiBC;gBAAO;YACzD;YAEAiB,WAAW;YACX,OAAO,IAAIc,SAASiC,QAAQ;gBAAEvD;gBAAS2B,QAAQG,YAAYH,MAAM;YAAC;QACpE,EAAE,OAAO8B,KAAK;YACZ,IACEA,OACA,OAAOA,QAAQ,YACd,CAAA,AAAC,UAAUA,OAAQA,CAAAA,IAAIC,IAAI,KAAK,eAAeD,IAAIC,IAAI,KAAK,UAAS,KACnE,oBAAoBD,OAAOA,IAAIE,cAAc,KAAK,GAAG,GACxD;gBACA,OAAO,IAAIrC,SAAS,MAAM;oBAAEK,QAAQ;oBAAKY,YAAY;gBAAY;YACnE;YACAxC,IAAIoD,OAAO,CAACC,MAAM,CAACC,KAAK,CAACI;YACzB,OAAO,IAAInC,SAAS,yBAAyB;gBAAEK,QAAQ;YAAI;QAC7D,SAAU;YACR,IAAI,CAACnB,UAAU;gBACbnB,6BAA6B;oBAAEC;oBAAiBC;gBAAO;YACzD;QACF;IACF;AACF,EAAC"}
1
+ {"version":3,"sources":["../src/staticHandler.ts"],"sourcesContent":["import type * as AWS from '@aws-sdk/client-s3'\nimport type { StaticHandler } from '@payloadcms/plugin-cloud-storage/types'\nimport type { CollectionConfig, PayloadRequest } from 'payload'\nimport type { Readable } from 'stream'\n\nimport { GetObjectCommand } from '@aws-sdk/client-s3'\nimport { getSignedUrl } from '@aws-sdk/s3-request-presigner'\nimport { getFilePrefix } from '@payloadcms/plugin-cloud-storage/utilities'\nimport path from 'path'\nimport { getRangeRequestInfo } from 'payload/internal'\nimport { sanitizeFilename } from 'payload/shared'\n\nexport type SignedDownloadsConfig =\n | {\n /** @default 7200 */\n expiresIn?: number\n shouldUseSignedURL?(args: {\n collection: CollectionConfig\n filename: string\n req: PayloadRequest\n }): boolean | Promise<boolean>\n }\n | boolean\n\ninterface Args {\n bucket: string\n collection: CollectionConfig\n getStorageClient: () => AWS.S3\n signedDownloads?: SignedDownloadsConfig\n}\n\nconst isNodeReadableStream = (body: AWS.GetObjectOutput['Body']): body is Readable => {\n return (\n typeof body === 'object' &&\n body !== null &&\n 'pipe' in body &&\n typeof body.pipe === 'function' &&\n 'destroy' in body &&\n typeof body.destroy === 'function'\n )\n}\n\nconst abortRequestAndDestroyStream = ({\n abortController,\n object,\n}: {\n abortController: AbortController\n object?: AWS.GetObjectOutput\n}) => {\n try {\n abortController.abort()\n } catch {\n /* noop */\n }\n if (object?.Body && isNodeReadableStream(object.Body)) {\n object.Body.destroy()\n }\n}\n\nexport const getHandler = ({\n bucket,\n collection,\n getStorageClient,\n signedDownloads,\n}: Args): StaticHandler => {\n return async (\n req,\n {\n headers: incomingHeaders,\n params: { clientUploadContext, filename, prefix: prefixQueryParam },\n },\n ) => {\n let object: AWS.GetObjectOutput | undefined = undefined\n let streamed = false\n\n const abortController = new AbortController()\n if (req.signal) {\n req.signal.addEventListener('abort', () => {\n abortRequestAndDestroyStream({ abortController, object })\n })\n }\n\n try {\n const prefix = await getFilePrefix({\n clientUploadContext,\n collection,\n filename,\n prefixQueryParam,\n req,\n })\n\n const key = path.posix.join(prefix, sanitizeFilename(filename))\n\n if (signedDownloads && !clientUploadContext) {\n let useSignedURL = true\n if (\n typeof signedDownloads === 'object' &&\n typeof signedDownloads.shouldUseSignedURL === 'function'\n ) {\n useSignedURL = await signedDownloads.shouldUseSignedURL({ collection, filename, req })\n }\n\n if (useSignedURL) {\n const command = new GetObjectCommand({ Bucket: bucket, Key: key })\n const signedUrl = await getSignedUrl(\n getStorageClient(),\n command,\n typeof signedDownloads === 'object' ? signedDownloads : { expiresIn: 7200 },\n )\n return Response.redirect(signedUrl, 302)\n }\n }\n\n // Get file size first for range validation and to set Content-Length header before streaming\n const headObject = await getStorageClient().headObject({\n Bucket: bucket,\n Key: key,\n })\n const fileSize = headObject.ContentLength\n\n if (!fileSize) {\n return new Response('Internal Server Error', { status: 500 })\n }\n\n // Handle range request\n const rangeHeader = req.headers.get('range')\n const rangeResult = getRangeRequestInfo({ fileSize, rangeHeader })\n\n if (rangeResult.type === 'invalid') {\n return new Response(null, {\n headers: new Headers(rangeResult.headers),\n status: rangeResult.status,\n })\n }\n\n const rangeForS3 =\n rangeResult.type === 'partial'\n ? `bytes=${rangeResult.rangeStart}-${rangeResult.rangeEnd}`\n : undefined\n\n let headers = new Headers(incomingHeaders)\n\n // Add range-related headers from the result\n for (const [key, value] of Object.entries(rangeResult.headers)) {\n headers.append(key, value)\n }\n\n headers.append('Content-Type', String(headObject.ContentType))\n if (headObject.ETag) {\n headers.append('ETag', headObject.ETag)\n }\n\n // Add Content-Security-Policy header for SVG files to prevent executable code\n if (headObject.ContentType === 'image/svg+xml') {\n headers.append('Content-Security-Policy', \"script-src 'none'\")\n }\n\n const etagFromHeaders = req.headers.get('etag') || req.headers.get('if-none-match')\n const objectEtag = headObject.ETag\n\n if (\n collection.upload &&\n typeof collection.upload === 'object' &&\n typeof collection.upload.modifyResponseHeaders === 'function'\n ) {\n headers = collection.upload.modifyResponseHeaders({ headers }) || headers\n }\n\n if (etagFromHeaders && etagFromHeaders === objectEtag) {\n return new Response(null, {\n headers,\n status: 304,\n })\n }\n\n object = await getStorageClient().getObject(\n {\n Bucket: bucket,\n Key: key,\n Range: rangeForS3,\n },\n { abortSignal: abortController.signal },\n )\n\n if (!object.Body) {\n return new Response(null, { status: 404, statusText: 'Not Found' })\n }\n\n if (!isNodeReadableStream(object.Body)) {\n req.payload.logger.error({\n key,\n msg: 'S3 object body is not a readable stream',\n })\n return new Response('Internal Server Error', { status: 500 })\n }\n\n const stream = object.Body\n stream.on('error', (err: Error) => {\n req.payload.logger.error({\n err,\n key,\n msg: 'Error while streaming S3 object (aborting)',\n })\n abortRequestAndDestroyStream({ abortController, object })\n })\n\n streamed = true\n return new Response(stream, { headers, status: rangeResult.status })\n } catch (err) {\n if (\n err &&\n typeof err === 'object' &&\n (('name' in err && (err.name === 'NoSuchKey' || err.name === 'NotFound')) ||\n ('httpStatusCode' in err && err.httpStatusCode === 404))\n ) {\n return new Response(null, { status: 404, statusText: 'Not Found' })\n }\n req.payload.logger.error(err)\n return new Response('Internal Server Error', { status: 500 })\n } finally {\n if (!streamed) {\n abortRequestAndDestroyStream({ abortController, object })\n }\n }\n }\n}\n"],"names":["GetObjectCommand","getSignedUrl","getFilePrefix","path","getRangeRequestInfo","sanitizeFilename","isNodeReadableStream","body","pipe","destroy","abortRequestAndDestroyStream","abortController","object","abort","Body","getHandler","bucket","collection","getStorageClient","signedDownloads","req","headers","incomingHeaders","params","clientUploadContext","filename","prefix","prefixQueryParam","undefined","streamed","AbortController","signal","addEventListener","key","posix","join","useSignedURL","shouldUseSignedURL","command","Bucket","Key","signedUrl","expiresIn","Response","redirect","headObject","fileSize","ContentLength","status","rangeHeader","get","rangeResult","type","Headers","rangeForS3","rangeStart","rangeEnd","value","Object","entries","append","String","ContentType","ETag","etagFromHeaders","objectEtag","upload","modifyResponseHeaders","getObject","Range","abortSignal","statusText","payload","logger","error","msg","stream","on","err","name","httpStatusCode"],"mappings":"AAKA,SAASA,gBAAgB,QAAQ,qBAAoB;AACrD,SAASC,YAAY,QAAQ,gCAA+B;AAC5D,SAASC,aAAa,QAAQ,6CAA4C;AAC1E,OAAOC,UAAU,OAAM;AACvB,SAASC,mBAAmB,QAAQ,mBAAkB;AACtD,SAASC,gBAAgB,QAAQ,iBAAgB;AAqBjD,MAAMC,uBAAuB,CAACC;IAC5B,OACE,OAAOA,SAAS,YAChBA,SAAS,QACT,UAAUA,QACV,OAAOA,KAAKC,IAAI,KAAK,cACrB,aAAaD,QACb,OAAOA,KAAKE,OAAO,KAAK;AAE5B;AAEA,MAAMC,+BAA+B,CAAC,EACpCC,eAAe,EACfC,MAAM,EAIP;IACC,IAAI;QACFD,gBAAgBE,KAAK;IACvB,EAAE,OAAM;IACN,QAAQ,GACV;IACA,IAAID,QAAQE,QAAQR,qBAAqBM,OAAOE,IAAI,GAAG;QACrDF,OAAOE,IAAI,CAACL,OAAO;IACrB;AACF;AAEA,OAAO,MAAMM,aAAa,CAAC,EACzBC,MAAM,EACNC,UAAU,EACVC,gBAAgB,EAChBC,eAAe,EACV;IACL,OAAO,OACLC,KACA,EACEC,SAASC,eAAe,EACxBC,QAAQ,EAAEC,mBAAmB,EAAEC,QAAQ,EAAEC,QAAQC,gBAAgB,EAAE,EACpE;QAED,IAAIf,SAA0CgB;QAC9C,IAAIC,WAAW;QAEf,MAAMlB,kBAAkB,IAAImB;QAC5B,IAAIV,IAAIW,MAAM,EAAE;YACdX,IAAIW,MAAM,CAACC,gBAAgB,CAAC,SAAS;gBACnCtB,6BAA6B;oBAAEC;oBAAiBC;gBAAO;YACzD;QACF;QAEA,IAAI;YACF,MAAMc,SAAS,MAAMxB,cAAc;gBACjCsB;gBACAP;gBACAQ;gBACAE;gBACAP;YACF;YAEA,MAAMa,MAAM9B,KAAK+B,KAAK,CAACC,IAAI,CAACT,QAAQrB,iBAAiBoB;YAErD,IAAIN,mBAAmB,CAACK,qBAAqB;gBAC3C,IAAIY,eAAe;gBACnB,IACE,OAAOjB,oBAAoB,YAC3B,OAAOA,gBAAgBkB,kBAAkB,KAAK,YAC9C;oBACAD,eAAe,MAAMjB,gBAAgBkB,kBAAkB,CAAC;wBAAEpB;wBAAYQ;wBAAUL;oBAAI;gBACtF;gBAEA,IAAIgB,cAAc;oBAChB,MAAME,UAAU,IAAItC,iBAAiB;wBAAEuC,QAAQvB;wBAAQwB,KAAKP;oBAAI;oBAChE,MAAMQ,YAAY,MAAMxC,aACtBiB,oBACAoB,SACA,OAAOnB,oBAAoB,WAAWA,kBAAkB;wBAAEuB,WAAW;oBAAK;oBAE5E,OAAOC,SAASC,QAAQ,CAACH,WAAW;gBACtC;YACF;YAEA,6FAA6F;YAC7F,MAAMI,aAAa,MAAM3B,mBAAmB2B,UAAU,CAAC;gBACrDN,QAAQvB;gBACRwB,KAAKP;YACP;YACA,MAAMa,WAAWD,WAAWE,aAAa;YAEzC,IAAI,CAACD,UAAU;gBACb,OAAO,IAAIH,SAAS,yBAAyB;oBAAEK,QAAQ;gBAAI;YAC7D;YAEA,uBAAuB;YACvB,MAAMC,cAAc7B,IAAIC,OAAO,CAAC6B,GAAG,CAAC;YACpC,MAAMC,cAAc/C,oBAAoB;gBAAE0C;gBAAUG;YAAY;YAEhE,IAAIE,YAAYC,IAAI,KAAK,WAAW;gBAClC,OAAO,IAAIT,SAAS,MAAM;oBACxBtB,SAAS,IAAIgC,QAAQF,YAAY9B,OAAO;oBACxC2B,QAAQG,YAAYH,MAAM;gBAC5B;YACF;YAEA,MAAMM,aACJH,YAAYC,IAAI,KAAK,YACjB,CAAC,MAAM,EAAED,YAAYI,UAAU,CAAC,CAAC,EAAEJ,YAAYK,QAAQ,EAAE,GACzD5B;YAEN,IAAIP,UAAU,IAAIgC,QAAQ/B;YAE1B,4CAA4C;YAC5C,KAAK,MAAM,CAACW,KAAKwB,MAAM,IAAIC,OAAOC,OAAO,CAACR,YAAY9B,OAAO,EAAG;gBAC9DA,QAAQuC,MAAM,CAAC3B,KAAKwB;YACtB;YAEApC,QAAQuC,MAAM,CAAC,gBAAgBC,OAAOhB,WAAWiB,WAAW;YAC5D,IAAIjB,WAAWkB,IAAI,EAAE;gBACnB1C,QAAQuC,MAAM,CAAC,QAAQf,WAAWkB,IAAI;YACxC;YAEA,8EAA8E;YAC9E,IAAIlB,WAAWiB,WAAW,KAAK,iBAAiB;gBAC9CzC,QAAQuC,MAAM,CAAC,2BAA2B;YAC5C;YAEA,MAAMI,kBAAkB5C,IAAIC,OAAO,CAAC6B,GAAG,CAAC,WAAW9B,IAAIC,OAAO,CAAC6B,GAAG,CAAC;YACnE,MAAMe,aAAapB,WAAWkB,IAAI;YAElC,IACE9C,WAAWiD,MAAM,IACjB,OAAOjD,WAAWiD,MAAM,KAAK,YAC7B,OAAOjD,WAAWiD,MAAM,CAACC,qBAAqB,KAAK,YACnD;gBACA9C,UAAUJ,WAAWiD,MAAM,CAACC,qBAAqB,CAAC;oBAAE9C;gBAAQ,MAAMA;YACpE;YAEA,IAAI2C,mBAAmBA,oBAAoBC,YAAY;gBACrD,OAAO,IAAItB,SAAS,MAAM;oBACxBtB;oBACA2B,QAAQ;gBACV;YACF;YAEApC,SAAS,MAAMM,mBAAmBkD,SAAS,CACzC;gBACE7B,QAAQvB;gBACRwB,KAAKP;gBACLoC,OAAOf;YACT,GACA;gBAAEgB,aAAa3D,gBAAgBoB,MAAM;YAAC;YAGxC,IAAI,CAACnB,OAAOE,IAAI,EAAE;gBAChB,OAAO,IAAI6B,SAAS,MAAM;oBAAEK,QAAQ;oBAAKuB,YAAY;gBAAY;YACnE;YAEA,IAAI,CAACjE,qBAAqBM,OAAOE,IAAI,GAAG;gBACtCM,IAAIoD,OAAO,CAACC,MAAM,CAACC,KAAK,CAAC;oBACvBzC;oBACA0C,KAAK;gBACP;gBACA,OAAO,IAAIhC,SAAS,yBAAyB;oBAAEK,QAAQ;gBAAI;YAC7D;YAEA,MAAM4B,SAAShE,OAAOE,IAAI;YAC1B8D,OAAOC,EAAE,CAAC,SAAS,CAACC;gBAClB1D,IAAIoD,OAAO,CAACC,MAAM,CAACC,KAAK,CAAC;oBACvBI;oBACA7C;oBACA0C,KAAK;gBACP;gBACAjE,6BAA6B;oBAAEC;oBAAiBC;gBAAO;YACzD;YAEAiB,WAAW;YACX,OAAO,IAAIc,SAASiC,QAAQ;gBAAEvD;gBAAS2B,QAAQG,YAAYH,MAAM;YAAC;QACpE,EAAE,OAAO8B,KAAK;YACZ,IACEA,OACA,OAAOA,QAAQ,YACd,CAAA,AAAC,UAAUA,OAAQA,CAAAA,IAAIC,IAAI,KAAK,eAAeD,IAAIC,IAAI,KAAK,UAAS,KACnE,oBAAoBD,OAAOA,IAAIE,cAAc,KAAK,GAAG,GACxD;gBACA,OAAO,IAAIrC,SAAS,MAAM;oBAAEK,QAAQ;oBAAKuB,YAAY;gBAAY;YACnE;YACAnD,IAAIoD,OAAO,CAACC,MAAM,CAACC,KAAK,CAACI;YACzB,OAAO,IAAInC,SAAS,yBAAyB;gBAAEK,QAAQ;YAAI;QAC7D,SAAU;YACR,IAAI,CAACnB,UAAU;gBACbnB,6BAA6B;oBAAEC;oBAAiBC;gBAAO;YACzD;QACF;IACF;AACF,EAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@payloadcms/storage-s3",
3
- "version": "3.82.0",
3
+ "version": "3.83.0-internal.791f423",
4
4
  "description": "Payload storage adapter for Amazon S3",
5
5
  "homepage": "https://payloadcms.com",
6
6
  "repository": {
@@ -40,14 +40,14 @@
40
40
  "@aws-sdk/client-s3": "^3.614.0",
41
41
  "@aws-sdk/lib-storage": "^3.614.0",
42
42
  "@aws-sdk/s3-request-presigner": "^3.614.0",
43
- "@payloadcms/plugin-cloud-storage": "3.82.0"
43
+ "@payloadcms/plugin-cloud-storage": "3.83.0-internal.791f423"
44
44
  },
45
45
  "devDependencies": {
46
46
  "@smithy/node-http-handler": "4.0.3",
47
- "payload": "3.82.0"
47
+ "payload": "3.83.0-internal.791f423"
48
48
  },
49
49
  "peerDependencies": {
50
- "payload": "3.82.0"
50
+ "payload": "3.83.0-internal.791f423"
51
51
  },
52
52
  "engines": {
53
53
  "node": "^18.20.2 || >=20.9.0"