@proveanything/smartlinks 1.8.2 → 1.8.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/docs/API_SUMMARY.md +1 -1
- package/dist/http.js +64 -4
- package/docs/API_SUMMARY.md +1 -1
- package/package.json +1 -1
package/dist/docs/API_SUMMARY.md
CHANGED
package/dist/http.js
CHANGED
|
@@ -718,7 +718,7 @@ async function proxyStreamRequest(method, path, body, headers) {
|
|
|
718
718
|
ensureProxyListener();
|
|
719
719
|
const payloadBody = (typeof FormData !== 'undefined' && body instanceof FormData)
|
|
720
720
|
? serializeFormDataForProxy(body)
|
|
721
|
-
: body;
|
|
721
|
+
: sanitizeForPostMessage(body);
|
|
722
722
|
const id = generateProxyId();
|
|
723
723
|
const streamController = createProxyStreamIterable(id);
|
|
724
724
|
proxyStreamPending.set(id, streamController);
|
|
@@ -749,11 +749,71 @@ function serializeFormDataForProxy(fd) {
|
|
|
749
749
|
});
|
|
750
750
|
return { _isFormData: true, entries };
|
|
751
751
|
}
|
|
752
|
+
function isAbortSignalLike(value) {
|
|
753
|
+
return !!value
|
|
754
|
+
&& typeof value === 'object'
|
|
755
|
+
&& 'aborted' in value
|
|
756
|
+
&& 'addEventListener' in value
|
|
757
|
+
&& 'removeEventListener' in value;
|
|
758
|
+
}
|
|
759
|
+
function sanitizeForPostMessage(value, seen = new WeakSet()) {
|
|
760
|
+
if (value == null)
|
|
761
|
+
return value;
|
|
762
|
+
const valueType = typeof value;
|
|
763
|
+
if (valueType === 'function' || valueType === 'symbol') {
|
|
764
|
+
return undefined;
|
|
765
|
+
}
|
|
766
|
+
if (valueType !== 'object') {
|
|
767
|
+
return value;
|
|
768
|
+
}
|
|
769
|
+
if (typeof Blob !== 'undefined' && value instanceof Blob) {
|
|
770
|
+
return value;
|
|
771
|
+
}
|
|
772
|
+
if (typeof ArrayBuffer !== 'undefined' && value instanceof ArrayBuffer) {
|
|
773
|
+
return value;
|
|
774
|
+
}
|
|
775
|
+
if (ArrayBuffer.isView(value)) {
|
|
776
|
+
return value;
|
|
777
|
+
}
|
|
778
|
+
if (isAbortSignalLike(value)) {
|
|
779
|
+
return undefined;
|
|
780
|
+
}
|
|
781
|
+
if (seen.has(value)) {
|
|
782
|
+
return undefined;
|
|
783
|
+
}
|
|
784
|
+
seen.add(value);
|
|
785
|
+
if (Array.isArray(value)) {
|
|
786
|
+
return value
|
|
787
|
+
.map(item => sanitizeForPostMessage(item, seen))
|
|
788
|
+
.filter(item => item !== undefined);
|
|
789
|
+
}
|
|
790
|
+
const proto = Object.getPrototypeOf(value);
|
|
791
|
+
if (proto !== Object.prototype && proto !== null) {
|
|
792
|
+
return value;
|
|
793
|
+
}
|
|
794
|
+
const sanitizedEntries = Object.entries(value)
|
|
795
|
+
.map(([key, entryValue]) => [key, sanitizeForPostMessage(entryValue, seen)])
|
|
796
|
+
.filter(([, entryValue]) => entryValue !== undefined);
|
|
797
|
+
return Object.fromEntries(sanitizedEntries);
|
|
798
|
+
}
|
|
799
|
+
function sanitizeProxyRequestOptions(options) {
|
|
800
|
+
if (!options)
|
|
801
|
+
return undefined;
|
|
802
|
+
const _a = options, { signal, body, headers, method, window, duplex } = _a, rest = __rest(_a, ["signal", "body", "headers", "method", "window", "duplex"]);
|
|
803
|
+
void signal;
|
|
804
|
+
void body;
|
|
805
|
+
void headers;
|
|
806
|
+
void method;
|
|
807
|
+
void window;
|
|
808
|
+
void duplex;
|
|
809
|
+
const sanitized = Object.fromEntries(Object.entries(rest).filter(([, value]) => value !== undefined));
|
|
810
|
+
return Object.keys(sanitized).length ? sanitized : undefined;
|
|
811
|
+
}
|
|
752
812
|
async function proxyRequest(method, path, body, headers, options) {
|
|
753
813
|
ensureProxyListener();
|
|
754
814
|
const payloadBody = (typeof FormData !== 'undefined' && body instanceof FormData)
|
|
755
815
|
? serializeFormDataForProxy(body)
|
|
756
|
-
: body;
|
|
816
|
+
: sanitizeForPostMessage(body);
|
|
757
817
|
const id = generateProxyId();
|
|
758
818
|
const msg = {
|
|
759
819
|
_smartlinksProxyRequest: true,
|
|
@@ -762,7 +822,7 @@ async function proxyRequest(method, path, body, headers, options) {
|
|
|
762
822
|
path,
|
|
763
823
|
body: payloadBody,
|
|
764
824
|
headers,
|
|
765
|
-
options,
|
|
825
|
+
options: sanitizeProxyRequestOptions(options),
|
|
766
826
|
};
|
|
767
827
|
logDebug('[smartlinks] proxy:postMessage', { id, method, path, headers: headers ? redactHeaders(headers) : undefined, hasBody: !!body });
|
|
768
828
|
return new Promise((resolve, reject) => {
|
|
@@ -1430,7 +1490,7 @@ export async function sendCustomProxyMessage(request, params) {
|
|
|
1430
1490
|
_smartlinksCustomProxyRequest: true,
|
|
1431
1491
|
id,
|
|
1432
1492
|
request,
|
|
1433
|
-
params,
|
|
1493
|
+
params: sanitizeForPostMessage(params),
|
|
1434
1494
|
};
|
|
1435
1495
|
logDebug('[smartlinks] proxy:custom postMessage', { id, request, params: safeBodyPreview(params) });
|
|
1436
1496
|
return new Promise((resolve, reject) => {
|
package/docs/API_SUMMARY.md
CHANGED