@sailfish-ai/recorder 1.7.41 → 1.7.42

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/dist/index.js +52 -20
  2. package/dist/sailfish-recorder.cjs.js +1 -1
  3. package/dist/sailfish-recorder.cjs.js.br +0 -0
  4. package/dist/sailfish-recorder.cjs.js.gz +0 -0
  5. package/dist/sailfish-recorder.es.js +1 -1
  6. package/dist/sailfish-recorder.es.js.br +0 -0
  7. package/dist/sailfish-recorder.es.js.gz +0 -0
  8. package/dist/sailfish-recorder.umd.js +1 -1
  9. package/dist/sailfish-recorder.umd.js.br +0 -0
  10. package/dist/sailfish-recorder.umd.js.gz +0 -0
  11. package/dist/types/index.d.ts +1 -1
  12. package/package.json +1 -1
package/dist/index.js CHANGED
@@ -422,22 +422,46 @@ function storeCredentialsAndConnection({ apiKey, backendApi, }) {
422
422
  sessionStorage.setItem("sailfishBackendApi", backendApi);
423
423
  }
424
424
  // Utility function to match domains or paths with wildcard support
425
- export function matchUrlWithWildcard(url, patterns) {
426
- if (!url || typeof url !== "string") {
427
- throw new Error("Invalid URL input");
428
- }
429
- // Ensure the URL has a protocol. If not, prepend "http://"
430
- const formattedUrl = url.match(/^[a-zA-Z]+:\/\//) ? url : `http://${url}`;
431
- const strippedUrl = formattedUrl.replace(/^[a-zA-Z]+:\/\//, "");
432
- const parsedUrl = new URL("http://" + strippedUrl); // Add a dummy protocol for URL parsing
433
- const { hostname, pathname, port } = parsedUrl;
425
+ export function matchUrlWithWildcard(input, patterns) {
426
+ // Tolerate non-string inputs (Request, URL, etc.); coerce to string when possible.
427
+ let urlStr;
428
+ if (typeof input === "string") {
429
+ urlStr = input;
430
+ }
431
+ else if (typeof URL !== "undefined" && input instanceof URL) {
432
+ urlStr = input.href;
433
+ }
434
+ else if (typeof Request !== "undefined" && input instanceof Request) {
435
+ urlStr = input.url;
436
+ }
437
+ else if (input != null && typeof input.toString === "function") {
438
+ // As per web APIs, fetch/open may accept any object with a stringifier.
439
+ urlStr = input.toString();
440
+ }
441
+ if (!urlStr)
442
+ return false;
443
+ // Use WHATWG URL parsing with a base for relative URLs.
444
+ let parsed;
445
+ try {
446
+ const base = typeof window !== "undefined"
447
+ ? window.location.href
448
+ : "http://localhost/";
449
+ parsed = new URL(urlStr, base);
450
+ }
451
+ catch {
452
+ return false; // If we can't parse, just say "no match" instead of throwing.
453
+ }
454
+ const { hostname, pathname, port, protocol } = parsed;
455
+ // Only match http(s) hosts/paths; ignore others like data:, blob:, about:.
456
+ if (!/^https?:$/.test(protocol))
457
+ return false;
434
458
  // Handle stripping 'www.' and port
435
459
  const domain = hostname.startsWith("www.")
436
460
  ? hostname.slice(4).toLowerCase()
437
461
  : hostname.toLowerCase();
438
462
  return patterns.some((pattern) => {
439
463
  // Strip any protocol and handle port in the pattern if present
440
- const strippedPattern = pattern.replace(/^[a-zA-Z]+:\/\//, "");
464
+ const strippedPattern = String(pattern || "").replace(/^[a-zA-Z]+:\/\//, "");
441
465
  let [patternDomain, patternPath] = strippedPattern.split("/", 2);
442
466
  // Handle port in pattern
443
467
  let patternPort = "";
@@ -453,14 +477,16 @@ export function matchUrlWithWildcard(url, patterns) {
453
477
  // Strip 'www.' from both the input domain and the pattern domain for comparison
454
478
  const strippedDomain = domain.startsWith("www.") ? domain.slice(4) : domain;
455
479
  // If pattern specifies a port, match the exact port
456
- if (patternPort && port !== patternPort) {
480
+ if (patternPort && port !== patternPort)
457
481
  return false;
458
- }
459
- // Handle subdomain wildcard (*.) to match both base and subdomains
460
- if (patternDomain.startsWith("*.") &&
461
- (domain === patternDomain.slice(2) ||
462
- strippedDomain === patternDomain.slice(2))) {
463
- // Check for path match if the pattern includes a path
482
+ // handle patterns like "*.example.com"
483
+ if (patternDomain.startsWith("*.")) {
484
+ const base = patternDomain.slice(2).toLowerCase();
485
+ const isDomainMatch = domain === base ||
486
+ strippedDomain === base ||
487
+ domain.endsWith("." + base);
488
+ if (!isDomainMatch)
489
+ return false;
464
490
  if (patternPath) {
465
491
  const normalizedPatternPath = patternPath
466
492
  .replace(/\*/g, ".*") // Replace '*' with regex to match any characters
@@ -471,9 +497,8 @@ export function matchUrlWithWildcard(url, patterns) {
471
497
  return true; // Domain matched, no path required
472
498
  }
473
499
  // Check if the domain matches (include check for base domain without www)
474
- if (!domainRegex.test(strippedDomain) && !domainRegex.test(domain)) {
500
+ if (!domainRegex.test(strippedDomain) && !domainRegex.test(domain))
475
501
  return false;
476
- }
477
502
  // If there's a path in the pattern, match the path
478
503
  if (patternPath) {
479
504
  const normalizedPatternPath = patternPath
@@ -487,7 +512,14 @@ export function matchUrlWithWildcard(url, patterns) {
487
512
  });
488
513
  }
489
514
  function shouldSkipHeadersPropagation(url, domainsToNotPropagateHeaderTo = []) {
490
- const urlObj = new URL(url, window.location.href);
515
+ let urlObj;
516
+ try {
517
+ urlObj = new URL(typeof url === "string" ? url : String(url?.url ?? url), window.location.href);
518
+ }
519
+ catch {
520
+ // If we cannot parse, play it safe and do NOT inject headers.
521
+ return true;
522
+ }
491
523
  // 1️⃣ STATIC ASSET EXCLUSIONS (by comprehensive file extension list)
492
524
  for (const ext of STATIC_EXTENSIONS) {
493
525
  if (urlObj.pathname.toLowerCase().endsWith(ext)) {