@sitecore-content-sdk/nextjs 1.3.0-canary.9 → 1.4.0-canary.2

package/dist/esm/route-handler/editing-render-route-handler.js

@@ -1,160 +1,265 @@
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-import { debug, NativeDataFetcher } from '@sitecore-content-sdk/core';
-import { EDITING_ALLOWED_ORIGINS, PREVIEW_KEY, QUERY_PARAM_EDITING_SECRET, } from '@sitecore-content-sdk/core/editing';
-import { getEnforcedCorsHeaders } from '@sitecore-content-sdk/core/utils';
-import { LayoutServicePageState } from '@sitecore-content-sdk/core/layout';
-import { getEditingSecret } from '../utils/utils';
-import { draftMode, cookies as nextCokies } from 'next/headers';
-import { mapEditingParams, getEditingRequestHtml, cleanupNextPreviewCookies, getHeadersForPropagation, getQueryParamsForPropagation, getRequiredEditingParamsList, getCSPHeader, resolveServerUrl, } from '../editing/utils';
-import { SITE_KEY } from '@sitecore-content-sdk/core/site';
-/**
- * Helper function to handle cookie operations - can be mocked for testing
- * @returns {Promise<NextCookies>} Next cookies
- */
-export function getNextCookies() {
-    return __awaiter(this, void 0, void 0, function* () {
-        // In test environment, use mock cookie store only if specifically provided
-        if (process.env.TEST === 'true' && global.__TEST_COOKIE_STORE__) {
-            return global.__TEST_COOKIE_STORE__;
-        }
-        return yield nextCokies();
-    });
-}
-export const createEditingRenderRouteHandlers = (options) => {
-    const dataFetcher = new NativeDataFetcher({ debugger: debug.editing });
-    const OPTIONS = (req) => {
-        var _a;
-        // init query string values
-        const query = {};
-        req.nextUrl.searchParams.forEach((value, key) => {
-            query[key] = value;
-        });
-        const expectedCorsHeaders = getEnforcedCorsHeaders({
-            requestMethod: req.method,
-            headers: req.headers,
-            presetCorsHeader: (_a = req.headers) === null || _a === void 0 ? void 0 : _a.get('Access-Control-Allow-Origin'),
-            allowedOrigins: EDITING_ALLOWED_ORIGINS,
-        });
-        if (!expectedCorsHeaders) {
-            debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
-            return new Response(`<html><body>Requests from origin ${req.headers.get('origin')} not allowed</body></html>`, { status: 401 });
-        }
-        debug.editing('preflight request');
-        return new Response(null, { status: 204, headers: expectedCorsHeaders });
-    };
-    const GET = (req) => __awaiter(void 0, void 0, void 0, function* () {
-        var _a, _b;
-        const { method, headers } = req;
-        // init query string values
-        const query = {};
-        req.nextUrl.searchParams.forEach((value, key) => {
-            query[key] = value;
-        });
-        debug.editing('editing render handler start: %o', {
-            method,
-            query,
-            headers,
-        });
-        const expectedCorsHeaders = getEnforcedCorsHeaders({
-            requestMethod: req.method,
-            headers: headers,
-            presetCorsHeader: headers.get('Access-Control-Allow-Origin'),
-            allowedOrigins: EDITING_ALLOWED_ORIGINS,
-        });
-        if (!expectedCorsHeaders) {
-            debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
-            return new Response(`<html><body>Requests from origin ${req.headers.get('origin')} not allowed</body></html>`, { status: 401 });
-        }
-        const responseHeaders = expectedCorsHeaders;
-        // Validate secret
-        const secret = query[QUERY_PARAM_EDITING_SECRET];
-        if (secret !== getEditingSecret()) {
-            debug.editing('invalid editing secret - sent "%s" expected "%s"', secret, getEditingSecret());
-            return Response.json({
-                html: '<html><body>Missing or invalid secret</body></html>',
-            }, { status: 401, headers: responseHeaders });
-        }
-        // enable preview
-        const draft = yield draftMode();
-        draft.enable();
-        const startTimestamp = Date.now();
-        const mode = query.mode;
-        const requiredQueryParams = getRequiredEditingParamsList(mode);
-        const missingQueryParams = requiredQueryParams.filter((param) => !query[param]);
-        // Validate query parameters
-        if (missingQueryParams.length) {
-            debug.editing('missing required query parameters: %o', missingQueryParams);
-            return Response.json({
-                html: `<html><body>Missing required query parameters: ${missingQueryParams.join(', ')}</body></html>`,
-            }, { status: 400, headers: responseHeaders });
-        }
-        const encodedRoute = encodeURI(query.route);
-        const route = ((_a = options === null || options === void 0 ? void 0 : options.resolvePageUrl) === null || _a === void 0 ? void 0 : _a.call(options, encodedRoute)) || encodedRoute;
-        const base = resolveServerUrl(req);
-        const requestUrl = new URL(route, base);
-        // Restrict the page to be rendered only within the allowed origins
-        responseHeaders['Content-Security-Policy'] = getCSPHeader();
-        const cookieStore = yield getNextCookies();
-        cookieStore.set("__prerender_bypass" /* PreviewCookies.PRERENDER_BYPASS */, ((_b = cookieStore.get("__prerender_bypass" /* PreviewCookies.PRERENDER_BYPASS */)) === null || _b === void 0 ? void 0 : _b.value) || '', {
-            httpOnly: true,
-            path: '/',
-            sameSite: 'none',
-            secure: true,
-        });
-        // Set Preview mode identifier cookies, if the page is rendered in Sitecore Preview mode
-        if (mode === LayoutServicePageState.Preview) {
-            cookieStore.set(PREVIEW_KEY, 'true', {
-                httpOnly: true,
-                path: '/',
-                sameSite: 'none',
-                secure: true,
-            });
-            cookieStore.set(SITE_KEY, query.sc_site, {
-                httpOnly: true,
-                path: '/',
-                sameSite: 'none',
-                secure: true,
-            });
-        }
-        const convertedCookies = cookieStore.getAll().map((c) => `${c.name}=${c.value}`);
-        try {
-            debug.editing('fetching page route for %s', query.route);
-            // Get query string parameters to propagate on subsequent requests (e.g. for deployment protection bypass)
-            // Additionally ,in app router preview data is passed through query string instead of preview data cookie
-            const propagatedQsParams = Object.assign(Object.assign({}, getQueryParamsForPropagation(query)), mapEditingParams(query));
-            // Get headers to propagate on subsequent requests
-            const propagatedHeaders = getHeadersForPropagation(headers);
-            const html = yield getEditingRequestHtml(requestUrl, propagatedQsParams, propagatedHeaders, convertedCookies, dataFetcher);
-            // remove nextjs preview cookies to not leak them to the browser
-            const filteredCookies = cleanupNextPreviewCookies(convertedCookies);
-            responseHeaders['Set-Cookie'] = (filteredCookies === null || filteredCookies === void 0 ? void 0 : filteredCookies.join('; ')) || '';
-            debug.editing('editing render handler end in %dms: %o', Date.now() - startTimestamp, {
-                status: 200,
-                route,
-            });
-            responseHeaders['Content-Type'] = 'text/html; charset=utf-8';
-            return new Response(html, { status: 200, headers: responseHeaders });
-        }
-        catch (err) {
-            debug.editing('error fetching page route %s: %o', requestUrl, err);
-            debug.editing('falling back to redirect method... ');
-            debug.editing('editing render handler end in %dms: redirect %o', Date.now() - startTimestamp, {
-                status: 307,
-                route,
-            });
-            return Response.redirect(route);
-        }
-        finally {
-            yield draft.disable();
-        }
-    });
-    return { GET, OPTIONS };
-};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { debug, NativeDataFetcher } from '@sitecore-content-sdk/core';
+import { EDITING_ALLOWED_ORIGINS, PREVIEW_KEY, QUERY_PARAM_EDITING_SECRET, INVALID_SECRET_HTML_MESSAGE, } from '@sitecore-content-sdk/core/editing';
+import { getEnforcedCorsHeaders } from '@sitecore-content-sdk/core/utils';
+import { LayoutServicePageState } from '@sitecore-content-sdk/core/layout';
+import { getEditingSecret } from '../utils/utils';
+import { draftMode, cookies as nextCokies } from 'next/headers';
+import { mapEditingParams, getEditingRequestHtml, cleanupNextPreviewCookies, getHeadersForPropagation, getQueryParamsForPropagation, getRequiredEditingParamsList, getCSPHeader, resolveServerUrl, } from '../editing/utils';
+import { SITE_KEY } from '@sitecore-content-sdk/core/site';
+/**
+ * Helper function to handle cookie operations - can be mocked for testing
+ * @returns {Promise<NextCookies>} Next cookies
+ */
+export function getNextCookies() {
+    return __awaiter(this, void 0, void 0, function* () {
+        // In test environment, use mock cookie store only if specifically provided
+        if (process.env.TEST === 'true' && global.__TEST_COOKIE_STORE__) {
+            return global.__TEST_COOKIE_STORE__;
+        }
+        return yield nextCokies();
+    });
+}
+/**
+ * Creates a route handler for the editing render API route (e.g. '/api/editing/render')
+ * @param {EditingHandlerOptions} options - The options for the route handler.
+ * @returns The route handler object with GET and OPTIONS methods.
+ * @public
+ */
+export const createEditingRenderRouteHandlers = (options) => {
+    const dataFetcher = new NativeDataFetcher({ debugger: debug.editing });
+    const getCorsHeaders = (req) => {
+        var _a;
+        const expectedCorsHeaders = getEnforcedCorsHeaders({
+            requestMethod: req.method,
+            headers: req.headers,
+            presetCorsHeader: (_a = req.headers) === null || _a === void 0 ? void 0 : _a.get('Access-Control-Allow-Origin'),
+            allowedOrigins: EDITING_ALLOWED_ORIGINS,
+        });
+        if (!expectedCorsHeaders) {
+            debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
+        }
+        return expectedCorsHeaders;
+    };
+    const getOriginNotAllowedMessage = (origin) => {
+        return `<html><body>Requests from origin ${origin} not allowed</body></html>`;
+    };
+    const validateEditingSecret = (receivedSecret) => {
+        const editingSecret = getEditingSecret();
+        const secretIsvalid = editingSecret === receivedSecret;
+        if (!secretIsvalid) {
+            debug.editing('invalid editing secret - sent "%s" expected "%s"', receivedSecret, editingSecret);
+        }
+        return secretIsvalid;
+    };
+    const OPTIONS = (req) => {
+        // init query string values
+        const query = {};
+        req.nextUrl.searchParams.forEach((value, key) => {
+            query[key] = value;
+        });
+        const expectedCorsHeaders = getCorsHeaders(req);
+        if (!expectedCorsHeaders) {
+            return new Response(getOriginNotAllowedMessage(req.headers.get('origin') || ''), {
+                status: 401,
+            });
+        }
+        debug.editing('preflight request');
+        return new Response(null, { status: 204, headers: expectedCorsHeaders });
+    };
+    const GET = (req) => __awaiter(void 0, void 0, void 0, function* () {
+        var _a, _b;
+        const { method, headers } = req;
+        // init query string values
+        const query = {};
+        req.nextUrl.searchParams.forEach((value, key) => {
+            query[key] = value;
+        });
+        debug.editing('editing render handler start: %o', {
+            method,
+            query,
+            headers,
+        });
+        const expectedCorsHeaders = getCorsHeaders(req);
+        if (!expectedCorsHeaders) {
+            return new Response(getOriginNotAllowedMessage(req.headers.get('origin') || ''), {
+                status: 401,
+            });
+        }
+        const responseHeaders = expectedCorsHeaders;
+        // Validate secret
+        if (!validateEditingSecret(query[QUERY_PARAM_EDITING_SECRET])) {
+            return Response.json({
+                html: INVALID_SECRET_HTML_MESSAGE,
+            }, { status: 401, headers: responseHeaders });
+        }
+        // enable preview
+        const draft = yield draftMode();
+        draft.enable();
+        const startTimestamp = Date.now();
+        const mode = query.mode;
+        const requiredQueryParams = getRequiredEditingParamsList(mode);
+        const missingQueryParams = requiredQueryParams.filter((param) => !query[param]);
+        // Validate query parameters
+        if (missingQueryParams.length) {
+            debug.editing('missing required query parameters: %o', missingQueryParams);
+            return Response.json({
+                html: `<html><body>Missing required query parameters: ${missingQueryParams.join(', ')}</body></html>`,
+            }, { status: 400, headers: responseHeaders });
+        }
+        const encodedRoute = encodeURI(query.route);
+        const route = ((_a = options === null || options === void 0 ? void 0 : options.resolvePageUrl) === null || _a === void 0 ? void 0 : _a.call(options, encodedRoute)) || encodedRoute;
+        const base = resolveServerUrl(req);
+        const requestUrl = new URL(route, base);
+        // Restrict the page to be rendered only within the allowed origins
+        responseHeaders['Content-Security-Policy'] = getCSPHeader();
+        const cookieStore = yield getNextCookies();
+        cookieStore.set("__prerender_bypass" /* PreviewCookies.PRERENDER_BYPASS */, ((_b = cookieStore.get("__prerender_bypass" /* PreviewCookies.PRERENDER_BYPASS */)) === null || _b === void 0 ? void 0 : _b.value) || '', {
+            httpOnly: true,
+            path: '/',
+            sameSite: 'none',
+            secure: true,
+        });
+        // Set Preview mode identifier cookies, if the page is rendered in Sitecore Preview mode
+        if (mode === LayoutServicePageState.Preview) {
+            cookieStore.set(PREVIEW_KEY, 'true', {
+                httpOnly: true,
+                path: '/',
+                sameSite: 'none',
+                secure: true,
+            });
+            cookieStore.set(SITE_KEY, query.sc_site, {
+                httpOnly: true,
+                path: '/',
+                sameSite: 'none',
+                secure: true,
+            });
+        }
+        const convertedCookies = cookieStore.getAll().map((c) => `${c.name}=${c.value}`);
+        try {
+            debug.editing('fetching page route for %s', query.route);
+            // Get query string parameters to propagate on subsequent requests (e.g. for deployment protection bypass)
+            // Additionally ,in app router preview data is passed through query string instead of preview data cookie
+            const propagatedQsParams = Object.assign(Object.assign({}, getQueryParamsForPropagation(query)), mapEditingParams(query));
+            // Get headers to propagate on subsequent requests
+            const propagatedHeaders = getHeadersForPropagation(headers);
+            const html = yield getEditingRequestHtml(requestUrl, propagatedQsParams, propagatedHeaders, convertedCookies, dataFetcher);
+            // remove nextjs preview cookies to not leak them to the browser
+            const filteredCookies = cleanupNextPreviewCookies(convertedCookies);
+            responseHeaders['Set-Cookie'] = (filteredCookies === null || filteredCookies === void 0 ? void 0 : filteredCookies.join('; ')) || '';
+            debug.editing('editing render handler end in %dms: %o', Date.now() - startTimestamp, {
+                status: 200,
+                route,
+            });
+            responseHeaders['Content-Type'] = 'text/html; charset=utf-8';
+            return new Response(html, { status: 200, headers: responseHeaders });
+        }
+        catch (err) {
+            debug.editing('error fetching page route %s: %o', requestUrl, err);
+            debug.editing('falling back to redirect method... ');
+            debug.editing('editing render handler end in %dms: redirect %o', Date.now() - startTimestamp, {
+                status: 307,
+                route,
+            });
+            return Response.redirect(route);
+        }
+        finally {
+            yield draft.disable();
+        }
+    });
+    /**
+     * This POST handler serves as proxy for server action call when Design Library is rendering server component.
+     * When Design Library needs to dynamically update or render a generated variant of server component a server action {@link updateServerComponentAction} is called from the client side.
+     * The way server functions work is that the action call is made to the same URL with POST method, which in normal page render is handled internally by Next.js.
+     * However, in editing mode we are in an api route handler scenario so we need to proxy the POST request to be able to process the server action correctly.
+     * @param {NextRequest} req - The incoming request
+     */
+    const POST = (req) => __awaiter(void 0, void 0, void 0, function* () {
+        var _a;
+        const requestOrigin = req.headers.get('origin') || '';
+        const originHost = new URL(requestOrigin).host;
+        const expectedCorsHeaders = getCorsHeaders(req);
+        // Bypass CORS if:
+        // we are in local or sitecore environment - requested hostname is 'localhost'
+        // or the request is same origin (e.g. in vercel netlify environment)
+        const bypassCors = req.nextUrl.hostname === 'localhost' || req.nextUrl.host === originHost;
+        if (!bypassCors && !expectedCorsHeaders) {
+            return new Response(getOriginNotAllowedMessage(requestOrigin), {
+                status: 401,
+            });
+        }
+        // Validate secret
+        if (!validateEditingSecret(req.nextUrl.searchParams.get(QUERY_PARAM_EDITING_SECRET) || '')) {
+            return Response.json({
+                html: INVALID_SECRET_HTML_MESSAGE,
+            }, { status: 401, headers: expectedCorsHeaders !== null && expectedCorsHeaders !== void 0 ? expectedCorsHeaders : {} });
+        }
+        // propagate vercel protection query parameters; map query parameters for design library request
+        const query = {};
+        req.nextUrl.searchParams.forEach((value, key) => {
+            query[key] = value;
+        });
+        const propagatedQsParams = Object.assign(Object.assign({}, getQueryParamsForPropagation(query)), mapEditingParams(query));
+        const base = resolveServerUrl(req);
+        const targetUrl = new URL('/', base);
+        for (const key in propagatedQsParams) {
+            if ({}.hasOwnProperty.call(propagatedQsParams, key)) {
+                propagatedQsParams[key] && targetUrl.searchParams.append(key, propagatedQsParams[key]);
+            }
+        }
+        targetUrl.searchParams.append('timestamp', Date.now().toString());
+        // enable draft mode in order to get prerender bypass cookie from request
+        const draft = yield draftMode();
+        draft.enable();
+        // add prerender bypass cookie to forwarded request in order to enable draft mode
+        const cookieStore = yield getNextCookies();
+        const reqCookie = req.headers.get('cookie') || '';
+        const prerenderBypassCookie = `${"__prerender_bypass" /* PreviewCookies.PRERENDER_BYPASS */}=${((_a = cookieStore.get("__prerender_bypass" /* PreviewCookies.PRERENDER_BYPASS */)) === null || _a === void 0 ? void 0 : _a.value) || ''}`;
+        const forwardCookie = reqCookie
+            ? `${reqCookie}; ${prerenderBypassCookie}`
+            : prerenderBypassCookie;
+        const forwardHeaders = new Headers(req.headers);
+        forwardHeaders.set('cookie', forwardCookie);
+        const forwardedResponse = yield dataFetcher.fetch(targetUrl.toString(), {
+            method: req.method,
+            headers: forwardHeaders,
+            body: req.body,
+            duplex: 'half',
+        });
+        // Filter out x-middleware headers since rewrites are not allowed in route handlers
+        // Also filter out content-encoding and content-length to avoid issues when browser reads the payload
+        const filteredHeaders = new Headers();
+        const forwardedHeaders = new Headers(forwardedResponse.headers);
+        forwardedHeaders.forEach((value, key) => {
+            if (key !== 'x-middleware-next' &&
+                key !== 'x-middleware-rewrite' &&
+                key !== 'content-encoding' &&
+                key !== 'content-length') {
+                filteredHeaders.set(key, value);
+            }
+        });
+        // Restrict the page to be rendered only within the allowed origins
+        filteredHeaders.set('Content-Security-Policy', getCSPHeader());
+        // add expected CORS headers to response
+        Object.entries(expectedCorsHeaders !== null && expectedCorsHeaders !== void 0 ? expectedCorsHeaders : {}).forEach(([key, value]) => {
+            filteredHeaders.set(key, value);
+        });
+        // remove nextjs preview cookies to not leak them to the browser
+        const filteredCookies = cleanupNextPreviewCookies(filteredHeaders.get('Set-Cookie'));
+        filteredHeaders.set('Set-Cookie', (filteredCookies === null || filteredCookies === void 0 ? void 0 : filteredCookies.join('; ')) || '');
+        return new Response(forwardedResponse.data, {
+            status: forwardedResponse.status,
+            statusText: forwardedResponse.statusText,
+            headers: filteredHeaders,
+        });
+    });
+    return { GET, POST, OPTIONS };
+};

package/dist/esm/route-handler/index.js

@@ -1,4 +1,4 @@
-export { createSitemapRouteHandler } from './sitemap-route-handler';
-export { createRobotsRouteHandler } from './robots-route-handler';
-export { createEditingConfigRouteHandler } from './editing-config-route-handler';
-export { createEditingRenderRouteHandlers } from './editing-render-route-handler';
+export { createSitemapRouteHandler } from './sitemap-route-handler';
+export { createRobotsRouteHandler } from './robots-route-handler';
+export { createEditingConfigRouteHandler } from './editing-config-route-handler';
+export { createEditingRenderRouteHandlers } from './editing-render-route-handler';

package/dist/esm/route-handler/robots-route-handler.js

@@ -1,64 +1,65 @@
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-import { SiteResolver } from '@sitecore-content-sdk/core/site';
-import { debug } from '@sitecore-content-sdk/core';
-import { unstable_cache } from 'next/cache';
-/**
- * Creates a route handler to serve the robots.txt file.
- * @param {RouteHandlerOptions} options - The options for the route handler.
- * @returns The route handler.
- */
-export const createRobotsRouteHandler = (options) => {
-    const { client, sites, revalidate = 60 } = options;
-    const siteResolver = new SiteResolver(sites);
-    const getRobots = unstable_cache((site) => __awaiter(void 0, void 0, void 0, function* () {
-        return client.getRobots(site);
-    }), ['robots'], {
-        revalidate,
-        tags: ['robots'],
-    });
-    const GET = (req) => __awaiter(void 0, void 0, void 0, function* () {
-        var _a;
-        try {
-            const startTimestamp = Date.now();
-            const hostName = ((_a = req.headers.get('host')) === null || _a === void 0 ? void 0 : _a.split(':')[0]) || 'localhost';
-            const site = siteResolver.getByHost(hostName);
-            debug.robots('robots route handler start: %o', {
-                hostName,
-                siteName: site.name,
-            });
-            const robotsContent = yield getRobots(site.name);
-            if (!robotsContent) {
-                debug.robots('robots route handler end in %dms', Date.now() - startTimestamp);
-                return new Response('User-agent: *\nDisallow: /', {
-                    status: 404,
-                    headers: {
-                        'Content-Type': 'text/plain',
-                    },
-                });
-            }
-            debug.robots('robots route handler end in %dms', Date.now() - startTimestamp);
-            return new Response(robotsContent, {
-                status: 200,
-                headers: {
-                    'Content-Type': 'text/plain',
-                },
-            });
-        }
-        catch (error) {
-            console.log('Robots route handler failed:');
-            console.log(error);
-            return new Response('Internal Server Error', {
-                status: 500,
-            });
-        }
-    });
-    return { GET };
-};
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import { SiteResolver } from '@sitecore-content-sdk/core/site';
+import { debug } from '@sitecore-content-sdk/core';
+import { unstable_cache } from 'next/cache';
+/**
+ * Creates a route handler to serve the robots.txt file.
+ * @param {RouteHandlerOptions} options - The options for the route handler.
+ * @returns The route handler object with GET method.
+ * @public
+ */
+export const createRobotsRouteHandler = (options) => {
+    const { client, sites, revalidate = 60 } = options;
+    const siteResolver = new SiteResolver(sites);
+    const getRobots = unstable_cache((site) => __awaiter(void 0, void 0, void 0, function* () {
+        return client.getRobots(site);
+    }), ['robots'], {
+        revalidate,
+        tags: ['robots'],
+    });
+    const GET = (req) => __awaiter(void 0, void 0, void 0, function* () {
+        var _a;
+        try {
+            const startTimestamp = Date.now();
+            const hostName = ((_a = req.headers.get('host')) === null || _a === void 0 ? void 0 : _a.split(':')[0]) || 'localhost';
+            const site = siteResolver.getByHost(hostName);
+            debug.robots('robots route handler start: %o', {
+                hostName,
+                siteName: site.name,
+            });
+            const robotsContent = yield getRobots(site.name);
+            if (!robotsContent) {
+                debug.robots('robots route handler end in %dms', Date.now() - startTimestamp);
+                return new Response('User-agent: *\nDisallow: /', {
+                    status: 404,
+                    headers: {
+                        'Content-Type': 'text/plain',
+                    },
+                });
+            }
+            debug.robots('robots route handler end in %dms', Date.now() - startTimestamp);
+            return new Response(robotsContent, {
+                status: 200,
+                headers: {
+                    'Content-Type': 'text/plain',
+                },
+            });
+        }
+        catch (error) {
+            console.log('Robots route handler failed:');
+            console.log(error);
+            return new Response('Internal Server Error', {
+                status: 500,
+            });
+        }
+    });
+    return { GET };
+};