@sitecore-content-sdk/nextjs 1.3.0-canary.9 → 1.4.0-canary.2

package/dist/cjs/editing/render-middleware.js

@@ -1,46 +1,46 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.RenderMiddlewareBase = void 0;
-const constants_1 = require("./constants");
-/**
- * Base class for middleware that handles pages and components rendering in Sitecore Editors.
- * @deprecated getQueryParamsForPropagation and getHeadersForPropagation methods have been moved to separate exports
- */
-class RenderMiddlewareBase {
-    constructor() {
-        /**
-         * Gets query parameters that should be passed along to subsequent requests (e.g. for deployment protection bypass)
-         * @param {object} query Object of query parameters from incoming URL
-         * @returns Object of approved query parameters
-         */
-        this.getQueryParamsForPropagation = (query) => {
-            const params = {};
-            if (query[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS]) {
-                params[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS] = query[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS];
-            }
-            if (query[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE]) {
-                params[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE] = query[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE];
-            }
-            return params;
-        };
-        /**
-         * Get headers that should be passed along to subsequent requests
-         * @param {IncomingHttpHeaders} headers Incoming HTTP Headers
-         * @returns Object of approved headers
-         */
-        this.getHeadersForPropagation = (headers) => {
-            // Filter and normalize headers
-            const filteredHeaders = constants_1.EDITING_PASS_THROUGH_HEADERS.reduce((acc, header) => {
-                const value = headers.get
-                    ? headers.get(header)
-                    : headers[header];
-                if (value) {
-                    acc[header] = Array.isArray(value) ? value.join(', ') : value;
-                }
-                return acc;
-            }, {});
-            return filteredHeaders;
-        };
-    }
-}
-exports.RenderMiddlewareBase = RenderMiddlewareBase;
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RenderMiddlewareBase = void 0;
+const constants_1 = require("./constants");
+/**
+ * Base class for middleware that handles pages and components rendering in Sitecore Editors.
+ * @internal
+ */
+class RenderMiddlewareBase {
+    constructor() {
+        /**
+         * Gets query parameters that should be passed along to subsequent requests (e.g. for deployment protection bypass)
+         * @param {object} query Object of query parameters from incoming URL
+         * @returns Object of approved query parameters
+         */
+        this.getQueryParamsForPropagation = (query) => {
+            const params = {};
+            if (query[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS]) {
+                params[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS] = query[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS];
+            }
+            if (query[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE]) {
+                params[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE] = query[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE];
+            }
+            return params;
+        };
+        /**
+         * Get headers that should be passed along to subsequent requests
+         * @param {IncomingHttpHeaders} headers Incoming HTTP Headers
+         * @returns Object of approved headers
+         */
+        this.getHeadersForPropagation = (headers) => {
+            // Filter and normalize headers
+            const filteredHeaders = constants_1.EDITING_PASS_THROUGH_HEADERS.reduce((acc, header) => {
+                const value = headers.get
+                    ? headers.get(header)
+                    : headers[header];
+                if (value) {
+                    acc[header] = Array.isArray(value) ? value.join(', ') : value;
+                }
+                return acc;
+            }, {});
+            return filteredHeaders;
+        };
+    }
+}
+exports.RenderMiddlewareBase = RenderMiddlewareBase;

package/dist/cjs/editing/utils.js

@@ -1,257 +1,260 @@
-"use strict";
-var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
-    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
-    return new (P || (P = Promise))(function (resolve, reject) {
-        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
-        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
-        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
-        step((generator = generator.apply(thisArg, _arguments || [])).next());
-    });
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getCSPHeader = exports.resolveServerUrl = exports.isDesignLibraryPreviewData = exports.getEditingRequestHtml = exports.getHeadersForPropagation = exports.getQueryParamsForPropagation = exports.getRequiredEditingParamsList = exports.getPreviewCookies = exports.cleanupNextPreviewCookies = exports.mapEditingParams = exports.getEditingSecretFromRequest = void 0;
-const editing_1 = require("@sitecore-content-sdk/core/editing");
-const personalize_1 = require("@sitecore-content-sdk/core/personalize");
-const site_1 = require("@sitecore-content-sdk/core/site");
-const constants_1 = require("./constants");
-const constants_2 = require("next/constants");
-const utils_1 = require("@sitecore-content-sdk/core/utils");
-/**
- * Gets editing secret value from request
- * @param {NextApiRequest | NextRequest} req incoming request
- * @returns {string | undefined} editing secret value if present
- */
-const getEditingSecretFromRequest = (req) => {
-    const reqQuery = req.query;
-    const reqUrl = req.url;
-    let secret = undefined;
-    if (reqQuery) {
-        // pages router
-        secret = reqQuery[editing_1.QUERY_PARAM_EDITING_SECRET];
-    }
-    else if (reqUrl) {
-        // app router
-        const url = new URL(reqUrl);
-        secret = url.searchParams.get(editing_1.QUERY_PARAM_EDITING_SECRET);
-    }
-    return secret;
-};
-exports.getEditingSecretFromRequest = getEditingSecretFromRequest;
-/**
- * Parses query string and its parameters to required editing parameters
- * @param {{ [key: string]: string | undefined }} query query string values
- * @returns {EditingRenderQueryParams} editing parameters
- */
-const mapEditingParams = (query) => {
-    const params = (0, editing_1.isDesignLibraryMode)(query.mode)
-        ? {
-            itemId: query.sc_itemid,
-            componentUid: query.sc_uid,
-            renderingId: query.sc_renderingId,
-            language: query.sc_lang,
-            site: query.sc_site,
-            mode: query.mode,
-            dataSourceId: query.dataSourceId,
-            version: query.sc_version,
-            generation: query.generation,
-        }
-        : {
-            site: query.sc_site,
-            itemId: query.sc_itemid,
-            language: query.sc_lang,
-            // for sc_variantId we may employ multiple variants (page-layout + component level)
-            // they will be separated by commas (,)
-            variantIds: query.sc_variant || personalize_1.DEFAULT_VARIANT,
-            version: query.sc_version,
-            mode: query.mode,
-            layoutKind: query.sc_layoutKind,
-        };
-    return params;
-};
-exports.mapEditingParams = mapEditingParams;
-/**
- * Filters out Next.js preview cookies from a cookie string or array
- * @param {string | string[] | null} cookies cookie header value
- * @returns {string[] | null} filtered cookies
- */
-const cleanupNextPreviewCookies = (cookies) => {
-    if (!cookies) {
-        return null;
-    }
-    if (!Array.isArray(cookies)) {
-        cookies = cookies.split(',');
-    }
-    // Filter out Next.js preview cookies
-    const filteredCookies = cookies.filter((cookie) => !new RegExp(`^${"__next_preview_data" /* PreviewCookies.PREVIEW_DATA */}=`).test(cookie) &&
-        !new RegExp(`^${"__prerender_bypass" /* PreviewCookies.PRERENDER_BYPASS */}=`).test(cookie));
-    return filteredCookies;
-};
-exports.cleanupNextPreviewCookies = cleanupNextPreviewCookies;
-/**
- * Gets the Next.js preview cookies to enable preview mode
- * @param {string} site current site name
- * @returns {string[]} list of cookies to set
- */
-const getPreviewCookies = (site) => {
-    const previewSite = `${site_1.SITE_KEY}=${site}; Path=/; HttpOnly; SameSite=None; Secure`;
-    const previewCookie = `${editing_1.PREVIEW_KEY}=true; Path=/; HttpOnly; SameSite=None; Secure`;
-    return [previewSite, previewCookie];
-};
-exports.getPreviewCookies = getPreviewCookies;
-/**
- * Returns the list of required query parameters based on the page editing mode
- * @param {DesignLibraryMode | LayoutServicePageState.Preview | LayoutServicePageState.Edit} mode current page mode
- * @returns {string[]} list of required parameters for validation
- */
-const getRequiredEditingParamsList = (mode) => {
-    const editingRequiredParams = ['sc_site', 'sc_itemid', 'sc_lang', 'route', 'mode'];
-    const componentRequiredParams = [
-        'sc_site',
-        'sc_itemid',
-        'sc_renderingId',
-        'sc_uid',
-        'sc_lang',
-        'mode',
-    ];
-    return (0, editing_1.isDesignLibraryMode)(mode) ? componentRequiredParams : editingRequiredParams;
-};
-exports.getRequiredEditingParamsList = getRequiredEditingParamsList;
-/**
- * Gets query parameters that should be passed along to subsequent requests (e.g. for deployment protection bypass)
- * @param {object} query Object of query parameters from incoming URL
- * @returns Object of approved query parameters
- */
-const getQueryParamsForPropagation = (query) => {
-    const params = {};
-    if (query[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS]) {
-        params[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS] = query[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS];
-    }
-    if (query[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE]) {
-        params[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE] = query[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE];
-    }
-    return params;
-};
-exports.getQueryParamsForPropagation = getQueryParamsForPropagation;
-/**
- * Get headers that should be passed along to subsequent requests
- * @param {IncomingHttpHeaders} headers Incoming HTTP Headers
- * @returns Object of approved headers
- */
-const getHeadersForPropagation = (headers) => {
-    // Filter and normalize headers
-    const filteredHeaders = constants_1.EDITING_PASS_THROUGH_HEADERS.reduce((acc, header) => {
-        const value = headers.get
-            ? headers.get(header)
-            : headers[header];
-        if (value) {
-            acc[header] = Array.isArray(value) ? value.join(', ') : value;
-        }
-        return acc;
-    }, {});
-    return filteredHeaders;
-};
-exports.getHeadersForPropagation = getHeadersForPropagation;
-/**
- * Performs an internal request to get the HTML for the editing mode
- * @param {string} requestUrl URL to send request to
- * @param {object} propagatedQsParams query string params to use with request
- * @param {object} propagatedHeaders headers to use with request
- * @param {string[]} cookies cookies to use with request
- * @param {NativeDataFetcher} dataFetcher NativeFetcher instance to send request with
- * @returns {string} HTML with editing markup
- */
-const getEditingRequestHtml = (requestUrl, propagatedQsParams, propagatedHeaders, cookies, dataFetcher) => __awaiter(void 0, void 0, void 0, function* () {
-    // Grab the Next.js preview cookies to send on to the render request
-    propagatedHeaders.cookie = `${propagatedHeaders.cookie ? propagatedHeaders.cookie + ';' : ''}${cookies.join(';')}`;
-    // enable content sdk preview
-    propagatedHeaders.__content_sdk_preview = '1';
-    for (const key in propagatedQsParams) {
-        if ({}.hasOwnProperty.call(propagatedQsParams, key)) {
-            propagatedQsParams[key] && requestUrl.searchParams.append(key, propagatedQsParams[key]);
-        }
-    }
-    requestUrl.searchParams.append('timestamp', Date.now().toString());
-    const pageRes = yield dataFetcher
-        .get(requestUrl.toString(), {
-        credentials: 'include',
-        headers: propagatedHeaders,
-    })
-        .catch((err) => {
-        // We need to handle not found error provided by Vercel
-        // for `fallback: false` pages
-        if (err.response.status === 404) {
-            return err.response;
-        }
-        throw err;
-    });
-    let html = pageRes.data;
-    if (!html || html.length === 0) {
-        throw new Error(`Failed to render html for ${requestUrl.toString()}`);
-    }
-    // replace phkey attribute with key attribute so that newly added renderings
-    // show correct placeholders, so save and refresh won't be needed after adding each rendering
-    html = html.replace(new RegExp('phkey', 'g'), 'key');
-    // When SSG, Next will attempt to perform a router.replace on the client-side to inject the query string parms
-    // to the router state. See https://github.com/vercel/next.js/blob/v10.0.3/packages/next/client/index.tsx#L169.
-    // However, this doesn't really work since at this point we're in the editor and the location.search has nothing
-    // to do with the Next route/page we've rendered. Beyond the extraneous request, this can result in a 404 with
-    // certain route configurations (e.g. multiple catch-all routes).
-    // The following line will trick it into thinking we're SSR, thus avoiding any router.replace.
-    html = html.replace(constants_2.STATIC_PROPS_ID, constants_2.SERVER_PROPS_ID);
-    return html;
-});
-exports.getEditingRequestHtml = getEditingRequestHtml;
-/**
- * Type guard for Design Library mode
- * @param {object} data preview data to check
- * @returns true if the data is EditingPreviewData
- * @see EditingPreviewData
- */
-const isDesignLibraryPreviewData = (data) => {
-    return (typeof data === 'object' &&
-        data !== null &&
-        'mode' in data &&
-        (0, editing_1.isDesignLibraryMode)(data.mode));
-};
-exports.isDesignLibraryPreviewData = isDesignLibraryPreviewData;
-/**
- * Server URL Resolution order (highest to lowest priority):
- * 1. `config.sitecoreInternalEditingHostUrl` (explicitly set in config)
- * 2. Environment variable `SITECORE_INTERNAL_EDITING_HOST_URL`
- * 3. Fallbacks:
- *    - For XM Cloud deployments → `'http://localhost:3000'`
- *    - For all other cases → use the request `Host` header
- * Note we use https protocol on Vercel due to serverless function architecture.
- * In all other scenarios, including localhost (with or without a proxy e.g. ngrok)
- * and within a nodejs container, http protocol should be used.
- *
- * For information about the VERCEL environment variable, see
- * https://vercel.com/docs/environment-variables#system-environment-variables
- * @param {NextApiRequest} req
- */
-const resolveServerUrl = (req) => {
-    const internalHostUrl = process.env.SITECORE_INTERNAL_EDITING_HOST_URL;
-    if (internalHostUrl) {
-        return internalHostUrl;
-    }
-    // in xmc deployment we always use localhost:3000
-    if (process.env.SITECORE) {
-        return 'http://localhost:3000';
-    }
-    // to preserve auth headers, use https if we're in our 3 main hosting options
-    const useHttps = (process.env.VERCEL || process.env.NETLIFY) !== undefined;
-    const host = req.headers.get
-        ? req.headers.get('host')
-        : req.headers.host;
-    // use https for requests with auth but also support unsecured http rendering hosts
-    return `${useHttps ? 'https' : 'http'}://${host}`;
-};
-exports.resolveServerUrl = resolveServerUrl;
-/**
- * Gets the Content-Security-Policy header value
- * @returns Content-Security-Policy header value
- */
-const getCSPHeader = () => {
-    return `frame-ancestors 'self' ${[...(0, utils_1.getAllowedOriginsFromEnv)(), ...editing_1.EDITING_ALLOWED_ORIGINS].join(' ')}`;
-};
-exports.getCSPHeader = getCSPHeader;
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getCSPHeader = exports.resolveServerUrl = exports.isDesignLibraryPreviewData = exports.getEditingRequestHtml = exports.getHeadersForPropagation = exports.getQueryParamsForPropagation = exports.getRequiredEditingParamsList = exports.getPreviewCookies = exports.cleanupNextPreviewCookies = exports.mapEditingParams = exports.getEditingSecretFromRequest = void 0;
+const editing_1 = require("@sitecore-content-sdk/core/editing");
+const personalize_1 = require("@sitecore-content-sdk/core/personalize");
+const site_1 = require("@sitecore-content-sdk/core/site");
+const constants_1 = require("./constants");
+const constants_2 = require("next/constants");
+const utils_1 = require("@sitecore-content-sdk/core/utils");
+/**
+ * Gets editing secret value from request
+ * @param {NextApiRequest | NextRequest} req incoming request
+ * @returns {string | undefined} editing secret value if present
+ */
+const getEditingSecretFromRequest = (req) => {
+    const reqQuery = req.query;
+    const reqUrl = req.url;
+    let secret = undefined;
+    if (reqQuery) {
+        // pages router
+        secret = reqQuery[editing_1.QUERY_PARAM_EDITING_SECRET];
+    }
+    else if (reqUrl) {
+        // app router
+        const url = new URL(reqUrl);
+        secret = url.searchParams.get(editing_1.QUERY_PARAM_EDITING_SECRET);
+    }
+    return secret;
+};
+exports.getEditingSecretFromRequest = getEditingSecretFromRequest;
+/**
+ * Parses query string and its parameters to required editing parameters
+ * @param {{ [key: string]: string | undefined }} query query string values
+ * @returns {EditingRenderQueryParams} editing parameters
+ */
+const mapEditingParams = (query) => {
+    const params = (0, editing_1.isDesignLibraryMode)(query.mode)
+        ? {
+            itemId: query.sc_itemid,
+            componentUid: query.sc_uid,
+            renderingId: query.sc_renderingId,
+            language: query.sc_lang,
+            site: query.sc_site,
+            mode: query.mode,
+            dataSourceId: query.dataSourceId,
+            version: query.sc_version,
+            generation: query.generation,
+        }
+        : {
+            site: query.sc_site,
+            itemId: query.sc_itemid,
+            language: query.sc_lang,
+            // for sc_variantId we may employ multiple variants (page-layout + component level)
+            // they will be separated by commas (,)
+            variantIds: query.sc_variant || personalize_1.DEFAULT_VARIANT,
+            version: query.sc_version,
+            mode: query.mode,
+            layoutKind: query.sc_layoutKind,
+        };
+    return params;
+};
+exports.mapEditingParams = mapEditingParams;
+/**
+ * Filters out Next.js preview cookies from a cookie string or array
+ * @param {string | string[] | null} cookies cookie header value
+ * @returns {string[] | null} filtered cookies
+ */
+const cleanupNextPreviewCookies = (cookies) => {
+    if (!cookies) {
+        return null;
+    }
+    if (!Array.isArray(cookies)) {
+        cookies = cookies.split(',');
+    }
+    // Filter out Next.js preview cookies
+    const filteredCookies = cookies.filter((cookie) => !new RegExp(`^${"__next_preview_data" /* PreviewCookies.PREVIEW_DATA */}=`).test(cookie) &&
+        !new RegExp(`^${"__prerender_bypass" /* PreviewCookies.PRERENDER_BYPASS */}=`).test(cookie));
+    return filteredCookies;
+};
+exports.cleanupNextPreviewCookies = cleanupNextPreviewCookies;
+/**
+ * Gets the Next.js preview cookies to enable preview mode
+ * @param {string} site current site name
+ * @returns {string[]} list of cookies to set
+ */
+const getPreviewCookies = (site) => {
+    const previewSite = `${site_1.SITE_KEY}=${site}; Path=/; HttpOnly; SameSite=None; Secure`;
+    const previewCookie = `${editing_1.PREVIEW_KEY}=true; Path=/; HttpOnly; SameSite=None; Secure`;
+    return [previewSite, previewCookie];
+};
+exports.getPreviewCookies = getPreviewCookies;
+/**
+ * Returns the list of required query parameters based on the page editing mode
+ * @param {DesignLibraryMode | LayoutServicePageState.Preview | LayoutServicePageState.Edit} mode current page mode
+ * @returns {string[]} list of required parameters for validation
+ */
+const getRequiredEditingParamsList = (mode) => {
+    const editingRequiredParams = ['sc_site', 'sc_itemid', 'sc_lang', 'route', 'mode'];
+    const componentRequiredParams = [
+        'sc_site',
+        'sc_itemid',
+        'sc_renderingId',
+        'sc_uid',
+        'sc_lang',
+        'mode',
+    ];
+    return (0, editing_1.isDesignLibraryMode)(mode) ? componentRequiredParams : editingRequiredParams;
+};
+exports.getRequiredEditingParamsList = getRequiredEditingParamsList;
+/**
+ * Gets query parameters that should be passed along to subsequent requests (e.g. for deployment protection bypass)
+ * @param {object} query Object of query parameters from incoming URL
+ * @returns Object of approved query parameters
+ * @internal
+ */
+const getQueryParamsForPropagation = (query) => {
+    const params = {};
+    if (query[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS]) {
+        params[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS] = query[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS];
+    }
+    if (query[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE]) {
+        params[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE] = query[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE];
+    }
+    return params;
+};
+exports.getQueryParamsForPropagation = getQueryParamsForPropagation;
+/**
+ * Get headers that should be passed along to subsequent requests
+ * @param {IncomingHttpHeaders} headers Incoming HTTP Headers
+ * @returns Object of approved headers
+ * @internal
+ */
+const getHeadersForPropagation = (headers) => {
+    // Filter and normalize headers
+    const filteredHeaders = constants_1.EDITING_PASS_THROUGH_HEADERS.reduce((acc, header) => {
+        const value = headers.get
+            ? headers.get(header)
+            : headers[header];
+        if (value) {
+            acc[header] = Array.isArray(value) ? value.join(', ') : value;
+        }
+        return acc;
+    }, {});
+    return filteredHeaders;
+};
+exports.getHeadersForPropagation = getHeadersForPropagation;
+/**
+ * Performs an internal request to get the HTML for the editing mode
+ * @param {string} requestUrl URL to send request to
+ * @param {object} propagatedQsParams query string params to use with request
+ * @param {object} propagatedHeaders headers to use with request
+ * @param {string[]} cookies cookies to use with request
+ * @param {NativeDataFetcher} dataFetcher NativeFetcher instance to send request with
+ * @returns {string} HTML with editing markup
+ */
+const getEditingRequestHtml = (requestUrl, propagatedQsParams, propagatedHeaders, cookies, dataFetcher) => __awaiter(void 0, void 0, void 0, function* () {
+    // Grab the Next.js preview cookies to send on to the render request
+    propagatedHeaders.cookie = `${propagatedHeaders.cookie ? propagatedHeaders.cookie + ';' : ''}${cookies.join(';')}`;
+    // enable content sdk preview
+    propagatedHeaders.__content_sdk_preview = '1';
+    for (const key in propagatedQsParams) {
+        if ({}.hasOwnProperty.call(propagatedQsParams, key)) {
+            propagatedQsParams[key] && requestUrl.searchParams.append(key, propagatedQsParams[key]);
+        }
+    }
+    requestUrl.searchParams.append('timestamp', Date.now().toString());
+    const pageRes = yield dataFetcher
+        .get(requestUrl.toString(), {
+        credentials: 'include',
+        headers: propagatedHeaders,
+    })
+        .catch((err) => {
+        // We need to handle not found error provided by Vercel
+        // for `fallback: false` pages
+        if (err.response.status === 404) {
+            return err.response;
+        }
+        throw err;
+    });
+    let html = pageRes.data;
+    if (!html || html.length === 0) {
+        throw new Error(`Failed to render html for ${requestUrl.toString()}`);
+    }
+    // replace phkey attribute with key attribute so that newly added renderings
+    // show correct placeholders, so save and refresh won't be needed after adding each rendering
+    html = html.replace(new RegExp('phkey', 'g'), 'key');
+    // When SSG, Next will attempt to perform a router.replace on the client-side to inject the query string parms
+    // to the router state. See https://github.com/vercel/next.js/blob/v10.0.3/packages/next/client/index.tsx#L169.
+    // However, this doesn't really work since at this point we're in the editor and the location.search has nothing
+    // to do with the Next route/page we've rendered. Beyond the extraneous request, this can result in a 404 with
+    // certain route configurations (e.g. multiple catch-all routes).
+    // The following line will trick it into thinking we're SSR, thus avoiding any router.replace.
+    html = html.replace(constants_2.STATIC_PROPS_ID, constants_2.SERVER_PROPS_ID);
+    return html;
+});
+exports.getEditingRequestHtml = getEditingRequestHtml;
+/**
+ * Type guard for Design Library mode
+ * @param {object} data preview data to check
+ * @returns true if the data is EditingPreviewData
+ * @see EditingPreviewData
+ * @public
+ */
+const isDesignLibraryPreviewData = (data) => {
+    return (typeof data === 'object' &&
+        data !== null &&
+        'mode' in data &&
+        (0, editing_1.isDesignLibraryMode)(data.mode));
+};
+exports.isDesignLibraryPreviewData = isDesignLibraryPreviewData;
+/**
+ * Server URL Resolution order (highest to lowest priority):
+ * 1. `config.sitecoreInternalEditingHostUrl` (explicitly set in config)
+ * 2. Environment variable `SITECORE_INTERNAL_EDITING_HOST_URL`
+ * 3. Fallbacks:
+ *    - For XM Cloud deployments → `'http://localhost:3000'`
+ *    - For all other cases → use the request `Host` header
+ * Note we use https protocol on Vercel due to serverless function architecture.
+ * In all other scenarios, including localhost (with or without a proxy e.g. ngrok)
+ * and within a nodejs container, http protocol should be used.
+ *
+ * For information about the VERCEL environment variable, see
+ * https://vercel.com/docs/environment-variables#system-environment-variables
+ * @param {NextApiRequest} req
+ */
+const resolveServerUrl = (req) => {
+    const internalHostUrl = process.env.SITECORE_INTERNAL_EDITING_HOST_URL;
+    if (internalHostUrl) {
+        return internalHostUrl;
+    }
+    // in xmc deployment we always use localhost:3000
+    if (process.env.SITECORE) {
+        return 'http://localhost:3000';
+    }
+    // to preserve auth headers, use https if we're in our 3 main hosting options
+    const useHttps = (process.env.VERCEL || process.env.NETLIFY) !== undefined;
+    const host = req.headers.get
+        ? req.headers.get('host')
+        : req.headers.host;
+    // use https for requests with auth but also support unsecured http rendering hosts
+    return `${useHttps ? 'https' : 'http'}://${host}`;
+};
+exports.resolveServerUrl = resolveServerUrl;
+/**
+ * Gets the Content-Security-Policy header value
+ * @returns Content-Security-Policy header value
+ */
+const getCSPHeader = () => {
+    return `frame-ancestors 'self' ${[...(0, utils_1.getAllowedOriginsFromEnv)(), ...editing_1.EDITING_ALLOWED_ORIGINS].join(' ')}`;
+};
+exports.getCSPHeader = getCSPHeader;