@sitecore-content-sdk/nextjs 2.0.0-canary.1 → 2.0.0-canary.12

package/dist/cjs/editing/editing-render-middleware.js

@@ -34,7 +34,7 @@ class EditingRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
         super();
         this.config = config;
         this.handler = (req, res) => __awaiter(this, void 0, void 0, function* () {
-            var _a, _b, _c, _d, _e;
+            var _a, _b, _c, _d, _e, _f;
             const { body, method, headers, query } = req;
             debug_1.default.editing('editing render middleware start: %o', {
                 method,
@@ -81,15 +81,22 @@ class EditingRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
             const mode = query.mode;
             const requiredQueryParams = (0, utils_2.getRequiredEditingParamsList)(mode);
             const missingQueryParams = requiredQueryParams.filter((param) => !query[param]);
+            const { allowedQueryParams, missingAllowedParams } = (0, utils_2.getAllowedQueryParams)(query, (_b = this.config) === null || _b === void 0 ? void 0 : _b.allowedQueryParams);
             // Validate query parameters
-            if (missingQueryParams.length) {
-                debug_1.default.editing('missing required query parameters: %o', missingQueryParams);
+            if (missingQueryParams.length || missingAllowedParams.length) {
+                debug_1.default.editing('missing required query parameters: %o', [
+                    ...missingQueryParams,
+                    ...missingAllowedParams,
+                ]);
                 return res.status(400).json({
-                    html: `<html><body>Missing required query parameters: ${missingQueryParams.join(', ')}</body></html>`,
+                    html: `<html><body>Missing required query parameters: ${[
+                        ...missingQueryParams,
+                        ...missingAllowedParams,
+                    ].join(', ')}</body></html>`,
                 });
             }
             const previewDataParams = (0, utils_2.mapEditingParams)(query);
-            res.setPreviewData(Object.assign(Object.assign({}, previewDataParams), { variantIds: (_b = previewDataParams.variantIds) === null || _b === void 0 ? void 0 : _b.split(',') }), {
+            res.setPreviewData(Object.assign(Object.assign(Object.assign({}, previewDataParams), allowedQueryParams), { variantIds: (_c = previewDataParams.variantIds) === null || _c === void 0 ? void 0 : _c.split(',') }), {
                 maxAge: 3,
             });
             // Set Preview mode identifier cookie, if the page is rendered in Sitecore Preview mode
@@ -101,8 +108,8 @@ class EditingRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
             // Restrict the page to be rendered only within the allowed origins
             res.setHeader('Content-Security-Policy', (0, utils_2.getCSPHeader)());
             const encodedRoute = encodeURI(query.route);
-            const route = ((_d = (_c = this.config) === null || _c === void 0 ? void 0 : _c.resolvePageUrl) === null || _d === void 0 ? void 0 : _d.call(_c, encodedRoute)) || encodedRoute;
-            const base = ((_e = this.config) === null || _e === void 0 ? void 0 : _e.sitecoreInternalEditingHostUrl) || (0, utils_2.resolveServerUrl)(req);
+            const route = ((_e = (_d = this.config) === null || _d === void 0 ? void 0 : _d.resolvePageUrl) === null || _e === void 0 ? void 0 : _e.call(_d, encodedRoute)) || encodedRoute;
+            const base = ((_f = this.config) === null || _f === void 0 ? void 0 : _f.sitecoreInternalEditingHostUrl) || (0, utils_2.resolveServerUrl)(req);
             const requestUrl = new URL(route, base);
             const cookies = res.getHeader('Set-Cookie');
             // Make actual render request for page route, passing on preview cookies as well as any approved query string parameters.
@@ -123,6 +130,7 @@ class EditingRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
                     status: 200,
                     route,
                 });
+                res.setHeader('Content-Type', 'text/html; charset=utf-8');
                 res.status(200).send(html);
             }
             catch (err) {

package/dist/cjs/editing/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/dist/cjs/editing/utils.js

@@ -9,7 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.getCSPHeader = exports.resolveServerUrl = exports.isDesignLibraryPreviewData = exports.getEditingRequestHtml = exports.getHeadersForPropagation = exports.getQueryParamsForPropagation = exports.getRequiredEditingParamsList = exports.getPreviewCookies = exports.cleanupNextPreviewCookies = exports.mapEditingParams = exports.getEditingSecretFromRequest = void 0;
+exports.getCSPHeader = exports.resolveServerUrl = exports.isDesignLibraryPreviewData = exports.getEditingRequestHtml = exports.getHeadersForPropagation = exports.getQueryParamsForPropagation = exports.getRequiredEditingParamsList = exports.getPreviewCookies = exports.cleanupNextPreviewCookies = exports.getAllowedQueryParams = exports.mapEditingParams = exports.getEditingSecretFromRequest = void 0;
 const editing_1 = require("@sitecore-content-sdk/content/editing");
 const personalize_1 = require("@sitecore-content-sdk/content/personalize");
 const site_1 = require("@sitecore-content-sdk/content/site");
@@ -69,6 +69,35 @@ const mapEditingParams = (query) => {
     return params;
 };
 exports.mapEditingParams = mapEditingParams;
+/**
+ * Parses the query parameters based on the provided allowed parameters or a resolver function, to extract additional parameters that should be allowed.
+ * @param {{ [key: string]: string | undefined }} queryParams Object of query parameters from incoming URL.
+ * @param {AllowedQueryParams} allowedParams Allowed parameters to map.
+ * @returns Object containing the list of missing required parameters and the allowed query parameters that were extracted.
+ * @internal
+ */
+const getAllowedQueryParams = (queryParams, allowedParams) => {
+    const allowedQueryParamsList = typeof allowedParams === 'function'
+        ? allowedParams(Object.keys(queryParams))
+        : Array.isArray(allowedParams)
+            ? allowedParams
+            : [];
+    if (!allowedQueryParamsList.length)
+        return { missingAllowedParams: [], allowedQueryParams: {} };
+    return allowedQueryParamsList.reduce((acc, param) => {
+        const name = typeof param === 'string' ? param : param.name;
+        const required = typeof param === 'string' ? false : param.required;
+        const value = queryParams[name];
+        if (value !== undefined) {
+            acc.allowedQueryParams[name] = value;
+            return acc;
+        }
+        if (required)
+            acc.missingAllowedParams.push(name);
+        return acc;
+    }, { missingAllowedParams: [], allowedQueryParams: {} });
+};
+exports.getAllowedQueryParams = getAllowedQueryParams;
 /**
  * Filters out Next.js preview cookies from a cookie string or array
  * @param {string | string[] | null} cookies cookie header value

package/dist/cjs/index.js

@@ -37,7 +37,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.BYOCWrapper = exports.FEaaSWrapper = exports.BYOCServerWrapper = exports.BYOCClientWrapper = exports.FEaaSServerWrapper = exports.FEaaSClientWrapper = exports.NextImage = exports.Placeholder = exports.RichText = exports.Link = exports.useComponentProps = exports.ComponentPropsContext = exports.ComponentPropsReactContext = exports.ComponentPropsService = exports.normalizeSiteRewrite = exports.getSiteRewriteData = exports.getSiteRewrite = exports.SiteInfoService = exports.SiteResolver = exports.RobotsService = exports.ErrorPagesService = exports.SitemapXmlService = exports.REDIRECT_TYPE_SERVER_TRANSFER = exports.REDIRECT_TYPE_302 = exports.REDIRECT_TYPE_301 = exports.RedirectsService = exports.SitePathService = exports.PersonalizeService = exports.CdpHelper = exports.normalizePersonalizedRewrite = exports.getGroomedVariantIds = exports.getPersonalizedRewriteData = exports.getPersonalizedRewrite = exports.personalizeLayout = exports.DictionaryService = exports.mediaApi = exports.ComponentLayoutService = exports.ErrorPage = exports.RenderingType = exports.EditMode = exports.getContentStylesheetLink = exports.getFieldValue = exports.getChildPlaceholder = exports.LayoutService = exports.LayoutServicePageState = exports.MemoryCacheClient = exports.enableDebug = exports.NativeDataFetcher = exports.constants = exports.debug = void 0;
-exports.renderEmptyPlaceholder = exports.AppPlaceholder = exports.ClientEditingChromesUpdate = exports.Form = exports.EditingScripts = exports.withEmptyFieldEditingComponent = exports.withFieldMetadata = exports.withDatasourceCheck = exports.withPlaceholder = exports.withEditorChromes = exports.useSitecore = exports.withSitecore = exports.SitecoreProviderReactContext = exports.SitecoreProvider = exports.DefaultEmptyFieldEditingComponentText = exports.DefaultEmptyFieldEditingComponentImage = exports.DesignLibraryApp = exports.DesignLibrary = exports.File = exports.getDesignLibraryStylesheetLinks = exports.BYOCComponent = exports.fetchFEaaSComponentServerProps = exports.FEaaSComponent = exports.DateField = exports.Text = exports.Image = void 0;
+exports.analyticsProxyAdapter = exports.personalizeProxyAdapter = exports.initContentSdk = exports.renderEmptyPlaceholder = exports.AppPlaceholder = exports.ClientEditingChromesUpdate = exports.Form = exports.EditingScripts = exports.withEmptyFieldEditingComponent = exports.withFieldMetadata = exports.withDatasourceCheck = exports.withPlaceholder = exports.withAppPlaceholder = exports.withEditorChromes = exports.useSitecore = exports.withSitecore = exports.SitecoreProviderReactContext = exports.SitecoreProvider = exports.DefaultEmptyFieldEditingComponentText = exports.DefaultEmptyFieldEditingComponentImage = exports.DesignLibraryApp = exports.DesignLibrary = exports.File = exports.getDesignLibraryStylesheetLinks = exports.BYOCComponent = exports.fetchFEaaSComponentServerProps = exports.FEaaSComponent = exports.DateField = exports.Text = exports.Image = void 0;
 var debug_1 = require("./debug");
 Object.defineProperty(exports, "debug", { enumerable: true, get: function () { return __importDefault(debug_1).default; } });
 var core_1 = require("@sitecore-content-sdk/core");
@@ -126,6 +126,7 @@ Object.defineProperty(exports, "SitecoreProviderReactContext", { enumerable: tru
 Object.defineProperty(exports, "withSitecore", { enumerable: true, get: function () { return react_2.withSitecore; } });
 Object.defineProperty(exports, "useSitecore", { enumerable: true, get: function () { return react_2.useSitecore; } });
 Object.defineProperty(exports, "withEditorChromes", { enumerable: true, get: function () { return react_2.withEditorChromes; } });
+Object.defineProperty(exports, "withAppPlaceholder", { enumerable: true, get: function () { return react_2.withAppPlaceholder; } });
 Object.defineProperty(exports, "withPlaceholder", { enumerable: true, get: function () { return react_2.withPlaceholder; } });
 Object.defineProperty(exports, "withDatasourceCheck", { enumerable: true, get: function () { return react_2.withDatasourceCheck; } });
 Object.defineProperty(exports, "withFieldMetadata", { enumerable: true, get: function () { return react_2.withFieldMetadata; } });
@@ -135,3 +136,9 @@ Object.defineProperty(exports, "Form", { enumerable: true, get: function () { re
 Object.defineProperty(exports, "ClientEditingChromesUpdate", { enumerable: true, get: function () { return react_2.ClientEditingChromesUpdate; } });
 Object.defineProperty(exports, "AppPlaceholder", { enumerable: true, get: function () { return react_2.AppPlaceholder; } });
 Object.defineProperty(exports, "renderEmptyPlaceholder", { enumerable: true, get: function () { return react_2.renderEmptyPlaceholder; } });
+var core_2 = require("@sitecore-content-sdk/core");
+Object.defineProperty(exports, "initContentSdk", { enumerable: true, get: function () { return core_2.initContentSdk; } });
+var personalize_adapter_1 = require("./initialization/proxy/personalize-adapter");
+Object.defineProperty(exports, "personalizeProxyAdapter", { enumerable: true, get: function () { return personalize_adapter_1.personalizeProxyAdapter; } });
+var analytics_adapter_1 = require("./initialization/proxy/analytics-adapter");
+Object.defineProperty(exports, "analyticsProxyAdapter", { enumerable: true, get: function () { return analytics_adapter_1.analyticsProxyAdapter; } });

package/dist/cjs/initialization/proxy/analytics-adapter.js

@@ -0,0 +1,80 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getClientId = void 0;
+exports.analyticsProxyAdapter = analyticsProxyAdapter;
+const internal_1 = require("@sitecore-content-sdk/analytics-core/internal");
+const internal_2 = require("@sitecore-content-sdk/analytics-core/internal");
+const core_1 = require("@sitecore-content-sdk/core");
+/**
+ * Creates a proxy-based analytics adapter that reads and writes the visitor ID
+ * using cookies and can resolve a new client ID from the Edge proxy when needed.
+ * The adapter also provides access to the current URL search parameters.
+ * @param {NextRequest} request - The Next.js request object.
+ * @param {NextResponse} response - The Next.js response object.
+ * @returns {AnalyticsProxyAdapter} The analytics proxy adapter.
+ * @public
+ */
+function analyticsProxyAdapter(request, response) {
+    return {
+        type: 'proxy',
+        getClientId: () => {
+            return (0, exports.getClientId)(request);
+        },
+        setClientId: () => __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            const coreConfig = (0, core_1.getCoreContext)().config;
+            const analyticsOptions = (0, internal_2.getAnalyticsPlugin)().options;
+            const cookieOptions = analyticsOptions.cookies;
+            const clientIdCookieName = cookieOptions.name;
+            const legacyClientIdCookieName = `${internal_1.COOKIE_NAME_PREFIX}${coreConfig.contextId}`;
+            const cookieAttributes = (0, internal_1.getDefaultCookieAttributes)(cookieOptions.expiryDays, cookieOptions.domain);
+            const legacyClientIdCookie = (_a = request.cookies.get(legacyClientIdCookieName)) === null || _a === void 0 ? void 0 : _a.value;
+            if (legacyClientIdCookie) {
+                request.cookies.set(clientIdCookieName, legacyClientIdCookie);
+                response.cookies.set(clientIdCookieName, legacyClientIdCookie, Object.assign(Object.assign({}, cookieAttributes), { sameSite: 'none' }));
+                request.cookies.delete(legacyClientIdCookieName);
+                response.cookies.delete(legacyClientIdCookieName);
+                return;
+            }
+            const clientIdCookie = (0, exports.getClientId)(request);
+            let newClientIdCookieValue;
+            if (!clientIdCookie) {
+                const cookieValues = yield (0, internal_1.fetchClientIdFromEdgeProxy)(coreConfig.edgeUrl, coreConfig.contextId, analyticsOptions.timeout);
+                newClientIdCookieValue = cookieValues.clientId;
+                analyticsOptions.visitorIds = cookieValues;
+            }
+            else
+                newClientIdCookieValue = clientIdCookie;
+            if (!clientIdCookie)
+                request.cookies.set(clientIdCookieName, newClientIdCookieValue);
+            const attributes = (0, internal_1.getDefaultCookieAttributes)(cookieOptions.expiryDays, cookieOptions.domain);
+            response.cookies.set(clientIdCookieName, newClientIdCookieValue, Object.assign(Object.assign({}, attributes), { sameSite: 'none' }));
+        }),
+        location: {
+            getSearchParams: () => {
+                return request.nextUrl.searchParams.toString();
+            },
+        },
+    };
+}
+/**
+ * Retrieves the client ID from the request cookies.
+ * @param {NextRequest} request
+ * @returns {string | null} The client ID or null if not found.
+ * @internal
+ */
+const getClientId = (request) => {
+    var _a;
+    const clientIdCookieName = (0, internal_2.getAnalyticsPlugin)().options.cookies.name;
+    return ((_a = request.cookies.get(clientIdCookieName)) === null || _a === void 0 ? void 0 : _a.value) || null;
+};
+exports.getClientId = getClientId;

package/dist/cjs/initialization/proxy/personalize-adapter.js

@@ -0,0 +1,81 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.personalizeProxyAdapter = personalizeProxyAdapter;
+const internal_1 = require("@sitecore-content-sdk/analytics-core/internal");
+const internal_2 = require("@sitecore-content-sdk/analytics-core/internal");
+const core_1 = require("@sitecore-content-sdk/core");
+const internal_3 = require("@sitecore-content-sdk/personalize/internal");
+const analytics_adapter_1 = require("./analytics-adapter");
+/**
+ * Creates a proxy-based personalize adapter that reads and writes the profile ID
+ * using cookies and can resolve a new profile ID from the Edge proxy when needed.
+ * The adapter also provides access user agent from the request headers.
+ * @param {NextRequest} request - The HTTP request object.
+ * @param {NextResponse} response - The HTTP response object.
+ * @returns {PersonalizeProxyAdapter} The personalize proxy adapter.
+ * @public
+ */
+function personalizeProxyAdapter(request, response) {
+    return {
+        type: 'proxy',
+        getUserAgent: () => request.headers.get('user-agent') || undefined,
+        getProfileId: () => {
+            return getProfileId(request);
+        },
+        setProfileId: () => __awaiter(this, void 0, void 0, function* () {
+            var _a;
+            const coreConfig = (0, core_1.getCoreContext)().config;
+            const cookieOptions = (0, internal_2.getAnalyticsPlugin)().options.cookies;
+            const personalizePlugin = (0, internal_3.getPersonalizePlugin)();
+            const profileIdCookieName = personalizePlugin.options.cookies.name;
+            const cookieAttributes = (0, internal_1.getDefaultCookieAttributes)(cookieOptions.expiryDays, cookieOptions.domain);
+            const legacyProfileIdCookieName = `${internal_1.COOKIE_NAME_PREFIX}${coreConfig.contextId}_personalize`;
+            const legacyProfileIdCookie = (_a = request.cookies.get(legacyProfileIdCookieName)) === null || _a === void 0 ? void 0 : _a.value;
+            if (legacyProfileIdCookie) {
+                request.cookies.set(profileIdCookieName, legacyProfileIdCookie);
+                response.cookies.set(profileIdCookieName, legacyProfileIdCookie, Object.assign(Object.assign({}, cookieAttributes), { sameSite: 'none' }));
+                request.cookies.delete(legacyProfileIdCookieName);
+                response.cookies.delete(legacyProfileIdCookieName);
+                return;
+            }
+            const cookiesValuesFromEdgeServer = (0, internal_2.getAnalyticsPlugin)().options.visitorIds;
+            const profileIdCookie = getProfileId(request);
+            const clientIdCookie = (0, analytics_adapter_1.getClientId)(request);
+            let newProfileIdCookieValue;
+            if (profileIdCookie)
+                newProfileIdCookieValue = profileIdCookie;
+            else if (cookiesValuesFromEdgeServer === null || cookiesValuesFromEdgeServer === void 0 ? void 0 : cookiesValuesFromEdgeServer.profileId)
+                newProfileIdCookieValue = cookiesValuesFromEdgeServer.profileId;
+            else if (clientIdCookie) {
+                const profileIdCookieValueFromEdgeProxy = yield (0, internal_3.fetchProfileIdFromEdgeProxy)(clientIdCookie, coreConfig.contextId, coreConfig.edgeUrl);
+                newProfileIdCookieValue = profileIdCookieValueFromEdgeProxy;
+            }
+            else
+                return;
+            if (!profileIdCookie)
+                request.cookies.set(profileIdCookieName, newProfileIdCookieValue);
+            const attributes = (0, internal_1.getDefaultCookieAttributes)(cookieOptions.expiryDays, cookieOptions.domain);
+            response.cookies.set(profileIdCookieName, newProfileIdCookieValue, Object.assign(Object.assign({}, attributes), { sameSite: 'none' }));
+        }),
+    };
+}
+/**
+ * Retrieves the profile ID from request cookies.
+ * @param {NextRequest} request
+ * @returns {string | null} The profile ID or null if not found.
+ * @internal
+ */
+function getProfileId(request) {
+    var _a;
+    const profileIdCookieName = (0, internal_3.getPersonalizePlugin)().options.cookies.name;
+    return ((_a = request.cookies.get(profileIdCookieName)) === null || _a === void 0 ? void 0 : _a.value) || null;
+}

package/dist/cjs/middleware/robots-middleware.js

@@ -10,7 +10,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.RobotsMiddleware = void 0;
+const core_1 = require("@sitecore-content-sdk/core");
 const site_1 = require("../site");
+const { ERROR_MESSAGES } = core_1.constants;
 /**
  * Middleware for handling robots.txt requests in a Next.js application.
  * @public
@@ -37,7 +39,7 @@ class RobotsMiddleware {
                 res.status(200).send(robotsContent);
             }
             catch (_b) {
-                res.status(500).send('Internal Server Error');
+                res.status(500).send(`Internal Server Error. ${ERROR_MESSAGES.CONTACT_SUPPORT}`);
             }
         });
     }

package/dist/cjs/middleware/sitemap-middleware.js

@@ -10,7 +10,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.SitemapMiddleware = void 0;
+const core_1 = require("@sitecore-content-sdk/core");
 const site_1 = require("../site");
+const { ERROR_MESSAGES } = core_1.constants;
 /**
  * Middleware for handling sitemap requests in a Next.js application.
  * Encapsulates all HTTP-related logic for sitemap generation and delivery.
@@ -41,7 +43,7 @@ class SitemapMiddleware {
                     res.redirect('/404');
                 }
                 else {
-                    res.status(500).send('Internal Server Error');
+                    res.status(500).send(`Internal Server Error. ${ERROR_MESSAGES.CONTACT_SUPPORT}`);
                 }
             }
         });

package/dist/cjs/proxy/personalize-proxy.js

@@ -15,9 +15,13 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.PersonalizeProxy = void 0;
 const personalize_1 = require("@sitecore-content-sdk/content/personalize");
 const proxy_1 = require("./proxy");
-const server_1 = require("@sitecore-cloudsdk/core/server");
-const server_2 = require("@sitecore-cloudsdk/personalize/server");
+const core_1 = require("@sitecore-content-sdk/core");
+const personalize_2 = require("@sitecore-content-sdk/personalize");
 const debug_1 = __importDefault(require("../debug"));
+const analytics_core_1 = require("@sitecore-content-sdk/analytics-core");
+const analytics_adapter_1 = require("../initialization/proxy/analytics-adapter");
+const personalize_3 = require("@sitecore-content-sdk/personalize");
+const personalize_adapter_1 = require("../initialization/proxy/personalize-adapter");
 /**
  * Proxy / handler to support Sitecore Personalize
  * @public
@@ -93,7 +97,7 @@ class PersonalizeProxy extends proxy_1.ProxyBase {
                 const executions = this.getPersonalizeExecutions(personalizeInfo, language);
                 const identifiedVariantIds = [];
                 yield Promise.all(executions.map((execution) => this.personalize(Object.assign({ friendlyId: execution.friendlyId, variantIds: execution.variantIds, params,
-                    language, timeout: cdpTimeout }, (geo && { geo })), req).then((personalization) => {
+                    language, timeout: cdpTimeout }, (geo && { geo }))).then((personalization) => {
                     const variantId = personalization.variantId;
                     if (variantId) {
                         if (!execution.variantIds.includes(variantId)) {
@@ -177,22 +181,35 @@ class PersonalizeProxy extends proxy_1.ProxyBase {
     }
     initPersonalizeServer(_a) {
         return __awaiter(this, arguments, void 0, function* ({ hostname, siteName, request, response, }) {
-            yield (0, server_1.CloudSDK)(request, response, {
-                sitecoreEdgeUrl: this.config.edgeUrl,
-                sitecoreEdgeContextId: this.config.contextId,
-                siteName,
-                cookieDomain: hostname,
-                enableServerCookie: true,
-            })
-                .addPersonalize({ enablePersonalizeCookie: true })
-                .initialize();
+            yield (0, core_1.initContentSdk)({
+                config: {
+                    contextId: this.config.contextId,
+                    edgeUrl: this.config.edgeUrl,
+                    siteName,
+                },
+                plugins: [
+                    (0, analytics_core_1.analyticsPlugin)({
+                        options: {
+                            enableCookie: true,
+                            cookieDomain: hostname,
+                        },
+                        adapter: (0, analytics_adapter_1.analyticsProxyAdapter)(request, response),
+                    }),
+                    (0, personalize_3.personalizeServerPlugin)({
+                        options: {
+                            enablePersonalizeCookie: true,
+                        },
+                        adapter: (0, personalize_adapter_1.personalizeProxyAdapter)(request, response),
+                    }),
+                ],
+            });
         });
     }
-    personalize(_a, request_1) {
-        return __awaiter(this, arguments, void 0, function* ({ params, friendlyId, language, timeout, variantIds, geo, }, request) {
+    personalize(_a) {
+        return __awaiter(this, arguments, void 0, function* ({ params, friendlyId, language, timeout, variantIds, geo, }) {
             var _b;
             debug_1.default.personalize('executing experience for %s %o', friendlyId, params);
-            return (yield (0, server_2.personalize)(request, Object.assign({ channel: this.config.channel || 'WEB', currency: (_b = this.config.currency) !== null && _b !== void 0 ? _b : 'USD', friendlyId,
+            return (yield (0, personalize_2.personalize)(Object.assign({ channel: this.config.channel || 'WEB', currency: (_b = this.config.currency) !== null && _b !== void 0 ? _b : 'USD', friendlyId,
                 params,
                 language, pageVariantIds: variantIds }, (geo && { geo })), { timeout }));
         });

package/dist/cjs/route-handler/editing-render-route-handler.js

@@ -116,11 +116,18 @@ const createEditingRenderRouteHandlers = (options) => {
         const mode = query.mode;
         const requiredQueryParams = (0, utils_2.getRequiredEditingParamsList)(mode);
         const missingQueryParams = requiredQueryParams.filter((param) => !query[param]);
+        const { allowedQueryParams, missingAllowedParams } = (0, utils_2.getAllowedQueryParams)(query, options.allowedQueryParams);
         // Validate query parameters
-        if (missingQueryParams.length) {
-            debug_1.default.editing('missing required query parameters: %o', missingQueryParams);
+        if (missingQueryParams.length || missingAllowedParams.length) {
+            debug_1.default.editing('missing required query parameters: %o', [
+                ...missingQueryParams,
+                ...missingAllowedParams,
+            ]);
             return Response.json({
-                html: `<html><body>Missing required query parameters: ${missingQueryParams.join(', ')}</body></html>`,
+                html: `<html><body>Missing required query parameters: ${[
+                    ...missingQueryParams,
+                    ...missingAllowedParams,
+                ].join(', ')}</body></html>`,
             }, { status: 400, headers: responseHeaders });
         }
         const encodedRoute = encodeURI(query.route);
@@ -156,7 +163,7 @@ const createEditingRenderRouteHandlers = (options) => {
             debug_1.default.editing('fetching page route for %s', query.route);
             // Get query string parameters to propagate on subsequent requests (e.g. for deployment protection bypass)
             // Additionally ,in app router preview data is passed through query string instead of preview data cookie
-            const propagatedQsParams = Object.assign(Object.assign({}, (0, utils_2.getQueryParamsForPropagation)(query)), (0, utils_2.mapEditingParams)(query));
+            const propagatedQsParams = Object.assign(Object.assign(Object.assign({}, (0, utils_2.getQueryParamsForPropagation)(query)), (0, utils_2.mapEditingParams)(query)), allowedQueryParams);
             // Get headers to propagate on subsequent requests
             const propagatedHeaders = (0, utils_2.getHeadersForPropagation)(headers);
             const html = yield (0, utils_2.getEditingRequestHtml)(requestUrl, propagatedQsParams, propagatedHeaders, convertedCookies, dataFetcher);
@@ -215,7 +222,7 @@ const createEditingRenderRouteHandlers = (options) => {
         req.nextUrl.searchParams.forEach((value, key) => {
             query[key] = value;
         });
-        const propagatedQsParams = Object.assign(Object.assign({}, (0, utils_2.getQueryParamsForPropagation)(query)), (0, utils_2.mapEditingParams)(query));
+        const propagatedQsParams = Object.assign(Object.assign(Object.assign({}, (0, utils_2.getQueryParamsForPropagation)(query)), (0, utils_2.mapEditingParams)(query)), (0, utils_2.getAllowedQueryParams)(query, options.allowedQueryParams).allowedQueryParams);
         const base = (0, utils_2.resolveServerUrl)(req);
         const targetUrl = new URL('/', base);
         for (const key in propagatedQsParams) {

package/dist/cjs/tools/codegen/import-map.js

@@ -1,9 +1,9 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.writeImportMap = exports.__mockDependencies = void 0;
-const tools_1 = require("@sitecore-content-sdk/content/tools");
+const node_tools_1 = require("@sitecore-content-sdk/content/node-tools");
 const utils_1 = require("../templating/utils");
-let writeImportMapCore = tools_1.writeImportMap;
+let writeImportMapCore = node_tools_1.writeImportMap;
 const __mockDependencies = (mocks) => {
     if (mocks.writeImportMapCore) {
         writeImportMapCore = mocks.writeImportMapCore;

package/dist/cjs/tools/index.js

@@ -1,12 +1,12 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.writeImportMap = exports.generateMap = exports.generateMetadata = exports.extractFiles = exports.getComponentList = exports.generateSites = void 0;
-var tools_1 = require("@sitecore-content-sdk/content/tools");
-Object.defineProperty(exports, "generateSites", { enumerable: true, get: function () { return tools_1.generateSites; } });
-Object.defineProperty(exports, "getComponentList", { enumerable: true, get: function () { return tools_1.getComponentList; } });
-Object.defineProperty(exports, "extractFiles", { enumerable: true, get: function () { return tools_1.extractFiles; } });
-var tools_2 = require("@sitecore-content-sdk/core/tools");
-Object.defineProperty(exports, "generateMetadata", { enumerable: true, get: function () { return tools_2.generateMetadata; } });
+var node_tools_1 = require("@sitecore-content-sdk/content/node-tools");
+Object.defineProperty(exports, "generateSites", { enumerable: true, get: function () { return node_tools_1.generateSites; } });
+Object.defineProperty(exports, "getComponentList", { enumerable: true, get: function () { return node_tools_1.getComponentList; } });
+Object.defineProperty(exports, "extractFiles", { enumerable: true, get: function () { return node_tools_1.extractFiles; } });
+var node_tools_2 = require("@sitecore-content-sdk/core/node-tools");
+Object.defineProperty(exports, "generateMetadata", { enumerable: true, get: function () { return node_tools_2.generateMetadata; } });
 var generate_map_1 = require("./generate-map");
 Object.defineProperty(exports, "generateMap", { enumerable: true, get: function () { return generate_map_1.generateMap; } });
 var import_map_1 = require("./codegen/import-map");

package/dist/cjs/tools/templating/utils.js

@@ -9,10 +9,9 @@ exports.getComponentListWithTypes = getComponentListWithTypes;
 exports.nextjsClientMapTemplate = nextjsClientMapTemplate;
 exports.nextjsServertMapTemplate = nextjsServertMapTemplate;
 exports.nextjsDefaultMapTemplate = nextjsDefaultMapTemplate;
-const tools_1 = require("@sitecore-content-sdk/content/tools");
+const node_tools_1 = require("@sitecore-content-sdk/content/node-tools");
 const typescript_1 = __importDefault(require("typescript"));
 const fs_1 = __importDefault(require("fs"));
-const tools_2 = require("@sitecore-content-sdk/content/tools");
 /**
  * Detects the Next.js router type (App Router or Pages Router) based on directory structure.
  * @param {string} projectRoot - The project root directory. Defaults to current working directory.
@@ -178,7 +177,7 @@ function detectComponentType(filePath, routerType) {
  * @internal
  */
 function getComponentListWithTypes(paths, exclude, includeVariants, routerType) {
-    const components = (0, tools_1.getComponentList)(paths, exclude, includeVariants);
+    const components = (0, node_tools_1.getComponentList)(paths, exclude, includeVariants);
     const detectedRouterType = routerType || detectRouterType();
     return components.map((component) => (Object.assign(Object.assign({}, component), { componentType: detectComponentType(component.filePath, detectedRouterType) })));
 }
@@ -189,7 +188,7 @@ function getComponentListWithTypes(paths, exclude, includeVariants, routerType)
  */
 function nextjsClientMapTemplate(indexedImportMap) {
     return `'use client';
-  ${(0, tools_2.defaultImportMapTemplate)(indexedImportMap, 'nextjs')}`;
+  ${(0, node_tools_1.defaultImportMapTemplate)(indexedImportMap, 'nextjs')}`;
 }
 /**
  * React-specific import map template for server side imports only. Used in App Router.
@@ -197,7 +196,7 @@ function nextjsClientMapTemplate(indexedImportMap) {
  * @returns {string} contents for resulting import map file
  */
 function nextjsServertMapTemplate(indexedImportMap) {
-    return (0, tools_2.defaultImportMapTemplate)(indexedImportMap, 'nextjs', 'defaultServerImportEntries');
+    return (0, node_tools_1.defaultImportMapTemplate)(indexedImportMap, 'nextjs', 'defaultServerImportEntries');
 }
 /**
  * React-specific import map template. Used in Pages Router.
@@ -205,5 +204,5 @@ function nextjsServertMapTemplate(indexedImportMap) {
  * @returns {string} contents for resulting import map file
  */
 function nextjsDefaultMapTemplate(indexedImportMap) {
-    return (0, tools_2.defaultImportMapTemplate)(indexedImportMap, 'nextjs');
+    return (0, node_tools_1.defaultImportMapTemplate)(indexedImportMap, 'nextjs');
 }

package/dist/esm/editing/editing-render-middleware.js

@@ -14,7 +14,7 @@ import { getEditingSecret } from '../utils/utils';
 import { RenderMiddlewareBase } from './render-middleware';
 import { getEnforcedCorsHeaders } from '@sitecore-content-sdk/core/tools';
 import debug from '../debug';
-import { getPreviewCookies, getRequiredEditingParamsList, mapEditingParams, cleanupNextPreviewCookies, getQueryParamsForPropagation, getHeadersForPropagation, getEditingRequestHtml, getCSPHeader, resolveServerUrl, } from './utils';
+import { getPreviewCookies, getRequiredEditingParamsList, mapEditingParams, cleanupNextPreviewCookies, getQueryParamsForPropagation, getHeadersForPropagation, getEditingRequestHtml, getCSPHeader, resolveServerUrl, getAllowedQueryParams, } from './utils';
 /**
  * Middleware / handler for use in the editing render Next.js API route (e.g. '/api/editing/render')
  * which is required for Sitecore editing support.
@@ -28,7 +28,7 @@ export class EditingRenderMiddleware extends RenderMiddlewareBase {
         super();
         this.config = config;
         this.handler = (req, res) => __awaiter(this, void 0, void 0, function* () {
-            var _a, _b, _c, _d, _e;
+            var _a, _b, _c, _d, _e, _f;
             const { body, method, headers, query } = req;
             debug.editing('editing render middleware start: %o', {
                 method,
@@ -75,15 +75,22 @@ export class EditingRenderMiddleware extends RenderMiddlewareBase {
             const mode = query.mode;
             const requiredQueryParams = getRequiredEditingParamsList(mode);
             const missingQueryParams = requiredQueryParams.filter((param) => !query[param]);
+            const { allowedQueryParams, missingAllowedParams } = getAllowedQueryParams(query, (_b = this.config) === null || _b === void 0 ? void 0 : _b.allowedQueryParams);
             // Validate query parameters
-            if (missingQueryParams.length) {
-                debug.editing('missing required query parameters: %o', missingQueryParams);
+            if (missingQueryParams.length || missingAllowedParams.length) {
+                debug.editing('missing required query parameters: %o', [
+                    ...missingQueryParams,
+                    ...missingAllowedParams,
+                ]);
                 return res.status(400).json({
-                    html: `<html><body>Missing required query parameters: ${missingQueryParams.join(', ')}</body></html>`,
+                    html: `<html><body>Missing required query parameters: ${[
+                        ...missingQueryParams,
+                        ...missingAllowedParams,
+                    ].join(', ')}</body></html>`,
                 });
             }
             const previewDataParams = mapEditingParams(query);
-            res.setPreviewData(Object.assign(Object.assign({}, previewDataParams), { variantIds: (_b = previewDataParams.variantIds) === null || _b === void 0 ? void 0 : _b.split(',') }), {
+            res.setPreviewData(Object.assign(Object.assign(Object.assign({}, previewDataParams), allowedQueryParams), { variantIds: (_c = previewDataParams.variantIds) === null || _c === void 0 ? void 0 : _c.split(',') }), {
                 maxAge: 3,
             });
             // Set Preview mode identifier cookie, if the page is rendered in Sitecore Preview mode
@@ -95,8 +102,8 @@ export class EditingRenderMiddleware extends RenderMiddlewareBase {
             // Restrict the page to be rendered only within the allowed origins
             res.setHeader('Content-Security-Policy', getCSPHeader());
             const encodedRoute = encodeURI(query.route);
-            const route = ((_d = (_c = this.config) === null || _c === void 0 ? void 0 : _c.resolvePageUrl) === null || _d === void 0 ? void 0 : _d.call(_c, encodedRoute)) || encodedRoute;
-            const base = ((_e = this.config) === null || _e === void 0 ? void 0 : _e.sitecoreInternalEditingHostUrl) || resolveServerUrl(req);
+            const route = ((_e = (_d = this.config) === null || _d === void 0 ? void 0 : _d.resolvePageUrl) === null || _e === void 0 ? void 0 : _e.call(_d, encodedRoute)) || encodedRoute;
+            const base = ((_f = this.config) === null || _f === void 0 ? void 0 : _f.sitecoreInternalEditingHostUrl) || resolveServerUrl(req);
             const requestUrl = new URL(route, base);
             const cookies = res.getHeader('Set-Cookie');
             // Make actual render request for page route, passing on preview cookies as well as any approved query string parameters.
@@ -117,6 +124,7 @@ export class EditingRenderMiddleware extends RenderMiddlewareBase {
                     status: 200,
                     route,
                 });
+                res.setHeader('Content-Type', 'text/html; charset=utf-8');
                 res.status(200).send(html);
             }
             catch (err) {

package/dist/esm/editing/types.js

@@ -0,0 +1 @@
+export {};