@sitecore-jss/sitecore-jss-nextjs 21.6.0-canary.22 → 21.6.0-canary.23

package/dist/cjs/editing/constants.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.QUERY_PARAM_PROTECTION_BYPASS_VERCEL = exports.QUERY_PARAM_PROTECTION_BYPASS_SITECORE = exports.QUERY_PARAM_EDITING_SECRET = void 0;
+exports.QUERY_PARAM_EDITING_SECRET = 'secret';
+exports.QUERY_PARAM_PROTECTION_BYPASS_SITECORE = 'x-sitecore-protection-bypass';
+exports.QUERY_PARAM_PROTECTION_BYPASS_VERCEL = 'x-vercel-protection-bypass';

package/dist/cjs/editing/editing-data-middleware.js

@@ -12,7 +12,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.EditingDataMiddleware = void 0;
 const editing_data_cache_1 = require("./editing-data-cache");
 const editing_data_1 = require("./editing-data");
-const editing_data_service_1 = require("./editing-data-service");
+const constants_1 = require("./constants");
 const utils_1 = require("../utils/utils");
 /**
  * Middleware / handler for use in the editing data Next.js API dynamic route (e.g. '/api/editing/data/[key]')
@@ -26,7 +26,7 @@ class EditingDataMiddleware {
         var _a, _b;
         this.handler = (req, res) => __awaiter(this, void 0, void 0, function* () {
             const { method, query, body } = req;
-            const secret = query[editing_data_service_1.QUERY_PARAM_EDITING_SECRET];
+            const secret = query[constants_1.QUERY_PARAM_EDITING_SECRET];
             const key = query[this.queryParamKey];
             // Validate secret
             if (secret !== (0, utils_1.getJssEditingSecret)()) {

package/dist/cjs/editing/editing-data-service.js

@@ -9,11 +9,11 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.editingDataService = exports.ServerlessEditingDataService = exports.BasicEditingDataService = exports.generateKey = exports.QUERY_PARAM_EDITING_SECRET = void 0;
+exports.editingDataService = exports.ServerlessEditingDataService = exports.BasicEditingDataService = exports.generateKey = void 0;
+const constants_1 = require("./constants");
 const sitecore_jss_1 = require("@sitecore-jss/sitecore-jss");
 const editing_data_cache_1 = require("./editing-data-cache");
 const utils_1 = require("../utils/utils");
-exports.QUERY_PARAM_EDITING_SECRET = 'secret';
 /**
  * Unique key generator.
  * Need more than just the item GUID since requests are made "live" during editing in EE.
@@ -98,13 +98,14 @@ class ServerlessEditingDataService {
      * @param {string} serverUrl The server url to use for subsequent data API requests
      * @returns {Promise} The {@link EditingPreviewData} containing the generated key and serverUrl to use for retrieval
      */
-    setEditingData(data, serverUrl) {
+    setEditingData(data, serverUrl, params) {
         return __awaiter(this, void 0, void 0, function* () {
             const key = this.generateKey(data);
-            const url = this.getUrl(serverUrl, key);
+            const url = this.getUrl(serverUrl, key, params);
             const previewData = {
                 key,
                 serverUrl,
+                params,
             };
             sitecore_jss_1.debug.editing('storing editing data for %o: %o', previewData, data);
             return this.dataFetcher.put(url, data).then(() => {
@@ -123,20 +124,27 @@ class ServerlessEditingDataService {
             if (!(editingPreviewData === null || editingPreviewData === void 0 ? void 0 : editingPreviewData.serverUrl)) {
                 return undefined;
             }
-            const url = this.getUrl(editingPreviewData.serverUrl, editingPreviewData.key);
+            const url = this.getUrl(editingPreviewData.serverUrl, editingPreviewData.key, editingPreviewData.params);
             sitecore_jss_1.debug.editing('retrieving editing data for %o', previewData);
             return this.dataFetcher.get(url).then((response) => {
                 return response.data;
             });
         });
     }
-    getUrl(serverUrl, key) {
+    getUrl(serverUrl, key, params) {
         var _a;
         // Example URL format:
         //  http://localhost:3000/api/editing/data/52961eea-bafd-5287-a532-a72e36bd8a36-qkb4e3fv5x?secret=1234secret
         const apiRoute = (_a = this.apiRoute) === null || _a === void 0 ? void 0 : _a.replace('[key]', key);
         const url = new URL(apiRoute, serverUrl);
-        url.searchParams.append(exports.QUERY_PARAM_EDITING_SECRET, (0, utils_1.getJssEditingSecret)());
+        url.searchParams.append(constants_1.QUERY_PARAM_EDITING_SECRET, (0, utils_1.getJssEditingSecret)());
+        if (params) {
+            for (const key in params) {
+                if ({}.hasOwnProperty.call(params, key)) {
+                    url.searchParams.append(key, params[key]);
+                }
+            }
+        }
         return url.toString();
     }
 }

package/dist/cjs/editing/editing-render-middleware.js

@@ -15,6 +15,7 @@ const sitecore_jss_1 = require("@sitecore-jss/sitecore-jss");
 const layout_1 = require("@sitecore-jss/sitecore-jss/layout");
 const node_html_parser_1 = require("node-html-parser");
 const editing_data_service_1 = require("./editing-data-service");
+const constants_2 = require("./constants");
 const utils_1 = require("../utils/utils");
 /**
  * Middleware / handler for use in the editing render Next.js API route (e.g. '/api/editing/render')
@@ -26,6 +27,21 @@ class EditingRenderMiddleware {
      */
     constructor(config) {
         var _a, _b, _c, _d;
+        /**
+         * Gets query parameters that should be passed along to subsequent requests
+         * @param query Object of query parameters from incoming URL
+         * @returns Object of approved query parameters
+         */
+        this.getQueryParamsForPropagation = (query) => {
+            const params = {};
+            if (query[constants_2.QUERY_PARAM_PROTECTION_BYPASS_SITECORE]) {
+                params[constants_2.QUERY_PARAM_PROTECTION_BYPASS_SITECORE] = query[constants_2.QUERY_PARAM_PROTECTION_BYPASS_SITECORE];
+            }
+            if (query[constants_2.QUERY_PARAM_PROTECTION_BYPASS_VERCEL]) {
+                params[constants_2.QUERY_PARAM_PROTECTION_BYPASS_VERCEL] = query[constants_2.QUERY_PARAM_PROTECTION_BYPASS_VERCEL];
+            }
+            return params;
+        };
         this.handler = (req, res) => __awaiter(this, void 0, void 0, function* () {
             var _e, _f;
             const { method, query, body, headers } = req;
@@ -44,7 +60,7 @@ class EditingRenderMiddleware {
                 });
             }
             // Validate secret
-            const secret = (_e = query[editing_data_service_1.QUERY_PARAM_EDITING_SECRET]) !== null && _e !== void 0 ? _e : body === null || body === void 0 ? void 0 : body.jssEditingSecret;
+            const secret = (_e = query[constants_2.QUERY_PARAM_EDITING_SECRET]) !== null && _e !== void 0 ? _e : body === null || body === void 0 ? void 0 : body.jssEditingSecret;
             if (secret !== (0, utils_1.getJssEditingSecret)()) {
                 sitecore_jss_1.debug.editing('invalid editing secret - sent "%s" expected "%s"', secret, (0, utils_1.getJssEditingSecret)());
                 return res.status(401).json({
@@ -56,21 +72,28 @@ class EditingRenderMiddleware {
                 const editingData = extractEditingData(req);
                 // Resolve server URL
                 const serverUrl = this.resolveServerUrl(req);
+                // Get query string parameters to propagate on subsequent requests (e.g. for deployment protection bypass)
+                const params = this.getQueryParamsForPropagation(query);
                 // Stash for use later on (i.e. within getStatic/ServerSideProps).
                 // Note we can't set this directly in setPreviewData since it's stored as a cookie (2KB limit)
                 // https://nextjs.org/docs/advanced-features/preview-mode#previewdata-size-limits)
-                const previewData = yield this.editingDataService.setEditingData(editingData, serverUrl);
+                const previewData = yield this.editingDataService.setEditingData(editingData, serverUrl, params);
                 // Enable Next.js Preview Mode, passing our preview data (i.e. editingData cache key)
                 res.setPreviewData(previewData);
                 // Grab the Next.js preview cookies to send on to the render request
                 const cookies = res.getHeader('Set-Cookie');
-                // Make actual render request for page route, passing on preview cookies.
+                // Make actual render request for page route, passing on preview cookies as well as any approved query string parameters.
                 // Note timestamp effectively disables caching the request in Axios (no amount of cache headers seemed to do it)
-                const requestUrl = this.resolvePageUrl(serverUrl, editingData.path);
                 sitecore_jss_1.debug.editing('fetching page route for %s', editingData.path);
-                const queryStringCharacter = requestUrl.indexOf('?') === -1 ? '?' : '&';
+                const requestUrl = new URL(this.resolvePageUrl(serverUrl, editingData.path));
+                for (const key in params) {
+                    if ({}.hasOwnProperty.call(params, key)) {
+                        requestUrl.searchParams.append(key, params[key]);
+                    }
+                }
+                requestUrl.searchParams.append('timestamp', Date.now().toString());
                 const pageRes = yield this.dataFetcher
-                    .get(`${requestUrl}${queryStringCharacter}timestamp=${Date.now()}`, {
+                    .get(requestUrl.toString(), {
                     headers: {
                         Cookie: cookies.join(';'),
                     },
@@ -85,7 +108,7 @@ class EditingRenderMiddleware {
                 });
                 let html = pageRes.data;
                 if (!html || html.length === 0) {
-                    throw new Error(`Failed to render html for ${requestUrl}`);
+                    throw new Error(`Failed to render html for ${editingData.path}`);
                 }
                 // replace phkey attribute with key attribute so that newly added renderings
                 // show correct placeholders, so save and refresh won't be needed after adding each rendering
@@ -101,7 +124,7 @@ class EditingRenderMiddleware {
                     // Handle component rendering. Extract component markup only
                     html = (_f = (0, node_html_parser_1.parse)(html).getElementById(layout_1.EDITING_COMPONENT_ID)) === null || _f === void 0 ? void 0 : _f.innerHTML;
                     if (!html)
-                        throw new Error(`Failed to render component for ${requestUrl}`);
+                        throw new Error(`Failed to render component for ${editingData.path}`);
                 }
                 const body = { html };
                 // Return expected JSON result

package/dist/cjs/graphql/index.js

@@ -0,0 +1,6 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getEdgeProxyContentUrl = exports.GraphQLRequestClient = void 0;
+var graphql_1 = require("@sitecore-jss/sitecore-jss/graphql");
+Object.defineProperty(exports, "GraphQLRequestClient", { enumerable: true, get: function () { return graphql_1.GraphQLRequestClient; } });
+Object.defineProperty(exports, "getEdgeProxyContentUrl", { enumerable: true, get: function () { return graphql_1.getEdgeProxyContentUrl; } });

package/dist/cjs/index.js

@@ -23,7 +23,7 @@ var __importStar = (this && this.__importStar) || function (mod) {
     return result;
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.NextImage = exports.EditingComponentPlaceholder = exports.Placeholder = exports.RichText = exports.Link = exports.useComponentProps = exports.ComponentPropsContext = exports.ComponentPropsReactContext = exports.normalizeSiteRewrite = exports.getSiteRewriteData = exports.getSiteRewrite = exports.GraphQLSiteInfoService = exports.SiteResolver = exports.GraphQLRobotsService = exports.GraphQLErrorPagesService = exports.GraphQLSitemapXmlService = exports.MultisiteGraphQLSitemapService = exports.GraphQLSitemapService = exports.DisconnectedSitemapService = exports.ComponentPropsService = exports.GraphQLRequestClient = exports.PosResolver = exports.CdpHelper = exports.normalizePersonalizedRewrite = exports.getPersonalizedRewriteData = exports.getPersonalizedRewrite = exports.personalizeLayout = exports.RestDictionaryService = exports.GraphQLDictionaryService = exports.trackingApi = exports.mediaApi = exports.EDITING_COMPONENT_ID = exports.EDITING_COMPONENT_PLACEHOLDER = exports.RenderingType = exports.getFieldValue = exports.getChildPlaceholder = exports.RestLayoutService = exports.GraphQLLayoutService = exports.LayoutServicePageState = exports.tryParseEnvValue = exports.resolveUrl = exports.resetEditorChromes = exports.isEditorActive = exports.getPublicUrl = exports.handleEditorFastRefresh = exports.debug = exports.enableDebug = exports.NativeDataFetcher = exports.AxiosDataFetcher = exports.constants = void 0;
+exports.NextImage = exports.EditingComponentPlaceholder = exports.Placeholder = exports.RichText = exports.Link = exports.useComponentProps = exports.ComponentPropsContext = exports.ComponentPropsReactContext = exports.normalizeSiteRewrite = exports.getSiteRewriteData = exports.getSiteRewrite = exports.GraphQLSiteInfoService = exports.SiteResolver = exports.GraphQLRobotsService = exports.GraphQLErrorPagesService = exports.GraphQLSitemapXmlService = exports.MultisiteGraphQLSitemapService = exports.GraphQLSitemapService = exports.DisconnectedSitemapService = exports.ComponentPropsService = exports.PosResolver = exports.CdpHelper = exports.normalizePersonalizedRewrite = exports.getPersonalizedRewriteData = exports.getPersonalizedRewrite = exports.personalizeLayout = exports.RestDictionaryService = exports.GraphQLDictionaryService = exports.trackingApi = exports.mediaApi = exports.EDITING_COMPONENT_ID = exports.EDITING_COMPONENT_PLACEHOLDER = exports.RenderingType = exports.getFieldValue = exports.getChildPlaceholder = exports.RestLayoutService = exports.GraphQLLayoutService = exports.LayoutServicePageState = exports.tryParseEnvValue = exports.resolveUrl = exports.resetEditorChromes = exports.isEditorActive = exports.getPublicUrl = exports.handleEditorFastRefresh = exports.GraphQLRequestClient = exports.debug = exports.enableDebug = exports.NativeDataFetcher = exports.AxiosDataFetcher = exports.constants = void 0;
 exports.withDatasourceCheck = exports.withPlaceholder = exports.withEditorChromes = exports.useSitecoreContext = exports.withSitecoreContext = exports.SitecoreContextReactContext = exports.SitecoreContext = exports.VisitorIdentification = exports.File = exports.getFEAASLibraryStylesheetLinks = exports.BYOCComponent = exports.fetchFEaaSComponentServerProps = exports.FEaaSComponent = exports.EditFrame = exports.DateField = exports.Text = exports.Image = exports.ComponentBuilder = exports.BYOCWrapper = exports.FEaaSWrapper = void 0;
 var sitecore_jss_1 = require("@sitecore-jss/sitecore-jss");
 Object.defineProperty(exports, "constants", { enumerable: true, get: function () { return sitecore_jss_1.constants; } });
@@ -33,6 +33,7 @@ Object.defineProperty(exports, "enableDebug", { enumerable: true, get: function
 Object.defineProperty(exports, "debug", { enumerable: true, get: function () { return sitecore_jss_1.debug; } });
 // we will remove the root exports for these later
 // we cannot mark exports as deprected directly, so we're using this hack instead
+const graphql_1 = require("./graphql");
 const utils_1 = require("@sitecore-jss/sitecore-jss/utils");
 const utils_2 = require("./utils");
 /** @deprecated use import from '@sitecore-jss/sitecore-jss-nextjs/utils' instead */
@@ -50,6 +51,11 @@ exports.resolveUrl = resolveUrl;
 exports.tryParseEnvValue = tryParseEnvValue;
 exports.handleEditorFastRefresh = handleEditorFastRefresh;
 exports.getPublicUrl = getPublicUrl;
+/** @deprecated use import from '@sitecore-jss/sitecore-jss-nextjs/graphql' instead */
+const { GraphQLRequestClientDep: GraphQLRequestClient } = {
+    GraphQLRequestClientDep: graphql_1.GraphQLRequestClient,
+};
+exports.GraphQLRequestClient = GraphQLRequestClient;
 var layout_1 = require("@sitecore-jss/sitecore-jss/layout");
 Object.defineProperty(exports, "LayoutServicePageState", { enumerable: true, get: function () { return layout_1.LayoutServicePageState; } });
 Object.defineProperty(exports, "GraphQLLayoutService", { enumerable: true, get: function () { return layout_1.GraphQLLayoutService; } });
@@ -73,8 +79,6 @@ Object.defineProperty(exports, "getPersonalizedRewriteData", { enumerable: true,
 Object.defineProperty(exports, "normalizePersonalizedRewrite", { enumerable: true, get: function () { return personalize_1.normalizePersonalizedRewrite; } });
 Object.defineProperty(exports, "CdpHelper", { enumerable: true, get: function () { return personalize_1.CdpHelper; } });
 Object.defineProperty(exports, "PosResolver", { enumerable: true, get: function () { return personalize_1.PosResolver; } });
-var sitecore_jss_2 = require("@sitecore-jss/sitecore-jss");
-Object.defineProperty(exports, "GraphQLRequestClient", { enumerable: true, get: function () { return sitecore_jss_2.GraphQLRequestClient; } });
 var component_props_service_1 = require("./services/component-props-service");
 Object.defineProperty(exports, "ComponentPropsService", { enumerable: true, get: function () { return component_props_service_1.ComponentPropsService; } });
 var disconnected_sitemap_service_1 = require("./services/disconnected-sitemap-service");

package/dist/cjs/services/base-graphql-sitemap-service.js

@@ -195,6 +195,14 @@ class BaseGraphQLSitemapService {
      * @returns {GraphQLClient} implementation
      */
     getGraphQLClient() {
+        if (!this.options.endpoint) {
+            if (!this.options.clientFactory) {
+                throw new Error('You should provide either an endpoint and apiKey, or a clientFactory.');
+            }
+            return this.options.clientFactory({
+                debugger: sitecore_jss_1.debug.sitemap,
+            });
+        }
         return new graphql_1.GraphQLRequestClient(this.options.endpoint, {
             apiKey: this.options.apiKey,
             debugger: sitecore_jss_1.debug.sitemap,

package/dist/esm/editing/constants.js

@@ -0,0 +1,3 @@
+export const QUERY_PARAM_EDITING_SECRET = 'secret';
+export const QUERY_PARAM_PROTECTION_BYPASS_SITECORE = 'x-sitecore-protection-bypass';
+export const QUERY_PARAM_PROTECTION_BYPASS_VERCEL = 'x-vercel-protection-bypass';

package/dist/esm/editing/editing-data-middleware.js

@@ -9,7 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import { editingDataDiskCache } from './editing-data-cache';
 import { isEditingData } from './editing-data';
-import { QUERY_PARAM_EDITING_SECRET } from './editing-data-service';
+import { QUERY_PARAM_EDITING_SECRET } from './constants';
 import { getJssEditingSecret } from '../utils/utils';
 /**
  * Middleware / handler for use in the editing data Next.js API dynamic route (e.g. '/api/editing/data/[key]')

package/dist/esm/editing/editing-data-service.js

@@ -7,10 +7,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
+import { QUERY_PARAM_EDITING_SECRET } from './constants';
 import { AxiosDataFetcher, debug } from '@sitecore-jss/sitecore-jss';
 import { editingDataDiskCache } from './editing-data-cache';
 import { getJssEditingSecret } from '../utils/utils';
-export const QUERY_PARAM_EDITING_SECRET = 'secret';
 /**
  * Unique key generator.
  * Need more than just the item GUID since requests are made "live" during editing in EE.
@@ -93,13 +93,14 @@ export class ServerlessEditingDataService {
      * @param {string} serverUrl The server url to use for subsequent data API requests
      * @returns {Promise} The {@link EditingPreviewData} containing the generated key and serverUrl to use for retrieval
      */
-    setEditingData(data, serverUrl) {
+    setEditingData(data, serverUrl, params) {
         return __awaiter(this, void 0, void 0, function* () {
             const key = this.generateKey(data);
-            const url = this.getUrl(serverUrl, key);
+            const url = this.getUrl(serverUrl, key, params);
             const previewData = {
                 key,
                 serverUrl,
+                params,
             };
             debug.editing('storing editing data for %o: %o', previewData, data);
             return this.dataFetcher.put(url, data).then(() => {
@@ -118,20 +119,27 @@ export class ServerlessEditingDataService {
             if (!(editingPreviewData === null || editingPreviewData === void 0 ? void 0 : editingPreviewData.serverUrl)) {
                 return undefined;
             }
-            const url = this.getUrl(editingPreviewData.serverUrl, editingPreviewData.key);
+            const url = this.getUrl(editingPreviewData.serverUrl, editingPreviewData.key, editingPreviewData.params);
             debug.editing('retrieving editing data for %o', previewData);
             return this.dataFetcher.get(url).then((response) => {
                 return response.data;
             });
         });
     }
-    getUrl(serverUrl, key) {
+    getUrl(serverUrl, key, params) {
         var _a;
         // Example URL format:
         //  http://localhost:3000/api/editing/data/52961eea-bafd-5287-a532-a72e36bd8a36-qkb4e3fv5x?secret=1234secret
         const apiRoute = (_a = this.apiRoute) === null || _a === void 0 ? void 0 : _a.replace('[key]', key);
         const url = new URL(apiRoute, serverUrl);
         url.searchParams.append(QUERY_PARAM_EDITING_SECRET, getJssEditingSecret());
+        if (params) {
+            for (const key in params) {
+                if ({}.hasOwnProperty.call(params, key)) {
+                    url.searchParams.append(key, params[key]);
+                }
+            }
+        }
         return url.toString();
     }
 }

package/dist/esm/editing/editing-render-middleware.js

@@ -11,7 +11,8 @@ import { STATIC_PROPS_ID, SERVER_PROPS_ID } from 'next/constants';
 import { AxiosDataFetcher, debug } from '@sitecore-jss/sitecore-jss';
 import { EDITING_COMPONENT_ID, RenderingType } from '@sitecore-jss/sitecore-jss/layout';
 import { parse } from 'node-html-parser';
-import { editingDataService, QUERY_PARAM_EDITING_SECRET, } from './editing-data-service';
+import { editingDataService } from './editing-data-service';
+import { QUERY_PARAM_EDITING_SECRET, QUERY_PARAM_PROTECTION_BYPASS_SITECORE, QUERY_PARAM_PROTECTION_BYPASS_VERCEL, } from './constants';
 import { getJssEditingSecret } from '../utils/utils';
 /**
  * Middleware / handler for use in the editing render Next.js API route (e.g. '/api/editing/render')
@@ -23,6 +24,21 @@ export class EditingRenderMiddleware {
      */
     constructor(config) {
         var _a, _b, _c, _d;
+        /**
+         * Gets query parameters that should be passed along to subsequent requests
+         * @param query Object of query parameters from incoming URL
+         * @returns Object of approved query parameters
+         */
+        this.getQueryParamsForPropagation = (query) => {
+            const params = {};
+            if (query[QUERY_PARAM_PROTECTION_BYPASS_SITECORE]) {
+                params[QUERY_PARAM_PROTECTION_BYPASS_SITECORE] = query[QUERY_PARAM_PROTECTION_BYPASS_SITECORE];
+            }
+            if (query[QUERY_PARAM_PROTECTION_BYPASS_VERCEL]) {
+                params[QUERY_PARAM_PROTECTION_BYPASS_VERCEL] = query[QUERY_PARAM_PROTECTION_BYPASS_VERCEL];
+            }
+            return params;
+        };
         this.handler = (req, res) => __awaiter(this, void 0, void 0, function* () {
             var _e, _f;
             const { method, query, body, headers } = req;
@@ -53,21 +69,28 @@ export class EditingRenderMiddleware {
                 const editingData = extractEditingData(req);
                 // Resolve server URL
                 const serverUrl = this.resolveServerUrl(req);
+                // Get query string parameters to propagate on subsequent requests (e.g. for deployment protection bypass)
+                const params = this.getQueryParamsForPropagation(query);
                 // Stash for use later on (i.e. within getStatic/ServerSideProps).
                 // Note we can't set this directly in setPreviewData since it's stored as a cookie (2KB limit)
                 // https://nextjs.org/docs/advanced-features/preview-mode#previewdata-size-limits)
-                const previewData = yield this.editingDataService.setEditingData(editingData, serverUrl);
+                const previewData = yield this.editingDataService.setEditingData(editingData, serverUrl, params);
                 // Enable Next.js Preview Mode, passing our preview data (i.e. editingData cache key)
                 res.setPreviewData(previewData);
                 // Grab the Next.js preview cookies to send on to the render request
                 const cookies = res.getHeader('Set-Cookie');
-                // Make actual render request for page route, passing on preview cookies.
+                // Make actual render request for page route, passing on preview cookies as well as any approved query string parameters.
                 // Note timestamp effectively disables caching the request in Axios (no amount of cache headers seemed to do it)
-                const requestUrl = this.resolvePageUrl(serverUrl, editingData.path);
                 debug.editing('fetching page route for %s', editingData.path);
-                const queryStringCharacter = requestUrl.indexOf('?') === -1 ? '?' : '&';
+                const requestUrl = new URL(this.resolvePageUrl(serverUrl, editingData.path));
+                for (const key in params) {
+                    if ({}.hasOwnProperty.call(params, key)) {
+                        requestUrl.searchParams.append(key, params[key]);
+                    }
+                }
+                requestUrl.searchParams.append('timestamp', Date.now().toString());
                 const pageRes = yield this.dataFetcher
-                    .get(`${requestUrl}${queryStringCharacter}timestamp=${Date.now()}`, {
+                    .get(requestUrl.toString(), {
                     headers: {
                         Cookie: cookies.join(';'),
                     },
@@ -82,7 +105,7 @@ export class EditingRenderMiddleware {
                 });
                 let html = pageRes.data;
                 if (!html || html.length === 0) {
-                    throw new Error(`Failed to render html for ${requestUrl}`);
+                    throw new Error(`Failed to render html for ${editingData.path}`);
                 }
                 // replace phkey attribute with key attribute so that newly added renderings
                 // show correct placeholders, so save and refresh won't be needed after adding each rendering
@@ -98,7 +121,7 @@ export class EditingRenderMiddleware {
                     // Handle component rendering. Extract component markup only
                     html = (_f = parse(html).getElementById(EDITING_COMPONENT_ID)) === null || _f === void 0 ? void 0 : _f.innerHTML;
                     if (!html)
-                        throw new Error(`Failed to render component for ${requestUrl}`);
+                        throw new Error(`Failed to render component for ${editingData.path}`);
                 }
                 const body = { html };
                 // Return expected JSON result

package/dist/esm/graphql/index.js

@@ -0,0 +1 @@
+export { GraphQLRequestClient, getEdgeProxyContentUrl, } from '@sitecore-jss/sitecore-jss/graphql';

package/dist/esm/index.js

@@ -1,6 +1,7 @@
 export { constants, AxiosDataFetcher, NativeDataFetcher, enableDebug, debug, } from '@sitecore-jss/sitecore-jss';
 // we will remove the root exports for these later
 // we cannot mark exports as deprected directly, so we're using this hack instead
+import { GraphQLRequestClient as GraphQLRequestClientDep } from './graphql';
 import { isEditorActive as isEditorActiveDep, resetEditorChromes as resetEditorChromesDep, resolveUrl as resolveUrlDep, tryParseEnvValue as tryParseEnvValueDep, } from '@sitecore-jss/sitecore-jss/utils';
 import { handleEditorFastRefresh as handleEditorFastRefreshDep, getPublicUrl as getPublicUrlDep, } from './utils';
 /** @deprecated use import from '@sitecore-jss/sitecore-jss-nextjs/utils' instead */
@@ -12,6 +13,11 @@ const { isEditorActiveDep: isEditorActive, resetEditorChromesDep: resetEditorChr
     handleEditorFastRefreshDep,
     getPublicUrlDep,
 };
+/** @deprecated use import from '@sitecore-jss/sitecore-jss-nextjs/graphql' instead */
+const { GraphQLRequestClientDep: GraphQLRequestClient } = {
+    GraphQLRequestClientDep,
+};
+export { GraphQLRequestClient };
 export { handleEditorFastRefresh, getPublicUrl };
 export { isEditorActive, resetEditorChromes, resolveUrl, tryParseEnvValue };
 export { LayoutServicePageState, GraphQLLayoutService, RestLayoutService, getChildPlaceholder, getFieldValue, RenderingType, EDITING_COMPONENT_PLACEHOLDER, EDITING_COMPONENT_ID, } from '@sitecore-jss/sitecore-jss/layout';
@@ -19,7 +25,6 @@ export { mediaApi } from '@sitecore-jss/sitecore-jss/media';
 export { trackingApi, } from '@sitecore-jss/sitecore-jss/tracking';
 export { GraphQLDictionaryService, RestDictionaryService, } from '@sitecore-jss/sitecore-jss/i18n';
 export { personalizeLayout, getPersonalizedRewrite, getPersonalizedRewriteData, normalizePersonalizedRewrite, CdpHelper, PosResolver, } from '@sitecore-jss/sitecore-jss/personalize';
-export { GraphQLRequestClient } from '@sitecore-jss/sitecore-jss';
 export { ComponentPropsService } from './services/component-props-service';
 export { DisconnectedSitemapService } from './services/disconnected-sitemap-service';
 export { GraphQLSitemapService, } from './services/graphql-sitemap-service';

package/dist/esm/services/base-graphql-sitemap-service.js

@@ -7,7 +7,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-import { GraphQLRequestClient } from '@sitecore-jss/sitecore-jss/graphql';
+import { GraphQLRequestClient, } from '@sitecore-jss/sitecore-jss/graphql';
 import { debug } from '@sitecore-jss/sitecore-jss';
 import { getPersonalizedRewrite } from '@sitecore-jss/sitecore-jss/personalize';
 /** @private */
@@ -191,6 +191,14 @@ export class BaseGraphQLSitemapService {
      * @returns {GraphQLClient} implementation
      */
     getGraphQLClient() {
+        if (!this.options.endpoint) {
+            if (!this.options.clientFactory) {
+                throw new Error('You should provide either an endpoint and apiKey, or a clientFactory.');
+            }
+            return this.options.clientFactory({
+                debugger: debug.sitemap,
+            });
+        }
         return new GraphQLRequestClient(this.options.endpoint, {
             apiKey: this.options.apiKey,
             debugger: debug.sitemap,

package/graphql.d.ts

@@ -0,0 +1 @@
+export * from './types/graphql/index';

package/graphql.js

@@ -0,0 +1 @@
+module.exports = require('./dist/cjs/graphql/index');

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sitecore-jss/sitecore-jss-nextjs",
-  "version": "21.6.0-canary.22",
+  "version": "21.6.0-canary.23",
   "main": "dist/cjs/index.js",
   "module": "dist/esm/index.js",
   "sideEffects": false,
@@ -72,9 +72,9 @@
     "react-dom": "^18.2.0"
   },
   "dependencies": {
-    "@sitecore-jss/sitecore-jss": "^21.6.0-canary.22",
-    "@sitecore-jss/sitecore-jss-dev-tools": "^21.6.0-canary.22",
-    "@sitecore-jss/sitecore-jss-react": "^21.6.0-canary.22",
+    "@sitecore-jss/sitecore-jss": "^21.6.0-canary.23",
+    "@sitecore-jss/sitecore-jss-dev-tools": "^21.6.0-canary.23",
+    "@sitecore-jss/sitecore-jss-react": "^21.6.0-canary.23",
     "@vercel/kv": "^0.2.1",
     "node-html-parser": "^6.1.4",
     "prop-types": "^15.8.1",
@@ -83,7 +83,7 @@
   },
   "description": "",
   "types": "types/index.d.ts",
-  "gitHead": "4f902b49bd406cec630749bb1b192c3e3370a0a3",
+  "gitHead": "4377bed9deb0cbc8d0c86cd2462a48505194f5f2",
   "files": [
     "dist",
     "types",

package/types/ComponentBuilder.d.ts

@@ -1,3 +1,4 @@
+/// <reference types="@types/react" />
 import { ComponentFactory } from '@sitecore-jss/sitecore-jss-react';
 import { Module, ModuleFactory } from './sharedTypes/module-factory';
 import { ComponentType } from 'react';

package/types/components/ComponentPropsContext.d.ts

@@ -1,3 +1,4 @@
+/// <reference types="@types/react" />
 import React, { ReactNode } from 'react';
 import { ComponentPropsCollection } from '../sharedTypes/component-props';
 /**

package/types/components/Link.d.ts

@@ -1,3 +1,4 @@
+/// <reference types="@types/react" />
 import React from 'react';
 import { LinkProps as ReactLinkProps } from '@sitecore-jss/sitecore-jss-react';
 export type LinkProps = ReactLinkProps & {

package/types/components/NextImage.d.ts

@@ -1,3 +1,4 @@
+/// <reference types="@types/react" />
 import React from 'react';
 import { ImageProps } from '@sitecore-jss/sitecore-jss-react';
 import { ImageLoader, ImageProps as NextImageProperties } from 'next/image';

package/types/components/Placeholder.d.ts

@@ -1,3 +1,4 @@
+/// <reference types="@types/react" />
 import React from 'react';
 import { PlaceholderComponentProps } from '@sitecore-jss/sitecore-jss-react';
 export declare const Placeholder: (props: PlaceholderComponentProps) => React.JSX.Element;

package/types/editing/constants.d.ts

@@ -0,0 +1,3 @@
+export declare const QUERY_PARAM_EDITING_SECRET = "secret";
+export declare const QUERY_PARAM_PROTECTION_BYPASS_SITECORE = "x-sitecore-protection-bypass";
+export declare const QUERY_PARAM_PROTECTION_BYPASS_VERCEL = "x-vercel-protection-bypass";

package/types/editing/editing-data-service.d.ts

@@ -2,13 +2,15 @@ import { AxiosDataFetcher } from '@sitecore-jss/sitecore-jss';
 import { EditingData } from './editing-data';
 import { EditingDataCache } from './editing-data-cache';
 import { PreviewData } from 'next';
-export declare const QUERY_PARAM_EDITING_SECRET = "secret";
 /**
  * Data for Next.js Preview (Editing) mode
  */
 export interface EditingPreviewData {
     key: string;
     serverUrl?: string;
+    params?: {
+        [key: string]: string;
+    };
 }
 /**
  * Defines an editing data service implementation
@@ -20,7 +22,9 @@ export interface EditingDataService {
      * @param {string} serverUrl The server url e.g. which can be used for further API requests
      * @returns The {@link EditingPreviewData} containing the information to use for retrieval
      */
-    setEditingData(data: EditingData, serverUrl: string): Promise<EditingPreviewData>;
+    setEditingData(data: EditingData, serverUrl: string, params?: {
+        [key: string]: string;
+    }): Promise<EditingPreviewData>;
     /**
      * Retrieves Sitecore editor payload data
      * @param {PreviewData} previewData Editing preview data containing the information to use for retrieval
@@ -107,14 +111,18 @@ export declare class ServerlessEditingDataService implements EditingDataService
      * @param {string} serverUrl The server url to use for subsequent data API requests
      * @returns {Promise} The {@link EditingPreviewData} containing the generated key and serverUrl to use for retrieval
      */
-    setEditingData(data: EditingData, serverUrl: string): Promise<EditingPreviewData>;
+    setEditingData(data: EditingData, serverUrl: string, params?: {
+        [key: string]: string;
+    }): Promise<EditingPreviewData>;
     /**
      * Retrieves Sitecore editor payload data by key
      * @param {PreviewData} previewData Editing preview data containing the key and serverUrl to use for retrieval
      * @returns {Promise} The {@link EditingData}
      */
     getEditingData(previewData: PreviewData): Promise<EditingData | undefined>;
-    protected getUrl(serverUrl: string, key: string): string;
+    protected getUrl(serverUrl: string, key: string, params?: {
+        [key: string]: string;
+    }): string;
 }
 /**
  * The `EditingDataService` default instance.

package/types/editing/editing-render-middleware.d.ts

@@ -55,6 +55,16 @@ export declare class EditingRenderMiddleware {
      * @returns route handler
      */
     getHandler(): (req: NextApiRequest, res: NextApiResponse) => Promise<void>;
+    /**
+     * Gets query parameters that should be passed along to subsequent requests
+     * @param query Object of query parameters from incoming URL
+     * @returns Object of approved query parameters
+     */
+    protected getQueryParamsForPropagation: (query: Partial<{
+        [key: string]: string | string[];
+    }>) => {
+        [key: string]: string;
+    };
     private handler;
     /**
      * Default page URL resolution.

package/types/graphql/index.d.ts

@@ -0,0 +1 @@
+export { GraphQLRequestClient, GraphQLRequestClientFactory, GraphQLRequestClientFactoryConfig, getEdgeProxyContentUrl, } from '@sitecore-jss/sitecore-jss/graphql';

package/types/index.d.ts

@@ -1,7 +1,11 @@
 export { constants, HttpDataFetcher, HttpResponse, AxiosResponse, AxiosDataFetcher, AxiosDataFetcherConfig, NativeDataFetcher, NativeDataFetcherConfig, HTMLLink, enableDebug, debug, } from '@sitecore-jss/sitecore-jss';
+import { GraphQLRequestClient as GraphQLRequestClientDep } from './graphql';
 import { resolveUrl as resolveUrlDep } from '@sitecore-jss/sitecore-jss/utils';
 /** @deprecated use import from '@sitecore-jss/sitecore-jss-nextjs/utils' instead */
 declare const isEditorActive: () => boolean, resetEditorChromes: () => void, resolveUrl: typeof resolveUrlDep, tryParseEnvValue: <T>(envValue: string | undefined, defaultValue: T) => T, handleEditorFastRefresh: (forceReload?: boolean) => void, getPublicUrl: () => string;
+/** @deprecated use import from '@sitecore-jss/sitecore-jss-nextjs/graphql' instead */
+declare const GraphQLRequestClient: typeof GraphQLRequestClientDep;
+export { GraphQLRequestClient };
 export { handleEditorFastRefresh, getPublicUrl };
 export { isEditorActive, resetEditorChromes, resolveUrl, tryParseEnvValue };
 export { LayoutService, LayoutServiceData, LayoutServicePageState, LayoutServiceContext, LayoutServiceContextData, GraphQLLayoutService, GraphQLLayoutServiceConfig, RestLayoutService, RestLayoutServiceConfig, PlaceholderData, PlaceholdersData, RouteData, Field, Item, HtmlElementRendering, getChildPlaceholder, getFieldValue, ComponentRendering, ComponentFields, ComponentParams, RenderingType, EDITING_COMPONENT_PLACEHOLDER, EDITING_COMPONENT_ID, } from '@sitecore-jss/sitecore-jss/layout';
@@ -9,7 +13,6 @@ export { mediaApi } from '@sitecore-jss/sitecore-jss/media';
 export { trackingApi, TrackingRequestOptions, CampaignInstance, GoalInstance, OutcomeInstance, EventInstance, PageViewInstance, } from '@sitecore-jss/sitecore-jss/tracking';
 export { DictionaryPhrases, DictionaryService, GraphQLDictionaryService, GraphQLDictionaryServiceConfig, RestDictionaryService, RestDictionaryServiceConfig, } from '@sitecore-jss/sitecore-jss/i18n';
 export { personalizeLayout, getPersonalizedRewrite, getPersonalizedRewriteData, normalizePersonalizedRewrite, CdpHelper, PosResolver, } from '@sitecore-jss/sitecore-jss/personalize';
-export { GraphQLRequestClient } from '@sitecore-jss/sitecore-jss';
 export { ComponentPropsCollection, ComponentPropsError, GetStaticComponentProps, GetServerSideComponentProps, } from './sharedTypes/component-props';
 export { ModuleFactory, Module } from './sharedTypes/module-factory';
 export { ComponentPropsService } from './services/component-props-service';

package/types/services/base-graphql-sitemap-service.d.ts

@@ -1,4 +1,4 @@
-import { GraphQLClient, PageInfo } from '@sitecore-jss/sitecore-jss/graphql';
+import { GraphQLClient, GraphQLRequestClientFactory, PageInfo } from '@sitecore-jss/sitecore-jss/graphql';
 /** @private */
 export declare const languageError = "The list of languages cannot be empty";
 export declare const siteError = "The service needs a site name";
@@ -68,17 +68,24 @@ export type RouteListQueryResult = {
 export interface BaseGraphQLSitemapServiceConfig extends Omit<SiteRouteQueryVariables, 'language' | 'siteName'> {
     /**
      * Your Graphql endpoint
+     * @deprecated use @param clientFactory property instead
      */
-    endpoint: string;
+    endpoint?: string;
     /**
      * The API key to use for authentication.
+     * @deprecated use @param clientFactory property instead
      */
-    apiKey: string;
+    apiKey?: string;
     /**
      * A flag for whether to include personalized routes in service output - only works on XM Cloud
      * turned off by default
      */
     includePersonalizedRoutes?: boolean;
+    /**
+     * A GraphQL Request Client Factory is a function that accepts configuration and returns an instance of a GraphQLRequestClient.
+     * This factory function is used to create and configure GraphQL clients for making GraphQL API requests.
+     */
+    clientFactory?: GraphQLRequestClientFactory;
 }
 /**
  * Object model of a site page item.

package/types/sharedTypes/module-factory.d.ts

@@ -1,3 +1,4 @@
+/// <reference types="@types/react" />
 import { ComponentType } from 'react';
 import { GetServerSideComponentProps, GetStaticComponentProps } from './component-props';
 /**