@sitecore-jss/sitecore-jss-nextjs 22.1.0-canary.12 → 22.1.0-canary.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/editing/constants.js +2 -1
- package/dist/cjs/editing/editing-config-middleware.js +5 -0
- package/dist/cjs/editing/editing-data-middleware.js +6 -0
- package/dist/cjs/editing/editing-render-middleware.js +10 -3
- package/dist/cjs/editing/feaas-render-middleware.js +8 -0
- package/dist/esm/editing/constants.js +1 -0
- package/dist/esm/editing/editing-config-middleware.js +6 -1
- package/dist/esm/editing/editing-data-middleware.js +7 -1
- package/dist/esm/editing/editing-render-middleware.js +11 -4
- package/dist/esm/editing/feaas-render-middleware.js +9 -1
- package/package.json +5 -5
- package/types/editing/constants.d.ts +1 -0
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.QUERY_PARAM_PROTECTION_BYPASS_VERCEL = exports.QUERY_PARAM_PROTECTION_BYPASS_SITECORE = exports.QUERY_PARAM_EDITING_SECRET = void 0;
|
|
3
|
+
exports.EDITING_ALLOWED_ORIGINS = exports.QUERY_PARAM_PROTECTION_BYPASS_VERCEL = exports.QUERY_PARAM_PROTECTION_BYPASS_SITECORE = exports.QUERY_PARAM_EDITING_SECRET = void 0;
|
|
4
4
|
exports.QUERY_PARAM_EDITING_SECRET = 'secret';
|
|
5
5
|
exports.QUERY_PARAM_PROTECTION_BYPASS_SITECORE = 'x-sitecore-protection-bypass';
|
|
6
6
|
exports.QUERY_PARAM_PROTECTION_BYPASS_VERCEL = 'x-vercel-protection-bypass';
|
|
7
|
+
exports.EDITING_ALLOWED_ORIGINS = ['https://pages*.cloud/', 'https://pages.sitecorecloud.io/'];
|
|
@@ -13,6 +13,7 @@ exports.EditingConfigMiddleware = void 0;
|
|
|
13
13
|
const constants_1 = require("./constants");
|
|
14
14
|
const utils_1 = require("../utils/utils");
|
|
15
15
|
const sitecore_jss_1 = require("@sitecore-jss/sitecore-jss");
|
|
16
|
+
const utils_2 = require("@sitecore-jss/sitecore-jss/utils");
|
|
16
17
|
/**
|
|
17
18
|
* Middleware / handler used in the editing config API route in xmcloud add on (e.g. '/api/editing/config')
|
|
18
19
|
* provides configuration information to determine feature compatibility on Pages side.
|
|
@@ -25,6 +26,10 @@ class EditingConfigMiddleware {
|
|
|
25
26
|
this.config = config;
|
|
26
27
|
this.handler = (_req, res) => __awaiter(this, void 0, void 0, function* () {
|
|
27
28
|
const secret = _req.query[constants_1.QUERY_PARAM_EDITING_SECRET];
|
|
29
|
+
if (!(0, utils_2.enforceCors)(_req, res, constants_1.EDITING_ALLOWED_ORIGINS)) {
|
|
30
|
+
sitecore_jss_1.debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
|
|
31
|
+
return res.status(401).json({ message: 'Invalid origin' });
|
|
32
|
+
}
|
|
28
33
|
if (secret !== (0, utils_1.getJssEditingSecret)()) {
|
|
29
34
|
sitecore_jss_1.debug.editing('invalid editing secret - sent "%s" expected "%s"', secret, (0, utils_1.getJssEditingSecret)());
|
|
30
35
|
return res.status(401).json({ message: 'Missing or invalid editing secret' });
|
|
@@ -14,6 +14,8 @@ const editing_data_cache_1 = require("./editing-data-cache");
|
|
|
14
14
|
const editing_data_1 = require("./editing-data");
|
|
15
15
|
const constants_1 = require("./constants");
|
|
16
16
|
const utils_1 = require("../utils/utils");
|
|
17
|
+
const utils_2 = require("@sitecore-jss/sitecore-jss/utils");
|
|
18
|
+
const sitecore_jss_1 = require("@sitecore-jss/sitecore-jss");
|
|
17
19
|
/**
|
|
18
20
|
* Middleware / handler for use in the editing data Next.js API dynamic route (e.g. '/api/editing/data/[key]')
|
|
19
21
|
* which is required for Sitecore editing support.
|
|
@@ -28,6 +30,10 @@ class EditingDataMiddleware {
|
|
|
28
30
|
const { method, query, body } = req;
|
|
29
31
|
const secret = query[constants_1.QUERY_PARAM_EDITING_SECRET];
|
|
30
32
|
const key = query[this.queryParamKey];
|
|
33
|
+
if (!(0, utils_2.enforceCors)(req, res, constants_1.EDITING_ALLOWED_ORIGINS)) {
|
|
34
|
+
sitecore_jss_1.debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
|
|
35
|
+
return res.status(401).json({ message: 'Invalid origin' });
|
|
36
|
+
}
|
|
31
37
|
// Validate secret
|
|
32
38
|
if (secret !== (0, utils_1.getJssEditingSecret)()) {
|
|
33
39
|
res.status(401).end('Missing or invalid secret');
|
|
@@ -18,6 +18,7 @@ const editing_data_service_1 = require("./editing-data-service");
|
|
|
18
18
|
const constants_2 = require("./constants");
|
|
19
19
|
const utils_1 = require("../utils/utils");
|
|
20
20
|
const render_middleware_1 = require("./render-middleware");
|
|
21
|
+
const utils_2 = require("@sitecore-jss/sitecore-jss/utils");
|
|
21
22
|
/**
|
|
22
23
|
* Middleware / handler for use in the editing render Next.js API route (e.g. '/api/editing/render')
|
|
23
24
|
* which is required for Sitecore editing support.
|
|
@@ -30,7 +31,7 @@ class EditingRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
|
|
|
30
31
|
var _a, _b, _c, _d;
|
|
31
32
|
super();
|
|
32
33
|
this.handler = (req, res) => __awaiter(this, void 0, void 0, function* () {
|
|
33
|
-
var _e, _f;
|
|
34
|
+
var _e, _f, _g;
|
|
34
35
|
const { method, query, body, headers } = req;
|
|
35
36
|
const startTimestamp = Date.now();
|
|
36
37
|
sitecore_jss_1.debug.editing('editing render middleware start: %o', {
|
|
@@ -39,6 +40,12 @@ class EditingRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
|
|
|
39
40
|
headers,
|
|
40
41
|
body,
|
|
41
42
|
});
|
|
43
|
+
if (!(0, utils_2.enforceCors)(req, res, constants_2.EDITING_ALLOWED_ORIGINS)) {
|
|
44
|
+
sitecore_jss_1.debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
|
|
45
|
+
return res.status(401).json({
|
|
46
|
+
html: `<html><body>Requests from origin ${(_e = req.headers) === null || _e === void 0 ? void 0 : _e.origin} not allowed</body></html>`,
|
|
47
|
+
});
|
|
48
|
+
}
|
|
42
49
|
if (method !== 'POST') {
|
|
43
50
|
sitecore_jss_1.debug.editing('invalid method - sent %s expected POST', method);
|
|
44
51
|
res.setHeader('Allow', 'POST');
|
|
@@ -47,7 +54,7 @@ class EditingRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
|
|
|
47
54
|
});
|
|
48
55
|
}
|
|
49
56
|
// Validate secret
|
|
50
|
-
const secret = (
|
|
57
|
+
const secret = (_f = query[constants_2.QUERY_PARAM_EDITING_SECRET]) !== null && _f !== void 0 ? _f : body === null || body === void 0 ? void 0 : body.jssEditingSecret;
|
|
51
58
|
if (secret !== (0, utils_1.getJssEditingSecret)()) {
|
|
52
59
|
sitecore_jss_1.debug.editing('invalid editing secret - sent "%s" expected "%s"', secret, (0, utils_1.getJssEditingSecret)());
|
|
53
60
|
return res.status(401).json({
|
|
@@ -109,7 +116,7 @@ class EditingRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
|
|
|
109
116
|
html = html.replace(constants_1.STATIC_PROPS_ID, constants_1.SERVER_PROPS_ID);
|
|
110
117
|
if (editingData.layoutData.sitecore.context.renderingType === layout_1.RenderingType.Component) {
|
|
111
118
|
// Handle component rendering. Extract component markup only
|
|
112
|
-
html = (
|
|
119
|
+
html = (_g = (0, node_html_parser_1.parse)(html).getElementById(layout_1.EDITING_COMPONENT_ID)) === null || _g === void 0 ? void 0 : _g.innerHTML;
|
|
113
120
|
if (!html)
|
|
114
121
|
throw new Error(`Failed to render component for ${editingData.path}`);
|
|
115
122
|
}
|
|
@@ -14,6 +14,7 @@ const sitecore_jss_1 = require("@sitecore-jss/sitecore-jss");
|
|
|
14
14
|
const constants_1 = require("./constants");
|
|
15
15
|
const utils_1 = require("../utils/utils");
|
|
16
16
|
const render_middleware_1 = require("./render-middleware");
|
|
17
|
+
const utils_2 = require("@sitecore-jss/sitecore-jss/utils");
|
|
17
18
|
/**
|
|
18
19
|
* Middleware / handler for use in the feaas render Next.js API route (e.g. '/api/editing/feaas/render')
|
|
19
20
|
* which is required for Sitecore editing support.
|
|
@@ -28,6 +29,7 @@ class FEAASRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
|
|
|
28
29
|
this.config = config;
|
|
29
30
|
this.defaultPageUrl = '/feaas/render';
|
|
30
31
|
this.handler = (req, res) => __awaiter(this, void 0, void 0, function* () {
|
|
32
|
+
var _b;
|
|
31
33
|
const { method, query, headers } = req;
|
|
32
34
|
const startTimestamp = Date.now();
|
|
33
35
|
sitecore_jss_1.debug.editing('feaas render middleware start: %o', {
|
|
@@ -35,6 +37,12 @@ class FEAASRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
|
|
|
35
37
|
query,
|
|
36
38
|
headers,
|
|
37
39
|
});
|
|
40
|
+
if (!(0, utils_2.enforceCors)(req, res, constants_1.EDITING_ALLOWED_ORIGINS)) {
|
|
41
|
+
sitecore_jss_1.debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
|
|
42
|
+
return res
|
|
43
|
+
.status(401)
|
|
44
|
+
.send(`<html><body>Requests from origin ${(_b = req.headers) === null || _b === void 0 ? void 0 : _b.origin} are not allowed</body></html>`);
|
|
45
|
+
}
|
|
38
46
|
if (method !== 'GET') {
|
|
39
47
|
sitecore_jss_1.debug.editing('invalid method - sent %s expected GET', method);
|
|
40
48
|
res.setHeader('Allow', 'GET');
|
|
@@ -1,3 +1,4 @@
|
|
|
1
1
|
export const QUERY_PARAM_EDITING_SECRET = 'secret';
|
|
2
2
|
export const QUERY_PARAM_PROTECTION_BYPASS_SITECORE = 'x-sitecore-protection-bypass';
|
|
3
3
|
export const QUERY_PARAM_PROTECTION_BYPASS_VERCEL = 'x-vercel-protection-bypass';
|
|
4
|
+
export const EDITING_ALLOWED_ORIGINS = ['https://pages*.cloud/', 'https://pages.sitecorecloud.io/'];
|
|
@@ -7,9 +7,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
7
7
|
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
8
|
});
|
|
9
9
|
};
|
|
10
|
-
import { QUERY_PARAM_EDITING_SECRET } from './constants';
|
|
10
|
+
import { EDITING_ALLOWED_ORIGINS, QUERY_PARAM_EDITING_SECRET } from './constants';
|
|
11
11
|
import { getJssEditingSecret } from '../utils/utils';
|
|
12
12
|
import { debug } from '@sitecore-jss/sitecore-jss';
|
|
13
|
+
import { enforceCors } from '@sitecore-jss/sitecore-jss/utils';
|
|
13
14
|
/**
|
|
14
15
|
* Middleware / handler used in the editing config API route in xmcloud add on (e.g. '/api/editing/config')
|
|
15
16
|
* provides configuration information to determine feature compatibility on Pages side.
|
|
@@ -22,6 +23,10 @@ export class EditingConfigMiddleware {
|
|
|
22
23
|
this.config = config;
|
|
23
24
|
this.handler = (_req, res) => __awaiter(this, void 0, void 0, function* () {
|
|
24
25
|
const secret = _req.query[QUERY_PARAM_EDITING_SECRET];
|
|
26
|
+
if (!enforceCors(_req, res, EDITING_ALLOWED_ORIGINS)) {
|
|
27
|
+
debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
|
|
28
|
+
return res.status(401).json({ message: 'Invalid origin' });
|
|
29
|
+
}
|
|
25
30
|
if (secret !== getJssEditingSecret()) {
|
|
26
31
|
debug.editing('invalid editing secret - sent "%s" expected "%s"', secret, getJssEditingSecret());
|
|
27
32
|
return res.status(401).json({ message: 'Missing or invalid editing secret' });
|
|
@@ -9,8 +9,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
9
9
|
};
|
|
10
10
|
import { editingDataDiskCache } from './editing-data-cache';
|
|
11
11
|
import { isEditingData } from './editing-data';
|
|
12
|
-
import { QUERY_PARAM_EDITING_SECRET } from './constants';
|
|
12
|
+
import { EDITING_ALLOWED_ORIGINS, QUERY_PARAM_EDITING_SECRET } from './constants';
|
|
13
13
|
import { getJssEditingSecret } from '../utils/utils';
|
|
14
|
+
import { enforceCors } from '@sitecore-jss/sitecore-jss/utils';
|
|
15
|
+
import { debug } from '@sitecore-jss/sitecore-jss';
|
|
14
16
|
/**
|
|
15
17
|
* Middleware / handler for use in the editing data Next.js API dynamic route (e.g. '/api/editing/data/[key]')
|
|
16
18
|
* which is required for Sitecore editing support.
|
|
@@ -25,6 +27,10 @@ export class EditingDataMiddleware {
|
|
|
25
27
|
const { method, query, body } = req;
|
|
26
28
|
const secret = query[QUERY_PARAM_EDITING_SECRET];
|
|
27
29
|
const key = query[this.queryParamKey];
|
|
30
|
+
if (!enforceCors(req, res, EDITING_ALLOWED_ORIGINS)) {
|
|
31
|
+
debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
|
|
32
|
+
return res.status(401).json({ message: 'Invalid origin' });
|
|
33
|
+
}
|
|
28
34
|
// Validate secret
|
|
29
35
|
if (secret !== getJssEditingSecret()) {
|
|
30
36
|
res.status(401).end('Missing or invalid secret');
|
|
@@ -12,9 +12,10 @@ import { AxiosDataFetcher, debug } from '@sitecore-jss/sitecore-jss';
|
|
|
12
12
|
import { EDITING_COMPONENT_ID, RenderingType } from '@sitecore-jss/sitecore-jss/layout';
|
|
13
13
|
import { parse } from 'node-html-parser';
|
|
14
14
|
import { editingDataService } from './editing-data-service';
|
|
15
|
-
import { QUERY_PARAM_EDITING_SECRET } from './constants';
|
|
15
|
+
import { EDITING_ALLOWED_ORIGINS, QUERY_PARAM_EDITING_SECRET } from './constants';
|
|
16
16
|
import { getJssEditingSecret } from '../utils/utils';
|
|
17
17
|
import { RenderMiddlewareBase } from './render-middleware';
|
|
18
|
+
import { enforceCors } from '@sitecore-jss/sitecore-jss/utils';
|
|
18
19
|
/**
|
|
19
20
|
* Middleware / handler for use in the editing render Next.js API route (e.g. '/api/editing/render')
|
|
20
21
|
* which is required for Sitecore editing support.
|
|
@@ -27,7 +28,7 @@ export class EditingRenderMiddleware extends RenderMiddlewareBase {
|
|
|
27
28
|
var _a, _b, _c, _d;
|
|
28
29
|
super();
|
|
29
30
|
this.handler = (req, res) => __awaiter(this, void 0, void 0, function* () {
|
|
30
|
-
var _e, _f;
|
|
31
|
+
var _e, _f, _g;
|
|
31
32
|
const { method, query, body, headers } = req;
|
|
32
33
|
const startTimestamp = Date.now();
|
|
33
34
|
debug.editing('editing render middleware start: %o', {
|
|
@@ -36,6 +37,12 @@ export class EditingRenderMiddleware extends RenderMiddlewareBase {
|
|
|
36
37
|
headers,
|
|
37
38
|
body,
|
|
38
39
|
});
|
|
40
|
+
if (!enforceCors(req, res, EDITING_ALLOWED_ORIGINS)) {
|
|
41
|
+
debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
|
|
42
|
+
return res.status(401).json({
|
|
43
|
+
html: `<html><body>Requests from origin ${(_e = req.headers) === null || _e === void 0 ? void 0 : _e.origin} not allowed</body></html>`,
|
|
44
|
+
});
|
|
45
|
+
}
|
|
39
46
|
if (method !== 'POST') {
|
|
40
47
|
debug.editing('invalid method - sent %s expected POST', method);
|
|
41
48
|
res.setHeader('Allow', 'POST');
|
|
@@ -44,7 +51,7 @@ export class EditingRenderMiddleware extends RenderMiddlewareBase {
|
|
|
44
51
|
});
|
|
45
52
|
}
|
|
46
53
|
// Validate secret
|
|
47
|
-
const secret = (
|
|
54
|
+
const secret = (_f = query[QUERY_PARAM_EDITING_SECRET]) !== null && _f !== void 0 ? _f : body === null || body === void 0 ? void 0 : body.jssEditingSecret;
|
|
48
55
|
if (secret !== getJssEditingSecret()) {
|
|
49
56
|
debug.editing('invalid editing secret - sent "%s" expected "%s"', secret, getJssEditingSecret());
|
|
50
57
|
return res.status(401).json({
|
|
@@ -106,7 +113,7 @@ export class EditingRenderMiddleware extends RenderMiddlewareBase {
|
|
|
106
113
|
html = html.replace(STATIC_PROPS_ID, SERVER_PROPS_ID);
|
|
107
114
|
if (editingData.layoutData.sitecore.context.renderingType === RenderingType.Component) {
|
|
108
115
|
// Handle component rendering. Extract component markup only
|
|
109
|
-
html = (
|
|
116
|
+
html = (_g = parse(html).getElementById(EDITING_COMPONENT_ID)) === null || _g === void 0 ? void 0 : _g.innerHTML;
|
|
110
117
|
if (!html)
|
|
111
118
|
throw new Error(`Failed to render component for ${editingData.path}`);
|
|
112
119
|
}
|
|
@@ -8,9 +8,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
8
8
|
});
|
|
9
9
|
};
|
|
10
10
|
import { debug } from '@sitecore-jss/sitecore-jss';
|
|
11
|
-
import { QUERY_PARAM_EDITING_SECRET } from './constants';
|
|
11
|
+
import { EDITING_ALLOWED_ORIGINS, QUERY_PARAM_EDITING_SECRET } from './constants';
|
|
12
12
|
import { getJssEditingSecret } from '../utils/utils';
|
|
13
13
|
import { RenderMiddlewareBase } from './render-middleware';
|
|
14
|
+
import { enforceCors } from '@sitecore-jss/sitecore-jss/utils';
|
|
14
15
|
/**
|
|
15
16
|
* Middleware / handler for use in the feaas render Next.js API route (e.g. '/api/editing/feaas/render')
|
|
16
17
|
* which is required for Sitecore editing support.
|
|
@@ -25,6 +26,7 @@ export class FEAASRenderMiddleware extends RenderMiddlewareBase {
|
|
|
25
26
|
this.config = config;
|
|
26
27
|
this.defaultPageUrl = '/feaas/render';
|
|
27
28
|
this.handler = (req, res) => __awaiter(this, void 0, void 0, function* () {
|
|
29
|
+
var _b;
|
|
28
30
|
const { method, query, headers } = req;
|
|
29
31
|
const startTimestamp = Date.now();
|
|
30
32
|
debug.editing('feaas render middleware start: %o', {
|
|
@@ -32,6 +34,12 @@ export class FEAASRenderMiddleware extends RenderMiddlewareBase {
|
|
|
32
34
|
query,
|
|
33
35
|
headers,
|
|
34
36
|
});
|
|
37
|
+
if (!enforceCors(req, res, EDITING_ALLOWED_ORIGINS)) {
|
|
38
|
+
debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
|
|
39
|
+
return res
|
|
40
|
+
.status(401)
|
|
41
|
+
.send(`<html><body>Requests from origin ${(_b = req.headers) === null || _b === void 0 ? void 0 : _b.origin} are not allowed</body></html>`);
|
|
42
|
+
}
|
|
35
43
|
if (method !== 'GET') {
|
|
36
44
|
debug.editing('invalid method - sent %s expected GET', method);
|
|
37
45
|
res.setHeader('Allow', 'GET');
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@sitecore-jss/sitecore-jss-nextjs",
|
|
3
|
-
"version": "22.1.0-canary.
|
|
3
|
+
"version": "22.1.0-canary.13",
|
|
4
4
|
"main": "dist/cjs/index.js",
|
|
5
5
|
"module": "dist/esm/index.js",
|
|
6
6
|
"sideEffects": false,
|
|
@@ -72,9 +72,9 @@
|
|
|
72
72
|
"react-dom": "^18.2.0"
|
|
73
73
|
},
|
|
74
74
|
"dependencies": {
|
|
75
|
-
"@sitecore-jss/sitecore-jss": "^22.1.0-canary.
|
|
76
|
-
"@sitecore-jss/sitecore-jss-dev-tools": "^22.1.0-canary.
|
|
77
|
-
"@sitecore-jss/sitecore-jss-react": "^22.1.0-canary.
|
|
75
|
+
"@sitecore-jss/sitecore-jss": "^22.1.0-canary.13",
|
|
76
|
+
"@sitecore-jss/sitecore-jss-dev-tools": "^22.1.0-canary.13",
|
|
77
|
+
"@sitecore-jss/sitecore-jss-react": "^22.1.0-canary.13",
|
|
78
78
|
"@vercel/kv": "^0.2.1",
|
|
79
79
|
"node-html-parser": "^6.1.4",
|
|
80
80
|
"prop-types": "^15.8.1",
|
|
@@ -83,7 +83,7 @@
|
|
|
83
83
|
},
|
|
84
84
|
"description": "",
|
|
85
85
|
"types": "types/index.d.ts",
|
|
86
|
-
"gitHead": "
|
|
86
|
+
"gitHead": "488b31c67c7432d29b624e532a49913775b0ec3e",
|
|
87
87
|
"files": [
|
|
88
88
|
"dist",
|
|
89
89
|
"types",
|
|
@@ -1,3 +1,4 @@
|
|
|
1
1
|
export declare const QUERY_PARAM_EDITING_SECRET = "secret";
|
|
2
2
|
export declare const QUERY_PARAM_PROTECTION_BYPASS_SITECORE = "x-sitecore-protection-bypass";
|
|
3
3
|
export declare const QUERY_PARAM_PROTECTION_BYPASS_VERCEL = "x-vercel-protection-bypass";
|
|
4
|
+
export declare const EDITING_ALLOWED_ORIGINS: string[];
|