@sitecore-jss/sitecore-jss-nextjs 22.1.0-canary.37 → 22.1.0-canary.39

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (9) hide show
  1. package/dist/cjs/editing/constants.js +8 -3
  2. package/dist/cjs/editing/editing-render-middleware.js +5 -4
  3. package/dist/cjs/editing/render-middleware.js +18 -4
  4. package/dist/esm/editing/constants.js +7 -2
  5. package/dist/esm/editing/editing-render-middleware.js +5 -4
  6. package/dist/esm/editing/render-middleware.js +19 -5
  7. package/package.json +5 -5
  8. package/types/editing/constants.d.ts +7 -2
  9. package/types/editing/render-middleware.d.ts +9 -0
package/dist/cjs/editing/constants.js CHANGED
@@ -1,9 +1,14 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.EDITING_ALLOWED_ORIGINS = exports.QUERY_PARAM_PROTECTION_BYPASS_VERCEL = exports.QUERY_PARAM_PROTECTION_BYPASS_SITECORE = exports.QUERY_PARAM_EDITING_SECRET = void 0;
3
+ exports.EDITING_ALLOWED_ORIGINS = exports.EDITING_PASS_THROUGH_HEADERS = exports.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = exports.QUERY_PARAM_VERCEL_PROTECTION_BYPASS = exports.QUERY_PARAM_EDITING_SECRET = void 0;
4
4
  exports.QUERY_PARAM_EDITING_SECRET = 'secret';
5
- exports.QUERY_PARAM_PROTECTION_BYPASS_SITECORE = 'x-sitecore-protection-bypass';
6
- exports.QUERY_PARAM_PROTECTION_BYPASS_VERCEL = 'x-vercel-protection-bypass';
5
+ exports.QUERY_PARAM_VERCEL_PROTECTION_BYPASS = 'x-vercel-protection-bypass';
6
+ exports.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = 'x-vercel-set-bypass-cookie';
7
+ /**
8
+ * Headers that should be passed along to (Editing Chromes handler) SSR request.
9
+ * Note these are in lowercase format to match expected `IncomingHttpHeaders`.
10
+ */
11
+ exports.EDITING_PASS_THROUGH_HEADERS = ['authorization', 'cookie'];
7
12
  /**
8
13
  * Default allowed origins for editing requests. This is used to enforce CORS, CSP headers.
9
14
  */
package/dist/cjs/editing/editing-render-middleware.js CHANGED
@@ -57,7 +57,7 @@ class ChromesHandler extends render_middleware_1.RenderMiddlewareBase {
57
57
  }
58
58
  render(req, res) {
59
59
  return __awaiter(this, void 0, void 0, function* () {
60
- const { query } = req;
60
+ const { query, headers: incomingHeaders } = req;
61
61
  const startTimestamp = Date.now();
62
62
  try {
63
63
  // Extract data from EE payload
@@ -66,6 +66,8 @@ class ChromesHandler extends render_middleware_1.RenderMiddlewareBase {
66
66
  const serverUrl = this.resolveServerUrl(req);
67
67
  // Get query string parameters to propagate on subsequent requests (e.g. for deployment protection bypass)
68
68
  const params = this.getQueryParamsForPropagation(query);
69
+ // Get headers to propagate on subsequent requests
70
+ const headers = this.getHeadersForPropagation(incomingHeaders);
69
71
  // Stash for use later on (i.e. within getStatic/ServerSideProps).
70
72
  // Note we can't set this directly in setPreviewData since it's stored as a cookie (2KB limit)
71
73
  // https://nextjs.org/docs/advanced-features/preview-mode#previewdata-size-limits)
@@ -74,6 +76,7 @@ class ChromesHandler extends render_middleware_1.RenderMiddlewareBase {
74
76
  res.setPreviewData(previewData);
75
77
  // Grab the Next.js preview cookies to send on to the render request
76
78
  const cookies = res.getHeader('Set-Cookie');
79
+ headers.cookie = `${headers.cookie ? headers.cookie + ';' : ''}${cookies.join(';')}`;
77
80
  // Make actual render request for page route, passing on preview cookies as well as any approved query string parameters.
78
81
  // Note timestamp effectively disables caching the request in Axios (no amount of cache headers seemed to do it)
79
82
  sitecore_jss_1.debug.editing('fetching page route for %s', editingData.path);
@@ -86,9 +89,7 @@ class ChromesHandler extends render_middleware_1.RenderMiddlewareBase {
86
89
  requestUrl.searchParams.append('timestamp', Date.now().toString());
87
90
  const pageRes = yield this.dataFetcher
88
91
  .get(requestUrl.toString(), {
89
- headers: {
90
- Cookie: cookies.join(';'),
91
- },
92
+ headers,
92
93
  })
93
94
  .catch((err) => {
94
95
  // We need to handle not found error provided by Vercel
package/dist/cjs/editing/render-middleware.js CHANGED
@@ -14,14 +14,28 @@ class RenderMiddlewareBase {
14
14
  */
15
15
  this.getQueryParamsForPropagation = (query) => {
16
16
  const params = {};
17
- if (query[constants_1.QUERY_PARAM_PROTECTION_BYPASS_SITECORE]) {
18
- params[constants_1.QUERY_PARAM_PROTECTION_BYPASS_SITECORE] = query[constants_1.QUERY_PARAM_PROTECTION_BYPASS_SITECORE];
17
+ if (query[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS]) {
18
+ params[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS] = query[constants_1.QUERY_PARAM_VERCEL_PROTECTION_BYPASS];
19
19
  }
20
- if (query[constants_1.QUERY_PARAM_PROTECTION_BYPASS_VERCEL]) {
21
- params[constants_1.QUERY_PARAM_PROTECTION_BYPASS_VERCEL] = query[constants_1.QUERY_PARAM_PROTECTION_BYPASS_VERCEL];
20
+ if (query[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE]) {
21
+ params[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE] = query[constants_1.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE];
22
22
  }
23
23
  return params;
24
24
  };
25
+ /**
26
+ * Get headers that should be passed along to subsequent requests
27
+ * @param {IncomingHttpHeaders} headers Incoming HTTP Headers
28
+ * @returns Object of approved headers
29
+ */
30
+ this.getHeadersForPropagation = (headers) => {
31
+ const result = {};
32
+ constants_1.EDITING_PASS_THROUGH_HEADERS.forEach((header) => {
33
+ if (headers[header]) {
34
+ result[header] = headers[header];
35
+ }
36
+ });
37
+ return result;
38
+ };
25
39
  }
26
40
  }
27
41
  exports.RenderMiddlewareBase = RenderMiddlewareBase;
package/dist/esm/editing/constants.js CHANGED
@@ -1,6 +1,11 @@
1
1
  export const QUERY_PARAM_EDITING_SECRET = 'secret';
2
- export const QUERY_PARAM_PROTECTION_BYPASS_SITECORE = 'x-sitecore-protection-bypass';
3
- export const QUERY_PARAM_PROTECTION_BYPASS_VERCEL = 'x-vercel-protection-bypass';
2
+ export const QUERY_PARAM_VERCEL_PROTECTION_BYPASS = 'x-vercel-protection-bypass';
3
+ export const QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = 'x-vercel-set-bypass-cookie';
4
+ /**
5
+ * Headers that should be passed along to (Editing Chromes handler) SSR request.
6
+ * Note these are in lowercase format to match expected `IncomingHttpHeaders`.
7
+ */
8
+ export const EDITING_PASS_THROUGH_HEADERS = ['authorization', 'cookie'];
4
9
  /**
5
10
  * Default allowed origins for editing requests. This is used to enforce CORS, CSP headers.
6
11
  */
package/dist/esm/editing/editing-render-middleware.js CHANGED
@@ -54,7 +54,7 @@ export class ChromesHandler extends RenderMiddlewareBase {
54
54
  }
55
55
  render(req, res) {
56
56
  return __awaiter(this, void 0, void 0, function* () {
57
- const { query } = req;
57
+ const { query, headers: incomingHeaders } = req;
58
58
  const startTimestamp = Date.now();
59
59
  try {
60
60
  // Extract data from EE payload
@@ -63,6 +63,8 @@ export class ChromesHandler extends RenderMiddlewareBase {
63
63
  const serverUrl = this.resolveServerUrl(req);
64
64
  // Get query string parameters to propagate on subsequent requests (e.g. for deployment protection bypass)
65
65
  const params = this.getQueryParamsForPropagation(query);
66
+ // Get headers to propagate on subsequent requests
67
+ const headers = this.getHeadersForPropagation(incomingHeaders);
66
68
  // Stash for use later on (i.e. within getStatic/ServerSideProps).
67
69
  // Note we can't set this directly in setPreviewData since it's stored as a cookie (2KB limit)
68
70
  // https://nextjs.org/docs/advanced-features/preview-mode#previewdata-size-limits)
@@ -71,6 +73,7 @@ export class ChromesHandler extends RenderMiddlewareBase {
71
73
  res.setPreviewData(previewData);
72
74
  // Grab the Next.js preview cookies to send on to the render request
73
75
  const cookies = res.getHeader('Set-Cookie');
76
+ headers.cookie = `${headers.cookie ? headers.cookie + ';' : ''}${cookies.join(';')}`;
74
77
  // Make actual render request for page route, passing on preview cookies as well as any approved query string parameters.
75
78
  // Note timestamp effectively disables caching the request in Axios (no amount of cache headers seemed to do it)
76
79
  debug.editing('fetching page route for %s', editingData.path);
@@ -83,9 +86,7 @@ export class ChromesHandler extends RenderMiddlewareBase {
83
86
  requestUrl.searchParams.append('timestamp', Date.now().toString());
84
87
  const pageRes = yield this.dataFetcher
85
88
  .get(requestUrl.toString(), {
86
- headers: {
87
- Cookie: cookies.join(';'),
88
- },
89
+ headers,
89
90
  })
90
91
  .catch((err) => {
91
92
  // We need to handle not found error provided by Vercel
package/dist/esm/editing/render-middleware.js CHANGED
@@ -1,4 +1,4 @@
1
- import { QUERY_PARAM_PROTECTION_BYPASS_SITECORE, QUERY_PARAM_PROTECTION_BYPASS_VERCEL, } from './constants';
1
+ import { QUERY_PARAM_VERCEL_PROTECTION_BYPASS, QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE, EDITING_PASS_THROUGH_HEADERS, } from './constants';
2
2
  /**
3
3
  * Base class for middleware that handles pages and components rendering in Sitecore Editors.
4
4
  */
@@ -11,13 +11,27 @@ export class RenderMiddlewareBase {
11
11
  */
12
12
  this.getQueryParamsForPropagation = (query) => {
13
13
  const params = {};
14
- if (query[QUERY_PARAM_PROTECTION_BYPASS_SITECORE]) {
15
- params[QUERY_PARAM_PROTECTION_BYPASS_SITECORE] = query[QUERY_PARAM_PROTECTION_BYPASS_SITECORE];
14
+ if (query[QUERY_PARAM_VERCEL_PROTECTION_BYPASS]) {
15
+ params[QUERY_PARAM_VERCEL_PROTECTION_BYPASS] = query[QUERY_PARAM_VERCEL_PROTECTION_BYPASS];
16
16
  }
17
- if (query[QUERY_PARAM_PROTECTION_BYPASS_VERCEL]) {
18
- params[QUERY_PARAM_PROTECTION_BYPASS_VERCEL] = query[QUERY_PARAM_PROTECTION_BYPASS_VERCEL];
17
+ if (query[QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE]) {
18
+ params[QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE] = query[QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE];
19
19
  }
20
20
  return params;
21
21
  };
22
+ /**
23
+ * Get headers that should be passed along to subsequent requests
24
+ * @param {IncomingHttpHeaders} headers Incoming HTTP Headers
25
+ * @returns Object of approved headers
26
+ */
27
+ this.getHeadersForPropagation = (headers) => {
28
+ const result = {};
29
+ EDITING_PASS_THROUGH_HEADERS.forEach((header) => {
30
+ if (headers[header]) {
31
+ result[header] = headers[header];
32
+ }
33
+ });
34
+ return result;
35
+ };
22
36
  }
23
37
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sitecore-jss/sitecore-jss-nextjs",
3
- "version": "22.1.0-canary.37",
3
+ "version": "22.1.0-canary.39",
4
4
  "main": "dist/cjs/index.js",
5
5
  "module": "dist/esm/index.js",
6
6
  "sideEffects": false,
@@ -72,9 +72,9 @@
72
72
  "react-dom": "^18.2.0"
73
73
  },
74
74
  "dependencies": {
75
- "@sitecore-jss/sitecore-jss": "^22.1.0-canary.37",
76
- "@sitecore-jss/sitecore-jss-dev-tools": "^22.1.0-canary.37",
77
- "@sitecore-jss/sitecore-jss-react": "^22.1.0-canary.37",
75
+ "@sitecore-jss/sitecore-jss": "^22.1.0-canary.39",
76
+ "@sitecore-jss/sitecore-jss-dev-tools": "^22.1.0-canary.39",
77
+ "@sitecore-jss/sitecore-jss-react": "^22.1.0-canary.39",
78
78
  "@vercel/kv": "^0.2.1",
79
79
  "prop-types": "^15.8.1",
80
80
  "regex-parser": "^2.2.11",
@@ -82,7 +82,7 @@
82
82
  },
83
83
  "description": "",
84
84
  "types": "types/index.d.ts",
85
- "gitHead": "596b64348c701c79e40a71de711fc6d7feafc854",
85
+ "gitHead": "4a047aa201182c8a0b678f949f8fb9f72c6a7783",
86
86
  "files": [
87
87
  "dist",
88
88
  "types",
package/types/editing/constants.d.ts CHANGED
@@ -1,6 +1,11 @@
1
1
  export declare const QUERY_PARAM_EDITING_SECRET = "secret";
2
- export declare const QUERY_PARAM_PROTECTION_BYPASS_SITECORE = "x-sitecore-protection-bypass";
3
- export declare const QUERY_PARAM_PROTECTION_BYPASS_VERCEL = "x-vercel-protection-bypass";
2
+ export declare const QUERY_PARAM_VERCEL_PROTECTION_BYPASS = "x-vercel-protection-bypass";
3
+ export declare const QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = "x-vercel-set-bypass-cookie";
4
+ /**
5
+ * Headers that should be passed along to (Editing Chromes handler) SSR request.
6
+ * Note these are in lowercase format to match expected `IncomingHttpHeaders`.
7
+ */
8
+ export declare const EDITING_PASS_THROUGH_HEADERS: string[];
4
9
  /**
5
10
  * Default allowed origins for editing requests. This is used to enforce CORS, CSP headers.
6
11
  */
package/types/editing/render-middleware.d.ts CHANGED
@@ -1,3 +1,4 @@
1
+ import { IncomingHttpHeaders } from 'http';
1
2
  /**
2
3
  * Base class for middleware that handles pages and components rendering in Sitecore Editors.
3
4
  */
@@ -12,4 +13,12 @@ export declare abstract class RenderMiddlewareBase {
12
13
  }>) => {
13
14
  [key: string]: string;
14
15
  };
16
+ /**
17
+ * Get headers that should be passed along to subsequent requests
18
+ * @param {IncomingHttpHeaders} headers Incoming HTTP Headers
19
+ * @returns Object of approved headers
20
+ */
21
+ protected getHeadersForPropagation: (headers: IncomingHttpHeaders) => {
22
+ [key: string]: string | string[];
23
+ };
15
24
  }