@sitecore-jss/sitecore-jss-nextjs 22.2.0-canary.37 → 22.2.0-canary.38

package/dist/cjs/editing/constants.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.EDITING_ALLOWED_ORIGINS = exports.EDITING_PASS_THROUGH_HEADERS = exports.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = exports.QUERY_PARAM_VERCEL_PROTECTION_BYPASS = exports.QUERY_PARAM_EDITING_SECRET = void 0;
-exports.QUERY_PARAM_EDITING_SECRET = 'secret';
+exports.EDITING_PASS_THROUGH_HEADERS = exports.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = exports.QUERY_PARAM_VERCEL_PROTECTION_BYPASS = void 0;
 exports.QUERY_PARAM_VERCEL_PROTECTION_BYPASS = 'x-vercel-protection-bypass';
 exports.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = 'x-vercel-set-bypass-cookie';
 /**
@@ -9,7 +8,3 @@ exports.QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = 'x-vercel-set-bypass-cookie';
  * Note these are in lowercase format to match expected `IncomingHttpHeaders`.
  */
 exports.EDITING_PASS_THROUGH_HEADERS = ['authorization', 'cookie'];
-/**
- * Default allowed origins for editing requests. This is used to enforce CORS, CSP headers.
- */
-exports.EDITING_ALLOWED_ORIGINS = ['https://pages.sitecorecloud.io'];

package/dist/cjs/editing/editing-config-middleware.js

@@ -10,7 +10,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.EditingConfigMiddleware = void 0;
-const constants_1 = require("./constants");
+const editing_1 = require("@sitecore-jss/sitecore-jss/editing");
 const utils_1 = require("../utils/utils");
 const sitecore_jss_1 = require("@sitecore-jss/sitecore-jss");
 const layout_1 = require("@sitecore-jss/sitecore-jss/layout");
@@ -26,8 +26,8 @@ class EditingConfigMiddleware {
     constructor(config) {
         this.config = config;
         this.handler = (_req, res) => __awaiter(this, void 0, void 0, function* () {
-            const secret = _req.query[constants_1.QUERY_PARAM_EDITING_SECRET];
-            if (!(0, utils_2.enforceCors)(_req, res, constants_1.EDITING_ALLOWED_ORIGINS)) {
+            const secret = _req.query[editing_1.QUERY_PARAM_EDITING_SECRET];
+            if (!(0, utils_2.enforceCors)(_req, res, editing_1.EDITING_ALLOWED_ORIGINS)) {
                 sitecore_jss_1.debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
                 return res.status(401).json({ message: 'Invalid origin' });
             }

package/dist/cjs/editing/editing-data-middleware.js

@@ -12,7 +12,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.EditingDataMiddleware = void 0;
 const editing_data_cache_1 = require("./editing-data-cache");
 const editing_data_1 = require("./editing-data");
-const constants_1 = require("./constants");
+const editing_1 = require("@sitecore-jss/sitecore-jss/editing");
 const utils_1 = require("../utils/utils");
 const utils_2 = require("@sitecore-jss/sitecore-jss/utils");
 const sitecore_jss_1 = require("@sitecore-jss/sitecore-jss");
@@ -28,9 +28,9 @@ class EditingDataMiddleware {
         var _a, _b;
         this.handler = (req, res) => __awaiter(this, void 0, void 0, function* () {
             const { method, query, body } = req;
-            const secret = query[constants_1.QUERY_PARAM_EDITING_SECRET];
+            const secret = query[editing_1.QUERY_PARAM_EDITING_SECRET];
             const key = query[this.queryParamKey];
-            if (!(0, utils_2.enforceCors)(req, res, constants_1.EDITING_ALLOWED_ORIGINS)) {
+            if (!(0, utils_2.enforceCors)(req, res, editing_1.EDITING_ALLOWED_ORIGINS)) {
                 sitecore_jss_1.debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
                 return res.status(401).json({ message: 'Invalid origin' });
             }

package/dist/cjs/editing/editing-data-service.js

@@ -10,7 +10,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.editingDataService = exports.ServerlessEditingDataService = exports.BasicEditingDataService = exports.generateKey = void 0;
-const constants_1 = require("./constants");
+const editing_1 = require("@sitecore-jss/sitecore-jss/editing");
 const sitecore_jss_1 = require("@sitecore-jss/sitecore-jss");
 const editing_data_cache_1 = require("./editing-data-cache");
 const utils_1 = require("../utils/utils");
@@ -137,7 +137,7 @@ class ServerlessEditingDataService {
         //  http://localhost:3000/api/editing/data/52961eea-bafd-5287-a532-a72e36bd8a36-qkb4e3fv5x?secret=1234secret
         const apiRoute = (_a = this.apiRoute) === null || _a === void 0 ? void 0 : _a.replace('[key]', key);
         const url = new URL(apiRoute, serverUrl);
-        url.searchParams.append(constants_1.QUERY_PARAM_EDITING_SECRET, (0, utils_1.getJssEditingSecret)());
+        url.searchParams.append(editing_1.QUERY_PARAM_EDITING_SECRET, (0, utils_1.getJssEditingSecret)());
         if (params) {
             for (const key in params) {
                 if ({}.hasOwnProperty.call(params, key)) {

package/dist/cjs/editing/editing-render-middleware.js

@@ -13,8 +13,8 @@ exports.EditingRenderMiddleware = exports.MetadataHandler = exports.isEditingMet
 const constants_1 = require("next/constants");
 const sitecore_jss_1 = require("@sitecore-jss/sitecore-jss");
 const layout_1 = require("@sitecore-jss/sitecore-jss/layout");
+const editing_1 = require("@sitecore-jss/sitecore-jss/editing");
 const editing_data_service_1 = require("./editing-data-service");
-const constants_2 = require("./constants");
 const utils_1 = require("../utils/utils");
 const render_middleware_1 = require("./render-middleware");
 const utils_2 = require("@sitecore-jss/sitecore-jss/utils");
@@ -264,7 +264,7 @@ class MetadataHandler {
      * @returns Content-Security-Policy header value
      */
     getSCPHeader() {
-        return `frame-ancestors 'self' ${[(0, utils_2.getAllowedOriginsFromEnv)(), ...constants_2.EDITING_ALLOWED_ORIGINS].join(' ')}`;
+        return `frame-ancestors 'self' ${[(0, utils_2.getAllowedOriginsFromEnv)(), ...editing_1.EDITING_ALLOWED_ORIGINS].join(' ')}`;
     }
 }
 exports.MetadataHandler = MetadataHandler;
@@ -288,14 +288,14 @@ class EditingRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
                 headers,
                 body,
             });
-            if (!(0, utils_2.enforceCors)(req, res, constants_2.EDITING_ALLOWED_ORIGINS)) {
+            if (!(0, utils_2.enforceCors)(req, res, editing_1.EDITING_ALLOWED_ORIGINS)) {
                 sitecore_jss_1.debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
                 return res.status(401).json({
                     html: `<html><body>Requests from origin ${(_a = req.headers) === null || _a === void 0 ? void 0 : _a.origin} not allowed</body></html>`,
                 });
             }
             // Validate secret
-            const secret = (_b = query[constants_2.QUERY_PARAM_EDITING_SECRET]) !== null && _b !== void 0 ? _b : body === null || body === void 0 ? void 0 : body.jssEditingSecret;
+            const secret = (_b = query[editing_1.QUERY_PARAM_EDITING_SECRET]) !== null && _b !== void 0 ? _b : body === null || body === void 0 ? void 0 : body.jssEditingSecret;
             if (secret !== (0, utils_1.getJssEditingSecret)()) {
                 sitecore_jss_1.debug.editing('invalid editing secret - sent "%s" expected "%s"', secret, (0, utils_1.getJssEditingSecret)());
                 return res.status(401).json({

package/dist/cjs/editing/feaas-render-middleware.js

@@ -11,7 +11,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.FEAASRenderMiddleware = void 0;
 const sitecore_jss_1 = require("@sitecore-jss/sitecore-jss");
-const constants_1 = require("./constants");
+const editing_1 = require("@sitecore-jss/sitecore-jss/editing");
 const utils_1 = require("../utils/utils");
 const render_middleware_1 = require("./render-middleware");
 const utils_2 = require("@sitecore-jss/sitecore-jss/utils");
@@ -37,7 +37,7 @@ class FEAASRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
                 query,
                 headers,
             });
-            if (!(0, utils_2.enforceCors)(req, res, constants_1.EDITING_ALLOWED_ORIGINS)) {
+            if (!(0, utils_2.enforceCors)(req, res, editing_1.EDITING_ALLOWED_ORIGINS)) {
                 sitecore_jss_1.debug.editing('invalid origin host - set allowed origins in JSS_ALLOWED_ORIGINS environment variable');
                 return res
                     .status(401)
@@ -49,7 +49,7 @@ class FEAASRenderMiddleware extends render_middleware_1.RenderMiddlewareBase {
                 return res.status(405).send(`<html><body>Invalid request method '${method}'</body></html>`);
             }
             // Validate secret
-            const secret = query[constants_1.QUERY_PARAM_EDITING_SECRET];
+            const secret = query[editing_1.QUERY_PARAM_EDITING_SECRET];
             if (secret !== (0, utils_1.getJssEditingSecret)()) {
                 sitecore_jss_1.debug.editing('invalid editing secret - sent "%s" expected "%s"', secret, (0, utils_1.getJssEditingSecret)());
                 return res.status(401).send('<html><body>Missing or invalid secret</body></html>');

package/dist/esm/editing/constants.js

@@ -1,4 +1,3 @@
-export const QUERY_PARAM_EDITING_SECRET = 'secret';
 export const QUERY_PARAM_VERCEL_PROTECTION_BYPASS = 'x-vercel-protection-bypass';
 export const QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = 'x-vercel-set-bypass-cookie';
 /**
@@ -6,7 +5,3 @@ export const QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = 'x-vercel-set-bypass-cookie'
  * Note these are in lowercase format to match expected `IncomingHttpHeaders`.
  */
 export const EDITING_PASS_THROUGH_HEADERS = ['authorization', 'cookie'];
-/**
- * Default allowed origins for editing requests. This is used to enforce CORS, CSP headers.
- */
-export const EDITING_ALLOWED_ORIGINS = ['https://pages.sitecorecloud.io'];

package/dist/esm/editing/editing-config-middleware.js

@@ -7,7 +7,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-import { EDITING_ALLOWED_ORIGINS, QUERY_PARAM_EDITING_SECRET } from './constants';
+import { EDITING_ALLOWED_ORIGINS, QUERY_PARAM_EDITING_SECRET, } from '@sitecore-jss/sitecore-jss/editing';
 import { getJssEditingSecret } from '../utils/utils';
 import { debug } from '@sitecore-jss/sitecore-jss';
 import { EditMode } from '@sitecore-jss/sitecore-jss/layout';

package/dist/esm/editing/editing-data-middleware.js

@@ -9,7 +9,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import { editingDataDiskCache } from './editing-data-cache';
 import { isEditingData } from './editing-data';
-import { EDITING_ALLOWED_ORIGINS, QUERY_PARAM_EDITING_SECRET } from './constants';
+import { EDITING_ALLOWED_ORIGINS, QUERY_PARAM_EDITING_SECRET, } from '@sitecore-jss/sitecore-jss/editing';
 import { getJssEditingSecret } from '../utils/utils';
 import { enforceCors } from '@sitecore-jss/sitecore-jss/utils';
 import { debug } from '@sitecore-jss/sitecore-jss';

package/dist/esm/editing/editing-data-service.js

@@ -7,7 +7,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
         step((generator = generator.apply(thisArg, _arguments || [])).next());
     });
 };
-import { QUERY_PARAM_EDITING_SECRET } from './constants';
+import { QUERY_PARAM_EDITING_SECRET } from '@sitecore-jss/sitecore-jss/editing';
 import { AxiosDataFetcher, debug } from '@sitecore-jss/sitecore-jss';
 import { editingDataDiskCache } from './editing-data-cache';
 import { getJssEditingSecret } from '../utils/utils';

package/dist/esm/editing/editing-render-middleware.js

@@ -10,8 +10,8 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 import { STATIC_PROPS_ID, SERVER_PROPS_ID } from 'next/constants';
 import { AxiosDataFetcher, debug } from '@sitecore-jss/sitecore-jss';
 import { EditMode } from '@sitecore-jss/sitecore-jss/layout';
+import { QUERY_PARAM_EDITING_SECRET, EDITING_ALLOWED_ORIGINS, } from '@sitecore-jss/sitecore-jss/editing';
 import { editingDataService } from './editing-data-service';
-import { EDITING_ALLOWED_ORIGINS, QUERY_PARAM_EDITING_SECRET } from './constants';
 import { getJssEditingSecret } from '../utils/utils';
 import { RenderMiddlewareBase } from './render-middleware';
 import { enforceCors, getAllowedOriginsFromEnv } from '@sitecore-jss/sitecore-jss/utils';

package/dist/esm/editing/feaas-render-middleware.js

@@ -8,7 +8,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
     });
 };
 import { debug } from '@sitecore-jss/sitecore-jss';
-import { EDITING_ALLOWED_ORIGINS, QUERY_PARAM_EDITING_SECRET } from './constants';
+import { EDITING_ALLOWED_ORIGINS, QUERY_PARAM_EDITING_SECRET, } from '@sitecore-jss/sitecore-jss/editing';
 import { getJssEditingSecret } from '../utils/utils';
 import { RenderMiddlewareBase } from './render-middleware';
 import { enforceCors } from '@sitecore-jss/sitecore-jss/utils';

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sitecore-jss/sitecore-jss-nextjs",
-  "version": "22.2.0-canary.37",
+  "version": "22.2.0-canary.38",
   "main": "dist/cjs/index.js",
   "module": "dist/esm/index.js",
   "sideEffects": false,
@@ -72,9 +72,9 @@
     "react-dom": "^18.2.0"
   },
   "dependencies": {
-    "@sitecore-jss/sitecore-jss": "^22.2.0-canary.37",
-    "@sitecore-jss/sitecore-jss-dev-tools": "^22.2.0-canary.37",
-    "@sitecore-jss/sitecore-jss-react": "^22.2.0-canary.37",
+    "@sitecore-jss/sitecore-jss": "^22.2.0-canary.38",
+    "@sitecore-jss/sitecore-jss-dev-tools": "^22.2.0-canary.38",
+    "@sitecore-jss/sitecore-jss-react": "^22.2.0-canary.38",
     "@vercel/kv": "^0.2.1",
     "prop-types": "^15.8.1",
     "regex-parser": "^2.2.11",
@@ -82,7 +82,7 @@
   },
   "description": "",
   "types": "types/index.d.ts",
-  "gitHead": "2f18bc17c4728742b8ba81f1df2c237d4102d14c",
+  "gitHead": "e232f6f998a3a411b5d7d7d3f5c7f61b90a21278",
   "files": [
     "dist",
     "types",

package/types/editing/constants.d.ts

@@ -1,4 +1,3 @@
-export declare const QUERY_PARAM_EDITING_SECRET = "secret";
 export declare const QUERY_PARAM_VERCEL_PROTECTION_BYPASS = "x-vercel-protection-bypass";
 export declare const QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = "x-vercel-set-bypass-cookie";
 /**
@@ -6,7 +5,3 @@ export declare const QUERY_PARAM_VERCEL_SET_BYPASS_COOKIE = "x-vercel-set-bypass
  * Note these are in lowercase format to match expected `IncomingHttpHeaders`.
  */
 export declare const EDITING_PASS_THROUGH_HEADERS: string[];
-/**
- * Default allowed origins for editing requests. This is used to enforce CORS, CSP headers.
- */
-export declare const EDITING_ALLOWED_ORIGINS: string[];