@sveltejs/kit 1.0.0-next.471 → 1.0.0-next.472

package/src/runtime/client/client.js

@@ -145,7 +145,7 @@ export function create_client({ target, base, trailing_slash }) {
 			const url = new URL(location.href);
 
 			invalidating = Promise.resolve().then(async () => {
-				const intent = get_navigation_intent(url);
+				const intent = get_navigation_intent(url, true);
 				await update(intent, url, []);
 
 				invalidating = null;
@@ -187,7 +187,7 @@ export function create_client({ target, base, trailing_slash }) {
 
 	/** @param {URL} url */
 	async function prefetch(url) {
-		const intent = get_navigation_intent(url);
+		const intent = get_navigation_intent(url, false);
 
 		if (!intent) {
 			throw new Error('Attempted to prefetch a URL that does not belong to this app');
@@ -278,24 +278,9 @@ export function create_client({ target, base, trailing_slash }) {
 				navigation_result.props.page.url = url;
 			}
 
-			if (import.meta.env.DEV) {
-				// Nasty hack to silence harmless warnings the user can do nothing about
-				const warn = console.warn;
-				console.warn = (...args) => {
-					if (
-						args.length !== 1 ||
-						!/<(Layout|Page)(_[\w$]+)?> was created with unknown prop '(data|errors)'/.test(args[0])
-					) {
-						warn(...args);
-					}
-				};
-				root.$set(navigation_result.props);
-				tick().then(() => (console.warn = warn));
-
-				check_for_removed_attributes();
-			} else {
-				root.$set(navigation_result.props);
-			}
+			const post_update = pre_update();
+			root.$set(navigation_result.props);
+			post_update();
 		} else {
 			initialize(navigation_result);
 		}
@@ -371,32 +356,13 @@ export function create_client({ target, base, trailing_slash }) {
 
 		page = result.props.page;
 
-		if (import.meta.env.DEV) {
-			// Nasty hack to silence harmless warnings the user can do nothing about
-			const warn = console.warn;
-			console.warn = (...args) => {
-				if (
-					args.length !== 1 ||
-					!/<(Layout|Page)(_[\w$]+)?> was created with unknown prop '(data|errors)'/.test(args[0])
-				) {
-					warn(...args);
-				}
-			};
-			root = new Root({
-				target,
-				props: { ...result.props, stores },
-				hydrate: true
-			});
-			console.warn = warn;
-
-			check_for_removed_attributes();
-		} else {
-			root = new Root({
-				target,
-				props: { ...result.props, stores },
-				hydrate: true
-			});
-		}
+		const post_update = pre_update();
+		root = new Root({
+			target,
+			props: { ...result.props, stores },
+			hydrate: true
+		});
+		post_update();
 
 		/** @type {import('types').Navigation} */
 		const navigation = {
@@ -422,7 +388,7 @@ export function create_client({ target, base, trailing_slash }) {
 	 *   status: number;
 	 *   error: HttpError | Error | null;
 	 *   route: import('types').CSRRoute | null;
-	 *   validation_errors?: Record<string, any> | null;
+	 *   form?: Record<string, any> | null;
 	 * }} opts
 	 */
 	async function get_navigation_result_from_branch({
@@ -432,7 +398,7 @@ export function create_client({ target, base, trailing_slash }) {
 		status,
 		error,
 		route,
-		validation_errors
+		form
 	}) {
 		const filtered = /** @type {import('./types').BranchNode[] } */ (branch.filter(Boolean));
 
@@ -448,11 +414,14 @@ export function create_client({ target, base, trailing_slash }) {
 				session_id
 			},
 			props: {
-				components: filtered.map((branch_node) => branch_node.node.component),
-				errors: validation_errors
+				components: filtered.map((branch_node) => branch_node.node.component)
 			}
 		};
 
+		if (form !== undefined) {
+			result.props.form = form;
+		}
+
 		let data = {};
 		let data_changed = !page;
 		for (let i = 0; i < filtered.length; i += 1) {
@@ -713,7 +682,7 @@ export function create_client({ target, base, trailing_slash }) {
 	 * @param {import('./types').NavigationIntent} intent
 	 * @returns {Promise<import('./types').NavigationResult | undefined>}
 	 */
-	async function load_route({ id, url, params, route }) {
+	async function load_route({ id, invalidating, url, params, route }) {
 		if (load_cache.id === id && load_cache.promise) {
 			return load_cache.promise;
 		}
@@ -881,7 +850,9 @@ export function create_client({ target, base, trailing_slash }) {
 			branch,
 			status: 200,
 			error: null,
-			route
+			route,
+			// Reset `form` on navigation, but not invalidation
+			form: invalidating ? undefined : null
 		});
 	}
 
@@ -954,8 +925,11 @@ export function create_client({ target, base, trailing_slash }) {
 		});
 	}
 
-	/** @param {URL} url */
-	function get_navigation_intent(url) {
+	/**
+	 * @param {URL} url
+	 * @param {boolean} invalidating
+	 */
+	function get_navigation_intent(url, invalidating) {
 		if (is_external_url(url)) return;
 
 		const path = decodeURI(url.pathname.slice(base.length) || '/');
@@ -969,7 +943,7 @@ export function create_client({ target, base, trailing_slash }) {
 				);
 				const id = normalized.pathname + normalized.search;
 				/** @type {import('./types').NavigationIntent} */
-				const intent = { id, route, params: decode_params(params), url: normalized };
+				const intent = { id, invalidating, route, params: decode_params(params), url: normalized };
 				return intent;
 			}
 		}
@@ -1009,7 +983,7 @@ export function create_client({ target, base, trailing_slash }) {
 	}) {
 		let should_block = false;
 
-		const intent = get_navigation_intent(url);
+		const intent = get_navigation_intent(url, false);
 
 		/** @type {import('types').Navigation} */
 		const navigation = {
@@ -1161,6 +1135,71 @@ export function create_client({ target, base, trailing_slash }) {
 			await Promise.all(promises);
 		},
 
+		apply_action: async (result) => {
+			if (result.type === 'error') {
+				const url = new URL(location.href);
+
+				const { branch, route } = current;
+				if (!route) return;
+
+				let i = current.branch.length;
+
+				while (i--) {
+					if (route.errors[i]) {
+						/** @type {import('./types').BranchNode | undefined} */
+						let error_loaded;
+
+						let j = i;
+						while (!branch[j]) j -= 1;
+						try {
+							error_loaded = {
+								node: await /** @type {import('types').CSRPageNodeLoader } */ (route.errors[i])(),
+								loader: /** @type {import('types').CSRPageNodeLoader } */ (route.errors[i]),
+								data: {},
+								server: null,
+								shared: null
+							};
+
+							const navigation_result = await get_navigation_result_from_branch({
+								url,
+								params: current.params,
+								branch: branch.slice(0, j + 1).concat(error_loaded),
+								status: 500, // TODO might not be 500?
+								error: result.error,
+								route
+							});
+
+							current = navigation_result.state;
+
+							const post_update = pre_update();
+							root.$set(navigation_result.props);
+							post_update();
+
+							return;
+						} catch (e) {
+							continue;
+						}
+					}
+				}
+			} else if (result.type === 'redirect') {
+				goto(result.location, {}, []);
+			} else {
+				/** @type {Record<string, any>} */
+				const props = { form: result.data };
+
+				if (result.status !== page.status) {
+					props.page = {
+						...page,
+						status: result.status
+					};
+				}
+
+				const post_update = pre_update();
+				root.$set(props);
+				post_update();
+			}
+		},
+
 		_start_router: () => {
 			history.scrollRestoration = 'manual';
 
@@ -1361,7 +1400,7 @@ export function create_client({ target, base, trailing_slash }) {
 			params,
 			routeId,
 			data: server_data_nodes,
-			errors: validation_errors
+			form
 		}) => {
 			const url = new URL(location.href);
 
@@ -1402,7 +1441,7 @@ export function create_client({ target, base, trailing_slash }) {
 								original_error.message
 						  )
 						: original_error,
-					validation_errors,
+					form,
 					route: routes.find((route) => route.id === routeId) ?? null
 				});
 			} catch (e) {
@@ -1492,3 +1531,28 @@ function add_url_properties(type, target) {
 
 	return target;
 }
+
+function pre_update() {
+	if (__SVELTEKIT_DEV__) {
+		// Nasty hack to silence harmless warnings the user can do nothing about
+		const warn = console.warn;
+		console.warn = (...args) => {
+			if (
+				args.length === 1 &&
+				/<(Layout|Page)(_[\w$]+)?> was created (with unknown|without expected) prop '(data|form)'/.test(
+					args[0]
+				)
+			) {
+				return;
+			}
+			warn(...args);
+		};
+
+		return () => {
+			tick().then(() => (console.warn = warn));
+			check_for_removed_attributes();
+		};
+	}
+
+	return () => {};
+}

package/src/runtime/client/start.js

@@ -6,15 +6,7 @@ import { set_public_env } from '../env-public.js';
 /**
  * @param {{
  *   env: Record<string, string>;
- *   hydrate: {
- *     status: number;
- *     error: Error | (import('../server/page/types').SerializedHttpError);
- *     node_ids: number[];
- *     params: Record<string, string>;
- *     routeId: string | null;
- *     data: Array<import('types').ServerDataNode | null>;
- *     errors: Record<string, any> | null;
- *   };
+ *   hydrate: Parameters<import('./types').Client['_hydrate']>[0];
  *   paths: {
  *     assets: string;
  *     base: string;

package/src/runtime/client/types.d.ts

@@ -1,3 +1,4 @@
+import { applyAction } from '$app/forms';
 import {
 	afterNavigate,
 	beforeNavigate,
@@ -21,6 +22,7 @@ export interface Client {
 	invalidateAll: typeof invalidateAll;
 	prefetch: typeof prefetch;
 	prefetch_routes: typeof prefetchRoutes;
+	apply_action: typeof applyAction;
 
 	// private API
 	_hydrate: (opts: {
@@ -30,27 +32,21 @@ export interface Client {
 		params: Record<string, string>;
 		routeId: string | null;
 		data: Array<import('types').ServerDataNode | null>;
-		errors: Record<string, any> | null;
+		form: Record<string, any> | null;
 	}) => Promise<void>;
 	_start_router: () => void;
 }
 
 export type NavigationIntent = {
-	/**
-	 * `url.pathname + url.search`
-	 */
+	/** `url.pathname + url.search`  */
 	id: string;
-	/**
-	 * The route parameters
-	 */
+	/** Whether we are invalidating or navigating */
+	invalidating: boolean;
+	/** The route parameters */
 	params: Record<string, string>;
-	/**
-	 * The route that matches `path`
-	 */
+	/** The route that matches `path` */
 	route: CSRRoute;
-	/**
-	 * The destination URL
-	 */
+	/** The destination URL */
 	url: URL;
 };
 

package/src/runtime/control.js

@@ -31,3 +31,70 @@ export class Redirect {
 		this.location = location;
 	}
 }
+
+/**
+ * @template {Record<string, unknown> | undefined} [T=undefined]
+ */
+export class ValidationError {
+	/**
+	 * @param {number} status
+	 * @param {T} [data]
+	 */
+	constructor(status, data) {
+		this.status = status;
+		this.data = data;
+	}
+}
+
+/**
+ * Creates an `HttpError` object with an HTTP status code and an optional message.
+ * This object, if thrown during request handling, will cause SvelteKit to
+ * return an error response without invoking `handleError`
+ * @param {number} status
+ * @param {string | undefined} [message]
+ */
+export function error(status, message) {
+	return new HttpError(status, message);
+}
+
+/**
+ * Creates a `Redirect` object. If thrown during request handling, SvelteKit will
+ * return a redirect response.
+ * @param {number} status
+ * @param {string} location
+ */
+export function redirect(status, location) {
+	if (isNaN(status) || status < 300 || status > 399) {
+		throw new Error('Invalid status code');
+	}
+
+	return new Redirect(status, location);
+}
+
+/**
+ * Generates a JSON `Response` object from the supplied data.
+ * @param {any} data
+ * @param {ResponseInit} [init]
+ */
+export function json(data, init) {
+	// TODO deprecate this in favour of `Response.json` when it's
+	// more widely supported
+	const headers = new Headers(init?.headers);
+	if (!headers.has('content-type')) {
+		headers.set('content-type', 'application/json');
+	}
+
+	return new Response(JSON.stringify(data), {
+		...init,
+		headers
+	});
+}
+
+/**
+ * Generates a `ValidationError` object.
+ * @param {number} status
+ * @param {Record<string, any> | undefined} [data]
+ */
+export function invalid(status, data) {
+	return new ValidationError(status, data);
+}

package/src/runtime/server/cookie.js

@@ -0,0 +1,76 @@
+import * as cookie from 'cookie';
+
+/**
+ * @param {Request} request
+ * @param {URL} url
+ */
+export function get_cookies(request, url) {
+	const initial_cookies = cookie.parse(request.headers.get('cookie') ?? '');
+
+	/** @type {Array<{ name: string, value: string, options: import('cookie').CookieSerializeOptions }>} */
+	const new_cookies = [];
+
+	/** @type {import('types').Cookies} */
+	const cookies = {
+		get(name, opts) {
+			const decode = opts?.decode || decodeURIComponent;
+
+			let i = new_cookies.length;
+			while (i--) {
+				const cookie = new_cookies[i];
+
+				if (
+					cookie.name === name &&
+					domain_matches(url.hostname, cookie.options.domain) &&
+					path_matches(url.pathname, cookie.options.path)
+				) {
+					return cookie.value;
+				}
+			}
+
+			return name in initial_cookies ? decode(initial_cookies[name]) : undefined;
+		},
+		set(name, value, options = {}) {
+			new_cookies.push({
+				name,
+				value,
+				options: {
+					httpOnly: true,
+					secure: true,
+					...options
+				}
+			});
+		},
+		delete(name) {
+			new_cookies.push({ name, value: '', options: { expires: new Date(0) } });
+		}
+	};
+
+	return { cookies, new_cookies };
+}
+
+/**
+ * @param {string} hostname
+ * @param {string} [constraint]
+ */
+export function domain_matches(hostname, constraint) {
+	if (!constraint) return true;
+
+	const normalized = constraint[0] === '.' ? constraint.slice(1) : constraint;
+
+	if (hostname === normalized) return true;
+	return hostname.endsWith('.' + normalized);
+}
+
+/**
+ * @param {string} path
+ * @param {string} [constraint]
+ */
+export function path_matches(path, constraint) {
+	if (!constraint) return true;
+
+	const normalized = constraint.endsWith('/') ? constraint.slice(0, -1) : constraint;
+
+	if (path === normalized) return true;
+	return path.startsWith(normalized + '/');
+}

package/src/runtime/server/endpoint.js

@@ -1,4 +1,5 @@
-import { Redirect } from '../control.js';
+import { json } from '../../exports/index.js';
+import { Redirect, ValidationError } from '../control.js';
 import { check_method_names, method_not_allowed } from './utils.js';
 
 /**
@@ -56,6 +57,8 @@ export async function render_endpoint(event, mod, state) {
 				status: error.status,
 				headers: { location: error.location }
 			});
+		} else if (error instanceof ValidationError) {
+			return json(error.data, { status: error.status });
 		}
 
 		throw error;

package/src/runtime/server/index.js

@@ -1,3 +1,4 @@
+import * as cookie from 'cookie';
 import { render_endpoint } from './endpoint.js';
 import { render_page } from './page/index.js';
 import { render_response } from './page/render.js';
@@ -8,6 +9,7 @@ import { decode_params, disable_search, normalize_path } from '../../utils/url.j
 import { exec } from '../../utils/routing.js';
 import { render_data } from './data/index.js';
 import { DATA_SUFFIX } from '../../constants.js';
+import { get_cookies } from './cookie.js';
 
 /* global __SVELTEKIT_ADAPTER_NAME__ */
 
@@ -35,31 +37,6 @@ export async function respond(request, options, state) {
 		}
 	}
 
-	const { parameter, allowed } = options.method_override;
-	const method_override = url.searchParams.get(parameter)?.toUpperCase();
-
-	if (method_override) {
-		if (request.method === 'POST') {
-			if (allowed.includes(method_override)) {
-				request = new Proxy(request, {
-					get: (target, property, _receiver) => {
-						if (property === 'method') return method_override;
-						return Reflect.get(target, property, target);
-					}
-				});
-			} else {
-				const verb = allowed.length === 0 ? 'enabled' : 'allowed';
-				const body = `${parameter}=${method_override} is not ${verb}. See https://kit.svelte.dev/docs/configuration#methodoverride`;
-
-				return new Response(body, {
-					status: 400
-				});
-			}
-		} else {
-			throw new Error(`${parameter}=${method_override} is only allowed with POST requests`);
-		}
-	}
-
 	let decoded;
 	try {
 		decoded = decodeURI(url.pathname);
@@ -116,16 +93,16 @@ export async function respond(request, options, state) {
 		}
 	}
 
-	/** @type {import('types').ResponseHeaders} */
+	/** @type {Record<string, string>} */
 	const headers = {};
 
-	/** @type {string[]} */
-	const cookies = [];
+	const { cookies, new_cookies } = get_cookies(request, url);
 
 	if (state.prerendering) disable_search(url);
 
 	/** @type {import('types').RequestEvent} */
 	const event = {
+		cookies,
 		getClientAddress:
 			state.getClientAddress ||
 			(() => {
@@ -144,15 +121,9 @@ export async function respond(request, options, state) {
 				const value = new_headers[key];
 
 				if (lower === 'set-cookie') {
-					const new_cookies = /** @type {string[]} */ (Array.isArray(value) ? value : [value]);
-
-					for (const cookie of new_cookies) {
-						if (cookies.includes(cookie)) {
-							throw new Error(`"${key}" header already has cookie with same value`);
-						}
-
-						cookies.push(cookie);
-					}
+					throw new Error(
+						`Use \`event.cookie.set(name, value, options)\` instead of \`event.setHeaders\` to set cookies`
+					);
 				} else if (lower in headers) {
 					throw new Error(`"${key}" header is already set`);
 				} else {
@@ -244,7 +215,6 @@ export async function respond(request, options, state) {
 					error: null,
 					branch: [],
 					fetched: [],
-					validation_errors: undefined,
 					cookies: [],
 					resolve_opts
 				});
@@ -275,8 +245,11 @@ export async function respond(request, options, state) {
 					}
 				}
 
-				for (const cookie of cookies) {
-					response.headers.append('set-cookie', cookie);
+				for (const new_cookie of new_cookies) {
+					response.headers.append(
+						'set-cookie',
+						cookie.serialize(new_cookie.name, new_cookie.value, new_cookie.options)
+					);
 				}
 
 				// respond with 304 if etag matches
@@ -338,6 +311,14 @@ export async function respond(request, options, state) {
 		} catch (e) {
 			const error = coalesce_to_error(e);
 			return handle_fatal_error(event, options, error);
+		} finally {
+			event.cookies.set = () => {
+				throw new Error('Cannot use `cookies.set(...)` after the response has been generated');
+			};
+
+			event.setHeaders = () => {
+				throw new Error('Cannot use `setHeaders(...)` after the response has been generated');
+			};
 		}
 	}