@sveltejs/kit 1.0.0-next.511 → 1.0.0-next.512

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/package.json +1 -1
  2. package/src/core/sync/sync.js +11 -3
  3. package/src/core/sync/write_types/index.js +1 -1
  4. package/src/runtime/app/forms.js +1 -0
  5. package/src/runtime/server/index.js +2 -3
  6. package/src/runtime/server/page/actions.js +5 -4
  7. package/src/utils/http.js +17 -0
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@sveltejs/kit",
3
- "version": "1.0.0-next.511",
3
+ "version": "1.0.0-next.512",
4
4
  "repository": {
5
5
  "type": "git",
6
6
  "url": "https://github.com/sveltejs/kit",
package/src/core/sync/sync.js CHANGED
@@ -18,9 +18,17 @@ export function init(config, mode) {
18
18
  if (fs.existsSync('src/app.d.ts')) {
19
19
  const content = fs.readFileSync('src/app.d.ts', 'utf-8');
20
20
  if (content.includes('PageError')) {
21
- throw new Error(
22
- 'App.PageError has been renamed to App.Error — please update your src/app.d.ts'
23
- );
21
+ if (content.includes('// interface PageError')) {
22
+ fs.writeFileSync(
23
+ 'src/app.d.ts',
24
+ content.replace(/\/\/ interface PageError/g, '// interface Error')
25
+ );
26
+ console.warn('App.PageError has been renamed to App.Error — we updated your src/app.d.ts');
27
+ } else {
28
+ throw new Error(
29
+ 'App.PageError has been renamed to App.Error — please update your src/app.d.ts'
30
+ );
31
+ }
24
32
  }
25
33
  }
26
34
 
package/src/core/sync/write_types/index.js CHANGED
@@ -617,7 +617,7 @@ export function tweak_types(content, is_server) {
617
617
  }
618
618
  }
619
619
  }
620
- modified ||= _modified;
620
+ modified = modified || _modified;
621
621
  return _modified;
622
622
  }
623
623
 
package/src/runtime/app/forms.js CHANGED
@@ -25,6 +25,7 @@ export function enhance(form, submit = () => {}) {
25
25
  */
26
26
  const fallback_callback = async ({ action, result }) => {
27
27
  if (result.type === 'success') {
28
+ form.reset();
28
29
  await invalidateAll();
29
30
  }
30
31
 
package/src/runtime/server/index.js CHANGED
@@ -3,6 +3,7 @@ import { render_page } from './page/index.js';
3
3
  import { render_response } from './page/render.js';
4
4
  import { respond_with_error } from './page/respond_with_error.js';
5
5
  import { coalesce_to_error } from '../../utils/error.js';
6
+ import { is_form_content_type } from '../../utils/http.js';
6
7
  import { GENERIC_ERROR, handle_fatal_error } from './utils.js';
7
8
  import { decode_params, disable_search, normalize_path } from '../../utils/url.js';
8
9
  import { exec } from '../../utils/routing.js';
@@ -24,12 +25,10 @@ export async function respond(request, options, state) {
24
25
  let url = new URL(request.url);
25
26
 
26
27
  if (options.csrf.check_origin) {
27
- const type = request.headers.get('content-type')?.split(';')[0];
28
-
29
28
  const forbidden =
30
29
  request.method === 'POST' &&
31
30
  request.headers.get('origin') !== url.origin &&
32
- (type === 'application/x-www-form-urlencoded' || type === 'multipart/form-data');
31
+ is_form_content_type(request);
33
32
 
34
33
  if (forbidden) {
35
34
  return new Response(`Cross-site ${request.method} form submissions are forbidden`, {
package/src/runtime/server/page/actions.js CHANGED
@@ -1,6 +1,6 @@
1
1
  import { error, json } from '../../../exports/index.js';
2
2
  import { normalize_error } from '../../../utils/error.js';
3
- import { negotiate } from '../../../utils/http.js';
3
+ import { is_form_content_type, negotiate } from '../../../utils/http.js';
4
4
  import { HttpError, Redirect, ValidationError } from '../../control.js';
5
5
  import { handle_error_and_jsonify } from '../utils.js';
6
6
 
@@ -180,9 +180,10 @@ export async function call_action(event, actions) {
180
180
  throw new Error(`No action with name '${name}' found`);
181
181
  }
182
182
 
183
- const type = event.request.headers.get('content-type')?.split('; ')[0];
184
- if (type !== 'application/x-www-form-urlencoded' && type !== 'multipart/form-data') {
185
- throw new Error(`Actions expect form-encoded data (received ${type})`);
183
+ if (!is_form_content_type(event.request)) {
184
+ throw new Error(
185
+ `Actions expect form-encoded data (received ${event.request.headers.get('content-type')}`
186
+ );
186
187
  }
187
188
 
188
189
  return action(event);
package/src/utils/http.js CHANGED
@@ -53,3 +53,20 @@ export function negotiate(accept, types) {
53
53
 
54
54
  return accepted;
55
55
  }
56
+
57
+ /**
58
+ * Returns `true` if the request contains a `content-type` header with the given type
59
+ * @param {Request} request
60
+ * @param {...string} types
61
+ */
62
+ export function is_content_type(request, ...types) {
63
+ const type = request.headers.get('content-type')?.split(';', 1)[0].trim() ?? '';
64
+ return types.includes(type);
65
+ }
66
+
67
+ /**
68
+ * @param {Request} request
69
+ */
70
+ export function is_form_content_type(request) {
71
+ return is_content_type(request, 'application/x-www-form-urlencoded', 'multipart/form-data');
72
+ }