@sveltejs/kit 1.0.0-next.526 → 1.0.0-next.528

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sveltejs/kit",
-  "version": "1.0.0-next.526",
+  "version": "1.0.0-next.528",
   "repository": {
     "type": "git",
     "url": "https://github.com/sveltejs/kit",

package/src/constants.js

@@ -3,5 +3,3 @@
 export const SVELTE_KIT_ASSETS = '/_svelte_kit_assets';
 
 export const GENERATED_COMMENT = '// this file is generated — do not edit it\n';
-
-export const DATA_SUFFIX = '/__data.json';

package/src/exports/vite/dev/index.js

@@ -291,6 +291,8 @@ export async function dev(vite, vite_config, svelte_config) {
 		remove_static_middlewares(vite.middlewares);
 
 		vite.middlewares.use(async (req, res) => {
+			// Vite's base middleware strips out the base path. Restore it
+			req.url = req.originalUrl;
 			try {
 				const base = `${vite.config.server.https ? 'https' : 'http'}://${
 					req.headers[':authority'] || req.headers.host

package/src/runtime/client/client.js

@@ -1,5 +1,5 @@
 import { onMount, tick } from 'svelte';
-import { make_trackable, decode_params, normalize_path } from '../../utils/url.js';
+import { make_trackable, decode_params, normalize_path, add_data_suffix } from '../../utils/url.js';
 import { find_anchor, get_base_uri, scroll_state } from './utils.js';
 import {
 	lock_fetch,
@@ -14,7 +14,6 @@ import Root from '__GENERATED__/root.svelte';
 import { nodes, server_loads, dictionary, matchers, hooks } from '__GENERATED__/client-manifest.js';
 import { HttpError, Redirect } from '../control.js';
 import { stores } from './singletons.js';
-import { DATA_SUFFIX } from '../../constants.js';
 import { unwrap_promises } from '../../utils/promises.js';
 import * as devalue from 'devalue';
 
@@ -164,13 +163,19 @@ export function create_client({ target, base, trailing_slash }) {
 
 	/**
 	 * @param {string | URL} url
-	 * @param {{ noscroll?: boolean; replaceState?: boolean; keepfocus?: boolean; state?: any }} opts
+	 * @param {{ noscroll?: boolean; replaceState?: boolean; keepfocus?: boolean; state?: any; invalidateAll?: boolean }} opts
 	 * @param {string[]} redirect_chain
 	 * @param {{}} [nav_token]
 	 */
 	async function goto(
 		url,
-		{ noscroll = false, replaceState = false, keepfocus = false, state = {} },
+		{
+			noscroll = false,
+			replaceState = false,
+			keepfocus = false,
+			state = {},
+			invalidateAll = false
+		},
 		redirect_chain,
 		nav_token
 	) {
@@ -188,7 +193,11 @@ export function create_client({ target, base, trailing_slash }) {
 				replaceState
 			},
 			nav_token,
-			accepted: () => {},
+			accepted: () => {
+				if (invalidateAll) {
+					force_invalidation = true;
+				}
+			},
 			blocked: () => {},
 			type: 'goto'
 		});
@@ -1212,7 +1221,7 @@ export function create_client({ target, base, trailing_slash }) {
 					post_update();
 				}
 			} else if (result.type === 'redirect') {
-				goto(result.location, {}, []);
+				goto(result.location, { invalidateAll: true }, []);
 			} else {
 				/** @type {Record<string, any>} */
 				const props = {
@@ -1501,7 +1510,7 @@ export function create_client({ target, base, trailing_slash }) {
  */
 async function load_data(url, invalid) {
 	const data_url = new URL(url);
-	data_url.pathname = url.pathname.replace(/\/$/, '') + DATA_SUFFIX;
+	data_url.pathname = add_data_suffix(url.pathname);
 
 	const res = await native_fetch(data_url.href, {
 		headers: {

package/src/runtime/server/cookie.js

@@ -1,10 +1,19 @@
 import { parse, serialize } from 'cookie';
+import { has_data_suffix, normalize_path, strip_data_suffix } from '../../utils/url.js';
+
+/**
+ * Tracks all cookies set during dev mode so we can emit warnings
+ * when we detect that there's likely cookie misusage due to wrong paths
+ *
+ * @type {Record<string, Set<string>>} */
+const cookie_paths = {};
 
 /**
  * @param {Request} request
  * @param {URL} url
+ * @param {Pick<import('types').SSROptions, 'dev' | 'trailing_slash'>} options
  */
-export function get_cookies(request, url) {
+export function get_cookies(request, url, options) {
 	const header = request.headers.get('cookie') ?? '';
 
 	const initial_cookies = parse(header);
@@ -42,7 +51,17 @@ export function get_cookies(request, url) {
 
 			const decode = opts?.decode || decodeURIComponent;
 			const req_cookies = parse(header, { decode });
-			return req_cookies[name]; // the decoded string or undefined
+			const cookie = req_cookies[name]; // the decoded string or undefined
+
+			if (!options.dev || cookie) {
+				return cookie;
+			}
+
+			if (c || cookie_paths[name]?.size > 0) {
+				console.warn(
+					`Cookie with name '${name}' was not found, but a cookie with that name exists at a sub path. Did you mean to set its 'path' to '/'?`
+				);
+			}
 		},
 
 		/**
@@ -51,14 +70,43 @@ export function get_cookies(request, url) {
 		 * @param {import('cookie').CookieSerializeOptions} opts
 		 */
 		set(name, value, opts = {}) {
+			let path = opts.path;
+			if (!path) {
+				const normalized = normalize_path(
+					// Remove suffix: 'foo/__data.json' would mean the cookie path is '/foo',
+					// whereas a direct hit of /foo would mean the cookie path is '/'
+					has_data_suffix(url.pathname) ? strip_data_suffix(url.pathname) : url.pathname,
+					options.trailing_slash
+				);
+				// Emulate browser-behavior: if the cookie is set at '/foo/bar', its path is '/foo'
+				path = normalized.split('/').slice(0, -1).join('/') || '/';
+			}
+
 			new_cookies[name] = {
 				name,
 				value,
 				options: {
 					...defaults,
-					...opts
+					...opts,
+					path
 				}
 			};
+
+			if (options.dev) {
+				cookie_paths[name] = cookie_paths[name] || new Set();
+				if (!value) {
+					if (!cookie_paths[name].has(path) && cookie_paths[name].size > 0) {
+						console.warn(
+							`Trying to delete cookie '${name}' at path '${path}', but a cookie with that name only exists at a different path.`
+						);
+					}
+					cookie_paths[name].delete(path);
+				} else {
+					// We could also emit a warning here if the cookie already exists at a different path,
+					// but that's more likely a false positive because it's valid to set the same name at different paths
+					cookie_paths[name].add(path);
+				}
+			}
 		},
 
 		/**
@@ -66,15 +114,10 @@ export function get_cookies(request, url) {
 		 * @param {import('cookie').CookieSerializeOptions} opts
 		 */
 		delete(name, opts = {}) {
-			new_cookies[name] = {
-				name,
-				value: '',
-				options: {
-					...defaults,
-					...opts,
-					maxAge: 0
-				}
-			};
+			cookies.set(name, '', {
+				...opts,
+				maxAge: 0
+			});
 		},
 
 		/**

package/src/runtime/server/data/index.js

@@ -3,8 +3,7 @@ import { normalize_error } from '../../../utils/error.js';
 import { once } from '../../../utils/functions.js';
 import { load_server_data } from '../page/load_data.js';
 import { data_response, handle_error_and_jsonify } from '../utils.js';
-import { normalize_path } from '../../../utils/url.js';
-import { DATA_SUFFIX } from '../../../constants.js';
+import { normalize_path, strip_data_suffix } from '../../../utils/url.js';
 
 /**
  * @param {import('types').RequestEvent} event
@@ -31,10 +30,7 @@ export async function render_data(event, route, options, state) {
 		let aborted = false;
 
 		const url = new URL(event.url);
-		url.pathname = normalize_path(
-			url.pathname.slice(0, -DATA_SUFFIX.length),
-			options.trailing_slash
-		);
+		url.pathname = normalize_path(strip_data_suffix(url.pathname), options.trailing_slash);
 
 		const new_event = { ...event, url };
 

package/src/runtime/server/index.js

@@ -5,10 +5,15 @@ import { respond_with_error } from './page/respond_with_error.js';
 import { coalesce_to_error } from '../../utils/error.js';
 import { is_form_content_type } from '../../utils/http.js';
 import { GENERIC_ERROR, handle_fatal_error } from './utils.js';
-import { decode_params, disable_search, normalize_path } from '../../utils/url.js';
+import {
+	decode_params,
+	disable_search,
+	has_data_suffix,
+	normalize_path,
+	strip_data_suffix
+} from '../../utils/url.js';
 import { exec } from '../../utils/routing.js';
 import { render_data } from './data/index.js';
-import { DATA_SUFFIX } from '../../constants.js';
 import { add_cookies_to_headers, get_cookies } from './cookie.js';
 import { HttpError } from '../control.js';
 import { create_fetch } from './fetch.js';
@@ -57,8 +62,8 @@ export async function respond(request, options, state) {
 		decoded = decoded.slice(options.paths.base.length) || '/';
 	}
 
-	const is_data_request = decoded.endsWith(DATA_SUFFIX);
-	if (is_data_request) decoded = decoded.slice(0, -DATA_SUFFIX.length) || '/';
+	const is_data_request = has_data_suffix(decoded);
+	if (is_data_request) decoded = strip_data_suffix(decoded);
 
 	if (!state.prerendering?.fallback) {
 		const matchers = await options.manifest._.matchers();
@@ -96,7 +101,7 @@ export async function respond(request, options, state) {
 	/** @type {Record<string, string>} */
 	const headers = {};
 
-	const { cookies, new_cookies, get_cookie_header } = get_cookies(request, url);
+	const { cookies, new_cookies, get_cookie_header } = get_cookies(request, url, options);
 
 	if (state.prerendering) disable_search(url);
 

package/src/runtime/server/page/index.js

@@ -1,7 +1,7 @@
 import * as devalue from 'devalue';
-import { DATA_SUFFIX } from '../../../constants.js';
 import { compact } from '../../../utils/array.js';
 import { normalize_error } from '../../../utils/error.js';
+import { add_data_suffix } from '../../../utils/url.js';
 import { HttpError, Redirect } from '../../control.js';
 import {
 	get_option,
@@ -76,7 +76,7 @@ export async function render_page(event, route, page, options, state, resolve_op
 		}
 
 		const should_prerender_data = nodes.some((node) => node?.server);
-		const data_pathname = event.url.pathname.replace(/\/$/, '') + DATA_SUFFIX;
+		const data_pathname = add_data_suffix(event.url.pathname);
 
 		// it's crucial that we do this before returning the non-SSR response, otherwise
 		// SvelteKit will erroneously believe that the path has been prerendered,

package/src/runtime/server/utils.js

@@ -1,6 +1,6 @@
 import * as devalue from 'devalue';
-import { DATA_SUFFIX } from '../../constants.js';
 import { negotiate } from '../../utils/http.js';
+import { has_data_suffix } from '../../utils/url.js';
 import { HttpError } from '../control.js';
 
 /** @param {any} body */
@@ -144,7 +144,7 @@ export function handle_fatal_error(event, options, error) {
 		'text/html'
 	]);
 
-	if (event.url.pathname.endsWith(DATA_SUFFIX) || type === 'application/json') {
+	if (has_data_suffix(event.url.pathname) || type === 'application/json') {
 		return new Response(JSON.stringify(body), {
 			status,
 			headers: { 'content-type': 'application/json; charset=utf-8' }

package/src/utils/url.js

@@ -142,3 +142,20 @@ export function disable_search(url) {
 		});
 	}
 }
+
+const DATA_SUFFIX = '/__data.json';
+
+/** @param {string} pathname */
+export function has_data_suffix(pathname) {
+	return pathname.endsWith(DATA_SUFFIX);
+}
+
+/** @param {string} pathname */
+export function add_data_suffix(pathname) {
+	return pathname.replace(/\/$/, '') + DATA_SUFFIX;
+}
+
+/** @param {string} pathname */
+export function strip_data_suffix(pathname) {
+	return pathname.slice(0, -DATA_SUFFIX.length);
+}

package/types/ambient.d.ts

@@ -182,14 +182,32 @@ declare module '$app/navigation' {
 	 * Returns a Promise that resolves when SvelteKit navigates (or fails to navigate, in which case the promise rejects) to the specified `url`.
 	 *
 	 * @param url Where to navigate to. Note that if you've set [`config.kit.paths.base`](https://kit.svelte.dev/docs/configuration#paths) and the URL is root-relative, you need to prepend the base path if you want to navigate within the app.
-	 * @param opts.replaceState If `true`, will replace the current `history` entry rather than creating a new one with `pushState`
-	 * @param opts.noscroll If `true`, the browser will maintain its scroll position rather than scrolling to the top of the page after navigation
-	 * @param opts.keepfocus If `true`, the currently focused element will retain focus after navigation. Otherwise, focus will be reset to the body
-	 * @param opts.state The state of the new/updated history entry
+	 * @param opts Options related to the navigation
 	 */
 	export function goto(
 		url: string | URL,
-		opts?: { replaceState?: boolean; noscroll?: boolean; keepfocus?: boolean; state?: any }
+		opts?: {
+			/**
+			 * If `true`, will replace the current `history` entry rather than creating a new one with `pushState`
+			 */
+			replaceState?: boolean;
+			/**
+			 * If `true`, the browser will maintain its scroll position rather than scrolling to the top of the page after navigation
+			 */
+			noscroll?: boolean;
+			/**
+			 * If `true`, the currently focused element will retain focus after navigation. Otherwise, focus will be reset to the body
+			 */
+			keepfocus?: boolean;
+			/**
+			 * The state of the new/updated history entry
+			 */
+			state?: any;
+			/**
+			 * If `true`, all `load` functions of the page will be rerun. See https://kit.svelte.dev/docs/load#invalidation for more info on invalidation.
+			 */
+			invalidateAll?: boolean;
+		}
 	): Promise<void>;
 	/**
 	 * Causes any `load` functions belonging to the currently active page to re-run if they depend on the `url` in question, via `fetch` or `depends`. Returns a `Promise` that resolves when the page is subsequently updated.

package/types/index.d.ts

@@ -161,6 +161,8 @@ export interface Cookies {
 
 	/**
 	 * Deletes a cookie by setting its value to an empty string and setting the expiry date in the past.
+	 *
+	 * By default, the `path` of a cookie is the 'directory' of the current pathname. In most cases you should explicitly set `path: '/'` to make the cookie available throughout your app.
 	 */
 	delete(name: string, opts?: import('cookie').CookieSerializeOptions): void;