@uniformdev/canvas-next-rsc 19.79.1-alpha.11 → 19.79.1-alpha.18

package/dist/handler.mjs

@@ -1,89 +1,150 @@
 // src/handler/createPreviewGETRouteHandler.ts
 import {
-  CANVAS_DRAFT_STATE as CANVAS_DRAFT_STATE2,
   IN_CONTEXT_EDITOR_PLAYGROUND_QUERY_STRING_PARAM,
-  IN_CONTEXT_EDITOR_QUERY_STRING_PARAM as IN_CONTEXT_EDITOR_QUERY_STRING_PARAM2
+  IN_CONTEXT_EDITOR_QUERY_STRING_PARAM,
+  isAllowedReferrer,
+  SECRET_QUERY_STRING_PARAM
 } from "@uniformdev/canvas";
-import { draftMode as draftMode2 } from "next/headers";
-import { redirect } from "next/navigation";
-
-// src/utils/route.ts
-import {
-  CANVAS_DRAFT_STATE,
-  CANVAS_EDITOR_STATE,
-  CANVAS_PUBLISHED_STATE
-} from "@uniformdev/canvas";
-import { getBaseUrl, getServerConfig as getServerConfig2, resolvePath } from "@uniformdev/canvas-next-rsc-shared";
-import { getTargetVariableExpandedUrl } from "@uniformdev/redirect";
-
-// src/config/helpers.ts
-import { getServerConfig } from "@uniformdev/canvas-next-rsc-shared";
-
-// src/utils/draft.ts
-import { IN_CONTEXT_EDITOR_QUERY_STRING_PARAM } from "@uniformdev/canvas";
 import { draftMode } from "next/headers";
-var isDraftModeEnabled = ({
-  searchParams
-}) => {
-  if (isDevelopmentEnvironment()) {
-    return isIncontextEditingEnabled({ searchParams });
-  }
-  let draftModeEnabled = false;
-  try {
-    draftModeEnabled = draftMode().isEnabled;
-  } catch (e) {
+import { redirect } from "next/navigation";
+var BASE_URL_EXAMPLE = "https://example.com";
+var getQueryParam = (req, paramName) => {
+  const value = req.nextUrl.searchParams.get(paramName);
+  if (typeof value === "undefined") {
+    return void 0;
   }
-  return draftModeEnabled || isIncontextEditingEnabled({ searchParams });
-};
-var isIncontextEditingEnabled = ({
-  searchParams
-}) => {
-  const containsKey = typeof (searchParams == null ? void 0 : searchParams[IN_CONTEXT_EDITOR_QUERY_STRING_PARAM]) !== "undefined";
-  return containsKey;
-};
-var isOnVercelPreviewEnvironment = () => {
-  return process.env.VERCEL_ENV === "preview";
-};
-var isDevelopmentEnvironment = () => {
-  return process.env.NODE_ENV === "development" || process.env.NODE_ENV === "test";
+  return Array.isArray(value) ? value[0] : value;
 };
-
-// src/config/helpers.ts
-var shouldCacheBeDisabled = (options) => {
-  if (isDraftModeEnabled(options)) {
-    return { disabled: true, reason: "DRAFT" };
-  }
-  if (isIncontextEditingEnabled(options)) {
-    return { disabled: true, reason: "INCONTEXT" };
-  }
-  if (isDevelopmentEnvironment()) {
-    return { disabled: true, reason: "DEV" };
-  }
-  return {
-    disabled: false,
-    reason: void 0
+var contextualEditingQueryParams = [
+  IN_CONTEXT_EDITOR_QUERY_STRING_PARAM,
+  IN_CONTEXT_EDITOR_PLAYGROUND_QUERY_STRING_PARAM
+];
+var createPreviewGETRouteHandler = (options) => {
+  return async (request) => {
+    const isConfigCheck = getQueryParam(request, "is_config_check") === "true";
+    if (isConfigCheck) {
+      return Response.json(
+        {
+          hasPlayground: Boolean(options == null ? void 0 : options.playgroundPath),
+          isUsingCustomFullPathResolver: false
+        },
+        {
+          headers: {
+            "Access-Control-Allow-Origin": process.env.UNIFORM_CLI_BASE_URL || "https://uniform.app"
+          }
+        }
+      );
+    }
+    if (request.headers.get("sec-fetch-mode") === "no-cors") {
+      return new Response(null, { status: 204 });
+    }
+    if (!process.env.UNIFORM_PREVIEW_SECRET) {
+      return new Response("No preview secret is configured", { status: 401 });
+    }
+    const { searchParams } = new URL(request.url);
+    const isPlayground = searchParams.get(IN_CONTEXT_EDITOR_PLAYGROUND_QUERY_STRING_PARAM) === "true";
+    let pathToRedirectTo;
+    if (isPlayground) {
+      if (!(options == null ? void 0 : options.playgroundPath)) {
+        return new Response("No playground path is configured", { status: 401 });
+      }
+      pathToRedirectTo = options.playgroundPath;
+    }
+    const id = getQueryParam(request, compositionQueryParam.id);
+    const slug = getQueryParam(request, compositionQueryParam.slug);
+    const path = getQueryParam(request, compositionQueryParam.path);
+    const locale = getQueryParam(request, compositionQueryParam.locale);
+    const disable = getQueryParam(request, "disable");
+    const secret = getQueryParam(request, SECRET_QUERY_STRING_PARAM);
+    const referer = request.headers.get("referer");
+    const isUniformContextualEditing = getQueryParam(request, IN_CONTEXT_EDITOR_QUERY_STRING_PARAM) === "true" && isAllowedReferrer(referer || void 0);
+    if (typeof pathToRedirectTo === "undefined") {
+      const resolveFullPath = (options == null ? void 0 : options.resolveFullPath) || resolveFullPathDefault;
+      pathToRedirectTo = resolveFullPath({ id, slug, path, locale });
+    }
+    validateLocalRedirectUrl(pathToRedirectTo);
+    if (!pathToRedirectTo) {
+      return new Response("Could not resolve the full path of the preview page", { status: 400 });
+    }
+    if (disable) {
+      draftMode().disable();
+      redirect(pathToRedirectTo);
+      return;
+    }
+    if (secret !== process.env.UNIFORM_PREVIEW_SECRET) {
+      return new Response("Invalid preview secret", { status: 401 });
+    }
+    draftMode().enable();
+    const redirectionUrl = new URL(pathToRedirectTo, BASE_URL_EXAMPLE);
+    assignRequestQueryToSearchParams(redirectionUrl.searchParams, searchParams);
+    if (isPlayground) {
+      redirectionUrl.searchParams.set("id", searchParams.get("id") || "");
+    }
+    if (!isUniformContextualEditing) {
+      contextualEditingQueryParams.forEach((param) => {
+        redirectionUrl.searchParams.delete(param);
+      });
+    }
+    const fullPathToRedirectTo = redirectionUrl.href.replace(BASE_URL_EXAMPLE, "");
+    redirect(fullPathToRedirectTo);
   };
 };
-var getCanvasCacheStrategy = (options) => {
-  const { disabled, reason } = shouldCacheBeDisabled(options);
-  const config = getServerConfig();
-  if (disabled) {
-    if (reason === "DEV" && config.canvasCache) {
-      console.warn("Canvas cache (disabled) has been overridden by canvasCache config.");
-      return config.canvasCache;
+function validateLocalRedirectUrl(pathToRedirectTo) {
+  if (pathToRedirectTo == null ? void 0 : pathToRedirectTo.match(/^[a-z]+:\/\//g)) {
+    throw new Error("Tried to redirect to absolute URL with protocol. Disallowing open redirect.");
+  }
+}
+var resolveFullPathDefault = ({ slug, path }) => {
+  return path || slug;
+};
+var compositionQueryParam = {
+  id: "id",
+  slug: "slug",
+  path: "path",
+  locale: "locale"
+};
+var assignRequestQueryToSearchParams = (searchParams, query) => {
+  const compositionQueryParamNames = Object.values(compositionQueryParam);
+  for (const [name, value] of query.entries()) {
+    if (name === SECRET_QUERY_STRING_PARAM) {
+      continue;
     }
-    return {
-      type: "no-cache"
-    };
-  }
-  if (config.canvasCache) {
-    return config.canvasCache;
+    if (compositionQueryParamNames.includes(name)) {
+      continue;
+    }
+    if (typeof value === "undefined") {
+      continue;
+    }
+    searchParams.append(name, value);
   }
-  return {
-    type: "force-cache"
+};
+
+// src/handler/createPreviewOPTIONSRouteHandler.ts
+var createPreviewOPTIONSRouteHandler = () => {
+  return async () => {
+    return new Response(null, {
+      headers: {
+        "Access-Control-Allow-Origin": process.env.UNIFORM_CLI_BASE_URL || "https://uniform.app",
+        "Access-Control-Allow-Methods": "GET, POST, OPTIONS",
+        "Access-Control-Allow-Headers": "*"
+      }
+    });
   };
 };
 
+// src/handler/createPreviewPOSTRouteHandler.ts
+import { SECRET_QUERY_STRING_PARAM as SECRET_QUERY_STRING_PARAM2 } from "@uniformdev/canvas";
+import { revalidateTag } from "next/cache";
+
+// src/handler/helpers.ts
+import { ApiClientError } from "@uniformdev/canvas";
+import { getServerConfig } from "@uniformdev/canvas-next-rsc-shared";
+import { parseConnectionString } from "@vercel/edge-config";
+import { Webhook } from "svix";
+
+// src/clients/canvasClient.ts
+import { CanvasClient } from "@uniformdev/canvas";
+
 // src/env/index.ts
 var env = {
   getProjectId: () => {
@@ -125,11 +186,11 @@ var determineFetchCacheOptions = (mode) => {
   };
 };
 
-// src/clients/routeClient.ts
-import { RouteClient } from "@uniformdev/canvas";
-var getRouteClient = (options) => {
-  const client = new RouteClient({
+// src/clients/canvasClient.ts
+var getCanvasClient = (options) => {
+  return new CanvasClient({
     projectId: env.getProjectId(),
+    apiHost: env.getApiHost(),
     apiKey: env.getApiKey(),
     edgeApiHost: env.getEdgeApiHost(),
     fetch: (req, init) => {
@@ -143,166 +204,36 @@ var getRouteClient = (options) => {
       }
       const tags = [];
       if (requestedUrl) {
-        const pathKey = "path";
-        const path = requestedUrl.searchParams.get(pathKey);
-        if (path) {
-          const pieces = path.split("/");
-          for (let i = 0; i < pieces.length; i++) {
-            const segmentPieces = pieces.slice(0, i + 1);
-            const segment = segmentPieces.join("/");
-            tags.push(buildPathTag(segment));
+        const compositionIdKey = "compositionId";
+        const compositionIdsKey = "compositionIDs";
+        const compositionId = requestedUrl.searchParams.get(compositionIdKey);
+        const compositionIds = requestedUrl.searchParams.get(compositionIdsKey);
+        if (compositionId) {
+          tags.push(buildCompositionTag(compositionId));
+        }
+        if (compositionIds) {
+          const ids = compositionIds.split(",");
+          for (let i = 0; i < ids.length; i++) {
+            tags.push(buildCompositionTag(ids[i]));
           }
         }
       }
       const { cache, revalidate } = determineFetchCacheOptions(options.cache);
       return fetch(req, {
         ...init,
+        cache,
         headers: {
           ...init == null ? void 0 : init.headers,
           "x-bypass-cache": "true"
         },
-        cache,
         next: {
-          revalidate,
-          tags: tags.length ? tags : void 0
+          revalidate
         }
       });
     }
   });
-  return client;
-};
-var getDefaultRouteClient = ({ searchParams }) => {
-  return getRouteClient({
-    cache: getCanvasCacheStrategy({
-      searchParams
-    })
-  });
-};
-
-// src/utils/route.ts
-var retrieveRouteByPath = async ({
-  path,
-  state,
-  searchParams
-}) => {
-  var _a;
-  const client = getDefaultRouteClient({
-    searchParams
-  });
-  return await client.getRoute({
-    path,
-    state,
-    withComponentIDs: true,
-    withContentSourceMap: isOnVercelPreviewEnvironment() && ((_a = getServerConfig2().experimental) == null ? void 0 : _a.vercelVisualEditing)
-  });
-};
-var resolveRedirectHref = (resolveResult, path) => {
-  let href;
-  if (resolveResult.redirect.targetProjectMapNodeId) {
-    const requestUrl = `${getBaseUrl()}${path}`;
-    const expandedUrl = getTargetVariableExpandedUrl(requestUrl, resolveResult.redirect);
-    const url = new URL(expandedUrl);
-    href = url.pathname;
-  } else {
-    href = resolveResult.redirect.targetUrl;
-  }
-  return href;
-};
-
-// src/handler/createPreviewGETRouteHandler.ts
-var getQueryParam = (req, paramName) => {
-  const value = req.nextUrl.searchParams.get(paramName);
-  if (typeof value === "undefined") {
-    return void 0;
-  }
-  return Array.isArray(value) ? value[0] : value;
-};
-var createPreviewGETRouteHandler = (options) => {
-  return async (request) => {
-    const isConfigCheck = getQueryParam(request, "is_config_check") === "true";
-    if (isConfigCheck) {
-      return Response.json(
-        {
-          hasPlayground: Boolean(options == null ? void 0 : options.playgroundPath),
-          isUsingCustomFullPathResolver: false
-        },
-        {
-          headers: {
-            "Access-Control-Allow-Origin": process.env.UNIFORM_CLI_BASE_URL || "https://uniform.app"
-          }
-        }
-      );
-    }
-    if (request.headers.get("sec-fetch-mode") === "no-cors") {
-      return new Response(null, { status: 204 });
-    }
-    if (!process.env.UNIFORM_PREVIEW_SECRET) {
-      return new Response("No preview secret is configured", { status: 401 });
-    }
-    const { searchParams } = new URL(request.url);
-    const secret = searchParams.get("secret");
-    const path = searchParams.get("path");
-    const isPlayground = searchParams.get(IN_CONTEXT_EDITOR_PLAYGROUND_QUERY_STRING_PARAM) === "true";
-    const id = searchParams.get("id");
-    if (secret !== process.env.UNIFORM_PREVIEW_SECRET) {
-      return new Response("Invalid preview secret", { status: 401 });
-    }
-    if (!isPlayground) {
-      if (!path) {
-        return new Response("Path not provided", { status: 401 });
-      }
-      const resolveResult = await retrieveRouteByPath({
-        path,
-        state: CANVAS_DRAFT_STATE2,
-        searchParams: {
-          // about to be in draft mode so pretend for now.
-          [IN_CONTEXT_EDITOR_QUERY_STRING_PARAM2]: "true"
-        }
-      });
-      draftMode2().enable();
-      if (resolveResult.type === "redirect") {
-        const href = resolveRedirectHref(resolveResult, path);
-        if (resolveResult.redirect.targetProjectMapNodeId) {
-          redirect(`${href}?${IN_CONTEXT_EDITOR_QUERY_STRING_PARAM2}=true`);
-        } else {
-          redirect(href);
-        }
-      }
-      if (resolveResult.type === "notFound") {
-        return new Response("Invalid path", { status: 401 });
-      }
-      redirect(`${path}?${IN_CONTEXT_EDITOR_QUERY_STRING_PARAM2}=true`);
-    } else {
-      if (!(options == null ? void 0 : options.playgroundPath)) {
-        return new Response("No playground path is configured", { status: 401 });
-      }
-      draftMode2().enable();
-      redirect(`${options.playgroundPath}?id=${id}&${IN_CONTEXT_EDITOR_QUERY_STRING_PARAM2}=true`);
-    }
-  };
 };
 
-// src/handler/createPreviewOPTIONSRouteHandler.ts
-var createPreviewOPTIONSRouteHandler = () => {
-  return async () => {
-    return new Response(null, {
-      headers: {
-        "Access-Control-Allow-Origin": process.env.UNIFORM_CLI_BASE_URL || "https://uniform.app",
-        "Access-Control-Allow-Methods": "GET, POST, OPTIONS",
-        "Access-Control-Allow-Headers": "*"
-      }
-    });
-  };
-};
-
-// src/handler/createPreviewPOSTRouteHandler.ts
-import { revalidateTag } from "next/cache";
-
-// src/handler/helpers.ts
-import { getServerConfig as getServerConfig3 } from "@uniformdev/canvas-next-rsc-shared";
-import { parseConnectionString } from "@vercel/edge-config";
-import { Webhook } from "svix";
-
 // src/clients/projectMapClient.ts
 import { ProjectMapClient } from "@uniformdev/project-map";
 var getProjectMapClient = (options) => {
@@ -328,6 +259,53 @@ var getProjectMapClient = (options) => {
   return manifestClient;
 };
 
+// src/clients/routeClient.ts
+import { RouteClient } from "@uniformdev/canvas";
+var getRouteClient = (options) => {
+  const client = new RouteClient({
+    projectId: env.getProjectId(),
+    apiKey: env.getApiKey(),
+    edgeApiHost: env.getEdgeApiHost(),
+    fetch: (req, init) => {
+      let requestedUrl;
+      if (typeof req === "string") {
+        requestedUrl = new URL(req);
+      } else if (req instanceof URL) {
+        requestedUrl = req;
+      } else {
+        requestedUrl = new URL(req.url);
+      }
+      const tags = ["route"];
+      if (requestedUrl) {
+        const pathKey = "path";
+        const path = requestedUrl.searchParams.get(pathKey);
+        if (path) {
+          const pieces = path.split("/");
+          for (let i = 0; i < pieces.length; i++) {
+            const segmentPieces = pieces.slice(0, i + 1);
+            const segment = segmentPieces.join("/");
+            tags.push(buildPathTag(segment));
+          }
+        }
+      }
+      const { cache, revalidate } = determineFetchCacheOptions(options.cache);
+      return fetch(req, {
+        ...init,
+        headers: {
+          ...init == null ? void 0 : init.headers,
+          "x-bypass-cache": "true"
+        },
+        cache,
+        next: {
+          revalidate,
+          tags: tags.length ? tags : void 0
+        }
+      });
+    }
+  });
+  return client;
+};
+
 // src/handler/helpers.ts
 var isSvixMessage = async (request) => {
   const requiredHeaders = ["svix-id", "svix-timestamp", "svix-signature"];
@@ -362,10 +340,16 @@ var processCompositionChange = async (compositionId) => {
       type: "no-cache"
     }
   });
-  const { nodes } = await projectMapClient.getNodes({
-    compositionId
-  });
+  const [{ nodes }, composition] = await Promise.all([
+    projectMapClient.getNodes({
+      compositionId
+    }),
+    getComposition({ compositionId })
+  ]);
   const tags = [];
+  if (composition == null ? void 0 : composition.pattern) {
+    tags.push("route");
+  }
   if (nodes) {
     for (let i = 0; i < nodes.length; i++) {
       const node = nodes[i];
@@ -380,6 +364,24 @@ var processCompositionChange = async (compositionId) => {
     tags
   };
 };
+var getComposition = async ({ compositionId }) => {
+  const canvasClient = getCanvasClient({
+    cache: {
+      type: "no-cache"
+    }
+  });
+  try {
+    const composition = await canvasClient.getCompositionById({
+      compositionId
+    });
+    return composition;
+  } catch (err) {
+    if (err instanceof ApiClientError && err.statusCode === 404) {
+      return null;
+    }
+    throw err;
+  }
+};
 var buildProjectMapNodePaths = (path) => {
   const tags = [];
   const isDynamic = path.includes(":");
@@ -422,7 +424,7 @@ var processEdgeConfigChange = async ({ source_url }) => {
     console.warn("UNIFORM_VERCEL_EDGE_CONFIG_TOKEN is not set, skipping edge redirect upsert");
     return;
   }
-  const config = getServerConfig3();
+  const config = getServerConfig();
   const routeClient = getRouteClient({
     cache: {
       type: "no-cache"
@@ -512,7 +514,7 @@ var handleManifestPublished = async (body) => {
 };
 
 // src/handler/messages/handleProjectMapNodeDelete.ts
-import { getServerConfig as getServerConfig4 } from "@uniformdev/canvas-next-rsc-shared";
+import { getServerConfig as getServerConfig2 } from "@uniformdev/canvas-next-rsc-shared";
 import { ProjectMapNodeDeleteDefinition } from "@uniformdev/webhooks";
 var handleProjectMapNodeDelete = async (body) => {
   var _a;
@@ -522,7 +524,7 @@ var handleProjectMapNodeDelete = async (body) => {
   }
   const tags = [];
   tags.push(...buildProjectMapNodePaths(parsed.data.path));
-  const config = getServerConfig4();
+  const config = getServerConfig2();
   if ((_a = config.experimental) == null ? void 0 : _a.edgeCompositions) {
     await processEdgeConfigChange({
       source_url: parsed.data.path
@@ -534,7 +536,7 @@ var handleProjectMapNodeDelete = async (body) => {
 };
 
 // src/handler/messages/handleProjectMapNodeInsert.ts
-import { getServerConfig as getServerConfig5 } from "@uniformdev/canvas-next-rsc-shared";
+import { getServerConfig as getServerConfig3 } from "@uniformdev/canvas-next-rsc-shared";
 import { ProjectMapNodeInsertDefinition } from "@uniformdev/webhooks";
 var handleProjectMapNodeInsert = async (body) => {
   var _a;
@@ -544,7 +546,7 @@ var handleProjectMapNodeInsert = async (body) => {
   }
   const tags = [];
   tags.push(...buildProjectMapNodePaths(parsed.data.path));
-  const config = getServerConfig5();
+  const config = getServerConfig3();
   if ((_a = config.experimental) == null ? void 0 : _a.edgeCompositions) {
     await processEdgeConfigChange({
       source_url: parsed.data.path
@@ -556,7 +558,7 @@ var handleProjectMapNodeInsert = async (body) => {
 };
 
 // src/handler/messages/handleProjectMapNodeUpdate.ts
-import { getServerConfig as getServerConfig6 } from "@uniformdev/canvas-next-rsc-shared";
+import { getServerConfig as getServerConfig4 } from "@uniformdev/canvas-next-rsc-shared";
 import { ProjectMapNodeUpdateDefinition } from "@uniformdev/webhooks";
 var handleProjectMapNodeUpdate = async (body) => {
   var _a;
@@ -567,7 +569,7 @@ var handleProjectMapNodeUpdate = async (body) => {
   const tags = [];
   tags.push(...buildProjectMapNodePaths(parsed.data.path));
   tags.push(...buildProjectMapNodePaths(parsed.data.previous_path));
-  const config = getServerConfig6();
+  const config = getServerConfig4();
   if ((_a = config.experimental) == null ? void 0 : _a.edgeCompositions) {
     await processEdgeConfigChange({
       source_url: parsed.data.path
@@ -579,7 +581,7 @@ var handleProjectMapNodeUpdate = async (body) => {
 };
 
 // src/handler/messages/handleRedirectDelete.ts
-import { getServerConfig as getServerConfig7 } from "@uniformdev/canvas-next-rsc-shared";
+import { getServerConfig as getServerConfig5 } from "@uniformdev/canvas-next-rsc-shared";
 import { RedirectDeleteDefinition } from "@uniformdev/webhooks";
 var handleRedirectDelete = async (body) => {
   var _a;
@@ -587,7 +589,7 @@ var handleRedirectDelete = async (body) => {
   if (!parsed.success) {
     return void 0;
   }
-  const config = getServerConfig7();
+  const config = getServerConfig5();
   if ((_a = config.experimental) == null ? void 0 : _a.edgeRedirects) {
     await processEdgeConfigChange(parsed.data);
   }
@@ -595,7 +597,7 @@ var handleRedirectDelete = async (body) => {
 };
 
 // src/handler/messages/handleRedirectInsert.ts
-import { getServerConfig as getServerConfig8 } from "@uniformdev/canvas-next-rsc-shared";
+import { getServerConfig as getServerConfig6 } from "@uniformdev/canvas-next-rsc-shared";
 import { RedirectInsertDefinition } from "@uniformdev/webhooks";
 var handleRedirectInsert = async (body) => {
   var _a;
@@ -603,7 +605,7 @@ var handleRedirectInsert = async (body) => {
   if (!parsed.success) {
     return void 0;
   }
-  const config = getServerConfig8();
+  const config = getServerConfig6();
   if ((_a = config.experimental) == null ? void 0 : _a.edgeRedirects) {
     await processEdgeConfigChange(parsed.data);
   }
@@ -611,7 +613,7 @@ var handleRedirectInsert = async (body) => {
 };
 
 // src/handler/messages/handleRedirectUpdate.ts
-import { getServerConfig as getServerConfig9 } from "@uniformdev/canvas-next-rsc-shared";
+import { getServerConfig as getServerConfig7 } from "@uniformdev/canvas-next-rsc-shared";
 import { RedirectUpdateDefinition } from "@uniformdev/webhooks";
 var handleRedirectUpdate = async (body) => {
   var _a;
@@ -619,7 +621,7 @@ var handleRedirectUpdate = async (body) => {
   if (!parsed.success) {
     return void 0;
   }
-  const config = getServerConfig9();
+  const config = getServerConfig7();
   if ((_a = config.experimental) == null ? void 0 : _a.edgeRedirects) {
     await processEdgeConfigChange(parsed.data);
   }
@@ -629,6 +631,25 @@ var handleRedirectUpdate = async (body) => {
 // src/handler/createPreviewPOSTRouteHandler.ts
 var createPreviewPOSTRouteHandler = () => {
   return async (request) => {
+    let previewSecretPassed = false;
+    if (process.env.UNIFORM_PREVIEW_SECRET) {
+      const secretValue = request.nextUrl.searchParams.get(SECRET_QUERY_STRING_PARAM2);
+      if (secretValue !== process.env.UNIFORM_PREVIEW_SECRET) {
+        console.warn(
+          "The preview secret passed in the query string does not match the UNIFORM_PREVIEW_SECRET env var."
+        );
+      } else {
+        previewSecretPassed = true;
+      }
+    } else {
+      if (!process.env.UNIFORM_WEBHOOK_SECRET) {
+        console.warn("Both UNIFORM_PREVIEW_SECRET and UNIFORM_WEBHOOK_SECRET are not set.");
+      }
+      previewSecretPassed = true;
+    }
+    if (!previewSecretPassed) {
+      return new Response("The request could not be validated.", { status: 401 });
+    }
     const { looksLikeMessage, validation } = await isSvixMessage(request);
     if (looksLikeMessage) {
       if (!validation) {
@@ -653,7 +674,13 @@ var handleSvixMessage = async (request) => {
     handleManifestPublished
   ];
   let tags = void 0;
-  const jsonBody = await request.json();
+  let jsonBody;
+  try {
+    jsonBody = await request.json();
+  } catch (err) {
+    console.error("Error parsing the request body as JSON.", err);
+    return new Response("Error parsing the request body as JSON.", { status: 400 });
+  }
   for (let i = 0; i < handlers.length; i++) {
     const handler = handlers[i];
     const result = await handler(jsonBody);