@waline/vercel 1.13.0 → 1.13.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/package.json +2 -2
  2. package/src/config/extend.js +6 -0
  3. package/src/controller/comment.js +3 -4
  4. package/src/controller/db.js +8 -3
  5. package/src/controller/oauth.js +4 -4
  6. package/src/controller/user/password.js +1 -2
  7. package/src/controller/user.js +1 -3
  8. package/src/service/markdown/xss.js +1 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@waline/vercel",
3
- "version": "1.13.0",
3
+ "version": "1.13.3",
4
4
  "description": "vercel server for waline comment system",
5
5
  "repository": "https://github.com/walinejs/waline",
6
6
  "license": "MIT",
@@ -31,7 +31,7 @@
31
31
  "think-logger3": "^1.3.1",
32
32
  "think-model": "^1.5.4",
33
33
  "think-model-mysql": "^1.1.7",
34
- "think-model-postgresql": "^1.1.6",
34
+ "think-model-postgresql": "1.1.6",
35
35
  "think-model-sqlite": "^1.2.2",
36
36
  "think-mongo": "^2.1.2",
37
37
  "think-router-rest": "^1.0.5",
package/src/config/extend.js CHANGED
@@ -5,6 +5,12 @@ module.exports = [
5
5
  Model(think.app),
6
6
  Mongo(think.app),
7
7
  {
8
+ context: {
9
+ get serverURL() {
10
+ const { protocol, host, path, controller } = this;
11
+ return `${protocol}://${host}${path.slice(0, -controller.length)}`;
12
+ },
13
+ },
8
14
  controller: {
9
15
  fail(...args) {
10
16
  if (this.ctx.status === 200) {
package/src/controller/comment.js CHANGED
@@ -375,10 +375,9 @@ module.exports = class extends BaseRest {
375
375
  think.logger.debug(`Comment initial status is ${data.status}`);
376
376
 
377
377
  if (data.status === 'approved') {
378
- const spam = await akismet(
379
- data,
380
- this.ctx.protocol + '://' + this.ctx.host
381
- ).catch((e) => console.log(e)); // ignore akismet error
378
+ const spam = await akismet(data, this.ctx.serverURL).catch((e) =>
379
+ console.log(e)
380
+ ); // ignore akismet error
382
381
 
383
382
  if (spam === true) {
384
383
  data.status = 'spam';
package/src/controller/db.js CHANGED
@@ -1,6 +1,8 @@
1
- const fs = require('fs/promises');
1
+ const fs = require('fs');
2
+ const util = require('util');
2
3
  const BaseRest = require('./rest');
3
4
 
5
+ const readFileAsync = util.promisify(fs.readFile);
4
6
  module.exports = class extends BaseRest {
5
7
  async getAction() {
6
8
  const exportData = {
@@ -17,7 +19,10 @@ module.exports = class extends BaseRest {
17
19
 
18
20
  for (let i = 0; i < exportData.tables.length; i++) {
19
21
  const tableName = exportData.tables[i];
20
- const model = this.model(tableName);
22
+ const model = this.service(
23
+ `storage/${this.config('storage')}`,
24
+ tableName
25
+ );
21
26
  const data = await model.select({});
22
27
  exportData.data[tableName] = data;
23
28
  }
@@ -28,7 +33,7 @@ module.exports = class extends BaseRest {
28
33
  async postAction() {
29
34
  const file = this.file('file');
30
35
  try {
31
- const jsonText = await fs.readFile(file.path, 'utf-8');
36
+ const jsonText = await readFileAsync(file.path, 'utf-8');
32
37
  const importData = JSON.parse(jsonText);
33
38
  if (!importData || importData.type !== 'waline') {
34
39
  return this.fail('import data format not support!');
package/src/controller/oauth.js CHANGED
@@ -18,8 +18,8 @@ module.exports = class extends think.Controller {
18
18
  const hasCode =
19
19
  type === 'twitter' ? oauth_token && oauth_verifier : Boolean(code);
20
20
  if (!hasCode) {
21
- const { protocol, host } = this.ctx;
22
- const redirectUrl = `${protocol}://${host}/oauth?${qs.stringify({
21
+ const { serverURL } = this.ctx;
22
+ const redirectUrl = `${serverURL}/oauth?${qs.stringify({
23
23
  redirect,
24
24
  type,
25
25
  })}`;
@@ -36,8 +36,8 @@ module.exports = class extends think.Controller {
36
36
  */
37
37
  const params = { code, oauth_verifier, oauth_token };
38
38
  if (type === 'facebook') {
39
- const { protocol, host } = this.ctx;
40
- const redirectUrl = `${protocol}://${host}/oauth?${qs.stringify({
39
+ const { serverURL } = this.ctx;
40
+ const redirectUrl = `${serverURL}/oauth?${qs.stringify({
41
41
  redirect,
42
42
  type,
43
43
  })}`;
package/src/controller/user/password.js CHANGED
@@ -27,9 +27,8 @@ module.exports = class extends BaseRest {
27
27
  }
28
28
 
29
29
  const notify = this.service('notify');
30
- const { protocol, host } = this.ctx;
31
30
  const token = jwt.sign(user[0].email, this.config('jwtKey'));
32
- const profileUrl = `${protocol}://${host}/ui/profile?token=${token}`;
31
+ const profileUrl = `${this.ctx.serverURL}/ui/profile?token=${token}`;
33
32
 
34
33
  await notify.transporter.sendMail({
35
34
  from:
package/src/controller/user.js CHANGED
@@ -58,9 +58,7 @@ module.exports = class extends BaseRest {
58
58
 
59
59
  const notify = this.service('notify');
60
60
  const apiUrl =
61
- this.ctx.protocol +
62
- '://' +
63
- this.ctx.host +
61
+ this.ctx.serverURL +
64
62
  '/verification?' +
65
63
  qs.stringify({ token, email: data.email });
66
64
 
package/src/service/markdown/xss.js CHANGED
@@ -9,7 +9,7 @@ const DOMPurify = createDOMPurify(new JSDOM('').window);
9
9
  */
10
10
  DOMPurify.addHook('afterSanitizeAttributes', function (node) {
11
11
  // set all elements owning target to target=_blank
12
- if ('target' in node) {
12
+ if ('target' in node && node.href && !node.href.startsWith('about:blank#')) {
13
13
  node.setAttribute('target', '_blank');
14
14
  node.setAttribute('rel', 'noreferrer noopener');
15
15
  }