appstage 0.2.24 → 0.2.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/index.cjs +22 -5
  2. package/dist/index.mjs +22 -5
  3. package/package.json +1 -1
  4. package/src/controllers/files.ts +25 -7
package/dist/index.cjs CHANGED
@@ -78,7 +78,7 @@ function matches(x, matcher) {
78
78
  return false;
79
79
  }
80
80
  const defaultExtensions = ["html", "htm"];
81
- const defaultPath = (req) => req.path;
81
+ const defaultPath = (req) => decodeURIComponent(req.path);
82
82
  /**
83
83
  * Serves files from the specified directory path or paths in a locale-aware
84
84
  * fashion after applying optional transforms.
@@ -94,7 +94,11 @@ const files = (params) => {
94
94
  if (!matches(urlPath, p.matches)) {
95
95
  if (fallthrough) next();
96
96
  else {
97
- emitLog(req.app, "Unmatched path", { data: { urlPath } });
97
+ emitLog(req.app, "Unmatched path", {
98
+ data: { urlPath },
99
+ req,
100
+ res
101
+ });
98
102
  res.status(404).send(await req.app.renderStatus?.(req, res, {
99
103
  code: "unmatched_path",
100
104
  urlPath
@@ -105,7 +109,11 @@ const files = (params) => {
105
109
  if (urlPath.includes("../")) {
106
110
  if (fallthrough) next();
107
111
  else {
108
- emitLog(req.app, "Invalid path (potential traversal attempt)", { data: { urlPath } });
112
+ emitLog(req.app, "Invalid path (potential traversal attempt)", {
113
+ data: { urlPath },
114
+ req,
115
+ res
116
+ });
109
117
  res.status(400).send(await req.app.renderStatus?.(req, res, {
110
118
  code: "invalid_path",
111
119
  urlPath
@@ -123,11 +131,11 @@ const files = (params) => {
123
131
  for (let k = 0; k < bases.length && filePath === null; k++) {
124
132
  let base = bases[k];
125
133
  if (!urlPath.endsWith("/")) {
126
- for (let i = 0; i < suffixes.length && filePath === null; i++) filePath = await resolve(base, `${urlPath}${suffixes[i]}`);
127
134
  if (filePath === null && urlExt) {
128
135
  let urlPathBase = urlPath.slice(0, -urlExt.length);
129
136
  for (let i = 0; i < suffixes.length && filePath === null; i++) filePath = await resolve(base, `${urlPathBase}${suffixes[i]}${urlExt}`);
130
137
  }
138
+ for (let i = 0; i < suffixes.length && filePath === null; i++) filePath = await resolve(base, `${urlPath}${suffixes[i]}`);
131
139
  for (let i = 0; i < suffixes.length && filePath === null; i++) for (let j = 0; j < exts.length && filePath === null; j++) filePath = await resolve(base, `${urlPath}${suffixes[i]}.${exts[j]}`);
132
140
  }
133
141
  for (let i = 0; i < suffixes.length && filePath === null; i++) for (let j = 0; j < exts.length && filePath === null; j++) filePath = await resolve(base, urlPath, `index${suffixes[i]}.${exts[j]}`);
@@ -135,7 +143,11 @@ const files = (params) => {
135
143
  if (filePath === null) {
136
144
  if (fallthrough) next();
137
145
  else {
138
- emitLog(req.app, "Unknown path", { data: { urlPath } });
146
+ emitLog(req.app, "Unknown path", {
147
+ data: { urlPath },
148
+ req,
149
+ res
150
+ });
139
151
  res.status(404).send(await req.app.renderStatus?.(req, res, {
140
152
  code: "unknown_path",
141
153
  urlPath
@@ -143,6 +155,11 @@ const files = (params) => {
143
155
  }
144
156
  return;
145
157
  }
158
+ emitLog(req.app, "File path resolved", {
159
+ data: { filePath },
160
+ req,
161
+ res
162
+ });
146
163
  if (!p.transform?.length) {
147
164
  res.sendFile(filePath);
148
165
  return;
package/dist/index.mjs CHANGED
@@ -52,7 +52,7 @@ function matches(x, matcher) {
52
52
  return false;
53
53
  }
54
54
  const defaultExtensions = ["html", "htm"];
55
- const defaultPath = (req) => req.path;
55
+ const defaultPath = (req) => decodeURIComponent(req.path);
56
56
  /**
57
57
  * Serves files from the specified directory path or paths in a locale-aware
58
58
  * fashion after applying optional transforms.
@@ -68,7 +68,11 @@ const files = (params) => {
68
68
  if (!matches(urlPath, p.matches)) {
69
69
  if (fallthrough) next();
70
70
  else {
71
- emitLog(req.app, "Unmatched path", { data: { urlPath } });
71
+ emitLog(req.app, "Unmatched path", {
72
+ data: { urlPath },
73
+ req,
74
+ res
75
+ });
72
76
  res.status(404).send(await req.app.renderStatus?.(req, res, {
73
77
  code: "unmatched_path",
74
78
  urlPath
@@ -79,7 +83,11 @@ const files = (params) => {
79
83
  if (urlPath.includes("../")) {
80
84
  if (fallthrough) next();
81
85
  else {
82
- emitLog(req.app, "Invalid path (potential traversal attempt)", { data: { urlPath } });
86
+ emitLog(req.app, "Invalid path (potential traversal attempt)", {
87
+ data: { urlPath },
88
+ req,
89
+ res
90
+ });
83
91
  res.status(400).send(await req.app.renderStatus?.(req, res, {
84
92
  code: "invalid_path",
85
93
  urlPath
@@ -97,11 +105,11 @@ const files = (params) => {
97
105
  for (let k = 0; k < bases.length && filePath === null; k++) {
98
106
  let base = bases[k];
99
107
  if (!urlPath.endsWith("/")) {
100
- for (let i = 0; i < suffixes.length && filePath === null; i++) filePath = await resolve$1(base, `${urlPath}${suffixes[i]}`);
101
108
  if (filePath === null && urlExt) {
102
109
  let urlPathBase = urlPath.slice(0, -urlExt.length);
103
110
  for (let i = 0; i < suffixes.length && filePath === null; i++) filePath = await resolve$1(base, `${urlPathBase}${suffixes[i]}${urlExt}`);
104
111
  }
112
+ for (let i = 0; i < suffixes.length && filePath === null; i++) filePath = await resolve$1(base, `${urlPath}${suffixes[i]}`);
105
113
  for (let i = 0; i < suffixes.length && filePath === null; i++) for (let j = 0; j < exts.length && filePath === null; j++) filePath = await resolve$1(base, `${urlPath}${suffixes[i]}.${exts[j]}`);
106
114
  }
107
115
  for (let i = 0; i < suffixes.length && filePath === null; i++) for (let j = 0; j < exts.length && filePath === null; j++) filePath = await resolve$1(base, urlPath, `index${suffixes[i]}.${exts[j]}`);
@@ -109,7 +117,11 @@ const files = (params) => {
109
117
  if (filePath === null) {
110
118
  if (fallthrough) next();
111
119
  else {
112
- emitLog(req.app, "Unknown path", { data: { urlPath } });
120
+ emitLog(req.app, "Unknown path", {
121
+ data: { urlPath },
122
+ req,
123
+ res
124
+ });
113
125
  res.status(404).send(await req.app.renderStatus?.(req, res, {
114
126
  code: "unknown_path",
115
127
  urlPath
@@ -117,6 +129,11 @@ const files = (params) => {
117
129
  }
118
130
  return;
119
131
  }
132
+ emitLog(req.app, "File path resolved", {
133
+ data: { filePath },
134
+ req,
135
+ res
136
+ });
120
137
  if (!p.transform?.length) {
121
138
  res.sendFile(filePath);
122
139
  return;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "appstage",
3
- "version": "0.2.24",
3
+ "version": "0.2.26",
4
4
  "description": "",
5
5
  "main": "./dist/index.cjs",
6
6
  "module": "./dist/index.mjs",
package/src/controllers/files.ts CHANGED
@@ -82,7 +82,7 @@ export type FilesParams = {
82
82
  };
83
83
 
84
84
  const defaultExtensions = ["html", "htm"];
85
- const defaultPath = (req: Request) => req.path;
85
+ const defaultPath = (req: Request) => decodeURIComponent(req.path);
86
86
 
87
87
  /**
88
88
  * Serves files from the specified directory path or paths in a locale-aware
@@ -107,7 +107,11 @@ export const files: Controller<string | FilesParams> = (params) => {
107
107
  if (!matches(urlPath, p.matches)) {
108
108
  if (fallthrough) next();
109
109
  else {
110
- emitLog(req.app, "Unmatched path", { data: { urlPath } });
110
+ emitLog(req.app, "Unmatched path", {
111
+ data: { urlPath },
112
+ req,
113
+ res,
114
+ });
111
115
 
112
116
  res.status(404).send(
113
117
  await req.app.renderStatus?.(req, res, {
@@ -125,6 +129,8 @@ export const files: Controller<string | FilesParams> = (params) => {
125
129
  else {
126
130
  emitLog(req.app, "Invalid path (potential traversal attempt)", {
127
131
  data: { urlPath },
132
+ req,
133
+ res,
128
134
  });
129
135
 
130
136
  res.status(400).send(
@@ -156,10 +162,6 @@ export const files: Controller<string | FilesParams> = (params) => {
156
162
  let base = bases[k];
157
163
 
158
164
  if (!urlPath.endsWith("/")) {
159
- // /x.en /x /x.ru
160
- for (let i = 0; i < suffixes.length && filePath === null; i++)
161
- filePath = await resolve(base, `${urlPath}${suffixes[i]}`);
162
-
163
165
  if (filePath === null && urlExt) {
164
166
  let urlPathBase = urlPath.slice(0, -urlExt.length);
165
167
 
@@ -171,6 +173,10 @@ export const files: Controller<string | FilesParams> = (params) => {
171
173
  );
172
174
  }
173
175
 
176
+ // /x.en /x /x.ru
177
+ for (let i = 0; i < suffixes.length && filePath === null; i++)
178
+ filePath = await resolve(base, `${urlPath}${suffixes[i]}`);
179
+
174
180
  // /x.en.html /x.en.htm /x.html /x.htm /x.ru.html /x.ru.htm
175
181
  for (let i = 0; i < suffixes.length && filePath === null; i++) {
176
182
  for (let j = 0; j < exts.length && filePath === null; j++)
@@ -195,7 +201,11 @@ export const files: Controller<string | FilesParams> = (params) => {
195
201
  if (filePath === null) {
196
202
  if (fallthrough) next();
197
203
  else {
198
- emitLog(req.app, "Unknown path", { data: { urlPath } });
204
+ emitLog(req.app, "Unknown path", {
205
+ data: { urlPath },
206
+ req,
207
+ res,
208
+ });
199
209
 
200
210
  res.status(404).send(
201
211
  await req.app.renderStatus?.(req, res, {
@@ -208,6 +218,14 @@ export const files: Controller<string | FilesParams> = (params) => {
208
218
  return;
209
219
  }
210
220
 
221
+ emitLog(req.app, "File path resolved", {
222
+ data: {
223
+ filePath,
224
+ },
225
+ req,
226
+ res,
227
+ });
228
+
211
229
  if (!p.transform?.length) {
212
230
  res.sendFile(filePath);
213
231
  return;