npm - better-convex-nuxt - Versions diffs - 0.2.6 → 0.2.7 - Mend

better-convex-nuxt 0.2.6 → 0.2.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/dist/module.d.mts CHANGED Viewed

@@ -71,7 +71,8 @@ interface ModuleOptions {
     authRoute?: string;
     /**
      * Additional trusted origins for CORS validation on the auth proxy.
-     * By default, only requests from the origin matching siteUrl are allowed.
+     * Same-origin requests are always allowed automatically.
+     * Use this for cross-origin scenarios like iframes or separate frontend domains.
      * Supports wildcards for preview deployments (e.g., 'https://preview-*.vercel.app').
      * @default []
      */

package/dist/module.json CHANGED Viewed

@@ -4,7 +4,7 @@
   "compatibility": {
     "nuxt": ">=3.0.0"
   },
-  "version": "0.2.6",
+  "version": "0.2.7",
   "builder": {
     "@nuxt/module-builder": "1.0.2",
     "unbuild": "3.6.1"

package/dist/runtime/devtools/ui/dist/200.html CHANGED Viewed

	@@ -1 +1 @@
1	- <!DOCTYPE html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>Convex DevTools</title><link rel="stylesheet" href="/__convex_devtools__/_nuxt/entry.BiOLMZBG.css" crossorigin><link rel="modulepreload" as="script" crossorigin href="/__convex_devtools__/_nuxt/BhO0ov6K.js"><script type="module" src="/__convex_devtools__/_nuxt/BhO0ov6K.js" crossorigin></script><script id="unhead:payload" type="application/json">{"title":"Convex DevTools"}</script></head><body><div id="__nuxt"></div><div id="teleports"></div><script>window.__NUXT__={};window.__NUXT__.config={public:{},app:{baseURL:"/__convex_devtools__",buildId:"~~ed8d70b7~~-~~40e1~~-~~4de1~~-~~88fa~~-~~bfcb37bd15e0~~",buildAssetsDir:"/_nuxt/",cdnURL:""}}</script><script type="application/json" data-nuxt-data="nuxt-app" data-ssr="false" id="__NUXT_DATA__">[{"prerenderedAt":1,"serverRendered":2},~~1768699827928~~,false]</script></body></html>
1	+ <!DOCTYPE html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>Convex DevTools</title><link rel="stylesheet" href="/__convex_devtools__/_nuxt/entry.BiOLMZBG.css" crossorigin><link rel="modulepreload" as="script" crossorigin href="/__convex_devtools__/_nuxt/BhO0ov6K.js"><script type="module" src="/__convex_devtools__/_nuxt/BhO0ov6K.js" crossorigin></script><script id="unhead:payload" type="application/json">{"title":"Convex DevTools"}</script></head><body><div id="__nuxt"></div><div id="teleports"></div><script>window.__NUXT__={};window.__NUXT__.config={public:{},app:{baseURL:"/__convex_devtools__",buildId:"bb1b6fab-3dad-4ebb-bedd-8a7e8492b357",buildAssetsDir:"/_nuxt/",cdnURL:""}}</script><script type="application/json" data-nuxt-data="nuxt-app" data-ssr="false" id="__NUXT_DATA__">[{"prerenderedAt":1,"serverRendered":2},1769017710929,false]</script></body></html>

package/dist/runtime/devtools/ui/dist/404.html CHANGED Viewed

	@@ -1 +1 @@
1	- <!DOCTYPE html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>Convex DevTools</title><link rel="stylesheet" href="/__convex_devtools__/_nuxt/entry.BiOLMZBG.css" crossorigin><link rel="modulepreload" as="script" crossorigin href="/__convex_devtools__/_nuxt/BhO0ov6K.js"><script type="module" src="/__convex_devtools__/_nuxt/BhO0ov6K.js" crossorigin></script><script id="unhead:payload" type="application/json">{"title":"Convex DevTools"}</script></head><body><div id="__nuxt"></div><div id="teleports"></div><script>window.__NUXT__={};window.__NUXT__.config={public:{},app:{baseURL:"/__convex_devtools__",buildId:"~~ed8d70b7~~-~~40e1~~-~~4de1~~-~~88fa~~-~~bfcb37bd15e0~~",buildAssetsDir:"/_nuxt/",cdnURL:""}}</script><script type="application/json" data-nuxt-data="nuxt-app" data-ssr="false" id="__NUXT_DATA__">[{"prerenderedAt":1,"serverRendered":2},~~1768699827929~~,false]</script></body></html>
1	+ <!DOCTYPE html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>Convex DevTools</title><link rel="stylesheet" href="/__convex_devtools__/_nuxt/entry.BiOLMZBG.css" crossorigin><link rel="modulepreload" as="script" crossorigin href="/__convex_devtools__/_nuxt/BhO0ov6K.js"><script type="module" src="/__convex_devtools__/_nuxt/BhO0ov6K.js" crossorigin></script><script id="unhead:payload" type="application/json">{"title":"Convex DevTools"}</script></head><body><div id="__nuxt"></div><div id="teleports"></div><script>window.__NUXT__={};window.__NUXT__.config={public:{},app:{baseURL:"/__convex_devtools__",buildId:"bb1b6fab-3dad-4ebb-bedd-8a7e8492b357",buildAssetsDir:"/_nuxt/",cdnURL:""}}</script><script type="application/json" data-nuxt-data="nuxt-app" data-ssr="false" id="__NUXT_DATA__">[{"prerenderedAt":1,"serverRendered":2},1769017710929,false]</script></body></html>

package/dist/runtime/devtools/ui/dist/_nuxt/builds/latest.json CHANGED Viewed

	@@ -1 +1 @@
1	- {"id":"~~ed8d70b7~~-~~40e1~~-~~4de1~~-~~88fa~~-~~bfcb37bd15e0~~","timestamp":~~1768699825754~~}
1	+ {"id":"bb1b6fab-3dad-4ebb-bedd-8a7e8492b357","timestamp":1769017708682}

package/dist/runtime/devtools/ui/dist/_nuxt/builds/meta/bb1b6fab-3dad-4ebb-bedd-8a7e8492b357.json ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"id":"bb1b6fab-3dad-4ebb-bedd-8a7e8492b357","timestamp":1769017708682,"matcher":{"static":{},"wildcard":{},"dynamic":{}},"prerendered":[]}

package/dist/runtime/devtools/ui/dist/index.html CHANGED Viewed

	@@ -1 +1 @@
1	- <!DOCTYPE html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>Convex DevTools</title><link rel="stylesheet" href="/__convex_devtools__/_nuxt/entry.BiOLMZBG.css" crossorigin><link rel="modulepreload" as="script" crossorigin href="/__convex_devtools__/_nuxt/BhO0ov6K.js"><script type="module" src="/__convex_devtools__/_nuxt/BhO0ov6K.js" crossorigin></script><script id="unhead:payload" type="application/json">{"title":"Convex DevTools"}</script></head><body><div id="__nuxt"></div><div id="teleports"></div><script>window.__NUXT__={};window.__NUXT__.config={public:{},app:{baseURL:"/__convex_devtools__",buildId:"~~ed8d70b7~~-~~40e1~~-~~4de1~~-~~88fa~~-~~bfcb37bd15e0~~",buildAssetsDir:"/_nuxt/",cdnURL:""}}</script><script type="application/json" data-nuxt-data="nuxt-app" data-ssr="false" id="__NUXT_DATA__">[{"prerenderedAt":1,"serverRendered":2},~~1768699827929~~,false]</script></body></html>
1	+ <!DOCTYPE html><html><head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1.0"><title>Convex DevTools</title><link rel="stylesheet" href="/__convex_devtools__/_nuxt/entry.BiOLMZBG.css" crossorigin><link rel="modulepreload" as="script" crossorigin href="/__convex_devtools__/_nuxt/BhO0ov6K.js"><script type="module" src="/__convex_devtools__/_nuxt/BhO0ov6K.js" crossorigin></script><script id="unhead:payload" type="application/json">{"title":"Convex DevTools"}</script></head><body><div id="__nuxt"></div><div id="teleports"></div><script>window.__NUXT__={};window.__NUXT__.config={public:{},app:{baseURL:"/__convex_devtools__",buildId:"bb1b6fab-3dad-4ebb-bedd-8a7e8492b357",buildAssetsDir:"/_nuxt/",cdnURL:""}}</script><script type="application/json" data-nuxt-data="nuxt-app" data-ssr="false" id="__NUXT_DATA__">[{"prerenderedAt":1,"serverRendered":2},1769017710929,false]</script></body></html>

package/dist/runtime/plugin.client.js CHANGED Viewed

@@ -139,15 +139,13 @@ export default defineNuxtPlugin((nuxtApp) => {
   if (authClient) {
     nuxtApp.provide("auth", authClient);
   }
-  if (typeof window !== "undefined") {
+  if (typeof window !== "undefined" && import.meta.dev) {
     ;
     window.__convex_client__ = client;
     if (authClient) window.__auth_client__ = authClient;
-    if (import.meta.dev) {
-      import("./devtools/bridge-setup.js").then(({ setupDevToolsBridge }) => {
-        setupDevToolsBridge(client, convexToken, convexUser, convexAuthWaterfall);
-      });
-    }
+    import("./devtools/bridge-setup.js").then(({ setupDevToolsBridge }) => {
+      setupDevToolsBridge(client, convexToken, convexUser, convexAuthWaterfall);
+    });
   }
   endInit();
   if (convexToken.value) {

package/dist/runtime/server/api/auth/[...].js CHANGED Viewed

@@ -9,13 +9,11 @@ import {
 } from "h3";
 import { useRuntimeConfig } from "#imports";
 import { recordAuthProxyRequest } from "../../../devtools/auth-proxy-registry.js";
-function isOriginAllowed(origin, siteUrl, trustedOrigins) {
-  if (siteUrl) {
-    try {
-      const siteOrigin = new URL(siteUrl).origin;
-      if (origin === siteOrigin) return true;
-    } catch {
-    }
+function isOriginAllowed(origin, requestHost, trustedOrigins) {
+  try {
+    const originUrl = new URL(origin);
+    if (originUrl.host === requestHost) return true;
+  } catch {
   }
   for (const trusted of trustedOrigins) {
     if (trusted.includes("*")) {
@@ -29,9 +27,10 @@ function isOriginAllowed(origin, siteUrl, trustedOrigins) {
 }
 export default defineEventHandler(async (event) => {
   const config = useRuntimeConfig();
-  const siteUrl = config.public.convex?.siteUrl;
-  const trustedOrigins = config.public.convex?.trustedOrigins ?? [];
-  const rawAuthRoute = config.public.convex?.authRoute || "/api/auth";
+  const convexConfig = config.public.convex;
+  const siteUrl = convexConfig?.siteUrl;
+  const trustedOrigins = convexConfig?.trustedOrigins ?? [];
+  const rawAuthRoute = convexConfig?.authRoute || "/api/auth";
   const authRoute = (rawAuthRoute.startsWith("/") ? rawAuthRoute : `/${rawAuthRoute}`).replace(/\/+$/, "");
   const startTime = import.meta.dev ? Date.now() : 0;
   const requestId = import.meta.dev ? crypto.randomUUID() : "";
@@ -48,7 +47,7 @@ export default defineEventHandler(async (event) => {
   const target = `${siteUrl}/api/auth${normalizedPath}${requestUrl.search}`;
   if (event.method === "OPTIONS") {
     const origin2 = event.headers.get("origin");
-    if (!origin2 || !isOriginAllowed(origin2, siteUrl, trustedOrigins)) {
+    if (!origin2 || !isOriginAllowed(origin2, requestUrl.host, trustedOrigins)) {
       setResponseStatus(event, 403);
       return null;
     }
@@ -63,13 +62,18 @@ export default defineEventHandler(async (event) => {
     return null;
   }
   const origin = event.headers.get("origin");
-  if (origin && isOriginAllowed(origin, siteUrl, trustedOrigins)) {
+  const isAllowedOrigin = origin ? isOriginAllowed(origin, requestUrl.host, trustedOrigins) : true;
+  if (origin && isAllowedOrigin) {
     setHeaders(event, {
       "Access-Control-Allow-Origin": origin,
       "Access-Control-Allow-Credentials": "true",
       "Access-Control-Expose-Headers": "Set-Cookie"
     });
   }
+  if (origin && !isAllowedOrigin) {
+    setResponseStatus(event, 403);
+    return null;
+  }
   try {
     const originalHost = event.headers.get("host") || requestUrl.host;
     const originalProto = requestUrl.protocol.replace(":", "");

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "better-convex-nuxt",
-  "version": "0.2.6",
+  "version": "0.2.7",
   "description": "Full-featured Convex integration for Nuxt with SSR, real-time subscriptions, authentication, and permissions",
   "keywords": [
     "authentication",

package/dist/runtime/devtools/ui/dist/_nuxt/builds/meta/ed8d70b7-40e1-4de1-88fa-bfcb37bd15e0.json DELETED Viewed

	@@ -1 +0,0 @@
1	- {"id":"ed8d70b7-40e1-4de1-88fa-bfcb37bd15e0","timestamp":1768699825754,"matcher":{"static":{},"wildcard":{},"dynamic":{}},"prerendered":[]}