cwresdev 0.1.4 → 0.1.5

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cwresdev",
-  "version": "0.1.4",
+  "version": "0.1.5",
   "description": "",
   "license": "MIT",
   "private": false,

package/src/proxy.js

@@ -1,12 +1,49 @@
 const { Readable } = require("node:stream");
 const { injectLiveReload } = require("./injector");
 
+let _stagingCookie = "";
+
+async function acquireStagingCookie(proxyOrigin) {
+  try {
+    const res = await fetch(new URL("/contentEnvironment", proxyOrigin).toString(), {
+      method: "POST",
+      headers: { "Content-Type": "application/json" },
+      body: JSON.stringify({ contentEnvironment: "staging" }),
+    });
+
+    if (!res.ok) {
+      return "";
+    }
+
+    const cookies = res.headers.getSetCookie() || [];
+    const envCookie = cookies.find((c) => c.startsWith("contentEnvironment="));
+
+    if (envCookie) {
+      _stagingCookie = envCookie.split(";")[0];
+    }
+
+    return _stagingCookie;
+  } catch (error) {
+    return "";
+  }
+}
+
+function getStagingCookie() {
+  return _stagingCookie;
+}
+
 function stripHopByHopHeaders(headers) {
   const nextHeaders = { ...headers };
   delete nextHeaders.host;
   delete nextHeaders.connection;
   delete nextHeaders["content-length"];
   delete nextHeaders["transfer-encoding"];
+  delete nextHeaders.referer;
+  delete nextHeaders.origin;
+  delete nextHeaders["sec-fetch-site"];
+  delete nextHeaders["sec-fetch-mode"];
+  delete nextHeaders["sec-fetch-dest"];
+  delete nextHeaders.cookie;
   return nextHeaders;
 }
 
@@ -46,11 +83,17 @@ async function readRequestBody(req) {
   return Buffer.concat(chunks);
 }
 
-async function proxyRequest({ req, res, target, injectHtml = false }) {
+async function proxyRequest({ req, res, target, injectHtml = false, injectCookie = false }) {
   const body = await readRequestBody(req);
+  const outHeaders = stripHopByHopHeaders(req.headers);
+
+  if (injectCookie && _stagingCookie) {
+    outHeaders.cookie = _stagingCookie;
+  }
+
   const upstream = await fetch(target, {
     method: req.method,
-    headers: stripHopByHopHeaders(req.headers),
+    headers: outHeaders,
     body,
     redirect: "manual",
   });
@@ -61,10 +104,17 @@ async function proxyRequest({ req, res, target, injectHtml = false }) {
     "content-encoding",
     "content-length",
     "transfer-encoding",
+    "set-cookie",
   ]);
 
   applyResponseHeaders(upstream.headers, res, omittedHeaders);
 
+  if (injectCookie) {
+    res.setHeader("Cache-Control", "no-cache, no-store, must-revalidate");
+    res.setHeader("Pragma", "no-cache");
+    res.setHeader("Expires", "0");
+  }
+
   if (req.method === "HEAD" || upstream.status === 204 || upstream.status === 304) {
     res.end();
     return;
@@ -86,6 +136,8 @@ async function proxyRequest({ req, res, target, injectHtml = false }) {
 }
 
 module.exports = {
+  acquireStagingCookie,
   buildTargetUrl,
+  getStagingCookie,
   proxyRequest,
 };

package/src/server.js

@@ -8,7 +8,7 @@ const { WebSocketServer } = require("ws");
 
 const { CLIENT_SCRIPT_ROUTE, getClientScriptSource, injectLiveReload } = require("./injector");
 const { startPhpServer, stopPhpServer } = require("./php");
-const { buildTargetUrl, proxyRequest } = require("./proxy");
+const { acquireStagingCookie, buildTargetUrl, proxyRequest } = require("./proxy");
 
 const HTML_EXTENSIONS = new Set([".htm", ".html", ".shtm", ".shtml"]);
 const MAX_SSI_INCLUDE_DEPTH = 16;
@@ -198,6 +198,10 @@ async function startDevServer(config) {
   }
 
   const logger = createLogger(config.quiet);
+
+  await acquireStagingCookie(config.proxyOrigin);
+  logger.info("[cwrespro] Staging cookie acquired for CDN proxy.");
+
   const packageRoot = path.resolve(__dirname, "..");
   const phpServer = await startPhpServer({
     packageRoot,
@@ -238,6 +242,7 @@ async function startDevServer(config) {
         req,
         res,
         target: buildTargetUrl(config.proxyOrigin, req),
+        injectCookie: true,
       });
     } catch (error) {
       next(error);