react-router 8.0.0-pre.0 → 8.0.0-pre.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +21 -0
- package/dist/development/dom-export.js +1 -1
- package/dist/development/index-react-server-client.js +1 -1
- package/dist/development/index-react-server.d.ts +9 -2
- package/dist/development/index-react-server.js +91 -88
- package/dist/development/index.d.ts +1 -2
- package/dist/development/index.js +2 -3
- package/dist/development/lib/actions.js +6 -18
- package/dist/development/lib/components.d.ts +11 -3
- package/dist/development/lib/components.js +8 -2
- package/dist/development/lib/context.js +1 -1
- package/dist/development/lib/dom/dom.js +1 -1
- package/dist/development/lib/dom/lib.d.ts +12 -1
- package/dist/development/lib/dom/lib.js +18 -6
- package/dist/development/lib/dom/server.js +2 -2
- package/dist/development/lib/dom/ssr/components.d.ts +4 -2
- package/dist/development/lib/dom/ssr/components.js +13 -3
- package/dist/development/lib/dom/ssr/data.js +1 -1
- package/dist/development/lib/dom/ssr/entry.d.ts +1 -0
- package/dist/development/lib/dom/ssr/errorBoundaries.js +7 -3
- package/dist/development/lib/dom/ssr/fallback.js +8 -3
- package/dist/development/lib/dom/ssr/fog-of-war.js +12 -2
- package/dist/development/lib/dom/ssr/hydration.js +1 -1
- package/dist/development/lib/dom/ssr/invariant.js +1 -1
- package/dist/development/lib/dom/ssr/links.js +1 -1
- package/dist/development/lib/dom/ssr/markup.js +1 -1
- package/dist/development/lib/dom/ssr/routeModules.js +1 -1
- package/dist/development/lib/dom/ssr/routes-test-stub.js +1 -1
- package/dist/development/lib/dom/ssr/routes.js +1 -1
- package/dist/development/lib/dom/ssr/server.d.ts +4 -1
- package/dist/development/lib/dom/ssr/server.js +2 -1
- package/dist/development/lib/dom/ssr/single-fetch.js +2 -3
- package/dist/development/lib/dom-export/dom-router-provider.js +1 -1
- package/dist/development/lib/dom-export/hydrated-router.d.ts +1 -1
- package/dist/development/lib/dom-export/hydrated-router.js +14 -17
- package/dist/development/lib/errors.js +1 -1
- package/dist/development/lib/hooks.js +6 -4
- package/dist/development/lib/href.js +1 -1
- package/dist/development/lib/router/history.js +3 -2
- package/dist/development/lib/router/instrumentation.js +1 -1
- package/dist/development/lib/router/links.d.ts +3 -2
- package/dist/development/lib/router/router.js +13 -6
- package/dist/development/lib/router/url.js +18 -0
- package/dist/development/lib/router/utils.d.ts +6 -0
- package/dist/development/lib/router/utils.js +27 -8
- package/dist/development/lib/rsc/browser.js +21 -17
- package/dist/development/lib/rsc/errorBoundaries.js +1 -1
- package/dist/development/lib/rsc/html-stream/browser.js +1 -1
- package/dist/development/lib/rsc/html-stream/server.js +1 -1
- package/dist/development/lib/rsc/route-modules.js +1 -1
- package/dist/development/lib/rsc/server.ssr.js +27 -11
- package/dist/development/lib/server-runtime/cookies.js +1 -1
- package/dist/development/lib/server-runtime/crypto.js +1 -1
- package/dist/development/lib/server-runtime/data.js +1 -1
- package/dist/development/lib/server-runtime/dev.js +1 -1
- package/dist/development/lib/server-runtime/entry.js +1 -1
- package/dist/development/lib/server-runtime/errors.js +2 -22
- package/dist/development/lib/server-runtime/headers.js +1 -1
- package/dist/development/lib/server-runtime/invariant.js +1 -1
- package/dist/development/lib/server-runtime/mode.js +1 -1
- package/dist/development/lib/server-runtime/routeMatching.js +1 -1
- package/dist/development/lib/server-runtime/routes.js +1 -1
- package/dist/development/lib/server-runtime/server.js +17 -23
- package/dist/development/lib/server-runtime/serverHandoff.js +1 -1
- package/dist/development/lib/server-runtime/sessions/cookieStorage.js +1 -1
- package/dist/development/lib/server-runtime/sessions/memoryStorage.js +1 -1
- package/dist/development/lib/server-runtime/sessions.js +1 -1
- package/dist/development/lib/server-runtime/single-fetch.js +4 -4
- package/dist/development/lib/server-runtime/urls.js +2 -5
- package/dist/development/lib/server-runtime/warnings.js +1 -1
- package/dist/development/lib/types/internal.js +1 -1
- package/dist/development/vendor/turbo-stream-v2/flatten.js +1 -1
- package/dist/development/vendor/turbo-stream-v2/turbo-stream.js +2 -1
- package/dist/development/vendor/turbo-stream-v2/unflatten.js +3 -2
- package/dist/development/vendor/turbo-stream-v2/utils.js +2 -10
- package/dist/production/dom-export.js +1 -1
- package/dist/production/index-react-server-client.js +1 -1
- package/dist/production/index-react-server.d.ts +9 -2
- package/dist/production/index-react-server.js +91 -88
- package/dist/production/index.d.ts +1 -2
- package/dist/production/index.js +2 -3
- package/dist/production/lib/actions.js +6 -18
- package/dist/production/lib/components.d.ts +11 -3
- package/dist/production/lib/components.js +8 -2
- package/dist/production/lib/context.js +1 -1
- package/dist/production/lib/dom/dom.js +1 -1
- package/dist/production/lib/dom/lib.d.ts +12 -1
- package/dist/production/lib/dom/lib.js +18 -6
- package/dist/production/lib/dom/server.js +2 -2
- package/dist/production/lib/dom/ssr/components.d.ts +4 -2
- package/dist/production/lib/dom/ssr/components.js +13 -3
- package/dist/production/lib/dom/ssr/data.js +1 -1
- package/dist/production/lib/dom/ssr/entry.d.ts +1 -0
- package/dist/production/lib/dom/ssr/errorBoundaries.js +7 -3
- package/dist/production/lib/dom/ssr/fallback.js +3 -1
- package/dist/production/lib/dom/ssr/fog-of-war.js +12 -2
- package/dist/production/lib/dom/ssr/hydration.js +1 -1
- package/dist/production/lib/dom/ssr/invariant.js +1 -1
- package/dist/production/lib/dom/ssr/links.js +1 -1
- package/dist/production/lib/dom/ssr/markup.js +1 -1
- package/dist/production/lib/dom/ssr/routeModules.js +1 -1
- package/dist/production/lib/dom/ssr/routes-test-stub.js +1 -1
- package/dist/production/lib/dom/ssr/routes.js +1 -1
- package/dist/production/lib/dom/ssr/server.d.ts +4 -1
- package/dist/production/lib/dom/ssr/server.js +2 -1
- package/dist/production/lib/dom/ssr/single-fetch.js +2 -3
- package/dist/production/lib/dom-export/dom-router-provider.js +1 -1
- package/dist/production/lib/dom-export/hydrated-router.d.ts +1 -1
- package/dist/production/lib/dom-export/hydrated-router.js +14 -17
- package/dist/production/lib/errors.js +1 -1
- package/dist/production/lib/hooks.js +6 -4
- package/dist/production/lib/href.js +1 -1
- package/dist/production/lib/router/history.js +3 -2
- package/dist/production/lib/router/instrumentation.js +1 -1
- package/dist/production/lib/router/links.d.ts +3 -2
- package/dist/production/lib/router/router.js +13 -6
- package/dist/production/lib/router/url.js +18 -0
- package/dist/production/lib/router/utils.d.ts +6 -0
- package/dist/production/lib/router/utils.js +27 -8
- package/dist/production/lib/rsc/browser.js +21 -17
- package/dist/production/lib/rsc/errorBoundaries.js +1 -1
- package/dist/production/lib/rsc/html-stream/browser.js +1 -1
- package/dist/production/lib/rsc/html-stream/server.js +1 -1
- package/dist/production/lib/rsc/route-modules.js +1 -1
- package/dist/production/lib/rsc/server.ssr.js +27 -11
- package/dist/production/lib/server-runtime/cookies.js +1 -1
- package/dist/production/lib/server-runtime/crypto.js +1 -1
- package/dist/production/lib/server-runtime/data.js +1 -1
- package/dist/production/lib/server-runtime/dev.js +1 -1
- package/dist/production/lib/server-runtime/entry.js +1 -1
- package/dist/production/lib/server-runtime/errors.js +2 -22
- package/dist/production/lib/server-runtime/headers.js +1 -1
- package/dist/production/lib/server-runtime/invariant.js +1 -1
- package/dist/production/lib/server-runtime/mode.js +1 -1
- package/dist/production/lib/server-runtime/routeMatching.js +1 -1
- package/dist/production/lib/server-runtime/routes.js +1 -1
- package/dist/production/lib/server-runtime/server.js +17 -23
- package/dist/production/lib/server-runtime/serverHandoff.js +1 -1
- package/dist/production/lib/server-runtime/sessions/cookieStorage.js +1 -1
- package/dist/production/lib/server-runtime/sessions/memoryStorage.js +1 -1
- package/dist/production/lib/server-runtime/sessions.js +1 -1
- package/dist/production/lib/server-runtime/single-fetch.js +4 -4
- package/dist/production/lib/server-runtime/urls.js +2 -5
- package/dist/production/lib/server-runtime/warnings.js +1 -1
- package/dist/production/lib/types/internal.js +1 -1
- package/dist/production/vendor/turbo-stream-v2/flatten.js +1 -1
- package/dist/production/vendor/turbo-stream-v2/turbo-stream.js +2 -1
- package/dist/production/vendor/turbo-stream-v2/unflatten.js +3 -2
- package/dist/production/vendor/turbo-stream-v2/utils.js +2 -10
- package/docs/explanation/code-splitting.md +1 -1
- package/docs/explanation/index-query-param.md +2 -2
- package/docs/explanation/type-safety.md +1 -1
- package/docs/how-to/data-strategy.md +5 -5
- package/docs/how-to/error-reporting.md +10 -2
- package/docs/how-to/headers.md +2 -1
- package/docs/how-to/security.md +9 -7
- package/docs/start/data/installation.md +4 -0
- package/docs/start/data/route-object.md +20 -0
- package/docs/start/framework/actions.md +0 -1
- package/docs/start/framework/data-loading.md +1 -1
- package/docs/start/framework/deploying.md +4 -0
- package/docs/start/framework/installation.md +0 -1
- package/docs/upgrading/v6.md +3 -0
- package/package.json +2 -2
- package/dist/development/lib/dom/ssr/errors.d.ts +0 -7
- package/dist/development/lib/dom/ssr/errors.js +0 -36
- package/dist/production/lib/dom/ssr/errors.d.ts +0 -7
- package/dist/production/lib/dom/ssr/errors.js +0 -36
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,26 @@
|
|
|
1
1
|
# `react-router`
|
|
2
2
|
|
|
3
|
+
## v7.18.0
|
|
4
|
+
|
|
5
|
+
### Patch Changes
|
|
6
|
+
|
|
7
|
+
- Fix server handler prerender responses when using `ssr: false` and `future.v8_trailingSlashAwareDataRequests: true`. Avoids false positive "SPA Mode" detection when serving prerendered paths ([#15173](https://github.com/remix-run/react-router/pull/15173))
|
|
8
|
+
- Use the `ServerRouter` nonce for nonce-aware SSR components when they don't provide their own value so strict CSP pages can load them. ([#15170](https://github.com/remix-run/react-router/pull/15170))
|
|
9
|
+
- Use `turbo-stream` to serialize and deserialize Framework Mode hydration errors ([#15175](https://github.com/remix-run/react-router/pull/15175))
|
|
10
|
+
- Precompute route branch matchers to avoid recompiling route path regexes during matching ([#15186](https://github.com/remix-run/react-router/pull/15186))
|
|
11
|
+
- Use the constructed request URL host when validating action request origins. ([#15185](https://github.com/remix-run/react-router/pull/15185))
|
|
12
|
+
- Remove the un-documented custom error serialization logic from Data Mode SSR built-in hydration flows ([#15175](https://github.com/remix-run/react-router/pull/15175))
|
|
13
|
+
- Validate protocols in RSC render redirects ([#15177](https://github.com/remix-run/react-router/pull/15177))
|
|
14
|
+
- Consolidate url normalization logic and better handle mixed slashes ([#15176](https://github.com/remix-run/react-router/pull/15176))
|
|
15
|
+
|
|
16
|
+
## v7.17.0
|
|
17
|
+
|
|
18
|
+
### Minor Changes
|
|
19
|
+
|
|
20
|
+
- Ship a subset of the official documentation inside the `react-router` package ([#15121](https://github.com/remix-run/react-router/pull/15121))
|
|
21
|
+
- Markdown docs are now available in `node_modules/react-router/docs`, letting AI coding agents and the React Router agent skills read official docs locally
|
|
22
|
+
- Excludes auto-generated API docs (`api/`), `community/` content, and tutorials (`tutorials/`)
|
|
23
|
+
|
|
3
24
|
## v7.16.0
|
|
4
25
|
|
|
5
26
|
### Minor Changes
|
|
@@ -815,6 +815,8 @@ interface RouteMeta<RouteObjectType extends RouteObject = RouteObject> {
|
|
|
815
815
|
caseSensitive: boolean;
|
|
816
816
|
childrenIndex: number;
|
|
817
817
|
route: RouteObjectType;
|
|
818
|
+
matcher?: RegExp;
|
|
819
|
+
compiledParams?: CompiledPathParam[];
|
|
818
820
|
}
|
|
819
821
|
/**
|
|
820
822
|
* @private
|
|
@@ -828,6 +830,10 @@ interface RouteBranch<RouteObjectType extends RouteObject = RouteObject> {
|
|
|
828
830
|
score: number;
|
|
829
831
|
routesMeta: RouteMeta<RouteObjectType>[];
|
|
830
832
|
}
|
|
833
|
+
type CompiledPathParam = {
|
|
834
|
+
paramName: string;
|
|
835
|
+
isOptional?: boolean;
|
|
836
|
+
};
|
|
831
837
|
declare class DataWithResponseInit<D> {
|
|
832
838
|
type: string;
|
|
833
839
|
data: D;
|
|
@@ -1825,8 +1831,9 @@ interface PageLinkDescriptor extends Omit<HtmlLinkDescriptor, "href" | "rel" | "
|
|
|
1825
1831
|
/**
|
|
1826
1832
|
* A [`nonce`](https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Global_attributes/nonce)
|
|
1827
1833
|
* attribute to render on the [`<link>`](https://developer.mozilla.org/en-US/docs/Web/HTML/Element/link)
|
|
1828
|
-
* element
|
|
1829
|
-
|
|
1834
|
+
* element. If not provided in Framework Mode, it will default to any
|
|
1835
|
+
* {@link ServerRouter | `<ServerRouter nonce>`} prop.
|
|
1836
|
+
*/
|
|
1830
1837
|
nonce?: string | undefined;
|
|
1831
1838
|
/**
|
|
1832
1839
|
* The absolute path of the page to prefetch, e.g. `/absolute/path`.
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* react-router v8.0.0-pre.
|
|
2
|
+
* react-router v8.0.0-pre.1
|
|
3
3
|
*
|
|
4
4
|
* Copyright (c) Remix Software Inc.
|
|
5
5
|
*
|
|
@@ -12,6 +12,9 @@ import { AsyncLocalStorage } from "node:async_hooks";
|
|
|
12
12
|
import * as React from "react";
|
|
13
13
|
import { parse, serialize, splitSetCookieString } from "cookie-es";
|
|
14
14
|
import { BrowserRouter, Form, HashRouter, Link, Links, MemoryRouter, Meta, NavLink, Navigate, Outlet, Outlet as Outlet$1, Route, Router, RouterProvider, Routes, ScrollRestoration, StaticRouter, StaticRouterProvider, UNSAFE_AwaitContextProvider, UNSAFE_WithComponentProps, UNSAFE_WithErrorBoundaryProps, UNSAFE_WithHydrateFallbackProps, unstable_HistoryRouter } from "react-router/internal/react-server-client";
|
|
15
|
+
//#region lib/router/url.ts
|
|
16
|
+
const ABSOLUTE_URL_REGEX = /^(?:[a-z][a-z0-9+.-]*:|[\\/]{2})/i;
|
|
17
|
+
//#endregion
|
|
15
18
|
//#region lib/router/history.ts
|
|
16
19
|
function invariant$1(value, message) {
|
|
17
20
|
if (value === false || value === null || typeof value === "undefined") throw new Error(message);
|
|
@@ -489,7 +492,14 @@ function flattenRoutes(routes, branches = [], parentsMeta = [], parentPath = "",
|
|
|
489
492
|
branches.push({
|
|
490
493
|
path,
|
|
491
494
|
score: computeScore(path, route.index),
|
|
492
|
-
routesMeta
|
|
495
|
+
routesMeta: routesMeta.map((meta, i) => {
|
|
496
|
+
let [matcher, params] = compilePath(meta.relativePath, meta.caseSensitive, i === routesMeta.length - 1);
|
|
497
|
+
return {
|
|
498
|
+
...meta,
|
|
499
|
+
matcher,
|
|
500
|
+
compiledParams: params
|
|
501
|
+
};
|
|
502
|
+
})
|
|
493
503
|
});
|
|
494
504
|
};
|
|
495
505
|
routes.forEach((route, index) => {
|
|
@@ -540,11 +550,12 @@ function matchRouteBranch(branch, pathname, allowPartial = false) {
|
|
|
540
550
|
let meta = routesMeta[i];
|
|
541
551
|
let end = i === routesMeta.length - 1;
|
|
542
552
|
let remainingPathname = matchedPathname === "/" ? pathname : pathname.slice(matchedPathname.length) || "/";
|
|
543
|
-
let
|
|
553
|
+
let pattern = {
|
|
544
554
|
path: meta.relativePath,
|
|
545
555
|
caseSensitive: meta.caseSensitive,
|
|
546
556
|
end
|
|
547
|
-
}
|
|
557
|
+
};
|
|
558
|
+
let match = meta.matcher && meta.compiledParams ? matchPathImpl(pattern, remainingPathname, meta.matcher, meta.compiledParams) : matchPath(pattern, remainingPathname);
|
|
548
559
|
let route = meta.route;
|
|
549
560
|
if (!match && end && allowPartial && !routesMeta[routesMeta.length - 1].route.index) match = matchPath({
|
|
550
561
|
path: meta.relativePath,
|
|
@@ -584,6 +595,9 @@ function matchPath(pattern, pathname) {
|
|
|
584
595
|
end: true
|
|
585
596
|
};
|
|
586
597
|
let [matcher, compiledParams] = compilePath(pattern.path, pattern.caseSensitive, pattern.end);
|
|
598
|
+
return matchPathImpl(pattern, pathname, matcher, compiledParams);
|
|
599
|
+
}
|
|
600
|
+
function matchPathImpl(pattern, pathname, matcher, compiledParams) {
|
|
587
601
|
let match = pathname.match(matcher);
|
|
588
602
|
if (!match) return null;
|
|
589
603
|
let matchedPathname = match[0];
|
|
@@ -646,7 +660,6 @@ function stripBasename(pathname, basename) {
|
|
|
646
660
|
function prependBasename({ basename, pathname }) {
|
|
647
661
|
return pathname === "/" ? basename : joinPaths([basename, pathname]);
|
|
648
662
|
}
|
|
649
|
-
const ABSOLUTE_URL_REGEX = /^(?:[a-z][a-z0-9+.-]*:|\/\/)/i;
|
|
650
663
|
const isAbsoluteUrl = (url) => ABSOLUTE_URL_REGEX.test(url);
|
|
651
664
|
/**
|
|
652
665
|
* Returns a resolved {@link Path} object relative to the given pathname.
|
|
@@ -722,7 +735,7 @@ function resolveTo(toArg, routePathnames, locationPathname, isPathRelative = fal
|
|
|
722
735
|
if (!path.pathname.endsWith("/") && (hasExplicitTrailingSlash || hasCurrentTrailingSlash)) path.pathname += "/";
|
|
723
736
|
return path;
|
|
724
737
|
}
|
|
725
|
-
const removeDoubleSlashes = (path) => path.replace(
|
|
738
|
+
const removeDoubleSlashes = (path) => path.replace(/[\\/]{2,}/g, "/");
|
|
726
739
|
const joinPaths = (paths) => removeDoubleSlashes(paths.join("/"));
|
|
727
740
|
const removeTrailingSlash = (path) => path.replace(/\/+$/, "");
|
|
728
741
|
const normalizePathname = (pathname) => removeTrailingSlash(pathname).replace(/^\/*/, "/");
|
|
@@ -2071,55 +2084,13 @@ function prependCookies(parentHeaders, childHeaders) {
|
|
|
2071
2084
|
}
|
|
2072
2085
|
}
|
|
2073
2086
|
//#endregion
|
|
2074
|
-
//#region lib/
|
|
2075
|
-
|
|
2076
|
-
|
|
2077
|
-
|
|
2078
|
-
|
|
2079
|
-
|
|
2080
|
-
} catch {
|
|
2081
|
-
throw new Error(`\`origin\` header is not a valid URL. Aborting the action.`);
|
|
2082
|
-
}
|
|
2083
|
-
let host = parseHostHeader(headers);
|
|
2084
|
-
if (originDomain && (!host || originDomain !== host.value)) {
|
|
2085
|
-
if (!isAllowedOrigin(originDomain, allowedActionOrigins)) if (host) throw new Error(`${host.type} header does not match \`origin\` header from a forwarded action request. Aborting the action.`);
|
|
2086
|
-
else throw new Error("`x-forwarded-host` or `host` headers are not provided. One of these is needed to compare the `origin` header from a forwarded action request. Aborting the action.");
|
|
2087
|
-
}
|
|
2088
|
-
}
|
|
2089
|
-
function matchWildcardDomain(domain, pattern) {
|
|
2090
|
-
const domainParts = domain.split(".");
|
|
2091
|
-
const patternParts = pattern.split(".");
|
|
2092
|
-
if (patternParts.length < 1) return false;
|
|
2093
|
-
if (domainParts.length < patternParts.length) return false;
|
|
2094
|
-
while (patternParts.length) {
|
|
2095
|
-
const patternPart = patternParts.pop();
|
|
2096
|
-
const domainPart = domainParts.pop();
|
|
2097
|
-
switch (patternPart) {
|
|
2098
|
-
case "": return false;
|
|
2099
|
-
case "*": if (domainPart) continue;
|
|
2100
|
-
else return false;
|
|
2101
|
-
case "**":
|
|
2102
|
-
if (patternParts.length > 0) return false;
|
|
2103
|
-
return domainPart !== void 0;
|
|
2104
|
-
case void 0:
|
|
2105
|
-
default: if (domainPart !== patternPart) return false;
|
|
2106
|
-
}
|
|
2087
|
+
//#region lib/server-runtime/warnings.ts
|
|
2088
|
+
const alreadyWarned = {};
|
|
2089
|
+
function warnOnce(condition, message) {
|
|
2090
|
+
if (!condition && !alreadyWarned[message]) {
|
|
2091
|
+
alreadyWarned[message] = true;
|
|
2092
|
+
console.warn(message);
|
|
2107
2093
|
}
|
|
2108
|
-
return domainParts.length === 0;
|
|
2109
|
-
}
|
|
2110
|
-
function isAllowedOrigin(originDomain, allowedActionOrigins = []) {
|
|
2111
|
-
return allowedActionOrigins.some((allowedOrigin) => allowedOrigin && (allowedOrigin === originDomain || matchWildcardDomain(originDomain, allowedOrigin)));
|
|
2112
|
-
}
|
|
2113
|
-
function parseHostHeader(headers) {
|
|
2114
|
-
let forwardedHostValue = headers.get("x-forwarded-host")?.split(",")[0]?.trim();
|
|
2115
|
-
let hostHeader = headers.get("host");
|
|
2116
|
-
return forwardedHostValue ? {
|
|
2117
|
-
type: "x-forwarded-host",
|
|
2118
|
-
value: forwardedHostValue
|
|
2119
|
-
} : hostHeader ? {
|
|
2120
|
-
type: "host",
|
|
2121
|
-
value: hostHeader
|
|
2122
|
-
} : void 0;
|
|
2123
2094
|
}
|
|
2124
2095
|
//#endregion
|
|
2125
2096
|
//#region lib/errors.ts
|
|
@@ -2154,15 +2125,61 @@ function createRouteErrorResponseDigest(response) {
|
|
|
2154
2125
|
data
|
|
2155
2126
|
})}`;
|
|
2156
2127
|
}
|
|
2128
|
+
function getPathsWithAncestors(paths) {
|
|
2129
|
+
let result = /* @__PURE__ */ new Set();
|
|
2130
|
+
paths.forEach((path) => {
|
|
2131
|
+
if (!path.startsWith("/")) path = `/${path}`;
|
|
2132
|
+
for (let i = 1; i < path.length; i++) if (path[i] === "/") result.add(path.slice(0, i));
|
|
2133
|
+
result.add(path);
|
|
2134
|
+
});
|
|
2135
|
+
return Array.from(result);
|
|
2136
|
+
}
|
|
2137
|
+
//#endregion
|
|
2138
|
+
//#region lib/actions.ts
|
|
2139
|
+
function throwIfPotentialCSRFAttack(request, allowedActionOrigins) {
|
|
2140
|
+
let originHeader = request.headers.get("origin");
|
|
2141
|
+
let originDomain = null;
|
|
2142
|
+
try {
|
|
2143
|
+
originDomain = typeof originHeader === "string" && originHeader !== "null" ? new URL(originHeader).host : originHeader;
|
|
2144
|
+
} catch {
|
|
2145
|
+
throw new Error(`\`origin\` header is not a valid URL. Aborting the action.`);
|
|
2146
|
+
}
|
|
2147
|
+
let host = new URL(request.url).host;
|
|
2148
|
+
if (originDomain && originDomain !== host) {
|
|
2149
|
+
if (!isAllowedOrigin(originDomain, allowedActionOrigins)) throw new Error("The `request.url` host does not match `origin` header from a forwarded action request. Aborting the action.");
|
|
2150
|
+
}
|
|
2151
|
+
}
|
|
2152
|
+
function matchWildcardDomain(domain, pattern) {
|
|
2153
|
+
const domainParts = domain.split(".");
|
|
2154
|
+
const patternParts = pattern.split(".");
|
|
2155
|
+
if (patternParts.length < 1) return false;
|
|
2156
|
+
if (domainParts.length < patternParts.length) return false;
|
|
2157
|
+
while (patternParts.length) {
|
|
2158
|
+
const patternPart = patternParts.pop();
|
|
2159
|
+
const domainPart = domainParts.pop();
|
|
2160
|
+
switch (patternPart) {
|
|
2161
|
+
case "": return false;
|
|
2162
|
+
case "*": if (domainPart) continue;
|
|
2163
|
+
else return false;
|
|
2164
|
+
case "**":
|
|
2165
|
+
if (patternParts.length > 0) return false;
|
|
2166
|
+
return domainPart !== void 0;
|
|
2167
|
+
case void 0:
|
|
2168
|
+
default: if (domainPart !== patternPart) return false;
|
|
2169
|
+
}
|
|
2170
|
+
}
|
|
2171
|
+
return domainParts.length === 0;
|
|
2172
|
+
}
|
|
2173
|
+
function isAllowedOrigin(originDomain, allowedActionOrigins = []) {
|
|
2174
|
+
return allowedActionOrigins.some((allowedOrigin) => allowedOrigin && (allowedOrigin === originDomain || matchWildcardDomain(originDomain, allowedOrigin)));
|
|
2175
|
+
}
|
|
2157
2176
|
//#endregion
|
|
2158
2177
|
//#region lib/server-runtime/urls.ts
|
|
2159
|
-
function getNormalizedPath(request
|
|
2160
|
-
basename = basename || "/";
|
|
2178
|
+
function getNormalizedPath(request) {
|
|
2161
2179
|
let url = new URL(request.url);
|
|
2162
2180
|
let pathname = url.pathname;
|
|
2163
2181
|
if (pathname.endsWith("/_.data")) pathname = pathname.replace(/_\.data$/, "");
|
|
2164
2182
|
else pathname = pathname.replace(/\.data$/, "");
|
|
2165
|
-
if (stripBasename(pathname, basename) !== "/" && pathname.endsWith("/")) pathname = pathname.slice(0, -1);
|
|
2166
2183
|
let searchParams = new URLSearchParams(url.search);
|
|
2167
2184
|
searchParams.delete("_routes");
|
|
2168
2185
|
let search = searchParams.toString();
|
|
@@ -2327,6 +2344,11 @@ async function matchRSCServerRequest({ allowedActionOrigins, createTemporaryRefe
|
|
|
2327
2344
|
return response;
|
|
2328
2345
|
}
|
|
2329
2346
|
async function generateManifestResponse(routes, basename, request, generateResponse, temporaryReferences, routeDiscovery) {
|
|
2347
|
+
let url = new URL(request.url);
|
|
2348
|
+
if (url.toString().length > 7680) return new Response(null, {
|
|
2349
|
+
statusText: "Bad Request",
|
|
2350
|
+
status: 400
|
|
2351
|
+
});
|
|
2330
2352
|
if (routeDiscovery?.mode === "initial") {
|
|
2331
2353
|
let payload = {
|
|
2332
2354
|
type: "manifest",
|
|
@@ -2344,7 +2366,6 @@ async function generateManifestResponse(routes, basename, request, generateRespo
|
|
|
2344
2366
|
onError: defaultOnError
|
|
2345
2367
|
});
|
|
2346
2368
|
}
|
|
2347
|
-
let url = new URL(request.url);
|
|
2348
2369
|
let pathParam = url.searchParams.get("paths");
|
|
2349
2370
|
let pathnames = pathParam ? pathParam.split(",").filter(Boolean) : [url.pathname.replace(/\.manifest$/, "")];
|
|
2350
2371
|
let routeIds = /* @__PURE__ */ new Set();
|
|
@@ -2445,7 +2466,7 @@ async function generateResourceResponse(request, routes, basename, routeId, requ
|
|
|
2445
2466
|
return generateErrorResponse(error);
|
|
2446
2467
|
}
|
|
2447
2468
|
},
|
|
2448
|
-
normalizePath: (r) => getNormalizedPath(r
|
|
2469
|
+
normalizePath: (r) => getNormalizedPath(r)
|
|
2449
2470
|
});
|
|
2450
2471
|
} catch (error) {
|
|
2451
2472
|
return generateErrorResponse(error);
|
|
@@ -2492,13 +2513,13 @@ async function generateRenderResponse(request, routes, basename, isDataRequest,
|
|
|
2492
2513
|
skipLoaderErrorBubbling: isDataRequest,
|
|
2493
2514
|
skipRevalidation: isSubmission,
|
|
2494
2515
|
...routeIdsToLoad ? { filterMatchesToLoad: (m) => routeIdsToLoad.includes(m.route.id) } : {},
|
|
2495
|
-
normalizePath: (r) => getNormalizedPath(r
|
|
2516
|
+
normalizePath: (r) => getNormalizedPath(r),
|
|
2496
2517
|
async generateMiddlewareResponse(query) {
|
|
2497
2518
|
let formState;
|
|
2498
2519
|
let skipRevalidation = false;
|
|
2499
2520
|
let potentialCSRFAttackError;
|
|
2500
2521
|
if (isMutationMethod(request.method)) try {
|
|
2501
|
-
throwIfPotentialCSRFAttack(request
|
|
2522
|
+
throwIfPotentialCSRFAttack(request, allowedActionOrigins);
|
|
2502
2523
|
ctx.runningAction = true;
|
|
2503
2524
|
let result = await processServerAction(request, basename, decodeReply, loadServerAction, decodeAction, decodeFormState, onError, temporaryReferences).finally(() => {
|
|
2504
2525
|
ctx.runningAction = false;
|
|
@@ -2613,7 +2634,7 @@ async function getRenderPayload(baseRenderPayload, routes, basename, routeIdsToL
|
|
|
2613
2634
|
parentId
|
|
2614
2635
|
});
|
|
2615
2636
|
}));
|
|
2616
|
-
let patches = routeDiscovery?.mode === "initial" && !isDataRequest ? getAllRoutePatches(routes, basename).then((patches) => patches.filter((patch) => !staticContext.matches.some((m) => m.route.id === patch.id))) : getAdditionalRoutePatches([staticContext.location.pathname], routes, basename, staticContext.matches.map((m) => m.route.id));
|
|
2637
|
+
let patches = routeDiscovery?.mode === "initial" && !isDataRequest ? getAllRoutePatches(routes, basename).then((patches) => patches.filter((patch) => !staticContext.matches.some((m) => m.route.id === patch.id))) : getAdditionalRoutePatches(getPathsWithAncestors([staticContext.location.pathname]), routes, basename, staticContext.matches.map((m) => m.route.id));
|
|
2617
2638
|
return {
|
|
2618
2639
|
...baseRenderPayload,
|
|
2619
2640
|
matches: await matchesPromise,
|
|
@@ -2721,23 +2742,14 @@ async function getAdditionalRoutePatches(pathnames, routes, basename, matchedRou
|
|
|
2721
2742
|
let patchRouteMatches = /* @__PURE__ */ new Map();
|
|
2722
2743
|
let matchedPaths = /* @__PURE__ */ new Set();
|
|
2723
2744
|
for (const pathname of pathnames) {
|
|
2724
|
-
|
|
2725
|
-
|
|
2726
|
-
|
|
2727
|
-
|
|
2728
|
-
|
|
2729
|
-
|
|
2730
|
-
|
|
2731
|
-
|
|
2732
|
-
if (matchedPaths.has(path)) return;
|
|
2733
|
-
matchedPaths.add(path);
|
|
2734
|
-
let matches = matchRoutes(routes, path, basename) || [];
|
|
2735
|
-
matches.forEach((m, i) => {
|
|
2736
|
-
if (patchRouteMatches.get(m.route.id)) return;
|
|
2737
|
-
patchRouteMatches.set(m.route.id, {
|
|
2738
|
-
...m.route,
|
|
2739
|
-
parentId: matches[i - 1]?.route.id
|
|
2740
|
-
});
|
|
2745
|
+
if (matchedPaths.has(pathname)) continue;
|
|
2746
|
+
matchedPaths.add(pathname);
|
|
2747
|
+
let matches = matchRoutes(routes, pathname, basename) || [];
|
|
2748
|
+
matches.forEach((m, i) => {
|
|
2749
|
+
if (patchRouteMatches.get(m.route.id)) return;
|
|
2750
|
+
patchRouteMatches.set(m.route.id, {
|
|
2751
|
+
...m.route,
|
|
2752
|
+
parentId: matches[i - 1]?.route.id
|
|
2741
2753
|
});
|
|
2742
2754
|
});
|
|
2743
2755
|
}
|
|
@@ -2836,15 +2848,6 @@ function byteStringToUint8Array(byteString) {
|
|
|
2836
2848
|
return array;
|
|
2837
2849
|
}
|
|
2838
2850
|
//#endregion
|
|
2839
|
-
//#region lib/server-runtime/warnings.ts
|
|
2840
|
-
const alreadyWarned = {};
|
|
2841
|
-
function warnOnce(condition, message) {
|
|
2842
|
-
if (!condition && !alreadyWarned[message]) {
|
|
2843
|
-
alreadyWarned[message] = true;
|
|
2844
|
-
console.warn(message);
|
|
2845
|
-
}
|
|
2846
|
-
}
|
|
2847
|
-
//#endregion
|
|
2848
2851
|
//#region lib/server-runtime/cookies.ts
|
|
2849
2852
|
/**
|
|
2850
2853
|
* Creates a logical container for managing a browser cookie from the server.
|
|
@@ -26,7 +26,6 @@ import { DecodeActionFunction, DecodeFormStateFunction, DecodeReplyFunction, Loa
|
|
|
26
26
|
import { BrowserCreateFromReadableStreamFunction, EncodeReplyFunction, RSCHydratedRouterProps } from "./lib/rsc/browser.js";
|
|
27
27
|
import { RSCStaticRouter, RSCStaticRouterProps, SSRCreateFromReadableStreamFunction, routeRSCServerRequest } from "./lib/rsc/server.ssr.js";
|
|
28
28
|
import { RSCDefaultRootErrorBoundary } from "./lib/rsc/errorBoundaries.js";
|
|
29
|
-
import { deserializeErrors } from "./lib/dom/ssr/errors.js";
|
|
30
29
|
import { RemixErrorBoundary } from "./lib/dom/ssr/errorBoundaries.js";
|
|
31
30
|
import { getPatchRoutesOnNavigationFunction, useFogOFWarDiscovery } from "./lib/dom/ssr/fog-of-war.js";
|
|
32
31
|
import { getHydrationData } from "./lib/dom/ssr/hydration.js";
|
|
@@ -43,4 +42,4 @@ import { ClientInstrumentation, InstrumentRequestHandlerFunction, InstrumentRout
|
|
|
43
42
|
declare const unstable_getRequest: typeof getRequest;
|
|
44
43
|
declare const unstable_matchRSCServerRequest: typeof matchRSCServerRequest;
|
|
45
44
|
//#endregion
|
|
46
|
-
export { type ActionFunction, type ActionFunctionArgs, type AppLoadContext, Await, type AwaitProps, type BaseRouteObject, type Blocker, type BlockerFunction, BrowserRouter, type BrowserRouterProps, type ClientActionFunction, type ClientActionFunctionArgs, type ClientInstrumentation, type ClientLoaderFunction, type ClientLoaderFunctionArgs, type ClientOnErrorFunction, type Cookie, type CookieOptions, type CookieParseOptions, type CookieSerializeOptions, type CookieSignatureOptions, type CreateRequestHandlerFunction, type DOMRouterOpts, type DataRouteMatch, type DataRouteObject, type Router as DataRouter, type DataStrategyFunction, type DataStrategyFunctionArgs, type DataStrategyMatch, type DataStrategyResult, type DiscoverBehavior, type EntryContext, type ErrorResponse, type Fetcher, type FetcherFormProps, type FetcherSubmitFunction, type FetcherSubmitOptions, type FetcherWithComponents, type FlashSessionData, Form, type FormEncType, type FormMethod, type FormProps, type Future, type GetScrollPositionFunction, type GetScrollRestorationKeyFunction, type HTMLFormMethod, type HandleDataRequestFunction, type HandleDocumentRequestFunction, type HandleErrorFunction, HashRouter, type HashRouterProps, type HeadersArgs, type HeadersFunction, type HistoryRouterProps, type HtmlLinkDescriptor, type HydrationState, IDLE_BLOCKER, IDLE_FETCHER, IDLE_NAVIGATION, type IndexRouteObject, type IndexRouteProps, type InitialEntry, type InstrumentRequestHandlerFunction, type InstrumentRouteFunction, type InstrumentRouterFunction, type InstrumentationHandlerResult, type IsCookieFunction, type IsSessionFunction, type LayoutRouteProps, type LazyRouteFunction, Link, type LinkDescriptor, type LinkProps, Links, type LinksFunction, type LinksProps, type LoaderFunction, type LoaderFunctionArgs, type Location, MemoryRouter, type MemoryRouterOpts, type MemoryRouterProps, Meta, type MetaArgs, type MetaDescriptor, type MetaFunction, type MiddlewareFunction, NavLink, type NavLinkProps, type NavLinkRenderProps, Navigate, type NavigateFunction, type NavigateOptions, type NavigateProps, type Navigation, type NavigationStates, Action as NavigationType, type Navigator, type NonIndexRouteObject, Outlet, type OutletProps, type PageLinkDescriptor, type ParamKeyValuePair, type ParamParseKey, type Params, type PatchRoutesOnNavigationFunction, type PatchRoutesOnNavigationFunctionArgs, type Path, type PathMatch, type PathParam, type PathPattern, type PathRouteProps, type PrefetchBehavior, PrefetchPageLinks, type RedirectFunction, type Register, type RelativeRoutingType, type RequestHandler, type RevalidationState, Route, type RouteMatch, type RouteObject, type RouteProps, Router$1 as Router, type RouterContext, RouterContextProvider, type RouterFetchOptions, type RouterInit, type RouterNavigateOptions, type RouterProps, RouterProvider, type RouterProviderProps, type RouterState, type RouterSubscriber, Routes, type RoutesProps, type RoutesTestStubProps, Scripts, type ScriptsProps, ScrollRestoration, type ScrollRestorationProps, type ServerBuild, type ServerEntryModule, type ServerInstrumentation, ServerRouter, type ServerRouterProps, type Session, type SessionData, type SessionIdStorageStrategy, type SessionStorage, type SetURLSearchParams, type ShouldRevalidateFunction, type ShouldRevalidateFunctionArgs, type StaticHandler, type StaticHandlerContext, StaticRouter, type StaticRouterProps, StaticRouterProvider, type StaticRouterProviderProps, type SubmitFunction, type SubmitOptions, type SubmitTarget, type To, type UIMatch, type AssetsManifest as UNSAFE_AssetsManifest, AwaitContextProvider as UNSAFE_AwaitContextProvider, DataRouterContext as UNSAFE_DataRouterContext, DataRouterStateContext as UNSAFE_DataRouterStateContext, type DataWithResponseInit as UNSAFE_DataWithResponseInit, ErrorResponseImpl as UNSAFE_ErrorResponseImpl, FetchersContext as UNSAFE_FetchersContext, FrameworkContext as UNSAFE_FrameworkContext, LocationContext as UNSAFE_LocationContext, NavigationContext as UNSAFE_NavigationContext, RSCDefaultRootErrorBoundary as UNSAFE_RSCDefaultRootErrorBoundary, RemixErrorBoundary as UNSAFE_RemixErrorBoundary, RouteContext as UNSAFE_RouteContext, type RouteModules as UNSAFE_RouteModules, ServerMode as UNSAFE_ServerMode, SingleFetchRedirectSymbol as UNSAFE_SingleFetchRedirectSymbol, ViewTransitionContext as UNSAFE_ViewTransitionContext, WithComponentProps as UNSAFE_WithComponentProps, WithErrorBoundaryProps as UNSAFE_WithErrorBoundaryProps, WithHydrateFallbackProps as UNSAFE_WithHydrateFallbackProps, createBrowserHistory as UNSAFE_createBrowserHistory, createClientRoutes as UNSAFE_createClientRoutes, createClientRoutesWithHMRRevalidationOptOut as UNSAFE_createClientRoutesWithHMRRevalidationOptOut, createHashHistory as UNSAFE_createHashHistory, createMemoryHistory as UNSAFE_createMemoryHistory, createRouter as UNSAFE_createRouter, decodeViaTurboStream as UNSAFE_decodeViaTurboStream, defaultMapRouteProperties as UNSAFE_defaultMapRouteProperties,
|
|
45
|
+
export { type ActionFunction, type ActionFunctionArgs, type AppLoadContext, Await, type AwaitProps, type BaseRouteObject, type Blocker, type BlockerFunction, BrowserRouter, type BrowserRouterProps, type ClientActionFunction, type ClientActionFunctionArgs, type ClientInstrumentation, type ClientLoaderFunction, type ClientLoaderFunctionArgs, type ClientOnErrorFunction, type Cookie, type CookieOptions, type CookieParseOptions, type CookieSerializeOptions, type CookieSignatureOptions, type CreateRequestHandlerFunction, type DOMRouterOpts, type DataRouteMatch, type DataRouteObject, type Router as DataRouter, type DataStrategyFunction, type DataStrategyFunctionArgs, type DataStrategyMatch, type DataStrategyResult, type DiscoverBehavior, type EntryContext, type ErrorResponse, type Fetcher, type FetcherFormProps, type FetcherSubmitFunction, type FetcherSubmitOptions, type FetcherWithComponents, type FlashSessionData, Form, type FormEncType, type FormMethod, type FormProps, type Future, type GetScrollPositionFunction, type GetScrollRestorationKeyFunction, type HTMLFormMethod, type HandleDataRequestFunction, type HandleDocumentRequestFunction, type HandleErrorFunction, HashRouter, type HashRouterProps, type HeadersArgs, type HeadersFunction, type HistoryRouterProps, type HtmlLinkDescriptor, type HydrationState, IDLE_BLOCKER, IDLE_FETCHER, IDLE_NAVIGATION, type IndexRouteObject, type IndexRouteProps, type InitialEntry, type InstrumentRequestHandlerFunction, type InstrumentRouteFunction, type InstrumentRouterFunction, type InstrumentationHandlerResult, type IsCookieFunction, type IsSessionFunction, type LayoutRouteProps, type LazyRouteFunction, Link, type LinkDescriptor, type LinkProps, Links, type LinksFunction, type LinksProps, type LoaderFunction, type LoaderFunctionArgs, type Location, MemoryRouter, type MemoryRouterOpts, type MemoryRouterProps, Meta, type MetaArgs, type MetaDescriptor, type MetaFunction, type MiddlewareFunction, NavLink, type NavLinkProps, type NavLinkRenderProps, Navigate, type NavigateFunction, type NavigateOptions, type NavigateProps, type Navigation, type NavigationStates, Action as NavigationType, type Navigator, type NonIndexRouteObject, Outlet, type OutletProps, type PageLinkDescriptor, type ParamKeyValuePair, type ParamParseKey, type Params, type PatchRoutesOnNavigationFunction, type PatchRoutesOnNavigationFunctionArgs, type Path, type PathMatch, type PathParam, type PathPattern, type PathRouteProps, type PrefetchBehavior, PrefetchPageLinks, type RedirectFunction, type Register, type RelativeRoutingType, type RequestHandler, type RevalidationState, Route, type RouteMatch, type RouteObject, type RouteProps, Router$1 as Router, type RouterContext, RouterContextProvider, type RouterFetchOptions, type RouterInit, type RouterNavigateOptions, type RouterProps, RouterProvider, type RouterProviderProps, type RouterState, type RouterSubscriber, Routes, type RoutesProps, type RoutesTestStubProps, Scripts, type ScriptsProps, ScrollRestoration, type ScrollRestorationProps, type ServerBuild, type ServerEntryModule, type ServerInstrumentation, ServerRouter, type ServerRouterProps, type Session, type SessionData, type SessionIdStorageStrategy, type SessionStorage, type SetURLSearchParams, type ShouldRevalidateFunction, type ShouldRevalidateFunctionArgs, type StaticHandler, type StaticHandlerContext, StaticRouter, type StaticRouterProps, StaticRouterProvider, type StaticRouterProviderProps, type SubmitFunction, type SubmitOptions, type SubmitTarget, type To, type UIMatch, type AssetsManifest as UNSAFE_AssetsManifest, AwaitContextProvider as UNSAFE_AwaitContextProvider, DataRouterContext as UNSAFE_DataRouterContext, DataRouterStateContext as UNSAFE_DataRouterStateContext, type DataWithResponseInit as UNSAFE_DataWithResponseInit, ErrorResponseImpl as UNSAFE_ErrorResponseImpl, FetchersContext as UNSAFE_FetchersContext, FrameworkContext as UNSAFE_FrameworkContext, LocationContext as UNSAFE_LocationContext, NavigationContext as UNSAFE_NavigationContext, RSCDefaultRootErrorBoundary as UNSAFE_RSCDefaultRootErrorBoundary, RemixErrorBoundary as UNSAFE_RemixErrorBoundary, RouteContext as UNSAFE_RouteContext, type RouteModules as UNSAFE_RouteModules, ServerMode as UNSAFE_ServerMode, SingleFetchRedirectSymbol as UNSAFE_SingleFetchRedirectSymbol, ViewTransitionContext as UNSAFE_ViewTransitionContext, WithComponentProps as UNSAFE_WithComponentProps, WithErrorBoundaryProps as UNSAFE_WithErrorBoundaryProps, WithHydrateFallbackProps as UNSAFE_WithHydrateFallbackProps, createBrowserHistory as UNSAFE_createBrowserHistory, createClientRoutes as UNSAFE_createClientRoutes, createClientRoutesWithHMRRevalidationOptOut as UNSAFE_createClientRoutesWithHMRRevalidationOptOut, createHashHistory as UNSAFE_createHashHistory, createMemoryHistory as UNSAFE_createMemoryHistory, createRouter as UNSAFE_createRouter, decodeViaTurboStream as UNSAFE_decodeViaTurboStream, defaultMapRouteProperties as UNSAFE_defaultMapRouteProperties, getHydrationData as UNSAFE_getHydrationData, getPatchRoutesOnNavigationFunction as UNSAFE_getPatchRoutesOnNavigationFunction, getTurboStreamSingleFetchDataStrategy as UNSAFE_getTurboStreamSingleFetchDataStrategy, hydrationRouteProperties as UNSAFE_hydrationRouteProperties, invariant as UNSAFE_invariant, shouldHydrateRouteLoader as UNSAFE_shouldHydrateRouteLoader, useFogOFWarDiscovery as UNSAFE_useFogOFWarDiscovery, useScrollRestoration as UNSAFE_useScrollRestoration, withComponentProps as UNSAFE_withComponentProps, withErrorBoundaryProps as UNSAFE_withErrorBoundaryProps, withHydrateFallbackProps as UNSAFE_withHydrateFallbackProps, type URLSearchParamsInit, createBrowserRouter, createContext, createCookie, createCookieSessionStorage, createHashRouter, createMemoryRouter, createMemorySessionStorage, createPath, createRequestHandler, createRoutesFromChildren, createRoutesFromElements, createRoutesStub, createSearchParams, createSession, createSessionStorage, createStaticHandler, createStaticRouter, data, generatePath, href, isCookie, isRouteErrorResponse, isSession, matchPath, matchRoutes, parsePath, redirect, redirectDocument, renderMatches, replace, resolvePath, type BrowserCreateFromReadableStreamFunction as unstable_BrowserCreateFromReadableStreamFunction, type DecodeActionFunction as unstable_DecodeActionFunction, type DecodeFormStateFunction as unstable_DecodeFormStateFunction, type DecodeReplyFunction as unstable_DecodeReplyFunction, type EncodeReplyFunction as unstable_EncodeReplyFunction, HistoryRouter as unstable_HistoryRouter, type LoadServerActionFunction as unstable_LoadServerActionFunction, type RSCHydratedRouterProps as unstable_RSCHydratedRouterProps, type RSCManifestPayload as unstable_RSCManifestPayload, type RSCMatch as unstable_RSCMatch, type RSCPayload as unstable_RSCPayload, type RSCRenderPayload as unstable_RSCRenderPayload, type RSCRouteConfig as unstable_RSCRouteConfig, type RSCRouteConfigEntry as unstable_RSCRouteConfigEntry, type RSCRouteManifest as unstable_RSCRouteManifest, type RSCRouteMatch as unstable_RSCRouteMatch, RSCStaticRouter as unstable_RSCStaticRouter, type RSCStaticRouterProps as unstable_RSCStaticRouterProps, type unstable_RouterState, type unstable_RouterStateActiveVariant, type unstable_RouterStatePendingVariant, type SSRCreateFromReadableStreamFunction as unstable_SSRCreateFromReadableStreamFunction, type unstable_SerializesTo, unstable_getRequest, unstable_matchRSCServerRequest, routeRSCServerRequest as unstable_routeRSCServerRequest, setDevServerHooks as unstable_setDevServerHooks, usePrompt as unstable_usePrompt, useRoute as unstable_useRoute, useRouterState as unstable_useRouterState, useActionData, useAsyncError, useAsyncValue, useBeforeUnload, useBlocker, useFetcher, useFetchers, useFormAction, useHref, useInRouterContext, useLinkClickHandler, useLoaderData, useLocation, useMatch, useMatches, useNavigate, useNavigation, useNavigationType, useOutlet, useOutletContext, useParams, useResolvedPath, useRevalidator, useRouteError, useRouteLoaderData, useRoutes, useSearchParams, useSubmit, useViewTransitionState };
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* react-router v8.0.0-pre.
|
|
2
|
+
* react-router v8.0.0-pre.1
|
|
3
3
|
*
|
|
4
4
|
* Copyright (c) Remix Software Inc.
|
|
5
5
|
*
|
|
@@ -35,7 +35,6 @@ import { createMemorySessionStorage } from "./lib/server-runtime/sessions/memory
|
|
|
35
35
|
import { href } from "./lib/href.js";
|
|
36
36
|
import { RSCDefaultRootErrorBoundary } from "./lib/rsc/errorBoundaries.js";
|
|
37
37
|
import { RSCStaticRouter, routeRSCServerRequest } from "./lib/rsc/server.ssr.js";
|
|
38
|
-
import { deserializeErrors } from "./lib/dom/ssr/errors.js";
|
|
39
38
|
import { getHydrationData } from "./lib/dom/ssr/hydration.js";
|
|
40
39
|
//#region index.ts
|
|
41
40
|
/**
|
|
@@ -43,4 +42,4 @@ import { getHydrationData } from "./lib/dom/ssr/hydration.js";
|
|
|
43
42
|
* @mergeModuleWith react-router
|
|
44
43
|
*/
|
|
45
44
|
//#endregion
|
|
46
|
-
export { Await, BrowserRouter, Form, HashRouter, IDLE_BLOCKER, IDLE_FETCHER, IDLE_NAVIGATION, Link, Links, MemoryRouter, Meta, NavLink, Navigate, Action as NavigationType, Outlet, PrefetchPageLinks, Route, Router, RouterContextProvider, RouterProvider, Routes, Scripts, ScrollRestoration, ServerRouter, StaticRouter, StaticRouterProvider, AwaitContextProvider as UNSAFE_AwaitContextProvider, DataRouterContext as UNSAFE_DataRouterContext, DataRouterStateContext as UNSAFE_DataRouterStateContext, ErrorResponseImpl as UNSAFE_ErrorResponseImpl, FetchersContext as UNSAFE_FetchersContext, FrameworkContext as UNSAFE_FrameworkContext, LocationContext as UNSAFE_LocationContext, NavigationContext as UNSAFE_NavigationContext, RSCDefaultRootErrorBoundary as UNSAFE_RSCDefaultRootErrorBoundary, RemixErrorBoundary as UNSAFE_RemixErrorBoundary, RouteContext as UNSAFE_RouteContext, ServerMode as UNSAFE_ServerMode, SingleFetchRedirectSymbol as UNSAFE_SingleFetchRedirectSymbol, ViewTransitionContext as UNSAFE_ViewTransitionContext, WithComponentProps as UNSAFE_WithComponentProps, WithErrorBoundaryProps as UNSAFE_WithErrorBoundaryProps, WithHydrateFallbackProps as UNSAFE_WithHydrateFallbackProps, createBrowserHistory as UNSAFE_createBrowserHistory, createClientRoutes as UNSAFE_createClientRoutes, createClientRoutesWithHMRRevalidationOptOut as UNSAFE_createClientRoutesWithHMRRevalidationOptOut, createHashHistory as UNSAFE_createHashHistory, createMemoryHistory as UNSAFE_createMemoryHistory, createRouter as UNSAFE_createRouter, decodeViaTurboStream as UNSAFE_decodeViaTurboStream, defaultMapRouteProperties as UNSAFE_defaultMapRouteProperties,
|
|
45
|
+
export { Await, BrowserRouter, Form, HashRouter, IDLE_BLOCKER, IDLE_FETCHER, IDLE_NAVIGATION, Link, Links, MemoryRouter, Meta, NavLink, Navigate, Action as NavigationType, Outlet, PrefetchPageLinks, Route, Router, RouterContextProvider, RouterProvider, Routes, Scripts, ScrollRestoration, ServerRouter, StaticRouter, StaticRouterProvider, AwaitContextProvider as UNSAFE_AwaitContextProvider, DataRouterContext as UNSAFE_DataRouterContext, DataRouterStateContext as UNSAFE_DataRouterStateContext, ErrorResponseImpl as UNSAFE_ErrorResponseImpl, FetchersContext as UNSAFE_FetchersContext, FrameworkContext as UNSAFE_FrameworkContext, LocationContext as UNSAFE_LocationContext, NavigationContext as UNSAFE_NavigationContext, RSCDefaultRootErrorBoundary as UNSAFE_RSCDefaultRootErrorBoundary, RemixErrorBoundary as UNSAFE_RemixErrorBoundary, RouteContext as UNSAFE_RouteContext, ServerMode as UNSAFE_ServerMode, SingleFetchRedirectSymbol as UNSAFE_SingleFetchRedirectSymbol, ViewTransitionContext as UNSAFE_ViewTransitionContext, WithComponentProps as UNSAFE_WithComponentProps, WithErrorBoundaryProps as UNSAFE_WithErrorBoundaryProps, WithHydrateFallbackProps as UNSAFE_WithHydrateFallbackProps, createBrowserHistory as UNSAFE_createBrowserHistory, createClientRoutes as UNSAFE_createClientRoutes, createClientRoutesWithHMRRevalidationOptOut as UNSAFE_createClientRoutesWithHMRRevalidationOptOut, createHashHistory as UNSAFE_createHashHistory, createMemoryHistory as UNSAFE_createMemoryHistory, createRouter as UNSAFE_createRouter, decodeViaTurboStream as UNSAFE_decodeViaTurboStream, defaultMapRouteProperties as UNSAFE_defaultMapRouteProperties, getHydrationData as UNSAFE_getHydrationData, getPatchRoutesOnNavigationFunction as UNSAFE_getPatchRoutesOnNavigationFunction, getTurboStreamSingleFetchDataStrategy as UNSAFE_getTurboStreamSingleFetchDataStrategy, hydrationRouteProperties as UNSAFE_hydrationRouteProperties, invariant as UNSAFE_invariant, shouldHydrateRouteLoader as UNSAFE_shouldHydrateRouteLoader, useFogOFWarDiscovery as UNSAFE_useFogOFWarDiscovery, useScrollRestoration as UNSAFE_useScrollRestoration, withComponentProps as UNSAFE_withComponentProps, withErrorBoundaryProps as UNSAFE_withErrorBoundaryProps, withHydrateFallbackProps as UNSAFE_withHydrateFallbackProps, createBrowserRouter, createContext, createCookie, createCookieSessionStorage, createHashRouter, createMemoryRouter, createMemorySessionStorage, createPath, createRequestHandler, createRoutesFromChildren, createRoutesFromElements, createRoutesStub, createSearchParams, createSession, createSessionStorage, createStaticHandler, createStaticRouter, data, generatePath, href, isCookie, isRouteErrorResponse, isSession, matchPath, matchRoutes, parsePath, redirect, redirectDocument, renderMatches, replace, resolvePath, HistoryRouter as unstable_HistoryRouter, RSCStaticRouter as unstable_RSCStaticRouter, routeRSCServerRequest as unstable_routeRSCServerRequest, setDevServerHooks as unstable_setDevServerHooks, usePrompt as unstable_usePrompt, useRoute as unstable_useRoute, useRouterState as unstable_useRouterState, useActionData, useAsyncError, useAsyncValue, useBeforeUnload, useBlocker, useFetcher, useFetchers, useFormAction, useHref, useInRouterContext, useLinkClickHandler, useLoaderData, useLocation, useMatch, useMatches, useNavigate, useNavigation, useNavigationType, useOutlet, useOutletContext, useParams, useResolvedPath, useRevalidator, useRouteError, useRouteLoaderData, useRoutes, useSearchParams, useSubmit, useViewTransitionState };
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* react-router v8.0.0-pre.
|
|
2
|
+
* react-router v8.0.0-pre.1
|
|
3
3
|
*
|
|
4
4
|
* Copyright (c) Remix Software Inc.
|
|
5
5
|
*
|
|
@@ -9,18 +9,17 @@
|
|
|
9
9
|
* @license MIT
|
|
10
10
|
*/
|
|
11
11
|
//#region lib/actions.ts
|
|
12
|
-
function throwIfPotentialCSRFAttack(
|
|
13
|
-
let originHeader = headers.get("origin");
|
|
12
|
+
function throwIfPotentialCSRFAttack(request, allowedActionOrigins) {
|
|
13
|
+
let originHeader = request.headers.get("origin");
|
|
14
14
|
let originDomain = null;
|
|
15
15
|
try {
|
|
16
16
|
originDomain = typeof originHeader === "string" && originHeader !== "null" ? new URL(originHeader).host : originHeader;
|
|
17
17
|
} catch {
|
|
18
18
|
throw new Error(`\`origin\` header is not a valid URL. Aborting the action.`);
|
|
19
19
|
}
|
|
20
|
-
let host =
|
|
21
|
-
if (originDomain &&
|
|
22
|
-
if (!isAllowedOrigin(originDomain, allowedActionOrigins))
|
|
23
|
-
else throw new Error("`x-forwarded-host` or `host` headers are not provided. One of these is needed to compare the `origin` header from a forwarded action request. Aborting the action.");
|
|
20
|
+
let host = new URL(request.url).host;
|
|
21
|
+
if (originDomain && originDomain !== host) {
|
|
22
|
+
if (!isAllowedOrigin(originDomain, allowedActionOrigins)) throw new Error("The `request.url` host does not match `origin` header from a forwarded action request. Aborting the action.");
|
|
24
23
|
}
|
|
25
24
|
}
|
|
26
25
|
function matchWildcardDomain(domain, pattern) {
|
|
@@ -47,16 +46,5 @@ function matchWildcardDomain(domain, pattern) {
|
|
|
47
46
|
function isAllowedOrigin(originDomain, allowedActionOrigins = []) {
|
|
48
47
|
return allowedActionOrigins.some((allowedOrigin) => allowedOrigin && (allowedOrigin === originDomain || matchWildcardDomain(originDomain, allowedOrigin)));
|
|
49
48
|
}
|
|
50
|
-
function parseHostHeader(headers) {
|
|
51
|
-
let forwardedHostValue = headers.get("x-forwarded-host")?.split(",")[0]?.trim();
|
|
52
|
-
let hostHeader = headers.get("host");
|
|
53
|
-
return forwardedHostValue ? {
|
|
54
|
-
type: "x-forwarded-host",
|
|
55
|
-
value: forwardedHostValue
|
|
56
|
-
} : hostHeader ? {
|
|
57
|
-
type: "host",
|
|
58
|
-
value: hostHeader
|
|
59
|
-
} : void 0;
|
|
60
|
-
}
|
|
61
49
|
//#endregion
|
|
62
50
|
export { throwIfPotentialCSRFAttack };
|
|
@@ -129,6 +129,10 @@ interface MemoryRouterOpts {
|
|
|
129
129
|
* in-memory [`History`](https://developer.mozilla.org/en-US/docs/Web/API/History)
|
|
130
130
|
* stack. Useful for non-browser environments without a DOM API.
|
|
131
131
|
*
|
|
132
|
+
* Data Routers should not be held in React state. You should create your router
|
|
133
|
+
* once outside of the React tree and pass it to {@link RouterProvider | `<RouterProvider>`}.
|
|
134
|
+
* You can use `patchRoutesOnNavigation` to add additional routes programmatically.
|
|
135
|
+
*
|
|
132
136
|
* @public
|
|
133
137
|
* @category Data Routers
|
|
134
138
|
* @mode data
|
|
@@ -163,7 +167,9 @@ interface ClientOnErrorFunction {
|
|
|
163
167
|
*/
|
|
164
168
|
interface RouterProviderProps {
|
|
165
169
|
/**
|
|
166
|
-
* The {@link DataRouter} instance to use for navigation and data fetching.
|
|
170
|
+
* The {@link DataRouter} instance to use for navigation and data fetching. The
|
|
171
|
+
* router prop should be a single router instance created outside of the React
|
|
172
|
+
* tree. Avoid creating new routers during React renders/re-renders.
|
|
167
173
|
*/
|
|
168
174
|
router: Router$1;
|
|
169
175
|
/**
|
|
@@ -187,7 +193,7 @@ interface RouterProviderProps {
|
|
|
187
193
|
* and is only present for render errors.
|
|
188
194
|
*
|
|
189
195
|
* ```tsx
|
|
190
|
-
* <RouterProvider onError=(error, info) => {
|
|
196
|
+
* <RouterProvider onError={(error, info) => {
|
|
191
197
|
* let { location, params, pattern, errorInfo } = info;
|
|
192
198
|
* console.error(error, location, errorInfo);
|
|
193
199
|
* reportToErrorService(error, location, errorInfo);
|
|
@@ -217,7 +223,9 @@ interface RouterProviderProps {
|
|
|
217
223
|
}
|
|
218
224
|
/**
|
|
219
225
|
* Render the UI for the given {@link DataRouter}. This component should
|
|
220
|
-
* typically be at the top of an app's element tree.
|
|
226
|
+
* typically be at the top of an app's element tree. The router prop should
|
|
227
|
+
* be a single router instance created outside of the React tree. Avoid
|
|
228
|
+
* creating new routers during React renders/re-renders.
|
|
221
229
|
*
|
|
222
230
|
* ```tsx
|
|
223
231
|
* import { createBrowserRouter } from "react-router";
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* react-router v8.0.0-pre.
|
|
2
|
+
* react-router v8.0.0-pre.1
|
|
3
3
|
*
|
|
4
4
|
* Copyright (c) Remix Software Inc.
|
|
5
5
|
*
|
|
@@ -23,6 +23,10 @@ const hydrationRouteProperties = ["HydrateFallback", "hydrateFallbackElement"];
|
|
|
23
23
|
* in-memory [`History`](https://developer.mozilla.org/en-US/docs/Web/API/History)
|
|
24
24
|
* stack. Useful for non-browser environments without a DOM API.
|
|
25
25
|
*
|
|
26
|
+
* Data Routers should not be held in React state. You should create your router
|
|
27
|
+
* once outside of the React tree and pass it to {@link RouterProvider | `<RouterProvider>`}.
|
|
28
|
+
* You can use `patchRoutesOnNavigation` to add additional routes programmatically.
|
|
29
|
+
*
|
|
26
30
|
* @public
|
|
27
31
|
* @category Data Routers
|
|
28
32
|
* @mode data
|
|
@@ -81,7 +85,9 @@ var Deferred = class {
|
|
|
81
85
|
};
|
|
82
86
|
/**
|
|
83
87
|
* Render the UI for the given {@link DataRouter}. This component should
|
|
84
|
-
* typically be at the top of an app's element tree.
|
|
88
|
+
* typically be at the top of an app's element tree. The router prop should
|
|
89
|
+
* be a single router instance created outside of the React tree. Avoid
|
|
90
|
+
* creating new routers during React renders/re-renders.
|
|
85
91
|
*
|
|
86
92
|
* ```tsx
|
|
87
93
|
* import { createBrowserRouter } from "react-router";
|
|
@@ -503,6 +503,10 @@ interface DOMRouterOpts {
|
|
|
503
503
|
* path via [`history.pushState`](https://developer.mozilla.org/en-US/docs/Web/API/History/pushState)
|
|
504
504
|
* and [`history.replaceState`](https://developer.mozilla.org/en-US/docs/Web/API/History/replaceState).
|
|
505
505
|
*
|
|
506
|
+
* Data Routers should not be held in React state. You should create your router
|
|
507
|
+
* once outside of the React tree and pass it to {@link RouterProvider | `<RouterProvider>`}.
|
|
508
|
+
* You can use `patchRoutesOnNavigation` to add additional routes programmatically.
|
|
509
|
+
*
|
|
506
510
|
* @public
|
|
507
511
|
* @category Data Routers
|
|
508
512
|
* @mode data
|
|
@@ -523,6 +527,10 @@ declare function createBrowserRouter(routes: RouteObject[], opts?: DOMRouterOpts
|
|
|
523
527
|
* Create a new {@link DataRouter| data router} that manages the application
|
|
524
528
|
* path via the URL [`hash`](https://developer.mozilla.org/en-US/docs/Web/API/URL/hash).
|
|
525
529
|
*
|
|
530
|
+
* Data Routers should not be held in React state. You should create your router
|
|
531
|
+
* once outside of the React tree and pass it to {@link RouterProvider | `<RouterProvider>`}.
|
|
532
|
+
* You can use `patchRoutesOnNavigation` to add additional routes programmatically.
|
|
533
|
+
*
|
|
526
534
|
* @public
|
|
527
535
|
* @category Data Routers
|
|
528
536
|
* @mode data
|
|
@@ -1350,7 +1358,10 @@ type ScrollRestorationProps = ScriptsProps & {
|
|
|
1350
1358
|
* }
|
|
1351
1359
|
* ```
|
|
1352
1360
|
*
|
|
1353
|
-
* This component renders an inline `<script>` to prevent scroll flashing. The
|
|
1361
|
+
* This component renders an inline `<script>` to prevent scroll flashing. The
|
|
1362
|
+
* `nonce` prop will be passed down to the script tag to allow CSP nonce usage.
|
|
1363
|
+
* If not provided in Framework Mode, it will default to any
|
|
1364
|
+
* {@link ServerRouter | `<ServerRouter nonce>`} prop.
|
|
1354
1365
|
*
|
|
1355
1366
|
* ```tsx
|
|
1356
1367
|
* <ScrollRestoration nonce={cspNonce} />
|