solid-server 5.7.2 → 5.7.3

package/index.html

@@ -38,7 +38,7 @@
       <dt>Name</dt>
       <dd>localhost</dd>
       <dt>Details</dt>
-      <dd>Running on <a href="https://github.com/solid/node-solid-server/releases/tag/v5.6.6">Solid 5.6.6</a></dd>
+      <dd>Running on <a href="https://github.com/solid/node-solid-server/releases/tag/v5.7.3">Solid 5.7.3</a></dd>
     </dl>
   </section>
 </div>

package/lib/handlers/patch.js

@@ -18,8 +18,24 @@ const PATCH_PARSERS = {
   'text/n3': require('./patch/n3-patch-parser.js')
 }
 
+// use media-type as contentType for new RDF resource
 const DEFAULT_FOR_NEW_CONTENT_TYPE = 'text/turtle'
 
+function contentTypeForNew (req) {
+  let contentTypeForNew = DEFAULT_FOR_NEW_CONTENT_TYPE
+  if (req.path.endsWith('.jsonld')) contentTypeForNew = 'application/ld+json'
+  else if (req.path.endsWith('.n3')) contentTypeForNew = 'text/n3'
+  else if (req.path.endsWith('.rdf')) contentTypeForNew = 'application/rdf+xml'
+  return contentTypeForNew
+}
+
+function contentForNew (contentType) {
+  let contentForNew = ''
+  if (contentType.includes('ld+json')) contentForNew = JSON.stringify('{}')
+  else if (contentType.includes('rdf+xml')) contentForNew = '<rdf:RDF\n xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">\n\n</rdf:RDF>'
+  return contentForNew
+}
+
 // Handles a PATCH request
 async function patchHandler (req, res, next) {
   debug(`PATCH -- ${req.originalUrl}`)
@@ -33,9 +49,9 @@ async function patchHandler (req, res, next) {
       // First check if the file already exists
       ({ path, contentType } = await ldp.resourceMapper.mapUrlToFile({ url: req }))
     } catch (err) {
-      // If the file doesn't exist, request one to be created with the default content type
+      // If the file doesn't exist, request to create one with the file media type as contentType
       ({ path, contentType } = await ldp.resourceMapper.mapUrlToFile(
-        { url: req, createIfNotExists: true, contentType: DEFAULT_FOR_NEW_CONTENT_TYPE }))
+        { url: req, createIfNotExists: true, contentType: contentTypeForNew(req) }))
       // check if a folder with same name exists
       await ldp.checkItemName(req)
       resourceExists = false
@@ -93,13 +109,14 @@ function readGraph (resource) {
         // If the file does not exist, assume empty contents
         // (it will be created after a successful patch)
         if (err.code === 'ENOENT') {
-          fileContents = ''
+          fileContents = contentForNew(resource.contentType)
           // Fail on all other errors
         } else {
           return reject(error(500, `Original file read error: ${err}`))
         }
       }
       debug('PATCH -- Read target file (%d bytes)', fileContents.length)
+      fileContents = resource.contentType.includes('json') ? JSON.parse(fileContents) : fileContents
       resolve(fileContents)
     })
   )
@@ -177,23 +194,34 @@ function writeGraph (graph, resource, root, serverUri) {
   debug('PATCH -- Writing patched file')
   return new Promise((resolve, reject) => {
     const resourceSym = graph.sym(resource.url)
-    const serialized = $rdf.serialize(resourceSym, graph, resource.url, resource.contentType)
-
-    // First check if we are above quota
-    overQuota(root, serverUri).then((isOverQuota) => {
-      if (isOverQuota) {
-        return reject(error(413,
-          'User has exceeded their storage quota'))
-      }
 
-      fs.writeFile(resource.path, serialized, { encoding: 'utf8' }, function (err) {
-        if (err) {
-          return reject(error(500, `Failed to write file after patch: ${err}`))
+    function doWrite (serialized) {
+      // First check if we are above quota
+      overQuota(root, serverUri).then((isOverQuota) => {
+        if (isOverQuota) {
+          return reject(error(413,
+            'User has exceeded their storage quota'))
         }
-        debug('PATCH -- applied successfully')
-        resolve('Patch applied successfully.\n')
+
+        fs.writeFile(resource.path, serialized, { encoding: 'utf8' }, function (err) {
+          if (err) {
+            return reject(error(500, `Failed to write file after patch: ${err}`))
+          }
+          debug('PATCH -- applied successfully')
+          resolve('Patch applied successfully.\n')
+        })
+      }).catch(() => reject(error(500, 'Error finding user quota')))
+    }
+
+    if (resource.contentType === 'application/ld+json') {
+      $rdf.serialize(resourceSym, graph, resource.url, resource.contentType, function (err, result) {
+        if (err) return reject(error(500, `Failed to serialize after patch: ${err}`))
+        doWrite(result)
       })
-    }).catch(() => reject(error(500, 'Error finding user quota')))
+    } else {
+      const serialized = $rdf.serialize(resourceSym, graph, resource.url, resource.contentType)
+      doWrite(serialized)
+    }
   })
 }
 

package/lib/resource-mapper.js

@@ -82,9 +82,7 @@ class ResourceMapper {
 
     // Determine the URL by chopping off everything after the dollar sign
     const pathname = this._removeDollarExtension(path)
-    const url = `${this.resolveUrl(hostname)}${
-      pathname.split('/').map((component) => encodeURIComponent(component)).join('/')
-    }`
+    const url = `${this.resolveUrl(hostname)}${this._encodePath(pathname)}`
     return { url, contentType: this._getContentTypeFromExtension(path) }
   }
 
@@ -95,7 +93,7 @@ class ResourceMapper {
     contentType = contentType ? contentType.replace(/\s*;.*/, '') : ''
     // Parse the URL and find the base file path
     const { pathname, hostname } = this._parseUrl(url)
-    const filePath = this.resolveFilePath(hostname, decodeURIComponent(pathname))
+    const filePath = this.resolveFilePath(hostname, this._decodePath(pathname))
     if (filePath.indexOf('/..') >= 0) {
       throw new Error('Disallowed /.. segment in URL')
     }
@@ -149,6 +147,31 @@ class ResourceMapper {
     return { path, contentType: contentType || this._defaultContentType }
   }
 
+  // encode/decode path except slash (/), %encodedSlash (%2F|%2f), or ntimes%encodedSlash (%2525...2F|%2525...2f)
+  // see https://github.com/solid/node-solid-server/issues/1666
+  _exceptSlash () { return /(\/|%(?:25)*(?:2f))/gi }
+
+  _encodePath (pathname) {
+    return pathname.split(this._exceptSlash())
+      .map((el, i) => i % 2 === 0 ? encodeURIComponent(el) : el)
+      .join('')
+    /* pathArray.forEach((el, i) => {
+      if (i % 2 === 0) pathArray[i] = encodeURIComponent(el)
+    }) */
+    // return pathArray.join('')
+  }
+
+  _decodePath (pathname) {
+    return pathname.split(this._exceptSlash())
+      .map((el, i) => i % 2 === 0 ? decodeURIComponent(el) : el)
+      .join('')
+    /* const pathArray = pathname.split(this._exceptSlash())
+    pathArray.forEach((el, i) => {
+      if (i % 2 === 0) pathArray[i] = decodeURIComponent(el)
+    })
+    return pathArray.join('') */
+  }
+
   // Parses a URL into hostname and pathname
   _parseUrl (url) {
     // URL specified as string

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "solid-server",
   "description": "Solid server on top of the file-system",
-  "version": "5.7.2",
+  "version": "5.7.3",
   "author": {
     "name": "Tim Berners-Lee",
     "email": "timbl@w3.org"
@@ -59,46 +59,46 @@
   "homepage": "https://github.com/solid/node-solid-server",
   "bugs": "https://github.com/solid/node-solid-server/issues",
   "dependencies": {
-    "@fastify/busboy": "^1.0.0",
+    "@fastify/busboy": "^1.1.0",
     "@solid/acl-check": "^0.4.5",
-    "@solid/oidc-auth-manager": "^0.24.2",
+    "@solid/oidc-auth-manager": "^0.24.3",
     "@solid/oidc-op": "^0.11.6",
-    "async-lock": "^1.3.1",
+    "async-lock": "^1.3.2",
     "body-parser": "^1.20.0",
     "bootstrap": "^3.4.1",
     "cached-path-relative": "^1.1.0",
     "camelize": "^1.0.0",
-    "cheerio": "^1.0.0-rc.10",
-    "colorette": "^2.0.16",
+    "cheerio": "^1.0.0-rc.12",
+    "colorette": "^2.0.19",
     "commander": "^8.3.0",
     "cors": "^2.8.5",
     "debug": "^4.3.4",
-    "express": "^4.17.3",
-    "express-handlebars": "^5.3.4",
-    "express-session": "^1.17.2",
+    "express": "^4.18.1",
+    "express-handlebars": "^5.3.5",
+    "express-session": "^1.17.3",
     "extend": "^3.0.2",
     "from2": "^2.3.0",
-    "fs-extra": "^10.0.1",
+    "fs-extra": "^10.1.0",
     "get-folder-size": "^2.0.1",
-    "glob": "^7.2.0",
+    "glob": "^7.2.3",
     "global-tunnel-ng": "^2.7.1",
     "handlebars": "^4.7.7",
-    "http-proxy-middleware": "^2.0.4",
-    "inquirer": "^8.2.2",
+    "http-proxy-middleware": "^2.0.6",
+    "inquirer": "^8.2.4",
     "into-stream": "^6.0.0",
     "ip-range-check": "0.2.0",
     "is-ip": "^3.1.0",
     "li": "^1.3.0",
-    "mashlib": "^1.8.2",
+    "mashlib": "^1.8.4",
     "mime-types": "^2.1.35",
     "negotiator": "^0.6.3",
     "node-fetch": "^2.6.7",
     "node-forge": "^1.3.1",
     "node-mailer": "^0.1.1",
-    "nodemailer": "^6.7.3",
+    "nodemailer": "^6.7.8",
     "oidc-op-express": "^0.0.3",
     "owasp-password-strength-test": "^1.3.0",
-    "rdflib": "^2.2.19",
+    "rdflib": "^2.2.20",
     "recursive-readdir": "^2.2.2",
     "request": "^2.88.2",
     "rimraf": "^3.0.2",
@@ -123,16 +123,16 @@
     "eslint": "^7.32.0",
     "localstorage-memory": "1.0.3",
     "mocha": "^9.2.2",
-    "nock": "^13.2.4",
+    "nock": "^13.2.9",
     "node-mocks-http": "1.11.0",
     "nyc": "15.1.0",
     "pre-commit": "1.2.2",
     "randombytes": "2.1.0",
     "sinon": "12.0.1",
     "sinon-chai": "3.7.0",
-    "snyk": "^1.906.0",
+    "snyk": "^1.997.0",
     "standard": "16.0.4",
-    "supertest": "^6.2.2",
+    "supertest": "^6.2.4",
     "turtle-validator": "1.1.1",
     "whatwg-url": "11.0.0"
   },