solid-server 5.7.3 → 5.7.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/handlers/put.js +5 -3
- package/lib/ldp.js +2 -2
- package/package.json +15 -15
package/lib/handlers/put.js
CHANGED
|
@@ -11,9 +11,11 @@ async function handler (req, res, next) {
|
|
|
11
11
|
res.header('MS-Author-Via', 'SPARQL')
|
|
12
12
|
|
|
13
13
|
const contentType = req.get('content-type')
|
|
14
|
-
|
|
14
|
+
// check for valid rdf content for auxiliary resource and /profile/card
|
|
15
|
+
// in future we may check that /profile/card is a minimal valid WebID card
|
|
16
|
+
if (isAuxiliary(req) || req.originalUrl === '/profile/card') {
|
|
15
17
|
if (contentType === 'text/turtle') {
|
|
16
|
-
return bodyParser.text({ type: () => true })(req, res, () =>
|
|
18
|
+
return bodyParser.text({ type: () => true })(req, res, () => putValidRdf(req, res, next))
|
|
17
19
|
} else return next(new HTTPError(415, 'RDF file contains invalid syntax'))
|
|
18
20
|
}
|
|
19
21
|
return putStream(req, res, next)
|
|
@@ -37,7 +39,7 @@ async function putStream (req, res, next, stream = req) {
|
|
|
37
39
|
|
|
38
40
|
// needed to avoid breaking access with bad acl
|
|
39
41
|
// or breaking containement triples for meta
|
|
40
|
-
function
|
|
42
|
+
function putValidRdf (req, res, next) {
|
|
41
43
|
const ldp = req.app.locals.ldp
|
|
42
44
|
const contentType = req.get('content-type')
|
|
43
45
|
const requestUri = ldp.resourceMapper.getRequestUrl(req)
|
package/lib/ldp.js
CHANGED
|
@@ -535,8 +535,8 @@ class LDP {
|
|
|
535
535
|
return this.deleteContainer(path)
|
|
536
536
|
} else {
|
|
537
537
|
// DELETE method not allowed on podRoot/.acl
|
|
538
|
-
if ((url.url || url) ===
|
|
539
|
-
throw error(405,
|
|
538
|
+
if (['/' + this.suffixAcl, '/profile/card'].some(item => (url.url || url) === item)) {
|
|
539
|
+
throw error(405, `DELETE of ${url.url || url} is not allowed`)
|
|
540
540
|
}
|
|
541
541
|
return this.deleteDocument(path)
|
|
542
542
|
}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "solid-server",
|
|
3
3
|
"description": "Solid server on top of the file-system",
|
|
4
|
-
"version": "5.7.
|
|
4
|
+
"version": "5.7.4",
|
|
5
5
|
"author": {
|
|
6
6
|
"name": "Tim Berners-Lee",
|
|
7
7
|
"email": "timbl@w3.org"
|
|
@@ -63,17 +63,17 @@
|
|
|
63
63
|
"@solid/acl-check": "^0.4.5",
|
|
64
64
|
"@solid/oidc-auth-manager": "^0.24.3",
|
|
65
65
|
"@solid/oidc-op": "^0.11.6",
|
|
66
|
-
"async-lock": "^1.
|
|
67
|
-
"body-parser": "^1.20.
|
|
66
|
+
"async-lock": "^1.4.0",
|
|
67
|
+
"body-parser": "^1.20.1",
|
|
68
68
|
"bootstrap": "^3.4.1",
|
|
69
69
|
"cached-path-relative": "^1.1.0",
|
|
70
|
-
"camelize": "^1.0.
|
|
70
|
+
"camelize": "^1.0.1",
|
|
71
71
|
"cheerio": "^1.0.0-rc.12",
|
|
72
72
|
"colorette": "^2.0.19",
|
|
73
73
|
"commander": "^8.3.0",
|
|
74
74
|
"cors": "^2.8.5",
|
|
75
75
|
"debug": "^4.3.4",
|
|
76
|
-
"express": "^4.18.
|
|
76
|
+
"express": "^4.18.2",
|
|
77
77
|
"express-handlebars": "^5.3.5",
|
|
78
78
|
"express-session": "^1.17.3",
|
|
79
79
|
"extend": "^3.0.2",
|
|
@@ -84,22 +84,22 @@
|
|
|
84
84
|
"global-tunnel-ng": "^2.7.1",
|
|
85
85
|
"handlebars": "^4.7.7",
|
|
86
86
|
"http-proxy-middleware": "^2.0.6",
|
|
87
|
-
"inquirer": "^8.2.
|
|
87
|
+
"inquirer": "^8.2.5",
|
|
88
88
|
"into-stream": "^6.0.0",
|
|
89
89
|
"ip-range-check": "0.2.0",
|
|
90
90
|
"is-ip": "^3.1.0",
|
|
91
91
|
"li": "^1.3.0",
|
|
92
|
-
"mashlib": "^1.8.
|
|
92
|
+
"mashlib": "^1.8.5",
|
|
93
93
|
"mime-types": "^2.1.35",
|
|
94
94
|
"negotiator": "^0.6.3",
|
|
95
95
|
"node-fetch": "^2.6.7",
|
|
96
96
|
"node-forge": "^1.3.1",
|
|
97
97
|
"node-mailer": "^0.1.1",
|
|
98
|
-
"nodemailer": "^6.
|
|
98
|
+
"nodemailer": "^6.8.0",
|
|
99
99
|
"oidc-op-express": "^0.0.3",
|
|
100
100
|
"owasp-password-strength-test": "^1.3.0",
|
|
101
|
-
"rdflib": "^2.2.
|
|
102
|
-
"recursive-readdir": "^2.2.
|
|
101
|
+
"rdflib": "^2.2.21",
|
|
102
|
+
"recursive-readdir": "^2.2.3",
|
|
103
103
|
"request": "^2.88.2",
|
|
104
104
|
"rimraf": "^3.0.2",
|
|
105
105
|
"solid-auth-client": "^2.5.6",
|
|
@@ -115,8 +115,8 @@
|
|
|
115
115
|
"vhost": "^3.0.2"
|
|
116
116
|
},
|
|
117
117
|
"devDependencies": {
|
|
118
|
-
"@solid/solid-auth-oidc": "
|
|
119
|
-
"chai": "^4.3.
|
|
118
|
+
"@solid/solid-auth-oidc": "0.3.0",
|
|
119
|
+
"chai": "^4.3.7",
|
|
120
120
|
"chai-as-promised": "7.1.1",
|
|
121
121
|
"cross-env": "7.0.3",
|
|
122
122
|
"dirty-chai": "2.0.1",
|
|
@@ -124,15 +124,15 @@
|
|
|
124
124
|
"localstorage-memory": "1.0.3",
|
|
125
125
|
"mocha": "^9.2.2",
|
|
126
126
|
"nock": "^13.2.9",
|
|
127
|
-
"node-mocks-http": "1.
|
|
127
|
+
"node-mocks-http": "1.12.1",
|
|
128
128
|
"nyc": "15.1.0",
|
|
129
129
|
"pre-commit": "1.2.2",
|
|
130
130
|
"randombytes": "2.1.0",
|
|
131
131
|
"sinon": "12.0.1",
|
|
132
132
|
"sinon-chai": "3.7.0",
|
|
133
|
-
"snyk": "^1.
|
|
133
|
+
"snyk": "^1.1060.0",
|
|
134
134
|
"standard": "16.0.4",
|
|
135
|
-
"supertest": "^6.
|
|
135
|
+
"supertest": "^6.3.1",
|
|
136
136
|
"turtle-validator": "1.1.1",
|
|
137
137
|
"whatwg-url": "11.0.0"
|
|
138
138
|
},
|