npm - swimple - Versions diffs - 0.1.0 → 0.2.0 - Mend

swimple 0.1.0 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -224,7 +224,7 @@ Creates a request handler function for your service worker fetch handler.
 | Option                   | Type       | Required | Default         | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
 | ------------------------ | ---------- | -------- | --------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
 | `cacheName`              | `string`   | Yes      | -               | Name of the cache, used when calling `Cache.open(cacheName)` internally. Changing this name effectively clears the previous cache entries.                                                                                                                                                                                                                                                                                                                                    |
-| `scope`                  | `string[]` | No       | `undefined`     | URL prefixes to cache by default (e.g., `['/api/']`). If not set and `defaultTTLSeconds` is set, all same-origin GET requests are cached automatically. If not set and `defaultTTLSeconds` is not set (or 0), no requests are cached by default. Individual requests outside the scope can still enable caching with `X-SW-Cache-TTL-Seconds` header.                                                                                                                         |
+| `scope`                  | `string[]` | No       | `undefined`     | URL prefixes to cache by default (e.g., `['/api/']`). If not set and `defaultTTLSeconds` is set, all same-origin GET requests are cached automatically. If not set and `defaultTTLSeconds` is not set (or 0), no requests are cached by default. Individual requests outside the scope can still enable caching with `X-SW-Cache-TTL-Seconds` header. **Note:** Cross-origin requests are never cached, regardless of scope or TTL headers.                                   |
 | `defaultStrategy`        | `string`   | No       | `'cache-first'` | Default caching strategy: `'cache-first'`, `'network-first'`, or `'stale-while-revalidate'`.                                                                                                                                                                                                                                                                                                                                                                                  |
 | `defaultTTLSeconds`      | `number`   | No       | `300`           | Maximum age for fresh content. Fresh content will be returned from cache for cache-first and stale-while-revalidate strategies, and also from network-first when offline. Fresh content does not get updated from the network. Since this defaults to `300`, caching is automatic by default for GET requests matching the scope. Set to `0` or `undefined` to disable automatic caching (individual requests can still enable caching with `X-SW-Cache-TTL-Seconds` header). |
 | `defaultStaleTTLSeconds` | `number`   | No       | `3600`          | Maximum age for stale content. Stale content will be returned from cache for cache-first (when offline), network-first (when offline), and stale-while-revalidate strategies. That means responses past the fresh TTL but within stale TTL can still be returned from cache. Stale content does get updated from the network.                                                                                                                                                 |
@@ -647,6 +647,7 @@ self.addEventListener("fetch", (event) => {
 - Only GET requests are cached
 - Only 2xx (OK) GET responses are cached. Non-OK responses (4xx, 5xx, etc.) are not cached
+- **Cross-origin requests are not cached** - Only requests to the same origin as the service worker are cached. Requests to different origins will return `null` and are not processed by the cache handler.
 - Non-GET and non-mutating requests (POST/PATCH/PUT/DELETE) are not processed by the cache handler - it will return null. Practically, this means HEAD requests are not handled by the cache handler.
 - Query strings are part of the cache key. Different query strings create different cache entries (e.g., `/api/users?page=1` and `/api/users?page=2` are separate cache entries)
 - Cache invalidation happens automatically for mutations when `inferInvalidation: true`

package/index.js CHANGED Viewed

@@ -28,9 +28,12 @@ import {
 /**
  * Creates a request handler function for service worker fetch events.
+ * The handler implements HTTP caching with configurable strategies (cache-first, network-first, stale-while-revalidate),
+ * automatic cache invalidation for mutations, and periodic cache cleanup. Only handles same-origin GET requests
+ * that match the configured scope.
  *
- * @param {HandleRequestConfig} config - Configuration options
- * @returns {(event: FetchEvent) => Promise<Response> | null} Request handler function
+ * @param {HandleRequestConfig} config - Configuration options including cache name, scope, default strategy, and TTL settings
+ * @returns {(event: FetchEvent) => Promise<Response> | null} Request handler function that can be used in service worker fetch event listeners
  */
 export function createHandleRequest(config) {
   validateConfig(config);
@@ -50,7 +53,14 @@ export function createHandleRequest(config) {
   // Track fetch counter for periodic cleanup
   let fetchCounter = 0;
-  // Main request handler
+  /**
+   * Service worker fetch event handler that implements HTTP caching strategies.
+   * Handles cache invalidation for mutations, implements cache-first/network-first/stale-while-revalidate
+   * strategies for GET requests, and performs automatic cache cleanup.
+   *
+   * @param {FetchEvent} event - The fetch event from the service worker
+   * @returns {Promise<Response> | null} The cached or fetched response, or null if request shouldn't be handled
+   */
   return function handleRequest(event) {
     const request = event.request;
     const url = request.url;
@@ -93,6 +103,29 @@ export function createHandleRequest(config) {
       return null;
     }
+    // Only cache same-origin requests - cross-origin requests are not cached
+    // In service worker context, self.location.origin is the service worker's origin
+    try {
+      const requestUrl = new URL(url);
+      // Check if we're in a service worker context and can determine the origin
+      if (
+        typeof self !== "undefined" &&
+        self.location &&
+        self.location.origin
+      ) {
+        const serviceWorkerOrigin = self.location.origin;
+        // If request origin doesn't match service worker origin, don't cache
+        if (requestUrl.origin !== serviceWorkerOrigin) {
+          return null;
+        }
+      }
+      // In test environments where self.location might not be available,
+      // we rely on the test setup to ensure proper origin handling
+    } catch (error) {
+      // If URL parsing fails, don't cache
+      return null;
+    }
     // Periodic cleanup: run on first fetch and every 100 fetches
     fetchCounter++;
     if (fetchCounter === 1 || fetchCounter % 100 === 0) {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "swimple",
-  "version": "0.1.0",
+  "version": "0.2.0",
   "description": "A simple service worker library for request caching",
   "type": "module",
   "main": "index.js",

package/types.d.ts CHANGED Viewed

@@ -12,7 +12,7 @@ export type CacheStrategy =
 export interface HandleRequestConfig {
   /** Name of the cache, used when calling `Cache.open(cacheName)` internally. Changing this name effectively clears the previous cache entries. */
   cacheName: string;
-  /** URL prefixes to cache by default (e.g., `['/api/']`). If not set and `defaultTTLSeconds` is set, all same-origin GET requests are cached automatically. If not set and `defaultTTLSeconds` is not set (or 0), no requests are cached by default. Individual requests outside the scope can still enable caching with `X-SW-Cache-TTL-Seconds` header. */
+  /** URL prefixes to cache by default (e.g., `['/api/']`). If not set and `defaultTTLSeconds` is set, all same-origin GET requests are cached automatically. If not set and `defaultTTLSeconds` is not set (or 0), no requests are cached by default. Individual requests outside the scope can still enable caching with `X-SW-Cache-TTL-Seconds` header. Note: Cross-origin requests are never cached, regardless of scope or TTL headers. */
   scope?: string[];
   /** Default caching strategy: `'cache-first'`, `'network-first'`, or `'stale-while-revalidate'`. */
   defaultStrategy?: CacheStrategy;