vite 4.5.8 → 4.5.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/node/chunks/{dep-55277651.js → dep-413616b5.js} +1 -1
- package/dist/node/chunks/{dep-8ace125d.js → dep-add429cd.js} +38 -24
- package/dist/node/chunks/{dep-f48b8816.js → dep-f75a2f53.js} +1 -1
- package/dist/node/cli.js +5 -5
- package/dist/node/constants.js +6 -1
- package/dist/node/index.js +2 -2
- package/package.json +1 -1
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { F as commonjsGlobal, E as getDefaultExportFromCjs } from './dep-
|
|
1
|
+
import { F as commonjsGlobal, E as getDefaultExportFromCjs } from './dep-add429cd.js';
|
|
2
2
|
import require$$0__default from 'fs';
|
|
3
3
|
import require$$0 from 'postcss';
|
|
4
4
|
import require$$0$1 from 'path';
|
|
@@ -23,7 +23,7 @@ import require$$2$1 from 'child_process';
|
|
|
23
23
|
import os$4 from 'node:os';
|
|
24
24
|
import { exec } from 'node:child_process';
|
|
25
25
|
import { promises } from 'node:dns';
|
|
26
|
-
import { CLIENT_ENTRY, OPTIMIZABLE_ENTRY_RE, wildcardHosts, loopbackHosts, VALID_ID_PREFIX, NULL_BYTE_PLACEHOLDER, FS_PREFIX, CLIENT_PUBLIC_PATH, ENV_PUBLIC_PATH, ENV_ENTRY, DEP_VERSION_RE, DEFAULT_MAIN_FIELDS, DEFAULT_EXTENSIONS as DEFAULT_EXTENSIONS$1, SPECIAL_QUERY_RE, CSS_LANGS_RE, ESBUILD_MODULES_TARGET, KNOWN_ASSET_TYPES, CLIENT_DIR, JS_TYPES_RE, VERSION as VERSION$1, VITE_PACKAGE_DIR, DEFAULT_DEV_PORT, DEFAULT_PREVIEW_PORT, DEFAULT_ASSETS_RE, DEFAULT_CONFIG_FILES } from '../constants.js';
|
|
26
|
+
import { CLIENT_ENTRY, OPTIMIZABLE_ENTRY_RE, wildcardHosts, loopbackHosts, VALID_ID_PREFIX, NULL_BYTE_PLACEHOLDER, FS_PREFIX, CLIENT_PUBLIC_PATH, ENV_PUBLIC_PATH, ENV_ENTRY, DEP_VERSION_RE, DEFAULT_MAIN_FIELDS, DEFAULT_EXTENSIONS as DEFAULT_EXTENSIONS$1, SPECIAL_QUERY_RE, CSS_LANGS_RE, ESBUILD_MODULES_TARGET, KNOWN_ASSET_TYPES, CLIENT_DIR, JS_TYPES_RE, VERSION as VERSION$1, VITE_PACKAGE_DIR, defaultAllowedOrigins, DEFAULT_DEV_PORT, DEFAULT_PREVIEW_PORT, DEFAULT_ASSETS_RE, DEFAULT_CONFIG_FILES } from '../constants.js';
|
|
27
27
|
import require$$3$1 from 'crypto';
|
|
28
28
|
import { Buffer as Buffer$1 } from 'node:buffer';
|
|
29
29
|
import require$$0$8, { createRequire as createRequire$2 } from 'module';
|
|
@@ -38995,8 +38995,8 @@ function createCachedImport(imp) {
|
|
|
38995
38995
|
return cached;
|
|
38996
38996
|
};
|
|
38997
38997
|
}
|
|
38998
|
-
const importPostcssImport = createCachedImport(() => import('./dep-
|
|
38999
|
-
const importPostcssModules = createCachedImport(() => import('./dep-
|
|
38998
|
+
const importPostcssImport = createCachedImport(() => import('./dep-f75a2f53.js').then(function (n) { return n.i; }));
|
|
38999
|
+
const importPostcssModules = createCachedImport(() => import('./dep-413616b5.js').then(function (n) { return n.i; }));
|
|
39000
39000
|
const importPostcss = createCachedImport(() => import('postcss'));
|
|
39001
39001
|
/**
|
|
39002
39002
|
* @experimental
|
|
@@ -61749,7 +61749,8 @@ function abortHandshakeOrEmitwsClientError(server, req, socket, code, message) {
|
|
|
61749
61749
|
|
|
61750
61750
|
var WebSocketServerRaw_ = /*@__PURE__*/getDefaultExportFromCjs(websocketServer);
|
|
61751
61751
|
|
|
61752
|
-
const
|
|
61752
|
+
const allowedHostsServerCache = new WeakMap();
|
|
61753
|
+
const allowedHostsPreviewCache = new WeakMap();
|
|
61753
61754
|
const isFileOrExtensionProtocolRE = /^(?:file|.+-extension):/i;
|
|
61754
61755
|
function getAdditionalAllowedHosts(resolvedServerOptions, resolvedPreviewOptions) {
|
|
61755
61756
|
const list = [];
|
|
@@ -61833,37 +61834,43 @@ function isHostAllowedWithoutCache(allowedHosts, additionalAllowedHosts, host) {
|
|
|
61833
61834
|
}
|
|
61834
61835
|
/**
|
|
61835
61836
|
* @param config resolved config
|
|
61837
|
+
* @param isPreview whether it's for the preview server or not
|
|
61836
61838
|
* @param host the value of host header. See [RFC 9110 7.2](https://datatracker.ietf.org/doc/html/rfc9110#name-host-and-authority).
|
|
61837
61839
|
*/
|
|
61838
|
-
function isHostAllowed(config, host) {
|
|
61839
|
-
|
|
61840
|
+
function isHostAllowed(config, isPreview, host) {
|
|
61841
|
+
const allowedHosts = isPreview
|
|
61842
|
+
? config.preview.allowedHosts
|
|
61843
|
+
: config.server.allowedHosts;
|
|
61844
|
+
if (allowedHosts === true) {
|
|
61840
61845
|
return true;
|
|
61841
61846
|
}
|
|
61842
|
-
|
|
61843
|
-
|
|
61847
|
+
const cache = isPreview ? allowedHostsPreviewCache : allowedHostsServerCache;
|
|
61848
|
+
if (!cache.has(config)) {
|
|
61849
|
+
cache.set(config, new Set());
|
|
61844
61850
|
}
|
|
61845
|
-
const
|
|
61846
|
-
if (
|
|
61851
|
+
const cachedAllowedHosts = cache.get(config);
|
|
61852
|
+
if (cachedAllowedHosts.has(host)) {
|
|
61847
61853
|
return true;
|
|
61848
61854
|
}
|
|
61849
|
-
const result = isHostAllowedWithoutCache(
|
|
61855
|
+
const result = isHostAllowedWithoutCache(allowedHosts ?? [], config.additionalAllowedHosts, host);
|
|
61850
61856
|
if (result) {
|
|
61851
|
-
|
|
61857
|
+
cachedAllowedHosts.add(host);
|
|
61852
61858
|
}
|
|
61853
61859
|
return result;
|
|
61854
61860
|
}
|
|
61855
|
-
function hostCheckMiddleware(config) {
|
|
61861
|
+
function hostCheckMiddleware(config, isPreview) {
|
|
61856
61862
|
// Keep the named function. The name is visible in debug logs via `DEBUG=connect:dispatcher ...`
|
|
61857
61863
|
return function viteHostCheckMiddleware(req, res, next) {
|
|
61858
61864
|
const hostHeader = req.headers.host;
|
|
61859
|
-
if (!hostHeader || !isHostAllowed(config, hostHeader)) {
|
|
61865
|
+
if (!hostHeader || !isHostAllowed(config, isPreview, hostHeader)) {
|
|
61860
61866
|
const hostname = hostHeader?.replace(/:\d+$/, '');
|
|
61861
61867
|
const hostnameWithQuotes = JSON.stringify(hostname);
|
|
61868
|
+
const optionName = `${isPreview ? 'preview' : 'server'}.allowedHosts`;
|
|
61862
61869
|
res.writeHead(403, {
|
|
61863
61870
|
'Content-Type': 'text/plain',
|
|
61864
61871
|
});
|
|
61865
61872
|
res.end(`Blocked request. This host (${hostnameWithQuotes}) is not allowed.\n` +
|
|
61866
|
-
`To allow this host, add ${hostnameWithQuotes} to \`
|
|
61873
|
+
`To allow this host, add ${hostnameWithQuotes} to \`${optionName}\` in vite.config.js.`);
|
|
61867
61874
|
return;
|
|
61868
61875
|
}
|
|
61869
61876
|
return next();
|
|
@@ -61920,7 +61927,7 @@ function createWebSocketServer(server, config, httpsOptions) {
|
|
|
61920
61927
|
const host = (hmr && hmr.host) || undefined;
|
|
61921
61928
|
const shouldHandle = (req) => {
|
|
61922
61929
|
const hostHeader = req.headers.host;
|
|
61923
|
-
if (!hostHeader || !isHostAllowed(config, hostHeader)) {
|
|
61930
|
+
if (!hostHeader || !isHostAllowed(config, false, hostHeader)) {
|
|
61924
61931
|
return false;
|
|
61925
61932
|
}
|
|
61926
61933
|
if (config.legacy?.skipWebSocketTokenCheck) {
|
|
@@ -64482,6 +64489,7 @@ function htmlFallbackMiddleware(root, spaFallback) {
|
|
|
64482
64489
|
|
|
64483
64490
|
const debugCache = createDebugger('vite:cache');
|
|
64484
64491
|
const knownIgnoreList = new Set(['/', '/favicon.ico']);
|
|
64492
|
+
const trailingQuerySeparatorsRE = /[?&]+$/;
|
|
64485
64493
|
function transformMiddleware(server) {
|
|
64486
64494
|
const { config: { root, logger }, moduleGraph, } = server;
|
|
64487
64495
|
// Keep the named function. The name is visible in debug logs via `DEBUG=connect:dispatcher ...`
|
|
@@ -64577,8 +64585,10 @@ function transformMiddleware(server) {
|
|
|
64577
64585
|
logger.warn(colors$1.yellow(warning));
|
|
64578
64586
|
}
|
|
64579
64587
|
}
|
|
64580
|
-
|
|
64581
|
-
|
|
64588
|
+
const urlWithoutTrailingQuerySeparators = url.replace(trailingQuerySeparatorsRE, '');
|
|
64589
|
+
if ((rawRE.test(urlWithoutTrailingQuerySeparators) ||
|
|
64590
|
+
urlRE.test(urlWithoutTrailingQuerySeparators)) &&
|
|
64591
|
+
!ensureServingAccess(urlWithoutTrailingQuerySeparators, server, res, next)) {
|
|
64582
64592
|
return;
|
|
64583
64593
|
}
|
|
64584
64594
|
if (isJSRequest(url) ||
|
|
@@ -65441,14 +65451,16 @@ async function _createServer(inlineConfig = {}, options) {
|
|
|
65441
65451
|
}
|
|
65442
65452
|
// cors
|
|
65443
65453
|
const { cors } = serverConfig;
|
|
65444
|
-
if (cors !==
|
|
65445
|
-
middlewares.use(corsMiddleware(typeof cors === 'boolean'
|
|
65454
|
+
if (cors !== false) {
|
|
65455
|
+
middlewares.use(corsMiddleware(typeof cors === 'boolean'
|
|
65456
|
+
? {}
|
|
65457
|
+
: cors ?? { origin: defaultAllowedOrigins }));
|
|
65446
65458
|
}
|
|
65447
65459
|
// host check (to prevent DNS rebinding attacks)
|
|
65448
65460
|
const { allowedHosts } = serverConfig;
|
|
65449
65461
|
// no need to check for HTTPS as HTTPS is not vulnerable to DNS rebinding attacks
|
|
65450
65462
|
if (allowedHosts !== true && !serverConfig.https) {
|
|
65451
|
-
middlewares.use(hostCheckMiddleware(config));
|
|
65463
|
+
middlewares.use(hostCheckMiddleware(config, false));
|
|
65452
65464
|
}
|
|
65453
65465
|
// proxy
|
|
65454
65466
|
const { proxy } = serverConfig;
|
|
@@ -65868,14 +65880,16 @@ async function preview(inlineConfig = {}) {
|
|
|
65868
65880
|
}
|
|
65869
65881
|
// cors
|
|
65870
65882
|
const { cors } = config.preview;
|
|
65871
|
-
if (cors !==
|
|
65872
|
-
app.use(corsMiddleware(typeof cors === 'boolean'
|
|
65883
|
+
if (cors !== false) {
|
|
65884
|
+
app.use(corsMiddleware(typeof cors === 'boolean'
|
|
65885
|
+
? {}
|
|
65886
|
+
: cors ?? { origin: defaultAllowedOrigins }));
|
|
65873
65887
|
}
|
|
65874
65888
|
// host check (to prevent DNS rebinding attacks)
|
|
65875
65889
|
const { allowedHosts } = config.preview;
|
|
65876
65890
|
// no need to check for HTTPS as HTTPS is not vulnerable to DNS rebinding attacks
|
|
65877
65891
|
if (allowedHosts !== true && !config.preview.https) {
|
|
65878
|
-
app.use(hostCheckMiddleware(config));
|
|
65892
|
+
app.use(hostCheckMiddleware(config, true));
|
|
65879
65893
|
}
|
|
65880
65894
|
// proxy
|
|
65881
65895
|
const { proxy } = config.preview;
|
package/dist/node/cli.js
CHANGED
|
@@ -2,7 +2,7 @@ import path from 'node:path';
|
|
|
2
2
|
import fs from 'node:fs';
|
|
3
3
|
import { performance } from 'node:perf_hooks';
|
|
4
4
|
import { EventEmitter } from 'events';
|
|
5
|
-
import { C as colors, D as bindShortcuts, x as createLogger, h as resolveConfig } from './chunks/dep-
|
|
5
|
+
import { C as colors, D as bindShortcuts, x as createLogger, h as resolveConfig } from './chunks/dep-add429cd.js';
|
|
6
6
|
import { VERSION } from './constants.js';
|
|
7
7
|
import 'node:fs/promises';
|
|
8
8
|
import 'node:url';
|
|
@@ -759,7 +759,7 @@ cli
|
|
|
759
759
|
filterDuplicateOptions(options);
|
|
760
760
|
// output structure is preserved even after bundling so require()
|
|
761
761
|
// is ok here
|
|
762
|
-
const { createServer } = await import('./chunks/dep-
|
|
762
|
+
const { createServer } = await import('./chunks/dep-add429cd.js').then(function (n) { return n.I; });
|
|
763
763
|
try {
|
|
764
764
|
const server = await createServer({
|
|
765
765
|
root,
|
|
@@ -837,7 +837,7 @@ cli
|
|
|
837
837
|
.option('-w, --watch', `[boolean] rebuilds when modules have changed on disk`)
|
|
838
838
|
.action(async (root, options) => {
|
|
839
839
|
filterDuplicateOptions(options);
|
|
840
|
-
const { build } = await import('./chunks/dep-
|
|
840
|
+
const { build } = await import('./chunks/dep-add429cd.js').then(function (n) { return n.H; });
|
|
841
841
|
const buildOptions = cleanOptions(options);
|
|
842
842
|
try {
|
|
843
843
|
await build({
|
|
@@ -865,7 +865,7 @@ cli
|
|
|
865
865
|
.option('--force', `[boolean] force the optimizer to ignore the cache and re-bundle`)
|
|
866
866
|
.action(async (root, options) => {
|
|
867
867
|
filterDuplicateOptions(options);
|
|
868
|
-
const { optimizeDeps } = await import('./chunks/dep-
|
|
868
|
+
const { optimizeDeps } = await import('./chunks/dep-add429cd.js').then(function (n) { return n.G; });
|
|
869
869
|
try {
|
|
870
870
|
const config = await resolveConfig({
|
|
871
871
|
root,
|
|
@@ -892,7 +892,7 @@ cli
|
|
|
892
892
|
.option('--outDir <dir>', `[string] output directory (default: dist)`)
|
|
893
893
|
.action(async (root, options) => {
|
|
894
894
|
filterDuplicateOptions(options);
|
|
895
|
-
const { preview } = await import('./chunks/dep-
|
|
895
|
+
const { preview } = await import('./chunks/dep-add429cd.js').then(function (n) { return n.J; });
|
|
896
896
|
try {
|
|
897
897
|
const server = await preview({
|
|
898
898
|
root,
|
package/dist/node/constants.js
CHANGED
|
@@ -121,5 +121,10 @@ const wildcardHosts = new Set([
|
|
|
121
121
|
]);
|
|
122
122
|
const DEFAULT_DEV_PORT = 5173;
|
|
123
123
|
const DEFAULT_PREVIEW_PORT = 4173;
|
|
124
|
+
// the regex to allow loopback address origins:
|
|
125
|
+
// - localhost domains (which will always resolve to the loopback address by RFC 6761 section 6.3)
|
|
126
|
+
// - 127.0.0.1
|
|
127
|
+
// - ::1
|
|
128
|
+
const defaultAllowedOrigins = /^https?:\/\/(?:(?:[^:]+\.)?localhost|127\.0\.0\.1|\[::1\])(?::\d+)?$/;
|
|
124
129
|
|
|
125
|
-
export { CLIENT_DIR, CLIENT_ENTRY, CLIENT_PUBLIC_PATH, CSS_LANGS_RE, DEFAULT_ASSETS_RE, DEFAULT_CONFIG_FILES, DEFAULT_DEV_PORT, DEFAULT_EXTENSIONS, DEFAULT_MAIN_FIELDS, DEFAULT_PREVIEW_PORT, DEP_VERSION_RE, ENV_ENTRY, ENV_PUBLIC_PATH, ESBUILD_MODULES_TARGET, FS_PREFIX, JS_TYPES_RE, KNOWN_ASSET_TYPES, NULL_BYTE_PLACEHOLDER, OPTIMIZABLE_ENTRY_RE, SPECIAL_QUERY_RE, VALID_ID_PREFIX, VERSION, VITE_PACKAGE_DIR, loopbackHosts, wildcardHosts };
|
|
130
|
+
export { CLIENT_DIR, CLIENT_ENTRY, CLIENT_PUBLIC_PATH, CSS_LANGS_RE, DEFAULT_ASSETS_RE, DEFAULT_CONFIG_FILES, DEFAULT_DEV_PORT, DEFAULT_EXTENSIONS, DEFAULT_MAIN_FIELDS, DEFAULT_PREVIEW_PORT, DEP_VERSION_RE, ENV_ENTRY, ENV_PUBLIC_PATH, ESBUILD_MODULES_TARGET, FS_PREFIX, JS_TYPES_RE, KNOWN_ASSET_TYPES, NULL_BYTE_PLACEHOLDER, OPTIMIZABLE_ENTRY_RE, SPECIAL_QUERY_RE, VALID_ID_PREFIX, VERSION, VITE_PACKAGE_DIR, defaultAllowedOrigins, loopbackHosts, wildcardHosts };
|
package/dist/node/index.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { i as isInNodeModules } from './chunks/dep-
|
|
2
|
-
export { b as build, e as buildErrorMessage, v as createFilter, x as createLogger, c as createServer, g as defineConfig, f as formatPostcssSourceMap, k as getDepOptimizationConfig, m as isDepsOptimizerEnabled, z as isFileServingAllowed, l as loadConfigFromFile, A as loadEnv, u as mergeAlias, q as mergeConfig, n as normalizePath, o as optimizeDeps, a as preprocessCSS, p as preview, j as resolveBaseUrl, h as resolveConfig, B as resolveEnvPrefix, d as resolvePackageData, r as resolvePackageEntry, y as searchForWorkspaceRoot, w as send, s as sortUserPlugins, t as transformWithEsbuild } from './chunks/dep-
|
|
1
|
+
import { i as isInNodeModules } from './chunks/dep-add429cd.js';
|
|
2
|
+
export { b as build, e as buildErrorMessage, v as createFilter, x as createLogger, c as createServer, g as defineConfig, f as formatPostcssSourceMap, k as getDepOptimizationConfig, m as isDepsOptimizerEnabled, z as isFileServingAllowed, l as loadConfigFromFile, A as loadEnv, u as mergeAlias, q as mergeConfig, n as normalizePath, o as optimizeDeps, a as preprocessCSS, p as preview, j as resolveBaseUrl, h as resolveConfig, B as resolveEnvPrefix, d as resolvePackageData, r as resolvePackageEntry, y as searchForWorkspaceRoot, w as send, s as sortUserPlugins, t as transformWithEsbuild } from './chunks/dep-add429cd.js';
|
|
3
3
|
export { VERSION as version } from './constants.js';
|
|
4
4
|
export { version as esbuildVersion } from 'esbuild';
|
|
5
5
|
export { VERSION as rollupVersion } from 'rollup';
|