xedoc-cli 0.1.5 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/xedoc.mjs +5 -4
- package/build/client/assets/app-layout--vTe8I2j.js +1 -0
- package/build/client/assets/{app-shell-DuerBOKJ.js → app-shell-ClOglt7r.js} +1 -1
- package/build/client/assets/chat-Bf8hrS42.js +1 -0
- package/build/client/assets/home-BLKISIGJ.js +1 -0
- package/build/client/assets/{manifest-ec3ca100.js → manifest-f96902fd.js} +1 -1
- package/build/server/index.js +1 -1
- package/package.json +1 -1
- package/server/index.mjs +19 -4
- package/build/client/assets/app-layout-BlCsViOn.js +0 -1
- package/build/client/assets/chat-DFejNUT4.js +0 -1
- package/build/client/assets/home-JBFbZcNX.js +0 -1
package/package.json
CHANGED
package/server/index.mjs
CHANGED
|
@@ -3,8 +3,16 @@ import { createHmac, createHash, timingSafeEqual } from "node:crypto"
|
|
|
3
3
|
import { createReadStream, mkdirSync, statSync } from "node:fs"
|
|
4
4
|
import { createServer } from "node:http"
|
|
5
5
|
import { homedir } from "node:os"
|
|
6
|
-
import {
|
|
7
|
-
|
|
6
|
+
import {
|
|
7
|
+
dirname,
|
|
8
|
+
extname,
|
|
9
|
+
isAbsolute,
|
|
10
|
+
join,
|
|
11
|
+
normalize,
|
|
12
|
+
relative,
|
|
13
|
+
resolve,
|
|
14
|
+
} from "node:path"
|
|
15
|
+
import { fileURLToPath, pathToFileURL } from "node:url"
|
|
8
16
|
import { PrismaClient } from "@prisma/client"
|
|
9
17
|
import { createRequestListener } from "@react-router/node"
|
|
10
18
|
import { Server as SocketServer } from "socket.io"
|
|
@@ -24,7 +32,9 @@ mkdirSync(dirname(databasePath), { recursive: true, mode: 0o700 })
|
|
|
24
32
|
const prisma = new PrismaClient({
|
|
25
33
|
datasources: { db: { url: databaseUrl } },
|
|
26
34
|
})
|
|
27
|
-
const build = await import(
|
|
35
|
+
const build = await import(
|
|
36
|
+
pathToFileURL(join(packageRoot, "build/server/index.js")).href
|
|
37
|
+
)
|
|
28
38
|
const clientRoot = join(packageRoot, "build/client")
|
|
29
39
|
const requestListener = createRequestListener({
|
|
30
40
|
build,
|
|
@@ -161,7 +171,12 @@ function serveStaticAsset(request, response) {
|
|
|
161
171
|
}
|
|
162
172
|
|
|
163
173
|
const candidate = resolve(clientRoot, `.${normalize(pathname)}`)
|
|
164
|
-
|
|
174
|
+
const relativeCandidate = relative(clientRoot, candidate)
|
|
175
|
+
if (
|
|
176
|
+
relativeCandidate.startsWith("..") ||
|
|
177
|
+
relativeCandidate === ".." ||
|
|
178
|
+
isAbsolute(relativeCandidate)
|
|
179
|
+
) {
|
|
165
180
|
return false
|
|
166
181
|
}
|
|
167
182
|
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{j as t,t as r}from"./jsx-runtime-Dafdqr5g.js";import{t as s}from"./app-shell-DuerBOKJ.js";var a=r(),o=t(function(){return(0,a.jsx)(s,{})});export{o as default};
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{j as r,t as s}from"./jsx-runtime-Dafdqr5g.js";import{n as t}from"./app-shell-DuerBOKJ.js";var a=s(),o=r(function(){return(0,a.jsx)(t,{})});export{o as default};
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
import{j as r,t as s}from"./jsx-runtime-Dafdqr5g.js";import{r as t}from"./app-shell-DuerBOKJ.js";var a=s(),o=r(function(){return(0,a.jsx)(t,{})});export{o as default};
|