Compare commits
No commits in common. "f7e79ab35b7ebc1e3c98b0a314523954c4535db1" and "1a7fe35f7dbfd5539c86edd842c7b5d1aba04431" have entirely different histories.
f7e79ab35b
...
1a7fe35f7d
|
@ -97,18 +97,6 @@ export default class UtapiRequest {
|
|||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set request pathname
|
||||
*
|
||||
* @param {string} pathname - pathname from url.parse
|
||||
* of request.url (pathname minus query)
|
||||
* @return {UtapiRequest} itself
|
||||
*/
|
||||
setRequestPathname(pathname) {
|
||||
this._requestPathname = pathname;
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get http request object
|
||||
*
|
||||
|
@ -145,15 +133,6 @@ export default class UtapiRequest {
|
|||
return this._requestPath;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get request pathname
|
||||
*
|
||||
* @return {string} request pathname
|
||||
*/
|
||||
getRequestPathname() {
|
||||
return this._requestPathname;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get requester ip address
|
||||
*
|
||||
|
|
|
@ -34,52 +34,17 @@ class UtapiServer {
|
|||
routes.forEach(item => this.router.addRoute(new Route(item)));
|
||||
}
|
||||
|
||||
/**
|
||||
* Function to validate a URI component
|
||||
*
|
||||
* @param {string|object} component - path from url.parse of request.url
|
||||
* (pathname plus query) or query from request
|
||||
* @return {string|undefined} If `decodeURIComponent` throws an error,
|
||||
* return the invalid `decodeURIComponent` string, otherwise return
|
||||
* `undefined`
|
||||
*/
|
||||
_checkURIComponent(component) {
|
||||
if (typeof component === 'string') {
|
||||
try {
|
||||
decodeURIComponent(component);
|
||||
} catch (err) {
|
||||
return true;
|
||||
}
|
||||
} else {
|
||||
return Object.keys(component).find(x => {
|
||||
try {
|
||||
decodeURIComponent(x);
|
||||
decodeURIComponent(component[x]);
|
||||
} catch (err) {
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
});
|
||||
}
|
||||
return undefined;
|
||||
}
|
||||
|
||||
requestListener(req, res, router) {
|
||||
// disable nagle algorithm
|
||||
req.socket.setNoDelay();
|
||||
const { query, path, pathname } = url.parse(req.url, true);
|
||||
const { query, path } = url.parse(req.url, true);
|
||||
const utapiRequest = new UtapiRequest()
|
||||
.setRequest(req)
|
||||
.setLog(this.logger.newRequestLogger())
|
||||
.setResponse(res)
|
||||
.setDatastore(this.datastore);
|
||||
// Sanity check for valid URI component
|
||||
if (this._checkURIComponent(query) || this._checkURIComponent(path)) {
|
||||
return this.errorResponse(utapiRequest, errors.InvalidURI);
|
||||
}
|
||||
utapiRequest.setRequestQuery(query);
|
||||
utapiRequest.setRequestPath(path);
|
||||
utapiRequest.setRequestPathname(pathname);
|
||||
.setDatastore(this.datastore)
|
||||
.setRequestQuery(query)
|
||||
.setRequestPath(path);
|
||||
// temp hack: healthcheck route
|
||||
if (path === '/_/healthcheck' && (req.method === 'GET'
|
||||
|| req.method === 'POST')) {
|
||||
|
|
|
@ -217,10 +217,9 @@ class Router {
|
|||
utapiRequest.getAction(), 'utapi')
|
||||
);
|
||||
auth.setHandler(this._vault);
|
||||
const request = utapiRequest.getRequest();
|
||||
request.path = utapiRequest.getRequestPathname();
|
||||
request.query = utapiRequest.getRequestQuery();
|
||||
return auth.server.doAuth(request, log, (err, authResults) => {
|
||||
const requestPlusPath = utapiRequest.getRequest();
|
||||
requestPlusPath.path = utapiRequest.getRequestPath();
|
||||
return auth.server.doAuth(requestPlusPath, log, (err, authResults) => {
|
||||
if (err) {
|
||||
return cb(err);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue