Skip to content

Commit

Permalink
fix(server): parse url safer in fetch adapter (#5410)
Browse files Browse the repository at this point in the history
  • Loading branch information
@KATT
KATT committed Jan 28, 2024
1 parent 774b75c commit 0d93bc9
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 6 deletions.
1 change: 1 addition & 0 deletions .eslintrc.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ const config = {
'\\.d\\.ts$',
'issue-\\d+-.*\\.test\\.tsx?$',
'\\.(t|j)sx$',
'URL',
],
},
],
Expand Down
3 changes: 2 additions & 1 deletion packages/server/src/adapters/fetch/fetchRequestHandler.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ import type { HTTPRequest } from '../../http';
import { getBatchStreamFormatter } from '../../http';
import type { HTTPResponse, ResponseChunk } from '../../http/internals/types';
import { resolveHTTPResponse } from '../../http/resolveHTTPResponse';
import { toURL } from '../../http/toURL';
import type { FetchHandlerOptions } from './types';

export type FetchHandlerRequestOptions<TRouter extends AnyRouter> =
Expand All @@ -27,7 +28,7 @@ export async function fetchRequestHandler<TRouter extends AnyRouter>(
return opts.createContext?.({ req: opts.req, resHeaders });
};

const url = new URL(opts.req.url);
const url = toURL(opts.req.url);

const pathname = trimSlashes(url.pathname);
const endpoint = trimSlashes(opts.endpoint);
Expand Down
8 changes: 3 additions & 5 deletions packages/server/src/adapters/standalone.ts
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
/* eslint-disable @typescript-eslint/no-non-null-assertion */
import http from 'http';
import type { AnyRouter } from '../core';
import { toURL } from '../http/toURL';
import type {
NodeHTTPCreateContextFnOptions,
NodeHTTPHandlerOptions,
Expand All @@ -19,14 +20,11 @@ export function createHTTPHandler<TRouter extends AnyRouter>(
opts: CreateHTTPHandlerOptions<TRouter>,
) {
return async (req: http.IncomingMessage, res: http.ServerResponse) => {
// if no hostname, set a dummy one
const href = req.url!.startsWith('/')
? `http://127.0.0.1${req.url}`
: req.url!;
const url = toURL(req.url!);

// get procedure path and remove the leading slash
// /procedure -> procedure
const path = new URL(href).pathname.slice(1);
const path = url.pathname.slice(1);

await nodeHTTPRequestHandler({
// FIXME: no typecasting should be needed here
Expand Down
7 changes: 7 additions & 0 deletions packages/server/src/http/toURL.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
export function toURL(urlOrPathname: string): URL {
const url = urlOrPathname.startsWith('/')
? `http://127.0.0.1${urlOrPathname}`
: urlOrPathname;

return new URL(url);
}

2 comments on commit 0d93bc9

@vercel
Copy link

@vercel vercel bot commented on 0d93bc9 Jan 28, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Successfully deployed to the following URLs:

next-prisma-starter – ./examples/next-prisma-starter

next-prisma-starter-trpc.vercel.app
nextjs.trpc.io
next-prisma-starter-git-main-trpc.vercel.app

@vercel
Copy link

@vercel vercel bot commented on 0d93bc9 Jan 28, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Successfully deployed to the following URLs:

og-image – ./www/og-image

og-image-three-neon.vercel.app
og-image-trpc.vercel.app
og-image-git-main-trpc.vercel.app
og-image.trpc.io

Please sign in to comment.