next-csrf
Version:
CSRF mitigation library for Next.js
1 lines • 6.99 kB
JSON
{"ast":null,"code":"\"use strict\";\n\nfunction ownKeys(object, enumerableOnly) { var keys = Object.keys(object); if (Object.getOwnPropertySymbols) { var symbols = Object.getOwnPropertySymbols(object); if (enumerableOnly) symbols = symbols.filter(function (sym) { return Object.getOwnPropertyDescriptor(object, sym).enumerable; }); keys.push.apply(keys, symbols); } return keys; }\n\nfunction _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i] != null ? arguments[i] : {}; if (i % 2) { ownKeys(Object(source), true).forEach(function (key) { _defineProperty(target, key, source[key]); }); } else if (Object.getOwnPropertyDescriptors) { Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)); } else { ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } } return target; }\n\nfunction _defineProperty(obj, key, value) { if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; }\n\nexports.__esModule = true;\nexports.pathToRegexp = exports.default = exports.customRouteMatcherOptions = exports.matcherOptions = void 0;\n\nvar pathToRegexp = _interopRequireWildcard(require(\"next/dist/compiled/path-to-regexp\"));\n\nexports.pathToRegexp = pathToRegexp;\n\nfunction _getRequireWildcardCache() {\n if (typeof WeakMap !== \"function\") return null;\n var cache = new WeakMap();\n\n _getRequireWildcardCache = function () {\n return cache;\n };\n\n return cache;\n}\n\nfunction _interopRequireWildcard(obj) {\n if (obj && obj.__esModule) {\n return obj;\n }\n\n if (obj === null || typeof obj !== \"object\" && typeof obj !== \"function\") {\n return {\n default: obj\n };\n }\n\n var cache = _getRequireWildcardCache();\n\n if (cache && cache.has(obj)) {\n return cache.get(obj);\n }\n\n var newObj = {};\n var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor;\n\n for (var key in obj) {\n if (Object.prototype.hasOwnProperty.call(obj, key)) {\n var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null;\n\n if (desc && (desc.get || desc.set)) {\n Object.defineProperty(newObj, key, desc);\n } else {\n newObj[key] = obj[key];\n }\n }\n }\n\n newObj.default = obj;\n\n if (cache) {\n cache.set(obj, newObj);\n }\n\n return newObj;\n}\n\nconst matcherOptions = {\n sensitive: false,\n delimiter: '/',\n decode: decodeParam\n};\nexports.matcherOptions = matcherOptions;\n\nconst customRouteMatcherOptions = _objectSpread(_objectSpread({}, matcherOptions), {}, {\n strict: true\n});\n\nexports.customRouteMatcherOptions = customRouteMatcherOptions;\n\nvar _default = (customRoute = false) => {\n return path => {\n const keys = [];\n const matcherRegex = pathToRegexp.pathToRegexp(path, keys, customRoute ? customRouteMatcherOptions : matcherOptions);\n const matcher = pathToRegexp.regexpToFunction(matcherRegex, keys, matcherOptions);\n return (pathname, params) => {\n const res = pathname == null ? false : matcher(pathname);\n\n if (!res) {\n return false;\n }\n\n if (customRoute) {\n for (const key of keys) {\n // unnamed params should be removed as they\n // are not allowed to be used in the destination\n if (typeof key.name === 'number') {\n delete res.params[key.name];\n }\n }\n }\n\n return _objectSpread(_objectSpread({}, params), res.params);\n };\n };\n};\n\nexports.default = _default;\n\nfunction decodeParam(param) {\n try {\n return decodeURIComponent(param);\n } catch (_) {\n const err = new Error('failed to decode param');\n err.code = 'DECODE_FAILED';\n throw err;\n }\n}","map":{"version":3,"sources":["../../../../../next-server/lib/router/utils/path-match.ts"],"names":["matcherOptions","sensitive","delimiter","decode","customRouteMatcherOptions","strict","customRoute","path","keys","matcherRegex","pathToRegexp","matcher","res","pathname","key","decodeURIComponent","err"],"mappings":";;;;;;;;;;;AAAA,IAAA,YAAA,GAAA,uBAAA,CAAA,OAAA,CAAA,mCAAA,CAAA,CAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAIO;;AAAA,MAAMA,cAAc,GAAG;AAC5BC,EAAAA,SAAS,EADmB,KAAA;AAE5BC,EAAAA,SAAS,EAFmB,GAAA;AAG5BC,EAAAA,MAAM,EAHD;AAAuB,CAAvB;;;AAMA,MAAMC,yBAAyB,mCAAG,cAAH;AAEpCC,EAAAA,MAAM,EAFD;AAA+B,EAA/B;;;;eAKQ,CAACC,WAAW,GAAZ,KAAA,KAAyB;AACtC,SAAQC,IAAD,IAAkB;AACvB,UAAMC,IAAwB,GAA9B,EAAA;AACA,UAAMC,YAAY,GAAGC,YAAY,CAAZA,YAAAA,CAAAA,IAAAA,EAAAA,IAAAA,EAGnBJ,WAAW,GAAA,yBAAA,GAHb,cAAqBI,CAArB;AAKA,UAAMC,OAAO,GAAGD,YAAY,CAAZA,gBAAAA,CAAAA,YAAAA,EAAAA,IAAAA,EAAhB,cAAgBA,CAAhB;AAMA,WAAO,CAAA,QAAA,EAAA,MAAA,KAAuD;AAC5D,YAAME,GAAG,GAAGC,QAAQ,IAARA,IAAAA,GAAAA,KAAAA,GAA2BF,OAAO,CAA9C,QAA8C,CAA9C;;AACA,UAAI,CAAJ,GAAA,EAAU;AACR,eAAA,KAAA;AAGF;;AAAA,UAAA,WAAA,EAAiB;AACf,aAAK,MAAL,GAAA,IAAA,IAAA,EAAwB;AACtB;AACA;AACA,cAAI,OAAOG,GAAG,CAAV,IAAA,KAAJ,QAAA,EAAkC;AAChC,mBAAQF,GAAG,CAAJ,MAACA,CAAmBE,GAAG,CAA9B,IAAQF,CAAR;AAEH;AACF;AAED;;AAAA,6CAAO,MAAP,GAAuBA,GAAG,CAA1B,MAAA;AAhBF,KAAA;AAbF,GAAA;;;;;AAkCF,SAAA,WAAA,CAAA,KAAA,EAAoC;AAClC,MAAI;AACF,WAAOG,kBAAkB,CAAzB,KAAyB,CAAzB;AACA,GAFF,CAEE,OAAA,CAAA,EAAU;AACV,UAAMC,GAA8B,GAAG,IAAA,KAAA,CAAvC,wBAAuC,CAAvC;AACAA,IAAAA,GAAG,CAAHA,IAAAA,GAAAA,eAAAA;AACA,UAAA,GAAA;AAEH;AAAA","sourcesContent":["import * as pathToRegexp from 'next/dist/compiled/path-to-regexp'\n\nexport { pathToRegexp }\n\nexport const matcherOptions = {\n sensitive: false,\n delimiter: '/',\n decode: decodeParam,\n}\n\nexport const customRouteMatcherOptions = {\n ...matcherOptions,\n strict: true,\n}\n\nexport default (customRoute = false) => {\n return (path: string) => {\n const keys: pathToRegexp.Key[] = []\n const matcherRegex = pathToRegexp.pathToRegexp(\n path,\n keys,\n customRoute ? customRouteMatcherOptions : matcherOptions\n )\n const matcher = pathToRegexp.regexpToFunction(\n matcherRegex,\n keys,\n matcherOptions\n )\n\n return (pathname: string | null | undefined, params?: any) => {\n const res = pathname == null ? false : matcher(pathname)\n if (!res) {\n return false\n }\n\n if (customRoute) {\n for (const key of keys) {\n // unnamed params should be removed as they\n // are not allowed to be used in the destination\n if (typeof key.name === 'number') {\n delete (res.params as any)[key.name]\n }\n }\n }\n\n return { ...params, ...res.params }\n }\n }\n}\n\nfunction decodeParam(param: string) {\n try {\n return decodeURIComponent(param)\n } catch (_) {\n const err: Error & { code?: string } = new Error('failed to decode param')\n err.code = 'DECODE_FAILED'\n throw err\n }\n}\n"]},"metadata":{},"sourceType":"script"}