fix: Server error if X-Editor-Version is not valid semver string
This commit is contained in:
Tom Moor
@@ -228,6 +228,7 @@
|
||||
"@types/react-table": "^7.7.8",
|
||||
"@types/react-virtualized-auto-sizer": "^1.0.1",
|
||||
"@types/react-window": "^1.8.5",
|
||||
"@types/semver": "^7.3.9",
|
||||
"@types/sequelize": "^4.28.10",
|
||||
"@types/slug": "^5.0.2",
|
||||
"@types/socket.io": "2.1.13",
|
||||
|
||||
@@ -1,10 +1,7 @@
|
||||
import { Context } from "koa";
|
||||
import { Context, Next } from "koa";
|
||||
|
||||
export default function apexRedirect() {
|
||||
return async function apexRedirectMiddleware(
|
||||
ctx: Context,
|
||||
next: () => Promise<any>
|
||||
) {
|
||||
return async function apexRedirectMiddleware(ctx: Context, next: Next) {
|
||||
if (ctx.headers.host === "getoutline.com") {
|
||||
ctx.redirect(`https://www.${ctx.headers.host}${ctx.path}`);
|
||||
} else {
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
import { Next } from "koa";
|
||||
import { User, Team, ApiKey } from "@server/models";
|
||||
import { getUserForJWT } from "@server/utils/jwt";
|
||||
import { AuthenticationError, UserSuspendedError } from "../errors";
|
||||
@@ -8,10 +9,7 @@ export default function auth(
|
||||
required?: boolean;
|
||||
} = {}
|
||||
) {
|
||||
return async function authMiddleware(
|
||||
ctx: ContextWithState,
|
||||
next: () => Promise<unknown>
|
||||
) {
|
||||
return async function authMiddleware(ctx: ContextWithState, next: Next) {
|
||||
let token;
|
||||
const authorizationHeader = ctx.request.get("authorization");
|
||||
|
||||
|
||||
@@ -1,12 +1,9 @@
|
||||
import { Context } from "koa";
|
||||
import { Context, Next } from "koa";
|
||||
import { snakeCase } from "lodash";
|
||||
import Sequelize from "sequelize";
|
||||
|
||||
export default function errorHandling() {
|
||||
return async function errorHandlingMiddleware(
|
||||
ctx: Context,
|
||||
next: () => Promise<any>
|
||||
) {
|
||||
return async function errorHandlingMiddleware(ctx: Context, next: Next) {
|
||||
try {
|
||||
await next();
|
||||
} catch (err) {
|
||||
|
||||
@@ -1,11 +1,8 @@
|
||||
import { Context } from "koa";
|
||||
import { Context, Next } from "koa";
|
||||
import queryString from "query-string";
|
||||
|
||||
export default function methodOverride() {
|
||||
return async function methodOverrideMiddleware(
|
||||
ctx: Context,
|
||||
next: () => Promise<any>
|
||||
) {
|
||||
return async function methodOverrideMiddleware(ctx: Context, next: Next) {
|
||||
if (ctx.method === "POST") {
|
||||
ctx.body = ctx.request.body;
|
||||
} else if (ctx.method === "GET") {
|
||||
|
||||
@@ -1,11 +1,8 @@
|
||||
import stream from "stream";
|
||||
import { Context } from "koa";
|
||||
import { Context, Next } from "koa";
|
||||
|
||||
export default function apiWrapper() {
|
||||
return async function apiWrapperMiddleware(
|
||||
ctx: Context,
|
||||
next: () => Promise<any>
|
||||
) {
|
||||
return async function apiWrapperMiddleware(ctx: Context, next: Next) {
|
||||
await next();
|
||||
const ok = ctx.status < 400;
|
||||
|
||||
|
||||
@@ -1,26 +1,24 @@
|
||||
import { Context } from "koa";
|
||||
import { Context, Next } from "koa";
|
||||
import pkg from "rich-markdown-editor/package.json";
|
||||
// @ts-expect-error ts-migrate(7016) FIXME: Could not find a declaration file for module 'semv... Remove this comment to see the full error message
|
||||
import semver from "semver";
|
||||
import { EditorUpdateError } from "@server/errors";
|
||||
|
||||
export default function editor() {
|
||||
return async function editorMiddleware(
|
||||
ctx: Context,
|
||||
next: () => Promise<any>
|
||||
) {
|
||||
return async function editorMiddleware(ctx: Context, next: Next) {
|
||||
const clientVersion = ctx.headers["x-editor-version"];
|
||||
|
||||
// If the editor version on the client is behind the current version being
|
||||
// served in production by either a minor (new features), or major (breaking
|
||||
// changes) then force a client reload.
|
||||
if (clientVersion) {
|
||||
const parsedClientVersion = semver.parse(clientVersion);
|
||||
const parsedClientVersion = semver.parse(clientVersion as string);
|
||||
const parsedCurrentVersion = semver.parse(pkg.version);
|
||||
|
||||
if (
|
||||
parsedClientVersion.major < parsedCurrentVersion.major ||
|
||||
parsedClientVersion.minor < parsedCurrentVersion.minor
|
||||
parsedClientVersion &&
|
||||
parsedCurrentVersion &&
|
||||
(parsedClientVersion.major < parsedCurrentVersion.major ||
|
||||
parsedClientVersion.minor < parsedCurrentVersion.minor)
|
||||
) {
|
||||
throw EditorUpdateError();
|
||||
}
|
||||
|
||||
@@ -1,12 +1,9 @@
|
||||
import querystring from "querystring";
|
||||
import { Context } from "koa";
|
||||
import { Context, Next } from "koa";
|
||||
import { InvalidRequestError } from "@server/errors";
|
||||
|
||||
export default function pagination(options?: Record<string, any>) {
|
||||
return async function paginationMiddleware(
|
||||
ctx: Context,
|
||||
next: () => Promise<any>
|
||||
) {
|
||||
return async function paginationMiddleware(ctx: Context, next: Next) {
|
||||
const opts = {
|
||||
defaultLimit: 15,
|
||||
defaultOffset: 0,
|
||||
|
||||
@@ -3188,6 +3188,11 @@
|
||||
resolved "https://registry.yarnpkg.com/@types/scheduler/-/scheduler-0.16.2.tgz#1a62f89525723dde24ba1b01b092bf5df8ad4d39"
|
||||
integrity sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew==
|
||||
|
||||
"@types/semver@^7.3.9":
|
||||
version "7.3.9"
|
||||
resolved "https://registry.yarnpkg.com/@types/semver/-/semver-7.3.9.tgz#152c6c20a7688c30b967ec1841d31ace569863fc"
|
||||
integrity sha512-L/TMpyURfBkf+o/526Zb6kd/tchUP3iBDEPjqjb+U2MAJhVRxxrmr2fwpe08E7QsV7YLcpq0tUaQ9O9x97ZIxQ==
|
||||
|
||||
"@types/sequelize@^4.28.10":
|
||||
version "4.28.10"
|
||||
resolved "https://registry.yarnpkg.com/@types/sequelize/-/sequelize-4.28.10.tgz#514b716718d4f6f398daaff78c05153534f2104e"
|
||||
|
||||
Reference in New Issue
Block a user