fix: Server error if X-Editor-Version is not valid semver string

2021-12-13 20:28:29 -08:00
parent 1a3badbb8a
commit 74615bfe37
9 changed files with 25 additions and 38 deletions
--- a/package.json
+++ b/package.json
@@ -228,6 +228,7 @@
    "@types/react-table": "^7.7.8",
    "@types/react-virtualized-auto-sizer": "^1.0.1",
    "@types/react-window": "^1.8.5",
    "@types/semver": "^7.3.9",
    "@types/sequelize": "^4.28.10",
    "@types/slug": "^5.0.2",
    "@types/socket.io": "2.1.13",
--- a/server/middlewares/apexRedirect.ts
+++ b/server/middlewares/apexRedirect.ts
@@ -1,10 +1,7 @@
-import { Context } from "koa";
+import { Context, Next } from "koa";
 export default function apexRedirect() {
-  return async function apexRedirectMiddleware(
+  return async function apexRedirectMiddleware(ctx: Context, next: Next) {
    ctx: Context,
    next: () => Promise<any>
  ) {
    if (ctx.headers.host === "getoutline.com") {
      ctx.redirect(`https://www.${ctx.headers.host}${ctx.path}`);
    } else {
--- a/server/middlewares/authentication.ts
+++ b/server/middlewares/authentication.ts
@@ -1,3 +1,4 @@
 import { Next } from "koa";
 import { User, Team, ApiKey } from "@server/models";
 import { getUserForJWT } from "@server/utils/jwt";
 import { AuthenticationError, UserSuspendedError } from "../errors";
@@ -8,10 +9,7 @@ export default function auth(
    required?: boolean;
  } = {}
 ) {
-  return async function authMiddleware(
+  return async function authMiddleware(ctx: ContextWithState, next: Next) {
    ctx: ContextWithState,
    next: () => Promise<unknown>
  ) {
    let token;
    const authorizationHeader = ctx.request.get("authorization");
--- a/server/middlewares/errorHandling.ts
+++ b/server/middlewares/errorHandling.ts
@@ -1,12 +1,9 @@
-import { Context } from "koa";
+import { Context, Next } from "koa";
 import { snakeCase } from "lodash";
 import Sequelize from "sequelize";
 export default function errorHandling() {
-  return async function errorHandlingMiddleware(
+  return async function errorHandlingMiddleware(ctx: Context, next: Next) {
    ctx: Context,
    next: () => Promise<any>
  ) {
    try {
      await next();
    } catch (err) {
--- a/server/middlewares/methodOverride.ts
+++ b/server/middlewares/methodOverride.ts
@@ -1,11 +1,8 @@
-import { Context } from "koa";
+import { Context, Next } from "koa";
 import queryString from "query-string";
 export default function methodOverride() {
-  return async function methodOverrideMiddleware(
+  return async function methodOverrideMiddleware(ctx: Context, next: Next) {
    ctx: Context,
    next: () => Promise<any>
  ) {
    if (ctx.method === "POST") {
      ctx.body = ctx.request.body;
    } else if (ctx.method === "GET") {
--- a/server/routes/api/middlewares/apiWrapper.ts
+++ b/server/routes/api/middlewares/apiWrapper.ts
@@ -1,11 +1,8 @@
 import stream from "stream";
-import { Context } from "koa";
+import { Context, Next } from "koa";
 export default function apiWrapper() {
-  return async function apiWrapperMiddleware(
+  return async function apiWrapperMiddleware(ctx: Context, next: Next) {
    ctx: Context,
    next: () => Promise<any>
  ) {
    await next();
    const ok = ctx.status < 400;
--- a/server/routes/api/middlewares/editor.ts
+++ b/server/routes/api/middlewares/editor.ts
@@ -1,26 +1,24 @@
-import { Context } from "koa";
+import { Context, Next } from "koa";
 import pkg from "rich-markdown-editor/package.json";
 // @ts-expect-error ts-migrate(7016) FIXME: Could not find a declaration file for module 'semv... Remove this comment to see the full error message
 import semver from "semver";
 import { EditorUpdateError } from "@server/errors";
 export default function editor() {
-  return async function editorMiddleware(
+  return async function editorMiddleware(ctx: Context, next: Next) {
    ctx: Context,
    next: () => Promise<any>
  ) {
    const clientVersion = ctx.headers["x-editor-version"];
    // If the editor version on the client is behind the current version being
    // served in production by either a minor (new features), or major (breaking
    // changes) then force a client reload.
    if (clientVersion) {
-      const parsedClientVersion = semver.parse(clientVersion);
+      const parsedClientVersion = semver.parse(clientVersion as string);
      const parsedCurrentVersion = semver.parse(pkg.version);
      if (
-        parsedClientVersion.major < parsedCurrentVersion.major ||
+        parsedClientVersion &&
-        parsedClientVersion.minor < parsedCurrentVersion.minor
+        parsedCurrentVersion &&
        (parsedClientVersion.major < parsedCurrentVersion.major ||
          parsedClientVersion.minor < parsedCurrentVersion.minor)
      ) {
        throw EditorUpdateError();
      }
--- a/server/routes/api/middlewares/pagination.ts
+++ b/server/routes/api/middlewares/pagination.ts
@@ -1,12 +1,9 @@
 import querystring from "querystring";
-import { Context } from "koa";
+import { Context, Next } from "koa";
 import { InvalidRequestError } from "@server/errors";
 export default function pagination(options?: Record<string, any>) {
-  return async function paginationMiddleware(
+  return async function paginationMiddleware(ctx: Context, next: Next) {
    ctx: Context,
    next: () => Promise<any>
  ) {
    const opts = {
      defaultLimit: 15,
      defaultOffset: 0,
--- a/yarn.lock
+++ b/yarn.lock
@@ -3188,6 +3188,11 @@
  resolved "https://registry.yarnpkg.com/@types/scheduler/-/scheduler-0.16.2.tgz#1a62f89525723dde24ba1b01b092bf5df8ad4d39"
  integrity sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew==
 "@types/semver@^7.3.9":
  version "7.3.9"
  resolved "https://registry.yarnpkg.com/@types/semver/-/semver-7.3.9.tgz#152c6c20a7688c30b967ec1841d31ace569863fc"
  integrity sha512-L/TMpyURfBkf+o/526Zb6kd/tchUP3iBDEPjqjb+U2MAJhVRxxrmr2fwpe08E7QsV7YLcpq0tUaQ9O9x97ZIxQ==
 "@types/sequelize@^4.28.10":
  version "4.28.10"
  resolved "https://registry.yarnpkg.com/@types/sequelize/-/sequelize-4.28.10.tgz#514b716718d4f6f398daaff78c05153534f2104e"