Skip to content

Commit 63f4b65

Browse files
cliftonccliftonc
committed
Build
1 parent a6d6d9b commit 63f4b65

File tree

4 files changed

+132
-168
lines changed

4 files changed

+132
-168
lines changed

dist/index.js

Lines changed: 29 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -16884,9 +16884,17 @@ AbortError.prototype = Object.create(Error.prototype);
1688416884
AbortError.prototype.constructor = AbortError;
1688516885
AbortError.prototype.name = 'AbortError';
1688616886

16887+
const URL$1 = Url.URL || whatwgUrl.URL;
16888+
1688716889
// fix an issue where "PassThrough", "resolve" aren't a named export for node <10
1688816890
const PassThrough$1 = Stream.PassThrough;
16889-
const resolve_url = Url.resolve;
16891+
16892+
const isDomainOrSubdomain = function isDomainOrSubdomain(destination, original) {
16893+
const orig = new URL$1(original).hostname;
16894+
const dest = new URL$1(destination).hostname;
16895+
16896+
return orig === dest || orig[orig.length - dest.length - 1] === '.' && orig.endsWith(dest);
16897+
};
1689016898

1689116899
/**
1689216900
* Fetch function
@@ -16974,7 +16982,19 @@ function fetch(url, opts) {
1697416982
const location = headers.get('Location');
1697516983

1697616984
// HTTP fetch step 5.3
16977-
const locationURL = location === null ? null : resolve_url(request.url, location);
16985+
let locationURL = null;
16986+
try {
16987+
locationURL = location === null ? null : new URL$1(location, request.url).toString();
16988+
} catch (err) {
16989+
// error here can only be invalid URL in Location: header
16990+
// do not throw when options.redirect == manual
16991+
// let the user extract the errorneous redirect URL
16992+
if (request.redirect !== 'manual') {
16993+
reject(new FetchError(`uri requested responds with an invalid redirect URL: ${location}`, 'invalid-redirect'));
16994+
finalize();
16995+
return;
16996+
}
16997+
}
1697816998

1697916999
// HTTP fetch step 5.5
1698017000
switch (request.redirect) {
@@ -17022,6 +17042,12 @@ function fetch(url, opts) {
1702217042
size: request.size
1702317043
};
1702417044

17045+
if (!isDomainOrSubdomain(request.url, locationURL)) {
17046+
for (const name of ['authorization', 'www-authenticate', 'cookie', 'cookie2']) {
17047+
requestOpts.headers.delete(name);
17048+
}
17049+
}
17050+
1702517051
// HTTP-redirect fetch step 9
1702617052
if (res.statusCode !== 303 && request.body && getTotalBytes(request) === null) {
1702717053
reject(new FetchError('Cannot follow redirect with body being a readable stream', 'unsupported-redirect'));
@@ -21406,7 +21432,7 @@ const createProperties = (repo, pageHash, dependsOn, { systems, owners, structur
2140621432
}
2140721433

2140821434
// Always have to check the hash afterwards, excluding the hash and the key
21409-
const hashProperties = properties
21435+
const hashProperties = Object.assign({}, properties)
2141021436
// Add the links if they exist to the hash
2141121437
if (repo.metadata?.links) {
2141221438
hashProperties.links = repo.metadata?.links

0 commit comments

Comments
 (0)