0
0
mirror of https://github.com/honojs/hono.git synced 2024-12-01 10:51:01 +00:00
Commit Graph

1064 Commits

Author SHA1 Message Date
Yusuke Wada
3d9c6b2338 v3.3.4 2023-07-27 12:16:21 +09:00
Yusuke Wada
5dc0975bd2
feat(cloudflare-pages): add serveStatic() (#1273) 2023-07-27 12:12:59 +09:00
Yusuke Wada
77b7ac7fe7
fix(utils/filepath): allow .. in filename (#1272)
* fix(utils/filepath): allow `..` in filename

* denoify

* support `./foo../bar.txt`

* denoify

* add tests

---

Co-authored-by: Taku Amano <taku@taaas.jp>
2023-07-27 11:43:42 +09:00
DianomiJH
8ef9b5e0b0
fix(lambda): added generic parameters to aws-lambda handler to fix #1265 (#1269) 2023-07-27 09:43:07 +09:00
Yusuke Wada
614ab9d6e4
fix(utils/filepath): don't allow dot segments (#1271) 2023-07-27 08:37:20 +09:00
Codinak
1495f8b41b
fix(jsx): escapeToBuffer vulnerability (#1266)
* fix escapeToBuffer vulnerability

Escape single quote (0x27) to limit execution capabilities under certain conditions.

* denoify
2023-07-26 23:12:25 +09:00
watany
cbd5616e9d
fix(lambda-edge) Adding Export Type CloudFrontResponse and CloudFrontConfig (#1263)
* export type

* revert
2023-07-25 07:44:57 +09:00
Yusuke Wada
84973c999d v3.3.3 2023-07-23 16:20:23 +09:00
Yusuke Wada
b0a368676e
fix(hono-base): enable strict with getPath option (#1259)
* fix(hono-base): enable `strict` with `getPath` option

* denoify
2023-07-23 16:03:45 +09:00
watany
ba346a4b63
feat(adaptor): Lambda@Edge supports response callbacks (#1251)
* change header

* fixed

* simple test

* minify

* refactor

* fix

* binding response

* fix

* fix

* remove fix

* remove lowercase
2023-07-21 16:59:32 +09:00
Yusuke Wada
14f5536ec6 v3.3.2 2023-07-20 17:52:22 +09:00
Yusuke Wada
5c1f7f033c
fix(hono/quick): use SmartRouter (#1250)
* fix(hono/quick): use SmartRouter

* denoify
2023-07-20 17:43:35 +09:00
Yusuke Wada
47dbeaa147
fix(trie-router-router): For "Named param with trailing wildcard" (#1246)
* fix(trie-router-router): For "Named param with trailing wildcard"

* denoify
2023-07-20 16:48:38 +09:00
Taku Amano
3e663af916
fix(pattern-router): For "Named param with trailing wildcard" (#1244)
* fix(pattern-router): For "Named param with trailing wildcard"

* chore: denoify
2023-07-20 16:48:21 +09:00
James A Rosen
4b39eba618
refactor(etag): simplify cloning logic (#1242)
If the upstream response doesn't include an `ETag` header, the ETag
middleware needs to clone the response so it can read the body to
compute an ETag. This commit simplifies the management of the original
and cloned responses.
2023-07-19 09:57:57 +09:00
Yusuke Wada
0a0dac7c60 v3.3.1 2023-07-16 15:37:28 +09:00
watany
301e142163
fix: Safe modification of Buffer (#1238)
* refactor lambda-edge

* refactor lambda
2023-07-15 20:44:54 +09:00
markthree
0efc6952a3
perf(deno/middlewares/serveStatic): serve static with stream (#1234)
* perf(deno/middlewares/serveStatic): serve static with stream

* Revert "perf(deno/middlewares/serveStatic): serve static with stream"

This reverts commit 0360966d1e.

* fix(deno/middlewares/serveStatic): fix position and test for serve static with stream

* chore(deno/middlewares/serveStatic): clean temp dist files
2023-07-15 14:28:48 +09:00
Yusuke Wada
42dc3646a0
fix(cache): clone the response (#1232)
* fix

* clone the response shortly

* add test for not found

* denoify

---------

Co-authored-by: brn <brn@b6n.ch>
2023-07-15 09:36:03 +09:00
Denis Washington
2a6d17551b
fix: AWS Lambda: Avoid text-encoding binary data (#1235)
So far, the AWS Lambda adapter has used `atob` to convert a Base64-encoded
request body to a binary. However, `atob` returns a string, and passing
that to the `Request` constructor (at least on Node.js, which Lambda
runs on) results in the binary string being encoded as UTF-8. This means
that if the request body contains bytes which are not in the ASCII
range, they are replaced with UTF-8 multi-byte encodings, which leads
to `c.req.blob()`, `c.req.formData()`, etc. returning the wrong binary
data!

This commit fixes the issue by replacing `atob(body)` with
`Buffer.from(body, 'base64')`, which does not have that problem. The
`Buffer` can be directly passed as body for `new Request()` because it
implements the `Uint8Array` interface. While this makes the AWS Lambda
adapter depend directly on the "node:buffer" module, this should be fine
because AWS Lambda functions always run on Node.
2023-07-15 09:35:32 +09:00
Yusuke Wada
5090c3c817 v3.3.0 2023-07-11 10:10:34 +09:00
Yusuke Wada
d48c160542
feat(lambda-edge): pass the context and callback as env (#1229) 2023-07-10 23:04:13 +09:00
watany
f37de258b8
fix(lambda-edge): update schema and refactor (#1230)
* remove array check

* update if

* fix test

* fix origin infomation
2023-07-10 22:58:18 +09:00
Yusuke Wada
096e3b7dd1 v3.3.0-rc.1 2023-07-08 18:31:28 +09:00
Yusuke Wada
cef0adb1d6
fix(mount): include query params (#1224)
* fix(mount): include query params

* denoify
2023-07-08 18:25:50 +09:00
Yusuke Wada
9fd3cd3914 chore: pretty 2023-07-07 18:02:29 +09:00
watany
c2cbc0a80b
ci: update ci action (#1222) 2023-07-07 17:48:36 +09:00
watany
edca699b96
feat(adapter): AWS Lambda Adapter supports requests via Lambda@edge (#1210)
* edge-adaptor

* add env

* Revert "add env"

This reverts commit 9662e574fd.

* Revert "add env"

This reverts commit 9662e574fd.

* v0.1

* Revert "edge-adaptor"

This reverts commit ed6b2566b1.

* runtimetest

* WIP: runtime-test

* lint

* build lambda-edge

* ci lambda-edge

* remove gitpod

* test fix

* fix of self check
2023-07-07 17:41:33 +09:00
Yusuke Wada
a8ebb47ddd
docs: add a svg logo image (#1217) 2023-07-04 18:45:55 +09:00
Pascal
b0e0ce85a0
feat: Add Server-Timing API as middleware (#1215)
* feat(timing): add Server-Timing API as middleware

* refactor(timing): rename config to TimingOptions
2023-07-03 11:19:49 +09:00
flow
d6f4d1a501
Fix replaceUrlParam to ignore regexp in path (#1214)
* Fix replaceUrlParam to ignore regexp in path

* Generate deno_dist files
2023-07-02 22:25:19 +09:00
Tom Lienard
09175e1289
fix(tests): Lagon env test (#1209) 2023-07-01 17:20:23 +09:00
Yusuke Wada
3891845458 v3.2.7 2023-06-29 20:13:56 +09:00
Yusuke Wada
8ebd8b7b76
fix(jsonT): remove overloads from JSONTRespond (#1208)
* fix(`jsonT`): remove overloads from `JSONTRespond`

* denoify

* update tests
2023-06-29 20:09:00 +09:00
ryoppippi
bae5419d54
feat: add deleteCookie (#1190)
* add deleteCookie

* fix test

* fix test

* add test for deteleCookie with third argument opt
2023-06-29 19:58:38 +09:00
Yusuke Wada
5b873fcc5c
fix(types): allow not to set skipLibCheck (#1206)
* fix(types): allow not to set `skipLibCheck`

* use `unknown`

* denoify
2023-06-29 16:48:00 +09:00
James A Rosen
ddc34e1f6a
perf(Request): optimize Request.prototype.header (#1204)
`Request.prototype.header` has two overloads:

 1. with a string name, it returns that header value if present
 2. with no argument, it returns all the headers as an object

Previously, the implementation built the whole object for (2) even when
returning a single header. This was wasteful. This commit changes it to
return the header by name if specified and only iterate over all the
headers when the caller asks for the whole object.
2023-06-29 16:27:05 +09:00
James A Rosen
f356702efc
fix(etag): support multi-value If-None-Match (#1199)
* chore(etag): reduce global state in tests

Previously, the `etag` tests used a single Hono `app` that was
instantiated statically before the tests. Having a shared app increases
the chances of inter-test conflicts and makes it impossible to modify
the app for a single test. This, in turn, makes it harder for test
maintainers to see the connection between the app configuration and the
expectations.

This commit moves the creation of the `app` into a `beforeEach` block
and moves any app configuration that relates to a single test case into
that test case.

* perf(etag): don't override ETags from upstream

Previously, the `etag` middleware would always compute an `ETag`
header based on the SHA-1 of the `Response` body. In cases where the
upstream response already includes the header, this wastefully
clones the response, reads the body into memory, and computes a hash.

This commit changes the middleware to bypass the hash computation if
the `Response` already has an ETag.

* perf(etag): 304s include only necessary headers

The spec[^1] for 304 Not Modified says,

> The server generating a 304 response MUST generate any of the
> following header fields that would have been sent in a 200 (OK)
> response to the same request:
>
>  * Content-Location, Date, ETag, and Vary
>  * Cache-Control and Expires (see [CACHING])
>
> Since the goal of a 304 response is to minimize information transfer
> when the recipient already has one or more cached representations, a
> sender SHOULD NOT generate representation metadata other than the
> above listed fields unless said metadata exists for the purpose of
> guiding cache updates (e.g., Last-Modified might be useful if the
> response does not have an ETag field).

Previously, the `etag` middleware was sending all headers from the
original response except for `content-type` (omitted by
`Context.prototype.set res`) and `content-length` (omitted by the `etag`
middleware itself).

This commit changes the middleware to include only the headers
required with the spec, upgrading it from _conditionally compliant_ to
_fully compliant_. The list is configurable as
`options.retainedHeaders`.

[^1]: https://www.rfc-editor.org/rfc/rfc9110#name-304-not-modified

* fix(etag): Support multi-value If-None-Match

The spec[^1] for `If-None-Match` says,

> If the field value is a list of entity tags, the condition is false if
> one of the listed tags matches the entity tag of the selected
> representation.

and provides these examples:

```
If-None-Match: "xyzzy"
If-None-Match: W/"xyzzy"
If-None-Match: "xyzzy", "r2d2xxxx", "c3piozzzz"
If-None-Match: W/"xyzzy", W/"r2d2xxxx", W/"c3piozzzz"
If-None-Match: *
```

The value `*` isn't relevant for this middleware, but the other values
are.

This commit adds support for multi-value comma-separated ETags in the
`If-None-Match` header.

[^1]: https://www.rfc-editor.org/rfc/rfc9110#name-if-none-match

* perf(etag): prefer Header.prototype.get

Previously, the `etag` middleware used `c.req.header(...)` to access the
`If-None-Match` header. This method works, but is less efficient than
accessing the value via the raw `Headers` object.

Additionally, the middleware was trying multiple case versions for the
same header, but header-lookup is case-insensitive, so it was wasting
time on requests that lacked the header altogether.

This change also makes `etag` consistent with the other middleware in
this repo (e.g. `basic-auth`, `compress`), which all use
`c.req.headers.get(...)` to access headers.
2023-06-29 16:23:26 +09:00
Yusuke Wada
5965102619
ci(bun): fix Bun version (#1205) 2023-06-27 18:14:06 +09:00
Yusuke Wada
ee5929b045
fix(tsconfig): remove skipLibCheck (#1201) 2023-06-26 17:14:40 +09:00
Yusuke Wada
4b2dfb824b
fix(utils/cookie): allow 0 to maxAge (#1196)
* fix(utils/cookie): allow 0 to maxAge

* denoify
2023-06-23 17:33:20 +09:00
Yusuke Wada
1459bc6277 v3.2.6 2023-06-22 22:40:57 +09:00
Yusuke Wada
e2b26d6074
fix(cookie): maxAge should be positive (#1194)
* Allow setting cookie's maxAge to 0.

* fix(cookie): `maxAge` should be positive

* denoify

---------

Co-authored-by: David Manouchehri <david.manouchehri@ai.moda>
2023-06-22 22:37:07 +09:00
Kelly Littlepage
387d696303
fix: application/x-www-form-urlencoded decoding (#1189)
The current logic for decoding application/x-www-form-urlencoded is
overly restrictive and misses `Content-Type` headers with a character
encoding set, i.e., application/x-www-form-urlencoded; charset=UTF-8.

This fix harmonizes the logic for handling multipart/form-data
and application/x-www-form-urlencoded in the `parseBody` method of
request objects.
2023-06-21 22:51:59 +09:00
Yusuke Wada
94812fcf2d v3.2.5 2023-06-07 21:59:42 +09:00
Yusuke Wada
5f9453b498
feat(jsx): React-like style conversion (#1159)
* feat(jsx): React-like `style` conversion

* denoify
2023-06-07 21:56:04 +09:00
IGUCHI Kanahiro
a6b0833060
fix: avoid range-error (#1168)
* fix: avoid range-error

* fix: avoid range-error

* denoify
2023-06-07 21:54:49 +09:00
Alexander Kozlov
8387b8c0f6
fix(HttpException): error message should not be the HTTP reason phrase (#1161)
* fix(HttpException): error message should not be the HTTP reason phrase

* review fixes

---------

Co-authored-by: Nasa <nasa@mail.inc>
2023-06-07 21:17:52 +09:00
IGUCHI Kanahiro
39dcab0eb2
fix: replace to use better base64-encoder (#1165) 2023-06-06 14:25:49 +09:00
Yusuke Wada
a14e65a6ca
chore(benchmark): add radix3 (#1167) 2023-06-06 14:16:26 +09:00