lwsjs / rewrite Goto Github PK
View Code? Open in Web Editor NEWlws middleware plugin adding URL rewriting support
License: MIT License
lws middleware plugin adding URL rewriting support
License: MIT License
Rewrite rules having no parameters, automatically applied to every path (even to the non-matching ones.)
The problem is in getTargetUrl function of util.js.
The toUrl is automatically set to the to parameter, and will be returned even if the path doesn't match. For non-matching paths the intact url parameter should be returned instead.
function getTargetUrl (from, to, url) {
const { pathToRegexp } = require('path-to-regexp')
const fromParams = []
const re = pathToRegexp(from, fromParams)
const fromMatches = re.exec(url)
let toUrl = to // <--------- it should be 'url' if 'fromMatches' is undefined
for (const [index, fromParam] of fromParams.entries()) {
if (fromMatches && fromMatches[index + 1]) {
fromParam.value = fromMatches[index + 1]
}
}
/* replace named params */
for (const fromParam of fromParams) {
if (typeof fromParam.name === 'string') {
if (fromParam.value) {
toUrl = toUrl.replace(new RegExp(`:${fromParam.name}`, 'g'), fromParam.value)
} else {
toUrl = url
}
}
}
/* replace positional params */
for (const fromParam of fromParams) {
if (typeof fromParam.name !== 'string') {
toUrl = url.replace(re, toUrl)
}
}
return toUrl
}
I would need something like optiona/conditional rewrites. That could be similar as the spa conditionals --spa.asset-test-fs
by checking if a file is available in the fs, then serve it, otherwise rewrite the request.
When we rewrite URL that has a response to set a cookie (i.e. response has set-cookie
header), sometimes, the response will specify to set the cookie in the remote domain, hence locally, the expected cookie isn't present.
This feature request is similar to cookieDomainRewrite
option use case at node-http-proxy
library (more details at its PR). I hope you could consider it. Thanks for your time ๐
The plugin has code:
/* On insecure connections, remove `secure` attribute from remote cookies */
const setCookies = remoteRes.headers['set-cookie']
if (!ctx.req.socket.encrypted && !lws.config.rewriteKeepSecureAttr && setCookies && setCookies.length) {
const cookies = setCookies.map(c => util.removeCookieAttribute(c, 'secure'))
remoteRes.headers['set-cookie'] = cookies
}
If secure
attribute is removed but there is "SameSite=None"
a browser rejects cookie, breaking all login pages. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie for exact error message in a browser DevTools:
Cookie "myCookie" rejected because it has the "SameSite=None" attribute but is missing the "secure" attribute.
This Set-Cookie was blocked because it had the "SameSite=None" attribute but did not have the "Secure" attribute, which is required in order to use "SameSite=None".
Consider removing SameSite=None
together with secure
. Other values of SameSite
are safe without secure
.
11:45:29 AM: Middleware error
Error: Cannot find module 'req-then'
at Function.Module._resolveFilename (internal/modules/cjs/loader.js:582:15)
at Function.Module._load (internal/modules/cjs/loader.js:508:25)
at Module.require (internal/modules/cjs/loader.js:637:17)
at require (internal/modules/cjs/helpers.js:22:18)
at Promise (node_modules\local-web-server\node_modules\lws-rewrite\index.js:113:25)
at process._tickCallback (internal/process/next_tick.js:68:7)
Hello, I think I already know the answer to this after a brief play with cli, and a quick look through the code, but it never hurts to ask.
npx lws-rewrite "https://a.mydomain.com/(.+)" "http://localhost:8081/a/$1" "https://a.mydomain.com/test"
I was hoping to see
http://localhost:8081/a/test
but I was greeted with the lovely error message of
C:\WINDOWS\system32>npx lws-rewrite "https://a.mydomain.com/(.+)" "http://localhost:8081/a/$1" "https://a.mydomain.com/test"
C:\Users\CRichardson\AppData\Roaming\nvm\v19.6.0\node_modules\lws-rewrite\node_modules\path-to-regexp\dist\index.js:48
throw new TypeError("Missing parameter name at ".concat(i));
^
TypeError: Missing parameter name at 5
at lexer (C:\Users\CRichardson\AppData\Roaming\nvm\v19.6.0\node_modules\lws-rewrite\node_modules\path-to-regexp\dist\index.js:48:23)
at parse (C:\Users\CRichardson\AppData\Roaming\nvm\v19.6.0\node_modules\lws-rewrite\node_modules\path-to-regexp\dist\index.js:98:18)
at stringToRegexp (C:\Users\CRichardson\AppData\Roaming\nvm\v19.6.0\node_modules\lws-rewrite\node_modules\path-to-regexp\dist\index.js:329:27)
at pathToRegexp (C:\Users\CRichardson\AppData\Roaming\nvm\v19.6.0\node_modules\lws-rewrite\node_modules\path-to-regexp\dist\index.js:407:12)
at Object.getTargetUrl (C:\Users\CRichardson\AppData\Roaming\nvm\v19.6.0\node_modules\lws-rewrite\lib\util.js:21:14)
at Object.<anonymous> (C:\Users\CRichardson\AppData\Roaming\nvm\v19.6.0\node_modules\lws-rewrite\bin\cli.js:9:20)
at Module._compile (node:internal/modules/cjs/loader:1246:14)
at Module._extensions..js (node:internal/modules/cjs/loader:1300:10)
at Module.load (node:internal/modules/cjs/loader:1103:32)
at Module._load (node:internal/modules/cjs/loader:942:12)
Node.js v19.6.0
So, yes, I can see by the examples, you guys are expecting first and third params to be the path from server, and not a path including server..
But You never know, there could be some secret option I was not able to find, so thought best to ask.
When installing lws-rewrite
via local-web-server
NPM reports a high severity vulnerability in https-proxy-agent
that is fixed in v3.x. Details about the securty issue: https://npmjs.com/advisories/1184
Would it be possible to upgrade to v3? Thanks!
I would like to proxy websocket connections. I looked at the code and I think it would be possible. Here is some documentation from https-proxy-agent. I am happy to have a go at implementing this. Would love any guidance or suggestions.
Hello,
I'm trying to use local-web-server
for serving a documentation for a CSS framework.
My directory tree looks like that :
/
dist/
style.css
public/
index.html
The public
folder contains the HTML documentation. In order to work well it needs files that are built in the dist
folder. Those are the built files of the CSS framework.
I've tried to declare a rewrite like that :
ws -d public --rewrite '/dist/(.*) -> ../dist/$1'
But I get 403 in the browser and a Middleware error in the shell :
13:51:19: Middleware error
ForbiddenError: Forbidden
at resolvePath (/home/vprothais/dev/oneI/node_modules/resolve-path/index.js:83:11)
at send (/home/vprothais/dev/oneI/node_modules/koa-send/index.js:81:10)
at serve (/home/vprothais/dev/oneI/node_modules/koa-static/index.js:44:24)
at dispatch (/home/vprothais/dev/oneI/node_modules/koa-compose/index.js:42:32)
at module.exports (/home/vprothais/dev/oneI/node_modules/koa-range/index.js:11:12)
at dispatch (/home/vprothais/dev/oneI/node_modules/koa-compose/index.js:42:32)
at etag (/home/vprothais/dev/oneI/node_modules/koa-etag/index.js:26:12)
at dispatch (/home/vprothais/dev/oneI/node_modules/koa-compose/index.js:42:32)
at conditional (/home/vprothais/dev/oneI/node_modules/koa-conditional-get/index.js:19:12)
at dispatch (/home/vprothais/dev/oneI/node_modules/koa-compose/index.js:42:32)
It's probably for security reason.
I frequently use Apache aliases for folder outside of the root directory. I assumed it would work here.
Do I missed something with the configuration ?
Thank you for your help !
Please see lwsjs/local-web-server#128.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.