Simplify publicPath and add test for protected resources

2024-11-11 08:33:53 +00:00 · 2017-06-20 16:12:55 +02:00 · 2017-06-20 16:12:55 +02:00 · 365d51c0b7
commit 365d51c0b7
parent 2d34d81d9c
3 changed files with 24 additions and 20 deletions
--- a/lib/core/options.js
+++ b/lib/core/options.js
@ -49,7 +49,7 @@ export default function Options (_options) {
  return options
 }

-const defaultOptions = {
+export const defaultOptions = {
  dev: (process.env.NODE_ENV !== 'production'),
  buildDir: '.nuxt',
  nuxtAppDir: resolve(__dirname, '../lib/app/'), // Relative to dist
--- a/lib/core/renderer.js
+++ b/lib/core/renderer.js
@ -10,7 +10,8 @@ import _ from 'lodash'
 import { join, resolve } from 'path'
 import fs from 'fs-extra'
 import { createBundleRenderer } from 'vue-server-renderer'
-import { encodeHtml, getContext, setAnsiColors } from 'utils'
+import { encodeHtml, getContext, setAnsiColors, isUrl } from 'utils'
+import { defaultOptions } from './options'
 import Debug from 'debug'
 import connect from 'connect'

@ -175,8 +176,7 @@ export default class Renderer extends Tapable {
      if (this.options.router.base !== '/' && req.url.indexOf(this.options.router.base) === 0) {
        req.url = req.url.replace(this.options.router.base, '/')
      }
-      // Prevent access to SSR resources (TODO: write tests)
-      /* istanbul ignore if */
+      // Prevent access to SSR resources
      if (ssrResourceRegex.test(req.url)) {
        res.statusCode = 404
        return res.end()
@ -184,16 +184,6 @@ export default class Renderer extends Tapable {
      next()
    })

-    // Remove publicPath from requests in production mode
-    if (!this.options.dev) {
-      this.useMiddleware((req, res, next) => {
-        if (req.url.indexOf(this.options.build.publicPath) === 0) {
-          req.url = req.url.replace(this.options.build.publicPath, '/')
-        }
-        next()
-      })
-    }
-
    // Add webpack middleware only for development
    if (this.options.dev) {
      this.useMiddleware(async (req, res, next) => {
@ -217,10 +207,14 @@ export default class Renderer extends Tapable {
    // Serve .nuxt/dist/ files only for production
    // For dev they will be served with devMiddleware
    if (!this.options.dev) {
-      this.useMiddleware(serveStatic(resolve(this.options.buildDir, 'dist'), {
-        index: false, // Don't serve index.html template
-        maxAge: (this.options.dev ? 0 : '1y') // 1 year in production
-      }))
+      const distDir = resolve(this.options.buildDir, 'dist')
+      this.useMiddleware({
+        path: isUrl(this.options.build.publicPath) ? defaultOptions.build.publicPath : this.options.build.publicPath,
+        handler: serveStatic(distDir, {
+          index: false, // Don't serve index.html template
+          maxAge: (this.options.dev ? 0 : '1y') // 1 year in production
+        })
+      })
    }

    // Add User provided middleware
--- a/test/basic.test.js
+++ b/test/basic.test.js
@ -145,14 +145,24 @@ test('/redirect2', async t => {
 })

 test('ETag Header', async t => {
-  const {headers: {etag}} = await rp(url('/stateless'), {resolveWithFullResponse: true})
+  const { headers: { etag } } = await rp(url('/stateless'), { resolveWithFullResponse: true })
  // Validate etag
  t.regex(etag, /W\/".*"$/)
  // Verify functionality
-  const error = await t.throws(rp(url('/stateless'), {headers: {'If-None-Match': etag}}))
+  const error = await t.throws(rp(url('/stateless'), { headers: { 'If-None-Match': etag } }))
  t.is(error.statusCode, 304)
 })

+test('/_nuxt/server-bundle.json should return 404', async t => {
+  const err = await t.throws(rp(url('/_nuxt/server-bundle.json'), { resolveWithFullResponse: true }))
+  t.is(err.statusCode, 404)
+})
+
+test('/_nuxt/ should return 404', async t => {
+  const err = await t.throws(rp(url('/_nuxt/'), { resolveWithFullResponse: true }))
+  t.is(err.statusCode, 404)
+})
+
 // Close server and ask nuxt to stop listening to file changes
 test.after('Closing server and nuxt.js', t => {
  nuxt.close()