forked from baron/baron-sso
fix(userfront): prevent public env asset request
This commit is contained in:
@@ -1,6 +1,13 @@
|
||||
import { brotliCompressSync, constants } from 'node:zlib';
|
||||
import { createHash } from 'node:crypto';
|
||||
import { existsSync, readFileSync, readdirSync, renameSync, writeFileSync } from 'node:fs';
|
||||
import {
|
||||
existsSync,
|
||||
readFileSync,
|
||||
readdirSync,
|
||||
renameSync,
|
||||
unlinkSync,
|
||||
writeFileSync,
|
||||
} from 'node:fs';
|
||||
import { basename, extname, join } from 'node:path';
|
||||
import { fileURLToPath } from 'node:url';
|
||||
import { dirname } from 'node:path';
|
||||
@@ -9,7 +16,19 @@ const __filename = fileURLToPath(import.meta.url);
|
||||
const __dirname = dirname(__filename);
|
||||
const buildDir = process.argv[2] ?? join(__dirname, '..', 'build', 'web');
|
||||
const bootstrapPath = join(buildDir, 'flutter_bootstrap.js');
|
||||
const indexPath = join(buildDir, 'index.html');
|
||||
const hashableEntrypoints = ['main.dart.js', 'main.dart.mjs', 'main.dart.wasm'];
|
||||
const loginFontFallbackPreloads = [
|
||||
'https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Me4GZLCzYlKw.woff2',
|
||||
'https://fonts.gstatic.com/s/notosanskr/v36/PbyxFmXiEBPT4ITbgNA5Cgms3VYcOA-vvnIzzuoyeLGC5nwuDo-KBTUm6CryotyJROlrnQ.110.woff2',
|
||||
'https://fonts.gstatic.com/s/notosanskr/v36/PbyxFmXiEBPT4ITbgNA5Cgms3VYcOA-vvnIzzuoyeLGC5nwuDo-KBTUm6CryotyJROlrnQ.113.woff2',
|
||||
'https://fonts.gstatic.com/s/notosanskr/v36/PbyxFmXiEBPT4ITbgNA5Cgms3VYcOA-vvnIzzuoyeLGC5nwuDo-KBTUm6CryotyJROlrnQ.114.woff2',
|
||||
'https://fonts.gstatic.com/s/notosanskr/v36/PbyxFmXiEBPT4ITbgNA5Cgms3VYcOA-vvnIzzuoyeLGC5nwuDo-KBTUm6CryotyJROlrnQ.115.woff2',
|
||||
'https://fonts.gstatic.com/s/notosanskr/v36/PbyxFmXiEBPT4ITbgNA5Cgms3VYcOA-vvnIzzuoyeLGC5nwuDo-KBTUm6CryotyJROlrnQ.116.woff2',
|
||||
'https://fonts.gstatic.com/s/notosanskr/v36/PbyxFmXiEBPT4ITbgNA5Cgms3VYcOA-vvnIzzuoyeLGC5nwuDo-KBTUm6CryotyJROlrnQ.117.woff2',
|
||||
'https://fonts.gstatic.com/s/notosanskr/v36/PbyxFmXiEBPT4ITbgNA5Cgms3VYcOA-vvnIzzuoyeLGC5nwuDo-KBTUm6CryotyJROlrnQ.118.woff2',
|
||||
'https://fonts.gstatic.com/s/notosanskr/v36/PbyxFmXiEBPT4ITbgNA5Cgms3VYcOA-vvnIzzuoyeLGC5nwuDo-KBTUm6CryotyJROlrnQ.119.woff2',
|
||||
];
|
||||
const compressibleExtensions = new Set([
|
||||
'.css',
|
||||
'.html',
|
||||
@@ -26,9 +45,16 @@ if (!existsSync(bootstrapPath)) {
|
||||
}
|
||||
|
||||
let bootstrap = readFileSync(bootstrapPath, 'utf8');
|
||||
const hashedEntrypoints = new Map();
|
||||
const activeEntrypointFiles = new Set();
|
||||
|
||||
for (const entrypoint of hashableEntrypoints) {
|
||||
const sourcePath = join(buildDir, entrypoint);
|
||||
const sourceName = findEntrypointSource(entrypoint, bootstrap);
|
||||
if (!sourceName) {
|
||||
continue;
|
||||
}
|
||||
|
||||
const sourcePath = join(buildDir, sourceName);
|
||||
if (!existsSync(sourcePath)) {
|
||||
continue;
|
||||
}
|
||||
@@ -40,12 +66,80 @@ for (const entrypoint of hashableEntrypoints) {
|
||||
const hashedName = `${stem}.${hash}${extension}`;
|
||||
const targetPath = join(buildDir, hashedName);
|
||||
|
||||
renameSync(sourcePath, targetPath);
|
||||
if (sourceName !== hashedName) {
|
||||
renameSync(sourcePath, targetPath);
|
||||
}
|
||||
bootstrap = bootstrap.replaceAll(sourceName, hashedName);
|
||||
bootstrap = bootstrap.replaceAll(entrypoint, hashedName);
|
||||
hashedEntrypoints.set(entrypoint, hashedName);
|
||||
activeEntrypointFiles.add(hashedName);
|
||||
}
|
||||
|
||||
for (const fileName of readdirSync(buildDir)) {
|
||||
if (
|
||||
/^main\.dart\.[0-9a-f]{12}\.(?:js|mjs|wasm)(?:\.br)?$/.test(fileName) &&
|
||||
!activeEntrypointFiles.has(fileName.replace(/\.br$/, ''))
|
||||
) {
|
||||
unlinkSync(join(buildDir, fileName));
|
||||
}
|
||||
}
|
||||
|
||||
bootstrap = bootstrap.replace(
|
||||
/_flutter\.loader\.load\(\{\s*serviceWorkerSettings:\s*\{[\s\S]*?\}\s*\}\);/,
|
||||
'_flutter.loader.load({config:{canvasKitBaseUrl:"canvaskit/"}});',
|
||||
);
|
||||
bootstrap = bootstrap.replace(
|
||||
/_flutter\.loader\.load\(\);/,
|
||||
'_flutter.loader.load({config:{canvasKitBaseUrl:"canvaskit/"}});',
|
||||
);
|
||||
bootstrap = bootstrap.replace(
|
||||
/_flutter\.loader\.load\(\{config:\{[^}]*\}\}\);/,
|
||||
'_flutter.loader.load({config:{canvasKitBaseUrl:"canvaskit/"}});',
|
||||
);
|
||||
writeFileSync(bootstrapPath, bootstrap);
|
||||
|
||||
if (existsSync(indexPath)) {
|
||||
let index = readFileSync(indexPath, 'utf8');
|
||||
const preloadLinks = [
|
||||
'<link rel="preload" href="flutter_bootstrap.js" as="script" />',
|
||||
hashedEntrypoints.has('main.dart.mjs')
|
||||
? `<link rel="modulepreload" href="${hashedEntrypoints.get('main.dart.mjs')}" />`
|
||||
: '',
|
||||
hashedEntrypoints.has('main.dart.wasm')
|
||||
? `<link rel="preload" href="${hashedEntrypoints.get('main.dart.wasm')}" as="fetch" type="application/wasm" crossorigin />`
|
||||
: '',
|
||||
'<link rel="modulepreload" href="canvaskit/skwasm.js" />',
|
||||
'<link rel="preload" href="canvaskit/skwasm.wasm" as="fetch" type="application/wasm" crossorigin />',
|
||||
'<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />',
|
||||
...loginFontFallbackPreloads.map(
|
||||
(href) =>
|
||||
`<link rel="preload" href="${href}" as="fetch" type="font/woff2" crossorigin />`,
|
||||
),
|
||||
]
|
||||
.filter(Boolean)
|
||||
.join('\n ');
|
||||
|
||||
index = index
|
||||
.replace(/\n\s*<link rel="preload" href="flutter_bootstrap\.js" as="script" \/>/g, '')
|
||||
.replace(/\n\s*<link rel="modulepreload" href="main\.dart\.[^"]+\.mjs" \/>/g, '')
|
||||
.replace(
|
||||
/\n\s*<link rel="preload" href="main\.dart\.[^"]+\.wasm" as="fetch" type="application\/wasm" crossorigin \/>/g,
|
||||
'',
|
||||
)
|
||||
.replace(/\n\s*<link rel="modulepreload" href="canvaskit\/skwasm\.js" \/>/g, '')
|
||||
.replace(
|
||||
/\n\s*<link rel="preload" href="canvaskit\/skwasm\.wasm" as="fetch" type="application\/wasm" crossorigin \/>/g,
|
||||
'',
|
||||
)
|
||||
.replace(/\n\s*<link rel="preconnect" href="https:\/\/fonts\.gstatic\.com" crossorigin \/>/g, '')
|
||||
.replace(
|
||||
/\n\s*<link rel="preload" href="https:\/\/fonts\.gstatic\.com\/s\/(?:roboto|notosanskr)\/[^"]+\.woff2" as="fetch" type="font\/woff2" crossorigin \/>/g,
|
||||
'',
|
||||
);
|
||||
index = index.replace('</head>', ` ${preloadLinks}\n </head>`);
|
||||
writeFileSync(indexPath, index);
|
||||
}
|
||||
|
||||
for (const filePath of walk(buildDir)) {
|
||||
if (filePath.endsWith('.br')) {
|
||||
continue;
|
||||
@@ -78,4 +172,16 @@ function* walk(directory) {
|
||||
}
|
||||
}
|
||||
|
||||
function findEntrypointSource(entrypoint, bootstrap) {
|
||||
if (existsSync(join(buildDir, entrypoint))) {
|
||||
return entrypoint;
|
||||
}
|
||||
|
||||
const extension = extname(entrypoint).replace('.', '');
|
||||
const match = bootstrap.match(
|
||||
new RegExp(`main\\.dart\\.[0-9a-f]{12}\\.${extension}`),
|
||||
);
|
||||
return match?.[0] ?? null;
|
||||
}
|
||||
|
||||
console.log(`[userfront] optimized ${basename(buildDir)} with hashed entrypoints and brotli assets`);
|
||||
|
||||
Reference in New Issue
Block a user