kevin/baron-sso
1
0
Fork 0
forked from baron/baron-sso
Code Pull Requests Activity

fix(userfront): prevent public env asset request

Browse Source
This commit is contained in:
admin-bot
2026-05-15 14:31:14 +09:00
parent 4346f48bbe
commit 14fb155cd9
7 changed files with 228 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
userfront-e2e/scripts/serve-userfront-build.mjs
View File

@@ -35,6 +35,13 @@ const contentTypes = {
const server = createServer((req, res) => {
const url = new URL(req.url ?? '/', 'http://localhost');
const pathname = decodeURIComponent(url.pathname);
if (pathname === '/') {
res.statusCode = 302;
res.setHeader('Location', '/ko/signin');
res.setHeader('Cache-Control', 'no-cache, max-age=0, must-revalidate');
res.end();
return;
}
const relative = pathname === '/' ? '/index.html' : pathname;
const candidate = normalize(join(root, relative));
@@ -48,6 +55,13 @@ const server = createServer((req, res) => {
let servesAppShellFallback = false;
if (!existsSync(filePath) || statSync(filePath).isDirectory()) {
if (extname(pathname)) {
res.statusCode = 404;
res.setHeader('Cache-Control', 'no-cache, max-age=0, must-revalidate');
res.end('Not Found');
return;
}
// Flutter web 라우팅 경로(`/ko`, `/ko/signin`)도 index.html로 fallback 처리
filePath = join(root, 'index.html');
servesAppShellFallback = true;