Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(nextjs): Fix server actions detection #3995

Closed
wants to merge 3 commits into from
Closed
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 29 additions & 14 deletions packages/nextjs/src/server/protect.ts
Original file line number Diff line number Diff line change
Expand Up @@ -112,10 +112,8 @@ export const createProtect = (opts: {

const isServerActionRequest = (req: Request) => {
return (
!!req.headers.get(nextConstants.Headers.NextUrl) &&
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Next-url as a header has been dropped from request to server actions since 14.1.0 way before 14.2.2 where our page detection started to fail.

(req.headers.get(constants.Headers.Accept)?.includes('text/x-component') ||
req.headers.get(constants.Headers.ContentType)?.includes('multipart/form-data') ||
Copy link
Member Author

@panteliselef panteliselef Aug 21, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Checking against multipart is not realistic. The following example will fire a request with Content-type text/plain;charset=UTF-8

'use client';

import { addItem2 } from '../actions';

export default function AddToCart() {
  return (
    <button
      type='button'
      onClick={() => {
        addItem2({ some: 'data' });
      }}
    >
      Click
    </button>
  );
}

!!req.headers.get(nextConstants.Headers.NextAction))
req.headers.get(constants.Headers.Accept)?.includes('text/x-component') &&
!!req.headers.get(nextConstants.Headers.NextAction)
);
};

Expand All @@ -130,18 +128,35 @@ const isPageRequest = (req: Request): boolean => {
};

const isAppRouterInternalNavigation = (req: Request) =>
(!!req.headers.get(nextConstants.Headers.NextUrl) && !isServerActionRequest(req)) || isPagePathAvailable();
// The header `next-url` has been dropped since [email protected]
(!!req.headers.get(nextConstants.Headers.NextUrl) || isAppPageRoute(getPagePathAvailable())) &&
!isServerActionRequest(req);

const isPagePathAvailable = () => {
/**
* Detects usage inside a page.tsx file in App Router
* Found in the Next.js repo
* https://github.com/vercel/next.js/blob/0ac10d79720cc950df96bd9d4958c9be0c075b6f/packages/next/src/lib/is-app-page-route.ts
*/
export function isAppPageRoute(route: string): boolean {
return route.endsWith('/page');
}

/**
* Detects usage inside a route.tsx file in App Router
* Found in the Next.js repo
* github.com/vercel/next.js/blob/0ac10d79720cc950df96bd9d4958c9be0c075b6f/packages/next/src/lib/is-app-route-route.ts
* In case we want to handle router handlers and server actions differently in the future
*/
// export function isAppRouteRoute(route: string): boolean {
// return route.endsWith('/route');
// }

/**
* Returns a string that can either end with `/page` or `/route` indicating that the code run in the context of a page or a route handler.
*/
const getPagePathAvailable = () => {
const __fetch = globalThis.fetch;
return Boolean(isNextFetcher(__fetch) ? __fetch.__nextGetStaticStore().getStore()?.pagePath : false);
return isNextFetcher(__fetch) ? __fetch.__nextGetStaticStore().getStore()?.pagePath || '' : '';
};

const isPagesRouterInternalNavigation = (req: Request) => !!req.headers.get(nextConstants.Headers.NextjsData);

// /**
// * In case we want to handle router handlers and server actions differently in the future
// */
// const isApiRouteRequest = (req: Request) => {
// return !isPageRequest(req) && !isServerActionRequest(req);
// };
Loading