From 5b8504048140cbbd5d9424132c998c506dece6ce Mon Sep 17 00:00:00 2001 From: patak Date: Sun, 3 Dec 2023 11:09:40 +0100 Subject: [PATCH] fix: proxy html path should be encoded (#15223) --- .../vite/src/node/server/middlewares/indexHtml.ts | 15 ++++++++++----- playground/ssr/__tests__/ssr.spec.ts | 10 +++++++++- playground/ssr/index.html | 4 ++++ 3 files changed, 23 insertions(+), 6 deletions(-) diff --git a/packages/vite/src/node/server/middlewares/indexHtml.ts b/packages/vite/src/node/server/middlewares/indexHtml.ts index f4247558fe4c67..c225c18051f414 100644 --- a/packages/vite/src/node/server/middlewares/indexHtml.ts +++ b/packages/vite/src/node/server/middlewares/indexHtml.ts @@ -170,7 +170,6 @@ const devHtmlHook: IndexHtmlTransformHook = async ( ) => { const { config, moduleGraph, watcher } = server! const base = config.base || '/' - htmlPath = decodeURI(htmlPath) let proxyModulePath: string let proxyModuleUrl: string @@ -192,9 +191,10 @@ const devHtmlHook: IndexHtmlTransformHook = async ( const s = new MagicString(html) let inlineModuleIndex = -1 - const proxyCacheUrl = cleanUrl(proxyModulePath).replace( - normalizePath(config.root), - '', + // The key to the proxyHtml cache is decoded, as it will be compared + // against decoded URLs by the HTML plugins. + const proxyCacheUrl = decodeURI( + cleanUrl(proxyModulePath).replace(normalizePath(config.root), ''), ) const styleUrl: AssetNode[] = [] const inlineStyles: InlineStyleAttribute[] = [] @@ -434,6 +434,11 @@ function preTransformRequest(server: ViteDevServer, url: string, base: string) { if (!server.config.server.preTransformRequests) return // transform all url as non-ssr as html includes client-side assets only - url = unwrapId(stripBase(url, base)) + try { + url = unwrapId(stripBase(decodeURI(url), base)) + } catch { + // ignore + return + } server.warmupRequest(url) } diff --git a/playground/ssr/__tests__/ssr.spec.ts b/playground/ssr/__tests__/ssr.spec.ts index 2d62a7079feecb..8c29c2169f0343 100644 --- a/playground/ssr/__tests__/ssr.spec.ts +++ b/playground/ssr/__tests__/ssr.spec.ts @@ -1,6 +1,6 @@ import { expect, test } from 'vitest' import { port, serverLogs } from './serve' -import { editFile, page, withRetry } from '~utils' +import { browserLogs, editFile, isServe, page, withRetry } from '~utils' const url = `http://localhost:${port}` @@ -29,3 +29,11 @@ test('should restart ssr', async () => { ) }) }) + +test.runIf(isServe)('html proxy is encoded', async () => { + await page.goto( + `${url}?%22%3E%3C/script%3E%3Cscript%3Econsole.log(%27html proxy is not encoded%27)%3C/script%3E`, + ) + + expect(browserLogs).not.toContain('html proxy is not encoded') +}) diff --git a/playground/ssr/index.html b/playground/ssr/index.html index 8121bbab93eac1..1b901ee15cf153 100644 --- a/playground/ssr/index.html +++ b/playground/ssr/index.html @@ -4,6 +4,10 @@ SSR +

SSR