Archived
1
0

Convert routes to Express

This commit is contained in:
Asher 2020-10-20 18:05:58 -05:00
parent 4b6cbacbad
commit 112eda4605
No known key found for this signature in database
GPG Key ID: D63C1EF81242354A
20 changed files with 1031 additions and 1523 deletions

View File

@ -31,6 +31,8 @@ rules:
import/order:
[error, { alphabetize: { order: "asc" }, groups: [["builtin", "external", "internal"], "parent", "sibling"] }]
no-async-promise-executor: off
# This isn't a real module, just types, which apparently doesn't resolve.
import/no-unresolved: [error, { ignore: ["express-serve-static-core"] }]
settings:
# Does not work with CommonJS unfortunately.

View File

@ -1318,7 +1318,7 @@ index 0000000000000000000000000000000000000000..56331ff1fc32bbd82e769aaecb551e42
+require('../../bootstrap-amd').load('vs/server/entry');
diff --git a/src/vs/server/ipc.d.ts b/src/vs/server/ipc.d.ts
new file mode 100644
index 0000000000000000000000000000000000000000..33b28cf2d53746ee9c50c056ac2e087dcee0a4e2
index 0000000000000000000000000000000000000000..6ce56bec114a6d8daf5dd3ded945ea78fc72a5c6
--- /dev/null
+++ b/src/vs/server/ipc.d.ts
@@ -0,0 +1,131 @@
@ -1336,7 +1336,7 @@ index 0000000000000000000000000000000000000000..33b28cf2d53746ee9c50c056ac2e087d
+ options: VscodeOptions;
+}
+
+export type Query = { [key: string]: string | string[] | undefined };
+export type Query = { [key: string]: string | string[] | undefined | Query | Query[] };
+
+export interface SocketMessage {
+ type: 'socket';

View File

@ -30,6 +30,8 @@
},
"main": "out/node/entry.js",
"devDependencies": {
"@types/body-parser": "^1.19.0",
"@types/cookie-parser": "^1.4.2",
"@types/express": "^4.17.8",
"@types/fs-extra": "^8.0.1",
"@types/http-proxy": "^1.17.4",
@ -67,6 +69,8 @@
},
"dependencies": {
"@coder/logger": "1.1.16",
"body-parser": "^1.19.0",
"cookie-parser": "^1.4.5",
"env-paths": "^2.2.0",
"express": "^4.17.1",
"fs-extra": "^9.0.1",
@ -75,6 +79,7 @@
"js-yaml": "^3.13.1",
"limiter": "^1.1.5",
"pem": "^1.14.2",
"qs": "6.7.0",
"rotating-file-stream": "^2.1.1",
"safe-buffer": "^5.1.1",
"safe-compare": "^1.1.4",

View File

@ -9,7 +9,7 @@ export enum HttpCode {
}
export class HttpError extends Error {
public constructor(message: string, public readonly code: number, public readonly details?: object) {
public constructor(message: string, public readonly status: number, public readonly details?: object) {
super(message)
this.name = this.constructor.name
}

View File

@ -4,6 +4,7 @@ import { promises as fs } from "fs"
import http from "http"
import * as httpolyglot from "httpolyglot"
import { DefaultedArgs } from "./cli"
import { handleUpgrade } from "./http"
/**
* Create an Express app and an HTTP/S server to serve it.
@ -38,6 +39,8 @@ export const createApp = async (args: DefaultedArgs): Promise<[Express, http.Ser
}
})
handleUpgrade(app, server)
return [app, server]
}

View File

@ -18,7 +18,7 @@ import {
} from "./cli"
import { coderCloudBind } from "./coder-cloud"
import { commit, version } from "./constants"
import { loadPlugins } from "./plugin"
import { register } from "./routes"
import { humanPath, open } from "./util"
import { ipcMain, WrapperProcess } from "./wrapper"
@ -111,15 +111,14 @@ const main = async (args: DefaultedArgs): Promise<void> => {
if (args.auth === AuthType.Password && !args.password) {
throw new Error("Please pass in a password via the config file or $PASSWORD")
}
ipcMain.onDispose(() => {
// TODO: register disposables
})
const [app, server] = await createApp(args)
const serverAddress = ensureAddress(server)
// TODO: register routes
await loadPlugins(app, args)
await register(app, server, args)
logger.info(`Using config file ${humanPath(args.config)}`)
logger.info(`HTTP server listening on ${serverAddress} ${args.link ? "(randomized by --link)" : ""}`)

File diff suppressed because it is too large Load Diff

73
src/node/proxy.ts Normal file
View File

@ -0,0 +1,73 @@
import { Request, Router } from "express"
import proxyServer from "http-proxy"
import { HttpCode } from "../common/http"
import { ensureAuthenticated } from "./http"
export const proxy = proxyServer.createProxyServer({})
proxy.on("error", (error, _, res) => {
res.writeHead(HttpCode.ServerError)
res.end(error.message)
})
// Intercept the response to rewrite absolute redirects against the base path.
proxy.on("proxyRes", (res, req) => {
if (res.headers.location && res.headers.location.startsWith("/") && (req as any).base) {
res.headers.location = (req as any).base + res.headers.location
}
})
export const router = Router()
/**
* Return the port if the request should be proxied. Anything that ends in a
* proxy domain and has a *single* subdomain should be proxied. Anything else
* should return `undefined` and will be handled as normal.
*
* For example if `coder.com` is specified `8080.coder.com` will be proxied
* but `8080.test.coder.com` and `test.8080.coder.com` will not.
*
* Throw an error if proxying but the user isn't authenticated.
*/
const maybeProxy = (req: Request): string | undefined => {
// Split into parts.
const host = req.headers.host || ""
const idx = host.indexOf(":")
const domain = idx !== -1 ? host.substring(0, idx) : host
const parts = domain.split(".")
// There must be an exact match.
const port = parts.shift()
const proxyDomain = parts.join(".")
if (!port || !req.args["proxy-domain"].includes(proxyDomain)) {
return undefined
}
// Must be authenticated to use the proxy.
ensureAuthenticated(req)
return port
}
router.all("*", (req, res, next) => {
const port = maybeProxy(req)
if (!port) {
return next()
}
proxy.web(req, res, {
ignorePath: true,
target: `http://127.0.0.1:${port}${req.originalUrl}`,
})
})
router.ws("*", (socket, head, req, next) => {
const port = maybeProxy(req)
if (!port) {
return next()
}
proxy.ws(req, socket, head, {
ignorePath: true,
target: `http://127.0.0.1:${port}${req.originalUrl}`,
})
})

View File

@ -1,22 +1,10 @@
import { Heart } from "../heart"
import { HttpProvider, HttpProviderOptions, HttpResponse } from "../http"
import { Router } from "express"
/**
* Check the heartbeat.
*/
export class HealthHttpProvider extends HttpProvider {
public constructor(options: HttpProviderOptions, private readonly heart: Heart) {
super(options)
}
export const router = Router()
public async handleRequest(): Promise<HttpResponse> {
return {
cache: false,
mime: "application/json",
content: {
status: this.heart.alive() ? "alive" : "expired",
lastHeartbeat: this.heart.lastHeartbeat,
},
}
}
}
router.get("/", (req, res) => {
res.json({
status: req.heart.alive() ? "alive" : "expired",
lastHeartbeat: req.heart.lastHeartbeat,
})
})

123
src/node/routes/index.ts Normal file
View File

@ -0,0 +1,123 @@
import { logger } from "@coder/logger"
import bodyParser from "body-parser"
import cookieParser from "cookie-parser"
import { Express } from "express"
import { promises as fs } from "fs"
import http from "http"
import * as path from "path"
import * as tls from "tls"
import { HttpCode, HttpError } from "../../common/http"
import { plural } from "../../common/util"
import { AuthType, DefaultedArgs } from "../cli"
import { rootPath } from "../constants"
import { Heart } from "../heart"
import { replaceTemplates } from "../http"
import { loadPlugins } from "../plugin"
import * as domainProxy from "../proxy"
import { getMediaMime, paths } from "../util"
import * as health from "./health"
import * as login from "./login"
import * as proxy from "./proxy"
// static is a reserved keyword.
import * as _static from "./static"
import * as update from "./update"
import * as vscode from "./vscode"
declare global {
// eslint-disable-next-line @typescript-eslint/no-namespace
namespace Express {
export interface Request {
args: DefaultedArgs
heart: Heart
}
}
}
/**
* Register all routes and middleware.
*/
export const register = async (app: Express, server: http.Server, args: DefaultedArgs): Promise<void> => {
const heart = new Heart(path.join(paths.data, "heartbeat"), async () => {
return new Promise((resolve, reject) => {
server.getConnections((error, count) => {
if (error) {
return reject(error)
}
logger.trace(plural(count, `${count} active connection`))
resolve(count > 0)
})
})
})
app.disable("x-powered-by")
app.use(cookieParser())
app.use(bodyParser.json())
app.use(bodyParser.urlencoded({ extended: true }))
server.on("upgrade", () => {
heart.beat()
})
app.use(async (req, res, next) => {
heart.beat()
// If we're handling TLS ensure all requests are redirected to HTTPS.
// TODO: This does *NOT* work if you have a base path since to specify the
// protocol we need to specify the whole path.
if (args.cert && !(req.connection as tls.TLSSocket).encrypted) {
return res.redirect(`https://${req.headers.host}${req.originalUrl}`)
}
// Return robots.txt.
if (req.originalUrl === "/robots.txt") {
const resourcePath = path.resolve(rootPath, "src/browser/robots.txt")
res.set("Content-Type", getMediaMime(resourcePath))
return res.send(await fs.readFile(resourcePath))
}
// Add common variables routes can use.
req.args = args
req.heart = heart
return next()
})
app.use("/", domainProxy.router)
app.use("/", vscode.router)
app.use("/healthz", health.router)
if (args.auth === AuthType.Password) {
app.use("/login", login.router)
}
app.use("/proxy", proxy.router)
app.use("/static", _static.router)
app.use("/update", update.router)
app.use("/vscode", vscode.router)
await loadPlugins(app, args)
app.use(() => {
throw new HttpError("Not Found", HttpCode.NotFound)
})
// Handle errors.
// TODO: The types are broken; says they're all implicitly `any`.
app.use(async (err: any, req: any, res: any, next: any) => {
const resourcePath = path.resolve(rootPath, "src/browser/pages/error.html")
res.set("Content-Type", getMediaMime(resourcePath))
try {
const content = await fs.readFile(resourcePath, "utf8")
if (err.code === "ENOENT" || err.code === "EISDIR") {
err.status = HttpCode.NotFound
}
res.status(err.status || 500).send(
replaceTemplates(req, content)
.replace(/{{ERROR_TITLE}}/g, err.status || "Error")
.replace(/{{ERROR_HEADER}}/g, err.status || "Error")
.replace(/{{ERROR_BODY}}/g, err.message),
)
} catch (error) {
next(error)
}
})
}

View File

@ -1,140 +1,21 @@
import * as http from "http"
import * as limiter from "limiter"
import * as querystring from "querystring"
import { HttpCode, HttpError } from "../../common/http"
import { AuthType } from "../cli"
import { HttpProvider, HttpProviderOptions, HttpResponse, Route } from "../http"
import { Router, Request } from "express"
import { promises as fs } from "fs"
import { RateLimiter as Limiter } from "limiter"
import * as path from "path"
import safeCompare from "safe-compare"
import { rootPath } from "../constants"
import { authenticated, getCookieDomain, redirect, replaceTemplates } from "../http"
import { hash, humanPath } from "../util"
interface LoginPayload {
password?: string
/**
* Since we must set a cookie with an absolute path, we need to know the full
* base path.
*/
base?: string
}
/**
* Login HTTP provider.
*/
export class LoginHttpProvider extends HttpProvider {
public constructor(
options: HttpProviderOptions,
private readonly configFile: string,
private readonly envPassword: boolean,
) {
super(options)
}
public async handleRequest(route: Route, request: http.IncomingMessage): Promise<HttpResponse> {
if (this.options.auth !== AuthType.Password || !this.isRoot(route)) {
throw new HttpError("Not found", HttpCode.NotFound)
}
switch (route.base) {
case "/":
switch (request.method) {
case "POST":
this.ensureMethod(request, ["GET", "POST"])
return this.tryLogin(route, request)
default:
this.ensureMethod(request)
if (this.authenticated(request)) {
return {
redirect: (Array.isArray(route.query.to) ? route.query.to[0] : route.query.to) || "/",
query: { to: undefined },
}
}
return this.getRoot(route)
}
}
throw new HttpError("Not found", HttpCode.NotFound)
}
public async getRoot(route: Route, error?: Error): Promise<HttpResponse> {
const response = await this.getUtf8Resource(this.rootPath, "src/browser/pages/login.html")
response.content = response.content.replace(/{{ERROR}}/, error ? `<div class="error">${error.message}</div>` : "")
let passwordMsg = `Check the config file at ${humanPath(this.configFile)} for the password.`
if (this.envPassword) {
passwordMsg = "Password was set from $PASSWORD."
}
response.content = response.content.replace(/{{PASSWORD_MSG}}/g, passwordMsg)
return this.replaceTemplates(route, response)
}
private readonly limiter = new RateLimiter()
/**
* Try logging in. On failure, show the login page with an error.
*/
private async tryLogin(route: Route, request: http.IncomingMessage): Promise<HttpResponse> {
// Already authenticated via cookies?
const providedPassword = this.authenticated(request)
if (providedPassword) {
return { code: HttpCode.Ok }
}
try {
if (!this.limiter.try()) {
throw new Error("Login rate limited!")
}
const data = await this.getData(request)
const payload = data ? querystring.parse(data) : {}
return await this.login(payload, route, request)
} catch (error) {
return this.getRoot(route, error)
}
}
/**
* Return a cookie if the user is authenticated otherwise throw an error.
*/
private async login(payload: LoginPayload, route: Route, request: http.IncomingMessage): Promise<HttpResponse> {
const password = this.authenticated(request, {
key: typeof payload.password === "string" ? [hash(payload.password)] : undefined,
})
if (password) {
return {
redirect: (Array.isArray(route.query.to) ? route.query.to[0] : route.query.to) || "/",
query: { to: undefined },
cookie:
typeof password === "string"
? {
key: "key",
value: password,
path: payload.base,
}
: undefined,
}
}
// Only log if it was an actual login attempt.
if (payload && payload.password) {
console.error(
"Failed login attempt",
JSON.stringify({
xForwardedFor: request.headers["x-forwarded-for"],
remoteAddress: request.connection.remoteAddress,
userAgent: request.headers["user-agent"],
timestamp: Math.floor(new Date().getTime() / 1000),
}),
)
throw new Error("Incorrect password")
}
throw new Error("Missing password")
}
enum Cookie {
Key = "key",
}
// RateLimiter wraps around the limiter library for logins.
// It allows 2 logins every minute and 12 logins every hour.
class RateLimiter {
private readonly minuteLimiter = new limiter.RateLimiter(2, "minute")
private readonly hourLimiter = new limiter.RateLimiter(12, "hour")
private readonly minuteLimiter = new Limiter(2, "minute")
private readonly hourLimiter = new Limiter(12, "hour")
public try(): boolean {
if (this.minuteLimiter.tryRemoveTokens(1)) {
@ -143,3 +24,72 @@ class RateLimiter {
return this.hourLimiter.tryRemoveTokens(1)
}
}
const getRoot = async (req: Request, error?: Error): Promise<string> => {
const content = await fs.readFile(path.join(rootPath, "src/browser/pages/login.html"), "utf8")
let passwordMsg = `Check the config file at ${humanPath(req.args.config)} for the password.`
if (req.args.usingEnvPassword) {
passwordMsg = "Password was set from $PASSWORD."
}
return replaceTemplates(
req,
content
.replace(/{{PASSWORD_MSG}}/g, passwordMsg)
.replace(/{{ERROR}}/, error ? `<div class="error">${error.message}</div>` : ""),
)
}
const limiter = new RateLimiter()
export const router = Router()
router.use((req, res, next) => {
const to = (typeof req.query.to === "string" && req.query.to) || "/"
if (authenticated(req)) {
return redirect(req, res, to, { to: undefined })
}
next()
})
router.get("/", async (req, res) => {
res.send(await getRoot(req))
})
router.post("/", async (req, res) => {
try {
if (!limiter.try()) {
throw new Error("Login rate limited!")
}
if (!req.body.password) {
throw new Error("Missing password")
}
if (req.args.password && safeCompare(req.body.password, req.args.password)) {
// The hash does not add any actual security but we do it for
// obfuscation purposes (and as a side effect it handles escaping).
res.cookie(Cookie.Key, hash(req.body.password), {
domain: getCookieDomain(req.headers.host || "", req.args["proxy-domain"]),
path: req.body.base || "/",
sameSite: "lax",
})
const to = (typeof req.query.to === "string" && req.query.to) || "/"
return redirect(req, res, to, { to: undefined })
}
console.error(
"Failed login attempt",
JSON.stringify({
xForwardedFor: req.headers["x-forwarded-for"],
remoteAddress: req.connection.remoteAddress,
userAgent: req.headers["user-agent"],
timestamp: Math.floor(new Date().getTime() / 1000),
}),
)
throw new Error("Incorrect password")
} catch (error) {
res.send(await getRoot(req, error))
}
})

View File

@ -1,43 +1,43 @@
import * as http from "http"
import { Request, Router } from "express"
import qs from "qs"
import { HttpCode, HttpError } from "../../common/http"
import { HttpProvider, HttpResponse, Route, WsResponse } from "../http"
import { authenticated, redirect } from "../http"
import { proxy } from "../proxy"
/**
* Proxy HTTP provider.
*/
export class ProxyHttpProvider extends HttpProvider {
public async handleRequest(route: Route, request: http.IncomingMessage): Promise<HttpResponse> {
if (!this.authenticated(request)) {
if (this.isRoot(route)) {
return { redirect: "/login", query: { to: route.fullPath } }
export const router = Router()
const getProxyTarget = (req: Request, rewrite: boolean): string => {
if (rewrite) {
const query = qs.stringify(req.query)
return `http://127.0.0.1:${req.params.port}/${req.params[0] || ""}${query ? `?${query}` : ""}`
}
return `http://127.0.0.1:${req.params.port}/${req.originalUrl}`
}
router.all("/(:port)(/*)?", (req, res) => {
if (!authenticated(req)) {
// If visiting the root (/proxy/:port and nothing else) redirect to the
// login page.
if (!req.params[0] || req.params[0] === "/") {
return redirect(req, res, "login", {
to: `${req.baseUrl}${req.path}` || "/",
})
}
throw new HttpError("Unauthorized", HttpCode.Unauthorized)
}
// Ensure there is a trailing slash so relative paths work correctly.
if (this.isRoot(route) && !route.fullPath.endsWith("/")) {
return {
redirect: `${route.fullPath}/`,
}
}
// Absolute redirects need to be based on the subpath when rewriting.
;(req as any).base = `${req.baseUrl}/${req.params.port}`
const port = route.base.replace(/^\//, "")
return {
proxy: {
strip: `${route.providerBase}/${port}`,
port,
},
}
}
proxy.web(req, res, {
ignorePath: true,
target: getProxyTarget(req, true),
})
})
public async handleWebSocket(route: Route, request: http.IncomingMessage): Promise<WsResponse> {
this.ensureAuthenticated(request)
const port = route.base.replace(/^\//, "")
return {
proxy: {
strip: `${route.providerBase}/${port}`,
port,
},
}
}
}
router.ws("/(:port)(/*)?", (socket, head, req) => {
proxy.ws(req, socket, head, {
ignorePath: true,
target: getProxyTarget(req, true),
})
})

View File

@ -1,73 +1,61 @@
import { field, logger } from "@coder/logger"
import * as http from "http"
import { Router } from "express"
import { promises as fs } from "fs"
import * as path from "path"
import { Readable } from "stream"
import * as tarFs from "tar-fs"
import * as zlib from "zlib"
import { HttpProvider, HttpResponse, Route } from "../http"
import { pathToFsPath } from "../util"
import { HttpCode, HttpError } from "../../common/http"
import { rootPath } from "../constants"
import { authenticated, replaceTemplates } from "../http"
import { getMediaMime, pathToFsPath } from "../util"
/**
* Static file HTTP provider. Static requests do not require authentication if
* the resource is in the application's directory except requests to serve a
* directory as a tar which always requires authentication.
*/
export class StaticHttpProvider extends HttpProvider {
public async handleRequest(route: Route, request: http.IncomingMessage): Promise<HttpResponse> {
this.ensureMethod(request)
export const router = Router()
if (typeof route.query.tar === "string") {
this.ensureAuthenticated(request)
return this.getTarredResource(request, pathToFsPath(route.query.tar))
// The commit is for caching.
router.get("/(:commit)(/*)?", async (req, res) => {
if (!req.params[0]) {
throw new HttpError("Not Found", HttpCode.NotFound)
}
const response = await this.getReplacedResource(request, route)
if (!this.isDev) {
response.cache = true
}
return response
const resourcePath = path.resolve(req.params[0])
// Make sure it's in code-server if you aren't authenticated. This lets
// unauthenticated users load the login assets.
if (!resourcePath.startsWith(rootPath) && !authenticated(req)) {
throw new HttpError("Unauthorized", HttpCode.Unauthorized)
}
/**
* Return a resource with variables replaced where necessary.
*/
protected async getReplacedResource(request: http.IncomingMessage, route: Route): Promise<HttpResponse> {
// The first part is always the commit (for caching purposes).
const split = route.requestPath.split("/").slice(1)
const resourcePath = path.resolve("/", ...split)
// Make sure it's in code-server or a plugin.
const validPaths = [this.rootPath, process.env.PLUGIN_DIR]
if (!validPaths.find((p) => p && resourcePath.startsWith(p))) {
this.ensureAuthenticated(request)
// Don't cache during development. - can also be used if you want to make a
// static request without caching.
if (req.params.commit !== "development" && req.params.commit !== "-") {
res.header("Cache-Control", "public, max-age=31536000")
}
switch (split[split.length - 1]) {
case "manifest.json": {
const response = await this.getUtf8Resource(resourcePath)
return this.replaceTemplates(route, response)
}
}
return this.getResource(resourcePath)
}
/**
* Tar up and stream a directory.
*/
private async getTarredResource(request: http.IncomingMessage, ...parts: string[]): Promise<HttpResponse> {
const filePath = path.join(...parts)
let stream: Readable = tarFs.pack(filePath)
const headers: http.OutgoingHttpHeaders = {}
if (request.headers["accept-encoding"] && request.headers["accept-encoding"].includes("gzip")) {
logger.debug("gzipping tar", field("filePath", filePath))
const tar = Array.isArray(req.query.tar) ? req.query.tar[0] : req.query.tar
if (typeof tar === "string") {
let stream: Readable = tarFs.pack(pathToFsPath(tar))
if (req.headers["accept-encoding"] && req.headers["accept-encoding"].includes("gzip")) {
logger.debug("gzipping tar", field("path", resourcePath))
const compress = zlib.createGzip()
stream.pipe(compress)
stream.on("error", (error) => compress.destroy(error))
stream.on("close", () => compress.end())
stream = compress
headers["content-encoding"] = "gzip"
res.header("content-encoding", "gzip")
}
return { stream, filePath, mime: "application/x-tar", cache: true, headers }
res.set("Content-Type", "application/x-tar")
stream.on("close", () => res.end())
return stream.pipe(res)
}
res.set("Content-Type", getMediaMime(resourcePath))
if (resourcePath.endsWith("manifest.json")) {
const content = await fs.readFile(resourcePath, "utf8")
return res.send(replaceTemplates(req, content))
}
const content = await fs.readFile(resourcePath)
return res.send(content)
})

View File

@ -1,172 +1,34 @@
import { field, logger } from "@coder/logger"
import * as http from "http"
import * as https from "https"
import * as path from "path"
import * as semver from "semver"
import * as url from "url"
import { HttpCode, HttpError } from "../../common/http"
import { HttpProvider, HttpProviderOptions, HttpResponse, Route } from "../http"
import { settings as globalSettings, SettingsProvider, UpdateSettings } from "../settings"
import { Router } from "express"
import { version } from "../constants"
import { ensureAuthenticated } from "../http"
import { UpdateProvider } from "../update"
export interface Update {
checked: number
version: string
}
export const router = Router()
export interface LatestResponse {
name: string
}
const provider = new UpdateProvider()
/**
* HTTP provider for checking updates (does not download/install them).
*/
export class UpdateHttpProvider extends HttpProvider {
private update?: Promise<Update>
private updateInterval = 1000 * 60 * 60 * 24 // Milliseconds between update checks.
public constructor(
options: HttpProviderOptions,
public readonly enabled: boolean,
/**
* The URL for getting the latest version of code-server. Should return JSON
* that fulfills `LatestResponse`.
*/
private readonly latestUrl = "https://api.github.com/repos/cdr/code-server/releases/latest",
/**
* Update information will be stored here. If not provided, the global
* settings will be used.
*/
private readonly settings: SettingsProvider<UpdateSettings> = globalSettings,
) {
super(options)
}
public async handleRequest(route: Route, request: http.IncomingMessage): Promise<HttpResponse> {
this.ensureAuthenticated(request)
this.ensureMethod(request)
if (!this.isRoot(route)) {
throw new HttpError("Not found", HttpCode.NotFound)
}
if (!this.enabled) {
throw new Error("update checks are disabled")
}
switch (route.base) {
case "/check":
case "/": {
const update = await this.getUpdate(route.base === "/check")
return {
content: {
...update,
isLatest: this.isLatestVersion(update),
},
}
}
}
throw new HttpError("Not found", HttpCode.NotFound)
}
/**
* Query for and return the latest update.
*/
public async getUpdate(force?: boolean): Promise<Update> {
// Don't run multiple requests at a time.
if (!this.update) {
this.update = this._getUpdate(force)
this.update.then(() => (this.update = undefined))
}
return this.update
}
private async _getUpdate(force?: boolean): Promise<Update> {
const now = Date.now()
try {
let { update } = !force ? await this.settings.read() : { update: undefined }
if (!update || update.checked + this.updateInterval < now) {
const buffer = await this.request(this.latestUrl)
const data = JSON.parse(buffer.toString()) as LatestResponse
update = { checked: now, version: data.name }
await this.settings.write({ update })
}
logger.debug("got latest version", field("latest", update.version))
return update
} catch (error) {
logger.error("Failed to get latest version", field("error", error.message))
return {
checked: now,
version: "unknown",
}
}
}
public get currentVersion(): string {
return require(path.resolve(__dirname, "../../../package.json")).version
}
/**
* Return true if the currently installed version is the latest.
*/
public isLatestVersion(latest: Update): boolean {
const version = this.currentVersion
logger.debug("comparing versions", field("current", version), field("latest", latest.version))
try {
return latest.version === version || semver.lt(latest.version, version)
} catch (error) {
return true
}
}
private async request(uri: string): Promise<Buffer> {
const response = await this.requestResponse(uri)
return new Promise((resolve, reject) => {
const chunks: Buffer[] = []
let bufferLength = 0
response.on("data", (chunk) => {
bufferLength += chunk.length
chunks.push(chunk)
router.use((req, _, next) => {
ensureAuthenticated(req)
next()
})
response.on("error", reject)
response.on("end", () => {
resolve(Buffer.concat(chunks, bufferLength))
router.get("/", async (_, res) => {
const update = await provider.getUpdate()
res.json({
checked: update.checked,
latest: update.version,
current: version,
isLatest: provider.isLatestVersion(update),
})
})
}
private async requestResponse(uri: string): Promise<http.IncomingMessage> {
let redirects = 0
const maxRedirects = 10
return new Promise((resolve, reject) => {
const request = (uri: string): void => {
logger.debug("Making request", field("uri", uri))
const httpx = uri.startsWith("https") ? https : http
const client = httpx.get(uri, { headers: { "User-Agent": "code-server" } }, (response) => {
if (
response.statusCode &&
response.statusCode >= 300 &&
response.statusCode < 400 &&
response.headers.location
) {
++redirects
if (redirects > maxRedirects) {
return reject(new Error("reached max redirects"))
}
response.destroy()
return request(url.resolve(uri, response.headers.location))
}
if (!response.statusCode || response.statusCode < 200 || response.statusCode >= 400) {
return reject(new Error(`${uri}: ${response.statusCode || "500"}`))
}
resolve(response)
// This route will force a check.
router.get("/check", async (_, res) => {
const update = await provider.getUpdate(true)
res.json({
checked: update.checked,
latest: update.version,
current: version,
isLatest: provider.isLatestVersion(update),
})
client.on("error", reject)
}
request(uri)
})
}
}

View File

@ -1,107 +1,64 @@
import { field, logger } from "@coder/logger"
import * as cp from "child_process"
import * as crypto from "crypto"
import * as fs from "fs-extra"
import * as http from "http"
import * as net from "net"
import { Router } from "express"
import { promises as fs } from "fs"
import * as path from "path"
import {
CodeServerMessage,
Options,
StartPath,
VscodeMessage,
VscodeOptions,
WorkbenchOptions,
} from "../../../lib/vscode/src/vs/server/ipc"
import { HttpCode, HttpError } from "../../common/http"
import { arrayify, generateUuid } from "../../common/util"
import { Args } from "../cli"
import { HttpProvider, HttpProviderOptions, HttpResponse, Route } from "../http"
import { settings } from "../settings"
import { pathToFsPath } from "../util"
import { commit, rootPath, version } from "../constants"
import { authenticated, ensureAuthenticated, redirect, replaceTemplates } from "../http"
import { getMediaMime, pathToFsPath } from "../util"
import { VscodeProvider } from "../vscode"
export class VscodeHttpProvider extends HttpProvider {
private readonly serverRootPath: string
private readonly vsRootPath: string
private _vscode?: Promise<cp.ChildProcess>
export const router = Router()
public constructor(options: HttpProviderOptions, private readonly args: Args) {
super(options)
this.vsRootPath = path.resolve(this.rootPath, "lib/vscode")
this.serverRootPath = path.join(this.vsRootPath, "out/vs/server")
}
const vscode = new VscodeProvider()
public get running(): boolean {
return !!this._vscode
}
public async dispose(): Promise<void> {
if (this._vscode) {
const vscode = await this._vscode
vscode.removeAllListeners()
this._vscode = undefined
vscode.kill()
}
}
private async initialize(options: VscodeOptions): Promise<WorkbenchOptions> {
const id = generateUuid()
const vscode = await this.fork()
logger.debug("setting up vs code...")
return new Promise<WorkbenchOptions>((resolve, reject) => {
vscode.once("message", (message: VscodeMessage) => {
logger.debug("got message from vs code", field("message", message))
return message.type === "options" && message.id === id
? resolve(message.options)
: reject(new Error("Unexpected response during initialization"))
})
vscode.once("error", reject)
vscode.once("exit", (code) => reject(new Error(`VS Code exited unexpectedly with code ${code}`)))
this.send({ type: "init", id, options }, vscode)
router.get("/", async (req, res) => {
if (!authenticated(req)) {
return redirect(req, res, "login", {
to: req.baseUrl || "/",
})
}
private fork(): Promise<cp.ChildProcess> {
if (!this._vscode) {
logger.debug("forking vs code...")
const vscode = cp.fork(path.join(this.serverRootPath, "fork"))
vscode.on("error", (error) => {
logger.error(error.message)
this._vscode = undefined
})
vscode.on("exit", (code) => {
logger.error(`VS Code exited unexpectedly with code ${code}`)
this._vscode = undefined
const [content, options] = await Promise.all([
await fs.readFile(path.join(rootPath, "src/browser/pages/vscode.html"), "utf8"),
vscode
.initialize(
{
args: req.args,
remoteAuthority: req.headers.host || "",
},
req.query,
)
.catch((error) => {
const devMessage = commit === "development" ? "It might not have finished compiling." : ""
throw new Error(`VS Code failed to load. ${devMessage} ${error.message}`)
}),
])
options.productConfiguration.codeServerVersion = version
res.send(
replaceTemplates(
req,
// Uncomment prod blocks if not in development. TODO: Would this be
// better as a build step? Or maintain two HTML files again?
commit !== "development" ? content.replace(/<!-- PROD_ONLY/g, "").replace(/END_PROD_ONLY -->/g, "") : content,
{
disableTelemetry: !!req.args["disable-telemetry"],
},
)
.replace(`"{{REMOTE_USER_DATA_URI}}"`, `'${JSON.stringify(options.remoteUserDataUri)}'`)
.replace(`"{{PRODUCT_CONFIGURATION}}"`, `'${JSON.stringify(options.productConfiguration)}'`)
.replace(`"{{WORKBENCH_WEB_CONFIGURATION}}"`, `'${JSON.stringify(options.workbenchWebConfiguration)}'`)
.replace(`"{{NLS_CONFIGURATION}}"`, `'${JSON.stringify(options.nlsConfiguration)}'`),
)
})
this._vscode = new Promise((resolve, reject) => {
vscode.once("message", (message: VscodeMessage) => {
logger.debug("got message from vs code", field("message", message))
return message.type === "ready"
? resolve(vscode)
: reject(new Error("Unexpected response waiting for ready response"))
})
vscode.once("error", reject)
vscode.once("exit", (code) => reject(new Error(`VS Code exited unexpectedly with code ${code}`)))
})
}
return this._vscode
}
public async handleWebSocket(route: Route, request: http.IncomingMessage, socket: net.Socket): Promise<void> {
if (!this.authenticated(request)) {
throw new Error("not authenticated")
}
// VS Code expects a raw socket. It will handle all the web socket frames.
// We just need to handle the initial upgrade.
// This magic value is specified by the websocket spec.
router.ws("/", async (socket, _, req) => {
ensureAuthenticated(req)
const magic = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
const reply = crypto
.createHash("sha1")
.update(request.headers["sec-websocket-key"] + magic)
.update(req.headers["sec-websocket-key"] + magic)
.digest("base64")
socket.write(
[
@ -111,127 +68,32 @@ export class VscodeHttpProvider extends HttpProvider {
`Sec-WebSocket-Accept: ${reply}`,
].join("\r\n") + "\r\n\r\n",
)
const vscode = await this._vscode
this.send({ type: "socket", query: route.query }, vscode, socket)
}
private send(message: CodeServerMessage, vscode?: cp.ChildProcess, socket?: net.Socket): void {
if (!vscode || vscode.killed) {
throw new Error("vscode is not running")
}
vscode.send(message, socket)
}
public async handleRequest(route: Route, request: http.IncomingMessage): Promise<HttpResponse> {
this.ensureMethod(request)
switch (route.base) {
case "/":
if (!this.isRoot(route)) {
throw new HttpError("Not found", HttpCode.NotFound)
} else if (!this.authenticated(request)) {
return { redirect: "/login", query: { to: route.providerBase } }
}
try {
return await this.getRoot(request, route)
} catch (error) {
const message = `<div>VS Code failed to load.</div> ${
this.isDev
? `<div>It might not have finished compiling.</div>` +
`Check for <code>Finished <span class="success">compilation</span></code> in the output.`
: ""
} <br><br>${error}`
return this.getErrorRoot(route, "VS Code failed to load", "500", message)
}
}
this.ensureAuthenticated(request)
switch (route.base) {
case "/resource":
case "/vscode-remote-resource":
if (typeof route.query.path === "string") {
return this.getResource(pathToFsPath(route.query.path))
}
break
case "/webview":
if (/^\/vscode-resource/.test(route.requestPath)) {
return this.getResource(route.requestPath.replace(/^\/vscode-resource(\/file)?/, ""))
}
return this.getResource(this.vsRootPath, "out/vs/workbench/contrib/webview/browser/pre", route.requestPath)
}
throw new HttpError("Not found", HttpCode.NotFound)
}
private async getRoot(request: http.IncomingMessage, route: Route): Promise<HttpResponse> {
const remoteAuthority = request.headers.host as string
const { lastVisited } = await settings.read()
const startPath = await this.getFirstPath([
{ url: route.query.workspace, workspace: true },
{ url: route.query.folder, workspace: false },
this.args._ && this.args._.length > 0 ? { url: path.resolve(this.args._[this.args._.length - 1]) } : undefined,
lastVisited,
])
const [response, options] = await Promise.all([
await this.getUtf8Resource(this.rootPath, "src/browser/pages/vscode.html"),
this.initialize({
args: this.args,
remoteAuthority,
startPath,
}),
])
settings.write({
lastVisited: startPath || lastVisited, // If startpath is undefined, then fallback to lastVisited
query: route.query,
await vscode.sendWebsocket(socket, req.query)
})
if (!this.isDev) {
response.content = response.content.replace(/<!-- PROD_ONLY/g, "").replace(/END_PROD_ONLY -->/g, "")
router.get("/resource(/*)?", async (req, res) => {
ensureAuthenticated(req)
if (typeof req.query.path === "string") {
res.set("Content-Type", getMediaMime(req.query.path))
res.send(await fs.readFile(pathToFsPath(req.query.path)))
}
options.productConfiguration.codeServerVersion = require("../../../package.json").version
response.content = response.content
.replace(`"{{REMOTE_USER_DATA_URI}}"`, `'${JSON.stringify(options.remoteUserDataUri)}'`)
.replace(`"{{PRODUCT_CONFIGURATION}}"`, `'${JSON.stringify(options.productConfiguration)}'`)
.replace(`"{{WORKBENCH_WEB_CONFIGURATION}}"`, `'${JSON.stringify(options.workbenchWebConfiguration)}'`)
.replace(`"{{NLS_CONFIGURATION}}"`, `'${JSON.stringify(options.nlsConfiguration)}'`)
return this.replaceTemplates<Options>(route, response, {
disableTelemetry: !!this.args["disable-telemetry"],
})
}
/**
* Choose the first non-empty path.
*/
private async getFirstPath(
startPaths: Array<{ url?: string | string[]; workspace?: boolean } | undefined>,
): Promise<StartPath | undefined> {
const isFile = async (path: string): Promise<boolean> => {
try {
const stat = await fs.stat(path)
return stat.isFile()
} catch (error) {
logger.warn(error.message)
return false
}
}
for (let i = 0; i < startPaths.length; ++i) {
const startPath = startPaths[i]
const url = arrayify(startPath && startPath.url).find((p) => !!p)
if (startPath && url) {
return {
url,
// The only time `workspace` is undefined is for the command-line
// argument, in which case it's a path (not a URL) so we can stat it
// without having to parse it.
workspace: typeof startPath.workspace !== "undefined" ? startPath.workspace : await isFile(url),
}
}
}
return undefined
router.get("/vscode-remote-resource(/*)?", async (req, res) => {
ensureAuthenticated(req)
if (typeof req.query.path === "string") {
res.set("Content-Type", getMediaMime(req.query.path))
res.send(await fs.readFile(pathToFsPath(req.query.path)))
}
})
router.get("/webview/*", async (req, res) => {
ensureAuthenticated(req)
res.set("Content-Type", getMediaMime(req.path))
if (/^\/vscode-resource/.test(req.path)) {
return res.send(await fs.readFile(req.path.replace(/^\/vscode-resource(\/file)?/, "")))
}
return res.send(
await fs.readFile(path.join(vscode.vsRootPath, "out/vs/workbench/contrib/webview/browser/pre", req.params[0])),
)
})

View File

@ -1,7 +1,7 @@
import { logger } from "@coder/logger"
import { Query } from "express-serve-static-core"
import * as fs from "fs-extra"
import * as path from "path"
import { Route } from "./http"
import { paths } from "./util"
export type Settings = { [key: string]: Settings | string | boolean | number }
@ -58,7 +58,7 @@ export interface CoderSettings extends UpdateSettings {
url: string
workspace: boolean
}
query: Route["query"]
query: Query
}
/**

133
src/node/update.ts Normal file
View File

@ -0,0 +1,133 @@
import { field, logger } from "@coder/logger"
import * as http from "http"
import * as https from "https"
import * as semver from "semver"
import * as url from "url"
import { version } from "./constants"
import { settings as globalSettings, SettingsProvider, UpdateSettings } from "./settings"
export interface Update {
checked: number
version: string
}
export interface LatestResponse {
name: string
}
/**
* Provide update information.
*/
export class UpdateProvider {
private update?: Promise<Update>
private updateInterval = 1000 * 60 * 60 * 24 // Milliseconds between update checks.
public constructor(
/**
* The URL for getting the latest version of code-server. Should return JSON
* that fulfills `LatestResponse`.
*/
private readonly latestUrl = "https://api.github.com/repos/cdr/code-server/releases/latest",
/**
* Update information will be stored here. If not provided, the global
* settings will be used.
*/
private readonly settings: SettingsProvider<UpdateSettings> = globalSettings,
) {}
/**
* Query for and return the latest update.
*/
public async getUpdate(force?: boolean): Promise<Update> {
// Don't run multiple requests at a time.
if (!this.update) {
this.update = this._getUpdate(force)
this.update.then(() => (this.update = undefined))
}
return this.update
}
private async _getUpdate(force?: boolean): Promise<Update> {
const now = Date.now()
try {
let { update } = !force ? await this.settings.read() : { update: undefined }
if (!update || update.checked + this.updateInterval < now) {
const buffer = await this.request(this.latestUrl)
const data = JSON.parse(buffer.toString()) as LatestResponse
update = { checked: now, version: data.name.replace(/^v/, "") }
await this.settings.write({ update })
}
logger.debug("got latest version", field("latest", update.version))
return update
} catch (error) {
logger.error("Failed to get latest version", field("error", error.message))
return {
checked: now,
version: "unknown",
}
}
}
/**
* Return true if the currently installed version is the latest.
*/
public isLatestVersion(latest: Update): boolean {
logger.debug("comparing versions", field("current", version), field("latest", latest.version))
try {
return latest.version === version || semver.lt(latest.version, version)
} catch (error) {
return true
}
}
private async request(uri: string): Promise<Buffer> {
const response = await this.requestResponse(uri)
return new Promise((resolve, reject) => {
const chunks: Buffer[] = []
let bufferLength = 0
response.on("data", (chunk) => {
bufferLength += chunk.length
chunks.push(chunk)
})
response.on("error", reject)
response.on("end", () => {
resolve(Buffer.concat(chunks, bufferLength))
})
})
}
private async requestResponse(uri: string): Promise<http.IncomingMessage> {
let redirects = 0
const maxRedirects = 10
return new Promise((resolve, reject) => {
const request = (uri: string): void => {
logger.debug("Making request", field("uri", uri))
const httpx = uri.startsWith("https") ? https : http
const client = httpx.get(uri, { headers: { "User-Agent": "code-server" } }, (response) => {
if (
response.statusCode &&
response.statusCode >= 300 &&
response.statusCode < 400 &&
response.headers.location
) {
++redirects
if (redirects > maxRedirects) {
return reject(new Error("reached max redirects"))
}
response.destroy()
return request(url.resolve(uri, response.headers.location))
}
if (!response.statusCode || response.statusCode < 200 || response.statusCode >= 400) {
return reject(new Error(`${uri}: ${response.statusCode || "500"}`))
}
resolve(response)
})
client.on("error", reject)
}
request(uri)
})
}
}

150
src/node/vscode.ts Normal file
View File

@ -0,0 +1,150 @@
import { field, logger } from "@coder/logger"
import * as cp from "child_process"
import * as fs from "fs-extra"
import * as net from "net"
import * as path from "path"
import * as ipc from "../../lib/vscode/src/vs/server/ipc"
import { arrayify, generateUuid } from "../common/util"
import { rootPath } from "./constants"
import { settings } from "./settings"
export class VscodeProvider {
public readonly serverRootPath: string
public readonly vsRootPath: string
private _vscode?: Promise<cp.ChildProcess>
public constructor() {
this.vsRootPath = path.resolve(rootPath, "lib/vscode")
this.serverRootPath = path.join(this.vsRootPath, "out/vs/server")
}
public async dispose(): Promise<void> {
if (this._vscode) {
const vscode = await this._vscode
vscode.removeAllListeners()
this._vscode = undefined
vscode.kill()
}
}
public async initialize(
options: Omit<ipc.VscodeOptions, "startPath">,
query: ipc.Query,
): Promise<ipc.WorkbenchOptions> {
const { lastVisited } = await settings.read()
const startPath = await this.getFirstPath([
{ url: query.workspace, workspace: true },
{ url: query.folder, workspace: false },
options.args._ && options.args._.length > 0
? { url: path.resolve(options.args._[options.args._.length - 1]) }
: undefined,
lastVisited,
])
settings.write({
lastVisited: startPath,
query,
})
const id = generateUuid()
const vscode = await this.fork()
logger.debug("setting up vs code...")
return new Promise<ipc.WorkbenchOptions>((resolve, reject) => {
vscode.once("message", (message: ipc.VscodeMessage) => {
logger.debug("got message from vs code", field("message", message))
return message.type === "options" && message.id === id
? resolve(message.options)
: reject(new Error("Unexpected response during initialization"))
})
vscode.once("error", reject)
vscode.once("exit", (code) => reject(new Error(`VS Code exited unexpectedly with code ${code}`)))
this.send(
{
type: "init",
id,
options: {
...options,
startPath,
},
},
vscode,
)
})
}
private fork(): Promise<cp.ChildProcess> {
if (!this._vscode) {
logger.debug("forking vs code...")
const vscode = cp.fork(path.join(this.serverRootPath, "fork"))
vscode.on("error", (error) => {
logger.error(error.message)
this._vscode = undefined
})
vscode.on("exit", (code) => {
logger.error(`VS Code exited unexpectedly with code ${code}`)
this._vscode = undefined
})
this._vscode = new Promise((resolve, reject) => {
vscode.once("message", (message: ipc.VscodeMessage) => {
logger.debug("got message from vs code", field("message", message))
return message.type === "ready"
? resolve(vscode)
: reject(new Error("Unexpected response waiting for ready response"))
})
vscode.once("error", reject)
vscode.once("exit", (code) => reject(new Error(`VS Code exited unexpectedly with code ${code}`)))
})
}
return this._vscode
}
/**
* VS Code expects a raw socket. It will handle all the web socket frames.
*/
public async sendWebsocket(socket: net.Socket, query: ipc.Query): Promise<void> {
// TODO: TLS socket proxy.
const vscode = await this._vscode
this.send({ type: "socket", query }, vscode, socket)
}
private send(message: ipc.CodeServerMessage, vscode?: cp.ChildProcess, socket?: net.Socket): void {
if (!vscode || vscode.killed) {
throw new Error("vscode is not running")
}
vscode.send(message, socket)
}
/**
* Choose the first non-empty path.
*/
private async getFirstPath(
startPaths: Array<{ url?: string | string[] | ipc.Query | ipc.Query[]; workspace?: boolean } | undefined>,
): Promise<ipc.StartPath | undefined> {
const isFile = async (path: string): Promise<boolean> => {
try {
const stat = await fs.stat(path)
return stat.isFile()
} catch (error) {
logger.warn(error.message)
return false
}
}
for (let i = 0; i < startPaths.length; ++i) {
const startPath = startPaths[i]
const url = arrayify(startPath && startPath.url).find((p) => !!p)
if (startPath && url && typeof url === "string") {
return {
url,
// The only time `workspace` is undefined is for the command-line
// argument, in which case it's a path (not a URL) so we can stat it
// without having to parse it.
workspace: typeof startPath.workspace !== "undefined" ? startPath.workspace : await isFile(url),
}
}
}
return undefined
}
}

View File

@ -2,9 +2,8 @@ import * as assert from "assert"
import * as fs from "fs-extra"
import * as http from "http"
import * as path from "path"
import { AuthType } from "../src/node/cli"
import { LatestResponse, UpdateHttpProvider } from "../src/node/routes/update"
import { SettingsProvider, UpdateSettings } from "../src/node/settings"
import { LatestResponse, UpdateProvider } from "../src/node/update"
import { tmpdir } from "../src/node/util"
describe.skip("update", () => {
@ -34,22 +33,14 @@ describe.skip("update", () => {
const jsonPath = path.join(tmpdir, "tests/updates/update.json")
const settings = new SettingsProvider<UpdateSettings>(jsonPath)
let _provider: UpdateHttpProvider | undefined
const provider = (): UpdateHttpProvider => {
let _provider: UpdateProvider | undefined
const provider = (): UpdateProvider => {
if (!_provider) {
const address = server.address()
if (!address || typeof address === "string" || !address.port) {
throw new Error("unexpected address")
}
_provider = new UpdateHttpProvider(
{
auth: AuthType.None,
commit: "test",
},
true,
`http://${address.address}:${address.port}/latest`,
settings,
)
_provider = new UpdateProvider(`http://${address.address}:${address.port}/latest`, settings)
}
return _provider
}
@ -153,14 +144,10 @@ describe.skip("update", () => {
})
it("should not reject if unable to fetch", async () => {
const options = {
auth: AuthType.None,
commit: "test",
}
let provider = new UpdateHttpProvider(options, true, "invalid", settings)
let provider = new UpdateProvider("invalid", settings)
await assert.doesNotReject(() => provider.getUpdate(true))
provider = new UpdateHttpProvider(options, true, "http://probably.invalid.dev.localhost/latest", settings)
provider = new UpdateProvider("http://probably.invalid.dev.localhost/latest", settings)
await assert.doesNotReject(() => provider.getUpdate(true))
})
})

View File

@ -1013,7 +1013,7 @@
traverse "^0.6.6"
unified "^6.1.6"
"@types/body-parser@*":
"@types/body-parser@*", "@types/body-parser@^1.19.0":
version "1.19.0"
resolved "https://registry.yarnpkg.com/@types/body-parser/-/body-parser-1.19.0.tgz#0685b3c47eb3006ffed117cdd55164b61f80538f"
integrity sha512-W98JrE0j2K78swW4ukqMleo8R7h/pFETjM2DQ90MF6XK2i4LO4W3gQ71Lt4w3bfm2EvVSyWHplECvB5sK22yFQ==
@ -1028,6 +1028,13 @@
dependencies:
"@types/node" "*"
"@types/cookie-parser@^1.4.2":
version "1.4.2"
resolved "https://registry.yarnpkg.com/@types/cookie-parser/-/cookie-parser-1.4.2.tgz#e4d5c5ffda82b80672a88a4281aaceefb1bd9df5"
integrity sha512-uwcY8m6SDQqciHsqcKDGbo10GdasYsPCYkH3hVegj9qAah6pX5HivOnOuI3WYmyQMnOATV39zv/Ybs0bC/6iVg==
dependencies:
"@types/express" "*"
"@types/eslint-visitor-keys@^1.0.0":
version "1.0.0"
resolved "https://registry.yarnpkg.com/@types/eslint-visitor-keys/-/eslint-visitor-keys-1.0.0.tgz#1ee30d79544ca84d68d4b3cdb0af4f205663dd2d"
@ -1042,7 +1049,7 @@
"@types/qs" "*"
"@types/range-parser" "*"
"@types/express@^4.17.8":
"@types/express@*", "@types/express@^4.17.8":
version "4.17.8"
resolved "https://registry.yarnpkg.com/@types/express/-/express-4.17.8.tgz#3df4293293317e61c60137d273a2e96cd8d5f27a"
integrity sha512-wLhcKh3PMlyA2cNAB9sjM1BntnhPMiM0JOBwPBqttjHev2428MLEB4AYVN+d8s2iyCVZac+o41Pflm/ZH5vLXQ==
@ -1659,7 +1666,7 @@ bn.js@^5.1.1:
resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-5.1.3.tgz#beca005408f642ebebea80b042b4d18d2ac0ee6b"
integrity sha512-GkTiFpjFtUzU9CbMeJ5iazkCzGL3jrhzerzZIuqLABjbwRaFt33I9tUdSNryIptM+RxDet6OKm2WnLXzW51KsQ==
body-parser@1.19.0:
body-parser@1.19.0, body-parser@^1.19.0:
version "1.19.0"
resolved "https://registry.yarnpkg.com/body-parser/-/body-parser-1.19.0.tgz#96b2709e57c9c4e09a6fd66a8fd979844f69f08a"
integrity sha512-dhEPs72UPbDnAQJ9ZKMNTP6ptJaionhP5cBb541nXPlW60Jepo9RV/a4fX4XWW9CuFNK22krhrj1+rgzifNCsw==
@ -2251,6 +2258,14 @@ convert-source-map@^1.5.1, convert-source-map@^1.7.0:
dependencies:
safe-buffer "~5.1.1"
cookie-parser@^1.4.5:
version "1.4.5"
resolved "https://registry.yarnpkg.com/cookie-parser/-/cookie-parser-1.4.5.tgz#3e572d4b7c0c80f9c61daf604e4336831b5d1d49"
integrity sha512-f13bPUj/gG/5mDr+xLmSxxDsB9DQiTIfhJS/sqjrmfAWiAN+x2O4i/XguTL9yDZ+/IFDanJ+5x7hC4CXT9Tdzw==
dependencies:
cookie "0.4.0"
cookie-signature "1.0.6"
cookie-signature@1.0.6:
version "1.0.6"
resolved "https://registry.yarnpkg.com/cookie-signature/-/cookie-signature-1.0.6.tgz#e303a882b342cc3ee8ca513a79999734dab3ae2c"