(request: NextRequest)
| 37 | type URLWithMode = { url: URL; mode: 'url' | 'url-host' }; |
| 38 | |
| 39 | export async function middleware(request: NextRequest) { |
| 40 | try { |
| 41 | const requestURL = new URL(request.url); |
| 42 | |
| 43 | // Redirect to normalize the URL |
| 44 | const normalized = normalizeURL(requestURL); |
| 45 | if (normalized.toString() !== requestURL.toString()) { |
| 46 | return NextResponse.redirect(normalized.toString()); |
| 47 | } |
| 48 | |
| 49 | // Reject malicious requests |
| 50 | const rejectResponse = await validateServerActionRequest(request); |
| 51 | if (rejectResponse) { |
| 52 | return rejectResponse; |
| 53 | } |
| 54 | |
| 55 | for (const handler of [serveSiteRoutes, serveSpacePDFRoutes]) { |
| 56 | const result = await handler(requestURL, request); |
| 57 | if (result) { |
| 58 | return result; |
| 59 | } |
| 60 | } |
| 61 | |
| 62 | return NextResponse.next(); |
| 63 | } catch (error) { |
| 64 | return serveErrorResponse(error as Error); |
| 65 | } |
| 66 | } |
| 67 | |
| 68 | async function validateServerActionRequest(request: NextRequest) { |
| 69 | // First thing we need to do is validate that the header is in a correct format. |
nothing calls this directly
no test coverage detected