(
req: PublicBasePathRequest,
options: { allowReferer?: boolean } = {}
)
| 517 | } |
| 518 | |
| 519 | function getRequestPublicBasePath( |
| 520 | req: PublicBasePathRequest, |
| 521 | options: { allowReferer?: boolean } = {} |
| 522 | ): string { |
| 523 | const forwardedPrefix = normalizePublicBasePath(getFirstHeaderValue(req, "x-forwarded-prefix")); |
| 524 | if (forwardedPrefix) { |
| 525 | return forwardedPrefix; |
| 526 | } |
| 527 | |
| 528 | for (const headerName of ["x-forwarded-uri", "x-original-uri", "x-original-url"] as const) { |
| 529 | const headerBasePath = getAppProxyBasePathFromRequestValue( |
| 530 | getFirstHeaderValue(req, headerName) |
| 531 | ); |
| 532 | if (headerBasePath) { |
| 533 | return headerBasePath; |
| 534 | } |
| 535 | } |
| 536 | |
| 537 | for (const requestValue of [req.originalUrl, req.url]) { |
| 538 | const requestBasePath = getAppProxyBasePathFromRequestValue(requestValue); |
| 539 | if (requestBasePath) { |
| 540 | return requestBasePath; |
| 541 | } |
| 542 | } |
| 543 | |
| 544 | // Browser mode requests include Referer by default, so this keeps cookie scope |
| 545 | // and generated app links aligned when a proxy strips the public prefix. |
| 546 | if (options.allowReferer) { |
| 547 | const refererBasePath = getAppProxyBasePathFromRequestValue( |
| 548 | getFirstHeaderValue(req, "referer") |
| 549 | ); |
| 550 | if (refererBasePath) { |
| 551 | return refererBasePath; |
| 552 | } |
| 553 | } |
| 554 | |
| 555 | return "/"; |
| 556 | } |
| 557 | |
| 558 | function setResponsePublicBasePath(res: express.Response, publicBasePath: string): void { |
| 559 | (res.locals as PublicBasePathLocals).publicBasePath = publicBasePath; |
no test coverage detected