diff options
author | 2024-12-02 15:40:23 +0000 | |
---|---|---|
committer | 2024-12-02 15:40:23 +0000 | |
commit | 10c6b8d720f9c8d6d09b630011caab9d1fa92afe (patch) | |
tree | 6fd67d809a3c196e23d2309565c782675bfb2e13 | |
parent | 315c5f3b2a468585134f8cf4d7783abdb2521c93 (diff) | |
download | astro-10c6b8d720f9c8d6d09b630011caab9d1fa92afe.tar.gz astro-10c6b8d720f9c8d6d09b630011caab9d1fa92afe.tar.zst astro-10c6b8d720f9c8d6d09b630011caab9d1fa92afe.zip |
[ci] format
-rw-r--r-- | packages/astro/src/core/app/middlewares.ts | 8 | ||||
-rw-r--r-- | packages/astro/test/csrf-protection.test.js | 9 |
2 files changed, 10 insertions, 7 deletions
diff --git a/packages/astro/src/core/app/middlewares.ts b/packages/astro/src/core/app/middlewares.ts index 6a804627d..7c589f0c4 100644 --- a/packages/astro/src/core/app/middlewares.ts +++ b/packages/astro/src/core/app/middlewares.ts @@ -25,7 +25,7 @@ export function createOriginCheckMiddleware(): MiddlewareHandler { if (isPrerendered) { return next(); } - if (request.method === "GET") { + if (request.method === 'GET') { return next(); } const sameOrigin = @@ -34,8 +34,8 @@ export function createOriginCheckMiddleware(): MiddlewareHandler { request.method === 'PATCH' || request.method === 'DELETE') && request.headers.get('origin') === url.origin; - - const hasContentType = request.headers.has('content-type') + + const hasContentType = request.headers.has('content-type'); if (hasContentType) { const formLikeHeader = hasFormLikeHeader(request.headers.get('content-type')); if (formLikeHeader && !sameOrigin) { @@ -51,7 +51,7 @@ export function createOriginCheckMiddleware(): MiddlewareHandler { } } - return next() + return next(); }); } diff --git a/packages/astro/test/csrf-protection.test.js b/packages/astro/test/csrf-protection.test.js index f8067000d..5b70e3650 100644 --- a/packages/astro/test/csrf-protection.test.js +++ b/packages/astro/test/csrf-protection.test.js @@ -48,17 +48,20 @@ describe('CSRF origin check', () => { assert.equal(response.status, 403); request = new Request('http://example.com/api/', { - headers: { origin: 'http://loreum.com', 'content-type': 'application/x-www-form-urlencoded; some-other-value' }, + headers: { + origin: 'http://loreum.com', + 'content-type': 'application/x-www-form-urlencoded; some-other-value', + }, method: 'POST', }); response = await app.render(request); assert.equal(response.status, 403); request = new Request('http://example.com/api/', { - headers: { origin: 'http://loreum.com', }, + headers: { origin: 'http://loreum.com' }, method: 'POST', credentials: 'include', - body: new Blob(["a=b"],{}) + body: new Blob(['a=b'], {}), }); response = await app.render(request); assert.equal(response.status, 403); |