summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Emanuele Stoppa <ematipico@users.noreply.github.com> 2024-12-02 15:40:23 +0000
committerGravatar astrobot-houston <fred+astrobot@astro.build> 2024-12-02 15:40:23 +0000
commit10c6b8d720f9c8d6d09b630011caab9d1fa92afe (patch)
tree6fd67d809a3c196e23d2309565c782675bfb2e13
parent315c5f3b2a468585134f8cf4d7783abdb2521c93 (diff)
downloadastro-10c6b8d720f9c8d6d09b630011caab9d1fa92afe.tar.gz
astro-10c6b8d720f9c8d6d09b630011caab9d1fa92afe.tar.zst
astro-10c6b8d720f9c8d6d09b630011caab9d1fa92afe.zip
[ci] format
-rw-r--r--packages/astro/src/core/app/middlewares.ts8
-rw-r--r--packages/astro/test/csrf-protection.test.js9
2 files changed, 10 insertions, 7 deletions
diff --git a/packages/astro/src/core/app/middlewares.ts b/packages/astro/src/core/app/middlewares.ts
index 6a804627d..7c589f0c4 100644
--- a/packages/astro/src/core/app/middlewares.ts
+++ b/packages/astro/src/core/app/middlewares.ts
@@ -25,7 +25,7 @@ export function createOriginCheckMiddleware(): MiddlewareHandler {
if (isPrerendered) {
return next();
}
- if (request.method === "GET") {
+ if (request.method === 'GET') {
return next();
}
const sameOrigin =
@@ -34,8 +34,8 @@ export function createOriginCheckMiddleware(): MiddlewareHandler {
request.method === 'PATCH' ||
request.method === 'DELETE') &&
request.headers.get('origin') === url.origin;
-
- const hasContentType = request.headers.has('content-type')
+
+ const hasContentType = request.headers.has('content-type');
if (hasContentType) {
const formLikeHeader = hasFormLikeHeader(request.headers.get('content-type'));
if (formLikeHeader && !sameOrigin) {
@@ -51,7 +51,7 @@ export function createOriginCheckMiddleware(): MiddlewareHandler {
}
}
- return next()
+ return next();
});
}
diff --git a/packages/astro/test/csrf-protection.test.js b/packages/astro/test/csrf-protection.test.js
index f8067000d..5b70e3650 100644
--- a/packages/astro/test/csrf-protection.test.js
+++ b/packages/astro/test/csrf-protection.test.js
@@ -48,17 +48,20 @@ describe('CSRF origin check', () => {
assert.equal(response.status, 403);
request = new Request('http://example.com/api/', {
- headers: { origin: 'http://loreum.com', 'content-type': 'application/x-www-form-urlencoded; some-other-value' },
+ headers: {
+ origin: 'http://loreum.com',
+ 'content-type': 'application/x-www-form-urlencoded; some-other-value',
+ },
method: 'POST',
});
response = await app.render(request);
assert.equal(response.status, 403);
request = new Request('http://example.com/api/', {
- headers: { origin: 'http://loreum.com', },
+ headers: { origin: 'http://loreum.com' },
method: 'POST',
credentials: 'include',
- body: new Blob(["a=b"],{})
+ body: new Blob(['a=b'], {}),
});
response = await app.render(request);
assert.equal(response.status, 403);