Skip to content

Commit

Permalink
🐛 Fix unsafe referer header issue #1804
Browse files Browse the repository at this point in the history
  • Loading branch information
@padms @fernandolucchesi
padms authored and fernandolucchesi committed Aug 9, 2023
1 parent dcf0e74 commit 5979186
Show file tree
Hide file tree
Showing 7 changed files with 64 additions and 20 deletions.
17 changes: 11 additions & 6 deletions web/pageComponents/pageTemplates/MagazineIndexPage.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,13 +55,14 @@ const StyledPagination = styled(Pagination)`
`

type MagazineIndexTemplateProps = {
isServerRendered?: boolean
locale: string
pageData: MagazineIndexPageType
slug?: string
url: string
}

const MagazineIndexPage = ({ locale, pageData, slug, url }: MagazineIndexTemplateProps) => {
const MagazineIndexPage = ({ isServerRendered = false, locale, pageData, slug, url }: MagazineIndexTemplateProps) => {
const { ingress, title, hero, seoAndSome, magazineTags, footerComponent } = pageData || {}
const envPrefix = Flags.IS_GLOBAL_PROD ? 'prod' : 'dev'
const isoCode = getIsoFromLocale(locale)
Expand Down Expand Up @@ -91,11 +92,15 @@ const MagazineIndexPage = ({ locale, pageData, slug, url }: MagazineIndexTemplat
</BackgroundContainer>

<InstantSearch
searchClient={searchClient({
headers: {
Referer: url,
},
})}
searchClient={
isServerRendered
? searchClient({
headers: {
Referer: url,
},
})
: searchClient(undefined)
}
indexName={indexName}
routing={{
router: createInstantSearchRouterNext({
Expand Down
17 changes: 11 additions & 6 deletions web/pageComponents/pageTemplates/NewsRoomPage.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,13 +66,14 @@ const StyledPagination = styled(Pagination)`
`

type NewsRoomTemplateProps = {
isServerRendered: boolean
locale: string
pageData: NewsRoomPageType | undefined
slug?: string
url: string
}

const NewsRoomPage = ({ locale, pageData, slug, url }: NewsRoomTemplateProps) => {
const NewsRoomPage = ({ isServerRendered, locale, pageData, slug, url }: NewsRoomTemplateProps) => {
const { ingress, title, seoAndSome } = pageData || {}
const padding = usePaginationPadding()
const envPrefix = Flags.IS_GLOBAL_PROD ? 'prod' : 'dev'
Expand Down Expand Up @@ -202,11 +203,15 @@ const NewsRoomPage = ({ locale, pageData, slug, url }: NewsRoomTemplateProps) =>
</Intro>
<News>
<InstantSearch
searchClient={searchClient({
headers: {
Referer: url,
},
})}
searchClient={
isServerRendered
? searchClient({
headers: {
Referer: url,
},
})
: searchClient(undefined)
}
indexName={indexName}
routing={routing}
>
Expand Down
16 changes: 14 additions & 2 deletions web/pages/magasin/index.global.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,12 @@ import { AlgoliaIndexPageType, MagazineIndexPageType } from '../../types'
import { getComponentsData } from '../../lib/fetchData'
import { renderToString } from 'react-dom/server'

export default function MagazineIndexNorwegian({ serverState, data, url }: AlgoliaIndexPageType) {
export default function MagazineIndexNorwegian({
isServerRendered = false,
serverState,
data,
url,
}: AlgoliaIndexPageType) {
const defaultLocale = defaultLanguage.locale
const { pageData, slug, intl } = data
const locale = intl?.locale || defaultLocale
Expand All @@ -26,7 +31,13 @@ export default function MagazineIndexNorwegian({ serverState, data, url }: Algol
defaultLocale={getIsoFromLocale(defaultLocale)}
messages={intl?.messages}
>
<MagazineIndexPage locale={locale} pageData={pageData as MagazineIndexPageType} slug={slug} url={url} />
<MagazineIndexPage
isServerRendered={isServerRendered}
locale={locale}
pageData={pageData as MagazineIndexPageType}
slug={slug}
url={url}
/>
</IntlProvider>
</InstantSearchSSRProvider>
)
Expand Down Expand Up @@ -92,6 +103,7 @@ export const getServerSideProps: GetServerSideProps = async ({ req, preview = fa
const url = new URL(req.headers.referer || `https://${req.headers.host}${req.url}`).toString()
const serverState = await getServerState(
<MagazineIndexNorwegian
isServerRendered
data={{
intl,
pageData,
Expand Down
11 changes: 9 additions & 2 deletions web/pages/magazine/index.global.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ import { AlgoliaIndexPageType, MagazineIndexPageType } from '../../types'
import { getComponentsData } from '../../lib/fetchData'
import { renderToString } from 'react-dom/server'

export default function MagazineIndex({ serverState, data, url }: AlgoliaIndexPageType) {
export default function MagazineIndex({ isServerRendered = false, serverState, data, url }: AlgoliaIndexPageType) {
const defaultLocale = defaultLanguage.locale
const { pageData, slug, intl } = data
const locale = intl?.locale || defaultLocale
Expand All @@ -25,7 +25,13 @@ export default function MagazineIndex({ serverState, data, url }: AlgoliaIndexPa
defaultLocale={getIsoFromLocale(defaultLocale)}
messages={intl?.messages}
>
<MagazineIndexPage locale={locale} pageData={pageData as MagazineIndexPageType} slug={slug} url={url} />
<MagazineIndexPage
isServerRendered={isServerRendered}
locale={locale}
pageData={pageData as MagazineIndexPageType}
slug={slug}
url={url}
/>
</IntlProvider>
</InstantSearchSSRProvider>
)
Expand Down Expand Up @@ -92,6 +98,7 @@ export const getServerSideProps: GetServerSideProps = async ({ req, preview = fa
const url = new URL(req.headers.referer || `https://${req.headers.host}${req.url}`).toString()
const serverState = await getServerState(
<MagazineIndex
isServerRendered
data={{
intl,
pageData,
Expand Down
11 changes: 9 additions & 2 deletions web/pages/news/index.global.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ import { AlgoliaIndexPageType, NewsRoomPageType } from '../../types'
import { getComponentsData } from '../../lib/fetchData'
import { renderToString } from 'react-dom/server'

export default function NewsRoom({ serverState, data, url }: AlgoliaIndexPageType) {
export default function NewsRoom({ isServerRendered = false, serverState, data, url }: AlgoliaIndexPageType) {
const defaultLocale = defaultLanguage.locale
const { pageData, slug, intl } = data
const locale = data?.intl?.locale || defaultLocale
Expand All @@ -26,7 +26,13 @@ export default function NewsRoom({ serverState, data, url }: AlgoliaIndexPageTyp
defaultLocale={getIsoFromLocale(defaultLocale)}
messages={intl?.messages}
>
<NewsRoomPage locale={locale} pageData={pageData as NewsRoomPageType} slug={slug} url={url} />
<NewsRoomPage
isServerRendered={isServerRendered}
locale={locale}
pageData={pageData as NewsRoomPageType}
slug={slug}
url={url}
/>
</IntlProvider>
</InstantSearchSSRProvider>
)
Expand Down Expand Up @@ -93,6 +99,7 @@ export const getServerSideProps: GetServerSideProps = async ({ req, preview = fa
const url = new URL(req.headers.referer || `https://${req.headers.host}${req.url}`).toString()
const serverState = await getServerState(
<NewsRoom
isServerRendered
data={{
intl,
pageData,
Expand Down
11 changes: 9 additions & 2 deletions web/pages/nyheter/index.global.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ import { AlgoliaIndexPageType, NewsRoomPageType } from '../../types'
import { getComponentsData } from '../../lib/fetchData'
import { renderToString } from 'react-dom/server'

export default function NorwegianNewsRoom({ serverState, data, url }: AlgoliaIndexPageType) {
export default function NorwegianNewsRoom({ isServerRendered = false, serverState, data, url }: AlgoliaIndexPageType) {
const defaultLocale = defaultLanguage.locale
const { pageData, slug, intl } = data
const locale = intl?.locale || defaultLocale
Expand All @@ -26,7 +26,13 @@ export default function NorwegianNewsRoom({ serverState, data, url }: AlgoliaInd
defaultLocale={getIsoFromLocale(defaultLocale)}
messages={intl?.messages}
>
<NewsRoomPage locale={locale} pageData={pageData as NewsRoomPageType} slug={slug} url={url} />
<NewsRoomPage
isServerRendered={isServerRendered}
locale={locale}
pageData={pageData as NewsRoomPageType}
slug={slug}
url={url}
/>
</IntlProvider>
</InstantSearchSSRProvider>
)
Expand Down Expand Up @@ -90,6 +96,7 @@ export const getServerSideProps: GetServerSideProps = async ({ req, preview = fa

const serverState = await getServerState(
<NorwegianNewsRoom
isServerRendered
data={{
intl,
pageData,
Expand Down
1 change: 1 addition & 0 deletions web/types/algoliaIndexPage.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import type {
import { PortableTextBlock } from '@portabletext/types'

export type AlgoliaIndexPageType = {
isServerRendered?: boolean
serverState?: InstantSearchServerState
url: string
data: {
Expand Down

0 comments on commit 5979186

Please sign in to comment.