plastichub/Sink-UrlShortener
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

feat: disable query string redirection by default

Browse Source 
Enhances security and performance by preventing query strings from being carried over during redirection, aligning with best practices.
This commit is contained in:
ccbikai 2024-07-20 18:34:49 +08:00
parent 2876385f20
commit 52187d1ff6
4 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.env.example
View File

@ -3,6 +3,7 @@ NUXT_PUBLIC_SLUG_DEFAULT_LENGTH=5
NUXT_SITE_TOKEN=SinkCool NUXT_SITE_TOKEN=SinkCool
NUXT_REDIRECT_STATUS_CODE=308 NUXT_REDIRECT_STATUS_CODE=308
NUXT_LINK_CACHE_TTL=60 NUXT_LINK_CACHE_TTL=60
NUXT_REDIRECT_WITH_QUERY=false
NUXT_HOME_URL="https://sink.cool" NUXT_HOME_URL="https://sink.cool"
NUXT_CF_ACCOUNT_ID=123456 NUXT_CF_ACCOUNT_ID=123456
NUXT_CF_API_TOKEN=CloudflareAPIToken NUXT_CF_API_TOKEN=CloudflareAPIToken

4
docs/configuration.md
View File

@ -18,6 +18,10 @@ Redirects default to use HTTP 301 status code, you can set it to `302`/`307`/`30
Cache links can speed up access, but setting them too long may result in slow changes taking effect. The default value is 60 seconds. Cache links can speed up access, but setting them too long may result in slow changes taking effect. The default value is 60 seconds.
## `NUXT_REDIRECT_WITH_QUERY`
URL parameters are not carried during link redirection by default and it is not recommended to enable this feature.
## `NUXT_HOME_URL` ## `NUXT_HOME_URL`
The default Sink homepage is the introduction page, you can replace it with your own website. The default Sink homepage is the introduction page, you can replace it with your own website.

1
nuxt.config.ts
View File

@ -53,6 +53,7 @@ export default defineNuxtConfig({
siteToken: 'SinkCool', siteToken: 'SinkCool',
redirectStatusCode: '301', redirectStatusCode: '301',
linkCacheTtl: 60, linkCacheTtl: 60,
redirectWithQuery: false,
homeURL: '', homeURL: '',
cfAccountId: '', cfAccountId: '',
cfApiToken: '', cfApiToken: '',

7
server/middleware/1.redirect.ts
View File

@ -1,11 +1,11 @@
import type { z } from 'zod' import type { z } from 'zod'
import { parsePath } from 'ufo' import { parsePath, withQuery } from 'ufo'
import type { LinkSchema } from '@/schemas/link' import type { LinkSchema } from '@/schemas/link'
export default eventHandler(async (event) => { export default eventHandler(async (event) => {
const { pathname: slug } = parsePath(event.path.slice(1)) // remove leading slash const { pathname: slug } = parsePath(event.path.slice(1)) // remove leading slash
const { slugRegex, reserveSlug } = useAppConfig(event) const { slugRegex, reserveSlug } = useAppConfig(event)
const { homeURL, linkCacheTtl } = useRuntimeConfig(event) const { homeURL, linkCacheTtl, redirectWithQuery } = useRuntimeConfig(event)
const { cloudflare } = event.context const { cloudflare } = event.context
if (event.path === '/' && homeURL) if (event.path === '/' && homeURL)
@ -22,7 +22,8 @@ export default eventHandler(async (event) => {
catch (error) { catch (error) {
console.error('Failed write access log:', error) console.error('Failed write access log:', error)
} }
return sendRedirect(event, link.url, +useRuntimeConfig(event).redirectStatusCode) const target = redirectWithQuery ? withQuery(link.url, getQuery(event)) : link.url
return sendRedirect(event, target, +useRuntimeConfig(event).redirectStatusCode)
} }
} }
}) })