Skip to content

Commit ad671e0

Browse files
bartvenemanbartveneman
authored
validate url before passing to puppeteer or got (projectwallace#13)
1 parent 3ca0321 commit ad671e0

File tree

3 files changed

+97
-62
lines changed

3 files changed

+97
-62
lines changed

index.js

Lines changed: 21 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,18 @@
11
const got = require('got')
22
const chromium = require('chrome-aws-lambda')
33
const normalizeUrl = require('normalize-url')
4+
const isUrl = require('is-url')
45

56
const extractCss = async url => {
67
const browser = await chromium.puppeteer.launch({
78
executablePath: await chromium.executablePath,
89
args: chromium.args,
9-
headless: chromium.headless
10+
headless: true
1011
})
1112

1213
const page = await browser.newPage()
1314

14-
// // Start CSS coverage. This is the meat and bones of this module
15+
// Start CSS coverage. This is the meat and bones of this module
1516
await page.coverage.startCSSCoverage()
1617

1718
const response = await page.goto(url, { waitUntil: 'networkidle2' })
@@ -23,15 +24,13 @@ const extractCss = async url => {
2324

2425
return Promise.reject(
2526
new Error(
26-
`There was an error retrieving CSS from ${url}.\n\tHTTP status code: ${
27-
response.statusCode
28-
} (${response.statusText})`
27+
`There was an error retrieving CSS from ${url}.\n\tHTTP status code: ${response.statusCode} (${response.statusText})`
2928
)
3029
)
3130
}
3231

33-
// // Coverage contains a lot of <style> and <link> CSS,
34-
// // but not all...
32+
// Coverage contains a lot of <style> and <link> CSS,
33+
// but not all...
3534
const coverage = await page.coverage.stopCSSCoverage()
3635

3736
// Get all CSS generated with the CSSStyleSheet API
@@ -67,15 +66,27 @@ const extractCss = async url => {
6766
module.exports = async (req, res) => {
6867
const url = normalizeUrl(req.url.slice(1), { stripWWW: false })
6968

69+
if (!isUrl(url)) {
70+
res.statusCode = 406
71+
res.setHeader('Content-Type', 'application/json')
72+
return res.end(
73+
JSON.stringify({
74+
message: 'The provided URL is not valid'
75+
})
76+
)
77+
}
78+
7079
try {
7180
const css = url.endsWith('.css')
7281
? (await got(url)).body
7382
: await extractCss(url)
7483

7584
res.setHeader('Content-Type', 'text/css')
76-
77-
return res.status(200).send(css)
85+
res.statusCode = 200
86+
return res.end(css)
7887
} catch (error) {
79-
return res.status(400).json(error)
88+
res.statusCode = 500
89+
res.setHeader('Content-Type', 'application/json')
90+
return res.end(JSON.stringify(error))
8091
}
8192
}

package-lock.json

Lines changed: 73 additions & 51 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,9 +12,11 @@
1212
},
1313
"license": "MIT",
1414
"dependencies": {
15-
"chrome-aws-lambda": "^1.18.1",
15+
"chrome-aws-lambda": "^1.19.0",
1616
"got": "^9.6.0",
17+
"is-url": "^1.2.4",
1718
"normalize-url": "^4.3.0",
19+
"puppeteer": "^1.19.0",
1820
"puppeteer-core": "^1.18.1"
1921
},
2022
"devDependencies": {

0 commit comments

Comments
 (0)