Skip to content

Commit

Permalink
Merge pull request #261 from webpack-contrib/relative-links-to-assets
Browse files Browse the repository at this point in the history
Use relative links for serving internal assets
  • Loading branch information
th0r authored Apr 11, 2019
2 parents 3ce1b8c + 99818f9 commit ca34279
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 2 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ _Note: Gaps between patch versions are faulty, broken or test releases._
<!-- Add changelog entries for new changes under this section -->

* **Improvements**
* Use relative links for serving internal assets ([#261](https://github.com/webpack-contrib/webpack-bundle-analyzer/pull/261), fixes [#254](https://github.com/webpack-contrib/webpack-bundle-analyzer/issues/254))
* Properly escape embedded JS/JSON ([#262](https://github.com/webpack-contrib/webpack-bundle-analyzer/pull/262))

* **Bug Fix**
Expand Down
9 changes: 8 additions & 1 deletion src/viewer.js
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ const Logger = require('./Logger');
const analyzer = require('./analyzer');

const projectRoot = path.resolve(__dirname, '..');
const assetsRoot = path.join(projectRoot, 'public');

module.exports = {
startServer,
Expand Down Expand Up @@ -169,7 +170,13 @@ async function generateReport(bundleStats, opts) {
}

function getAssetContent(filename) {
return fs.readFileSync(`${projectRoot}/public/${filename}`, 'utf8');
const assetPath = path.join(assetsRoot, filename);

if (!assetPath.startsWith(assetsRoot)) {
throw new Error(`"${filename}" is outside of the assets root`);
}

return fs.readFileSync(assetPath, 'utf8');
}

/**
Expand Down
2 changes: 1 addition & 1 deletion views/script.ejs
Original file line number Diff line number Diff line change
Expand Up @@ -4,5 +4,5 @@
<%- escapeScript(assetContent(filename)) %>
</script>
<% } else { %>
<script src="/<%= filename %>"></script>
<script src="<%= filename %>"></script>
<% } %>

0 comments on commit ca34279

Please sign in to comment.