Fix polyfill for crypto in the middleware (#418)

conico974 · web-flow · commit 61066fe63184 · 2024-05-24T12:44:38.000+02:00
* fix crypto polyfill for the middleware

* update version

* Create brave-games-argue.md
diff --git a/.changeset/brave-games-argue.md b/.changeset/brave-games-argue.md
@@ -0,0 +1,5 @@
+---
+"open-next": patch
+---
+
+Fix polyfill for crypto in the middleware 
diff --git a/packages/open-next/package.json b/packages/open-next/package.json
@@ -3,7 +3,7 @@
     "access": "public"
   },
   "name": "open-next",
-  "version": "3.0.1",
+  "version": "3.0.1-middleware-fix",
   "bin": {
     "open-next": "./dist/index.js"
   },
diff --git a/packages/open-next/src/converters/aws-apigw-v2.ts b/packages/open-next/src/converters/aws-apigw-v2.ts
@@ -6,6 +6,31 @@ import { debug } from "../adapters/logger";
 import { convertToQuery } from "../core/routing/util";
 import { removeUndefinedFromQuery } from "./utils";
 
+// Not sure which one is reallly needed as this is not documented anywhere but server actions redirect are not working without this, it causes a 500 error from cloudfront itself with a 'x-amzErrortype: InternalFailure' header
+const CloudFrontBlacklistedHeaders = [
+  "connection",
+  "expect",
+  "keep-alive",
+  "proxy-authenticate",
+  "proxy-authorization",
+  "proxy-connection",
+  "trailer",
+  "upgrade",
+  "x-accel-buffering",
+  "x-accel-charset",
+  "x-accel-limit-rate",
+  "x-accel-redirect",
+  /x-amz-cf-(.*)/,
+  /x-amzn-(.*)/,
+  /x-edge-(.*)/,
+  "x-cache",
+  "x-forwarded-proto",
+  "x-real-ip",
+  "set-cookie",
+  "age",
+  "via",
+];
+
 function normalizeAPIGatewayProxyEventV2Body(
   event: APIGatewayProxyEventV2,
 ): Buffer {
@@ -65,7 +90,12 @@ function convertToApiGatewayProxyResultV2(
 ): APIGatewayProxyResultV2 {
   const headers: Record<string, string> = {};
   Object.entries(result.headers)
-    .filter(([key]) => key.toLowerCase() !== "set-cookie")
+    .filter(
+      ([key]) =>
+        !CloudFrontBlacklistedHeaders.some((header) =>
+          typeof header === "string" ? header === key : header.test(key),
+        ),
+    )
     .forEach(([key, value]) => {
       if (value === null) {
         headers[key] = "";
diff --git a/packages/open-next/src/plugins/edge.ts b/packages/open-next/src/plugins/edge.ts
@@ -99,10 +99,6 @@ globalThis._ROUTES = ${JSON.stringify(routes)};
 
 import {Buffer} from "node:buffer";
 globalThis.Buffer = Buffer;
-import crypto from "node:crypto";
-if(!globalThis.crypto){
-  globalThis.crypto = crypto;
-}
 
 import {AsyncLocalStorage} from "node:async_hooks";
 globalThis.AsyncLocalStorage = AsyncLocalStorage;
@@ -125,6 +121,26 @@ class OverrideRequest extends Request {
   }
 }
 globalThis.Request = OverrideRequest;
+
+// If we're not in cloudflare, we polyfill crypto
+// https://github.com/vercel/edge-runtime/blob/main/packages/primitives/src/primitives/crypto.js
+import { webcrypto } from 'node:crypto'
+if(!globalThis.crypto){
+  globalThis.crypto = new webcrypto.Crypto()
+}
+if(!globalThis.CryptoKey){
+  globalThis.CryptoKey = webcrypto.CryptoKey
+}
+function SubtleCrypto() {
+  if (!(this instanceof SubtleCrypto)) return new SubtleCrypto()
+  throw TypeError('Illegal constructor')
+}
+if(!globalThis.SubtleCrypto) {
+  globalThis.SubtleCrypto = SubtleCrypto
+}
+if(!globalThis.Crypto) {
+  globalThis.Crypto = webcrypto.Crypto
+}
 `
 }
 ${wasmFiles

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +---
 +"open-next": patch
 +---
++
 +Fix polyfill for crypto in the middleware