feat(isr): add allowed query params options #1743 #1757
Conversation
☁️ Nx Cloud ReportCI is running/has finished running commands for commit 3ab8d52. As they complete they will appear below. Click to see the status, the terminal output, and the build insights. 📂 See all runs for this CI Pipeline Execution ✅ Successfully ran 7 targetsSent with 💌 from NxCloud. |
|
Hi @maxisam |
|
sure, not sure where should I put this. I did put some doc in the comments with the config |
|
@eneajaho Thanks for the review, could you rerun the build? |
|
@eneajaho everything is green 🎉 |
| }); | ||
|
|
||
| it('should include only allowed query parameters in the result', () => { | ||
| const url = '/page?allowed=value&disallowed=value'; |
There was a problem hiding this comment.
since penetration tests would still try weird things, what would be with the cases:
- `const url = '/page?allowed=value&disallowed=value&allowed=value2';
- `const url = '/page?allowed=value&disallowed=value&allowed=value';
There was a problem hiding this comment.
ummm, the current behavior is simply just removing disallowed parts and keep all allowed parts
so they will be
- `const url = '/page?allowed=value&allowed=value2';
- `const url = '/page?allowed=value&allowed=value';
I guess we can override the duplicated one ?
so we should make it like
- `const url = '/page?allowed=value2';
- `const url = '/page?allowed=value';
another thought is I actually want to make the getCacheKey like a pluggable function.
so everyone can have their own cacheKey.
@eneajaho how do you think about pluggable cacheKey function?
There was a problem hiding this comment.
@maxisam Yeah we can make the cacheKey function pluggable, good idea.
There was a problem hiding this comment.
Let's add it in another PR. Just merged this one.
Co-authored-by: Enea Jahollari <[email protected]>
Co-authored-by: Enea Jahollari <[email protected]>
eneajaho
force-pushed
the
feat/query-params
branch
from
c396928 to
17fc093
Compare
3 participants
this should fix #1743 #1720