Fix: Improve HTML asset URL rewriting with better logging and regex patterns
This commit is contained in:
salvacybersec
@@ -336,42 +336,54 @@ if (fs.existsSync(frontendDistPath)) {
|
|||||||
const forwardedHost = req.get('X-Forwarded-Host') || req.get('host');
|
const forwardedHost = req.get('X-Forwarded-Host') || req.get('host');
|
||||||
const baseUrl = `${protocol}://${forwardedHost}`;
|
const baseUrl = `${protocol}://${forwardedHost}`;
|
||||||
|
|
||||||
logger.info(`HTML rewrite: protocol=${protocol}, host=${forwardedHost}, baseUrl=${baseUrl}`);
|
logger.info(`HTML rewrite: protocol=${protocol}, host=${forwardedHost}, baseUrl=${baseUrl}, originalHost=${req.get('host')}`);
|
||||||
|
|
||||||
// Replace relative URLs (starting with /) in src and href attributes with absolute URLs
|
// Replace relative URLs (starting with /) in src and href attributes with absolute URLs
|
||||||
// This ensures assets are loaded with the same protocol as the page
|
// This ensures assets are loaded with the same protocol as the page
|
||||||
html = html.replace(/src="\/([^"]+)"/g, (match, path) => {
|
// Match: src="/assets/..." or href="/assets/..." or src="/vite.svg" etc.
|
||||||
// Only rewrite asset paths, not API paths
|
const assetPatterns = [
|
||||||
if (path.startsWith('assets/') || path.startsWith('vite.svg') || path.match(/\.(js|css|png|jpg|jpeg|gif|svg|ico|woff|woff2|ttf|eot)$/)) {
|
/src="\/(assets\/[^"]+)"/g,
|
||||||
return `src="${baseUrl}/${path}"`;
|
/href="\/(assets\/[^"]+)"/g,
|
||||||
}
|
/src="\/(vite\.svg)"/g,
|
||||||
return match;
|
/href="\/(vite\.svg)"/g,
|
||||||
});
|
];
|
||||||
|
|
||||||
html = html.replace(/href="\/([^"]+)"/g, (match, path) => {
|
assetPatterns.forEach(pattern => {
|
||||||
// Only rewrite asset paths, not API paths
|
html = html.replace(pattern, (match, path) => {
|
||||||
if (path.startsWith('assets/') || path.startsWith('vite.svg') || path.match(/\.(css|png|jpg|jpeg|gif|svg|ico|woff|woff2|ttf|eot)$/)) {
|
const newUrl = `${baseUrl}/${path}`;
|
||||||
return `href="${baseUrl}/${path}"`;
|
logger.info(`Rewriting ${match} to ${newUrl}`);
|
||||||
}
|
// Replace the entire match with the new absolute URL
|
||||||
return match;
|
if (match.includes('src=')) {
|
||||||
|
return `src="${newUrl}"`;
|
||||||
|
} else if (match.includes('href=')) {
|
||||||
|
return `href="${newUrl}"`;
|
||||||
|
}
|
||||||
|
return match;
|
||||||
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
// Also replace any absolute HTTP URLs with HTTPS if request is HTTPS
|
// Also replace any absolute HTTP URLs with HTTPS if request is HTTPS
|
||||||
if (protocol === 'https') {
|
if (protocol === 'https') {
|
||||||
html = html.replace(/href="http:\/\/([^"]+)"/g, (match, url) => {
|
html = html.replace(/href="http:\/\/([^"]+)"/g, (match, url) => {
|
||||||
if (url.includes(host)) {
|
if (url.includes(forwardedHost) || url.includes(req.get('host'))) {
|
||||||
return `href="https://${url}"`;
|
const newUrl = match.replace('http://', 'https://');
|
||||||
|
logger.info(`Converting HTTP to HTTPS: ${match} -> ${newUrl}`);
|
||||||
|
return newUrl;
|
||||||
}
|
}
|
||||||
return match;
|
return match;
|
||||||
});
|
});
|
||||||
html = html.replace(/src="http:\/\/([^"]+)"/g, (match, url) => {
|
html = html.replace(/src="http:\/\/([^"]+)"/g, (match, url) => {
|
||||||
if (url.includes(host)) {
|
if (url.includes(forwardedHost) || url.includes(req.get('host'))) {
|
||||||
return `src="https://${url}"`;
|
const newUrl = match.replace('http://', 'https://');
|
||||||
|
logger.info(`Converting HTTP to HTTPS: ${match} -> ${newUrl}`);
|
||||||
|
return newUrl;
|
||||||
}
|
}
|
||||||
return match;
|
return match;
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
logger.info(`HTML rewrite completed. HTML length: ${html.length}`);
|
||||||
|
|
||||||
res.send(html);
|
res.send(html);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|||||||
Reference in New Issue
Block a user