Summary:
This diff adds a middleware to the RN development server to prevent processing requests coming from a third-party website.
The way we choose to do it is to block any request that has an origin header and it's different than localhost. This will still allow simulators to work properly while blocking potential external websites to do malign CORS requests.
This is just a first quick measure to block a potential attack vector while we implement full authentication in the RN development server
Reviewed By: mjesun
Differential Revision: D9238674
fbshipit-source-id: b7bdc40dabc2f4d92f5ac84515f93b89efa4e833
Summary:
This fixes some regressions with local-cli introduced in c4a66a89a28152cd4b81e2b0f80ab3aac34d6872.
- We didn't pass `assetRegistryPath` which caused the following error when loading the bundle:
```
error: bundling failed: Error: Unable to resolve module `missing-asset-registry-path` from `/Users/janic/Developer/react-native/RNTester/js/uie_thumb_normal@2x.png`: Module `missing-asset-registry-path` does not exist in the Haste module map
```
- The middlewares were not added to the metro server. This causes some packager server features to fail. The one I noticed is that the /status endpoint didn't exist anymore which causes CI to fail and also Android to not load the bundle from the packager initially. The remote debugging feature was also broken.
Pull Request resolved: https://github.com/facebook/react-native/pull/20162
Differential Revision: D8867610
Pulled By: hramos
fbshipit-source-id: 8a08b7f3175692ab6ee73c0a7c25075091ae4792
Summary: `morgan` produces non-json output, which affects `js1 run` when ran with the `--json` flag.
Reviewed By: Kureev
Differential Revision: D8724830
fbshipit-source-id: 11377f6ef39341c658a7f905383398423a721630
Summary:
Scope of the diff:
1. Middleware
`react-native-github/local-cli` and `react-native-internal-cli` uses a very similar set of middlewares (internal cli extends github version), so I decided to move it to a standalone file (middleware manager) in order to remove duplications and increase readability.
2. Types
Seems that after Flow upgrade to version 0.68 there were many type issues to resolve, so all of them were auto-mocked. This is fine, but I'd like to see Flow assists me with `Metro.createServer` -> `Metro.runServer` migration. Hence, I decided to resolve flow mocks, related to runServer.
3. `runServer` signature
In `react-native-github` repo I cleaned up `runServer` signature by removing `startCallback` and `readyCallback` from the function parameters and moved them to `runServer` instead.
4. Replace `createServer` by `runServer`
In `react-native-github` repo, `createServer` has been replaced by `runServer`. __Some of arguments are not mapped__.
Note that this diff will partially break argument mapping. This is intentional. @[100000044482482:ives] will fix it with a new config package.
Reviewed By: mjesun
Differential Revision: D8711717
fbshipit-source-id: a843ab576360ff7242099910d8f25a9cb0a388c0