hub/express: further tweaks/fixes for express 5.1

Author: haraldschilly

src/packages/hub/proxy/handle-upgrade.ts

@@ -2,14 +2,15 @@
 
 import { createProxyServer, type ProxyServer } from "http-proxy-3";
 import LRU from "lru-cache";
-import { getEventListeners } from "node:events";
+
+import basePath from "@cocalc/backend/base-path";
 import getLogger from "@cocalc/hub/logger";
+import { getEventListeners } from "node:events";
+import { proxyConatWebsocket } from "./proxy-conat";
 import stripRememberMeCookie from "./strip-remember-me-cookie";
 import { getTarget } from "./target";
 import { stripBasePath } from "./util";
 import { versionCheckFails } from "./version";
-import { proxyConatWebsocket } from "./proxy-conat";
-import basePath from "@cocalc/backend/base-path";
 
 const LISTENERS_HACK = true;
 

src/packages/hub/proxy/index.ts

@@ -21,28 +21,34 @@ interface Options {
   proxyConat: boolean;
 }
 
-const uuidRegex =
+// UUID regex pattern for project ID validation
+const UUID_REGEX =
   /^[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$/;
 
+/**
+ * Middleware to validate that the project_id route parameter is a valid UUID.
+ * If valid, continues to next middleware. If invalid, skips to next route.
+ */
 function uuidMiddleware(req, _res, next) {
-  if (uuidRegex.test(req.params.project_id)) {
+  if (UUID_REGEX.test(req.params.project_id)) {
     return next();
   }
-  // Not a valid project ID UUID: skip to next matching route
+  // Not a valid project ID UUID: skip to next route
   return next("route");
 }
 
 export default function initProxy(opts: Options) {
   const prefix = base_path.length <= 1 ? "" : base_path;
-  const routePath = `${prefix}/:project_id/*splat`;
-  logger.info("creating proxy server for UUIDs only", routePath);
+  const routePath = `${prefix}/:project_id/{*splat}`;
+  logger.info("creating proxy server with route pattern", routePath);
 
   const handleProxy = initRequest(opts);
 
-  const proxy_regexp = `^${prefix}\/[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}$\/(.*)$`;
+  // Create regex for upgrade handler (still needed for WebSocket matching)
+  const proxy_regexp = `^${prefix}\/[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}\/.*`;
   const handleUpgrade = initUpgrade(opts, proxy_regexp);
 
-  // Only handles proxy if the project_id is a valid UUID:
+  // Use Express 5 path syntax with UUID validation middleware
   opts.app.all(routePath, uuidMiddleware, handleProxy);
 
   opts.httpServer.on("upgrade", handleUpgrade);

src/packages/hub/servers/app/blobs.ts

@@ -8,7 +8,7 @@ import { getLogger } from "@cocalc/hub/logger";
 const logger = getLogger("hub:servers:app:blobs");
 export default function init(router: Router) {
   // return uuid-indexed blobs (mainly used for graphics)
-  router.get("/blobs/*splat", async (req, res) => {
+  router.get("/blobs/{*splat}", async (req, res) => {
     logger.debug(`${JSON.stringify(req.query)}, ${req.path}`);
     const uuid = `${req.query.uuid}`;
     if (req.headers["if-none-match"] === uuid) {

src/packages/hub/servers/app/next.ts

@@ -55,7 +55,7 @@ export default async function init(app: Application) {
     // 1: The raw static server:
     const raw = join(shareBasePath, "raw");
     app.all(
-      join(raw, "*splat"),
+      join(raw, "{*splat}"),
       (req: Request, res: Response, next: NextFunction) => {
         // Embedding only enabled for PDF files -- see note above
         const download =
@@ -77,7 +77,7 @@ export default async function init(app: Application) {
     // 2: The download server -- just like raw, but files always get sent via download.
     const download = join(shareBasePath, "download");
     app.all(
-      join(download, "*splat"),
+      join(download, "{*splat}"),
       (req: Request, res: Response, next: NextFunction) => {
         try {
           handleRaw({