diff --git a/packages/kit/src/core/config/index.spec.js b/packages/kit/src/core/config/index.spec.js index 8fbe60c5ae2c..3388f149b7df 100644 --- a/packages/kit/src/core/config/index.spec.js +++ b/packages/kit/src/core/config/index.spec.js @@ -70,7 +70,7 @@ const get_defaults = (prefix = '') => ({ checkOrigin: true }, dangerZone: { - trackServerFetchesPotentiallyExposingSecrets: false + trackServerFetches: false }, embedded: false, env: { diff --git a/packages/kit/src/core/config/options.js b/packages/kit/src/core/config/options.js index 4c97370ab221..3a6c862267bd 100644 --- a/packages/kit/src/core/config/options.js +++ b/packages/kit/src/core/config/options.js @@ -113,7 +113,7 @@ const options = object( dangerZone: object({ // TODO 2.0: Remove this - trackServerFetchesPotentiallyExposingSecrets: boolean(false) + trackServerFetches: boolean(false) }), embedded: boolean(false), diff --git a/packages/kit/src/core/sync/write_server.js b/packages/kit/src/core/sync/write_server.js index 9927a78d6cb1..647aa5924237 100644 --- a/packages/kit/src/core/sync/write_server.js +++ b/packages/kit/src/core/sync/write_server.js @@ -34,9 +34,7 @@ export const options = { app_template_contains_nonce: ${template.includes('%sveltekit.nonce%')}, csp: ${s(config.kit.csp)}, csrf_check_origin: ${s(config.kit.csrf.checkOrigin)}, - track_server_fetches_potentially_exposing_secrets: ${s( - config.kit.dangerZone.trackServerFetchesPotentiallyExposingSecrets - )}, + track_server_fetches: ${s(config.kit.dangerZone.trackServerFetches)}, embedded: ${config.kit.embedded}, env_public_prefix: '${config.kit.env.publicPrefix}', hooks: null, // added lazily, via \`get_hooks\` diff --git a/packages/kit/src/runtime/server/data/index.js b/packages/kit/src/runtime/server/data/index.js index 3737fd0e8f22..8d38b1e10720 100644 --- a/packages/kit/src/runtime/server/data/index.js +++ b/packages/kit/src/runtime/server/data/index.js @@ -77,8 +77,7 @@ export async function render_data( } return data; }, - track_server_fetches_potentially_exposing_secrets: - options.track_server_fetches_potentially_exposing_secrets + track_server_fetches: options.track_server_fetches }); } catch (e) { aborted = true; diff --git a/packages/kit/src/runtime/server/page/index.js b/packages/kit/src/runtime/server/page/index.js index 3ec744427309..b7009a27b9fe 100644 --- a/packages/kit/src/runtime/server/page/index.js +++ b/packages/kit/src/runtime/server/page/index.js @@ -151,8 +151,7 @@ export async function render_page(event, page, options, manifest, state, resolve } return data; }, - track_server_fetches_potentially_exposing_secrets: - options.track_server_fetches_potentially_exposing_secrets + track_server_fetches: options.track_server_fetches }); } catch (e) { load_error = /** @type {Error} */ (e); diff --git a/packages/kit/src/runtime/server/page/load_data.js b/packages/kit/src/runtime/server/page/load_data.js index c9b20089b5da..ced84ab9918c 100644 --- a/packages/kit/src/runtime/server/page/load_data.js +++ b/packages/kit/src/runtime/server/page/load_data.js @@ -10,7 +10,7 @@ import { validate_depends } from '../../shared.js'; * state: import('types').SSRState; * node: import('types').SSRNode | undefined; * parent: () => Promise>; - * track_server_fetches_potentially_exposing_secrets: boolean; + * track_server_fetches: boolean; * }} opts * @returns {Promise} */ @@ -20,7 +20,7 @@ export async function load_server_data({ node, parent, // TODO 2.0: Remove this - track_server_fetches_potentially_exposing_secrets + track_server_fetches }) { if (!node?.server) return null; @@ -60,7 +60,7 @@ export async function load_server_data({ } // TODO 2.0: Remove this - if (track_server_fetches_potentially_exposing_secrets) { + if (track_server_fetches) { uses.dependencies.add(url.href); } diff --git a/packages/kit/src/runtime/server/page/respond_with_error.js b/packages/kit/src/runtime/server/page/respond_with_error.js index 3d17dc62c6dc..2567b7e768e8 100644 --- a/packages/kit/src/runtime/server/page/respond_with_error.js +++ b/packages/kit/src/runtime/server/page/respond_with_error.js @@ -45,8 +45,7 @@ export async function respond_with_error({ state, node: default_layout, parent: async () => ({}), - track_server_fetches_potentially_exposing_secrets: - options.track_server_fetches_potentially_exposing_secrets + track_server_fetches: options.track_server_fetches }); const server_data = await server_data_promise; diff --git a/packages/kit/test/apps/basics/test/client.test.js b/packages/kit/test/apps/basics/test/client.test.js index e33c2cc8b404..b95076c4520e 100644 --- a/packages/kit/test/apps/basics/test/client.test.js +++ b/packages/kit/test/apps/basics/test/client.test.js @@ -457,7 +457,7 @@ test.describe('Invalidation', () => { }); test('fetch in server load cannot be invalidated', async ({ page, app, request }) => { - // TODO 2.0: Can remove this test after `dangerZone.trackServerFetchesPotentiallyExposingSecrets` and associated code is removed + // TODO 2.0: Can remove this test after `dangerZone.trackServerFetches` and associated code is removed await request.get('/load/invalidation/server-fetch/count.json?reset'); await page.goto('/load/invalidation/server-fetch'); const selector = '[data-testid="count"]'; diff --git a/packages/kit/test/apps/options/svelte.config.js b/packages/kit/test/apps/options/svelte.config.js index e72baa10f281..ce787f38d5e9 100644 --- a/packages/kit/test/apps/options/svelte.config.js +++ b/packages/kit/test/apps/options/svelte.config.js @@ -10,7 +10,7 @@ const config = { } }, dangerZone: { - trackServerFetchesPotentiallyExposingSecrets: true + trackServerFetches: true }, files: { assets: 'public', diff --git a/packages/kit/test/apps/options/test/test.js b/packages/kit/test/apps/options/test/test.js index c17e63ffee13..43277cade6bc 100644 --- a/packages/kit/test/apps/options/test/test.js +++ b/packages/kit/test/apps/options/test/test.js @@ -300,7 +300,7 @@ test.describe('Routing', () => { test.describe('load', () => { // TODO 2.0: Remove this test - test('fetch in server load can be invalidated when `dangerZone.trackServerFetchesPotentiallyExposingSecrets` is set', async ({ + test('fetch in server load can be invalidated when `dangerZone.trackServerFetches` is set', async ({ page, app, request, diff --git a/packages/kit/types/index.d.ts b/packages/kit/types/index.d.ts index d5ae656e9b42..7d541a4377f3 100644 --- a/packages/kit/types/index.d.ts +++ b/packages/kit/types/index.d.ts @@ -348,7 +348,7 @@ export interface KitConfig { * Automatically add server-side `fetch`ed URLs to the `dependencies` map of `load` functions. This will expose secrets * to the client if your URL contains them. */ - trackServerFetchesPotentiallyExposingSecrets?: boolean; + trackServerFetches?: boolean; }; /** * Whether or not the app is embedded inside a larger app. If `true`, SvelteKit will add its event listeners related to navigation etc on the parent of `%sveltekit.body%` instead of `window`, and will pass `params` from the server rather than inferring them from `location.pathname`. diff --git a/packages/kit/types/internal.d.ts b/packages/kit/types/internal.d.ts index 9c77b9c88eb4..379328678073 100644 --- a/packages/kit/types/internal.d.ts +++ b/packages/kit/types/internal.d.ts @@ -333,7 +333,7 @@ export interface SSROptions { app_template_contains_nonce: boolean; csp: ValidatedConfig['kit']['csp']; csrf_check_origin: boolean; - track_server_fetches_potentially_exposing_secrets: boolean; + track_server_fetches: boolean; embedded: boolean; env_public_prefix: string; hooks: ServerHooks;