Merging 2547305 into trunk-temp/pr-2284/5f34d04c-bbcd-4921-a64f-074c8…

…1de8ded
arcjet · Nov 20, 2024 · 1fdbec9 · 1fdbec9
2 parents 8b19f65 + 2547305
commit 1fdbec9
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 24 deletions.
diff --git a/examples/nextjs-bot-categories/app/api/arcjet/route.ts b/examples/nextjs-bot-categories/app/api/arcjet/route.ts
@@ -26,6 +26,13 @@ const aj = arcjet({
 export async function GET(req: Request) {
   const decision = await aj.protect(req);
 
+  if (decision.isErrored()) {
+    return NextResponse.json(
+      { error: decision.reason.message },
+      { status: 500, statusText: "Internal Server Error" },
+    )
+  }
+
   const headers = new Headers();
   if (decision.reason.isBot()) {
     // WARNING: This is illustrative! Don't share this metadata with users;

diff --git a/examples/nextjs-bot-categories/middleware.ts b/examples/nextjs-bot-categories/middleware.ts
@@ -0,0 +1,8 @@
+import { createMiddleware } from "@nosecone/next";
+
+export const config = {
+  // matcher tells Next.js which routes to run the middleware on
+  matcher: ["/(.*)"],
+};
+
+export default createMiddleware();
diff --git a/nosecone-next/index.ts b/nosecone-next/index.ts
@@ -69,29 +69,6 @@ function applyNextDefaults(options: NoseconeOptions): NoseconeOptions {
   };
 }
 
-// Setting specific headers is the way that Next.js implements middleware
-// See: https://github.com/vercel/next.js/blob/5c45d58cd058a9683e435fd3a1a9b8fede8376c3/packages/next/src/server/web/spec-extension/response.ts#L148
-function nextMiddlewareHeaders(
-  headers: Record<string, string>,
-): Record<string, string> {
-  const forwardedHeaders: Record<string, string> = {
-    "x-middleware-next": "1",
-  };
-
-  // This applies the logic to forward headers from Next.js middleware
-  // https://github.com/vercel/next.js/blob/5c45d58cd058a9683e435fd3a1a9b8fede8376c3/packages/next/src/server/web/spec-extension/response.ts#L22-L27
-  for (const [headerName, headerValue] of Object.entries(headers)) {
-    if (typeof headerValue !== "string") {
-      throw new Error(`impossible: missing value for ${headerName}`);
-    }
-    forwardedHeaders[`x-middleware-request-${headerName}`] = headerValue;
-  }
-  forwardedHeaders["x-middleware-override-headers"] =
-    Object.keys(headers).join(",");
-
-  return forwardedHeaders;
-}
-
 /**
  * Create Next.js middleware that sets secure headers on every request.
  *
@@ -106,7 +83,12 @@ export function createMiddleware(options: NoseconeOptions = defaults) {
     return new Response(null, {
       headers: {
         ...headers,
-        ...nextMiddlewareHeaders(headers),
+        // Setting this specific header is the way that Next.js implements
+        // middleware. See:
+        // https://github.com/vercel/next.js/blob/5c45d58cd058a9683e435fd3a1a9b8fede8376c3/packages/next/src/server/web/spec-extension/response.ts#L148
+        // Note: we don't create the `x-middleware-override-headers` header so
+        // the original headers pass through
+        "x-middleware-next": "1",
       },
     });
   };