Giter Site home page Giter Site logo

Comments (18)

elvismercado avatar elvismercado commented on June 14, 2024 2

I recently update helmet from 3.19.0 to 3.21.2 due to a recommendatiopn of npm audit.
After doing this i have experience the axact same behaviour and error.

I have seen this happening before with webpack and redis npm package.
To solve this I configured redis as external commonjs package.

Doing this with helmet also avoids the TypeError and you can continue your work.

Here is an example webpack config.

module.exports = function(env, argv) {
  return = {
    mode: 'none',
    entry: { server: `./pat-to-server.ts` },
    externals: { helmet: 'commonjs helmet' },
    target: 'node',

    // other configs removed for example
    // ...
  };
};

from csp.

barnesdc avatar barnesdc commented on June 14, 2024 1

@EvanHahn It did not for me personally.
Screen Shot 2019-10-23 at 4 11 33 PM

What I am seeing now.

from csp.

EvanHahn avatar EvanHahn commented on June 14, 2024 1

I've renamed this because it seems like this is an issue with Webpack. Lemme know if that's wrong.

It also seems like there's a fix (thanks @elvismercado), which is good for now.

from csp.

markmcdowell avatar markmcdowell commented on June 14, 2024

Sorry same bug different version, I'll check it with Bowser. Actually 2.6.1

from csp.

EvanHahn avatar EvanHahn commented on June 14, 2024

What error are you seeing in this package?

from csp.

markmcdowell avatar markmcdowell commented on June 14, 2024 
TypeError: Bowser.getParser is not a function
    at csp (Users/Mark/Developer/reactivemarkets/gitlab/crossfire/ui/node_modules/helmet-csp/dist/index.js:32:34)
    at Layer.handle [as handle_request] (Users/Mark/Developer/reactivemarkets/gitlab/crossfire/ui/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (Users/Mark/Developer/reactivemarkets/gitlab/crossfire/ui/node_modules/express/lib/router/index.js:317:13)
    at eval (Users/Mark/Developer/reactivemarkets/gitlab/crossfire/ui/node_modules/express/lib/router/index.js:284:7)
    at Function.process_params (Users/Mark/Developer/reactivemarkets/gitlab/crossfire/ui/node_modules/express/lib/router/index.js:335:12)
    at next (Users/Mark/Developer/reactivemarkets/gitlab/crossfire/ui/node_modules/express/lib/router/index.js:275:10)
    at internalNext (Users/Mark/Developer/reactivemarkets/gitlab/crossfire/ui/node_modules/helmet/index.js:47:33)
    at xXssProtection (Users/Mark/Developer/reactivemarkets/gitlab/crossfire/ui/node_modules/x-xss-protection/dist/index.js:47:13)
    at internalNext (Users/Mark/Developer/reactivemarkets/gitlab/crossfire/ui/node_modules/helmet/index.js:51:7)
    at nosniff (Users/Mark/Developer/reactivemarkets/gitlab/crossfire/ui/node_modules/dont-sniff-mimetype/dist/index.js:5:9)

from csp.

markmcdowell avatar markmcdowell commented on June 14, 2024

I'll raise an issue with Bowser, for a quick fix i've moved Bowser back to 2.5.4 locally and all is working again.

from csp.

EvanHahn avatar EvanHahn commented on June 14, 2024

Could you post a code snippet that reproduces this? I'm not able to replicate the issue myself.

from csp.

markmcdowell avatar markmcdowell commented on June 14, 2024

It's because we use a bundler, webpack in this case. This change https://github.com/lancedikson/bowser/blob/bc2d51a8f9a715d91b715214ee0c19b1ca3f3838/package.json#L25 in bowser causes the imports to be incorrect.

from csp.

EvanHahn avatar EvanHahn commented on June 14, 2024

from csp.

barnesdc avatar barnesdc commented on June 14, 2024

TypeError: Bowser.getParser is not a function
at csp (webpack:///./node_modules/helmet-csp/dist/index.js?:32:34)
at internalNext (webpack:///./node_modules/helmet/index.js?:51:7)
at helmet (webpack:///./node_modules/helmet/index.js?:54:5)
at Layer.handle [as handle_request] (webpack:///./node_modules/express/lib/router/layer.js?:95:5)
at trim_prefix (webpack:///./node_modules/express/lib/router/index.js?:317:13)
at eval (webpack:///./node_modules/express/lib/router/index.js?:284:7)
at Function.process_params (webpack:///./node_modules/express/lib/router/index.js?:335:12)
at next (webpack:///./node_modules/express/lib/router/index.js?:275:10)
at compression (webpack:///./node_modules/compression/index.js?:220:5)
at Layer.handle [as handle_request] (webpack:///./node_modules/express/lib/router/layer.js?:95:5)
at trim_prefix (webpack:///./node_modules/express/lib/router/index.js?:317:13)
at eval (webpack:///./node_modules/express/lib/router/index.js?:284:7)
at Function.process_params (webpack:///./node_modules/express/lib/router/index.js?:335:12)
at next (webpack:///./node_modules/express/lib/router/index.js?:275:10)
at expressInit (webpack:///./node_modules/express/lib/middleware/init.js?:40:5)

I am seeing this error while running Helmet: 3.21.1, Helmet: 2.9.2, and Bowser: 2.6.1

from csp.

EvanHahn avatar EvanHahn commented on June 14, 2024

from csp.

gunnarvelle avatar gunnarvelle commented on June 14, 2024

This will affect everyone using helmet and webpack, targeting node environments.

Downgrading helmet to 4.20.0, helmet-csp to 2.8.0 and removing bowser from yarn.lock fixed this for us for now.

from csp.

EvanHahn avatar EvanHahn commented on June 14, 2024

from csp.

barnesdc avatar barnesdc commented on June 14, 2024

Pull request #94 submitted

from csp.

EvanHahn avatar EvanHahn commented on June 14, 2024

I've updated to the latest version of bowser in [email protected] and [email protected] (thanks @barnesdc!).

Does this fix anyone's issues?

from csp.

patrickmichalina avatar patrickmichalina commented on June 14, 2024

The bundle I am using has this issue as well. A quick fix was to change the package.json pointer.

  "main": "es5.js",
  "module": "src/bowser.js",

Having the bundler point to es5.js fixed it right up. For some reason the module path is not working.

from csp.

EvanHahn avatar EvanHahn commented on June 14, 2024

I believe this is fixed in [email protected] and [email protected]. Could someone test and let me know if they run into any issues?

from csp.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.