Bug Description
In middleware-v2/src/server.mjs, the human URL redirection mechanism has a flaw when resolving deep routes that contain periods (such as /news/releases/12.1.0).
The server currently uses path.extname(req.path) to determine if a URL points to a static asset (which should be directly proxied) rather than a Single Page Application route (which should be rescued and redirected to a /#/... hash equivalent). For a path like /news/releases/12.1.0, path.extname returns .0, causing the server to mistake the route for an asset and proxy it directly, leading to a 404.
Proposed Solution
Restrict the asset proxy pass-through to a whitelisted Set of known Neo.mjs static asset file extensions (e.g., .mjs, .js, .css, .woff2, .json, etc.). Routes that happen to contain dots but do not match a valid web extension will correctly fall through to the deep route rescue redirect block.
Bug Description
In
middleware-v2/src/server.mjs, the human URL redirection mechanism has a flaw when resolving deep routes that contain periods (such as/news/releases/12.1.0).The server currently uses
path.extname(req.path)to determine if a URL points to a static asset (which should be directly proxied) rather than a Single Page Application route (which should be rescued and redirected to a/#/...hash equivalent). For a path like/news/releases/12.1.0,path.extnamereturns.0, causing the server to mistake the route for an asset and proxy it directly, leading to a 404.Proposed Solution
Restrict the asset proxy pass-through to a whitelisted
Setof known Neo.mjs static asset file extensions (e.g.,.mjs,.js,.css,.woff2,.json, etc.). Routes that happen to contain dots but do not match a valid web extension will correctly fall through to the deep route rescue redirect block.