feat: hide x-opennext header from server requests when poweredByHeader is false (opennextjs#567)

sommeeeer · web-flow · commit d6d4b8f83da4 · 2024-10-18T15:43:14.000+02:00
* add: poweredByHeader can hide x-opennext header from server requests * add e2e test * add changeset * Revert "add changeset" This reverts commit 8cbd733. * add changeset in the root folder
diff --git a/.changeset/giant-vans-shop.md b/.changeset/giant-vans-shop.md
@@ -0,0 +1,5 @@
+---
+"@opennextjs/aws": patch
+---
+
+Hides the x-opennext header from server requests when poweredByHeader is false in next config
diff --git a/examples/pages-router/next.config.js b/examples/pages-router/next.config.js
@@ -53,6 +53,7 @@ const nextConfig = {
     },
   ],
   trailingSlash: true,
+  poweredByHeader: true,
 };
 
 module.exports = nextConfig;
diff --git a/packages/open-next/src/core/routing/util.ts b/packages/open-next/src/core/routing/util.ts
@@ -2,7 +2,7 @@ import crypto from "node:crypto";
 import { OutgoingHttpHeaders } from "node:http";
 import { Readable } from "node:stream";
 
-import { BuildId, HtmlPages } from "config/index.js";
+import { BuildId, HtmlPages, NextConfig } from "config/index.js";
 import type { IncomingMessage, StreamCreator } from "http/index.js";
 import { OpenNextNodeResponse } from "http/openNextResponse.js";
 import { parseHeaders } from "http/util.js";
@@ -322,7 +322,9 @@ export function fixSWRCacheHeader(headers: OutgoingHttpHeaders) {
  * @__PURE__
  */
 export function addOpenNextHeader(headers: OutgoingHttpHeaders) {
-  headers["X-OpenNext"] = "1";
+  if (NextConfig.poweredByHeader) {
+    headers["X-OpenNext"] = "1";
+  }
   if (globalThis.openNextDebug) {
     headers["X-OpenNext-Version"] = globalThis.openNextVersion;
     headers["X-OpenNext-RequestId"] = globalThis.__als.getStore()?.requestId;
diff --git a/packages/open-next/src/types/next-types.ts b/packages/open-next/src/types/next-types.ts
@@ -75,6 +75,7 @@ export interface NextConfig {
     appDir?: boolean;
   };
   images: ImageConfig;
+  poweredByHeader?: boolean;
 }
 
 export interface RouteDefinition {
diff --git a/packages/tests-e2e/tests/appRouter/headers.test.ts b/packages/tests-e2e/tests/appRouter/headers.test.ts
@@ -20,4 +20,8 @@ test("Headers", async ({ page }) => {
   // Request header should be available in RSC
   let el = page.getByText(`request-header`);
   await expect(el).toBeVisible();
+
+  // Both these headers should not be present cause poweredByHeader is false in appRouter
+  expect(headers["x-powered-by"]).toBeFalsy();
+  expect(headers["x-opennext"]).toBeFalsy();
 });
diff --git a/packages/tests-e2e/tests/pagesRouter/header.test.ts b/packages/tests-e2e/tests/pagesRouter/header.test.ts
@@ -0,0 +1,14 @@
+import { expect, test } from "@playwright/test";
+
+test("should test if poweredByHeader adds the correct headers ", async ({
+  page,
+}) => {
+  const result = await page.goto("/");
+  expect(result).toBeDefined();
+  expect(result?.status()).toBe(200);
+  const headers = result?.headers();
+
+  // Both these headers should be present cause poweredByHeader is true in pagesRouter
+  expect(headers?.["x-powered-by"]).toBe("Next.js");
+  expect(headers?.["x-opennext"]).toBe("1");
+});

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +---
 +"@opennextjs/aws": patch
 +---
++
 +Hides the x-opennext header from server requests when poweredByHeader is false in next config
Original file line number	Diff line number	Diff line change
`@@ -75,6 +75,7 @@ export interface NextConfig {`
`75`	`75`	`appDir?: boolean;`
`76`	`76`	`};`
`77`	`77`	`images: ImageConfig;`
	`78`	`+ poweredByHeader?: boolean;`
`78`	`79`	`}`
`79`	`80`
`80`	`81`	`export interface RouteDefinition {`