feat(netlify): verification for edge middleware (#152)

* feat(netlify): verification for edge middleware

* add changeset

* remove unused folder

Author: lilnasy

.changeset/odd-shoes-talk.md

@@ -0,0 +1,7 @@
+---
+'@astrojs/netlify': minor
+---
+
+Implements verification for edge middleware. This is a security measure to ensure that your serverless functions are only ever called by your edge middleware and not by a third party.
+
+When `edgeMiddleware` is enabled, the serverless function will now respond with `403 Forbidden` for requests that are not verified to have come from the generated edge middleware. No user action is necessary.

packages/netlify/src/index.ts

@@ -6,6 +6,7 @@ import type { AstroConfig, AstroIntegration, RouteData } from 'astro';
 import { AstroError } from 'astro/errors';
 import { build } from 'esbuild';
 import { appendFile, mkdir, readFile, rm, writeFile } from 'fs/promises';
+import type { Args } from "./ssr-function.js"
 
 const { version: packageVersion } = JSON.parse(
 	await readFile(new URL('../package.json', import.meta.url), 'utf8')
@@ -75,6 +76,8 @@ export default function netlifyIntegration(
 	let outDir: URL;
 	let rootDir: URL;
 	let astroMiddlewareEntryPoint: URL | undefined = undefined;
+	// Secret used to verify that the caller is the astro-generated edge middleware and not a third-party
+	const middlewareSecret = crypto.randomUUID();
 
 	const ssrOutputDir = () => new URL('./.netlify/functions-internal/ssr/', rootDir);
 	const middlewareOutputDir = () => new URL('.netlify/edge-functions/middleware/', rootDir);
@@ -136,6 +139,7 @@ export default function netlifyIntegration(
 				const next = () => {
 					const { netlify, ...otherLocals } = ctx.locals;
 					request.headers.set("x-astro-locals", trySerializeLocals(otherLocals));
+					request.headers.set("x-astro-middleware-secret", "${middlewareSecret}");
 					return context.next();
 				};
 			
@@ -270,15 +274,18 @@ export default function netlifyIntegration(
 						'See https://github.com/withastro/adapters/tree/main/packages/netlify#image-cdn for more.'
 					);
 				}
+				
+				const edgeMiddleware = integrationConfig?.edgeMiddleware ?? false;
 
 				setAdapter({
 					name: '@astrojs/netlify',
 					serverEntrypoint: '@astrojs/netlify/ssr-function.js',
 					exports: ['default'],
 					adapterFeatures: {
 						functionPerRoute: false,
-						edgeMiddleware: integrationConfig?.edgeMiddleware ?? false,
+						edgeMiddleware,
 					},
+					args: { middlewareSecret } satisfies Args,
 					supportedAstroFeatures: {
 						hybridOutput: 'stable',
 						staticOutput: 'stable',

packages/netlify/src/ssr-function.ts

@@ -6,11 +6,13 @@ import { applyPolyfills } from 'astro/app/node';
 applyPolyfills();
 
 // biome-ignore lint/complexity/noBannedTypes: safe to use in this case
-export type Args = {};
+export interface Args {
+	middlewareSecret: string;
+};
 
 const clientAddressSymbol = Symbol.for('astro.clientAddress');
 
-export const createExports = (manifest: SSRManifest, _args: Args) => {
+export const createExports = (manifest: SSRManifest, { middlewareSecret }: Args) => {
 	const app = new App(manifest);
 
 	function createHandler(integrationConfig: {
@@ -27,7 +29,13 @@ export const createExports = (manifest: SSRManifest, _args: Args) => {
 			let locals: Record<string, unknown> = {};
 
 			const astroLocalsHeader = request.headers.get('x-astro-locals');
+			const middlewareSecretHeader = request.headers.get('x-astro-middleware-secret');
 			if (astroLocalsHeader) {
+				if (middlewareSecretHeader !== middlewareSecret) {
+					return new Response("Forbidden", { status: 403 })
+				}
+				// hide the secret from the rest of user and library code
+				request.headers.delete('x-astro-middleware-secret');
 				locals = JSON.parse(astroLocalsHeader);
 			}