withastro
diff --git a/‎packages/astro/src/core/server-islands/endpoint.ts‎
Lines changed: 2 additions & 2 deletions b/‎packages/astro/src/core/server-islands/endpoint.ts‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎packages/astro/test/csp-server-islands.test.js‎
Lines changed: 0 additions & 71 deletions b/‎packages/astro/test/csp-server-islands.test.js‎
Lines changed: 0 additions & 71 deletions
diff --git a/‎packages/astro/test/server-islands.test.js‎
Lines changed: 0 additions & 141 deletions b/‎packages/astro/test/server-islands.test.js‎
Lines changed: 0 additions & 141 deletions
@@ -41,7 +41,7 @@ export function injectServerIslandRoute(config: ConfigFields, routeManifest: Rou
 	routeManifest.routes.unshift(getServerIslandRouteData(config));
 }
 
-type RenderOptions = {
+export type RenderOptions = {
 	encryptedComponentExport: string;
 	encryptedProps: string;
 	encryptedSlots: string;
@@ -54,7 +54,7 @@ function badRequest(reason: string) {
 	});
 }
 
-async function getRequestData(request: Request): Promise<Response | RenderOptions> {
+export async function getRequestData(request: Request): Promise<Response | RenderOptions> {
 	switch (request.method) {
 		case 'GET': {
 			const url = new URL(request.url);
 
@@ -77,77 +77,6 @@ describe('Server islands', () => {
 			const response = await app.render(request);
 			assert.equal(response.headers.get('x-robots-tag'), 'noindex');
 		});
-		it('omits empty props from the query string', async () => {
-			const app = await fixture.loadTestAdapterApp();
-			const request = new Request('http://example.com/empty-props');
-			const response = await app.render(request);
-			assert.equal(response.status, 200);
-			const html = await response.text();
-			const fetchMatch = html.match(/fetch\('\/_server-islands\/Island\?[^']*p=([^&']*)/);
-			assert.equal(fetchMatch.length, 2, 'should include props in the query	string');
-			assert.equal(fetchMatch[1], '', 'should not include encrypted empty props');
-		});
-		it('re-encrypts props on each request', async () => {
-			const app = await fixture.loadTestAdapterApp();
-			const request = new Request('http://example.com/includeComponentWithProps/');
-			const response = await app.render(request);
-			assert.equal(response.status, 200);
-			const html = await response.text();
-			const fetchMatch = html.match(
-				/fetch\('\/_server-islands\/ComponentWithProps\?[^']*p=([^&']*)/,
-			);
-			assert.equal(fetchMatch.length, 2, 'should include props in the query	string');
-			const firstProps = fetchMatch[1];
-			const secondRequest = new Request('http://example.com/includeComponentWithProps/');
-			const secondResponse = await app.render(secondRequest);
-			assert.equal(secondResponse.status, 200);
-			const secondHtml = await secondResponse.text();
-			const secondFetchMatch = secondHtml.match(
-				/fetch\('\/_server-islands\/ComponentWithProps\?[^']*p=([^&']*)/,
-			);
-			assert.equal(secondFetchMatch.length, 2, 'should include props in the query	string');
-			assert.notEqual(
-				secondFetchMatch[1],
-				firstProps,
-				'should re-encrypt props on each request with a different IV',
-			);
-		});
-
-		it('omits empty props from the query string', async () => {
-			const app = await fixture.loadTestAdapterApp();
-			const request = new Request('http://example.com/empty-props');
-			const response = await app.render(request);
-			assert.equal(response.status, 200);
-			const html = await response.text();
-			const fetchMatch = html.match(/fetch\('\/_server-islands\/Island\?[^']*p=([^&']*)/);
-			assert.equal(fetchMatch.length, 2, 'should include props in the query	string');
-			assert.equal(fetchMatch[1], '', 'should not include encrypted empty props');
-		});
-		it('re-encrypts props on each request', async () => {
-			const app = await fixture.loadTestAdapterApp();
-			const request = new Request('http://example.com/includeComponentWithProps/');
-			const response = await app.render(request);
-			assert.equal(response.status, 200);
-			const html = await response.text();
-			const fetchMatch = html.match(
-				/fetch\('\/_server-islands\/ComponentWithProps\?[^']*p=([^&']*)/,
-			);
-			assert.equal(fetchMatch.length, 2, 'should include props in the query	string');
-			const firstProps = fetchMatch[1];
-			const secondRequest = new Request('http://example.com/includeComponentWithProps/');
-			const secondResponse = await app.render(secondRequest);
-			assert.equal(secondResponse.status, 200);
-			const secondHtml = await secondResponse.text();
-			const secondFetchMatch = secondHtml.match(
-				/fetch\('\/_server-islands\/ComponentWithProps\?[^']*p=([^&']*)/,
-			);
-			assert.equal(secondFetchMatch.length, 2, 'should include props in the query	string');
-			assert.notEqual(
-				secondFetchMatch[1],
-				firstProps,
-				'should re-encrypt props on each request with a different IV',
-			);
-		});
 	});
 
 	describe('Hybrid', () => {
 
@@ -97,37 +97,6 @@ describe('Server islands', () => {
 				const works = res.headers.get('X-Works');
 				assert.equal(works, 'true', 'able to set header from server island');
 			});
-			it('omits empty props from the query string', async () => {
-				const res = await fixture.fetch('/empty-props');
-				assert.equal(res.status, 200);
-				const html = await res.text();
-				const fetchMatch = html.match(/fetch\('\/_server-islands\/Island\?[^']*p=([^&']*)/);
-				assert.equal(fetchMatch.length, 2, 'should include props in the query string');
-				assert.equal(fetchMatch[1], '', 'should not include encrypted empty props');
-			});
-			it('re-encrypts props on each request', async () => {
-				const res = await fixture.fetch('/includeComponentWithProps/');
-				assert.equal(res.status, 200);
-				const html = await res.text();
-				const fetchMatch = html.match(
-					/fetch\('\/_server-islands\/ComponentWithProps\?[^']*p=([^&']*)/,
-				);
-				assert.equal(fetchMatch.length, 2, 'should include props in the query string');
-				const firstProps = fetchMatch[1];
-				const secondRes = await fixture.fetch('/includeComponentWithProps/');
-				assert.equal(secondRes.status, 200);
-				const secondHtml = await secondRes.text();
-				const secondFetchMatch = secondHtml.match(
-					/fetch\('\/_server-islands\/ComponentWithProps\?[^']*p=([^&']*)/,
-				);
-				assert.equal(secondFetchMatch.length, 2, 'should include props in the query string');
-				assert.notEqual(
-					secondFetchMatch[1],
-					firstProps,
-					'should re-encrypt props on each request with a different IV',
-				);
-			});
-
 			it('rejects invalid props', async () => {
 				const encryptedComponentExport = await getEncryptedComponentExport();
 				const res = await fixture.fetch('/_server-islands/Island', {
@@ -142,31 +111,6 @@ describe('Server islands', () => {
 				assert.equal(res.status, 400);
 			});
 
-			it('rejects plaintext componentExport', async () => {
-				const res = await fixture.fetch('/_server-islands/Island', {
-					method: 'POST',
-					body: JSON.stringify({
-						componentExport: 'default',
-						encryptedProps: '',
-						encryptedSlots: '',
-					}),
-				});
-				assert.equal(res.status, 400, 'should reject plaintext componentExport');
-			});
-
-			it('rejects plaintext slots', async () => {
-				const encryptedComponentExport = await getEncryptedComponentExport();
-				const res = await fixture.fetch('/_server-islands/Island', {
-					method: 'POST',
-					body: JSON.stringify({
-						encryptedComponentExport,
-						encryptedProps: 'FC8337AF072BE5B1641501E1r8mLIhmIME1AV7UO9XmW9OLD',
-						slots: { xss: '<img src=x onerror=alert(0)>' },
-					}),
-				});
-				assert.equal(res.status, 400, 'should reject unencrypted slots');
-			});
-
 			it('accepts encrypted slots via POST', async () => {
 				const key = await createKeyFromString('eKBaVEuI7YjfanEXHuJe/pwZKKt3LkAHeMxvTU7aR0M=');
 				const encryptedComponentExport = await encryptString(key, 'default');
@@ -308,42 +252,6 @@ describe('Server islands', () => {
 				const response = await app.render(request);
 				assert.equal(response.headers.get('x-robots-tag'), 'noindex');
 			});
-			it('omits empty props from the query string', async () => {
-				const app = await fixture.loadTestAdapterApp();
-				const request = new Request('http://example.com/empty-props');
-				const response = await app.render(request);
-				assert.equal(response.status, 200);
-				const html = await response.text();
-				const fetchMatch = html.match(/fetch\('\/_server-islands\/Island\?[^']*p=([^&']*)/);
-				assert.equal(fetchMatch.length, 2, 'should include props in the query string');
-				assert.equal(fetchMatch[1], '', 'should not include encrypted empty props');
-			});
-			it('re-encrypts props on each request', async () => {
-				const app = await fixture.loadTestAdapterApp();
-				const request = new Request('http://example.com/includeComponentWithProps/');
-				const response = await app.render(request);
-				assert.equal(response.status, 200);
-				const html = await response.text();
-				const fetchMatch = html.match(
-					/fetch\('\/_server-islands\/ComponentWithProps\?[^']*p=([^&']*)/,
-				);
-				assert.equal(fetchMatch.length, 2, 'should include props in the query string');
-				const firstProps = fetchMatch[1];
-				const secondRequest = new Request('http://example.com/includeComponentWithProps/');
-				const secondResponse = await app.render(secondRequest);
-				assert.equal(secondResponse.status, 200);
-				const secondHtml = await secondResponse.text();
-				const secondFetchMatch = secondHtml.match(
-					/fetch\('\/_server-islands\/ComponentWithProps\?[^']*p=([^&']*)/,
-				);
-				assert.equal(secondFetchMatch.length, 2, 'should include props in the query string');
-				assert.notEqual(
-					secondFetchMatch[1],
-					firstProps,
-					'should re-encrypt props on each request with a different IV',
-				);
-			});
-
 			it('rejects invalid props', async () => {
 				const app = await fixture.loadTestAdapterApp();
 				const encryptedComponentExport = await getEncryptedComponentExport();
@@ -363,55 +271,6 @@ describe('Server islands', () => {
 				assert.equal(response.status, 400);
 			});
 
-			it('rejects plaintext componentExport', async () => {
-				const app = await fixture.loadTestAdapterApp();
-				const request = new Request('http://example.com/_server-islands/Island', {
-					method: 'POST',
-					body: JSON.stringify({
-						componentExport: 'default',
-						encryptedProps: 'FC8337AF072BE5B1641501E1r8mLIhmIME1AV7UO9XmW9OLD',
-						encryptedSlots: '',
-					}),
-					headers: {
-						origin: 'http://example.com',
-					},
-				});
-				const response = await app.render(request);
-				assert.equal(response.status, 400, 'should reject plaintext componentExport');
-			});
-
-			it('rejects plaintext slots', async () => {
-				const app = await fixture.loadTestAdapterApp();
-				const encryptedComponentExport = await getEncryptedComponentExport();
-				const request = new Request('http://example.com/_server-islands/Island', {
-					method: 'POST',
-					body: JSON.stringify({
-						encryptedComponentExport,
-						encryptedProps: 'FC8337AF072BE5B1641501E1r8mLIhmIME1AV7UO9XmW9OLD',
-						slots: { xss: '<img src=x onerror=alert(0)>' },
-					}),
-					headers: {
-						origin: 'http://example.com',
-					},
-				});
-				const response = await app.render(request);
-				assert.equal(response.status, 400, 'should reject unencrypted slots');
-			});
-
-			it('rejects plaintext slots with XSS payload via GET', async () => {
-				const app = await fixture.loadTestAdapterApp();
-				const request = new Request(
-					'http://example.com/_server-islands/Island?e=file&s=%7B%22xss%22%3A%22%3Cimg%20src%3Dx%20onerror%3Dalert(0)%3E%22%7D',
-					{
-						headers: {
-							origin: 'http://example.com',
-						},
-					},
-				);
-				const response = await app.render(request);
-				assert.equal(response.status, 400, 'should reject plaintext slots with XSS');
-			});
-
 			it('accepts encrypted slots via POST', async () => {
 				const app = await fixture.loadTestAdapterApp();
 				const key = await createKeyFromString('eKBaVEuI7YjfanEXHuJe/pwZKKt3LkAHeMxvTU7aR0M=');