From 5c2c12d8f706c20f22f4e6cec405add41c7a2f7f Mon Sep 17 00:00:00 2001 From: Armand Philippot Date: Thu, 18 Jun 2026 01:23:59 +0200 Subject: [PATCH 1/4] missing import, type parameter doesn't seem valid --- src/content/docs/en/guides/sessions.mdx | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/content/docs/en/guides/sessions.mdx b/src/content/docs/en/guides/sessions.mdx index 29a427f87f705..b10a0a7581941 100644 --- a/src/content/docs/en/guides/sessions.mdx +++ b/src/content/docs/en/guides/sessions.mdx @@ -140,9 +140,11 @@ const cart = await Astro.session?.get('cart'); In API endpoints, the session object is available on the `context` object. For example, to add an item to a shopping cart: ```ts title="src/pages/api/addToCart.ts" "context.session" +import type { APIContext } from "astro"; + export async function POST(context: APIContext) { const cart = await context.session?.get('cart') || []; - const data = await context.request.json<{ item: string }>(); + const data = await context.request.json(); if(!data?.item) { return new Response('Item is required', { status: 400 }); } From 7244dae54e17420a71c54550cfc17522403d71c4 Mon Sep 17 00:00:00 2001 From: Armand Philippot Date: Thu, 18 Jun 2026 01:21:28 +0200 Subject: [PATCH 2/4] nit: might be me, but the second argument is required, comment unclear --- src/content/docs/en/guides/actions.mdx | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/content/docs/en/guides/actions.mdx b/src/content/docs/en/guides/actions.mdx index 1b930e30e2cf1..fb02f0c9b5c0a 100644 --- a/src/content/docs/en/guides/actions.mdx +++ b/src/content/docs/en/guides/actions.mdx @@ -733,20 +733,20 @@ Use the [`getActionContext()` function](/en/reference/modules/astro-actions/#get The following example rejects all action requests that do not have a valid session token. If the check fails, a "Forbidden" response is returned. Note: this method ensures that actions are only accessible when a session is present, but is _not_ a substitute for secure authorization. ```ts title="src/middleware.ts" -import { defineMiddleware } from 'astro:middleware'; -import { getActionContext } from 'astro:actions'; +import { defineMiddleware } from "astro:middleware"; +import { getActionContext } from "astro:actions"; export const onRequest = defineMiddleware(async (context, next) => { const { action } = getActionContext(context); // Check if the action was called from a client-side function - if (action?.calledFrom === 'rpc') { + if (action?.calledFrom === "rpc") { // If so, check for a user session token - if (!context.cookies.has('user-session')) { - return new Response('Forbidden', { status: 403 }); + if (!context.cookies.has("user-session")) { + return new Response("Forbidden", { status: 403 }); } } - - context.cookies.set('user-session', /* session token */); + + context.cookies.set("user-session", "session-token-value"); return next(); }); ``` From 00c603c9b16d0cbbe239338605d07a046dadf8e0 Mon Sep 17 00:00:00 2001 From: Armand Philippot Date: Thu, 18 Jun 2026 01:16:52 +0200 Subject: [PATCH 3/4] referer can be null --- src/content/docs/en/guides/server-islands.mdx | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/content/docs/en/guides/server-islands.mdx b/src/content/docs/en/guides/server-islands.mdx index e6eaba765ab30..c0e0c792690e5 100644 --- a/src/content/docs/en/guides/server-islands.mdx +++ b/src/content/docs/en/guides/server-islands.mdx @@ -98,9 +98,14 @@ To access information from the page's URL, you can check the [Referer](https://d ```astro --- -const referer = Astro.request.headers.get('Referer'); +const referer = Astro.request.headers.get("Referer"); + +if (!referer) { + throw new Error("Referer header is missing"); +} + const url = new URL(referer); -const productId = url.searchParams.get('product'); +const productId = url.searchParams.get("product"); --- ``` From 346480b2dd3c8dd2d98dcecf1169a6e0a64383bb Mon Sep 17 00:00:00 2001 From: Armand Philippot Date: Thu, 18 Jun 2026 01:14:13 +0200 Subject: [PATCH 4/4] closing tag --- src/content/docs/en/guides/on-demand-rendering.mdx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/content/docs/en/guides/on-demand-rendering.mdx b/src/content/docs/en/guides/on-demand-rendering.mdx index 706720c1ef26a..18a58fbd8418a 100644 --- a/src/content/docs/en/guides/on-demand-rendering.mdx +++ b/src/content/docs/en/guides/on-demand-rendering.mdx @@ -73,7 +73,7 @@ This content will be server-rendered on demand! Just add an adapter integration for a server runtime! All other pages are statically-generated at build time! --> - + ``` The following example shows opting out of prerendering in order to display a random number each time the endpoint is hit: @@ -106,7 +106,7 @@ export const prerender = true `output: 'server'` is configured, but this page is static! The rest of my site is rendered on demand! --> - + ``` Add `export const prerender = true` to any page or route to prerender a static page or endpoint: