Modifying Autogenerated CAP Index Page Response Causes 502 Error Due to Content-Length Mismatch

[urlmic]

Description:
When the cds-launchpad-plugin modifies the CAP-generated index page (/), it results in a 502 error when accessed via the AppRouter. This happens because the response is altered without updating or removing the Content-Length header, causing an inconsistency between the declared and actual content size.

Steps to Reproduce:

1. Install and enable cds-launchpad-plugin.
2. Set up an SAP AppRouter in app/router/ with the following configuration (default port is 5000):
   • app/router/xs-app.json:

     {
       "routes": [
         {
           "source": "^/(.*)$",
           "target": "$1",
           "destination": "srv-api",
           "csrfProtection": true
         }
       ]
     }

   • app/router/default-env.json:

     {
       "destinations": [
         {
           "name": "srv-api",
           "url": "http://localhost:4004",
           "forwardAuthToken": true
         }
       ]
     }

3. Start the CAP application:

   cds watch

4. Start the AppRouter from the app/router/ directory:

   npm run start

5. Access http://localhost:5000/ in a browser.
6. Observe that the request fails with a 502 error.

Observed Behavior:
The Approuter logs indicate an issue with forwarding the modified response:

Apr 01, 2025 04:05:10 PM /app/router/node_modules/@sap/approuter/lib/middleware/error-handler.js [m8yklfgo] DEBUG:  stack: VError: error while forwarding request to http://localhost:4004/: Parse Error: Expected HTTP/ correlation_id = 241cddd5-dbe7-47b0-a5d0-b9c2c196f0d2
    at returnGateWayError (/app/router/node_modules/@sap/approuter/lib/middleware/request-handler.js:271:13)
    at ClientRequest.<anonymous> (/app/router/node_modules/@sap/approuter/lib/middleware/request-handler.js:107:7)
    at ClientRequest.emit (node:events:524:28)
    at emitErrorEvent (node:_http_client:104:11)
    at Socket.socketOnData (node:_http_client:567:5)
    at Socket.emit (node:events:524:28)
    at addChunk (node:internal/streams/readable:561:12)
    at readableAddChunkPushByteMode (node:internal/streams/readable:512:3)
    at Readable.push (node:internal/streams/readable:392:5)
    at TCP.onStreamRead (node:internal/stream_base_commons:189:23)
#2.0#2025 04 01 16:05:10:931#+02:00#INFO#/request/incoming#####241cddd5-dbe7-47b0-a5d0-b9c2c196f0d2##########m8yklfgo#PLAIN##GET to / took 11 ms to complete with status code 502. 910 bytes sent by the client. 393 bytes sent back to the client#

Expected Behavior:
The root page should load correctly with the injected modifications.

Proposed Fix:
Remove the Content-Length header before modifying the response, allowing the server to recalculate it dynamically.

router.get("/", (req, res, next) => {
  const originalEnd = res.end;

  res.end = function (content: any, encoding?: BufferEncoding) {

    if (typeof content === "string" && content.includes("<html>")) {
      cdsLaunchpadLogger._debug && cdsLaunchpadLogger.debug("Injecting Launchpad link into CAP index page...");

      content = content.replace(
        /<h2> Web Applications: <\/h2>/,
        `<h2><b><a href="${options.basePath}">Sandbox Launchpad</a></b></h2><h2>Web Applications: </h2>`
      );

      // Remove Content-Length header to avoid issues with @sap/approuter (removing it lets the server recalculate)
      res.removeHeader("Content-Length");
    } else {
      cdsLaunchpadLogger.warn("Unexpected response format. Skipping modification of CAP index page.");
    }

    originalEnd.call(res, content, encoding);
  };

  next();
});