CaptainCodeman
commented
4 months ago No, it doesn't, because +server is for REST endpoints and has no bearing on +layout which is for page rendering (and vice versa). +layout.server can access the same server-side event props that +server can, that's the only similarity.
They only reside together because that is how routes are defined. +server is really apart from the other files because it's usually rendering JSON (although it can render anything - XML sitemaps, PDF files etc..), whereas all the others are concerned with rendering pages, either the HTML or the data that the page needs.
As for security, expecting any checks in +layout.server to protect any routes underneath is a mistake, unless they all await the parent load fn which can be a performance killer.
The rest of the page does make the distinction between "pages", but it could maybe change that initial wording to something like:
"+layout and +error files apply to pages in subdirectories as well as pages in the directory they live in"
Describe the bug
As far as I can tell,
+server.tsdoes not inherit from+layout. I propose to draw a clearer distinction between+server.tsand the other +files.For example, an auth guard placed in
routes/(app)/+layout.server.tsdoes not protectroutes/(app)/api/+server.ts. (relevant discord thread)An inverse example showing the other +files are highly connected is when using
+page@.svelte. In this case, it also affects which+page(.server).tsgets loaded.The above shows that of the 4 +files,
+server.tsis logically distinct. Aside from using the same file system to determine its route, it has nothing to do with the other 3 +files and doesn't inherit from any of them.But the docs seem to imply that
+server.tsis a part of the family in the way that it is presented:+layout and +error files apply to subdirectories as well as the directory they live inReproduction
.
Logs
No response
System Info
Severity
annoyance
Additional Information
No response