@agent-native/core 0.15.1 → 0.15.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/server/auth.d.ts +3 -4
- package/dist/server/auth.d.ts.map +1 -1
- package/dist/server/auth.js.map +1 -1
- package/dist/server/google-auth-plugin.d.ts +2 -2
- package/dist/server/google-auth-plugin.d.ts.map +1 -1
- package/dist/server/google-auth-plugin.js +25 -3
- package/dist/server/google-auth-plugin.js.map +1 -1
- package/dist/server/onboarding-html.d.ts +2 -2
- package/dist/server/onboarding-html.d.ts.map +1 -1
- package/dist/server/onboarding-html.js +27 -7
- package/dist/server/onboarding-html.js.map +1 -1
- package/package.json +1 -1
- package/dist/client/dev-mode.d.ts +0 -14
- package/dist/client/dev-mode.d.ts.map +0 -1
- package/dist/client/dev-mode.js +0 -14
- package/dist/client/dev-mode.js.map +0 -1
- package/dist/client/extensions/EmbeddedTool.d.ts +0 -20
- package/dist/client/extensions/EmbeddedTool.d.ts.map +0 -1
- package/dist/client/extensions/EmbeddedTool.js +0 -199
- package/dist/client/extensions/EmbeddedTool.js.map +0 -1
- package/dist/client/extensions/ToolEditor.d.ts +0 -5
- package/dist/client/extensions/ToolEditor.d.ts.map +0 -1
- package/dist/client/extensions/ToolEditor.js +0 -129
- package/dist/client/extensions/ToolEditor.js.map +0 -1
- package/dist/client/extensions/ToolViewer.d.ts +0 -5
- package/dist/client/extensions/ToolViewer.d.ts.map +0 -1
- package/dist/client/extensions/ToolViewer.js +0 -400
- package/dist/client/extensions/ToolViewer.js.map +0 -1
- package/dist/client/extensions/ToolViewerPage.d.ts +0 -2
- package/dist/client/extensions/ToolViewerPage.d.ts.map +0 -1
- package/dist/client/extensions/ToolViewerPage.js +0 -24
- package/dist/client/extensions/ToolViewerPage.js.map +0 -1
- package/dist/client/extensions/ToolsListPage.d.ts +0 -2
- package/dist/client/extensions/ToolsListPage.d.ts.map +0 -1
- package/dist/client/extensions/ToolsListPage.js +0 -67
- package/dist/client/extensions/ToolsListPage.js.map +0 -1
- package/dist/client/extensions/ToolsSidebarSection.d.ts +0 -2
- package/dist/client/extensions/ToolsSidebarSection.d.ts.map +0 -1
- package/dist/client/extensions/ToolsSidebarSection.js +0 -236
- package/dist/client/extensions/ToolsSidebarSection.js.map +0 -1
- package/dist/client/extensions/tool-order.d.ts +0 -7
- package/dist/client/extensions/tool-order.d.ts.map +0 -1
- package/dist/client/extensions/tool-order.js +0 -47
- package/dist/client/extensions/tool-order.js.map +0 -1
- package/dist/client/tools/EmbeddedTool.d.ts +0 -20
- package/dist/client/tools/EmbeddedTool.d.ts.map +0 -1
- package/dist/client/tools/EmbeddedTool.js +0 -199
- package/dist/client/tools/EmbeddedTool.js.map +0 -1
- package/dist/client/tools/ExtensionSlot.d.ts +0 -27
- package/dist/client/tools/ExtensionSlot.d.ts.map +0 -1
- package/dist/client/tools/ExtensionSlot.js +0 -96
- package/dist/client/tools/ExtensionSlot.js.map +0 -1
- package/dist/client/tools/ToolEditor.d.ts +0 -5
- package/dist/client/tools/ToolEditor.d.ts.map +0 -1
- package/dist/client/tools/ToolEditor.js +0 -129
- package/dist/client/tools/ToolEditor.js.map +0 -1
- package/dist/client/tools/ToolViewer.d.ts +0 -5
- package/dist/client/tools/ToolViewer.d.ts.map +0 -1
- package/dist/client/tools/ToolViewer.js +0 -400
- package/dist/client/tools/ToolViewer.js.map +0 -1
- package/dist/client/tools/ToolViewerPage.d.ts +0 -2
- package/dist/client/tools/ToolViewerPage.d.ts.map +0 -1
- package/dist/client/tools/ToolViewerPage.js +0 -24
- package/dist/client/tools/ToolViewerPage.js.map +0 -1
- package/dist/client/tools/ToolsListPage.d.ts +0 -2
- package/dist/client/tools/ToolsListPage.d.ts.map +0 -1
- package/dist/client/tools/ToolsListPage.js +0 -67
- package/dist/client/tools/ToolsListPage.js.map +0 -1
- package/dist/client/tools/ToolsSidebarSection.d.ts +0 -2
- package/dist/client/tools/ToolsSidebarSection.d.ts.map +0 -1
- package/dist/client/tools/ToolsSidebarSection.js +0 -236
- package/dist/client/tools/ToolsSidebarSection.js.map +0 -1
- package/dist/client/tools/iframe-bridge.d.ts +0 -38
- package/dist/client/tools/iframe-bridge.d.ts.map +0 -1
- package/dist/client/tools/iframe-bridge.js +0 -207
- package/dist/client/tools/iframe-bridge.js.map +0 -1
- package/dist/client/tools/index.d.ts +0 -8
- package/dist/client/tools/index.d.ts.map +0 -1
- package/dist/client/tools/index.js +0 -8
- package/dist/client/tools/index.js.map +0 -1
- package/dist/client/tools/tool-order.d.ts +0 -7
- package/dist/client/tools/tool-order.d.ts.map +0 -1
- package/dist/client/tools/tool-order.js +0 -47
- package/dist/client/tools/tool-order.js.map +0 -1
- package/dist/server/local-migration.d.ts +0 -41
- package/dist/server/local-migration.d.ts.map +0 -1
- package/dist/server/local-migration.js +0 -235
- package/dist/server/local-migration.js.map +0 -1
- package/dist/tools/actions.d.ts +0 -3
- package/dist/tools/actions.d.ts.map +0 -1
- package/dist/tools/actions.js +0 -272
- package/dist/tools/actions.js.map +0 -1
- package/dist/tools/fetch-tool.d.ts +0 -23
- package/dist/tools/fetch-tool.d.ts.map +0 -1
- package/dist/tools/fetch-tool.js +0 -178
- package/dist/tools/fetch-tool.js.map +0 -1
- package/dist/tools/html-shell.d.ts +0 -45
- package/dist/tools/html-shell.d.ts.map +0 -1
- package/dist/tools/html-shell.js +0 -514
- package/dist/tools/html-shell.js.map +0 -1
- package/dist/tools/proxy-security.d.ts +0 -12
- package/dist/tools/proxy-security.d.ts.map +0 -1
- package/dist/tools/proxy-security.js +0 -158
- package/dist/tools/proxy-security.js.map +0 -1
- package/dist/tools/routes.d.ts +0 -2
- package/dist/tools/routes.d.ts.map +0 -1
- package/dist/tools/routes.js +0 -627
- package/dist/tools/routes.js.map +0 -1
- package/dist/tools/schema.d.ts +0 -664
- package/dist/tools/schema.d.ts.map +0 -1
- package/dist/tools/schema.js +0 -146
- package/dist/tools/schema.js.map +0 -1
- package/dist/tools/slots/routes.d.ts +0 -15
- package/dist/tools/slots/routes.d.ts.map +0 -1
- package/dist/tools/slots/routes.js +0 -94
- package/dist/tools/slots/routes.js.map +0 -1
- package/dist/tools/slots/schema.d.ts +0 -303
- package/dist/tools/slots/schema.d.ts.map +0 -1
- package/dist/tools/slots/schema.js +0 -76
- package/dist/tools/slots/schema.js.map +0 -1
- package/dist/tools/slots/store.d.ts +0 -66
- package/dist/tools/slots/store.d.ts.map +0 -1
- package/dist/tools/slots/store.js +0 -227
- package/dist/tools/slots/store.js.map +0 -1
- package/dist/tools/store.d.ts +0 -40
- package/dist/tools/store.d.ts.map +0 -1
- package/dist/tools/store.js +0 -193
- package/dist/tools/store.js.map +0 -1
- package/dist/tools/theme.d.ts +0 -2
- package/dist/tools/theme.d.ts.map +0 -1
- package/dist/tools/theme.js +0 -67
- package/dist/tools/theme.js.map +0 -1
- package/dist/tools/url-safety.d.ts +0 -24
- package/dist/tools/url-safety.d.ts.map +0 -1
- package/dist/tools/url-safety.js +0 -224
- package/dist/tools/url-safety.js.map +0 -1
|
@@ -1,158 +0,0 @@
|
|
|
1
|
-
const HEADER_NAME_RE = /^[!#$%&'*+.^_`|~0-9A-Za-z-]+$/;
|
|
2
|
-
const BLOCKED_OUTBOUND_HEADERS = new Set([
|
|
3
|
-
"connection",
|
|
4
|
-
"content-length",
|
|
5
|
-
"cookie",
|
|
6
|
-
"forwarded",
|
|
7
|
-
"host",
|
|
8
|
-
"keep-alive",
|
|
9
|
-
"origin",
|
|
10
|
-
"proxy-authenticate",
|
|
11
|
-
"proxy-authorization",
|
|
12
|
-
"referer",
|
|
13
|
-
"set-cookie",
|
|
14
|
-
"te",
|
|
15
|
-
"trailer",
|
|
16
|
-
"transfer-encoding",
|
|
17
|
-
"upgrade",
|
|
18
|
-
"x-forwarded-for",
|
|
19
|
-
"x-forwarded-host",
|
|
20
|
-
"x-forwarded-proto",
|
|
21
|
-
]);
|
|
22
|
-
export const MAX_TOOL_PROXY_RESPONSE_SIZE = 1024 * 1024;
|
|
23
|
-
const ALLOWED_METHODS = new Set([
|
|
24
|
-
"GET",
|
|
25
|
-
"POST",
|
|
26
|
-
"PUT",
|
|
27
|
-
"PATCH",
|
|
28
|
-
"DELETE",
|
|
29
|
-
"HEAD",
|
|
30
|
-
]);
|
|
31
|
-
export function normalizeToolProxyMethod(value) {
|
|
32
|
-
const method = String(value || "GET").toUpperCase();
|
|
33
|
-
return ALLOWED_METHODS.has(method) ? method : null;
|
|
34
|
-
}
|
|
35
|
-
export function sanitizeOutboundHeaders(value) {
|
|
36
|
-
if (!value || typeof value !== "object" || Array.isArray(value))
|
|
37
|
-
return {};
|
|
38
|
-
const headers = {};
|
|
39
|
-
for (const [name, rawValue] of Object.entries(value)) {
|
|
40
|
-
const lower = name.toLowerCase();
|
|
41
|
-
if (!HEADER_NAME_RE.test(name) || BLOCKED_OUTBOUND_HEADERS.has(lower)) {
|
|
42
|
-
continue;
|
|
43
|
-
}
|
|
44
|
-
if (rawValue === undefined || rawValue === null)
|
|
45
|
-
continue;
|
|
46
|
-
const headerValue = String(rawValue);
|
|
47
|
-
if (/[\r\n]/.test(headerValue))
|
|
48
|
-
continue;
|
|
49
|
-
headers[name] = headerValue;
|
|
50
|
-
}
|
|
51
|
-
return headers;
|
|
52
|
-
}
|
|
53
|
-
export function collectSecretValues(...groups) {
|
|
54
|
-
const values = new Set();
|
|
55
|
-
for (const group of groups) {
|
|
56
|
-
for (const value of group ?? []) {
|
|
57
|
-
if (value)
|
|
58
|
-
values.add(value);
|
|
59
|
-
}
|
|
60
|
-
}
|
|
61
|
-
return [...values].sort((a, b) => b.length - a.length);
|
|
62
|
-
}
|
|
63
|
-
export function redactSecrets(value, secretValues) {
|
|
64
|
-
if (secretValues.length === 0)
|
|
65
|
-
return value;
|
|
66
|
-
if (typeof value === "string") {
|
|
67
|
-
return redactString(value, secretValues);
|
|
68
|
-
}
|
|
69
|
-
if (Array.isArray(value)) {
|
|
70
|
-
return value.map((item) => redactSecrets(item, secretValues));
|
|
71
|
-
}
|
|
72
|
-
if (value && typeof value === "object") {
|
|
73
|
-
return Object.fromEntries(Object.entries(value).map(([key, entry]) => [
|
|
74
|
-
key,
|
|
75
|
-
redactSecrets(entry, secretValues),
|
|
76
|
-
]));
|
|
77
|
-
}
|
|
78
|
-
return value;
|
|
79
|
-
}
|
|
80
|
-
export function redactString(text, secretValues) {
|
|
81
|
-
let out = text;
|
|
82
|
-
for (const secret of secretValues) {
|
|
83
|
-
for (const candidate of redactionCandidates(secret)) {
|
|
84
|
-
if (candidate)
|
|
85
|
-
out = out.split(candidate).join("[redacted]");
|
|
86
|
-
}
|
|
87
|
-
}
|
|
88
|
-
return out;
|
|
89
|
-
}
|
|
90
|
-
function redactionCandidates(secret) {
|
|
91
|
-
const candidates = new Set([secret]);
|
|
92
|
-
try {
|
|
93
|
-
candidates.add(encodeURIComponent(secret));
|
|
94
|
-
}
|
|
95
|
-
catch { }
|
|
96
|
-
try {
|
|
97
|
-
candidates.add(encodeURI(secret));
|
|
98
|
-
}
|
|
99
|
-
catch { }
|
|
100
|
-
return [...candidates].sort((a, b) => b.length - a.length);
|
|
101
|
-
}
|
|
102
|
-
export async function readResponseTextWithLimit(response, maxBytes = MAX_TOOL_PROXY_RESPONSE_SIZE) {
|
|
103
|
-
const contentLength = response.headers.get("content-length");
|
|
104
|
-
if (contentLength && Number(contentLength) > maxBytes) {
|
|
105
|
-
return {
|
|
106
|
-
text: `(response too large - ${contentLength} bytes, max ${maxBytes})`,
|
|
107
|
-
truncated: true,
|
|
108
|
-
size: Number(contentLength),
|
|
109
|
-
};
|
|
110
|
-
}
|
|
111
|
-
const reader = response.body?.getReader?.();
|
|
112
|
-
if (!reader) {
|
|
113
|
-
const buffer = await response.arrayBuffer();
|
|
114
|
-
if (buffer.byteLength > maxBytes) {
|
|
115
|
-
return {
|
|
116
|
-
text: `(response truncated - ${buffer.byteLength} bytes, max ${maxBytes})`,
|
|
117
|
-
truncated: true,
|
|
118
|
-
size: buffer.byteLength,
|
|
119
|
-
};
|
|
120
|
-
}
|
|
121
|
-
return {
|
|
122
|
-
text: new TextDecoder().decode(buffer),
|
|
123
|
-
truncated: false,
|
|
124
|
-
size: buffer.byteLength,
|
|
125
|
-
};
|
|
126
|
-
}
|
|
127
|
-
const chunks = [];
|
|
128
|
-
let total = 0;
|
|
129
|
-
while (true) {
|
|
130
|
-
const { done, value } = await reader.read();
|
|
131
|
-
if (done)
|
|
132
|
-
break;
|
|
133
|
-
if (!value)
|
|
134
|
-
continue;
|
|
135
|
-
total += value.byteLength;
|
|
136
|
-
if (total > maxBytes) {
|
|
137
|
-
await reader.cancel().catch(() => { });
|
|
138
|
-
return {
|
|
139
|
-
text: `(response truncated - ${total} bytes, max ${maxBytes})`,
|
|
140
|
-
truncated: true,
|
|
141
|
-
size: total,
|
|
142
|
-
};
|
|
143
|
-
}
|
|
144
|
-
chunks.push(value);
|
|
145
|
-
}
|
|
146
|
-
const buffer = new Uint8Array(total);
|
|
147
|
-
let offset = 0;
|
|
148
|
-
for (const chunk of chunks) {
|
|
149
|
-
buffer.set(chunk, offset);
|
|
150
|
-
offset += chunk.byteLength;
|
|
151
|
-
}
|
|
152
|
-
return {
|
|
153
|
-
text: new TextDecoder().decode(buffer),
|
|
154
|
-
truncated: false,
|
|
155
|
-
size: total,
|
|
156
|
-
};
|
|
157
|
-
}
|
|
158
|
-
//# sourceMappingURL=proxy-security.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"proxy-security.js","sourceRoot":"","sources":["../../src/tools/proxy-security.ts"],"names":[],"mappings":"AAAA,MAAM,cAAc,GAAG,+BAA+B,CAAC;AAEvD,MAAM,wBAAwB,GAAG,IAAI,GAAG,CAAC;IACvC,YAAY;IACZ,gBAAgB;IAChB,QAAQ;IACR,WAAW;IACX,MAAM;IACN,YAAY;IACZ,QAAQ;IACR,oBAAoB;IACpB,qBAAqB;IACrB,SAAS;IACT,YAAY;IACZ,IAAI;IACJ,SAAS;IACT,mBAAmB;IACnB,SAAS;IACT,iBAAiB;IACjB,kBAAkB;IAClB,mBAAmB;CACpB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,4BAA4B,GAAG,IAAI,GAAG,IAAI,CAAC;AAExD,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC;IAC9B,KAAK;IACL,MAAM;IACN,KAAK;IACL,OAAO;IACP,QAAQ;IACR,MAAM;CACP,CAAC,CAAC;AAEH,MAAM,UAAU,wBAAwB,CAAC,KAAc;IACrD,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;IACpD,OAAO,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC;AACrD,CAAC;AAED,MAAM,UAAU,uBAAuB,CACrC,KAAc;IAEd,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAE3E,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,KAAK,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACrD,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACjC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,wBAAwB,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACtE,SAAS;QACX,CAAC;QACD,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,KAAK,IAAI;YAAE,SAAS;QAC1D,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,IAAI,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC;YAAE,SAAS;QACzC,OAAO,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC;IAC9B,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,mBAAmB,CACjC,GAAG,MAAwC;IAE3C,MAAM,MAAM,GAAG,IAAI,GAAG,EAAU,CAAC;IACjC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,KAAK,MAAM,KAAK,IAAI,KAAK,IAAI,EAAE,EAAE,CAAC;YAChC,IAAI,KAAK;gBAAE,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IACD,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;AACzD,CAAC;AAED,MAAM,UAAU,aAAa,CAAI,KAAQ,EAAE,YAAsB;IAC/D,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,YAAY,CAAC,KAAK,EAAE,YAAY,CAAM,CAAC;IAChD,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,YAAY,CAAC,CAAM,CAAC;IACrE,CAAC;IACD,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACvC,OAAO,MAAM,CAAC,WAAW,CACvB,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC;YAC1C,GAAG;YACH,aAAa,CAAC,KAAK,EAAE,YAAY,CAAC;SACnC,CAAC,CACE,CAAC;IACT,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,IAAY,EAAE,YAAsB;IAC/D,IAAI,GAAG,GAAG,IAAI,CAAC;IACf,KAAK,MAAM,MAAM,IAAI,YAAY,EAAE,CAAC;QAClC,KAAK,MAAM,SAAS,IAAI,mBAAmB,CAAC,MAAM,CAAC,EAAE,CAAC;YACpD,IAAI,SAAS;gBAAE,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,mBAAmB,CAAC,MAAc;IACzC,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;IACrC,IAAI,CAAC;QACH,UAAU,CAAC,GAAG,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC;IAC7C,CAAC;IAAC,MAAM,CAAC,CAAA,CAAC;IACV,IAAI,CAAC;QACH,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IACpC,CAAC;IAAC,MAAM,CAAC,CAAA,CAAC;IACV,OAAO,CAAC,GAAG,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC;AAC7D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAC7C,QAAkB,EAClB,QAAQ,GAAG,4BAA4B;IAEvC,MAAM,aAAa,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC7D,IAAI,aAAa,IAAI,MAAM,CAAC,aAAa,CAAC,GAAG,QAAQ,EAAE,CAAC;QACtD,OAAO;YACL,IAAI,EAAE,yBAAyB,aAAa,eAAe,QAAQ,GAAG;YACtE,SAAS,EAAE,IAAI;YACf,IAAI,EAAE,MAAM,CAAC,aAAa,CAAC;SAC5B,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,EAAE,SAAS,EAAE,EAAE,CAAC;IAC5C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,WAAW,EAAE,CAAC;QAC5C,IAAI,MAAM,CAAC,UAAU,GAAG,QAAQ,EAAE,CAAC;YACjC,OAAO;gBACL,IAAI,EAAE,yBAAyB,MAAM,CAAC,UAAU,eAAe,QAAQ,GAAG;gBAC1E,SAAS,EAAE,IAAI;gBACf,IAAI,EAAE,MAAM,CAAC,UAAU;aACxB,CAAC;QACJ,CAAC;QACD,OAAO;YACL,IAAI,EAAE,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC;YACtC,SAAS,EAAE,KAAK;YAChB,IAAI,EAAE,MAAM,CAAC,UAAU;SACxB,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAiB,EAAE,CAAC;IAChC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,OAAO,IAAI,EAAE,CAAC;QACZ,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,IAAI;YAAE,MAAM;QAChB,IAAI,CAAC,KAAK;YAAE,SAAS;QACrB,KAAK,IAAI,KAAK,CAAC,UAAU,CAAC;QAC1B,IAAI,KAAK,GAAG,QAAQ,EAAE,CAAC;YACrB,MAAM,MAAM,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;YACtC,OAAO;gBACL,IAAI,EAAE,yBAAyB,KAAK,eAAe,QAAQ,GAAG;gBAC9D,SAAS,EAAE,IAAI;gBACf,IAAI,EAAE,KAAK;aACZ,CAAC;QACJ,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrB,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,KAAK,CAAC,CAAC;IACrC,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,UAAU,CAAC;IAC7B,CAAC;IAED,OAAO;QACL,IAAI,EAAE,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC;QACtC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,KAAK;KACZ,CAAC;AACJ,CAAC","sourcesContent":["const HEADER_NAME_RE = /^[!#$%&'*+.^_`|~0-9A-Za-z-]+$/;\n\nconst BLOCKED_OUTBOUND_HEADERS = new Set([\n \"connection\",\n \"content-length\",\n \"cookie\",\n \"forwarded\",\n \"host\",\n \"keep-alive\",\n \"origin\",\n \"proxy-authenticate\",\n \"proxy-authorization\",\n \"referer\",\n \"set-cookie\",\n \"te\",\n \"trailer\",\n \"transfer-encoding\",\n \"upgrade\",\n \"x-forwarded-for\",\n \"x-forwarded-host\",\n \"x-forwarded-proto\",\n]);\n\nexport const MAX_TOOL_PROXY_RESPONSE_SIZE = 1024 * 1024;\n\nconst ALLOWED_METHODS = new Set([\n \"GET\",\n \"POST\",\n \"PUT\",\n \"PATCH\",\n \"DELETE\",\n \"HEAD\",\n]);\n\nexport function normalizeToolProxyMethod(value: unknown): string | null {\n const method = String(value || \"GET\").toUpperCase();\n return ALLOWED_METHODS.has(method) ? method : null;\n}\n\nexport function sanitizeOutboundHeaders(\n value: unknown,\n): Record<string, string> {\n if (!value || typeof value !== \"object\" || Array.isArray(value)) return {};\n\n const headers: Record<string, string> = {};\n for (const [name, rawValue] of Object.entries(value)) {\n const lower = name.toLowerCase();\n if (!HEADER_NAME_RE.test(name) || BLOCKED_OUTBOUND_HEADERS.has(lower)) {\n continue;\n }\n if (rawValue === undefined || rawValue === null) continue;\n const headerValue = String(rawValue);\n if (/[\\r\\n]/.test(headerValue)) continue;\n headers[name] = headerValue;\n }\n return headers;\n}\n\nexport function collectSecretValues(\n ...groups: Array<Array<string> | undefined>\n): string[] {\n const values = new Set<string>();\n for (const group of groups) {\n for (const value of group ?? []) {\n if (value) values.add(value);\n }\n }\n return [...values].sort((a, b) => b.length - a.length);\n}\n\nexport function redactSecrets<T>(value: T, secretValues: string[]): T {\n if (secretValues.length === 0) return value;\n if (typeof value === \"string\") {\n return redactString(value, secretValues) as T;\n }\n if (Array.isArray(value)) {\n return value.map((item) => redactSecrets(item, secretValues)) as T;\n }\n if (value && typeof value === \"object\") {\n return Object.fromEntries(\n Object.entries(value).map(([key, entry]) => [\n key,\n redactSecrets(entry, secretValues),\n ]),\n ) as T;\n }\n return value;\n}\n\nexport function redactString(text: string, secretValues: string[]): string {\n let out = text;\n for (const secret of secretValues) {\n for (const candidate of redactionCandidates(secret)) {\n if (candidate) out = out.split(candidate).join(\"[redacted]\");\n }\n }\n return out;\n}\n\nfunction redactionCandidates(secret: string): string[] {\n const candidates = new Set([secret]);\n try {\n candidates.add(encodeURIComponent(secret));\n } catch {}\n try {\n candidates.add(encodeURI(secret));\n } catch {}\n return [...candidates].sort((a, b) => b.length - a.length);\n}\n\nexport async function readResponseTextWithLimit(\n response: Response,\n maxBytes = MAX_TOOL_PROXY_RESPONSE_SIZE,\n): Promise<{ text: string; truncated: boolean; size: number }> {\n const contentLength = response.headers.get(\"content-length\");\n if (contentLength && Number(contentLength) > maxBytes) {\n return {\n text: `(response too large - ${contentLength} bytes, max ${maxBytes})`,\n truncated: true,\n size: Number(contentLength),\n };\n }\n\n const reader = response.body?.getReader?.();\n if (!reader) {\n const buffer = await response.arrayBuffer();\n if (buffer.byteLength > maxBytes) {\n return {\n text: `(response truncated - ${buffer.byteLength} bytes, max ${maxBytes})`,\n truncated: true,\n size: buffer.byteLength,\n };\n }\n return {\n text: new TextDecoder().decode(buffer),\n truncated: false,\n size: buffer.byteLength,\n };\n }\n\n const chunks: Uint8Array[] = [];\n let total = 0;\n while (true) {\n const { done, value } = await reader.read();\n if (done) break;\n if (!value) continue;\n total += value.byteLength;\n if (total > maxBytes) {\n await reader.cancel().catch(() => {});\n return {\n text: `(response truncated - ${total} bytes, max ${maxBytes})`,\n truncated: true,\n size: total,\n };\n }\n chunks.push(value);\n }\n\n const buffer = new Uint8Array(total);\n let offset = 0;\n for (const chunk of chunks) {\n buffer.set(chunk, offset);\n offset += chunk.byteLength;\n }\n\n return {\n text: new TextDecoder().decode(buffer),\n truncated: false,\n size: total,\n };\n}\n"]}
|
package/dist/tools/routes.d.ts
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"routes.d.ts","sourceRoot":"","sources":["../../src/tools/routes.ts"],"names":[],"mappings":"AA+CA,wBAAgB,kBAAkB,2FA8BjC"}
|