npm - @appwarden/middleware - Versions diffs - 3.11.1 → 3.11.3 - Mend

@appwarden/middleware 3.11.1 → 3.11.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/README.md +1 -1
package/chunk-4ADGOFLV.js +37 -0
package/{chunk-KE2UVIYR.js → chunk-AY4ZKZTF.js} +45 -3
package/{chunk-ZOYE6D3A.js → chunk-QC2ZUZWY.js} +3 -3
package/{chunk-QUVGY2YI.js → chunk-R7TXTHSG.js} +4 -21
package/{chunk-K7ZIT3FM.js → chunk-WBWF3PPX.js} +5 -3
package/chunk-WEM7GS4M.js +29 -0
package/{chunk-2WPLLVUI.js → chunk-ZTVJBORU.js} +1 -43
package/cloudflare/astro.d.ts +1 -1
package/cloudflare/astro.js +13 -10
package/cloudflare/nextjs.d.ts +1 -1
package/cloudflare/nextjs.js +13 -10
package/cloudflare/react-router.d.ts +1 -1
package/cloudflare/react-router.js +13 -10
package/cloudflare/tanstack-start.d.ts +1 -1
package/cloudflare/tanstack-start.js +13 -10
package/{cloudflare-JVRRPVRP.js → cloudflare-MAHYENA6.js} +2 -1
package/cloudflare.d.ts +8 -8
package/cloudflare.js +12 -37
package/index.d.ts +414 -2
package/index.js +6 -6
package/package.json +2 -2
package/{use-content-security-policy-DpmIa2tk.d.ts → use-content-security-policy-CvdzUPYF.d.ts} +10 -3
package/vercel.d.ts +1 -1
package/vercel.js +10 -7

package/README.md CHANGED Viewed

@@ -4,7 +4,7 @@
 [![GitHub](https://img.shields.io/badge/GitHub-appwarden%2Fmiddleware-181717?logo=github&logoColor=white)](https://github.com/appwarden/middleware)
 [![npm version](https://img.shields.io/npm/v/@appwarden/middleware.svg)](https://www.npmjs.com/package/@appwarden/middleware)
 [![npm provenance](https://img.shields.io/badge/npm-provenance-green)](https://docs.npmjs.com/generating-provenance-statements)
-![Test Coverage](https://img.shields.io/badge/coverage-93.04%25-brightgreen)
+![Test Coverage](https://img.shields.io/badge/coverage-93.07%25-brightgreen)
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
 ## Core Features

package/chunk-4ADGOFLV.js ADDED Viewed

@@ -0,0 +1,37 @@
+import {
+  UseCSPInputSchema
+} from "./chunk-ZTVJBORU.js";
+import {
+  AppwardenApiHostnameSchema,
+  AppwardenApiTokenSchema,
+  BooleanSchema
+} from "./chunk-WEM7GS4M.js";
+// src/schemas/use-appwarden.ts
+import { z } from "zod";
+var AppwardenMultidomainConfigSchema = z.record(
+  z.string(),
+  z.object({
+    lockPageSlug: z.string(),
+    contentSecurityPolicy: z.lazy(() => UseCSPInputSchema).optional(),
+    debug: BooleanSchema.optional()
+  })
+);
+var UseAppwardenInputSchema = z.object({
+  debug: BooleanSchema.default(false),
+  lockPageSlug: z.string().optional(),
+  multidomainConfig: AppwardenMultidomainConfigSchema.optional(),
+  appwardenApiToken: AppwardenApiTokenSchema,
+  appwardenApiHostname: AppwardenApiHostnameSchema.optional()
+});
+var lockPageSlugRefinement = (schema) => schema.refine(
+  (data) => data.lockPageSlug || data.multidomainConfig,
+  {
+    message: "lockPageSlug must be provided"
+  }
+);
+export {
+  UseAppwardenInputSchema,
+  lockPageSlugRefinement
+};

package/{chunk-KE2UVIYR.js → chunk-AY4ZKZTF.js} RENAMED Viewed

@@ -1,9 +1,9 @@
 import {
   LOCKDOWN_TEST_EXPIRY_MS
-} from "./chunk-2WPLLVUI.js";
+} from "./chunk-ZTVJBORU.js";
 import {
   printMessage
-} from "./chunk-QUVGY2YI.js";
+} from "./chunk-R7TXTHSG.js";
 // src/utils/build-lock-page-url.ts
 function normalizeLockPageSlug(lockPageSlug) {
@@ -110,11 +110,53 @@ var MemoryCache = class {
   };
 };
+// src/utils/request-checks.ts
+function isHTMLResponse(response) {
+  return response.headers.get("Content-Type")?.includes("text/html") ?? false;
+}
+function isHTMLRequest(request) {
+  const accept = request.headers.get("accept");
+  if (!accept) {
+    return false;
+  }
+  const normalizedAccept = accept.toLowerCase();
+  const isWildcardOnlyAccept = (value) => {
+    const mediaRanges2 = value.split(",");
+    let hasNonEmptyRange = false;
+    for (const range of mediaRanges2) {
+      const [typeSubtype] = range.split(";");
+      const trimmed = typeSubtype.trim();
+      if (!trimmed) {
+        continue;
+      }
+      hasNonEmptyRange = true;
+      if (trimmed !== "*/*" && trimmed !== "*") {
+        return false;
+      }
+    }
+    return hasNonEmptyRange;
+  };
+  if (isWildcardOnlyAccept(normalizedAccept)) {
+    return false;
+  }
+  const mediaRanges = normalizedAccept.split(",");
+  for (const range of mediaRanges) {
+    const [typeSubtype] = range.split(";");
+    const token = typeSubtype.trim();
+    if (token === "text/html") {
+      return true;
+    }
+  }
+  return false;
+}
 export {
   buildLockPageUrl,
   isOnLockPage,
   TEMPORARY_REDIRECT_STATUS,
   createRedirect,
   debug,
-  MemoryCache
+  MemoryCache,
+  isHTMLResponse,
+  isHTMLRequest
 };

package/{chunk-ZOYE6D3A.js → chunk-QC2ZUZWY.js} RENAMED Viewed

@@ -1,17 +1,17 @@
 import {
   MemoryCache,
   debug
-} from "./chunk-KE2UVIYR.js";
+} from "./chunk-AY4ZKZTF.js";
 import {
   APPWARDEN_CACHE_KEY,
   APPWARDEN_TEST_ROUTE
-} from "./chunk-2WPLLVUI.js";
+} from "./chunk-ZTVJBORU.js";
 import {
   deleteEdgeValue,
   getLockValue,
   store,
   syncEdgeValue
-} from "./chunk-QUVGY2YI.js";
+} from "./chunk-R7TXTHSG.js";
 // src/core/check-lock-status.ts
 var createContext = async (config) => {

package/{chunk-QUVGY2YI.js → chunk-R7TXTHSG.js} RENAMED Viewed

@@ -1,3 +1,7 @@
+import {
+  LockValue
+} from "./chunk-WEM7GS4M.js";
 // src/utils/cloudflare/cloudflare-cache.ts
 var store = {
   json: (context, cacheKey, options) => {
@@ -101,24 +105,6 @@ var deleteEdgeValue = async (context) => {
   }
 };
-// src/schemas/helpers.ts
-import { z } from "zod";
-var BoolOrStringSchema = z.union([z.string(), z.boolean()]).optional();
-var BooleanSchema = BoolOrStringSchema.transform((val) => {
-  if (val === "true" || val === true) {
-    return true;
-  } else if (val === "false" || val === false) {
-    return false;
-  }
-  throw new Error("Invalid value");
-});
-var AppwardenApiTokenSchema = z.string().refine((val) => !!val, { message: "appwardenApiToken is required" });
-var LockValue = z.object({
-  isLocked: z.number(),
-  isLockedTest: z.number(),
-  lastCheck: z.number()
-});
 // src/utils/errors.ts
 var errorsMap = {
   mode: '`CSP_MODE` must be one of "disabled", "report-only", or "enforced"',
@@ -304,9 +290,6 @@ var syncEdgeValue = async (context) => {
 export {
   printMessage,
   getErrors,
-  BooleanSchema,
-  AppwardenApiTokenSchema,
-  LockValue,
   store,
   CSP_KEYWORDS,
   isCSPKeyword,

package/{chunk-K7ZIT3FM.js → chunk-WBWF3PPX.js} RENAMED Viewed

@@ -1,10 +1,12 @@
 import {
-  UseCSPInputSchema,
   isHTMLResponse
-} from "./chunk-2WPLLVUI.js";
+} from "./chunk-AY4ZKZTF.js";
+import {
+  UseCSPInputSchema
+} from "./chunk-ZTVJBORU.js";
 import {
   makeCSPHeader
-} from "./chunk-QUVGY2YI.js";
+} from "./chunk-R7TXTHSG.js";
 // src/middlewares/use-content-security-policy.ts
 var AppendAttribute = (attribute, nonce) => ({

package/chunk-WEM7GS4M.js ADDED Viewed

@@ -0,0 +1,29 @@
+// src/schemas/helpers.ts
+import { z } from "zod";
+var BoolOrStringSchema = z.union([z.string(), z.boolean()]).optional();
+var BooleanSchema = BoolOrStringSchema.transform((val) => {
+  if (val === "true" || val === true) {
+    return true;
+  } else if (val === "false" || val === false) {
+    return false;
+  }
+  throw new Error("Invalid value");
+});
+var AppwardenApiTokenSchema = z.string().refine((val) => !!val, { message: "appwardenApiToken is required" });
+var AppwardenApiHostnameSchema = z.string().url({
+  message: "Invalid `appwardenApiHostname`. Please provide an absolute URL (e.g. https://api.appwarden.io)."
+}).refine((value) => value.startsWith("https://"), {
+  message: "`appwardenApiHostname` must use the https:// scheme (e.g. https://api.appwarden.io)."
+});
+var LockValue = z.object({
+  isLocked: z.number(),
+  isLockedTest: z.number(),
+  lastCheck: z.number()
+});
+export {
+  BooleanSchema,
+  AppwardenApiTokenSchema,
+  AppwardenApiHostnameSchema,
+  LockValue
+};

package/{chunk-2WPLLVUI.js → chunk-ZTVJBORU.js} RENAMED Viewed

@@ -40,46 +40,6 @@ var ContentSecurityPolicySchema = z.object({
   "require-trusted-types-for": stringySchema.optional()
 });
-// src/utils/request-checks.ts
-function isHTMLResponse(response) {
-  return response.headers.get("Content-Type")?.includes("text/html") ?? false;
-}
-function isHTMLRequest(request) {
-  const accept = request.headers.get("accept");
-  if (!accept) {
-    return false;
-  }
-  const normalizedAccept = accept.toLowerCase();
-  const isWildcardOnlyAccept = (value) => {
-    const mediaRanges2 = value.split(",");
-    let hasNonEmptyRange = false;
-    for (const range of mediaRanges2) {
-      const [typeSubtype] = range.split(";");
-      const trimmed = typeSubtype.trim();
-      if (!trimmed) {
-        continue;
-      }
-      hasNonEmptyRange = true;
-      if (trimmed !== "*/*" && trimmed !== "*") {
-        return false;
-      }
-    }
-    return hasNonEmptyRange;
-  };
-  if (isWildcardOnlyAccept(normalizedAccept)) {
-    return false;
-  }
-  const mediaRanges = normalizedAccept.split(",");
-  for (const range of mediaRanges) {
-    const [typeSubtype] = range.split(";");
-    const token = typeSubtype.trim();
-    if (token === "text/html") {
-      return true;
-    }
-  }
-  return false;
-}
 // src/schemas/use-content-security-policy.ts
 var CSPDirectivesSchema = z2.union([
   z2.string(),
@@ -117,7 +77,5 @@ export {
   APPWARDEN_CACHE_KEY,
   CSPDirectivesSchema,
   CSPModeSchema,
-  UseCSPInputSchema,
-  isHTMLResponse,
-  isHTMLRequest
+  UseCSPInputSchema
 };

package/cloudflare/astro.d.ts CHANGED Viewed

@@ -12,7 +12,7 @@ declare const AstroCloudflareConfigSchema: z.ZodObject<{
     /** The Appwarden API token for authentication */
     appwardenApiToken: z.ZodEffects<z.ZodString, string, string>;
     /** Optional custom API hostname (defaults to https://api.appwarden.io) */
-    appwardenApiHostname: z.ZodOptional<z.ZodString>;
+    appwardenApiHostname: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
     /** Enable debug logging */
     debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
     /** Optional Content Security Policy configuration */

package/cloudflare/astro.js CHANGED Viewed

@@ -3,29 +3,32 @@ import {
 } from "../chunk-XFG6SUSV.js";
 import {
   useContentSecurityPolicy
-} from "../chunk-K7ZIT3FM.js";
+} from "../chunk-WBWF3PPX.js";
 import {
   getNowMs
 } from "../chunk-X7WZVYQS.js";
 import {
   checkLockStatus
-} from "../chunk-ZOYE6D3A.js";
+} from "../chunk-QC2ZUZWY.js";
 import {
   TEMPORARY_REDIRECT_STATUS,
   buildLockPageUrl,
   createRedirect,
   debug,
+  isHTMLRequest,
   isOnLockPage
-} from "../chunk-KE2UVIYR.js";
+} from "../chunk-AY4ZKZTF.js";
 import {
-  UseCSPInputSchema,
-  isHTMLRequest
-} from "../chunk-2WPLLVUI.js";
+  UseCSPInputSchema
+} from "../chunk-ZTVJBORU.js";
 import {
-  AppwardenApiTokenSchema,
-  BooleanSchema,
   printMessage
-} from "../chunk-QUVGY2YI.js";
+} from "../chunk-R7TXTHSG.js";
+import {
+  AppwardenApiHostnameSchema,
+  AppwardenApiTokenSchema,
+  BooleanSchema
+} from "../chunk-WEM7GS4M.js";
 // src/adapters/astro-cloudflare.ts
 import { waitUntil } from "cloudflare:workers";
@@ -38,7 +41,7 @@ var AstroCloudflareConfigSchema = z.object({
   /** The Appwarden API token for authentication */
   appwardenApiToken: AppwardenApiTokenSchema,
   /** Optional custom API hostname (defaults to https://api.appwarden.io) */
-  appwardenApiHostname: z.string().optional(),
+  appwardenApiHostname: AppwardenApiHostnameSchema.optional(),
   /** Enable debug logging */
   debug: BooleanSchema.default(false),
   /** Optional Content Security Policy configuration */

package/cloudflare/nextjs.d.ts CHANGED Viewed

@@ -11,7 +11,7 @@ declare const NextJsCloudflareConfigSchema: z.ZodObject<{
     /** The Appwarden API token for authentication */
     appwardenApiToken: z.ZodEffects<z.ZodString, string, string>;
     /** Optional custom API hostname (defaults to https://api.appwarden.io) */
-    appwardenApiHostname: z.ZodOptional<z.ZodString>;
+    appwardenApiHostname: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
     /** Enable debug logging */
     debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
     /** Optional Content Security Policy configuration (headers only, no HTML rewriting; '{{nonce}}' is not supported) */

package/cloudflare/nextjs.js CHANGED Viewed

@@ -3,22 +3,25 @@ import {
 } from "../chunk-X7WZVYQS.js";
 import {
   checkLockStatus
-} from "../chunk-ZOYE6D3A.js";
+} from "../chunk-QC2ZUZWY.js";
 import {
   TEMPORARY_REDIRECT_STATUS,
   buildLockPageUrl,
   debug,
+  isHTMLRequest,
   isOnLockPage
-} from "../chunk-KE2UVIYR.js";
+} from "../chunk-AY4ZKZTF.js";
 import {
-  UseCSPInputSchema,
-  isHTMLRequest
-} from "../chunk-2WPLLVUI.js";
+  UseCSPInputSchema
+} from "../chunk-ZTVJBORU.js";
 import {
-  AppwardenApiTokenSchema,
-  BooleanSchema,
   printMessage
-} from "../chunk-QUVGY2YI.js";
+} from "../chunk-R7TXTHSG.js";
+import {
+  AppwardenApiHostnameSchema,
+  AppwardenApiTokenSchema,
+  BooleanSchema
+} from "../chunk-WEM7GS4M.js";
 // src/adapters/nextjs-cloudflare.ts
 import {
@@ -44,7 +47,7 @@ var NextJsCloudflareConfigSchema = z.object({
   /** The Appwarden API token for authentication */
   appwardenApiToken: AppwardenApiTokenSchema,
   /** Optional custom API hostname (defaults to https://api.appwarden.io) */
-  appwardenApiHostname: z.string().optional(),
+  appwardenApiHostname: AppwardenApiHostnameSchema.optional(),
   /** Enable debug logging */
   debug: BooleanSchema.default(false),
   /** Optional Content Security Policy configuration (headers only, no HTML rewriting; '{{nonce}}' is not supported) */
@@ -101,7 +104,7 @@ function createAppwardenMiddleware(configFn) {
         debugFn(
           `Applying CSP headers in ${config.contentSecurityPolicy.mode} mode`
         );
-        const { makeCSPHeader } = await import("../cloudflare-JVRRPVRP.js");
+        const { makeCSPHeader } = await import("../cloudflare-MAHYENA6.js");
         const [headerName, headerValue] = makeCSPHeader(
           "",
           config.contentSecurityPolicy.directives,

package/cloudflare/react-router.d.ts CHANGED Viewed

@@ -10,7 +10,7 @@ declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
     /** The Appwarden API token for authentication */
     appwardenApiToken: z.ZodEffects<z.ZodString, string, string>;
     /** Optional custom API hostname (defaults to https://api.appwarden.io) */
-    appwardenApiHostname: z.ZodOptional<z.ZodString>;
+    appwardenApiHostname: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
     /** Enable debug logging */
     debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
     /** Optional Content Security Policy configuration */

package/cloudflare/react-router.js CHANGED Viewed

@@ -3,28 +3,31 @@ import {
 } from "../chunk-XFG6SUSV.js";
 import {
   useContentSecurityPolicy
-} from "../chunk-K7ZIT3FM.js";
+} from "../chunk-WBWF3PPX.js";
 import {
   getNowMs
 } from "../chunk-X7WZVYQS.js";
 import {
   checkLockStatus
-} from "../chunk-ZOYE6D3A.js";
+} from "../chunk-QC2ZUZWY.js";
 import {
   buildLockPageUrl,
   createRedirect,
   debug,
+  isHTMLRequest,
   isOnLockPage
-} from "../chunk-KE2UVIYR.js";
+} from "../chunk-AY4ZKZTF.js";
 import {
-  UseCSPInputSchema,
-  isHTMLRequest
-} from "../chunk-2WPLLVUI.js";
+  UseCSPInputSchema
+} from "../chunk-ZTVJBORU.js";
 import {
-  AppwardenApiTokenSchema,
-  BooleanSchema,
   printMessage
-} from "../chunk-QUVGY2YI.js";
+} from "../chunk-R7TXTHSG.js";
+import {
+  AppwardenApiHostnameSchema,
+  AppwardenApiTokenSchema,
+  BooleanSchema
+} from "../chunk-WEM7GS4M.js";
 // src/adapters/react-router-cloudflare.ts
 import { waitUntil } from "cloudflare:workers";
@@ -37,7 +40,7 @@ var ReactRouterCloudflareConfigSchema = z.object({
   /** The Appwarden API token for authentication */
   appwardenApiToken: AppwardenApiTokenSchema,
   /** Optional custom API hostname (defaults to https://api.appwarden.io) */
-  appwardenApiHostname: z.string().optional(),
+  appwardenApiHostname: AppwardenApiHostnameSchema.optional(),
   /** Enable debug logging */
   debug: BooleanSchema.default(false),
   /** Optional Content Security Policy configuration */

package/cloudflare/tanstack-start.d.ts CHANGED Viewed

@@ -10,7 +10,7 @@ declare const TanStackStartCloudflareConfigSchema: z.ZodObject<{
     /** The Appwarden API token for authentication */
     appwardenApiToken: z.ZodEffects<z.ZodString, string, string>;
     /** Optional custom API hostname (defaults to https://api.appwarden.io) */
-    appwardenApiHostname: z.ZodOptional<z.ZodString>;
+    appwardenApiHostname: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
     /** Enable debug logging */
     debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
     /** Optional Content Security Policy configuration */

package/cloudflare/tanstack-start.js CHANGED Viewed

@@ -3,28 +3,31 @@ import {
 } from "../chunk-XFG6SUSV.js";
 import {
   useContentSecurityPolicy
-} from "../chunk-K7ZIT3FM.js";
+} from "../chunk-WBWF3PPX.js";
 import {
   getNowMs
 } from "../chunk-X7WZVYQS.js";
 import {
   checkLockStatus
-} from "../chunk-ZOYE6D3A.js";
+} from "../chunk-QC2ZUZWY.js";
 import {
   buildLockPageUrl,
   createRedirect,
   debug,
+  isHTMLRequest,
   isOnLockPage
-} from "../chunk-KE2UVIYR.js";
+} from "../chunk-AY4ZKZTF.js";
 import {
-  UseCSPInputSchema,
-  isHTMLRequest
-} from "../chunk-2WPLLVUI.js";
+  UseCSPInputSchema
+} from "../chunk-ZTVJBORU.js";
 import {
-  AppwardenApiTokenSchema,
-  BooleanSchema,
   printMessage
-} from "../chunk-QUVGY2YI.js";
+} from "../chunk-R7TXTHSG.js";
+import {
+  AppwardenApiHostnameSchema,
+  AppwardenApiTokenSchema,
+  BooleanSchema
+} from "../chunk-WEM7GS4M.js";
 // src/adapters/tanstack-start-cloudflare.ts
 import { waitUntil } from "cloudflare:workers";
@@ -37,7 +40,7 @@ var TanStackStartCloudflareConfigSchema = z.object({
   /** The Appwarden API token for authentication */
   appwardenApiToken: AppwardenApiTokenSchema,
   /** Optional custom API hostname (defaults to https://api.appwarden.io) */
-  appwardenApiHostname: z.string().optional(),
+  appwardenApiHostname: AppwardenApiHostnameSchema.optional(),
   /** Enable debug logging */
   debug: BooleanSchema.default(false),
   /** Optional Content Security Policy configuration */

package/{cloudflare-JVRRPVRP.js → cloudflare-MAHYENA6.js} RENAMED Viewed

@@ -11,7 +11,8 @@ import {
   makeCSPHeader,
   store,
   syncEdgeValue
-} from "./chunk-QUVGY2YI.js";
+} from "./chunk-R7TXTHSG.js";
+import "./chunk-WEM7GS4M.js";
 export {
   CSP_KEYWORDS,
   autoQuoteCSPDirectiveArray,

package/cloudflare.d.ts CHANGED Viewed

@@ -1,8 +1,7 @@
-import { B as Bindings } from './use-content-security-policy-DpmIa2tk.js';
-export { u as useContentSecurityPolicy } from './use-content-security-policy-DpmIa2tk.js';
+import { R as RequestContext, U as UseCSPInput, M as Middleware, B as Bindings } from './use-content-security-policy-CvdzUPYF.js';
 import { z } from 'zod';
-declare const UseAppwardenInputSchema: z.ZodObject<{
+declare const ConfigFnInputSchema: z.ZodFunction<z.ZodTuple<[z.ZodType<RequestContext, z.ZodTypeDef, RequestContext>], z.ZodUnknown>, z.ZodLazy<z.ZodEffects<z.ZodObject<{
     debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
     lockPageSlug: z.ZodOptional<z.ZodString>;
     multidomainConfig: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
@@ -331,7 +330,7 @@ declare const UseAppwardenInputSchema: z.ZodObject<{
         } | undefined;
     }>>>;
     appwardenApiToken: z.ZodEffects<z.ZodString, string, string>;
-    appwardenApiHostname: z.ZodOptional<z.ZodString>;
+    appwardenApiHostname: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
 }, "strip", z.ZodTypeAny, {
     debug: boolean;
     appwardenApiToken: string;
@@ -412,10 +411,11 @@ declare const UseAppwardenInputSchema: z.ZodObject<{
         } | undefined;
     }> | undefined;
     appwardenApiHostname?: string | undefined;
-}>;
+}>, any, any>>>;
+type CloudflareConfigFnType = z.input<typeof ConfigFnInputSchema>;
-type CloudflareConfigType = z.infer<typeof UseAppwardenInputSchema>;
+declare const useContentSecurityPolicy: (input: UseCSPInput) => Middleware;
-declare const createAppwardenMiddleware: (inputFn: CloudflareConfigType) => ExportedHandlerFetchHandler<Bindings>;
+declare const createAppwardenMiddleware: (inputFn: CloudflareConfigFnType) => ExportedHandlerFetchHandler<Bindings>;
-export { createAppwardenMiddleware };
+export { createAppwardenMiddleware, useContentSecurityPolicy };

package/cloudflare.js CHANGED Viewed

@@ -1,58 +1,33 @@
+import {
+  UseAppwardenInputSchema,
+  lockPageSlugRefinement
+} from "./chunk-4ADGOFLV.js";
 import {
   useContentSecurityPolicy
-} from "./chunk-K7ZIT3FM.js";
+} from "./chunk-WBWF3PPX.js";
 import {
   checkLockStatus
-} from "./chunk-ZOYE6D3A.js";
+} from "./chunk-QC2ZUZWY.js";
 import {
   buildLockPageUrl,
   createRedirect,
   debug,
+  isHTMLRequest,
   isOnLockPage
-} from "./chunk-KE2UVIYR.js";
-import {
-  UseCSPInputSchema,
-  isHTMLRequest
-} from "./chunk-2WPLLVUI.js";
+} from "./chunk-AY4ZKZTF.js";
+import "./chunk-ZTVJBORU.js";
 import {
-  AppwardenApiTokenSchema,
-  BooleanSchema,
   insertErrorLogs,
   printMessage
-} from "./chunk-QUVGY2YI.js";
+} from "./chunk-R7TXTHSG.js";
+import "./chunk-WEM7GS4M.js";
 // src/runners/appwarden-on-cloudflare.ts
 import { ZodError } from "zod";
 // src/schemas/cloudflare.ts
-import { z as z2 } from "zod";
-// src/schemas/use-appwarden.ts
 import { z } from "zod";
-var AppwardenMultidomainConfigSchema = z.record(
-  z.string(),
-  z.object({
-    lockPageSlug: z.string(),
-    contentSecurityPolicy: z.lazy(() => UseCSPInputSchema).optional(),
-    debug: BooleanSchema.optional()
-  })
-);
-var UseAppwardenInputSchema = z.object({
-  debug: BooleanSchema.default(false),
-  lockPageSlug: z.string().optional(),
-  multidomainConfig: AppwardenMultidomainConfigSchema.optional(),
-  appwardenApiToken: AppwardenApiTokenSchema,
-  appwardenApiHostname: z.string().optional()
-});
-var lockPageSlugRefinement = (schema) => schema.refine(
-  (data) => data.lockPageSlug || data.multidomainConfig,
-  {
-    message: "lockPageSlug must be provided"
-  }
-);
-// src/schemas/cloudflare.ts
-var ConfigFnInputSchema = z2.function().args(z2.custom()).returns(z2.lazy(() => lockPageSlugRefinement(UseAppwardenInputSchema)));
+var ConfigFnInputSchema = z.function().args(z.custom()).returns(z.lazy(() => lockPageSlugRefinement(UseAppwardenInputSchema)));
 // src/utils/middleware.ts
 var usePipeline = (...initMiddlewares) => {

package/index.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-export { B as Bindings, C as CSPDirectivesSchema, a as CSPModeSchema, M as Middleware, u as useContentSecurityPolicy } from './use-content-security-policy-DpmIa2tk.js';
+export { B as Bindings, C as CSPDirectivesSchema, a as CSPModeSchema, M as Middleware } from './use-content-security-policy-CvdzUPYF.js';
 import { z } from 'zod';
 declare const LOCKDOWN_TEST_EXPIRY_MS: number;
@@ -45,6 +45,418 @@ declare const isValidCacheUrl: {
     upstash: (value?: string) => string | boolean;
 };
+declare const UseAppwardenInputSchema: z.ZodObject<{
+    debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
+    lockPageSlug: z.ZodOptional<z.ZodString>;
+    multidomainConfig: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
+        lockPageSlug: z.ZodString;
+        contentSecurityPolicy: z.ZodOptional<z.ZodLazy<z.ZodObject<{
+            mode: z.ZodUnion<[z.ZodLiteral<"disabled">, z.ZodLiteral<"report-only">, z.ZodLiteral<"enforced">]>;
+            directives: z.ZodEffects<z.ZodEffects<z.ZodUnion<[z.ZodString, z.ZodObject<{
+                "default-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "script-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "style-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "img-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "connect-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "font-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "object-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "media-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "frame-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                sandbox: z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "report-uri": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "child-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "form-action": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "frame-ancestors": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "plugin-types": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "base-uri": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "report-to": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "worker-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "manifest-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "prefetch-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "navigate-to": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "require-sri-for": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "block-all-mixed-content": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "upgrade-insecure-requests": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "trusted-types": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+                "require-trusted-types-for": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            }, "strip", z.ZodTypeAny, {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            }, {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            }>]>, string | {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            }, string | {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            }>, {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            } | undefined, string | {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            }>;
+        }, "strip", z.ZodTypeAny, {
+            mode: "disabled" | "report-only" | "enforced";
+            directives?: {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            } | undefined;
+        }, {
+            mode: "disabled" | "report-only" | "enforced";
+            directives: string | {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            };
+        }>>>;
+        debug: z.ZodOptional<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
+    }, "strip", z.ZodTypeAny, {
+        lockPageSlug: string;
+        debug?: boolean | undefined;
+        contentSecurityPolicy?: {
+            mode: "disabled" | "report-only" | "enforced";
+            directives?: {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            } | undefined;
+        } | undefined;
+    }, {
+        lockPageSlug: string;
+        debug?: string | boolean | undefined;
+        contentSecurityPolicy?: {
+            mode: "disabled" | "report-only" | "enforced";
+            directives: string | {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            };
+        } | undefined;
+    }>>>;
+    appwardenApiToken: z.ZodEffects<z.ZodString, string, string>;
+    appwardenApiHostname: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
+}, "strip", z.ZodTypeAny, {
+    debug: boolean;
+    appwardenApiToken: string;
+    lockPageSlug?: string | undefined;
+    multidomainConfig?: Record<string, {
+        lockPageSlug: string;
+        debug?: boolean | undefined;
+        contentSecurityPolicy?: {
+            mode: "disabled" | "report-only" | "enforced";
+            directives?: {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            } | undefined;
+        } | undefined;
+    }> | undefined;
+    appwardenApiHostname?: string | undefined;
+}, {
+    appwardenApiToken: string;
+    debug?: string | boolean | undefined;
+    lockPageSlug?: string | undefined;
+    multidomainConfig?: Record<string, {
+        lockPageSlug: string;
+        debug?: string | boolean | undefined;
+        contentSecurityPolicy?: {
+            mode: "disabled" | "report-only" | "enforced";
+            directives: string | {
+                "default-src"?: string | boolean | string[] | undefined;
+                "script-src"?: string | boolean | string[] | undefined;
+                "style-src"?: string | boolean | string[] | undefined;
+                "img-src"?: string | boolean | string[] | undefined;
+                "connect-src"?: string | boolean | string[] | undefined;
+                "font-src"?: string | boolean | string[] | undefined;
+                "object-src"?: string | boolean | string[] | undefined;
+                "media-src"?: string | boolean | string[] | undefined;
+                "frame-src"?: string | boolean | string[] | undefined;
+                sandbox?: string | boolean | string[] | undefined;
+                "report-uri"?: string | boolean | string[] | undefined;
+                "child-src"?: string | boolean | string[] | undefined;
+                "form-action"?: string | boolean | string[] | undefined;
+                "frame-ancestors"?: string | boolean | string[] | undefined;
+                "plugin-types"?: string | boolean | string[] | undefined;
+                "base-uri"?: string | boolean | string[] | undefined;
+                "report-to"?: string | boolean | string[] | undefined;
+                "worker-src"?: string | boolean | string[] | undefined;
+                "manifest-src"?: string | boolean | string[] | undefined;
+                "prefetch-src"?: string | boolean | string[] | undefined;
+                "navigate-to"?: string | boolean | string[] | undefined;
+                "require-sri-for"?: string | boolean | string[] | undefined;
+                "block-all-mixed-content"?: string | boolean | string[] | undefined;
+                "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+                "trusted-types"?: string | boolean | string[] | undefined;
+                "require-trusted-types-for"?: string | boolean | string[] | undefined;
+            };
+        } | undefined;
+    }> | undefined;
+    appwardenApiHostname?: string | undefined;
+}>;
 declare const LockValue: z.ZodObject<{
     isLocked: z.ZodNumber;
     isLockedTest: z.ZodNumber;
@@ -60,4 +472,4 @@ declare const LockValue: z.ZodObject<{
 }>;
 type LockValueType = z.infer<typeof LockValue>;
-export { APPWARDEN_CACHE_KEY, LOCKDOWN_TEST_EXPIRY_MS, type LockValueType, getEdgeConfigId, isCacheUrl, isValidCacheUrl };
+export { APPWARDEN_CACHE_KEY, LOCKDOWN_TEST_EXPIRY_MS, type LockValueType, UseAppwardenInputSchema, getEdgeConfigId, isCacheUrl, isValidCacheUrl };

package/index.js CHANGED Viewed

@@ -4,22 +4,22 @@ import {
   isValidCacheUrl
 } from "./chunk-QEFORWCW.js";
 import {
-  useContentSecurityPolicy
-} from "./chunk-K7ZIT3FM.js";
+  UseAppwardenInputSchema
+} from "./chunk-4ADGOFLV.js";
 import {
   APPWARDEN_CACHE_KEY,
   CSPDirectivesSchema,
   CSPModeSchema,
   LOCKDOWN_TEST_EXPIRY_MS
-} from "./chunk-2WPLLVUI.js";
-import "./chunk-QUVGY2YI.js";
+} from "./chunk-ZTVJBORU.js";
+import "./chunk-WEM7GS4M.js";
 export {
   APPWARDEN_CACHE_KEY,
   CSPDirectivesSchema,
   CSPModeSchema,
   LOCKDOWN_TEST_EXPIRY_MS,
+  UseAppwardenInputSchema,
   getEdgeConfigId,
   isCacheUrl,
-  isValidCacheUrl,
-  useContentSecurityPolicy
+  isValidCacheUrl
 };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@appwarden/middleware",
-  "version": "3.11.1",
+  "version": "3.11.3",
   "description": "Instantly disable all user interaction with your app deployed on Cloudflare or Vercel",
   "type": "module",
   "license": "MIT",
@@ -120,7 +120,7 @@
       "serialize-javascript@<=7.0.2": ">=7.0.3",
       "svgo@=4.0.0": ">=4.0.1",
       "@opennextjs/cloudflare@<1.17.1": ">=1.17.1",
-      "tar@<=7.5.9": ">=7.5.10"
+      "tar@<=7.5.10": ">=7.5.11"
     }
   }
 }

package/{use-content-security-policy-DpmIa2tk.d.ts → use-content-security-policy-CvdzUPYF.d.ts} RENAMED Viewed

@@ -121,6 +121,15 @@ declare global {
     interface Env extends Bindings {
     }
 }
+/**
+ * Cloudflare request context shape used by withAppwarden config functions.
+ * This matches the context passed to config functions in appwardenOnCloudflare.
+ */
+type RequestContext = {
+    env: Bindings;
+    ctx: ExecutionContext;
+    cf: unknown;
+};
 interface MiddlewareContext {
     hostname: string;
@@ -471,6 +480,4 @@ declare const UseCSPInputSchema: z.ZodObject<{
 }>;
 type UseCSPInput = z.infer<typeof UseCSPInputSchema>;
-declare const useContentSecurityPolicy: (input: UseCSPInput) => Middleware;
-export { type Bindings as B, CSPDirectivesSchema as C, type Middleware as M, CSPModeSchema as a, useContentSecurityPolicy as u };
+export { type Bindings as B, CSPDirectivesSchema as C, type Middleware as M, type RequestContext as R, type UseCSPInput as U, CSPModeSchema as a };

package/vercel.d.ts CHANGED Viewed

@@ -3,7 +3,7 @@ import { z } from 'zod';
 declare const AppwardenConfigSchema: z.ZodEffects<z.ZodEffects<z.ZodEffects<z.ZodEffects<z.ZodObject<{
     cacheUrl: z.ZodString;
     appwardenApiToken: z.ZodString;
-    appwardenApiHostname: z.ZodOptional<z.ZodString>;
+    appwardenApiHostname: z.ZodOptional<z.ZodEffects<z.ZodString, string, string>>;
     vercelApiToken: z.ZodOptional<z.ZodString>;
     debug: z.ZodOptional<z.ZodBoolean>;
     lockPageSlug: z.ZodEffects<z.ZodDefault<z.ZodString>, string, string | undefined>;

package/vercel.js CHANGED Viewed

@@ -7,22 +7,25 @@ import {
   TEMPORARY_REDIRECT_STATUS,
   buildLockPageUrl,
   debug,
+  isHTMLRequest,
   isOnLockPage
-} from "./chunk-KE2UVIYR.js";
+} from "./chunk-AY4ZKZTF.js";
 import {
   APPWARDEN_CACHE_KEY,
   CSPDirectivesSchema,
   CSPModeSchema,
   errors,
-  globalErrors,
-  isHTMLRequest
-} from "./chunk-2WPLLVUI.js";
+  globalErrors
+} from "./chunk-ZTVJBORU.js";
 import {
-  LockValue,
   getErrors,
   makeCSPHeader,
   printMessage
-} from "./chunk-QUVGY2YI.js";
+} from "./chunk-R7TXTHSG.js";
+import {
+  AppwardenApiHostnameSchema,
+  LockValue
+} from "./chunk-WEM7GS4M.js";
 // src/runners/appwarden-on-vercel.ts
 import { waitUntil } from "@vercel/functions";
@@ -183,7 +186,7 @@ var VercelCSPSchema = z.object({
 var BaseNextJsConfigSchema = z.object({
   cacheUrl: z.string(),
   appwardenApiToken: z.string(),
-  appwardenApiHostname: z.string().optional(),
+  appwardenApiHostname: AppwardenApiHostnameSchema.optional(),
   vercelApiToken: z.string().optional(),
   debug: z.boolean().optional(),
   lockPageSlug: z.string().default("").transform((val) => val.replace(/^\/?/, "/")),