@appwarden/middleware 3.2.1 → 3.3.0

package/cloudflare.js

@@ -1,24 +1,27 @@
 import {
   useContentSecurityPolicy
-} from "./chunk-A5XGYLYS.js";
+} from "./chunk-BYRGGUK7.js";
 import {
-  checkLockStatus,
-  getLockValue,
-  store
-} from "./chunk-MDODCAA3.js";
+  checkLockStatus
+} from "./chunk-PH77FI6C.js";
 import {
-  AppwardenApiTokenSchema,
-  BooleanSchema,
   buildLockPageUrl,
   createRedirect,
-  getErrors,
   isOnLockPage
-} from "./chunk-ZX5QO4Y2.js";
+} from "./chunk-SUZPTFWY.js";
 import {
   APPWARDEN_CACHE_KEY,
-  isHTMLRequest,
-  printMessage
-} from "./chunk-L5EQIJZB.js";
+  UseCSPInputSchema,
+  isHTMLRequest
+} from "./chunk-HCGLR3Z3.js";
+import {
+  AppwardenApiTokenSchema,
+  BooleanSchema,
+  getLockValue,
+  insertErrorLogs,
+  printMessage,
+  store
+} from "./chunk-ZBYVJ3HA.js";
 
 // src/runners/appwarden-on-cloudflare.ts
 import { ZodError } from "zod";
@@ -31,7 +34,8 @@ import { z } from "zod";
 var AppwardenMultidomainConfigSchema = z.record(
   z.string(),
   z.object({
-    lockPageSlug: z.string()
+    lockPageSlug: z.string(),
+    contentSecurityPolicy: z.lazy(() => UseCSPInputSchema).optional()
   })
 );
 var UseAppwardenInputSchema = z.object({
@@ -49,16 +53,7 @@ var lockPageSlugRefinement = (schema) => schema.refine(
 );
 
 // src/schemas/cloudflare.ts
-var ConfigFnInputSchema = z2.function().args(z2.custom()).returns(
-  lockPageSlugRefinement(
-    UseAppwardenInputSchema.extend({
-      middleware: z2.object({
-        before: z2.custom().array().default([]),
-        after: z2.custom().array().default([])
-      }).default({})
-    })
-  )
-);
+var ConfigFnInputSchema = z2.function().args(z2.custom()).returns(z2.lazy(() => lockPageSlugRefinement(UseAppwardenInputSchema)));
 
 // src/utils/middleware.ts
 var usePipeline = (...initMiddlewares) => {
@@ -82,24 +77,6 @@ var usePipeline = (...initMiddlewares) => {
   };
 };
 
-// src/utils/cloudflare/insert-errors-logs.ts
-var insertErrorLogs = async (context, error) => {
-  const errors = getErrors(error);
-  for (const err of errors) {
-    console.log(printMessage(err));
-  }
-  return new HTMLRewriter().on("body", {
-    element: (elem) => {
-      elem.append(
-        `<script>
-            ${errors.map((err) => `console.error(\`${printMessage(err)}\`)`).join("\n")}
-          </script>`,
-        { html: true }
-      );
-    }
-  }).transform(await fetch(context.request));
-};
-
 // src/handlers/reset-cache.ts
 var isResetCacheRequest = (request) => request.method === "POST" && new URL(request.url).pathname === "/__appwarden/reset-cache" && request.headers.get("content-type") === "application/json";
 var handleResetCache = async (keyName, provider, edgeCache, request) => {
@@ -188,9 +165,10 @@ var useFetchOrigin = () => async (context, next) => {
 // src/runners/appwarden-on-cloudflare.ts
 var appwardenOnCloudflare = (inputFn) => async (request, env, ctx) => {
   ctx.passThroughOnException();
+  const requestUrl = new URL(request.url);
   const context = {
     request,
-    hostname: new URL(request.url).host,
+    hostname: requestUrl.hostname,
     response: new Response("Unhandled response"),
     // https://developers.cloudflare.com/workers/observability/errors/#illegal-invocation-errors
     waitUntil: (fn) => ctx.waitUntil(fn)
@@ -201,11 +179,11 @@ var appwardenOnCloudflare = (inputFn) => async (request, env, ctx) => {
   }
   try {
     const input = parsedInput.data({ env, ctx, cf: {} });
-    const pipeline = [
-      ...input.middleware.before,
-      useAppwarden(input),
-      useFetchOrigin()
-    ];
+    const pipeline = [useAppwarden(input), useFetchOrigin()];
+    const cspConfig = input.multidomainConfig?.[requestUrl.hostname]?.contentSecurityPolicy;
+    if (cspConfig) {
+      pipeline.push(useContentSecurityPolicy(cspConfig));
+    }
     await usePipeline(...pipeline).execute(context);
   } catch (error) {
     if (error instanceof ZodError) {

package/index.d.ts

@@ -1,4 +1,5 @@
-export { B as Bindings, C as CSPDirectivesSchema, a as CSPModeSchema, M as Middleware, u as useContentSecurityPolicy } from './use-content-security-policy-DjRTjIpm.js';
+export { B as Bindings, C as CSPDirectivesSchema, a as CSPModeSchema } from './use-content-security-policy-DUYpyUPy.js';
+export { M as Middleware, u as useContentSecurityPolicy } from './use-content-security-policy-CjlLe4yU.js';
 import { z } from 'zod';
 
 declare const LOCKDOWN_TEST_EXPIRY_MS: number;

package/index.js

@@ -4,14 +4,15 @@ import {
   isValidCacheUrl
 } from "./chunk-QEFORWCW.js";
 import {
-  CSPDirectivesSchema,
-  CSPModeSchema,
   useContentSecurityPolicy
-} from "./chunk-A5XGYLYS.js";
+} from "./chunk-BYRGGUK7.js";
 import {
   APPWARDEN_CACHE_KEY,
+  CSPDirectivesSchema,
+  CSPModeSchema,
   LOCKDOWN_TEST_EXPIRY_MS
-} from "./chunk-L5EQIJZB.js";
+} from "./chunk-HCGLR3Z3.js";
+import "./chunk-ZBYVJ3HA.js";
 export {
   APPWARDEN_CACHE_KEY,
   CSPDirectivesSchema,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@appwarden/middleware",
-  "version": "3.2.1",
+  "version": "3.3.0",
   "description": "Instantly shut off access your app deployed on Cloudflare or Vercel",
   "type": "module",
   "license": "MIT",
@@ -64,7 +64,7 @@
   },
   "peerDependencies": {
     "@astrojs/cloudflare": ">=11.0.0",
-    "@opennextjs/cloudflare": ">=1.0.0",
+    "@opennextjs/cloudflare": ">=1.16.6",
     "@vercel/functions": ">=1.0.0",
     "astro": ">=4.0.0",
     "next": ">=14"
@@ -103,7 +103,12 @@
       "@smithy/config-resolver@<4.4.0": ">=4.4.0",
       "@isaacs/brace-expansion@<=5.0.0": ">=5.0.1",
       "npm@<=11.8.0": ">=11.9.0",
-      "wrangler@>=4.0.0 <4.59.1": ">=4.59.1"
+      "wrangler@>=4.0.0 <4.59.1": ">=4.59.1",
+      "qs@>=6.7.0 <=6.14.1": ">=6.14.2",
+      "devalue@<=5.6.2": ">=5.6.3",
+      "minimatch@<10.2.1": ">=10.2.1",
+      "tar@<7.5.8": ">=7.5.8",
+      "ajv@>=7.0.0-alpha.0 <8.18.0": ">=8.18.0"
     }
   }
 }

package/use-content-security-policy-CjlLe4yU.d.ts

@@ -0,0 +1,16 @@
+import { U as UseCSPInput } from './use-content-security-policy-DUYpyUPy.js';
+import { z } from 'zod';
+
+interface MiddlewareContext {
+    hostname: string;
+    request: Request;
+    response: Response;
+    waitUntil: ExecutionContext["waitUntil"];
+}
+type Middleware = (context: MiddlewareContext, next: () => MiddlewareNextSchemaType) => MiddlewareNextSchemaType;
+declare const MiddlewareNextSchema: z.ZodUnion<[z.ZodVoid, z.ZodNull, z.ZodPromise<z.ZodUnion<[z.ZodVoid, z.ZodNull]>>]>;
+type MiddlewareNextSchemaType = z.infer<typeof MiddlewareNextSchema>;
+
+declare const useContentSecurityPolicy: (input: UseCSPInput) => Middleware;
+
+export { type Middleware as M, useContentSecurityPolicy as u };

package/{use-content-security-policy-DjRTjIpm.d.ts → use-content-security-policy-DUYpyUPy.d.ts}

@@ -97,16 +97,6 @@ declare global {
     }
 }
 
-interface MiddlewareContext {
-    hostname: string;
-    request: Request;
-    response: Response;
-    waitUntil: ExecutionContext["waitUntil"];
-}
-type Middleware = (context: MiddlewareContext, next: () => MiddlewareNextSchemaType) => MiddlewareNextSchemaType;
-declare const MiddlewareNextSchema: z.ZodUnion<[z.ZodVoid, z.ZodNull, z.ZodPromise<z.ZodUnion<[z.ZodVoid, z.ZodNull]>>]>;
-type MiddlewareNextSchemaType = z.infer<typeof MiddlewareNextSchema>;
-
 declare const CSPDirectivesSchema: z.ZodUnion<[z.ZodString, z.ZodObject<{
     "default-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
     "script-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
@@ -191,7 +181,6 @@ declare const CSPDirectivesSchema: z.ZodUnion<[z.ZodString, z.ZodObject<{
 }>]>;
 declare const CSPModeSchema: z.ZodDefault<z.ZodOptional<z.ZodUnion<[z.ZodLiteral<"disabled">, z.ZodLiteral<"report-only">, z.ZodLiteral<"enforced">]>>>;
 declare const UseCSPInputSchema: z.ZodEffects<z.ZodObject<{
-    hostname: z.ZodOptional<z.ZodString>;
     mode: z.ZodDefault<z.ZodOptional<z.ZodUnion<[z.ZodLiteral<"disabled">, z.ZodLiteral<"report-only">, z.ZodLiteral<"enforced">]>>>;
     directives: z.ZodEffects<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodObject<{
         "default-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
@@ -413,7 +402,6 @@ declare const UseCSPInputSchema: z.ZodEffects<z.ZodObject<{
         "trusted-types"?: string | boolean | string[] | undefined;
         "require-trusted-types-for"?: string | boolean | string[] | undefined;
     } | undefined;
-    hostname?: string | undefined;
 }, {
     mode?: "disabled" | "report-only" | "enforced" | undefined;
     directives?: string | {
@@ -444,7 +432,6 @@ declare const UseCSPInputSchema: z.ZodEffects<z.ZodObject<{
         "trusted-types"?: string | boolean | string[] | undefined;
         "require-trusted-types-for"?: string | boolean | string[] | undefined;
     } | undefined;
-    hostname?: string | undefined;
 }>, {
     mode: "disabled" | "report-only" | "enforced";
     directives?: {
@@ -475,7 +462,6 @@ declare const UseCSPInputSchema: z.ZodEffects<z.ZodObject<{
         "trusted-types"?: string | boolean | string[] | undefined;
         "require-trusted-types-for"?: string | boolean | string[] | undefined;
     } | undefined;
-    hostname?: string | undefined;
 }, {
     mode?: "disabled" | "report-only" | "enforced" | undefined;
     directives?: string | {
@@ -506,10 +492,7 @@ declare const UseCSPInputSchema: z.ZodEffects<z.ZodObject<{
         "trusted-types"?: string | boolean | string[] | undefined;
         "require-trusted-types-for"?: string | boolean | string[] | undefined;
     } | undefined;
-    hostname?: string | undefined;
 }>;
 type UseCSPInput = z.infer<typeof UseCSPInputSchema>;
 
-declare const useContentSecurityPolicy: (input: UseCSPInput) => Middleware;
-
-export { type Bindings as B, CSPDirectivesSchema as C, type Middleware as M, CSPModeSchema as a, useContentSecurityPolicy as u };
+export { type Bindings as B, CSPDirectivesSchema as C, type UseCSPInput as U, CSPModeSchema as a };