@appwarden/middleware 3.6.0 → 3.8.0

package/README.md

@@ -4,7 +4,7 @@
 [![GitHub](https://img.shields.io/badge/GitHub-appwarden%2Fmiddleware-181717?logo=github&logoColor=white)](https://github.com/appwarden/middleware)
 [![npm version](https://img.shields.io/npm/v/@appwarden/middleware.svg)](https://www.npmjs.com/package/@appwarden/middleware)
 [![npm provenance](https://img.shields.io/badge/npm-provenance-green)](https://docs.npmjs.com/generating-provenance-statements)
-![Test Coverage](https://img.shields.io/badge/coverage-91.5%25-brightgreen)
+![Test Coverage](https://img.shields.io/badge/coverage-92%25-brightgreen)
 [![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](https://opensource.org/licenses/MIT)
 
 ## Core Features
@@ -162,19 +162,17 @@ See the [Astro + Cloudflare guide](https://appwarden.io/docs/guides/astro-cloudf
 ```ts
 // app/root.tsx
 import { createAppwardenMiddleware } from "@appwarden/middleware/cloudflare/react-router"
-import type { CloudflareContext } from "@appwarden/middleware/cloudflare/react-router"
 
 export const unstable_middleware = [
-  createAppwardenMiddleware((cloudflare: CloudflareContext) => ({
-    lockPageSlug: cloudflare.env.APPWARDEN_LOCK_PAGE_SLUG,
-    appwardenApiToken: cloudflare.env.APPWARDEN_API_TOKEN,
-    debug: cloudflare.env.APPWARDEN_DEBUG === "true",
+  createAppwardenMiddleware(({ env }) => ({
+    lockPageSlug: env.APPWARDEN_LOCK_PAGE_SLUG,
+    appwardenApiToken: env.APPWARDEN_API_TOKEN,
+    // "debug" can be a string or boolean; the schema will normalize it
+    debug: env.APPWARDEN_DEBUG,
+    // "directives" can be a JSON string or an object; the schema will parse it
     contentSecurityPolicy: {
       mode: "enforced",
-      directives: {
-        "script-src": ["'self'", "{{nonce}}"],
-        "style-src": ["'self'", "{{nonce}}"],
-      },
+      directives: env.APPWARDEN_CSP_DIRECTIVES,
     },
   })),
 ]
@@ -185,29 +183,31 @@ See the [React Router + Cloudflare guide](https://appwarden.io/docs/guides/react
 ##### TanStack Start on Cloudflare
 
 ```ts
-// src/start.ts
-import { createStart } from "@tanstack/react-start"
+// start.ts
+import { createMiddleware } from "@tanstack/start"
+import { env, waitUntil } from "cloudflare:workers"
 import { createAppwardenMiddleware } from "@appwarden/middleware/cloudflare/tanstack-start"
-import type { TanStackStartCloudflareContext } from "@appwarden/middleware/cloudflare/tanstack-start"
 
-const appwardenMiddleware = createAppwardenMiddleware(
-  (cloudflare: TanStackStartCloudflareContext) => ({
-    lockPageSlug: cloudflare.env.APPWARDEN_LOCK_PAGE_SLUG,
-    appwardenApiToken: cloudflare.env.APPWARDEN_API_TOKEN,
-    debug: cloudflare.env.APPWARDEN_DEBUG === "true",
-    contentSecurityPolicy: {
-      mode: "enforced",
-      directives: {
-        "script-src": ["'self'", "{{nonce}}"],
-        "style-src": ["'self'", "{{nonce}}"],
-      },
+const appwardenMiddleware = createAppwardenMiddleware(({ env }) => ({
+  lockPageSlug: env.APPWARDEN_LOCK_PAGE_SLUG,
+  appwardenApiToken: env.APPWARDEN_API_TOKEN,
+  debug: env.APPWARDEN_DEBUG, // Accepts string or boolean
+  contentSecurityPolicy: {
+    mode: "enforced",
+    directives: {
+      "script-src": ["'self'", "{{nonce}}"],
+      "style-src": ["'self'", "{{nonce}}"],
     },
-  }),
-)
-
-export const start = createStart(() => ({
-  requestMiddleware: [appwardenMiddleware],
+  },
 }))
+
+export default createMiddleware().server(async ({ next, request }) => {
+  return await appwardenMiddleware({
+    request,
+    next,
+    context: { env, waitUntil },
+  })
+})
 ```
 
 See the [TanStack Start + Cloudflare guide](https://appwarden.io/docs/guides/tanstack-start-cloudflare) for more details.

package/{chunk-AXWJZE7U.js → chunk-52NBQDQT.js}

@@ -37,10 +37,7 @@ var useContentSecurityPolicy = (input) => {
       config.directives,
       config.mode
     );
-    context.debug(
-      `Applying CSP in ${config.mode} mode`,
-      `Directives: ${config.directives ? Object.keys(config.directives).join(", ") : "none"}`
-    );
+    context.debug(`Applying CSP in ${config.mode} mode`);
     const nextResponse = new Response(response.body, response);
     nextResponse.headers.set(cspHeaderName, cspHeaderValue);
     nextResponse.headers.set("content-type", "text/html; charset=utf-8");

package/cloudflare/astro.js

@@ -3,13 +3,13 @@ import {
 } from "../chunk-XFG6SUSV.js";
 import {
   useContentSecurityPolicy
-} from "../chunk-AXWJZE7U.js";
-import {
-  getNowMs
-} from "../chunk-X7WZVYQS.js";
+} from "../chunk-52NBQDQT.js";
 import {
   validateConfig
 } from "../chunk-MNGMTDH3.js";
+import {
+  getNowMs
+} from "../chunk-X7WZVYQS.js";
 import {
   checkLockStatus
 } from "../chunk-G5FWKV2Q.js";
@@ -102,7 +102,6 @@ function createAppwardenMiddleware(configFn) {
       debugFn("Website is unlocked");
       const response = await next();
       if (config.contentSecurityPolicy && isResponseLike(response)) {
-        debugFn("Applying CSP middleware");
         const cspContext = {
           request,
           response,

package/cloudflare/nextjs.js

@@ -1,9 +1,9 @@
-import {
-  getNowMs
-} from "../chunk-X7WZVYQS.js";
 import {
   validateConfig
 } from "../chunk-MNGMTDH3.js";
+import {
+  getNowMs
+} from "../chunk-X7WZVYQS.js";
 import {
   checkLockStatus
 } from "../chunk-G5FWKV2Q.js";

package/cloudflare/react-router.d.ts

@@ -1,51 +1,440 @@
-import { U as UseCSPInput } from '../use-content-security-policy-DUYpyUPy.js';
-import 'zod';
+import { z } from 'zod';
 
 /**
- * Cloudflare context provided by React Router on Cloudflare Workers.
- * This is the shape of `context.cloudflare` in React Router loaders/actions.
+ * Zod schema for React Router Cloudflare adapter configuration.
+ * Validates the config object returned by the configFn.
  */
-interface CloudflareContext {
-    env: CloudflareEnv;
-    ctx: ExecutionContext;
-}
-/**
- * Symbol used to store Cloudflare context in RouterContextProvider.
- * This is used when middleware is enabled with the v8_middleware future flag.
- */
-declare const cloudflareContextSymbol: unique symbol;
-/**
- * Configuration for the Appwarden middleware.
- */
-interface ReactRouterAppwardenConfig {
+declare const ReactRouterCloudflareConfigSchema: z.ZodObject<{
     /** The slug/path of the lock page to redirect to when the site is locked */
-    lockPageSlug: string;
+    lockPageSlug: z.ZodString;
     /** The Appwarden API token for authentication */
-    appwardenApiToken: string;
+    appwardenApiToken: z.ZodEffects<z.ZodString, string, string>;
     /** Optional custom API hostname (defaults to https://api.appwarden.io) */
-    appwardenApiHostname?: string;
+    appwardenApiHostname: z.ZodOptional<z.ZodString>;
     /** Enable debug logging */
-    debug?: boolean;
+    debug: z.ZodDefault<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodBoolean]>>, boolean, string | boolean | undefined>>;
     /** Optional Content Security Policy configuration */
-    contentSecurityPolicy?: UseCSPInput;
+    contentSecurityPolicy: z.ZodOptional<z.ZodLazy<z.ZodEffects<z.ZodObject<{
+        mode: z.ZodDefault<z.ZodOptional<z.ZodUnion<[z.ZodLiteral<"disabled">, z.ZodLiteral<"report-only">, z.ZodLiteral<"enforced">]>>>;
+        directives: z.ZodEffects<z.ZodEffects<z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodObject<{
+            "default-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "script-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "style-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "img-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "connect-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "font-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "object-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "media-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "frame-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            sandbox: z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "report-uri": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "child-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "form-action": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "frame-ancestors": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "plugin-types": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "base-uri": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "report-to": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "worker-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "manifest-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "prefetch-src": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "navigate-to": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "require-sri-for": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "block-all-mixed-content": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "upgrade-insecure-requests": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "trusted-types": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+            "require-trusted-types-for": z.ZodOptional<z.ZodUnion<[z.ZodArray<z.ZodString, "many">, z.ZodString, z.ZodBoolean]>>;
+        }, "strip", z.ZodTypeAny, {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        }, {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        }>]>>, string | {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        } | undefined, string | {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        } | undefined>, {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        } | undefined, string | {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        } | undefined>;
+    }, "strip", z.ZodTypeAny, {
+        mode: "disabled" | "report-only" | "enforced";
+        directives?: {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        } | undefined;
+    }, {
+        mode?: "disabled" | "report-only" | "enforced" | undefined;
+        directives?: string | {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        } | undefined;
+    }>, {
+        mode: "disabled" | "report-only" | "enforced";
+        directives?: {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        } | undefined;
+    }, {
+        mode?: "disabled" | "report-only" | "enforced" | undefined;
+        directives?: string | {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        } | undefined;
+    }>>>;
+}, "strip", z.ZodTypeAny, {
+    debug: boolean;
+    lockPageSlug: string;
+    appwardenApiToken: string;
+    contentSecurityPolicy?: {
+        mode: "disabled" | "report-only" | "enforced";
+        directives?: {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        } | undefined;
+    } | undefined;
+    appwardenApiHostname?: string | undefined;
+}, {
+    lockPageSlug: string;
+    appwardenApiToken: string;
+    debug?: string | boolean | undefined;
+    contentSecurityPolicy?: {
+        mode?: "disabled" | "report-only" | "enforced" | undefined;
+        directives?: string | {
+            "default-src"?: string | boolean | string[] | undefined;
+            "script-src"?: string | boolean | string[] | undefined;
+            "style-src"?: string | boolean | string[] | undefined;
+            "img-src"?: string | boolean | string[] | undefined;
+            "connect-src"?: string | boolean | string[] | undefined;
+            "font-src"?: string | boolean | string[] | undefined;
+            "object-src"?: string | boolean | string[] | undefined;
+            "media-src"?: string | boolean | string[] | undefined;
+            "frame-src"?: string | boolean | string[] | undefined;
+            sandbox?: string | boolean | string[] | undefined;
+            "report-uri"?: string | boolean | string[] | undefined;
+            "child-src"?: string | boolean | string[] | undefined;
+            "form-action"?: string | boolean | string[] | undefined;
+            "frame-ancestors"?: string | boolean | string[] | undefined;
+            "plugin-types"?: string | boolean | string[] | undefined;
+            "base-uri"?: string | boolean | string[] | undefined;
+            "report-to"?: string | boolean | string[] | undefined;
+            "worker-src"?: string | boolean | string[] | undefined;
+            "manifest-src"?: string | boolean | string[] | undefined;
+            "prefetch-src"?: string | boolean | string[] | undefined;
+            "navigate-to"?: string | boolean | string[] | undefined;
+            "require-sri-for"?: string | boolean | string[] | undefined;
+            "block-all-mixed-content"?: string | boolean | string[] | undefined;
+            "upgrade-insecure-requests"?: string | boolean | string[] | undefined;
+            "trusted-types"?: string | boolean | string[] | undefined;
+            "require-trusted-types-for"?: string | boolean | string[] | undefined;
+        } | undefined;
+    } | undefined;
+    appwardenApiHostname?: string | undefined;
+}>;
+/**
+ * Input type for React Router Cloudflare adapter configuration.
+ * This is the pre-transformation type that accepts string | boolean for debug
+ * and string | object for CSP directives, allowing users to pass environment
+ * variables directly without manual transformation.
+ */
+type ReactRouterAppwardenConfigInput = z.input<typeof ReactRouterCloudflareConfigSchema>;
+
+/**
+ * Minimal runtime context required by the React Router adapter.
+ * Contains only the essential properties needed by the middleware.
+ */
+interface ReactRouterRuntimeContext {
+    /** Cloudflare environment bindings */
+    env: CloudflareEnv;
+    /** Function to extend the lifetime of the request for background tasks */
+    waitUntil(promise: Promise<unknown>): void;
 }
 /**
- * Configuration function that receives the Cloudflare context and returns the config.
+ * Configuration function that receives the runtime context and returns the config.
  * This allows dynamic configuration based on environment variables.
+ * The config can use the relaxed input types (string | boolean for debug,
+ * string | object for CSP directives) which will be transformed by Zod.
  */
-type ReactRouterConfigFn = (cloudflare: CloudflareContext) => ReactRouterAppwardenConfig;
+type ReactRouterConfigFn = (runtime: ReactRouterRuntimeContext) => ReactRouterAppwardenConfigInput;
 /**
  * React Router middleware function signature.
  * This matches the unstable_middleware export type in React Router v7.
  *
- * Supports both old and new context APIs:
- * - Old API: context is a plain object with `cloudflare` property
- * - New API (v8_middleware): context is a RouterContextProvider instance
+ * The context should contain the runtime context with env and waitUntil.
  */
 interface ReactRouterMiddlewareArgs {
     request: Request;
     params: Record<string, string | undefined>;
-    context: any;
+    context: ReactRouterRuntimeContext;
 }
 type ReactRouterMiddlewareFunction = (args: ReactRouterMiddlewareArgs, next: () => Promise<unknown>) => Promise<unknown>;
 /**
@@ -54,10 +443,6 @@ type ReactRouterMiddlewareFunction = (args: ReactRouterMiddlewareArgs, next: ()
  * This middleware checks if the site is locked and redirects to the lock page if so.
  * It should be exported from your root route (root.tsx) to protect all routes.
  *
- * Supports both old and new React Router context APIs:
- * - Old API: Pass context as plain object with `cloudflare` property
- * - New API (v8_middleware): Use RouterContextProvider with cloudflareContextSymbol
- *
  * @example
  * ```typescript
  * // app/root.tsx
@@ -71,9 +456,9 @@ type ReactRouterMiddlewareFunction = (args: ReactRouterMiddlewareArgs, next: ()
  * ]
  * ```
  *
- * @param configFn - A function that receives the Cloudflare context and returns the config
+ * @param configFn - A function that receives the runtime context and returns the config
  * @returns A React Router middleware function
  */
 declare function createAppwardenMiddleware(configFn: ReactRouterConfigFn): ReactRouterMiddlewareFunction;
 
-export { type CloudflareContext, cloudflareContextSymbol, createAppwardenMiddleware };
+export { type ReactRouterRuntimeContext, createAppwardenMiddleware };