@effect/platform 0.82.5 → 0.82.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (21) hide show
  1. package/dist/cjs/HttpApiScalar.js +6 -5
  2. package/dist/cjs/HttpApiScalar.js.map +1 -1
  3. package/dist/cjs/HttpApiSwagger.js +10 -2
  4. package/dist/cjs/HttpApiSwagger.js.map +1 -1
  5. package/dist/cjs/internal/html.js +32 -0
  6. package/dist/cjs/internal/html.js.map +1 -0
  7. package/dist/dts/HttpApiScalar.d.ts.map +1 -1
  8. package/dist/dts/HttpApiSwagger.d.ts +4 -0
  9. package/dist/dts/HttpApiSwagger.d.ts.map +1 -1
  10. package/dist/dts/internal/html.d.ts +2 -0
  11. package/dist/dts/internal/html.d.ts.map +1 -0
  12. package/dist/esm/HttpApiScalar.js +6 -5
  13. package/dist/esm/HttpApiScalar.js.map +1 -1
  14. package/dist/esm/HttpApiSwagger.js +10 -2
  15. package/dist/esm/HttpApiSwagger.js.map +1 -1
  16. package/dist/esm/internal/html.js +25 -0
  17. package/dist/esm/internal/html.js.map +1 -0
  18. package/package.json +1 -1
  19. package/src/HttpApiScalar.ts +6 -5
  20. package/src/HttpApiSwagger.ts +10 -2
  21. package/src/internal/html.ts +32 -0
package/dist/cjs/HttpApiScalar.js CHANGED
@@ -8,6 +8,7 @@ var Effect = _interopRequireWildcard(require("effect/Effect"));
8
8
  var _HttpApi = require("./HttpApi.js");
9
9
  var _HttpApiBuilder = require("./HttpApiBuilder.js");
10
10
  var HttpServerResponse = _interopRequireWildcard(require("./HttpServerResponse.js"));
11
+ var Html = _interopRequireWildcard(require("./internal/html.js"));
11
12
  var internal = _interopRequireWildcard(require("./internal/httpApiScalar.js"));
12
13
  var OpenApi = _interopRequireWildcard(require("./OpenApi.js"));
13
14
  function _interopRequireWildcard(e, t) { if ("function" == typeof WeakMap) var r = new WeakMap(), n = new WeakMap(); return (_interopRequireWildcard = function (e, t) { if (!t && e && e.__esModule) return e; var o, i, f = { __proto__: null, default: e }; if (null === e || "object" != typeof e && "function" != typeof e) return f; if (o = t ? n : r) { if (o.has(e)) return o.get(e); o.set(e, f); } for (const t in e) "default" !== t && {}.hasOwnProperty.call(e, t) && ((i = (o = Object.defineProperty) && Object.getOwnPropertyDescriptor(e, t)) && (i.get || i.set) ? o(f, t, i) : f[t] = e[t]); return f; })(e, t); }
@@ -35,19 +36,19 @@ const layer = options => _HttpApiBuilder.Router.use(router => Effect.gen(functio
35
36
  <html>
36
37
  <head>
37
38
  <meta charset="utf-8" />
38
- <title>${spec.info.title}</title>
39
- ${!spec.info.description ? "" : `<meta name="description" content="${spec.info.description}"/>`}
40
- ${!spec.info.description ? "" : `<meta name="og:description" content="${spec.info.description}"/>`}
39
+ <title>${Html.escape(spec.info.title)}</title>
40
+ ${!spec.info.description ? "" : `<meta name="description" content="${Html.escape(spec.info.description)}"/>`}
41
+ ${!spec.info.description ? "" : `<meta name="og:description" content="${Html.escape(spec.info.description)}"/>`}
41
42
  <meta
42
43
  name="viewport"
43
44
  content="width=device-width, initial-scale=1" />
44
45
  </head>
45
46
  <body>
46
47
  <script id="api-reference" type="application/json">
47
- ${JSON.stringify(spec)}
48
+ ${Html.escapeJson(spec)}
48
49
  </script>
49
50
  <script>
50
- document.getElementById('api-reference').dataset.configuration = JSON.stringify(${JSON.stringify(scalarConfig)})
51
+ document.getElementById('api-reference').dataset.configuration = JSON.stringify(${Html.escapeJson(scalarConfig)})
51
52
  </script>
52
53
  ${src ? `<script src="${src}" crossorigin></script>` : `<script>${defaultScript}</script>`}
53
54
  </body>
package/dist/cjs/HttpApiScalar.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HttpApiScalar.js","names":["Effect","_interopRequireWildcard","require","_HttpApi","_HttpApiBuilder","HttpServerResponse","internal","OpenApi","e","t","WeakMap","r","n","__esModule","o","i","f","__proto__","default","has","get","set","hasOwnProperty","call","Object","defineProperty","getOwnPropertyDescriptor","layer","options","Router","use","router","gen","api","Api","spec","fromApi","source","defaultScript","javascript","src","type","version","scalarConfig","_integration","scalar","response","html","info","title","description","JSON","stringify","path","succeed","exports"],"sources":["../../src/HttpApiScalar.ts"],"sourcesContent":[null],"mappings":";;;;;;AAGA,IAAAA,MAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,kBAAA,GAAAJ,uBAAA,CAAAC,OAAA;AACA,IAAAI,QAAA,GAAAL,uBAAA,CAAAC,OAAA;AACA,IAAAK,OAAA,GAAAN,uBAAA,CAAAC,OAAA;AAAuC,SAAAD,wBAAAO,CAAA,EAAAC,CAAA,6BAAAC,OAAA,MAAAC,CAAA,OAAAD,OAAA,IAAAE,CAAA,OAAAF,OAAA,YAAAT,uBAAA,YAAAA,CAAAO,CAAA,EAAAC,CAAA,SAAAA,CAAA,IAAAD,CAAA,IAAAA,CAAA,CAAAK,UAAA,SAAAL,CAAA,MAAAM,CAAA,EAAAC,CAAA,EAAAC,CAAA,KAAAC,SAAA,QAAAC,OAAA,EAAAV,CAAA,iBAAAA,CAAA,uBAAAA,CAAA,yBAAAA,CAAA,SAAAQ,CAAA,MAAAF,CAAA,GAAAL,CAAA,GAAAG,CAAA,GAAAD,CAAA,QAAAG,CAAA,CAAAK,GAAA,CAAAX,CAAA,UAAAM,CAAA,CAAAM,GAAA,CAAAZ,CAAA,GAAAM,CAAA,CAAAO,GAAA,CAAAb,CAAA,EAAAQ,CAAA,gBAAAP,CAAA,IAAAD,CAAA,gBAAAC,CAAA,OAAAa,cAAA,CAAAC,IAAA,CAAAf,CAAA,EAAAC,CAAA,OAAAM,CAAA,IAAAD,CAAA,GAAAU,MAAA,CAAAC,cAAA,KAAAD,MAAA,CAAAE,wBAAA,CAAAlB,CAAA,EAAAC,CAAA,OAAAM,CAAA,CAAAK,GAAA,IAAAL,CAAA,CAAAM,GAAA,IAAAP,CAAA,CAAAE,CAAA,EAAAP,CAAA,EAAAM,CAAA,IAAAC,CAAA,CAAAP,CAAA,IAAAD,CAAA,CAAAC,CAAA,WAAAO,CAAA,KAAAR,CAAA,EAAAC,CAAA;AATvC;;;;AAyHA;;;;AAIO,MAAMkB,KAAK,GAAIC,OAIrB,IACCC,sBAAM,CAACC,GAAG,CAAEC,MAAM,IAChB/B,MAAM,CAACgC,GAAG,CAAC,aAAS;EAClB,MAAM;IAAEC;EAAG,CAAE,GAAG,OAAOC,YAAG;EAC1B,MAAMC,IAAI,GAAG5B,OAAO,CAAC6B,OAAO,CAACH,GAAG,CAAC;EAEjC,MAAMI,MAAM,GAAGT,OAAO,EAAES,MAAM;EAC9B,MAAMC,aAAa,GAAGhC,QAAQ,CAACiC,UAAU;EACzC,MAAMC,GAAG,GAAkBH,MAAM,GAC7B,OAAOA,MAAM,KAAK,QAAQ,GACxBA,MAAM,GACNA,MAAM,CAACI,IAAI,KAAK,KAAK,GACrB,sDACAJ,MAAM,CAACK,OAAO,IAAI,QACpB,iCAAiC,GAC/B,IAAI,GACN,IAAI;EAER,MAAMC,YAAY,GAAG;IACnBC,YAAY,EAAE,MAAM;IACpB,GAAGhB,OAAO,EAAEiB;GACb;EAED,MAAMC,QAAQ,GAAGzC,kBAAkB,CAAC0C,IAAI,CAAC;;;;aAIlCZ,IAAI,CAACa,IAAI,CAACC,KAAK;MAEpB,CAACd,IAAI,CAACa,IAAI,CAACE,WAAW,GAClB,EAAE,GACF,qCAAqCf,IAAI,CAACa,IAAI,CAACE,WAAW,KAChE;MAEE,CAACf,IAAI,CAACa,IAAI,CAACE,WAAW,GAClB,EAAE,GACF,wCAAwCf,IAAI,CAACa,IAAI,CAACE,WAAW,KACnE;;;;;;;QAOEC,IAAI,CAACC,SAAS,CAACjB,IAAI,CAAC;;;wFAG4DgB,IAAI,CAACC,SAAS,CAACT,YAAY,CAAC;;MAG5GH,GAAG,GACC,gBAAgBA,GAAG,yBAAyB,GAC5C,WAAWF,aAAa,WAC9B;;QAEE,CAAC;EACH,OAAOP,MAAM,CAACX,GAAG,CAACQ,OAAO,EAAEyB,IAAI,IAAI,OAAO,EAAErD,MAAM,CAACsD,OAAO,CAACR,QAAQ,CAAC,CAAC;AACvE,CAAC,CAAC,CACH;AAAAS,OAAA,CAAA5B,KAAA,GAAAA,KAAA","ignoreList":[]}
1
+ {"version":3,"file":"HttpApiScalar.js","names":["Effect","_interopRequireWildcard","require","_HttpApi","_HttpApiBuilder","HttpServerResponse","Html","internal","OpenApi","e","t","WeakMap","r","n","__esModule","o","i","f","__proto__","default","has","get","set","hasOwnProperty","call","Object","defineProperty","getOwnPropertyDescriptor","layer","options","Router","use","router","gen","api","Api","spec","fromApi","source","defaultScript","javascript","src","type","version","scalarConfig","_integration","scalar","response","html","escape","info","title","description","escapeJson","path","succeed","exports"],"sources":["../../src/HttpApiScalar.ts"],"sourcesContent":[null],"mappings":";;;;;;AAGA,IAAAA,MAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,kBAAA,GAAAJ,uBAAA,CAAAC,OAAA;AACA,IAAAI,IAAA,GAAAL,uBAAA,CAAAC,OAAA;AACA,IAAAK,QAAA,GAAAN,uBAAA,CAAAC,OAAA;AACA,IAAAM,OAAA,GAAAP,uBAAA,CAAAC,OAAA;AAAuC,SAAAD,wBAAAQ,CAAA,EAAAC,CAAA,6BAAAC,OAAA,MAAAC,CAAA,OAAAD,OAAA,IAAAE,CAAA,OAAAF,OAAA,YAAAV,uBAAA,YAAAA,CAAAQ,CAAA,EAAAC,CAAA,SAAAA,CAAA,IAAAD,CAAA,IAAAA,CAAA,CAAAK,UAAA,SAAAL,CAAA,MAAAM,CAAA,EAAAC,CAAA,EAAAC,CAAA,KAAAC,SAAA,QAAAC,OAAA,EAAAV,CAAA,iBAAAA,CAAA,uBAAAA,CAAA,yBAAAA,CAAA,SAAAQ,CAAA,MAAAF,CAAA,GAAAL,CAAA,GAAAG,CAAA,GAAAD,CAAA,QAAAG,CAAA,CAAAK,GAAA,CAAAX,CAAA,UAAAM,CAAA,CAAAM,GAAA,CAAAZ,CAAA,GAAAM,CAAA,CAAAO,GAAA,CAAAb,CAAA,EAAAQ,CAAA,gBAAAP,CAAA,IAAAD,CAAA,gBAAAC,CAAA,OAAAa,cAAA,CAAAC,IAAA,CAAAf,CAAA,EAAAC,CAAA,OAAAM,CAAA,IAAAD,CAAA,GAAAU,MAAA,CAAAC,cAAA,KAAAD,MAAA,CAAAE,wBAAA,CAAAlB,CAAA,EAAAC,CAAA,OAAAM,CAAA,CAAAK,GAAA,IAAAL,CAAA,CAAAM,GAAA,IAAAP,CAAA,CAAAE,CAAA,EAAAP,CAAA,EAAAM,CAAA,IAAAC,CAAA,CAAAP,CAAA,IAAAD,CAAA,CAAAC,CAAA,WAAAO,CAAA,KAAAR,CAAA,EAAAC,CAAA;AAVvC;;;;AA0HA;;;;AAIO,MAAMkB,KAAK,GAAIC,OAIrB,IACCC,sBAAM,CAACC,GAAG,CAAEC,MAAM,IAChBhC,MAAM,CAACiC,GAAG,CAAC,aAAS;EAClB,MAAM;IAAEC;EAAG,CAAE,GAAG,OAAOC,YAAG;EAC1B,MAAMC,IAAI,GAAG5B,OAAO,CAAC6B,OAAO,CAACH,GAAG,CAAC;EAEjC,MAAMI,MAAM,GAAGT,OAAO,EAAES,MAAM;EAC9B,MAAMC,aAAa,GAAGhC,QAAQ,CAACiC,UAAU;EACzC,MAAMC,GAAG,GAAkBH,MAAM,GAC7B,OAAOA,MAAM,KAAK,QAAQ,GACxBA,MAAM,GACNA,MAAM,CAACI,IAAI,KAAK,KAAK,GACrB,sDACAJ,MAAM,CAACK,OAAO,IAAI,QACpB,iCAAiC,GAC/B,IAAI,GACN,IAAI;EAER,MAAMC,YAAY,GAAG;IACnBC,YAAY,EAAE,MAAM;IACpB,GAAGhB,OAAO,EAAEiB;GACb;EAED,MAAMC,QAAQ,GAAG1C,kBAAkB,CAAC2C,IAAI,CAAC;;;;aAIlC1C,IAAI,CAAC2C,MAAM,CAACb,IAAI,CAACc,IAAI,CAACC,KAAK,CAAC;MAEjC,CAACf,IAAI,CAACc,IAAI,CAACE,WAAW,GAClB,EAAE,GACF,qCAAqC9C,IAAI,CAAC2C,MAAM,CAACb,IAAI,CAACc,IAAI,CAACE,WAAW,CAAC,KAC7E;MAEE,CAAChB,IAAI,CAACc,IAAI,CAACE,WAAW,GAClB,EAAE,GACF,wCAAwC9C,IAAI,CAAC2C,MAAM,CAACb,IAAI,CAACc,IAAI,CAACE,WAAW,CAAC,KAChF;;;;;;;QAOE9C,IAAI,CAAC+C,UAAU,CAACjB,IAAI,CAAC;;;wFAG2D9B,IAAI,CAAC+C,UAAU,CAACT,YAAY,CAAC;;MAG7GH,GAAG,GACC,gBAAgBA,GAAG,yBAAyB,GAC5C,WAAWF,aAAa,WAC9B;;QAEE,CAAC;EACH,OAAOP,MAAM,CAACX,GAAG,CAACQ,OAAO,EAAEyB,IAAI,IAAI,OAAO,EAAEtD,MAAM,CAACuD,OAAO,CAACR,QAAQ,CAAC,CAAC;AACvE,CAAC,CAAC,CACH;AAAAS,OAAA,CAAA5B,KAAA,GAAAA,KAAA","ignoreList":[]}
package/dist/cjs/HttpApiSwagger.js CHANGED
@@ -8,6 +8,7 @@ var Effect = _interopRequireWildcard(require("effect/Effect"));
8
8
  var _HttpApi = require("./HttpApi.js");
9
9
  var _HttpApiBuilder = require("./HttpApiBuilder.js");
10
10
  var HttpServerResponse = _interopRequireWildcard(require("./HttpServerResponse.js"));
11
+ var Html = _interopRequireWildcard(require("./internal/html.js"));
11
12
  var internal = _interopRequireWildcard(require("./internal/httpApiSwagger.js"));
12
13
  var OpenApi = _interopRequireWildcard(require("./OpenApi.js"));
13
14
  function _interopRequireWildcard(e, t) { if ("function" == typeof WeakMap) var r = new WeakMap(), n = new WeakMap(); return (_interopRequireWildcard = function (e, t) { if (!t && e && e.__esModule) return e; var o, i, f = { __proto__: null, default: e }; if (null === e || "object" != typeof e && "function" != typeof e) return f; if (o = t ? n : r) { if (o.has(e)) return o.get(e); o.set(e, f); } for (const t in e) "default" !== t && {}.hasOwnProperty.call(e, t) && ((i = (o = Object.defineProperty) && Object.getOwnPropertyDescriptor(e, t)) && (i.get || i.set) ? o(f, t, i) : f[t] = e[t]); return f; })(e, t); }
@@ -16,6 +17,10 @@ function _interopRequireWildcard(e, t) { if ("function" == typeof WeakMap) var r
16
17
  */
17
18
 
18
19
  /**
20
+ * Exported layer mounting Swagger/OpenAPI documentation UI.
21
+ *
22
+ * @param options.path Optional mount path (default "/docs").
23
+ *
19
24
  * @since 1.0.0
20
25
  * @category layers
21
26
  */
@@ -29,16 +34,19 @@ const layer = options => _HttpApiBuilder.Router.use(router => Effect.gen(functio
29
34
  <head>
30
35
  <meta charset="utf-8" />
31
36
  <meta name="viewport" content="width=device-width, initial-scale=1" />
32
- <title>${spec.info.title} Documentation</title>
37
+ <title>${Html.escape(spec.info.title)} Documentation</title>
33
38
  <style>${internal.css}</style>
34
39
  </head>
35
40
  <body>
36
41
  <div id="swagger-ui"></div>
42
+ <script id="swagger-spec" type="application/json">
43
+ ${Html.escapeJson(spec)}
44
+ </script>
37
45
  <script>
38
46
  ${internal.javascript}
39
47
  window.onload = () => {
40
48
  window.ui = SwaggerUIBundle({
41
- spec: ${JSON.stringify(spec)},
49
+ spec: JSON.parse(document.getElementById("swagger-spec").textContent),
42
50
  dom_id: '#swagger-ui',
43
51
  });
44
52
  };
package/dist/cjs/HttpApiSwagger.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HttpApiSwagger.js","names":["Effect","_interopRequireWildcard","require","_HttpApi","_HttpApiBuilder","HttpServerResponse","internal","OpenApi","e","t","WeakMap","r","n","__esModule","o","i","f","__proto__","default","has","get","set","hasOwnProperty","call","Object","defineProperty","getOwnPropertyDescriptor","layer","options","Router","use","router","gen","api","Api","spec","fromApi","response","html","info","title","css","javascript","JSON","stringify","path","succeed","exports"],"sources":["../../src/HttpApiSwagger.ts"],"sourcesContent":[null],"mappings":";;;;;;AAGA,IAAAA,MAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,kBAAA,GAAAJ,uBAAA,CAAAC,OAAA;AACA,IAAAI,QAAA,GAAAL,uBAAA,CAAAC,OAAA;AACA,IAAAK,OAAA,GAAAN,uBAAA,CAAAC,OAAA;AAAuC,SAAAD,wBAAAO,CAAA,EAAAC,CAAA,6BAAAC,OAAA,MAAAC,CAAA,OAAAD,OAAA,IAAAE,CAAA,OAAAF,OAAA,YAAAT,uBAAA,YAAAA,CAAAO,CAAA,EAAAC,CAAA,SAAAA,CAAA,IAAAD,CAAA,IAAAA,CAAA,CAAAK,UAAA,SAAAL,CAAA,MAAAM,CAAA,EAAAC,CAAA,EAAAC,CAAA,KAAAC,SAAA,QAAAC,OAAA,EAAAV,CAAA,iBAAAA,CAAA,uBAAAA,CAAA,yBAAAA,CAAA,SAAAQ,CAAA,MAAAF,CAAA,GAAAL,CAAA,GAAAG,CAAA,GAAAD,CAAA,QAAAG,CAAA,CAAAK,GAAA,CAAAX,CAAA,UAAAM,CAAA,CAAAM,GAAA,CAAAZ,CAAA,GAAAM,CAAA,CAAAO,GAAA,CAAAb,CAAA,EAAAQ,CAAA,gBAAAP,CAAA,IAAAD,CAAA,gBAAAC,CAAA,OAAAa,cAAA,CAAAC,IAAA,CAAAf,CAAA,EAAAC,CAAA,OAAAM,CAAA,IAAAD,CAAA,GAAAU,MAAA,CAAAC,cAAA,KAAAD,MAAA,CAAAE,wBAAA,CAAAlB,CAAA,EAAAC,CAAA,OAAAM,CAAA,CAAAK,GAAA,IAAAL,CAAA,CAAAM,GAAA,IAAAP,CAAA,CAAAE,CAAA,EAAAP,CAAA,EAAAM,CAAA,IAAAC,CAAA,CAAAP,CAAA,IAAAD,CAAA,CAAAC,CAAA,WAAAO,CAAA,KAAAR,CAAA,EAAAC,CAAA;AATvC;;;;AAWA;;;;AAIO,MAAMkB,KAAK,GAAIC,OAErB,IACCC,sBAAM,CAACC,GAAG,CAAEC,MAAM,IAChB/B,MAAM,CAACgC,GAAG,CAAC,aAAS;EAClB,MAAM;IAAEC;EAAG,CAAE,GAAG,OAAOC,YAAG;EAC1B,MAAMC,IAAI,GAAG5B,OAAO,CAAC6B,OAAO,CAACH,GAAG,CAAC;EACjC,MAAMI,QAAQ,GAAGhC,kBAAkB,CAACiC,IAAI,CAAC;;;;;WAKpCH,IAAI,CAACI,IAAI,CAACC,KAAK;WACflC,QAAQ,CAACmC,GAAG;;;;;MAKjBnC,QAAQ,CAACoC,UAAU;;;gBAGTC,IAAI,CAACC,SAAS,CAACT,IAAI,CAAC;;;;;;QAM5B,CAAC;EACH,OAAOJ,MAAM,CAACX,GAAG,CAACQ,OAAO,EAAEiB,IAAI,IAAI,OAAO,EAAE7C,MAAM,CAAC8C,OAAO,CAACT,QAAQ,CAAC,CAAC;AACvE,CAAC,CAAC,CACH;AAAAU,OAAA,CAAApB,KAAA,GAAAA,KAAA","ignoreList":[]}
1
+ {"version":3,"file":"HttpApiSwagger.js","names":["Effect","_interopRequireWildcard","require","_HttpApi","_HttpApiBuilder","HttpServerResponse","Html","internal","OpenApi","e","t","WeakMap","r","n","__esModule","o","i","f","__proto__","default","has","get","set","hasOwnProperty","call","Object","defineProperty","getOwnPropertyDescriptor","layer","options","Router","use","router","gen","api","Api","spec","fromApi","response","html","escape","info","title","css","escapeJson","javascript","path","succeed","exports"],"sources":["../../src/HttpApiSwagger.ts"],"sourcesContent":[null],"mappings":";;;;;;AAGA,IAAAA,MAAA,GAAAC,uBAAA,CAAAC,OAAA;AAEA,IAAAC,QAAA,GAAAD,OAAA;AACA,IAAAE,eAAA,GAAAF,OAAA;AACA,IAAAG,kBAAA,GAAAJ,uBAAA,CAAAC,OAAA;AACA,IAAAI,IAAA,GAAAL,uBAAA,CAAAC,OAAA;AACA,IAAAK,QAAA,GAAAN,uBAAA,CAAAC,OAAA;AACA,IAAAM,OAAA,GAAAP,uBAAA,CAAAC,OAAA;AAAuC,SAAAD,wBAAAQ,CAAA,EAAAC,CAAA,6BAAAC,OAAA,MAAAC,CAAA,OAAAD,OAAA,IAAAE,CAAA,OAAAF,OAAA,YAAAV,uBAAA,YAAAA,CAAAQ,CAAA,EAAAC,CAAA,SAAAA,CAAA,IAAAD,CAAA,IAAAA,CAAA,CAAAK,UAAA,SAAAL,CAAA,MAAAM,CAAA,EAAAC,CAAA,EAAAC,CAAA,KAAAC,SAAA,QAAAC,OAAA,EAAAV,CAAA,iBAAAA,CAAA,uBAAAA,CAAA,yBAAAA,CAAA,SAAAQ,CAAA,MAAAF,CAAA,GAAAL,CAAA,GAAAG,CAAA,GAAAD,CAAA,QAAAG,CAAA,CAAAK,GAAA,CAAAX,CAAA,UAAAM,CAAA,CAAAM,GAAA,CAAAZ,CAAA,GAAAM,CAAA,CAAAO,GAAA,CAAAb,CAAA,EAAAQ,CAAA,gBAAAP,CAAA,IAAAD,CAAA,gBAAAC,CAAA,OAAAa,cAAA,CAAAC,IAAA,CAAAf,CAAA,EAAAC,CAAA,OAAAM,CAAA,IAAAD,CAAA,GAAAU,MAAA,CAAAC,cAAA,KAAAD,MAAA,CAAAE,wBAAA,CAAAlB,CAAA,EAAAC,CAAA,OAAAM,CAAA,CAAAK,GAAA,IAAAL,CAAA,CAAAM,GAAA,IAAAP,CAAA,CAAAE,CAAA,EAAAP,CAAA,EAAAM,CAAA,IAAAC,CAAA,CAAAP,CAAA,IAAAD,CAAA,CAAAC,CAAA,WAAAO,CAAA,KAAAR,CAAA,EAAAC,CAAA;AAVvC;;;;AAYA;;;;;;;;AAQO,MAAMkB,KAAK,GAAIC,OAErB,IACCC,sBAAM,CAACC,GAAG,CAAEC,MAAM,IAChBhC,MAAM,CAACiC,GAAG,CAAC,aAAS;EAClB,MAAM;IAAEC;EAAG,CAAE,GAAG,OAAOC,YAAG;EAC1B,MAAMC,IAAI,GAAG5B,OAAO,CAAC6B,OAAO,CAACH,GAAG,CAAC;EACjC,MAAMI,QAAQ,GAAGjC,kBAAkB,CAACkC,IAAI,CAAC;;;;;WAKpCjC,IAAI,CAACkC,MAAM,CAACJ,IAAI,CAACK,IAAI,CAACC,KAAK,CAAC;WAC5BnC,QAAQ,CAACoC,GAAG;;;;;MAKjBrC,IAAI,CAACsC,UAAU,CAACR,IAAI,CAAC;;;MAGrB7B,QAAQ,CAACsC,UAAU;;;;;;;;;QASjB,CAAC;EACH,OAAOb,MAAM,CAACX,GAAG,CAACQ,OAAO,EAAEiB,IAAI,IAAI,OAAO,EAAE9C,MAAM,CAAC+C,OAAO,CAACT,QAAQ,CAAC,CAAC;AACvE,CAAC,CAAC,CACH;AAAAU,OAAA,CAAApB,KAAA,GAAAA,KAAA","ignoreList":[]}
package/dist/cjs/internal/html.js ADDED
@@ -0,0 +1,32 @@
1
+ "use strict";
2
+
3
+ Object.defineProperty(exports, "__esModule", {
4
+ value: true
5
+ });
6
+ exports.escape = escape;
7
+ exports.escapeJson = escapeJson;
8
+ // Regex to find closing </script> tags in JSON to prevent breaking out of script context
9
+ const ESCAPE_SCRIPT_END = /<\/script>/gi;
10
+ // Regex to find Unicode line terminators that are valid JSON but break JS string literals
11
+ const ESCAPE_LINE_TERMS = /[\u2028\u2029]/g;
12
+ /**
13
+ * Safely serialize an object to a JSON string
14
+ * and escape any sequences that could break <script> blocks.
15
+ *
16
+ * - Replaces `</script>` with `<\/script>` to avoid premature tag closing.
17
+ * - Escapes U+2028 and U+2029 as literal \u2028 / \u2029.
18
+ *
19
+ * @internal
20
+ */
21
+ function escapeJson(spec) {
22
+ return JSON.stringify(spec).replace(ESCAPE_SCRIPT_END, "<\\/script>").replace(ESCAPE_LINE_TERMS, c => c === "\u2028" ? "\\u2028" : "\\u2029");
23
+ }
24
+ /**
25
+ * HTML-escape text content to prevent injection in text nodes or attributes.
26
+ *
27
+ * @internal
28
+ */
29
+ function escape(str) {
30
+ return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
31
+ }
32
+ //# sourceMappingURL=html.js.map
package/dist/cjs/internal/html.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"html.js","names":["ESCAPE_SCRIPT_END","ESCAPE_LINE_TERMS","escapeJson","spec","JSON","stringify","replace","c","escape","str"],"sources":["../../../src/internal/html.ts"],"sourcesContent":[null],"mappings":";;;;;;;AAAA;AACA,MAAMA,iBAAiB,GAAG,cAAc;AAExC;AACA,MAAMC,iBAAiB,GAAG,iBAAiB;AAE3C;;;;;;;;;AASM,SAAUC,UAAUA,CAACC,IAAa;EACtC,OAAOC,IAAI,CAACC,SAAS,CAACF,IAAI,CAAC,CACxBG,OAAO,CAACN,iBAAiB,EAAE,aAAa,CAAC,CACzCM,OAAO,CAACL,iBAAiB,EAAGM,CAAC,IAAKA,CAAC,KAAK,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC;AAC9E;AAEA;;;;;AAKM,SAAUC,MAAMA,CAACC,GAAW;EAChC,OAAOA,GAAG,CACPH,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CACtBA,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CACrBA,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;AAC1B","ignoreList":[]}
package/dist/dts/HttpApiScalar.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HttpApiScalar.d.ts","sourceRoot":"","sources":["../../src/HttpApiScalar.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,cAAc,CAAA;AACzC,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAMlC;;;GAGG;AACH,MAAM,MAAM,aAAa,GACrB,WAAW,GACX,SAAS,GACT,MAAM,GACN,QAAQ,GACR,WAAW,GACX,YAAY,GACZ,WAAW,GACX,QAAQ,GACR,QAAQ,GACR,MAAM,GACN,MAAM,CAAA;AAEV;;;;;GAKG;AACH,MAAM,MAAM,kBAAkB,GAC1B,MAAM,GACN;IAAE,IAAI,EAAE,SAAS,CAAA;CAAE,GACnB;IACA,IAAI,EAAE,KAAK,CAAA;IACX,OAAO,CAAC,EAAE,QAAQ,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAA;CACnC,CAAA;AAEH;;;;;GAKG;AACH,MAAM,MAAM,YAAY,GAAG;IACzB,+CAA+C;IAC/C,KAAK,CAAC,EAAE,aAAa,CAAA;IACrB,2CAA2C;IAC3C,MAAM,CAAC,EAAE,QAAQ,GAAG,SAAS,CAAA;IAC7B,gDAAgD;IAChD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,yCAAyC;IACzC,UAAU,CAAC,EAAE,OAAO,CAAA;IACpB,kCAAkC;IAClC,WAAW,CAAC,EAAE,OAAO,CAAA;IACrB;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAA;IACpB;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAA;IAC5B;;;;OAIG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAA;IACpB,4DAA4D;IAC5D,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,kEAAkE;IAClE,kBAAkB,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;IACrC,2CAA2C;IAC3C,kBAAkB,CAAC,EAAE,OAAO,CAAA;IAC5B;;;;;OAKG;IACH,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,yCAAyC;IACzC,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;;;;;OAOG;IACH,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAA;CAC7B,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,KAAK,GAAI,UAAU;IAC9B,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,MAAM,EAAE,GAAG,SAAS,CAAA;IACxC,QAAQ,CAAC,MAAM,CAAC,EAAE,kBAAkB,CAAA;IACpC,QAAQ,CAAC,MAAM,CAAC,EAAE,YAAY,CAAA;CAC/B,KAAG,KAAK,CAAC,KAAK,EAAE,KAAK,EAAE,GAAG,CA0DxB,CAAA"}
1
+ {"version":3,"file":"HttpApiScalar.d.ts","sourceRoot":"","sources":["../../src/HttpApiScalar.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,cAAc,CAAA;AACzC,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAOlC;;;GAGG;AACH,MAAM,MAAM,aAAa,GACrB,WAAW,GACX,SAAS,GACT,MAAM,GACN,QAAQ,GACR,WAAW,GACX,YAAY,GACZ,WAAW,GACX,QAAQ,GACR,QAAQ,GACR,MAAM,GACN,MAAM,CAAA;AAEV;;;;;GAKG;AACH,MAAM,MAAM,kBAAkB,GAC1B,MAAM,GACN;IAAE,IAAI,EAAE,SAAS,CAAA;CAAE,GACnB;IACA,IAAI,EAAE,KAAK,CAAA;IACX,OAAO,CAAC,EAAE,QAAQ,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAA;CACnC,CAAA;AAEH;;;;;GAKG;AACH,MAAM,MAAM,YAAY,GAAG;IACzB,+CAA+C;IAC/C,KAAK,CAAC,EAAE,aAAa,CAAA;IACrB,2CAA2C;IAC3C,MAAM,CAAC,EAAE,QAAQ,GAAG,SAAS,CAAA;IAC7B,gDAAgD;IAChD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,yCAAyC;IACzC,UAAU,CAAC,EAAE,OAAO,CAAA;IACpB,kCAAkC;IAClC,WAAW,CAAC,EAAE,OAAO,CAAA;IACrB;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAA;IACpB;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAA;IAC5B;;;;OAIG;IACH,qBAAqB,CAAC,EAAE,OAAO,CAAA;IAC/B;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAA;IACpB,4DAA4D;IAC5D,QAAQ,CAAC,EAAE,OAAO,CAAA;IAClB,kEAAkE;IAClE,kBAAkB,CAAC,EAAE,MAAM,GAAG,OAAO,CAAA;IACrC,2CAA2C;IAC3C,kBAAkB,CAAC,EAAE,OAAO,CAAA;IAC5B;;;;;OAKG;IACH,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,yCAAyC;IACzC,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB;;;;;;;OAOG;IACH,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB;;;;OAIG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B;;;;OAIG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAA;CAC7B,CAAA;AAED;;;GAGG;AACH,eAAO,MAAM,KAAK,GAAI,UAAU;IAC9B,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,MAAM,EAAE,GAAG,SAAS,CAAA;IACxC,QAAQ,CAAC,MAAM,CAAC,EAAE,kBAAkB,CAAA;IACpC,QAAQ,CAAC,MAAM,CAAC,EAAE,YAAY,CAAA;CAC/B,KAAG,KAAK,CAAC,KAAK,EAAE,KAAK,EAAE,GAAG,CA0DxB,CAAA"}
package/dist/dts/HttpApiSwagger.d.ts CHANGED
@@ -1,6 +1,10 @@
1
1
  import type { Layer } from "effect/Layer";
2
2
  import { Api } from "./HttpApi.js";
3
3
  /**
4
+ * Exported layer mounting Swagger/OpenAPI documentation UI.
5
+ *
6
+ * @param options.path Optional mount path (default "/docs").
7
+ *
4
8
  * @since 1.0.0
5
9
  * @category layers
6
10
  */
package/dist/dts/HttpApiSwagger.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HttpApiSwagger.d.ts","sourceRoot":"","sources":["../../src/HttpApiSwagger.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,cAAc,CAAA;AACzC,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAMlC;;;GAGG;AACH,eAAO,MAAM,KAAK,GAAI,UAAU;IAC9B,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,MAAM,EAAE,GAAG,SAAS,CAAA;CACzC,KAAG,KAAK,CAAC,KAAK,EAAE,KAAK,EAAE,GAAG,CA4BxB,CAAA"}
1
+ {"version":3,"file":"HttpApiSwagger.d.ts","sourceRoot":"","sources":["../../src/HttpApiSwagger.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,cAAc,CAAA;AACzC,OAAO,EAAE,GAAG,EAAE,MAAM,cAAc,CAAA;AAOlC;;;;;;;GAOG;AACH,eAAO,MAAM,KAAK,GAAI,UAAU;IAC9B,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,MAAM,EAAE,GAAG,SAAS,CAAA;CACzC,KAAG,KAAK,CAAC,KAAK,EAAE,KAAK,EAAE,GAAG,CA+BxB,CAAA"}
package/dist/dts/internal/html.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ export {};
2
+ //# sourceMappingURL=html.d.ts.map
package/dist/dts/internal/html.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"html.d.ts","sourceRoot":"","sources":["../../../src/internal/html.ts"],"names":[],"mappings":""}
package/dist/esm/HttpApiScalar.js CHANGED
@@ -5,6 +5,7 @@ import * as Effect from "effect/Effect";
5
5
  import { Api } from "./HttpApi.js";
6
6
  import { Router } from "./HttpApiBuilder.js";
7
7
  import * as HttpServerResponse from "./HttpServerResponse.js";
8
+ import * as Html from "./internal/html.js";
8
9
  import * as internal from "./internal/httpApiScalar.js";
9
10
  import * as OpenApi from "./OpenApi.js";
10
11
  /**
@@ -27,19 +28,19 @@ export const layer = options => Router.use(router => Effect.gen(function* () {
27
28
  <html>
28
29
  <head>
29
30
  <meta charset="utf-8" />
30
- <title>${spec.info.title}</title>
31
- ${!spec.info.description ? "" : `<meta name="description" content="${spec.info.description}"/>`}
32
- ${!spec.info.description ? "" : `<meta name="og:description" content="${spec.info.description}"/>`}
31
+ <title>${Html.escape(spec.info.title)}</title>
32
+ ${!spec.info.description ? "" : `<meta name="description" content="${Html.escape(spec.info.description)}"/>`}
33
+ ${!spec.info.description ? "" : `<meta name="og:description" content="${Html.escape(spec.info.description)}"/>`}
33
34
  <meta
34
35
  name="viewport"
35
36
  content="width=device-width, initial-scale=1" />
36
37
  </head>
37
38
  <body>
38
39
  <script id="api-reference" type="application/json">
39
- ${JSON.stringify(spec)}
40
+ ${Html.escapeJson(spec)}
40
41
  </script>
41
42
  <script>
42
- document.getElementById('api-reference').dataset.configuration = JSON.stringify(${JSON.stringify(scalarConfig)})
43
+ document.getElementById('api-reference').dataset.configuration = JSON.stringify(${Html.escapeJson(scalarConfig)})
43
44
  </script>
44
45
  ${src ? `<script src="${src}" crossorigin></script>` : `<script>${defaultScript}</script>`}
45
46
  </body>
package/dist/esm/HttpApiScalar.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HttpApiScalar.js","names":["Effect","Api","Router","HttpServerResponse","internal","OpenApi","layer","options","use","router","gen","api","spec","fromApi","source","defaultScript","javascript","src","type","version","scalarConfig","_integration","scalar","response","html","info","title","description","JSON","stringify","get","path","succeed"],"sources":["../../src/HttpApiScalar.ts"],"sourcesContent":[null],"mappings":"AAAA;;;AAGA,OAAO,KAAKA,MAAM,MAAM,eAAe;AAEvC,SAASC,GAAG,QAAQ,cAAc;AAClC,SAASC,MAAM,QAAQ,qBAAqB;AAC5C,OAAO,KAAKC,kBAAkB,MAAM,yBAAyB;AAC7D,OAAO,KAAKC,QAAQ,MAAM,6BAA6B;AACvD,OAAO,KAAKC,OAAO,MAAM,cAAc;AAgHvC;;;;AAIA,OAAO,MAAMC,KAAK,GAAIC,OAIrB,IACCL,MAAM,CAACM,GAAG,CAAEC,MAAM,IAChBT,MAAM,CAACU,GAAG,CAAC,aAAS;EAClB,MAAM;IAAEC;EAAG,CAAE,GAAG,OAAOV,GAAG;EAC1B,MAAMW,IAAI,GAAGP,OAAO,CAACQ,OAAO,CAACF,GAAG,CAAC;EAEjC,MAAMG,MAAM,GAAGP,OAAO,EAAEO,MAAM;EAC9B,MAAMC,aAAa,GAAGX,QAAQ,CAACY,UAAU;EACzC,MAAMC,GAAG,GAAkBH,MAAM,GAC7B,OAAOA,MAAM,KAAK,QAAQ,GACxBA,MAAM,GACNA,MAAM,CAACI,IAAI,KAAK,KAAK,GACrB,sDACAJ,MAAM,CAACK,OAAO,IAAI,QACpB,iCAAiC,GAC/B,IAAI,GACN,IAAI;EAER,MAAMC,YAAY,GAAG;IACnBC,YAAY,EAAE,MAAM;IACpB,GAAGd,OAAO,EAAEe;GACb;EAED,MAAMC,QAAQ,GAAGpB,kBAAkB,CAACqB,IAAI,CAAC;;;;aAIlCZ,IAAI,CAACa,IAAI,CAACC,KAAK;MAEpB,CAACd,IAAI,CAACa,IAAI,CAACE,WAAW,GAClB,EAAE,GACF,qCAAqCf,IAAI,CAACa,IAAI,CAACE,WAAW,KAChE;MAEE,CAACf,IAAI,CAACa,IAAI,CAACE,WAAW,GAClB,EAAE,GACF,wCAAwCf,IAAI,CAACa,IAAI,CAACE,WAAW,KACnE;;;;;;;QAOEC,IAAI,CAACC,SAAS,CAACjB,IAAI,CAAC;;;wFAG4DgB,IAAI,CAACC,SAAS,CAACT,YAAY,CAAC;;MAG5GH,GAAG,GACC,gBAAgBA,GAAG,yBAAyB,GAC5C,WAAWF,aAAa,WAC9B;;QAEE,CAAC;EACH,OAAON,MAAM,CAACqB,GAAG,CAACvB,OAAO,EAAEwB,IAAI,IAAI,OAAO,EAAE/B,MAAM,CAACgC,OAAO,CAACT,QAAQ,CAAC,CAAC;AACvE,CAAC,CAAC,CACH","ignoreList":[]}
1
+ {"version":3,"file":"HttpApiScalar.js","names":["Effect","Api","Router","HttpServerResponse","Html","internal","OpenApi","layer","options","use","router","gen","api","spec","fromApi","source","defaultScript","javascript","src","type","version","scalarConfig","_integration","scalar","response","html","escape","info","title","description","escapeJson","get","path","succeed"],"sources":["../../src/HttpApiScalar.ts"],"sourcesContent":[null],"mappings":"AAAA;;;AAGA,OAAO,KAAKA,MAAM,MAAM,eAAe;AAEvC,SAASC,GAAG,QAAQ,cAAc;AAClC,SAASC,MAAM,QAAQ,qBAAqB;AAC5C,OAAO,KAAKC,kBAAkB,MAAM,yBAAyB;AAC7D,OAAO,KAAKC,IAAI,MAAM,oBAAoB;AAC1C,OAAO,KAAKC,QAAQ,MAAM,6BAA6B;AACvD,OAAO,KAAKC,OAAO,MAAM,cAAc;AAgHvC;;;;AAIA,OAAO,MAAMC,KAAK,GAAIC,OAIrB,IACCN,MAAM,CAACO,GAAG,CAAEC,MAAM,IAChBV,MAAM,CAACW,GAAG,CAAC,aAAS;EAClB,MAAM;IAAEC;EAAG,CAAE,GAAG,OAAOX,GAAG;EAC1B,MAAMY,IAAI,GAAGP,OAAO,CAACQ,OAAO,CAACF,GAAG,CAAC;EAEjC,MAAMG,MAAM,GAAGP,OAAO,EAAEO,MAAM;EAC9B,MAAMC,aAAa,GAAGX,QAAQ,CAACY,UAAU;EACzC,MAAMC,GAAG,GAAkBH,MAAM,GAC7B,OAAOA,MAAM,KAAK,QAAQ,GACxBA,MAAM,GACNA,MAAM,CAACI,IAAI,KAAK,KAAK,GACrB,sDACAJ,MAAM,CAACK,OAAO,IAAI,QACpB,iCAAiC,GAC/B,IAAI,GACN,IAAI;EAER,MAAMC,YAAY,GAAG;IACnBC,YAAY,EAAE,MAAM;IACpB,GAAGd,OAAO,EAAEe;GACb;EAED,MAAMC,QAAQ,GAAGrB,kBAAkB,CAACsB,IAAI,CAAC;;;;aAIlCrB,IAAI,CAACsB,MAAM,CAACb,IAAI,CAACc,IAAI,CAACC,KAAK,CAAC;MAEjC,CAACf,IAAI,CAACc,IAAI,CAACE,WAAW,GAClB,EAAE,GACF,qCAAqCzB,IAAI,CAACsB,MAAM,CAACb,IAAI,CAACc,IAAI,CAACE,WAAW,CAAC,KAC7E;MAEE,CAAChB,IAAI,CAACc,IAAI,CAACE,WAAW,GAClB,EAAE,GACF,wCAAwCzB,IAAI,CAACsB,MAAM,CAACb,IAAI,CAACc,IAAI,CAACE,WAAW,CAAC,KAChF;;;;;;;QAOEzB,IAAI,CAAC0B,UAAU,CAACjB,IAAI,CAAC;;;wFAG2DT,IAAI,CAAC0B,UAAU,CAACT,YAAY,CAAC;;MAG7GH,GAAG,GACC,gBAAgBA,GAAG,yBAAyB,GAC5C,WAAWF,aAAa,WAC9B;;QAEE,CAAC;EACH,OAAON,MAAM,CAACqB,GAAG,CAACvB,OAAO,EAAEwB,IAAI,IAAI,OAAO,EAAEhC,MAAM,CAACiC,OAAO,CAACT,QAAQ,CAAC,CAAC;AACvE,CAAC,CAAC,CACH","ignoreList":[]}
package/dist/esm/HttpApiSwagger.js CHANGED
@@ -5,9 +5,14 @@ import * as Effect from "effect/Effect";
5
5
  import { Api } from "./HttpApi.js";
6
6
  import { Router } from "./HttpApiBuilder.js";
7
7
  import * as HttpServerResponse from "./HttpServerResponse.js";
8
+ import * as Html from "./internal/html.js";
8
9
  import * as internal from "./internal/httpApiSwagger.js";
9
10
  import * as OpenApi from "./OpenApi.js";
10
11
  /**
12
+ * Exported layer mounting Swagger/OpenAPI documentation UI.
13
+ *
14
+ * @param options.path Optional mount path (default "/docs").
15
+ *
11
16
  * @since 1.0.0
12
17
  * @category layers
13
18
  */
@@ -21,16 +26,19 @@ export const layer = options => Router.use(router => Effect.gen(function* () {
21
26
  <head>
22
27
  <meta charset="utf-8" />
23
28
  <meta name="viewport" content="width=device-width, initial-scale=1" />
24
- <title>${spec.info.title} Documentation</title>
29
+ <title>${Html.escape(spec.info.title)} Documentation</title>
25
30
  <style>${internal.css}</style>
26
31
  </head>
27
32
  <body>
28
33
  <div id="swagger-ui"></div>
34
+ <script id="swagger-spec" type="application/json">
35
+ ${Html.escapeJson(spec)}
36
+ </script>
29
37
  <script>
30
38
  ${internal.javascript}
31
39
  window.onload = () => {
32
40
  window.ui = SwaggerUIBundle({
33
- spec: ${JSON.stringify(spec)},
41
+ spec: JSON.parse(document.getElementById("swagger-spec").textContent),
34
42
  dom_id: '#swagger-ui',
35
43
  });
36
44
  };
package/dist/esm/HttpApiSwagger.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"HttpApiSwagger.js","names":["Effect","Api","Router","HttpServerResponse","internal","OpenApi","layer","options","use","router","gen","api","spec","fromApi","response","html","info","title","css","javascript","JSON","stringify","get","path","succeed"],"sources":["../../src/HttpApiSwagger.ts"],"sourcesContent":[null],"mappings":"AAAA;;;AAGA,OAAO,KAAKA,MAAM,MAAM,eAAe;AAEvC,SAASC,GAAG,QAAQ,cAAc;AAClC,SAASC,MAAM,QAAQ,qBAAqB;AAC5C,OAAO,KAAKC,kBAAkB,MAAM,yBAAyB;AAC7D,OAAO,KAAKC,QAAQ,MAAM,8BAA8B;AACxD,OAAO,KAAKC,OAAO,MAAM,cAAc;AAEvC;;;;AAIA,OAAO,MAAMC,KAAK,GAAIC,OAErB,IACCL,MAAM,CAACM,GAAG,CAAEC,MAAM,IAChBT,MAAM,CAACU,GAAG,CAAC,aAAS;EAClB,MAAM;IAAEC;EAAG,CAAE,GAAG,OAAOV,GAAG;EAC1B,MAAMW,IAAI,GAAGP,OAAO,CAACQ,OAAO,CAACF,GAAG,CAAC;EACjC,MAAMG,QAAQ,GAAGX,kBAAkB,CAACY,IAAI,CAAC;;;;;WAKpCH,IAAI,CAACI,IAAI,CAACC,KAAK;WACfb,QAAQ,CAACc,GAAG;;;;;MAKjBd,QAAQ,CAACe,UAAU;;;gBAGTC,IAAI,CAACC,SAAS,CAACT,IAAI,CAAC;;;;;;QAM5B,CAAC;EACH,OAAOH,MAAM,CAACa,GAAG,CAACf,OAAO,EAAEgB,IAAI,IAAI,OAAO,EAAEvB,MAAM,CAACwB,OAAO,CAACV,QAAQ,CAAC,CAAC;AACvE,CAAC,CAAC,CACH","ignoreList":[]}
1
+ {"version":3,"file":"HttpApiSwagger.js","names":["Effect","Api","Router","HttpServerResponse","Html","internal","OpenApi","layer","options","use","router","gen","api","spec","fromApi","response","html","escape","info","title","css","escapeJson","javascript","get","path","succeed"],"sources":["../../src/HttpApiSwagger.ts"],"sourcesContent":[null],"mappings":"AAAA;;;AAGA,OAAO,KAAKA,MAAM,MAAM,eAAe;AAEvC,SAASC,GAAG,QAAQ,cAAc;AAClC,SAASC,MAAM,QAAQ,qBAAqB;AAC5C,OAAO,KAAKC,kBAAkB,MAAM,yBAAyB;AAC7D,OAAO,KAAKC,IAAI,MAAM,oBAAoB;AAC1C,OAAO,KAAKC,QAAQ,MAAM,8BAA8B;AACxD,OAAO,KAAKC,OAAO,MAAM,cAAc;AAEvC;;;;;;;;AAQA,OAAO,MAAMC,KAAK,GAAIC,OAErB,IACCN,MAAM,CAACO,GAAG,CAAEC,MAAM,IAChBV,MAAM,CAACW,GAAG,CAAC,aAAS;EAClB,MAAM;IAAEC;EAAG,CAAE,GAAG,OAAOX,GAAG;EAC1B,MAAMY,IAAI,GAAGP,OAAO,CAACQ,OAAO,CAACF,GAAG,CAAC;EACjC,MAAMG,QAAQ,GAAGZ,kBAAkB,CAACa,IAAI,CAAC;;;;;WAKpCZ,IAAI,CAACa,MAAM,CAACJ,IAAI,CAACK,IAAI,CAACC,KAAK,CAAC;WAC5Bd,QAAQ,CAACe,GAAG;;;;;MAKjBhB,IAAI,CAACiB,UAAU,CAACR,IAAI,CAAC;;;MAGrBR,QAAQ,CAACiB,UAAU;;;;;;;;;QASjB,CAAC;EACH,OAAOZ,MAAM,CAACa,GAAG,CAACf,OAAO,EAAEgB,IAAI,IAAI,OAAO,EAAExB,MAAM,CAACyB,OAAO,CAACV,QAAQ,CAAC,CAAC;AACvE,CAAC,CAAC,CACH","ignoreList":[]}
package/dist/esm/internal/html.js ADDED
@@ -0,0 +1,25 @@
1
+ // Regex to find closing </script> tags in JSON to prevent breaking out of script context
2
+ const ESCAPE_SCRIPT_END = /<\/script>/gi;
3
+ // Regex to find Unicode line terminators that are valid JSON but break JS string literals
4
+ const ESCAPE_LINE_TERMS = /[\u2028\u2029]/g;
5
+ /**
6
+ * Safely serialize an object to a JSON string
7
+ * and escape any sequences that could break <script> blocks.
8
+ *
9
+ * - Replaces `</script>` with `<\/script>` to avoid premature tag closing.
10
+ * - Escapes U+2028 and U+2029 as literal \u2028 / \u2029.
11
+ *
12
+ * @internal
13
+ */
14
+ export function escapeJson(spec) {
15
+ return JSON.stringify(spec).replace(ESCAPE_SCRIPT_END, "<\\/script>").replace(ESCAPE_LINE_TERMS, c => c === "\u2028" ? "\\u2028" : "\\u2029");
16
+ }
17
+ /**
18
+ * HTML-escape text content to prevent injection in text nodes or attributes.
19
+ *
20
+ * @internal
21
+ */
22
+ export function escape(str) {
23
+ return str.replace(/&/g, "&amp;").replace(/</g, "&lt;").replace(/>/g, "&gt;");
24
+ }
25
+ //# sourceMappingURL=html.js.map
package/dist/esm/internal/html.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"html.js","names":["ESCAPE_SCRIPT_END","ESCAPE_LINE_TERMS","escapeJson","spec","JSON","stringify","replace","c","escape","str"],"sources":["../../../src/internal/html.ts"],"sourcesContent":[null],"mappings":"AAAA;AACA,MAAMA,iBAAiB,GAAG,cAAc;AAExC;AACA,MAAMC,iBAAiB,GAAG,iBAAiB;AAE3C;;;;;;;;;AASA,OAAM,SAAUC,UAAUA,CAACC,IAAa;EACtC,OAAOC,IAAI,CAACC,SAAS,CAACF,IAAI,CAAC,CACxBG,OAAO,CAACN,iBAAiB,EAAE,aAAa,CAAC,CACzCM,OAAO,CAACL,iBAAiB,EAAGM,CAAC,IAAKA,CAAC,KAAK,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAC;AAC9E;AAEA;;;;;AAKA,OAAM,SAAUC,MAAMA,CAACC,GAAW;EAChC,OAAOA,GAAG,CACPH,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,CACtBA,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,CACrBA,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;AAC1B","ignoreList":[]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@effect/platform",
3
- "version": "0.82.5",
3
+ "version": "0.82.6",
4
4
  "description": "Unified interfaces for common platform-specific services",
5
5
  "license": "MIT",
6
6
  "repository": {
package/src/HttpApiScalar.ts CHANGED
@@ -6,6 +6,7 @@ import type { Layer } from "effect/Layer"
6
6
  import { Api } from "./HttpApi.js"
7
7
  import { Router } from "./HttpApiBuilder.js"
8
8
  import * as HttpServerResponse from "./HttpServerResponse.js"
9
+ import * as Html from "./internal/html.js"
9
10
  import * as internal from "./internal/httpApiScalar.js"
10
11
  import * as OpenApi from "./OpenApi.js"
11
12
 
@@ -154,16 +155,16 @@ export const layer = (options?: {
154
155
  <html>
155
156
  <head>
156
157
  <meta charset="utf-8" />
157
- <title>${spec.info.title}</title>
158
+ <title>${Html.escape(spec.info.title)}</title>
158
159
  ${
159
160
  !spec.info.description
160
161
  ? ""
161
- : `<meta name="description" content="${spec.info.description}"/>`
162
+ : `<meta name="description" content="${Html.escape(spec.info.description)}"/>`
162
163
  }
163
164
  ${
164
165
  !spec.info.description
165
166
  ? ""
166
- : `<meta name="og:description" content="${spec.info.description}"/>`
167
+ : `<meta name="og:description" content="${Html.escape(spec.info.description)}"/>`
167
168
  }
168
169
  <meta
169
170
  name="viewport"
@@ -171,10 +172,10 @@ export const layer = (options?: {
171
172
  </head>
172
173
  <body>
173
174
  <script id="api-reference" type="application/json">
174
- ${JSON.stringify(spec)}
175
+ ${Html.escapeJson(spec)}
175
176
  </script>
176
177
  <script>
177
- document.getElementById('api-reference').dataset.configuration = JSON.stringify(${JSON.stringify(scalarConfig)})
178
+ document.getElementById('api-reference').dataset.configuration = JSON.stringify(${Html.escapeJson(scalarConfig)})
178
179
  </script>
179
180
  ${
180
181
  src
package/src/HttpApiSwagger.ts CHANGED
@@ -6,10 +6,15 @@ import type { Layer } from "effect/Layer"
6
6
  import { Api } from "./HttpApi.js"
7
7
  import { Router } from "./HttpApiBuilder.js"
8
8
  import * as HttpServerResponse from "./HttpServerResponse.js"
9
+ import * as Html from "./internal/html.js"
9
10
  import * as internal from "./internal/httpApiSwagger.js"
10
11
  import * as OpenApi from "./OpenApi.js"
11
12
 
12
13
  /**
14
+ * Exported layer mounting Swagger/OpenAPI documentation UI.
15
+ *
16
+ * @param options.path Optional mount path (default "/docs").
17
+ *
13
18
  * @since 1.0.0
14
19
  * @category layers
15
20
  */
@@ -25,16 +30,19 @@ export const layer = (options?: {
25
30
  <head>
26
31
  <meta charset="utf-8" />
27
32
  <meta name="viewport" content="width=device-width, initial-scale=1" />
28
- <title>${spec.info.title} Documentation</title>
33
+ <title>${Html.escape(spec.info.title)} Documentation</title>
29
34
  <style>${internal.css}</style>
30
35
  </head>
31
36
  <body>
32
37
  <div id="swagger-ui"></div>
38
+ <script id="swagger-spec" type="application/json">
39
+ ${Html.escapeJson(spec)}
40
+ </script>
33
41
  <script>
34
42
  ${internal.javascript}
35
43
  window.onload = () => {
36
44
  window.ui = SwaggerUIBundle({
37
- spec: ${JSON.stringify(spec)},
45
+ spec: JSON.parse(document.getElementById("swagger-spec").textContent),
38
46
  dom_id: '#swagger-ui',
39
47
  });
40
48
  };
package/src/internal/html.ts ADDED
@@ -0,0 +1,32 @@
1
+ // Regex to find closing </script> tags in JSON to prevent breaking out of script context
2
+ const ESCAPE_SCRIPT_END = /<\/script>/gi
3
+
4
+ // Regex to find Unicode line terminators that are valid JSON but break JS string literals
5
+ const ESCAPE_LINE_TERMS = /[\u2028\u2029]/g
6
+
7
+ /**
8
+ * Safely serialize an object to a JSON string
9
+ * and escape any sequences that could break <script> blocks.
10
+ *
11
+ * - Replaces `</script>` with `<\/script>` to avoid premature tag closing.
12
+ * - Escapes U+2028 and U+2029 as literal \u2028 / \u2029.
13
+ *
14
+ * @internal
15
+ */
16
+ export function escapeJson(spec: unknown): string {
17
+ return JSON.stringify(spec)
18
+ .replace(ESCAPE_SCRIPT_END, "<\\/script>")
19
+ .replace(ESCAPE_LINE_TERMS, (c) => c === "\u2028" ? "\\u2028" : "\\u2029")
20
+ }
21
+
22
+ /**
23
+ * HTML-escape text content to prevent injection in text nodes or attributes.
24
+ *
25
+ * @internal
26
+ */
27
+ export function escape(str: string): string {
28
+ return str
29
+ .replace(/&/g, "&amp;")
30
+ .replace(/</g, "&lt;")
31
+ .replace(/>/g, "&gt;")
32
+ }