@eggjs/jsonp 3.0.0 → 4.0.0-beta.17

package/README.md

@@ -1,8 +1,6 @@
 # @eggjs/jsonp
 
 [![NPM version][npm-image]][npm-url]
-[![Node.js CI](https://github.com/eggjs/jsonp/actions/workflows/nodejs.yml/badge.svg)](https://github.com/eggjs/jsonp/actions/workflows/nodejs.yml)
-[![Test coverage][codecov-image]][codecov-url]
 [![Known Vulnerabilities][snyk-image]][snyk-url]
 [![npm download][download-image]][download-url]
 [![Node.js Version](https://img.shields.io/node/v/@eggjs/jsonp.svg?style=flat)](https://nodejs.org/en/download/)
@@ -10,8 +8,6 @@
 
 [npm-image]: https://img.shields.io/npm/v/@eggjs/jsonp.svg?style=flat-square
 [npm-url]: https://npmjs.org/package/@eggjs/jsonp
-[codecov-image]: https://img.shields.io/codecov/c/github/eggjs/jsonp.svg?style=flat-square
-[codecov-url]: https://codecov.io/github/eggjs/jsonp?branch=master
 [snyk-image]: https://snyk.io/test/npm/@eggjs/jsonp/badge.svg?style=flat-square
 [snyk-url]: https://snyk.io/test/npm/@eggjs/jsonp
 [download-image]: https://img.shields.io/npm/dm/@eggjs/jsonp.svg?style=flat-square
@@ -100,7 +96,7 @@ whiteList also can be an array:
 ```ts
 export default {
   jsonp: {
-    whiteList: [ '.foo.com', '.bar.com' ],
+    whiteList: ['.foo.com', '.bar.com'],
   },
 };
 ```
@@ -136,6 +132,6 @@ Please open an issue [here](https://github.com/eggjs/egg/issues).
 
 ## Contributors
 
-[![Contributors](https://contrib.rocks/image?repo=eggjs/jsonp)](https://github.com/eggjs/jsonp/graphs/contributors)
+[![Contributors](https://contrib.rocks/image?repo=eggjs/egg)](https://github.com/eggjs/egg/graphs/contributors)
 
 Made with [contributors-img](https://contrib.rocks).

package/dist/app/extend/application.d.ts

@@ -0,0 +1,14 @@
+import { JSONPConfig } from "../../config/config.default.js";
+import { Application, MiddlewareFunc } from "egg";
+
+//#region src/app/extend/application.d.ts
+declare class JSONPApplication extends Application {
+  /**
+   * return a middleware to enable jsonp response.
+   * will do some security check inside.
+   * @public
+   */
+  jsonp(initOptions?: Partial<JSONPConfig>): MiddlewareFunc;
+}
+//#endregion
+export { JSONPApplication as default };

package/dist/app/extend/application.js

@@ -0,0 +1,83 @@
+import { JSONPForbiddenReferrerError } from "../../error/JSONPForbiddenReferrerError.js";
+import { JSONP_CONFIG } from "../../lib/private_key.js";
+import "./context.js";
+import { debuglog } from "node:util";
+import { parse } from "node:url";
+import { Application } from "egg";
+
+//#region src/app/extend/application.ts
+const debug = debuglog("egg/jsonp/app/extend/application");
+var JSONPApplication = class extends Application {
+	/**
+	* return a middleware to enable jsonp response.
+	* will do some security check inside.
+	* @public
+	*/
+	jsonp(initOptions = {}) {
+		const options = {
+			...this.config.jsonp,
+			...initOptions
+		};
+		if (!Array.isArray(options.callback)) options.callback = [options.callback];
+		const csrfEnable = this.plugins.security && this.plugins.security.enable && this.config.security.csrf && this.config.security.csrf.enable !== false && options.csrf;
+		const validateReferrer = options.whiteList && createValidateReferer(options.whiteList);
+		if (!csrfEnable && !validateReferrer) this.coreLogger.warn("[@eggjs/jsonp] SECURITY WARNING!! csrf check and referrer check are both closed!");
+		/**
+		* jsonp request security check, pass if
+		*
+		* 1. hit referrer white list
+		* 2. or pass csrf check
+		* 3. both check are disabled
+		*
+		* @param {Context} ctx request context
+		*/
+		function securityAssert(ctx) {
+			if (!csrfEnable && !validateReferrer) return;
+			const referrer = ctx.get("referrer");
+			if (validateReferrer && validateReferrer(referrer)) return;
+			if (csrfEnable && validateCsrf(ctx)) return;
+			throw new JSONPForbiddenReferrerError("jsonp request security validate failed", referrer, 403);
+		}
+		return async function jsonp(ctx, next) {
+			ctx[JSONP_CONFIG] = {
+				jsonpFunction: getJsonpFunction(ctx.query, options.callback),
+				options
+			};
+			securityAssert(ctx);
+			await next();
+			ctx.createJsonpBody(ctx.body);
+		};
+	}
+};
+function createValidateReferer(whiteList) {
+	if (!Array.isArray(whiteList)) whiteList = [whiteList];
+	return (referrer) => {
+		let parsed;
+		for (const rule of whiteList) {
+			if (rule instanceof RegExp) {
+				if (rule.test(referrer)) return true;
+				continue;
+			}
+			parsed = parsed ?? parse(referrer);
+			const hostname = parsed.hostname || "";
+			if (rule[0] === "." && (hostname.endsWith(rule) || hostname === rule.slice(1))) return true;
+			else if (hostname === rule) return true;
+		}
+		return false;
+	};
+}
+function validateCsrf(ctx) {
+	try {
+		ctx.assertCsrf();
+		return true;
+	} catch (err) {
+		debug("validate csrf failed: %s", err);
+		return false;
+	}
+}
+function getJsonpFunction(query, callbacks) {
+	for (const callback of callbacks) if (query[callback]) return query[callback];
+}
+
+//#endregion
+export { JSONPApplication as default };

package/dist/app/extend/context.d.ts

@@ -0,0 +1,25 @@
+import { JSONPConfig } from "../../config/config.default.js";
+import { JSONP_CONFIG } from "../../lib/private_key.js";
+import { Context } from "egg";
+
+//#region src/app/extend/context.d.ts
+declare class JSONPContext extends Context {
+  [JSONP_CONFIG]?: {
+    jsonpFunction?: string;
+    options?: JSONPConfig;
+  };
+  /**
+   * detect if response should be jsonp
+   */
+  get acceptJSONP(): boolean;
+  /**
+   * JSONP wrap body function
+   * Set jsonp response wrap function, other plugin can use it.
+   * If not necessary, please don't use this method in your application code.
+   * @param {Object} body response body
+   * @private
+   */
+  createJsonpBody(body: any): void;
+}
+//#endregion
+export { JSONPContext as default };

package/dist/app/extend/context.js

@@ -0,0 +1,34 @@
+import { JSONP_CONFIG } from "../../lib/private_key.js";
+import { Context } from "egg";
+import { jsonp } from "jsonp-body";
+
+//#region src/app/extend/context.ts
+var JSONPContext = class extends Context {
+	/**
+	* detect if response should be jsonp
+	*/
+	get acceptJSONP() {
+		return !!this[JSONP_CONFIG]?.jsonpFunction;
+	}
+	/**
+	* JSONP wrap body function
+	* Set jsonp response wrap function, other plugin can use it.
+	* If not necessary, please don't use this method in your application code.
+	* @param {Object} body response body
+	* @private
+	*/
+	createJsonpBody(body) {
+		const jsonpConfig = this[JSONP_CONFIG];
+		if (!jsonpConfig?.jsonpFunction) {
+			this.body = body;
+			return;
+		}
+		this.set("x-content-type-options", "nosniff");
+		this.type = "js";
+		body = body === void 0 ? null : body;
+		this.body = jsonp(body, jsonpConfig.jsonpFunction, jsonpConfig.options);
+	}
+};
+
+//#endregion
+export { JSONPContext as default };

package/dist/config/config.default.d.ts

@@ -0,0 +1,24 @@
+import { PartialEggConfig } from "egg";
+
+//#region src/config/config.default.d.ts
+interface JSONPConfig {
+  /**
+   * jsonp callback methods key, default to `['_callback', 'callback' ]`
+   */
+  callback: string[] | string;
+  /**
+   * callback method name's max length, default to `50`
+   */
+  limit: number;
+  /**
+   * enable csrf check or not, default to `false`
+   */
+  csrf: boolean;
+  /**
+   * referrer white list, default to `undefined`
+   */
+  whiteList?: string | RegExp | (string | RegExp)[];
+}
+declare const _default: PartialEggConfig;
+//#endregion
+export { JSONPConfig, _default as default };

package/dist/config/config.default.js

@@ -0,0 +1,10 @@
+//#region src/config/config.default.ts
+var config_default_default = { jsonp: {
+	limit: 50,
+	callback: ["_callback", "callback"],
+	csrf: false,
+	whiteList: void 0
+} };
+
+//#endregion
+export { config_default_default as default };

package/dist/error/JSONPForbiddenReferrerError.d.ts

@@ -0,0 +1,8 @@
+//#region src/error/JSONPForbiddenReferrerError.d.ts
+declare class JSONPForbiddenReferrerError extends Error {
+  referrer: string;
+  status: number;
+  constructor(message: string, referrer: string, status: number);
+}
+//#endregion
+export { JSONPForbiddenReferrerError };

package/dist/error/JSONPForbiddenReferrerError.js

@@ -0,0 +1,15 @@
+//#region src/error/JSONPForbiddenReferrerError.ts
+var JSONPForbiddenReferrerError = class extends Error {
+	referrer;
+	status;
+	constructor(message, referrer, status) {
+		super(message);
+		this.name = this.constructor.name;
+		this.referrer = referrer;
+		this.status = status;
+		Error.captureStackTrace(this, this.constructor);
+	}
+};
+
+//#endregion
+export { JSONPForbiddenReferrerError };

package/dist/index.d.ts

@@ -0,0 +1 @@
+export { };

package/dist/index.js

@@ -0,0 +1 @@
+export {  };

package/dist/lib/private_key.d.ts

@@ -0,0 +1,4 @@
+//#region src/lib/private_key.d.ts
+declare const JSONP_CONFIG: unique symbol;
+//#endregion
+export { JSONP_CONFIG };

package/dist/lib/private_key.js

@@ -0,0 +1,5 @@
+//#region src/lib/private_key.ts
+const JSONP_CONFIG = Symbol("jsonp#config");
+
+//#endregion
+export { JSONP_CONFIG };

package/dist/types.d.ts

@@ -0,0 +1,35 @@
+import { JSONPConfig } from "./config/config.default.js";
+import { MiddlewareFunc } from "egg";
+
+//#region src/types.d.ts
+declare module 'egg' {
+  interface EggAppConfig {
+    /**
+     * jsonp options
+     * @member Config#jsonp
+     */
+    jsonp?: JSONPConfig;
+  }
+  interface Context {
+    /**
+     * detect if response should be jsonp
+     */
+    acceptJSONP: boolean;
+    /**
+     * JSONP wrap body function
+     * Set jsonp response wrap function, other plugin can use it.
+     * If not necessary, please don't use this method in your application code.
+     * @param {Object} body response body
+     * @private
+     */
+    createJsonpBody(body: any): void;
+  }
+  interface Application {
+    /**
+     * return a middleware to enable jsonp response.
+     * will do some security check inside.
+     * @public
+     */
+    jsonp(initOptions?: Partial<JSONPConfig>): MiddlewareFunc;
+  }
+}

package/dist/types.js

@@ -0,0 +1 @@
+export {  };

package/package.json

@@ -1,20 +1,29 @@
 {
   "name": "@eggjs/jsonp",
-  "version": "3.0.0",
+  "version": "4.0.0-beta.17",
   "publishConfig": {
     "access": "public"
   },
+  "type": "module",
+  "exports": {
+    ".": "./dist/index.js",
+    "./app/extend/application": "./dist/app/extend/application.js",
+    "./app/extend/context": "./dist/app/extend/context.js",
+    "./config/config.default": "./dist/config/config.default.js",
+    "./error/JSONPForbiddenReferrerError": "./dist/error/JSONPForbiddenReferrerError.js",
+    "./lib/private_key": "./dist/lib/private_key.js",
+    "./types": "./dist/types.js",
+    "./package.json": "./package.json"
+  },
+  "files": [
+    "dist"
+  ],
   "description": "jsonp support for egg",
   "eggPlugin": {
     "name": "jsonp",
     "optionalDependencies": [
       "security"
-    ],
-    "exports": {
-      "import": "./dist/esm",
-      "require": "./dist/commonjs",
-      "typescript": "./src"
-    }
+    ]
   },
   "keywords": [
     "egg",
@@ -24,71 +33,40 @@
   ],
   "repository": {
     "type": "git",
-    "url": "git+https://github.com/eggjs/jsonp.git"
+    "url": "git://github.com/eggjs/egg.git",
+    "directory": "plugins/jsonp"
   },
   "bugs": {
     "url": "https://github.com/eggjs/egg/issues"
   },
-  "homepage": "https://github.com/eggjs/jsonp#readme",
+  "homepage": "https://github.com/eggjs/egg/tree/next/plugins/jsonp",
   "author": "dead-horse",
   "license": "MIT",
   "engines": {
-    "node": ">= 18.19.0"
+    "node": ">=22.18.0"
   },
   "dependencies": {
-    "@eggjs/core": "^6.2.13",
     "jsonp-body": "^2.0.0"
   },
+  "peerDependencies": {
+    "egg": "4.1.0-beta.17"
+  },
   "devDependencies": {
-    "@arethetypeswrong/cli": "^0.17.1",
-    "@eggjs/bin": "7",
-    "@eggjs/mock": "6",
-    "@eggjs/tsconfig": "1",
-    "@types/mocha": "10",
-    "@types/node": "22",
-    "egg": "4",
-    "eslint": "8",
-    "eslint-config-egg": "14",
-    "rimraf": "6",
-    "tshy": "3",
-    "tshy-after": "1",
-    "typescript": "5"
+    "@types/node": "24.5.2",
+    "tsdown": "^0.15.4",
+    "typescript": "5.9.2",
+    "vitest": "4.0.0-beta.13",
+    "@eggjs/mock": "7.0.0-beta.17",
+    "@eggjs/tsconfig": "3.1.0-beta.17"
   },
+  "main": "./dist/index.js",
+  "module": "./dist/index.js",
+  "types": "./dist/index.d.ts",
   "scripts": {
-    "lint": "eslint --cache src test --ext .ts",
-    "pretest": "npm run clean && npm run lint -- --fix",
-    "test": "egg-bin test",
-    "preci": "npm run clean &&  npm run lint",
-    "ci": "egg-bin cov",
-    "postci": "npm run prepublishOnly && npm run clean",
-    "clean": "rimraf dist",
-    "prepublishOnly": "tshy && tshy-after && attw --pack"
-  },
-  "type": "module",
-  "tshy": {
-    "exports": {
-      ".": "./src/index.ts",
-      "./package.json": "./package.json"
-    }
-  },
-  "exports": {
-    ".": {
-      "import": {
-        "types": "./dist/esm/index.d.ts",
-        "default": "./dist/esm/index.js"
-      },
-      "require": {
-        "types": "./dist/commonjs/index.d.ts",
-        "default": "./dist/commonjs/index.js"
-      }
-    },
-    "./package.json": "./package.json"
-  },
-  "files": [
-    "dist",
-    "src"
-  ],
-  "types": "./dist/commonjs/index.d.ts",
-  "main": "./dist/commonjs/index.js",
-  "module": "./dist/esm/index.js"
-}
+    "build": "tsdown",
+    "typecheck": "tsc --noEmit",
+    "lint": "oxlint --type-aware",
+    "lint:fix": "npm run lint -- --fix",
+    "test": "npm run lint:fix && vitest run"
+  }
+}

package/dist/commonjs/app/extend/application.d.ts

@@ -1,10 +0,0 @@
-import { EggCore, type MiddlewareFunc } from '@eggjs/core';
-import { JSONPConfig } from '../../types.js';
-export default class JSONPApplication extends EggCore {
-    /**
-     * return a middleware to enable jsonp response.
-     * will do some security check inside.
-     * @public
-     */
-    jsonp(initOptions?: Partial<JSONPConfig>): MiddlewareFunc;
-}

package/dist/commonjs/app/extend/application.js

@@ -1,115 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const node_util_1 = require("node:util");
-const node_url_1 = require("node:url");
-const core_1 = require("@eggjs/core");
-const private_key_js_1 = require("../../lib/private_key.js");
-const JSONPForbiddenReferrerError_js_1 = require("../../error/JSONPForbiddenReferrerError.js");
-const debug = (0, node_util_1.debuglog)('@egg/jsonp/app/extend/application');
-class JSONPApplication extends core_1.EggCore {
-    /**
-     * return a middleware to enable jsonp response.
-     * will do some security check inside.
-     * @public
-     */
-    jsonp(initOptions = {}) {
-        const options = {
-            ...this.config.jsonp,
-            ...initOptions,
-        };
-        if (!Array.isArray(options.callback)) {
-            options.callback = [options.callback];
-        }
-        const csrfEnable = this.plugins.security && this.plugins.security.enable // security enable
-            && this.config.security.csrf && this.config.security.csrf.enable !== false // csrf enable
-            && options.csrf; // jsonp csrf enabled
-        const validateReferrer = options.whiteList && createValidateReferer(options.whiteList);
-        if (!csrfEnable && !validateReferrer) {
-            this.coreLogger.warn('[@eggjs/jsonp] SECURITY WARNING!! csrf check and referrer check are both closed!');
-        }
-        /**
-         * jsonp request security check, pass if
-         *
-         * 1. hit referrer white list
-         * 2. or pass csrf check
-         * 3. both check are disabled
-         *
-         * @param {Context} ctx request context
-         */
-        function securityAssert(ctx) {
-            // all disabled. don't need check
-            if (!csrfEnable && !validateReferrer)
-                return;
-            // pass referrer check
-            const referrer = ctx.get('referrer');
-            if (validateReferrer && validateReferrer(referrer))
-                return;
-            if (csrfEnable && validateCsrf(ctx))
-                return;
-            throw new JSONPForbiddenReferrerError_js_1.JSONPForbiddenReferrerError('jsonp request security validate failed', referrer, 403);
-        }
-        return async function jsonp(ctx, next) {
-            const jsonpFunction = getJsonpFunction(ctx.query, options.callback);
-            ctx[private_key_js_1.JSONP_CONFIG] = {
-                jsonpFunction,
-                options,
-            };
-            // before handle request, must do some security checks
-            securityAssert(ctx);
-            await next();
-            // generate jsonp body
-            ctx.createJsonpBody(ctx.body);
-        };
-    }
-}
-exports.default = JSONPApplication;
-function createValidateReferer(whiteList) {
-    if (!Array.isArray(whiteList)) {
-        whiteList = [whiteList];
-    }
-    return (referrer) => {
-        let parsed;
-        for (const rule of whiteList) {
-            if (rule instanceof RegExp) {
-                if (rule.test(referrer)) {
-                    // regexp(/^https?:\/\/github.com\//): test the referrer with rule
-                    return true;
-                }
-                continue;
-            }
-            parsed = parsed ?? (0, node_url_1.parse)(referrer);
-            const hostname = parsed.hostname || '';
-            // check if referrer's hostname match the string rule
-            if (rule[0] === '.' &&
-                (hostname.endsWith(rule) || hostname === rule.slice(1))) {
-                // string start with `.`(.github.com): referrer's hostname must ends with rule
-                return true;
-            }
-            else if (hostname === rule) {
-                // string not start with `.`(github.com): referrer's hostname must strict equal to rule
-                return true;
-            }
-        }
-        // no rule matched
-        return false;
-    };
-}
-function validateCsrf(ctx) {
-    try {
-        // TODO(fengmk2): remove this when @eggjs/security support ctx.assertCsrf type define
-        ctx.assertCsrf();
-        return true;
-    }
-    catch (err) {
-        debug('validate csrf failed: %s', err);
-        return false;
-    }
-}
-function getJsonpFunction(query, callbacks) {
-    for (const callback of callbacks) {
-        if (query[callback]) {
-            return query[callback];
-        }
-    }
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXBwbGljYXRpb24uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvYXBwL2V4dGVuZC9hcHBsaWNhdGlvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLHlDQUFxQztBQUNyQyx1Q0FBc0U7QUFFdEUsc0NBQTJEO0FBQzNELDZEQUF3RDtBQUV4RCwrRkFBeUY7QUFHekYsTUFBTSxLQUFLLEdBQUcsSUFBQSxvQkFBUSxFQUFDLG1DQUFtQyxDQUFDLENBQUM7QUFFNUQsTUFBcUIsZ0JBQWlCLFNBQVEsY0FBTztJQUNuRDs7OztPQUlHO0lBQ0gsS0FBSyxDQUFDLGNBQW9DLEVBQUU7UUFDMUMsTUFBTSxPQUFPLEdBQUc7WUFDZCxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSztZQUNwQixHQUFHLFdBQVc7U0FDeUIsQ0FBQztRQUMxQyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQztZQUNyQyxPQUFPLENBQUMsUUFBUSxHQUFHLENBQUUsT0FBTyxDQUFDLFFBQVEsQ0FBRSxDQUFDO1FBQzFDLENBQUM7UUFFRCxNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVEsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsa0JBQWtCO2VBQ3RGLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLElBQUksSUFBSSxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsTUFBTSxLQUFLLEtBQUssQ0FBQyxjQUFjO2VBQ3RGLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FBQyxxQkFBcUI7UUFFeEMsTUFBTSxnQkFBZ0IsR0FBRyxPQUFPLENBQUMsU0FBUyxJQUFJLHFCQUFxQixDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUV2RixJQUFJLENBQUMsVUFBVSxJQUFJLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztZQUNyQyxJQUFJLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxrRkFBa0YsQ0FBQyxDQUFDO1FBQzNHLENBQUM7UUFDRDs7Ozs7Ozs7V0FRRztRQUNILFNBQVMsY0FBYyxDQUFDLEdBQWlCO1lBQ3ZDLGlDQUFpQztZQUNqQyxJQUFJLENBQUMsVUFBVSxJQUFJLENBQUMsZ0JBQWdCO2dCQUFFLE9BQU87WUFFN0Msc0JBQXNCO1lBQ3RCLE1BQU0sUUFBUSxHQUFHLEdBQUcsQ0FBQyxHQUFHLENBQVMsVUFBVSxDQUFDLENBQUM7WUFDN0MsSUFBSSxnQkFBZ0IsSUFBSSxnQkFBZ0IsQ0FBQyxRQUFRLENBQUM7Z0JBQUUsT0FBTztZQUMzRCxJQUFJLFVBQVUsSUFBSSxZQUFZLENBQUMsR0FBRyxDQUFDO2dCQUFFLE9BQU87WUFFNUMsTUFBTSxJQUFJLDREQUEyQixDQUNuQyx3Q0FBd0MsRUFDeEMsUUFBUSxFQUNSLEdBQUcsQ0FBQyxDQUFDO1FBQ1QsQ0FBQztRQUVELE9BQU8sS0FBSyxVQUFVLEtBQUssQ0FBQyxHQUFpQixFQUFFLElBQUk7WUFDakQsTUFBTSxhQUFhLEdBQUcsZ0JBQWdCLENBQUMsR0FBRyxDQUFDLEtBQUssRUFBRSxPQUFPLENBQUMsUUFBUSxDQUFDLENBQUM7WUFFcEUsR0FBRyxDQUFDLDZCQUFZLENBQUMsR0FBRztnQkFDbEIsYUFBYTtnQkFDYixPQUFPO2FBQ1IsQ0FBQztZQUVGLHNEQUFzRDtZQUN0RCxjQUFjLENBQUMsR0FBRyxDQUFDLENBQUM7WUFFcEIsTUFBTSxJQUFJLEVBQUUsQ0FBQztZQUViLHNCQUFzQjtZQUN0QixHQUFHLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNoQyxDQUFDLENBQUM7SUFDSixDQUFDO0NBQ0Y7QUFqRUQsbUNBaUVDO0FBRUQsU0FBUyxxQkFBcUIsQ0FBQyxTQUE2QztJQUMxRSxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDO1FBQzlCLFNBQVMsR0FBRyxDQUFFLFNBQVMsQ0FBRSxDQUFDO0lBQzVCLENBQUM7SUFFRCxPQUFPLENBQUMsUUFBZ0IsRUFBRSxFQUFFO1FBQzFCLElBQUksTUFBc0MsQ0FBQztRQUMzQyxLQUFLLE1BQU0sSUFBSSxJQUFJLFNBQVMsRUFBRSxDQUFDO1lBQzdCLElBQUksSUFBSSxZQUFZLE1BQU0sRUFBRSxDQUFDO2dCQUMzQixJQUFJLElBQUksQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQztvQkFDeEIsa0VBQWtFO29CQUNsRSxPQUFPLElBQUksQ0FBQztnQkFDZCxDQUFDO2dCQUNELFNBQVM7WUFDWCxDQUFDO1lBRUQsTUFBTSxHQUFHLE1BQU0sSUFBSSxJQUFBLGdCQUFRLEVBQUMsUUFBUSxDQUFDLENBQUM7WUFDdEMsTUFBTSxRQUFRLEdBQUcsTUFBTSxDQUFDLFFBQVEsSUFBSSxFQUFFLENBQUM7WUFFdkMscURBQXFEO1lBQ3JELElBQUksSUFBSSxDQUFDLENBQUMsQ0FBQyxLQUFLLEdBQUc7Z0JBQ2pCLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsSUFBSSxRQUFRLEtBQUssSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBQzFELDhFQUE4RTtnQkFDOUUsT0FBTyxJQUFJLENBQUM7WUFDZCxDQUFDO2lCQUFNLElBQUksUUFBUSxLQUFLLElBQUksRUFBRSxDQUFDO2dCQUM3Qix1RkFBdUY7Z0JBQ3ZGLE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztRQUNILENBQUM7UUFFRCxrQkFBa0I7UUFDbEIsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDLENBQUM7QUFDSixDQUFDO0FBRUQsU0FBUyxZQUFZLENBQUMsR0FBUTtJQUM1QixJQUFJLENBQUM7UUFDSCxxRkFBcUY7UUFDckYsR0FBRyxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ2pCLE9BQU8sSUFBSSxDQUFDO0lBQ2QsQ0FBQztJQUFDLE9BQU8sR0FBRyxFQUFFLENBQUM7UUFDYixLQUFLLENBQUMsMEJBQTBCLEVBQUUsR0FBRyxDQUFDLENBQUM7UUFDdkMsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDO0FBQ0gsQ0FBQztBQUVELFNBQVMsZ0JBQWdCLENBQUMsS0FBcUIsRUFBRSxTQUFtQjtJQUNsRSxLQUFLLE1BQU0sUUFBUSxJQUFJLFNBQVMsRUFBRSxDQUFDO1FBQ2pDLElBQUksS0FBSyxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUM7WUFDcEIsT0FBTyxLQUFLLENBQUMsUUFBUSxDQUFXLENBQUM7UUFDbkMsQ0FBQztJQUNILENBQUM7QUFDSCxDQUFDIn0=

package/dist/commonjs/app/extend/context.d.ts

@@ -1,15 +0,0 @@
-import { Context } from '@eggjs/core';
-export default class JSONPContext extends Context {
-    /**
-     * detect if response should be jsonp
-     */
-    get acceptJSONP(): boolean;
-    /**
-     * JSONP wrap body function
-     * Set jsonp response wrap function, other plugin can use it.
-     * If not necessary, please don't use this method in your application code.
-     * @param {Object} body response body
-     * @private
-     */
-    createJsonpBody(body: any): void;
-}

package/dist/commonjs/app/extend/context.js

@@ -1,35 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-const jsonp_body_1 = require("jsonp-body");
-const core_1 = require("@eggjs/core");
-const private_key_js_1 = require("../../lib/private_key.js");
-class JSONPContext extends core_1.Context {
-    /**
-     * detect if response should be jsonp
-     */
-    get acceptJSONP() {
-        const jsonpConfig = Reflect.get(this, private_key_js_1.JSONP_CONFIG);
-        return !!(jsonpConfig?.jsonpFunction);
-    }
-    /**
-     * JSONP wrap body function
-     * Set jsonp response wrap function, other plugin can use it.
-     * If not necessary, please don't use this method in your application code.
-     * @param {Object} body response body
-     * @private
-     */
-    createJsonpBody(body) {
-        const jsonpConfig = Reflect.get(this, private_key_js_1.JSONP_CONFIG);
-        if (!jsonpConfig?.jsonpFunction) {
-            this.body = body;
-            return;
-        }
-        this.set('x-content-type-options', 'nosniff');
-        this.type = 'js';
-        body = body === undefined ? null : body;
-        // protect from jsonp xss
-        this.body = (0, jsonp_body_1.jsonp)(body, jsonpConfig.jsonpFunction, jsonpConfig.options);
-    }
-}
-exports.default = JSONPContext;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29udGV4dC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uL3NyYy9hcHAvZXh0ZW5kL2NvbnRleHQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFBQSwyQ0FBZ0Q7QUFDaEQsc0NBQXNDO0FBQ3RDLDZEQUF3RDtBQUV4RCxNQUFxQixZQUFhLFNBQVEsY0FBTztJQUMvQzs7T0FFRztJQUNILElBQUksV0FBVztRQUNiLE1BQU0sV0FBVyxHQUFHLE9BQU8sQ0FBQyxHQUFHLENBQUMsSUFBSSxFQUFFLDZCQUFZLENBQVEsQ0FBQztRQUMzRCxPQUFPLENBQUMsQ0FBQyxDQUFDLFdBQVcsRUFBRSxhQUFhLENBQUMsQ0FBQztJQUN4QyxDQUFDO0lBRUQ7Ozs7OztPQU1HO0lBQ0gsZUFBZSxDQUFDLElBQVM7UUFDdkIsTUFBTSxXQUFXLEdBQUcsT0FBTyxDQUFDLEdBQUcsQ0FBQyxJQUFJLEVBQUUsNkJBQVksQ0FBUSxDQUFDO1FBQzNELElBQUksQ0FBQyxXQUFXLEVBQUUsYUFBYSxFQUFFLENBQUM7WUFDaEMsSUFBSSxDQUFDLElBQUksR0FBRyxJQUFJLENBQUM7WUFDakIsT0FBTztRQUNULENBQUM7UUFFRCxJQUFJLENBQUMsR0FBRyxDQUFDLHdCQUF3QixFQUFFLFNBQVMsQ0FBQyxDQUFDO1FBQzlDLElBQUksQ0FBQyxJQUFJLEdBQUcsSUFBSSxDQUFDO1FBQ2pCLElBQUksR0FBRyxJQUFJLEtBQUssU0FBUyxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQztRQUN4Qyx5QkFBeUI7UUFDekIsSUFBSSxDQUFDLElBQUksR0FBRyxJQUFBLGtCQUFTLEVBQUMsSUFBSSxFQUFFLFdBQVcsQ0FBQyxhQUFhLEVBQUUsV0FBVyxDQUFDLE9BQU8sQ0FBQyxDQUFDO0lBQzlFLENBQUM7Q0FDRjtBQTdCRCwrQkE2QkMifQ==

package/dist/commonjs/config/config.default.d.ts

@@ -1,5 +0,0 @@
-import type { JSONPConfig } from '../types.js';
-declare const _default: {
-    jsonp: JSONPConfig;
-};
-export default _default;

package/dist/commonjs/config/config.default.js

@@ -1,11 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = {
-    jsonp: {
-        limit: 50,
-        callback: ['_callback', 'callback'],
-        csrf: false,
-        whiteList: undefined,
-    },
-};
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmRlZmF1bHQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvY29uZmlnL2NvbmZpZy5kZWZhdWx0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBRUEsa0JBQWU7SUFDYixLQUFLLEVBQUU7UUFDTCxLQUFLLEVBQUUsRUFBRTtRQUNULFFBQVEsRUFBRSxDQUFFLFdBQVcsRUFBRSxVQUFVLENBQUU7UUFDckMsSUFBSSxFQUFFLEtBQUs7UUFDWCxTQUFTLEVBQUUsU0FBUztLQUNOO0NBQ2pCLENBQUMifQ==

package/dist/commonjs/error/JSONPForbiddenReferrerError.d.ts

@@ -1,5 +0,0 @@
-export declare class JSONPForbiddenReferrerError extends Error {
-    referrer: string;
-    status: number;
-    constructor(message: string, referrer: string, status: number);
-}