@eggjs/jsonp 4.0.0-beta.19 → 4.0.0-beta.21

package/dist/app/extend/application.d.ts

@@ -1,14 +1,10 @@
-import { JSONPConfig } from "../../config/config.default.js";
-import { Application, MiddlewareFunc } from "egg";
-
-//#region src/app/extend/application.d.ts
-declare class JSONPApplication extends Application {
-  /**
-   * return a middleware to enable jsonp response.
-   * will do some security check inside.
-   * @public
-   */
-  jsonp(initOptions?: Partial<JSONPConfig>): MiddlewareFunc;
+import { Application, type MiddlewareFunc } from 'egg';
+import type { JSONPConfig } from '../../config/config.default.ts';
+export default class JSONPApplication extends Application {
+    /**
+     * return a middleware to enable jsonp response.
+     * will do some security check inside.
+     * @public
+     */
+    jsonp(initOptions?: Partial<JSONPConfig>): MiddlewareFunc;
 }
-//#endregion
-export { JSONPApplication as default };

package/dist/app/extend/application.js

@@ -1,83 +1,113 @@
-import { JSONPForbiddenReferrerError } from "../../error/JSONPForbiddenReferrerError.js";
+import { debuglog } from 'node:util';
+import { parse as urlParse } from 'node:url';
+import { Application } from 'egg';
 import { JSONP_CONFIG } from "../../lib/private_key.js";
-import "./context.js";
-import { debuglog } from "node:util";
-import { parse } from "node:url";
-import { Application } from "egg";
-
-//#region src/app/extend/application.ts
-const debug = debuglog("egg/jsonp/app/extend/application");
-var JSONPApplication = class extends Application {
-	/**
-	* return a middleware to enable jsonp response.
-	* will do some security check inside.
-	* @public
-	*/
-	jsonp(initOptions = {}) {
-		const options = {
-			...this.config.jsonp,
-			...initOptions
-		};
-		if (!Array.isArray(options.callback)) options.callback = [options.callback];
-		const csrfEnable = this.plugins.security && this.plugins.security.enable && this.config.security.csrf && this.config.security.csrf.enable !== false && options.csrf;
-		const validateReferrer = options.whiteList && createValidateReferer(options.whiteList);
-		if (!csrfEnable && !validateReferrer) this.coreLogger.warn("[@eggjs/jsonp] SECURITY WARNING!! csrf check and referrer check are both closed!");
-		/**
-		* jsonp request security check, pass if
-		*
-		* 1. hit referrer white list
-		* 2. or pass csrf check
-		* 3. both check are disabled
-		*
-		* @param {Context} ctx request context
-		*/
-		function securityAssert(ctx) {
-			if (!csrfEnable && !validateReferrer) return;
-			const referrer = ctx.get("referrer");
-			if (validateReferrer && validateReferrer(referrer)) return;
-			if (csrfEnable && validateCsrf(ctx)) return;
-			throw new JSONPForbiddenReferrerError("jsonp request security validate failed", referrer, 403);
-		}
-		return async function jsonp(ctx, next) {
-			ctx[JSONP_CONFIG] = {
-				jsonpFunction: getJsonpFunction(ctx.query, options.callback),
-				options
-			};
-			securityAssert(ctx);
-			await next();
-			ctx.createJsonpBody(ctx.body);
-		};
-	}
-};
+import { JSONPForbiddenReferrerError } from "../../error/JSONPForbiddenReferrerError.js";
+import JSONPContext from "./context.js";
+const debug = debuglog('egg/jsonp/app/extend/application');
+export default class JSONPApplication extends Application {
+    /**
+     * return a middleware to enable jsonp response.
+     * will do some security check inside.
+     * @public
+     */
+    jsonp(initOptions = {}) {
+        const options = {
+            ...this.config.jsonp,
+            ...initOptions,
+        };
+        if (!Array.isArray(options.callback)) {
+            options.callback = [options.callback];
+        }
+        const csrfEnable = this.plugins.security &&
+            this.plugins.security.enable && // security enable
+            this.config.security.csrf &&
+            this.config.security.csrf.enable !== false && // csrf enable
+            options.csrf; // jsonp csrf enabled
+        const validateReferrer = options.whiteList && createValidateReferer(options.whiteList);
+        if (!csrfEnable && !validateReferrer) {
+            this.coreLogger.warn('[@eggjs/jsonp] SECURITY WARNING!! csrf check and referrer check are both closed!');
+        }
+        /**
+         * jsonp request security check, pass if
+         *
+         * 1. hit referrer white list
+         * 2. or pass csrf check
+         * 3. both check are disabled
+         *
+         * @param {Context} ctx request context
+         */
+        function securityAssert(ctx) {
+            // all disabled. don't need check
+            if (!csrfEnable && !validateReferrer)
+                return;
+            // pass referrer check
+            const referrer = ctx.get('referrer');
+            if (validateReferrer && validateReferrer(referrer))
+                return;
+            if (csrfEnable && validateCsrf(ctx))
+                return;
+            throw new JSONPForbiddenReferrerError('jsonp request security validate failed', referrer, 403);
+        }
+        return async function jsonp(ctx, next) {
+            const jsonpFunction = getJsonpFunction(ctx.query, options.callback);
+            ctx[JSONP_CONFIG] = {
+                jsonpFunction,
+                options,
+            };
+            // before handle request, must do some security checks
+            securityAssert(ctx);
+            await next();
+            // generate jsonp body
+            ctx.createJsonpBody(ctx.body);
+        };
+    }
+}
 function createValidateReferer(whiteList) {
-	if (!Array.isArray(whiteList)) whiteList = [whiteList];
-	return (referrer) => {
-		let parsed;
-		for (const rule of whiteList) {
-			if (rule instanceof RegExp) {
-				if (rule.test(referrer)) return true;
-				continue;
-			}
-			parsed = parsed ?? parse(referrer);
-			const hostname = parsed.hostname || "";
-			if (rule[0] === "." && (hostname.endsWith(rule) || hostname === rule.slice(1))) return true;
-			else if (hostname === rule) return true;
-		}
-		return false;
-	};
+    if (!Array.isArray(whiteList)) {
+        whiteList = [whiteList];
+    }
+    return (referrer) => {
+        let parsed;
+        for (const rule of whiteList) {
+            if (rule instanceof RegExp) {
+                if (rule.test(referrer)) {
+                    // regexp(/^https?:\/\/github.com\//): test the referrer with rule
+                    return true;
+                }
+                continue;
+            }
+            parsed = parsed ?? urlParse(referrer);
+            const hostname = parsed.hostname || '';
+            // check if referrer's hostname match the string rule
+            if (rule[0] === '.' && (hostname.endsWith(rule) || hostname === rule.slice(1))) {
+                // string start with `.`(.github.com): referrer's hostname must ends with rule
+                return true;
+            }
+            else if (hostname === rule) {
+                // string not start with `.`(github.com): referrer's hostname must strict equal to rule
+                return true;
+            }
+        }
+        // no rule matched
+        return false;
+    };
 }
 function validateCsrf(ctx) {
-	try {
-		ctx.assertCsrf();
-		return true;
-	} catch (err) {
-		debug("validate csrf failed: %s", err);
-		return false;
-	}
+    try {
+        ctx.assertCsrf();
+        return true;
+    }
+    catch (err) {
+        debug('validate csrf failed: %s', err);
+        return false;
+    }
 }
 function getJsonpFunction(query, callbacks) {
-	for (const callback of callbacks) if (query[callback]) return query[callback];
+    for (const callback of callbacks) {
+        if (query[callback]) {
+            return query[callback];
+        }
+    }
 }
-
-//#endregion
-export { JSONPApplication as default };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiYXBwbGljYXRpb24uanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvYXBwL2V4dGVuZC9hcHBsaWNhdGlvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEVBQUUsUUFBUSxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBQ3JDLE9BQU8sRUFBRSxLQUFLLElBQUksUUFBUSxFQUEyQixNQUFNLFVBQVUsQ0FBQztBQUd0RSxPQUFPLEVBQUUsV0FBVyxFQUFxQyxNQUFNLEtBQUssQ0FBQztBQUVyRSxPQUFPLEVBQUUsWUFBWSxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFFeEQsT0FBTyxFQUFFLDJCQUEyQixFQUFFLE1BQU0sNENBQTRDLENBQUM7QUFDekYsT0FBTyxZQUFZLE1BQU0sY0FBYyxDQUFDO0FBRXhDLE1BQU0sS0FBSyxHQUFHLFFBQVEsQ0FBQyxrQ0FBa0MsQ0FBQyxDQUFDO0FBRTNELE1BQU0sQ0FBQyxPQUFPLE9BQU8sZ0JBQWlCLFNBQVEsV0FBVztJQUN2RDs7OztPQUlHO0lBQ0gsS0FBSyxDQUFDLGNBQW9DLEVBQUU7UUFDMUMsTUFBTSxPQUFPLEdBQUc7WUFDZCxHQUFHLElBQUksQ0FBQyxNQUFNLENBQUMsS0FBSztZQUNwQixHQUFHLFdBQVc7U0FDeUIsQ0FBQztRQUMxQyxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQztZQUNyQyxPQUFPLENBQUMsUUFBUSxHQUFHLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDO1FBQ3hDLENBQUM7UUFFRCxNQUFNLFVBQVUsR0FDZCxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVE7WUFDckIsSUFBSSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsTUFBTSxJQUFJLGtCQUFrQjtZQUNsRCxJQUFJLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxJQUFJO1lBQ3pCLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxNQUFNLEtBQUssS0FBSyxJQUFJLGNBQWM7WUFDNUQsT0FBTyxDQUFDLElBQUksQ0FBQyxDQUFDLHFCQUFxQjtRQUVyQyxNQUFNLGdCQUFnQixHQUFHLE9BQU8sQ0FBQyxTQUFTLElBQUkscUJBQXFCLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDO1FBRXZGLElBQUksQ0FBQyxVQUFVLElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1lBQ3JDLElBQUksQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLGtGQUFrRixDQUFDLENBQUM7UUFDM0csQ0FBQztRQUNEOzs7Ozs7OztXQVFHO1FBQ0gsU0FBUyxjQUFjLENBQUMsR0FBaUI7WUFDdkMsaUNBQWlDO1lBQ2pDLElBQUksQ0FBQyxVQUFVLElBQUksQ0FBQyxnQkFBZ0I7Z0JBQUUsT0FBTztZQUU3QyxzQkFBc0I7WUFDdEIsTUFBTSxRQUFRLEdBQUcsR0FBRyxDQUFDLEdBQUcsQ0FBUyxVQUFVLENBQUMsQ0FBQztZQUM3QyxJQUFJLGdCQUFnQixJQUFJLGdCQUFnQixDQUFDLFFBQVEsQ0FBQztnQkFBRSxPQUFPO1lBQzNELElBQUksVUFBVSxJQUFJLFlBQVksQ0FBQyxHQUFHLENBQUM7Z0JBQUUsT0FBTztZQUU1QyxNQUFNLElBQUksMkJBQTJCLENBQUMsd0NBQXdDLEVBQUUsUUFBUSxFQUFFLEdBQUcsQ0FBQyxDQUFDO1FBQ2pHLENBQUM7UUFFRCxPQUFPLEtBQUssVUFBVSxLQUFLLENBQUMsR0FBaUIsRUFBRSxJQUFJO1lBQ2pELE1BQU0sYUFBYSxHQUFHLGdCQUFnQixDQUFDLEdBQUcsQ0FBQyxLQUFLLEVBQUUsT0FBTyxDQUFDLFFBQVEsQ0FBQyxDQUFDO1lBRXBFLEdBQUcsQ0FBQyxZQUFZLENBQUMsR0FBRztnQkFDbEIsYUFBYTtnQkFDYixPQUFPO2FBQ1IsQ0FBQztZQUVGLHNEQUFzRDtZQUN0RCxjQUFjLENBQUMsR0FBRyxDQUFDLENBQUM7WUFFcEIsTUFBTSxJQUFJLEVBQUUsQ0FBQztZQUViLHNCQUFzQjtZQUN0QixHQUFHLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUNoQyxDQUFDLENBQUM7SUFDSixDQUFDO0NBQ0Y7QUFFRCxTQUFTLHFCQUFxQixDQUFDLFNBQTZDO0lBQzFFLElBQUksQ0FBQyxLQUFLLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUM7UUFDOUIsU0FBUyxHQUFHLENBQUMsU0FBUyxDQUFDLENBQUM7SUFDMUIsQ0FBQztJQUVELE9BQU8sQ0FBQyxRQUFnQixFQUFFLEVBQUU7UUFDMUIsSUFBSSxNQUFzQyxDQUFDO1FBQzNDLEtBQUssTUFBTSxJQUFJLElBQUksU0FBUyxFQUFFLENBQUM7WUFDN0IsSUFBSSxJQUFJLFlBQVksTUFBTSxFQUFFLENBQUM7Z0JBQzNCLElBQUksSUFBSSxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFDO29CQUN4QixrRUFBa0U7b0JBQ2xFLE9BQU8sSUFBSSxDQUFDO2dCQUNkLENBQUM7Z0JBQ0QsU0FBUztZQUNYLENBQUM7WUFFRCxNQUFNLEdBQUcsTUFBTSxJQUFJLFFBQVEsQ0FBQyxRQUFRLENBQUMsQ0FBQztZQUN0QyxNQUFNLFFBQVEsR0FBRyxNQUFNLENBQUMsUUFBUSxJQUFJLEVBQUUsQ0FBQztZQUV2QyxxREFBcUQ7WUFDckQsSUFBSSxJQUFJLENBQUMsQ0FBQyxDQUFDLEtBQUssR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsSUFBSSxRQUFRLEtBQUssSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7Z0JBQy9FLDhFQUE4RTtnQkFDOUUsT0FBTyxJQUFJLENBQUM7WUFDZCxDQUFDO2lCQUFNLElBQUksUUFBUSxLQUFLLElBQUksRUFBRSxDQUFDO2dCQUM3Qix1RkFBdUY7Z0JBQ3ZGLE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztRQUNILENBQUM7UUFFRCxrQkFBa0I7UUFDbEIsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDLENBQUM7QUFDSixDQUFDO0FBRUQsU0FBUyxZQUFZLENBQUMsR0FBWTtJQUNoQyxJQUFJLENBQUM7UUFDSCxHQUFHLENBQUMsVUFBVSxFQUFFLENBQUM7UUFDakIsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0lBQUMsT0FBTyxHQUFHLEVBQUUsQ0FBQztRQUNiLEtBQUssQ0FBQywwQkFBMEIsRUFBRSxHQUFHLENBQUMsQ0FBQztRQUN2QyxPQUFPLEtBQUssQ0FBQztJQUNmLENBQUM7QUFDSCxDQUFDO0FBRUQsU0FBUyxnQkFBZ0IsQ0FBQyxLQUFxQixFQUFFLFNBQW1CO0lBQ2xFLEtBQUssTUFBTSxRQUFRLElBQUksU0FBUyxFQUFFLENBQUM7UUFDakMsSUFBSSxLQUFLLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQztZQUNwQixPQUFPLEtBQUssQ0FBQyxRQUFRLENBQVcsQ0FBQztRQUNuQyxDQUFDO0lBQ0gsQ0FBQztBQUNILENBQUMifQ==

package/dist/app/extend/context.d.ts

@@ -1,25 +1,21 @@
-import { JSONPConfig } from "../../config/config.default.js";
-import { JSONP_CONFIG } from "../../lib/private_key.js";
-import { Context } from "egg";
-
-//#region src/app/extend/context.d.ts
-declare class JSONPContext extends Context {
-  [JSONP_CONFIG]?: {
-    jsonpFunction?: string;
-    options?: JSONPConfig;
-  };
-  /**
-   * detect if response should be jsonp
-   */
-  get acceptJSONP(): boolean;
-  /**
-   * JSONP wrap body function
-   * Set jsonp response wrap function, other plugin can use it.
-   * If not necessary, please don't use this method in your application code.
-   * @param {Object} body response body
-   * @private
-   */
-  createJsonpBody(body: any): void;
+import { Context } from 'egg';
+import { JSONP_CONFIG } from '../../lib/private_key.ts';
+import type { JSONPConfig } from '../../config/config.default.ts';
+export default class JSONPContext extends Context {
+    [JSONP_CONFIG]?: {
+        jsonpFunction?: string;
+        options?: JSONPConfig;
+    };
+    /**
+     * detect if response should be jsonp
+     */
+    get acceptJSONP(): boolean;
+    /**
+     * JSONP wrap body function
+     * Set jsonp response wrap function, other plugin can use it.
+     * If not necessary, please don't use this method in your application code.
+     * @param {Object} body response body
+     * @private
+     */
+    createJsonpBody(body: any): void;
 }
-//#endregion
-export { JSONPContext as default };

package/dist/app/extend/context.js

@@ -1,34 +1,32 @@
+import { jsonp as jsonpBody } from 'jsonp-body';
+import { Context } from 'egg';
 import { JSONP_CONFIG } from "../../lib/private_key.js";
-import { Context } from "egg";
-import { jsonp } from "jsonp-body";
-
-//#region src/app/extend/context.ts
-var JSONPContext = class extends Context {
-	/**
-	* detect if response should be jsonp
-	*/
-	get acceptJSONP() {
-		return !!this[JSONP_CONFIG]?.jsonpFunction;
-	}
-	/**
-	* JSONP wrap body function
-	* Set jsonp response wrap function, other plugin can use it.
-	* If not necessary, please don't use this method in your application code.
-	* @param {Object} body response body
-	* @private
-	*/
-	createJsonpBody(body) {
-		const jsonpConfig = this[JSONP_CONFIG];
-		if (!jsonpConfig?.jsonpFunction) {
-			this.body = body;
-			return;
-		}
-		this.set("x-content-type-options", "nosniff");
-		this.type = "js";
-		body = body === void 0 ? null : body;
-		this.body = jsonp(body, jsonpConfig.jsonpFunction, jsonpConfig.options);
-	}
-};
-
-//#endregion
-export { JSONPContext as default };
+export default class JSONPContext extends Context {
+    /**
+     * detect if response should be jsonp
+     */
+    get acceptJSONP() {
+        const jsonpConfig = this[JSONP_CONFIG];
+        return !!jsonpConfig?.jsonpFunction;
+    }
+    /**
+     * JSONP wrap body function
+     * Set jsonp response wrap function, other plugin can use it.
+     * If not necessary, please don't use this method in your application code.
+     * @param {Object} body response body
+     * @private
+     */
+    createJsonpBody(body) {
+        const jsonpConfig = this[JSONP_CONFIG];
+        if (!jsonpConfig?.jsonpFunction) {
+            this.body = body;
+            return;
+        }
+        this.set('x-content-type-options', 'nosniff');
+        this.type = 'js';
+        body = body === undefined ? null : body;
+        // protect from jsonp xss
+        this.body = jsonpBody(body, jsonpConfig.jsonpFunction, jsonpConfig.options);
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29udGV4dC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9hcHAvZXh0ZW5kL2NvbnRleHQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLEtBQUssSUFBSSxTQUFTLEVBQUUsTUFBTSxZQUFZLENBQUM7QUFDaEQsT0FBTyxFQUFFLE9BQU8sRUFBRSxNQUFNLEtBQUssQ0FBQztBQUU5QixPQUFPLEVBQUUsWUFBWSxFQUFFLE1BQU0sMEJBQTBCLENBQUM7QUFHeEQsTUFBTSxDQUFDLE9BQU8sT0FBTyxZQUFhLFNBQVEsT0FBTztJQU0vQzs7T0FFRztJQUNILElBQUksV0FBVztRQUNiLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsQ0FBQztRQUN2QyxPQUFPLENBQUMsQ0FBQyxXQUFXLEVBQUUsYUFBYSxDQUFDO0lBQ3RDLENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSCxlQUFlLENBQUMsSUFBUztRQUN2QixNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLENBQUM7UUFDdkMsSUFBSSxDQUFDLFdBQVcsRUFBRSxhQUFhLEVBQUUsQ0FBQztZQUNoQyxJQUFJLENBQUMsSUFBSSxHQUFHLElBQUksQ0FBQztZQUNqQixPQUFPO1FBQ1QsQ0FBQztRQUVELElBQUksQ0FBQyxHQUFHLENBQUMsd0JBQXdCLEVBQUUsU0FBUyxDQUFDLENBQUM7UUFDOUMsSUFBSSxDQUFDLElBQUksR0FBRyxJQUFJLENBQUM7UUFDakIsSUFBSSxHQUFHLElBQUksS0FBSyxTQUFTLENBQUMsQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDO1FBQ3hDLHlCQUF5QjtRQUN6QixJQUFJLENBQUMsSUFBSSxHQUFHLFNBQVMsQ0FBQyxJQUFJLEVBQUUsV0FBVyxDQUFDLGFBQWEsRUFBRSxXQUFXLENBQUMsT0FBTyxDQUFDLENBQUM7SUFDOUUsQ0FBQztDQUNGIn0=

package/dist/config/config.default.d.ts

@@ -1,24 +1,21 @@
-import { PartialEggConfig } from "egg";
-
-//#region src/config/config.default.d.ts
-interface JSONPConfig {
-  /**
-   * jsonp callback methods key, default to `['_callback', 'callback' ]`
-   */
-  callback: string[] | string;
-  /**
-   * callback method name's max length, default to `50`
-   */
-  limit: number;
-  /**
-   * enable csrf check or not, default to `false`
-   */
-  csrf: boolean;
-  /**
-   * referrer white list, default to `undefined`
-   */
-  whiteList?: string | RegExp | (string | RegExp)[];
+import type { PartialEggConfig } from 'egg';
+export interface JSONPConfig {
+    /**
+     * jsonp callback methods key, default to `['_callback', 'callback' ]`
+     */
+    callback: string[] | string;
+    /**
+     * callback method name's max length, default to `50`
+     */
+    limit: number;
+    /**
+     * enable csrf check or not, default to `false`
+     */
+    csrf: boolean;
+    /**
+     * referrer white list, default to `undefined`
+     */
+    whiteList?: string | RegExp | (string | RegExp)[];
 }
 declare const _default: PartialEggConfig;
-//#endregion
-export { JSONPConfig, _default as default };
+export default _default;

package/dist/config/config.default.js

@@ -1,10 +1,9 @@
-//#region src/config/config.default.ts
-var config_default_default = { jsonp: {
-	limit: 50,
-	callback: ["_callback", "callback"],
-	csrf: false,
-	whiteList: void 0
-} };
-
-//#endregion
-export { config_default_default as default };
+export default {
+    jsonp: {
+        limit: 50,
+        callback: ['_callback', 'callback'],
+        csrf: false,
+        whiteList: undefined,
+    },
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmRlZmF1bHQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY29uZmlnL2NvbmZpZy5kZWZhdWx0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQXFCQSxlQUFlO0lBQ2IsS0FBSyxFQUFFO1FBQ0wsS0FBSyxFQUFFLEVBQUU7UUFDVCxRQUFRLEVBQUUsQ0FBQyxXQUFXLEVBQUUsVUFBVSxDQUFDO1FBQ25DLElBQUksRUFBRSxLQUFLO1FBQ1gsU0FBUyxFQUFFLFNBQVM7S0FDckI7Q0FDa0IsQ0FBQyJ9

package/dist/error/JSONPForbiddenReferrerError.d.ts

@@ -1,8 +1,5 @@
-//#region src/error/JSONPForbiddenReferrerError.d.ts
-declare class JSONPForbiddenReferrerError extends Error {
-  referrer: string;
-  status: number;
-  constructor(message: string, referrer: string, status: number);
+export declare class JSONPForbiddenReferrerError extends Error {
+    referrer: string;
+    status: number;
+    constructor(message: string, referrer: string, status: number);
 }
-//#endregion
-export { JSONPForbiddenReferrerError };

package/dist/error/JSONPForbiddenReferrerError.js

@@ -1,15 +1,12 @@
-//#region src/error/JSONPForbiddenReferrerError.ts
-var JSONPForbiddenReferrerError = class extends Error {
-	referrer;
-	status;
-	constructor(message, referrer, status) {
-		super(message);
-		this.name = this.constructor.name;
-		this.referrer = referrer;
-		this.status = status;
-		Error.captureStackTrace(this, this.constructor);
-	}
-};
-
-//#endregion
-export { JSONPForbiddenReferrerError };
+export class JSONPForbiddenReferrerError extends Error {
+    referrer;
+    status;
+    constructor(message, referrer, status) {
+        super(message);
+        this.name = this.constructor.name;
+        this.referrer = referrer;
+        this.status = status;
+        Error.captureStackTrace(this, this.constructor);
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiSlNPTlBGb3JiaWRkZW5SZWZlcnJlckVycm9yLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2Vycm9yL0pTT05QRm9yYmlkZGVuUmVmZXJyZXJFcnJvci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxNQUFNLE9BQU8sMkJBQTRCLFNBQVEsS0FBSztJQUNwRCxRQUFRLENBQVM7SUFDakIsTUFBTSxDQUFTO0lBRWYsWUFBWSxPQUFlLEVBQUUsUUFBZ0IsRUFBRSxNQUFjO1FBQzNELEtBQUssQ0FBQyxPQUFPLENBQUMsQ0FBQztRQUNmLElBQUksQ0FBQyxJQUFJLEdBQUcsSUFBSSxDQUFDLFdBQVcsQ0FBQyxJQUFJLENBQUM7UUFDbEMsSUFBSSxDQUFDLFFBQVEsR0FBRyxRQUFRLENBQUM7UUFDekIsSUFBSSxDQUFDLE1BQU0sR0FBRyxNQUFNLENBQUM7UUFDckIsS0FBSyxDQUFDLGlCQUFpQixDQUFDLElBQUksRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUM7SUFDbEQsQ0FBQztDQUNGIn0=

package/dist/index.d.ts

@@ -1 +1 @@
-export { };
+import './types.ts';

package/dist/index.js

@@ -1 +1,2 @@
-export {  };
+import "./types.js";
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxZQUFZLENBQUMifQ==

package/dist/lib/private_key.d.ts

@@ -1,4 +1 @@
-//#region src/lib/private_key.d.ts
-declare const JSONP_CONFIG: unique symbol;
-//#endregion
-export { JSONP_CONFIG };
+export declare const JSONP_CONFIG: unique symbol;

package/dist/lib/private_key.js

@@ -1,5 +1,2 @@
-//#region src/lib/private_key.ts
-const JSONP_CONFIG = Symbol("jsonp#config");
-
-//#endregion
-export { JSONP_CONFIG };
+export const JSONP_CONFIG = Symbol('jsonp#config');
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicHJpdmF0ZV9rZXkuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvbGliL3ByaXZhdGVfa2V5LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE1BQU0sQ0FBQyxNQUFNLFlBQVksR0FBRyxNQUFNLENBQUMsY0FBYyxDQUFDLENBQUMifQ==

package/dist/types.d.ts

@@ -1,35 +1,33 @@
-import { JSONPConfig } from "./config/config.default.js";
-import { MiddlewareFunc } from "egg";
-
-//#region src/types.d.ts
+import type { MiddlewareFunc } from 'egg';
+import type { JSONPConfig } from './config/config.default.ts';
 declare module 'egg' {
-  interface EggAppConfig {
-    /**
-     * jsonp options
-     * @member Config#jsonp
-     */
-    jsonp?: JSONPConfig;
-  }
-  interface Context {
-    /**
-     * detect if response should be jsonp
-     */
-    acceptJSONP: boolean;
-    /**
-     * JSONP wrap body function
-     * Set jsonp response wrap function, other plugin can use it.
-     * If not necessary, please don't use this method in your application code.
-     * @param {Object} body response body
-     * @private
-     */
-    createJsonpBody(body: any): void;
-  }
-  interface Application {
-    /**
-     * return a middleware to enable jsonp response.
-     * will do some security check inside.
-     * @public
-     */
-    jsonp(initOptions?: Partial<JSONPConfig>): MiddlewareFunc;
-  }
-}
+    interface EggAppConfig {
+        /**
+         * jsonp options
+         * @member Config#jsonp
+         */
+        jsonp?: JSONPConfig;
+    }
+    interface Context {
+        /**
+         * detect if response should be jsonp
+         */
+        acceptJSONP: boolean;
+        /**
+         * JSONP wrap body function
+         * Set jsonp response wrap function, other plugin can use it.
+         * If not necessary, please don't use this method in your application code.
+         * @param {Object} body response body
+         * @private
+         */
+        createJsonpBody(body: any): void;
+    }
+    interface Application {
+        /**
+         * return a middleware to enable jsonp response.
+         * will do some security check inside.
+         * @public
+         */
+        jsonp(initOptions?: Partial<JSONPConfig>): MiddlewareFunc;
+    }
+}

package/dist/types.js

@@ -1 +1,2 @@
-export {  };
+export {};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidHlwZXMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvdHlwZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IiJ9

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@eggjs/jsonp",
-  "version": "4.0.0-beta.19",
+  "version": "4.0.0-beta.21",
   "publishConfig": {
     "access": "public"
   },
@@ -49,21 +49,21 @@
     "jsonp-body": "^2.0.0"
   },
   "peerDependencies": {
-    "egg": "4.1.0-beta.19"
+    "egg": "4.1.0-beta.21"
   },
   "devDependencies": {
     "@types/node": "^24.6.2",
     "tsdown": "^0.15.4",
     "typescript": "^5.9.3",
     "vitest": "4.0.0-beta.16",
-    "@eggjs/mock": "7.0.0-beta.19",
-    "@eggjs/tsconfig": "3.1.0-beta.19"
+    "@eggjs/mock": "7.0.0-beta.21",
+    "@eggjs/tsconfig": "3.1.0-beta.21"
   },
   "main": "./dist/index.js",
   "module": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "scripts": {
-    "build": "tsdown",
+    "build": "tsdown && rimraf dist && tsc -b --clean && tsc",
     "typecheck": "tsc --noEmit",
     "lint": "oxlint --type-aware",
     "lint:fix": "npm run lint -- --fix",