@eggjs/security 4.0.0 → 5.0.0-beta.15

package/dist/commonjs/config/config.default.js

@@ -1,357 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SecurityHelperConfig = exports.SecurityConfig = exports.SecurityMiddlewareName = exports.LookupAddress = void 0;
-const zod_1 = __importDefault(require("zod"));
-const core_1 = require("@eggjs/core");
-const CSRFSupportRequestItem = zod_1.default.object({
-    path: zod_1.default.instanceof(RegExp),
-    methods: zod_1.default.array(zod_1.default.string()),
-});
-exports.LookupAddress = zod_1.default.object({
-    address: zod_1.default.string(),
-    family: zod_1.default.number(),
-});
-const LookupAddressAndStringArray = zod_1.default.union([zod_1.default.string(), exports.LookupAddress]).array();
-const SSRFCheckAddressFunction = zod_1.default.function()
-    .args(zod_1.default.union([zod_1.default.string(), exports.LookupAddress, LookupAddressAndStringArray]), zod_1.default.union([zod_1.default.number(), zod_1.default.string()]), zod_1.default.string())
-    .returns(zod_1.default.boolean());
-exports.SecurityMiddlewareName = zod_1.default.enum([
-    'csrf',
-    'hsts',
-    'methodnoallow',
-    'noopen',
-    'nosniff',
-    'csp',
-    'xssProtection',
-    'xframe',
-    'dta',
-]);
-/**
- * (ctx) => boolean
- */
-const IgnoreOrMatchHandler = zod_1.default.function().args(zod_1.default.instanceof(core_1.Context)).returns(zod_1.default.boolean());
-const IgnoreOrMatch = zod_1.default.union([
-    zod_1.default.string(), zod_1.default.instanceof(RegExp), IgnoreOrMatchHandler,
-]);
-const IgnoreOrMatchOption = zod_1.default.union([IgnoreOrMatch, IgnoreOrMatch.array()]).optional();
-/**
- * security options
- * @member Config#security
- */
-exports.SecurityConfig = zod_1.default.object({
-    /**
-     * domain white list
-     *
-     * Default to `[]`
-     */
-    domainWhiteList: zod_1.default.array(zod_1.default.string()).default([]),
-    /**
-     * protocol white list
-     *
-     * Default to `[]`
-     */
-    protocolWhiteList: zod_1.default.array(zod_1.default.string()).default([]),
-    /**
-     * default open security middleware
-     *
-     * Default to `'csrf,hsts,methodnoallow,noopen,nosniff,csp,xssProtection,xframe,dta'`
-     */
-    defaultMiddleware: zod_1.default.union([zod_1.default.string(), zod_1.default.array(exports.SecurityMiddlewareName)])
-        .default(exports.SecurityMiddlewareName.options),
-    /**
-     * whether defend csrf attack
-     */
-    csrf: zod_1.default.preprocess(val => {
-        // transform old config, `csrf: false` to `csrf: { enable: false }`
-        if (typeof val === 'boolean') {
-            return { enable: val };
-        }
-        return val;
-    }, zod_1.default.object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: zod_1.default.boolean().default(true),
-        /**
-         * csrf token detect source type
-         *
-         * Default to `'ctoken'`
-         */
-        type: zod_1.default.enum(['ctoken', 'referer', 'all', 'any']).default('ctoken'),
-        /**
-         * ignore json request
-         *
-         * Default to `false`
-         *
-         * @deprecated is not safe now, don't use it
-         */
-        ignoreJSON: zod_1.default.boolean().default(false),
-        /**
-         * csrf token cookie name
-         *
-         * Default to `'csrfToken'`
-         */
-        cookieName: zod_1.default.union([zod_1.default.string(), zod_1.default.array(zod_1.default.string())]).default('csrfToken'),
-        /**
-         * csrf token session name
-         *
-         * Default to `'csrfToken'`
-         */
-        sessionName: zod_1.default.string().default('csrfToken'),
-        /**
-         * csrf token request header name
-         *
-         * Default to `'x-csrf-token'`
-         */
-        headerName: zod_1.default.string().default('x-csrf-token'),
-        /**
-         * csrf token request body field name
-         *
-         * Default to `'_csrf'`
-         */
-        bodyName: zod_1.default.union([zod_1.default.string(), zod_1.default.array(zod_1.default.string())]).default('_csrf'),
-        /**
-         * csrf token request query field name
-         *
-         * Default to `'_csrf'`
-         */
-        queryName: zod_1.default.union([zod_1.default.string(), zod_1.default.array(zod_1.default.string())]).default('_csrf'),
-        /**
-         * rotate csrf token when it is invalid
-         *
-         * Default to `false`
-         */
-        rotateWhenInvalid: zod_1.default.boolean().default(false),
-        /**
-         * These config works when using `'ctoken'` type
-         *
-         * Default to `false`
-         */
-        useSession: zod_1.default.boolean().default(false),
-        /**
-         * csrf token cookie domain setting,
-         * can be `(ctx) => string` or `string`
-         *
-         * Default to `undefined`, auto set the cookie domain in the safe way
-         */
-        cookieDomain: zod_1.default.union([
-            zod_1.default.string(),
-            zod_1.default.function()
-                .args(zod_1.default.instanceof(core_1.Context))
-                .returns(zod_1.default.string()),
-        ]).optional(),
-        /**
-         * csrf token check requests config
-         */
-        supportedRequests: zod_1.default.array(CSRFSupportRequestItem)
-            .default([
-            { path: /^\//, methods: ['POST', 'PATCH', 'DELETE', 'PUT', 'CONNECT'] },
-        ]),
-        /**
-         * referer or origin header white list.
-         * It only works when using `'referer'` type
-         *
-         * Default to `[]`
-         */
-        refererWhiteList: zod_1.default.array(zod_1.default.string()).default([]),
-        /**
-         * csrf token cookie options
-         *
-         * Default to `{
-         *   signed: false,
-         *   httpOnly: false,
-         *   overwrite: true,
-         * }`
-         */
-        cookieOptions: zod_1.default.object({
-            signed: zod_1.default.boolean(),
-            httpOnly: zod_1.default.boolean(),
-            overwrite: zod_1.default.boolean(),
-        }).default({
-            signed: false,
-            httpOnly: false,
-            overwrite: true,
-        }),
-    }).default({})),
-    /**
-     * whether enable X-Frame-Options response header
-     */
-    xframe: zod_1.default.object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: zod_1.default.boolean().default(true),
-        /**
-         * X-Frame-Options value, can be `'DENY'`, `'SAMEORIGIN'`, `'ALLOW-FROM https://example.com'`
-         *
-         * Default to `'SAMEORIGIN'`
-         */
-        value: zod_1.default.string().default('SAMEORIGIN'),
-    }).default({}),
-    /**
-     * whether enable Strict-Transport-Security response header
-     */
-    hsts: zod_1.default.object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `false`
-         */
-        enable: zod_1.default.boolean().default(false),
-        /**
-         * Max age of Strict-Transport-Security in seconds
-         *
-         * Default to `365 * 24 * 3600`
-         */
-        maxAge: zod_1.default.number().default(365 * 24 * 3600),
-        /**
-         * Whether include sub domains
-         *
-         * Default to `false`
-         */
-        includeSubdomains: zod_1.default.boolean().default(false),
-    }).default({}),
-    /**
-     * whether enable Http Method filter
-     */
-    methodnoallow: zod_1.default.object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: zod_1.default.boolean().default(true),
-    }).default({}),
-    /**
-     * whether enable IE automatically download open
-     */
-    noopen: zod_1.default.object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: zod_1.default.boolean().default(true),
-    }).default({}),
-    /**
-     * whether enable IE8 automatically detect mime
-     */
-    nosniff: zod_1.default.object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: zod_1.default.boolean().default(true),
-    }).default({}),
-    /**
-     * whether enable IE8 XSS Filter
-     */
-    xssProtection: zod_1.default.object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: zod_1.default.boolean().default(true),
-        /**
-         * X-XSS-Protection response header value
-         *
-         * Default to `'1; mode=block'`
-         */
-        value: zod_1.default.coerce.string().default('1; mode=block'),
-    }).default({}),
-    /**
-     * content security policy config
-     */
-    csp: zod_1.default.object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `false`
-         */
-        enable: zod_1.default.boolean().default(false),
-        // https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP#csp_overview
-        policy: zod_1.default.record(zod_1.default.union([zod_1.default.string(), zod_1.default.array(zod_1.default.string()), zod_1.default.boolean()])).default({}),
-        /**
-         * whether enable report only mode
-         * Default to `undefined`
-         */
-        reportOnly: zod_1.default.boolean().optional(),
-        /**
-         * whether support IE
-         * Default to `undefined`
-         */
-        supportIE: zod_1.default.boolean().optional(),
-    }).default({}),
-    /**
-     * whether enable referrer policy
-     * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
-     */
-    referrerPolicy: zod_1.default.object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `false`
-         */
-        enable: zod_1.default.boolean().default(false),
-        /**
-         * referrer policy value
-         *
-         * Default to `'no-referrer-when-downgrade'`
-         */
-        value: zod_1.default.string().default('no-referrer-when-downgrade'),
-    }).default({}),
-    /**
-     * whether enable auto avoid directory traversal attack
-     */
-    dta: zod_1.default.object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: zod_1.default.boolean().default(true),
-    }).default({}),
-    ssrf: zod_1.default.object({
-        ipBlackList: zod_1.default.array(zod_1.default.string()).optional(),
-        ipExceptionList: zod_1.default.array(zod_1.default.string()).optional(),
-        hostnameExceptionList: zod_1.default.array(zod_1.default.string()).optional(),
-        checkAddress: SSRFCheckAddressFunction.optional(),
-    }).default({}),
-    match: zod_1.default.union([IgnoreOrMatch, IgnoreOrMatch.array()]).optional(),
-    ignore: zod_1.default.union([IgnoreOrMatch, IgnoreOrMatch.array()]).optional(),
-    __protocolWhiteListSet: zod_1.default.set(zod_1.default.string()).optional().readonly(),
-});
-const SecurityHelperOnTagAttrHandler = zod_1.default.function()
-    .args(zod_1.default.string(), zod_1.default.string(), zod_1.default.string(), zod_1.default.boolean())
-    .returns(zod_1.default.union([zod_1.default.string(), zod_1.default.void()]));
-exports.SecurityHelperConfig = zod_1.default.object({
-    shtml: zod_1.default.object({
-        /**
-         * tag attribute white list
-         */
-        whiteList: zod_1.default.record(zod_1.default.array(zod_1.default.string())).optional(),
-        /**
-         * domain white list
-         * @deprecated use `config.security.domainWhiteList` instead
-         */
-        domainWhiteList: zod_1.default.array(zod_1.default.string()).optional(),
-        /**
-         * tag attribute handler
-         */
-        onTagAttr: SecurityHelperOnTagAttrHandler.optional(),
-    }).default({}),
-});
-exports.default = {
-    security: exports.SecurityConfig.parse({}),
-    helper: exports.SecurityHelperConfig.parse({}),
-};
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmRlZmF1bHQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvY29uZmlnL2NvbmZpZy5kZWZhdWx0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7OztBQUFBLDhDQUFvQjtBQUNwQixzQ0FBc0M7QUFFdEMsTUFBTSxzQkFBc0IsR0FBRyxhQUFDLENBQUMsTUFBTSxDQUFDO0lBQ3RDLElBQUksRUFBRSxhQUFDLENBQUMsVUFBVSxDQUFDLE1BQU0sQ0FBQztJQUMxQixPQUFPLEVBQUUsYUFBQyxDQUFDLEtBQUssQ0FBQyxhQUFDLENBQUMsTUFBTSxFQUFFLENBQUM7Q0FDN0IsQ0FBQyxDQUFDO0FBR1UsUUFBQSxhQUFhLEdBQUcsYUFBQyxDQUFDLE1BQU0sQ0FBQztJQUNwQyxPQUFPLEVBQUUsYUFBQyxDQUFDLE1BQU0sRUFBRTtJQUNuQixNQUFNLEVBQUUsYUFBQyxDQUFDLE1BQU0sRUFBRTtDQUNuQixDQUFDLENBQUM7QUFHSCxNQUFNLDJCQUEyQixHQUFHLGFBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBRSxhQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUscUJBQWEsQ0FBRSxDQUFDLENBQUMsS0FBSyxFQUFFLENBQUM7QUFDbkYsTUFBTSx3QkFBd0IsR0FBRyxhQUFDLENBQUMsUUFBUSxFQUFFO0tBQzFDLElBQUksQ0FBQyxhQUFDLENBQUMsS0FBSyxDQUFDLENBQUUsYUFBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLHFCQUFhLEVBQUUsMkJBQTJCLENBQUUsQ0FBQyxFQUFFLGFBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBRSxhQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUsYUFBQyxDQUFDLE1BQU0sRUFBRSxDQUFFLENBQUMsRUFBRSxhQUFDLENBQUMsTUFBTSxFQUFFLENBQUM7S0FDMUgsT0FBTyxDQUFDLGFBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO0FBT1gsUUFBQSxzQkFBc0IsR0FBRyxhQUFDLENBQUMsSUFBSSxDQUFDO0lBQzNDLE1BQU07SUFDTixNQUFNO0lBQ04sZUFBZTtJQUNmLFFBQVE7SUFDUixTQUFTO0lBQ1QsS0FBSztJQUNMLGVBQWU7SUFDZixRQUFRO0lBQ1IsS0FBSztDQUNOLENBQUMsQ0FBQztBQUdIOztHQUVHO0FBQ0gsTUFBTSxvQkFBb0IsR0FBRyxhQUFDLENBQUMsUUFBUSxFQUFFLENBQUMsSUFBSSxDQUFDLGFBQUMsQ0FBQyxVQUFVLENBQUMsY0FBTyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsYUFBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7QUFHM0YsTUFBTSxhQUFhLEdBQUcsYUFBQyxDQUFDLEtBQUssQ0FBQztJQUM1QixhQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUsYUFBQyxDQUFDLFVBQVUsQ0FBQyxNQUFNLENBQUMsRUFBRSxvQkFBb0I7Q0FDdkQsQ0FBQyxDQUFDO0FBR0gsTUFBTSxtQkFBbUIsR0FBRyxhQUFDLENBQUMsS0FBSyxDQUFDLENBQUUsYUFBYSxFQUFFLGFBQWEsQ0FBQyxLQUFLLEVBQUUsQ0FBRSxDQUFDLENBQUMsUUFBUSxFQUFFLENBQUM7QUFHekY7OztHQUdHO0FBQ1UsUUFBQSxjQUFjLEdBQUcsYUFBQyxDQUFDLE1BQU0sQ0FBQztJQUNyQzs7OztPQUlHO0lBQ0gsZUFBZSxFQUFFLGFBQUMsQ0FBQyxLQUFLLENBQUMsYUFBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztJQUNoRDs7OztPQUlHO0lBQ0gsaUJBQWlCLEVBQUUsYUFBQyxDQUFDLEtBQUssQ0FBQyxhQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO0lBQ2xEOzs7O09BSUc7SUFDSCxpQkFBaUIsRUFBRSxhQUFDLENBQUMsS0FBSyxDQUFDLENBQUUsYUFBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLGFBQUMsQ0FBQyxLQUFLLENBQUMsOEJBQXNCLENBQUMsQ0FBRSxDQUFDO1NBQ3hFLE9BQU8sQ0FBQyw4QkFBc0IsQ0FBQyxPQUFPLENBQUM7SUFDMUM7O09BRUc7SUFDSCxJQUFJLEVBQUUsYUFBQyxDQUFDLFVBQVUsQ0FBQyxHQUFHLENBQUMsRUFBRTtRQUN2QixtRUFBbUU7UUFDbkUsSUFBSSxPQUFPLEdBQUcsS0FBSyxTQUFTLEVBQUUsQ0FBQztZQUM3QixPQUFPLEVBQUUsTUFBTSxFQUFFLEdBQUcsRUFBRSxDQUFDO1FBQ3pCLENBQUM7UUFDRCxPQUFPLEdBQUcsQ0FBQztJQUNiLENBQUMsRUFBRSxhQUFDLENBQUMsTUFBTSxDQUFDO1FBQ1YsS0FBSyxFQUFFLG1CQUFtQjtRQUMxQixNQUFNLEVBQUUsbUJBQW1CO1FBQzNCOztXQUVHO1FBQ0gsTUFBTSxFQUFFLGFBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDO1FBQ2pDOzs7O1dBSUc7UUFDSCxJQUFJLEVBQUUsYUFBQyxDQUFDLElBQUksQ0FBQyxDQUFFLFFBQVEsRUFBRSxTQUFTLEVBQUUsS0FBSyxFQUFFLEtBQUssQ0FBRSxDQUFDLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQztRQUNyRTs7Ozs7O1dBTUc7UUFDSCxVQUFVLEVBQUUsYUFBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUM7UUFDdEM7Ozs7V0FJRztRQUNILFVBQVUsRUFBRSxhQUFDLENBQUMsS0FBSyxDQUFDLENBQUUsYUFBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLGFBQUMsQ0FBQyxLQUFLLENBQUMsYUFBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUUsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUM7UUFDN0U7Ozs7V0FJRztRQUNILFdBQVcsRUFBRSxhQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQztRQUM1Qzs7OztXQUlHO1FBQ0gsVUFBVSxFQUFFLGFBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxPQUFPLENBQUMsY0FBYyxDQUFDO1FBQzlDOzs7O1dBSUc7UUFDSCxRQUFRLEVBQUUsYUFBQyxDQUFDLEtBQUssQ0FBQyxDQUFFLGFBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxhQUFDLENBQUMsS0FBSyxDQUFDLGFBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFFLENBQUMsQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDO1FBQ3ZFOzs7O1dBSUc7UUFDSCxTQUFTLEVBQUUsYUFBQyxDQUFDLEtBQUssQ0FBQyxDQUFFLGFBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxhQUFDLENBQUMsS0FBSyxDQUFDLGFBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFFLENBQUMsQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDO1FBQ3hFOzs7O1dBSUc7UUFDSCxpQkFBaUIsRUFBRSxhQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQztRQUM3Qzs7OztXQUlHO1FBQ0gsVUFBVSxFQUFFLGFBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDO1FBQ3RDOzs7OztXQUtHO1FBQ0gsWUFBWSxFQUFFLGFBQUMsQ0FBQyxLQUFLLENBQUM7WUFDcEIsYUFBQyxDQUFDLE1BQU0sRUFBRTtZQUNWLGFBQUMsQ0FBQyxRQUFRLEVBQUU7aUJBQ1QsSUFBSSxDQUFDLGFBQUMsQ0FBQyxVQUFVLENBQUMsY0FBTyxDQUFDLENBQUM7aUJBQzNCLE9BQU8sQ0FBQyxhQUFDLENBQUMsTUFBTSxFQUFFLENBQUM7U0FDdkIsQ0FBQyxDQUFDLFFBQVEsRUFBRTtRQUNiOztXQUVHO1FBQ0gsaUJBQWlCLEVBQUUsYUFBQyxDQUFDLEtBQUssQ0FBQyxzQkFBc0IsQ0FBQzthQUMvQyxPQUFPLENBQUM7WUFDUCxFQUFFLElBQUksRUFBRSxLQUFLLEVBQUUsT0FBTyxFQUFFLENBQUUsTUFBTSxFQUFFLE9BQU8sRUFBRSxRQUFRLEVBQUUsS0FBSyxFQUFFLFNBQVMsQ0FBRSxFQUFFO1NBQzFFLENBQUM7UUFDSjs7Ozs7V0FLRztRQUNILGdCQUFnQixFQUFFLGFBQUMsQ0FBQyxLQUFLLENBQUMsYUFBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztRQUNqRDs7Ozs7Ozs7V0FRRztRQUNILGFBQWEsRUFBRSxhQUFDLENBQUMsTUFBTSxDQUFDO1lBQ3RCLE1BQU0sRUFBRSxhQUFDLENBQUMsT0FBTyxFQUFFO1lBQ25CLFFBQVEsRUFBRSxhQUFDLENBQUMsT0FBTyxFQUFFO1lBQ3JCLFNBQVMsRUFBRSxhQUFDLENBQUMsT0FBTyxFQUFFO1NBQ3ZCLENBQUMsQ0FBQyxPQUFPLENBQUM7WUFDVCxNQUFNLEVBQUUsS0FBSztZQUNiLFFBQVEsRUFBRSxLQUFLO1lBQ2YsU0FBUyxFQUFFLElBQUk7U0FDaEIsQ0FBQztLQUNILENBQUMsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDLENBQUM7SUFDZjs7T0FFRztJQUNILE1BQU0sRUFBRSxhQUFDLENBQUMsTUFBTSxDQUFDO1FBQ2YsS0FBSyxFQUFFLG1CQUFtQjtRQUMxQixNQUFNLEVBQUUsbUJBQW1CO1FBQzNCOztXQUVHO1FBQ0gsTUFBTSxFQUFFLGFBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDO1FBQ2pDOzs7O1dBSUc7UUFDSCxLQUFLLEVBQUUsYUFBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLE9BQU8sQ0FBQyxZQUFZLENBQUM7S0FDeEMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7SUFDZDs7T0FFRztJQUNILElBQUksRUFBRSxhQUFDLENBQUMsTUFBTSxDQUFDO1FBQ2IsS0FBSyxFQUFFLG1CQUFtQjtRQUMxQixNQUFNLEVBQUUsbUJBQW1CO1FBQzNCOztXQUVHO1FBQ0gsTUFBTSxFQUFFLGFBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDO1FBQ2xDOzs7O1dBSUc7UUFDSCxNQUFNLEVBQUUsYUFBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLE9BQU8sQ0FBQyxHQUFHLEdBQUcsRUFBRSxHQUFHLElBQUksQ0FBQztRQUMzQzs7OztXQUlHO1FBQ0gsaUJBQWlCLEVBQUUsYUFBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUM7S0FDOUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7SUFDZDs7T0FFRztJQUNILGFBQWEsRUFBRSxhQUFDLENBQUMsTUFBTSxDQUFDO1FBQ3RCLEtBQUssRUFBRSxtQkFBbUI7UUFDMUIsTUFBTSxFQUFFLG1CQUFtQjtRQUMzQjs7V0FFRztRQUNILE1BQU0sRUFBRSxhQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQztLQUNsQyxDQUFDLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztJQUNkOztPQUVHO0lBQ0gsTUFBTSxFQUFFLGFBQUMsQ0FBQyxNQUFNLENBQUM7UUFDZixLQUFLLEVBQUUsbUJBQW1CO1FBQzFCLE1BQU0sRUFBRSxtQkFBbUI7UUFDM0I7O1dBRUc7UUFDSCxNQUFNLEVBQUUsYUFBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUM7S0FDbEMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7SUFDZDs7T0FFRztJQUNILE9BQU8sRUFBRSxhQUFDLENBQUMsTUFBTSxDQUFDO1FBQ2hCLEtBQUssRUFBRSxtQkFBbUI7UUFDMUIsTUFBTSxFQUFFLG1CQUFtQjtRQUMzQjs7V0FFRztRQUNILE1BQU0sRUFBRSxhQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQztLQUNsQyxDQUFDLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztJQUNkOztPQUVHO0lBQ0gsYUFBYSxFQUFFLGFBQUMsQ0FBQyxNQUFNLENBQUM7UUFDdEIsS0FBSyxFQUFFLG1CQUFtQjtRQUMxQixNQUFNLEVBQUUsbUJBQW1CO1FBQzNCOztXQUVHO1FBQ0gsTUFBTSxFQUFFLGFBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDO1FBQ2pDOzs7O1dBSUc7UUFDSCxLQUFLLEVBQUUsYUFBQyxDQUFDLE1BQU0sQ0FBQyxNQUFNLEVBQUUsQ0FBQyxPQUFPLENBQUMsZUFBZSxDQUFDO0tBQ2xELENBQUMsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO0lBQ2Q7O09BRUc7SUFDSCxHQUFHLEVBQUUsYUFBQyxDQUFDLE1BQU0sQ0FBQztRQUNaLEtBQUssRUFBRSxtQkFBbUI7UUFDMUIsTUFBTSxFQUFFLG1CQUFtQjtRQUMzQjs7V0FFRztRQUNILE1BQU0sRUFBRSxhQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQztRQUNsQyxxRUFBcUU7UUFDckUsTUFBTSxFQUFFLGFBQUMsQ0FBQyxNQUFNLENBQUMsYUFBQyxDQUFDLEtBQUssQ0FBQyxDQUFFLGFBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxhQUFDLENBQUMsS0FBSyxDQUFDLGFBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxFQUFFLGFBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBRSxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1FBQ3ZGOzs7V0FHRztRQUNILFVBQVUsRUFBRSxhQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsUUFBUSxFQUFFO1FBQ2xDOzs7V0FHRztRQUNILFNBQVMsRUFBRSxhQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsUUFBUSxFQUFFO0tBQ2xDLENBQUMsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO0lBQ2Q7OztPQUdHO0lBQ0gsY0FBYyxFQUFFLGFBQUMsQ0FBQyxNQUFNLENBQUM7UUFDdkIsS0FBSyxFQUFFLG1CQUFtQjtRQUMxQixNQUFNLEVBQUUsbUJBQW1CO1FBQzNCOztXQUVHO1FBQ0gsTUFBTSxFQUFFLGFBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDO1FBQ2xDOzs7O1dBSUc7UUFDSCxLQUFLLEVBQUUsYUFBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLE9BQU8sQ0FBQyw0QkFBNEIsQ0FBQztLQUN4RCxDQUFDLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztJQUNkOztPQUVHO0lBQ0gsR0FBRyxFQUFFLGFBQUMsQ0FBQyxNQUFNLENBQUM7UUFDWixLQUFLLEVBQUUsbUJBQW1CO1FBQzFCLE1BQU0sRUFBRSxtQkFBbUI7UUFDM0I7O1dBRUc7UUFDSCxNQUFNLEVBQUUsYUFBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUM7S0FDbEMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7SUFDZCxJQUFJLEVBQUUsYUFBQyxDQUFDLE1BQU0sQ0FBQztRQUNiLFdBQVcsRUFBRSxhQUFDLENBQUMsS0FBSyxDQUFDLGFBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDLFFBQVEsRUFBRTtRQUMzQyxlQUFlLEVBQUUsYUFBQyxDQUFDLEtBQUssQ0FBQyxhQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxRQUFRLEVBQUU7UUFDL0MscUJBQXFCLEVBQUUsYUFBQyxDQUFDLEtBQUssQ0FBQyxhQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxRQUFRLEVBQUU7UUFDckQsWUFBWSxFQUFFLHdCQUF3QixDQUFDLFFBQVEsRUFBRTtLQUNsRCxDQUFDLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztJQUNkLEtBQUssRUFBRSxhQUFDLENBQUMsS0FBSyxDQUFDLENBQUUsYUFBYSxFQUFFLGFBQWEsQ0FBQyxLQUFLLEVBQUUsQ0FBRSxDQUFDLENBQUMsUUFBUSxFQUFFO0lBQ25FLE1BQU0sRUFBRSxhQUFDLENBQUMsS0FBSyxDQUFDLENBQUUsYUFBYSxFQUFFLGFBQWEsQ0FBQyxLQUFLLEVBQUUsQ0FBRSxDQUFDLENBQUMsUUFBUSxFQUFFO0lBQ3BFLHNCQUFzQixFQUFFLGFBQUMsQ0FBQyxHQUFHLENBQUMsYUFBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUMsUUFBUSxFQUFFLENBQUMsUUFBUSxFQUFFO0NBQ2hFLENBQUMsQ0FBQztBQUdILE1BQU0sOEJBQThCLEdBQUcsYUFBQyxDQUFDLFFBQVEsRUFBRTtLQUNoRCxJQUFJLENBQUMsYUFBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLGFBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxhQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUsYUFBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO0tBQ3JELE9BQU8sQ0FBQyxhQUFDLENBQUMsS0FBSyxDQUFDLENBQUUsYUFBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLGFBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBRSxDQUFDLENBQUMsQ0FBQztBQU9qQyxRQUFBLG9CQUFvQixHQUFHLGFBQUMsQ0FBQyxNQUFNLENBQUM7SUFDM0MsS0FBSyxFQUFFLGFBQUMsQ0FBQyxNQUFNLENBQUM7UUFDZDs7V0FFRztRQUNILFNBQVMsRUFBRSxhQUFDLENBQUMsTUFBTSxDQUFDLGFBQUMsQ0FBQyxLQUFLLENBQUMsYUFBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUMsQ0FBQyxRQUFRLEVBQUU7UUFDbkQ7OztXQUdHO1FBQ0gsZUFBZSxFQUFFLGFBQUMsQ0FBQyxLQUFLLENBQUMsYUFBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUMsUUFBUSxFQUFFO1FBQy9DOztXQUVHO1FBQ0gsU0FBUyxFQUFFLDhCQUE4QixDQUFDLFFBQVEsRUFBRTtLQUNyRCxDQUFDLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztDQUNmLENBQUMsQ0FBQztBQUdILGtCQUFlO0lBQ2IsUUFBUSxFQUFFLHNCQUFjLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQztJQUNsQyxNQUFNLEVBQUUsNEJBQW9CLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQztDQUN2QyxDQUFDIn0=

package/dist/commonjs/config/config.local.d.ts

@@ -1,5 +0,0 @@
-import { SecurityConfig } from '../types.js';
-declare const _default: {
-    security: SecurityConfig;
-};
-export default _default;

package/dist/commonjs/config/config.local.js

@@ -1,10 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = {
-    security: {
-        hsts: {
-            enable: false,
-        },
-    },
-};
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmxvY2FsLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2NvbmZpZy9jb25maWcubG9jYWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFFQSxrQkFBZTtJQUNiLFFBQVEsRUFBRTtRQUNSLElBQUksRUFBRTtZQUNKLE1BQU0sRUFBRSxLQUFLO1NBQ2Q7S0FDZ0I7Q0FDcEIsQ0FBQyJ9

package/dist/commonjs/index.d.ts

@@ -1 +0,0 @@
-import './types.js';

package/dist/commonjs/index.js

@@ -1,14 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-require("./types.js");
-// module.exports = require('./app/middleware/securities');
-// module.exports.csp = require('./lib/middlewares/csp');
-// module.exports.csrf = require('./lib/middlewares/csrf');
-// module.exports.methodNoAllow = require('./lib/middlewares/methodnoallow');
-// module.exports.noopen = require('./lib/middlewares/noopen');
-// module.exports.nosniff = require('./lib/middlewares/nosniff');
-// module.exports.xssProtection = require('./lib/middlewares/xssProtection');
-// module.exports.xframe = require('./lib/middlewares/xframe');
-// module.exports.safeRedirect = require('./lib/safe_redirect');
-// module.exports.utils = require('./lib/utils');
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7QUFBQSxzQkFBb0I7QUFFcEIsMkRBQTJEO0FBQzNELHlEQUF5RDtBQUN6RCwyREFBMkQ7QUFDM0QsNkVBQTZFO0FBQzdFLCtEQUErRDtBQUMvRCxpRUFBaUU7QUFDakUsNkVBQTZFO0FBQzdFLCtEQUErRDtBQUMvRCxnRUFBZ0U7QUFDaEUsaURBQWlEIn0=

package/dist/commonjs/lib/extend/safe_curl.d.ts

@@ -1,16 +0,0 @@
-import { EggCore } from '@eggjs/core';
-import type { SSRFCheckAddressFunction } from '../../types.js';
-type HttpClient = EggCore['HttpClient'];
-type HttpClientParameters = Parameters<HttpClient['prototype']['request']>;
-export type HttpClientRequestURL = HttpClientParameters[0];
-export type HttpClientOptions = HttpClientParameters[1] & {
-    checkAddress?: SSRFCheckAddressFunction;
-};
-export type HttpClientResponse<T = any> = Awaited<ReturnType<HttpClient['prototype']['request']>> & {
-    data: T;
-};
-/**
- * safe curl with ssrf protection
- */
-export declare function safeCurlForApplication<T = any>(app: EggCore, url: HttpClientRequestURL, options?: HttpClientOptions): Promise<import("urllib").HttpClientResponse<T>>;
-export {};

package/dist/commonjs/lib/extend/safe_curl.js

@@ -1,28 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.safeCurlForApplication = safeCurlForApplication;
-const SSRF_HTTPCLIENT = Symbol('SSRF_HTTPCLIENT');
-/**
- * safe curl with ssrf protection
- */
-async function safeCurlForApplication(app, url, options = {}) {
-    const ssrfConfig = app.config.security.ssrf;
-    if (ssrfConfig?.checkAddress) {
-        options.checkAddress = ssrfConfig.checkAddress;
-    }
-    else {
-        app.logger.warn('[@eggjs/security] please configure `config.security.ssrf` first');
-    }
-    if (ssrfConfig?.checkAddress) {
-        let httpClient = app[SSRF_HTTPCLIENT];
-        // use the new httpClient init with checkAddress
-        if (!httpClient) {
-            httpClient = app[SSRF_HTTPCLIENT] = app.createHttpClient({
-                checkAddress: ssrfConfig.checkAddress,
-            });
-        }
-        return await httpClient.request(url, options);
-    }
-    return await app.curl(url, options);
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2FmZV9jdXJsLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2xpYi9leHRlbmQvc2FmZV9jdXJsLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7O0FBY0Esd0RBb0JDO0FBL0JELE1BQU0sZUFBZSxHQUFHLE1BQU0sQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO0FBUWxEOztHQUVHO0FBQ0ksS0FBSyxVQUFVLHNCQUFzQixDQUFVLEdBQVksRUFBRSxHQUF5QixFQUFFLFVBQTZCLEVBQUU7SUFDNUgsTUFBTSxVQUFVLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDO0lBQzVDLElBQUksVUFBVSxFQUFFLFlBQVksRUFBRSxDQUFDO1FBQzdCLE9BQU8sQ0FBQyxZQUFZLEdBQUcsVUFBVSxDQUFDLFlBQVksQ0FBQztJQUNqRCxDQUFDO1NBQU0sQ0FBQztRQUNOLEdBQUcsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLGlFQUFpRSxDQUFDLENBQUM7SUFDckYsQ0FBQztJQUVELElBQUksVUFBVSxFQUFFLFlBQVksRUFBRSxDQUFDO1FBQzdCLElBQUksVUFBVSxHQUFHLEdBQUcsQ0FBQyxlQUFlLENBQTRDLENBQUM7UUFDakYsZ0RBQWdEO1FBQ2hELElBQUksQ0FBQyxVQUFVLEVBQUUsQ0FBQztZQUNoQixVQUFVLEdBQUcsR0FBRyxDQUFDLGVBQWUsQ0FBQyxHQUFHLEdBQUcsQ0FBQyxnQkFBZ0IsQ0FBQztnQkFDdkQsWUFBWSxFQUFFLFVBQVUsQ0FBQyxZQUFZO2FBQ3RDLENBQUMsQ0FBQztRQUNMLENBQUM7UUFDRCxPQUFPLE1BQU0sVUFBVSxDQUFDLE9BQU8sQ0FBSSxHQUFHLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFDbkQsQ0FBQztJQUVELE9BQU8sTUFBTSxHQUFHLENBQUMsSUFBSSxDQUFJLEdBQUcsRUFBRSxPQUFPLENBQUMsQ0FBQztBQUN6QyxDQUFDIn0=

package/dist/commonjs/lib/helper/cliFilter.d.ts

@@ -1,4 +0,0 @@
-/**
- * remote command execution
- */
-export default function cliFilter(text: string): string;

package/dist/commonjs/lib/helper/cliFilter.js

@@ -1,20 +0,0 @@
-"use strict";
-/**
- * remote command execution
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = cliFilter;
-const BASIC_ALPHABETS = new Set('abcdefghijklmnopqrstuvwxyz1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ.-_'.split(''));
-function cliFilter(text) {
-    const str = '' + text;
-    let res = '';
-    let ascii;
-    for (let index = 0; index < str.length; index++) {
-        ascii = str[index];
-        if (BASIC_ALPHABETS.has(ascii)) {
-            res += ascii;
-        }
-    }
-    return res;
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xpRmlsdGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2xpYi9oZWxwZXIvY2xpRmlsdGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7QUFBQTs7R0FFRzs7QUFJSCw0QkFhQztBQWZELE1BQU0sZUFBZSxHQUFHLElBQUksR0FBRyxDQUFDLG1FQUFtRSxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDO0FBRS9HLFNBQXdCLFNBQVMsQ0FBQyxJQUFZO0lBQzVDLE1BQU0sR0FBRyxHQUFHLEVBQUUsR0FBRyxJQUFJLENBQUM7SUFDdEIsSUFBSSxHQUFHLEdBQUcsRUFBRSxDQUFDO0lBQ2IsSUFBSSxLQUFLLENBQUM7SUFFVixLQUFLLElBQUksS0FBSyxHQUFHLENBQUMsRUFBRSxLQUFLLEdBQUcsR0FBRyxDQUFDLE1BQU0sRUFBRSxLQUFLLEVBQUUsRUFBRSxDQUFDO1FBQ2hELEtBQUssR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLENBQUM7UUFDbkIsSUFBSSxlQUFlLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQUM7WUFDL0IsR0FBRyxJQUFJLEtBQUssQ0FBQztRQUNmLENBQUM7SUFDSCxDQUFDO0lBRUQsT0FBTyxHQUFHLENBQUM7QUFDYixDQUFDIn0=

package/dist/commonjs/lib/helper/escape.d.ts

@@ -1,2 +0,0 @@
-import escapeHTML from 'escape-html';
-export default escapeHTML;

package/dist/commonjs/lib/helper/escape.js

@@ -1,8 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const escape_html_1 = __importDefault(require("escape-html"));
-exports.default = escape_html_1.default;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXNjYXBlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vc3JjL2xpYi9oZWxwZXIvZXNjYXBlLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7Ozs7O0FBQUEsOERBQXFDO0FBRXJDLGtCQUFlLHFCQUFVLENBQUMifQ==

package/dist/commonjs/lib/helper/escapeShellArg.d.ts

@@ -1 +0,0 @@
-export default function escapeShellArg(text: string): string;

package/dist/commonjs/lib/helper/escapeShellArg.js

@@ -1,8 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = escapeShellArg;
-function escapeShellArg(text) {
-    const str = '' + text;
-    return '\'' + str.replace(/\\/g, '\\\\').replace(/\'/g, '\\\'') + '\'';
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXNjYXBlU2hlbGxBcmcuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvbGliL2hlbHBlci9lc2NhcGVTaGVsbEFyZy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUFBLGlDQUdDO0FBSEQsU0FBd0IsY0FBYyxDQUFDLElBQVk7SUFDakQsTUFBTSxHQUFHLEdBQUcsRUFBRSxHQUFHLElBQUksQ0FBQztJQUN0QixPQUFPLElBQUksR0FBRyxHQUFHLENBQUMsT0FBTyxDQUFDLEtBQUssRUFBRSxNQUFNLENBQUMsQ0FBQyxPQUFPLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxHQUFHLElBQUksQ0FBQztBQUN6RSxDQUFDIn0=

package/dist/commonjs/lib/helper/escapeShellCmd.d.ts

@@ -1 +0,0 @@
-export default function escapeShellCmd(text: string): string;

package/dist/commonjs/lib/helper/escapeShellCmd.js

@@ -1,17 +0,0 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.default = escapeShellCmd;
-const BASIC_ALPHABETS = new Set('#&;`|*?~<>^()[]{}$;\'",\x0A\xFF'.split(''));
-function escapeShellCmd(text) {
-    const str = '' + text;
-    let res = '';
-    let ascii;
-    for (let index = 0; index < str.length; index++) {
-        ascii = str[index];
-        if (!BASIC_ALPHABETS.has(ascii)) {
-            res += ascii;
-        }
-    }
-    return res;
-}
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiZXNjYXBlU2hlbGxDbWQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvbGliL2hlbHBlci9lc2NhcGVTaGVsbENtZC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOztBQUVBLGlDQWFDO0FBZkQsTUFBTSxlQUFlLEdBQUcsSUFBSSxHQUFHLENBQUMsaUNBQWlDLENBQUMsS0FBSyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUM7QUFFN0UsU0FBd0IsY0FBYyxDQUFDLElBQVk7SUFDakQsTUFBTSxHQUFHLEdBQUcsRUFBRSxHQUFHLElBQUksQ0FBQztJQUN0QixJQUFJLEdBQUcsR0FBRyxFQUFFLENBQUM7SUFDYixJQUFJLEtBQUssQ0FBQztJQUVWLEtBQUssSUFBSSxLQUFLLEdBQUcsQ0FBQyxFQUFFLEtBQUssR0FBRyxHQUFHLENBQUMsTUFBTSxFQUFFLEtBQUssRUFBRSxFQUFFLENBQUM7UUFDaEQsS0FBSyxHQUFHLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQztRQUNuQixJQUFJLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ2hDLEdBQUcsSUFBSSxLQUFLLENBQUM7UUFDZixDQUFDO0lBQ0gsQ0FBQztJQUVELE9BQU8sR0FBRyxDQUFDO0FBQ2IsQ0FBQyJ9

package/dist/commonjs/lib/helper/index.d.ts

@@ -1,21 +0,0 @@
-import cliFilter from './cliFilter.js';
-import escape from './escape.js';
-import escapeShellArg from './escapeShellArg.js';
-import escapeShellCmd from './escapeShellCmd.js';
-import shtml from './shtml.js';
-import sjs from './sjs.js';
-import sjson from './sjson.js';
-import spath from './spath.js';
-import surl from './surl.js';
-declare const _default: {
-    cliFilter: typeof cliFilter;
-    escape: typeof escape;
-    escapeShellArg: typeof escapeShellArg;
-    escapeShellCmd: typeof escapeShellCmd;
-    shtml: typeof shtml;
-    sjs: typeof sjs;
-    sjson: typeof sjson;
-    spath: typeof spath;
-    surl: typeof surl;
-};
-export default _default;

package/dist/commonjs/lib/helper/index.js

@@ -1,26 +0,0 @@
-"use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
-Object.defineProperty(exports, "__esModule", { value: true });
-const cliFilter_js_1 = __importDefault(require("./cliFilter.js"));
-const escape_js_1 = __importDefault(require("./escape.js"));
-const escapeShellArg_js_1 = __importDefault(require("./escapeShellArg.js"));
-const escapeShellCmd_js_1 = __importDefault(require("./escapeShellCmd.js"));
-const shtml_js_1 = __importDefault(require("./shtml.js"));
-const sjs_js_1 = __importDefault(require("./sjs.js"));
-const sjson_js_1 = __importDefault(require("./sjson.js"));
-const spath_js_1 = __importDefault(require("./spath.js"));
-const surl_js_1 = __importDefault(require("./surl.js"));
-exports.default = {
-    cliFilter: cliFilter_js_1.default,
-    escape: escape_js_1.default,
-    escapeShellArg: escapeShellArg_js_1.default,
-    escapeShellCmd: escapeShellCmd_js_1.default,
-    shtml: shtml_js_1.default,
-    sjs: sjs_js_1.default,
-    sjson: sjson_js_1.default,
-    spath: spath_js_1.default,
-    surl: surl_js_1.default,
-};
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi8uLi9zcmMvbGliL2hlbHBlci9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7OztBQUFBLGtFQUF1QztBQUN2Qyw0REFBaUM7QUFDakMsNEVBQWlEO0FBQ2pELDRFQUFpRDtBQUNqRCwwREFBK0I7QUFDL0Isc0RBQTJCO0FBQzNCLDBEQUErQjtBQUMvQiwwREFBK0I7QUFDL0Isd0RBQTZCO0FBRTdCLGtCQUFlO0lBQ2IsU0FBUyxFQUFULHNCQUFTO0lBQ1QsTUFBTSxFQUFOLG1CQUFNO0lBQ04sY0FBYyxFQUFkLDJCQUFjO0lBQ2QsY0FBYyxFQUFkLDJCQUFjO0lBQ2QsS0FBSyxFQUFMLGtCQUFLO0lBQ0wsR0FBRyxFQUFILGdCQUFHO0lBQ0gsS0FBSyxFQUFMLGtCQUFLO0lBQ0wsS0FBSyxFQUFMLGtCQUFLO0lBQ0wsSUFBSSxFQUFKLGlCQUFJO0NBQ0wsQ0FBQyJ9

package/dist/commonjs/lib/helper/shtml.d.ts

@@ -1,2 +0,0 @@
-import type { BaseContextClass } from '@eggjs/core';
-export default function shtml(this: BaseContextClass, val: string): string;