@eggjs/security 4.0.1 → 5.0.0-beta.17

package/dist/esm/config/config.default.d.ts

@@ -1,871 +0,0 @@
-import z from 'zod';
-import { Context } from '@eggjs/core';
-declare const CSRFSupportRequestItem: z.ZodObject<{
-    path: z.ZodType<RegExp, z.ZodTypeDef, RegExp>;
-    methods: z.ZodArray<z.ZodString, "many">;
-}, "strip", z.ZodTypeAny, {
-    path: RegExp;
-    methods: string[];
-}, {
-    path: RegExp;
-    methods: string[];
-}>;
-export type CSRFSupportRequestItem = z.infer<typeof CSRFSupportRequestItem>;
-export declare const LookupAddress: z.ZodObject<{
-    address: z.ZodString;
-    family: z.ZodNumber;
-}, "strip", z.ZodTypeAny, {
-    address: string;
-    family: number;
-}, {
-    address: string;
-    family: number;
-}>;
-export type LookupAddress = z.infer<typeof LookupAddress>;
-declare const SSRFCheckAddressFunction: z.ZodFunction<z.ZodTuple<[z.ZodUnion<[z.ZodString, z.ZodObject<{
-    address: z.ZodString;
-    family: z.ZodNumber;
-}, "strip", z.ZodTypeAny, {
-    address: string;
-    family: number;
-}, {
-    address: string;
-    family: number;
-}>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodObject<{
-    address: z.ZodString;
-    family: z.ZodNumber;
-}, "strip", z.ZodTypeAny, {
-    address: string;
-    family: number;
-}, {
-    address: string;
-    family: number;
-}>]>, "many">]>, z.ZodUnion<[z.ZodNumber, z.ZodString]>, z.ZodString], z.ZodUnknown>, z.ZodBoolean>;
-/**
- * SSRF check address function
- * `(address, family, hostname) => boolean`
- */
-export type SSRFCheckAddressFunction = z.infer<typeof SSRFCheckAddressFunction>;
-export declare const SecurityMiddlewareName: z.ZodEnum<["csrf", "hsts", "methodnoallow", "noopen", "nosniff", "csp", "xssProtection", "xframe", "dta"]>;
-export type SecurityMiddlewareName = z.infer<typeof SecurityMiddlewareName>;
-/**
- * (ctx) => boolean
- */
-declare const IgnoreOrMatchHandler: z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>;
-export type IgnoreOrMatchHandler = z.infer<typeof IgnoreOrMatchHandler>;
-declare const IgnoreOrMatch: z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>;
-export type IgnoreOrMatch = z.infer<typeof IgnoreOrMatch>;
-declare const IgnoreOrMatchOption: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-export type IgnoreOrMatchOption = z.infer<typeof IgnoreOrMatchOption>;
-/**
- * security options
- * @member Config#security
- */
-export declare const SecurityConfig: z.ZodObject<{
-    /**
-     * domain white list
-     *
-     * Default to `[]`
-     */
-    domainWhiteList: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
-    /**
-     * protocol white list
-     *
-     * Default to `[]`
-     */
-    protocolWhiteList: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
-    /**
-     * default open security middleware
-     *
-     * Default to `'csrf,hsts,methodnoallow,noopen,nosniff,csp,xssProtection,xframe,dta'`
-     */
-    defaultMiddleware: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodEnum<["csrf", "hsts", "methodnoallow", "noopen", "nosniff", "csp", "xssProtection", "xframe", "dta"]>, "many">]>>;
-    /**
-     * whether defend csrf attack
-     */
-    csrf: z.ZodEffects<z.ZodDefault<z.ZodObject<{
-        match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        /**
-         * Default to `true`
-         */
-        enable: z.ZodDefault<z.ZodBoolean>;
-        /**
-         * csrf token detect source type
-         *
-         * Default to `'ctoken'`
-         */
-        type: z.ZodDefault<z.ZodEnum<["ctoken", "referer", "all", "any"]>>;
-        /**
-         * ignore json request
-         *
-         * Default to `false`
-         *
-         * @deprecated is not safe now, don't use it
-         */
-        ignoreJSON: z.ZodDefault<z.ZodBoolean>;
-        /**
-         * csrf token cookie name
-         *
-         * Default to `'csrfToken'`
-         */
-        cookieName: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
-        /**
-         * csrf token session name
-         *
-         * Default to `'csrfToken'`
-         */
-        sessionName: z.ZodDefault<z.ZodString>;
-        /**
-         * csrf token request header name
-         *
-         * Default to `'x-csrf-token'`
-         */
-        headerName: z.ZodDefault<z.ZodString>;
-        /**
-         * csrf token request body field name
-         *
-         * Default to `'_csrf'`
-         */
-        bodyName: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
-        /**
-         * csrf token request query field name
-         *
-         * Default to `'_csrf'`
-         */
-        queryName: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
-        /**
-         * rotate csrf token when it is invalid
-         *
-         * Default to `false`
-         */
-        rotateWhenInvalid: z.ZodDefault<z.ZodBoolean>;
-        /**
-         * These config works when using `'ctoken'` type
-         *
-         * Default to `false`
-         */
-        useSession: z.ZodDefault<z.ZodBoolean>;
-        /**
-         * csrf token cookie domain setting,
-         * can be `(ctx) => string` or `string`
-         *
-         * Default to `undefined`, auto set the cookie domain in the safe way
-         */
-        cookieDomain: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodString>]>>;
-        /**
-         * csrf token check requests config
-         */
-        supportedRequests: z.ZodDefault<z.ZodArray<z.ZodObject<{
-            path: z.ZodType<RegExp, z.ZodTypeDef, RegExp>;
-            methods: z.ZodArray<z.ZodString, "many">;
-        }, "strip", z.ZodTypeAny, {
-            path: RegExp;
-            methods: string[];
-        }, {
-            path: RegExp;
-            methods: string[];
-        }>, "many">>;
-        /**
-         * referer or origin header white list.
-         * It only works when using `'referer'` type
-         *
-         * Default to `[]`
-         */
-        refererWhiteList: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
-        /**
-         * csrf token cookie options
-         *
-         * Default to `{
-         *   signed: false,
-         *   httpOnly: false,
-         *   overwrite: true,
-         * }`
-         */
-        cookieOptions: z.ZodDefault<z.ZodObject<{
-            signed: z.ZodBoolean;
-            httpOnly: z.ZodBoolean;
-            overwrite: z.ZodBoolean;
-        }, "strip", z.ZodTypeAny, {
-            signed: boolean;
-            httpOnly: boolean;
-            overwrite: boolean;
-        }, {
-            signed: boolean;
-            httpOnly: boolean;
-            overwrite: boolean;
-        }>>;
-    }, "strip", z.ZodTypeAny, {
-        type: "ctoken" | "referer" | "all" | "any";
-        enable: boolean;
-        ignoreJSON: boolean;
-        cookieName: string | string[];
-        sessionName: string;
-        headerName: string;
-        bodyName: string | string[];
-        queryName: string | string[];
-        rotateWhenInvalid: boolean;
-        useSession: boolean;
-        supportedRequests: {
-            path: RegExp;
-            methods: string[];
-        }[];
-        refererWhiteList: string[];
-        cookieOptions: {
-            signed: boolean;
-            httpOnly: boolean;
-            overwrite: boolean;
-        };
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
-    }, {
-        type?: "ctoken" | "referer" | "all" | "any" | undefined;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-        ignoreJSON?: boolean | undefined;
-        cookieName?: string | string[] | undefined;
-        sessionName?: string | undefined;
-        headerName?: string | undefined;
-        bodyName?: string | string[] | undefined;
-        queryName?: string | string[] | undefined;
-        rotateWhenInvalid?: boolean | undefined;
-        useSession?: boolean | undefined;
-        cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
-        supportedRequests?: {
-            path: RegExp;
-            methods: string[];
-        }[] | undefined;
-        refererWhiteList?: string[] | undefined;
-        cookieOptions?: {
-            signed: boolean;
-            httpOnly: boolean;
-            overwrite: boolean;
-        } | undefined;
-    }>>, {
-        type: "ctoken" | "referer" | "all" | "any";
-        enable: boolean;
-        ignoreJSON: boolean;
-        cookieName: string | string[];
-        sessionName: string;
-        headerName: string;
-        bodyName: string | string[];
-        queryName: string | string[];
-        rotateWhenInvalid: boolean;
-        useSession: boolean;
-        supportedRequests: {
-            path: RegExp;
-            methods: string[];
-        }[];
-        refererWhiteList: string[];
-        cookieOptions: {
-            signed: boolean;
-            httpOnly: boolean;
-            overwrite: boolean;
-        };
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
-    }, unknown>;
-    /**
-     * whether enable X-Frame-Options response header
-     */
-    xframe: z.ZodDefault<z.ZodObject<{
-        match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        /**
-         * Default to `true`
-         */
-        enable: z.ZodDefault<z.ZodBoolean>;
-        /**
-         * X-Frame-Options value, can be `'DENY'`, `'SAMEORIGIN'`, `'ALLOW-FROM https://example.com'`
-         *
-         * Default to `'SAMEORIGIN'`
-         */
-        value: z.ZodDefault<z.ZodString>;
-    }, "strip", z.ZodTypeAny, {
-        value: string;
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    }, {
-        value?: string | undefined;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    }>>;
-    /**
-     * whether enable Strict-Transport-Security response header
-     */
-    hsts: z.ZodDefault<z.ZodObject<{
-        match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        /**
-         * Default to `false`
-         */
-        enable: z.ZodDefault<z.ZodBoolean>;
-        /**
-         * Max age of Strict-Transport-Security in seconds
-         *
-         * Default to `365 * 24 * 3600`
-         */
-        maxAge: z.ZodDefault<z.ZodNumber>;
-        /**
-         * Whether include sub domains
-         *
-         * Default to `false`
-         */
-        includeSubdomains: z.ZodDefault<z.ZodBoolean>;
-    }, "strip", z.ZodTypeAny, {
-        enable: boolean;
-        maxAge: number;
-        includeSubdomains: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    }, {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-        maxAge?: number | undefined;
-        includeSubdomains?: boolean | undefined;
-    }>>;
-    /**
-     * whether enable Http Method filter
-     */
-    methodnoallow: z.ZodDefault<z.ZodObject<{
-        match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        /**
-         * Default to `true`
-         */
-        enable: z.ZodDefault<z.ZodBoolean>;
-    }, "strip", z.ZodTypeAny, {
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    }, {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    }>>;
-    /**
-     * whether enable IE automatically download open
-     */
-    noopen: z.ZodDefault<z.ZodObject<{
-        match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        /**
-         * Default to `true`
-         */
-        enable: z.ZodDefault<z.ZodBoolean>;
-    }, "strip", z.ZodTypeAny, {
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    }, {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    }>>;
-    /**
-     * whether enable IE8 automatically detect mime
-     */
-    nosniff: z.ZodDefault<z.ZodObject<{
-        match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        /**
-         * Default to `true`
-         */
-        enable: z.ZodDefault<z.ZodBoolean>;
-    }, "strip", z.ZodTypeAny, {
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    }, {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    }>>;
-    /**
-     * whether enable IE8 XSS Filter
-     */
-    xssProtection: z.ZodDefault<z.ZodObject<{
-        match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        /**
-         * Default to `true`
-         */
-        enable: z.ZodDefault<z.ZodBoolean>;
-        /**
-         * X-XSS-Protection response header value
-         *
-         * Default to `'1; mode=block'`
-         */
-        value: z.ZodDefault<z.ZodString>;
-    }, "strip", z.ZodTypeAny, {
-        value: string;
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    }, {
-        value?: string | undefined;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    }>>;
-    /**
-     * content security policy config
-     */
-    csp: z.ZodDefault<z.ZodObject<{
-        match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        /**
-         * Default to `false`
-         */
-        enable: z.ZodDefault<z.ZodBoolean>;
-        policy: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">, z.ZodBoolean]>>>;
-        /**
-         * whether enable report only mode
-         * Default to `undefined`
-         */
-        reportOnly: z.ZodOptional<z.ZodBoolean>;
-        /**
-         * whether support IE
-         * Default to `undefined`
-         */
-        supportIE: z.ZodOptional<z.ZodBoolean>;
-    }, "strip", z.ZodTypeAny, {
-        enable: boolean;
-        policy: Record<string, string | boolean | string[]>;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        reportOnly?: boolean | undefined;
-        supportIE?: boolean | undefined;
-    }, {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-        policy?: Record<string, string | boolean | string[]> | undefined;
-        reportOnly?: boolean | undefined;
-        supportIE?: boolean | undefined;
-    }>>;
-    /**
-     * whether enable referrer policy
-     * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
-     */
-    referrerPolicy: z.ZodDefault<z.ZodObject<{
-        match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        /**
-         * Default to `false`
-         */
-        enable: z.ZodDefault<z.ZodBoolean>;
-        /**
-         * referrer policy value
-         *
-         * Default to `'no-referrer-when-downgrade'`
-         */
-        value: z.ZodDefault<z.ZodString>;
-    }, "strip", z.ZodTypeAny, {
-        value: string;
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    }, {
-        value?: string | undefined;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    }>>;
-    /**
-     * whether enable auto avoid directory traversal attack
-     */
-    dta: z.ZodDefault<z.ZodObject<{
-        match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-        /**
-         * Default to `true`
-         */
-        enable: z.ZodDefault<z.ZodBoolean>;
-    }, "strip", z.ZodTypeAny, {
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    }, {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    }>>;
-    ssrf: z.ZodDefault<z.ZodObject<{
-        ipBlackList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        ipExceptionList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        hostnameExceptionList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        checkAddress: z.ZodOptional<z.ZodFunction<z.ZodTuple<[z.ZodUnion<[z.ZodString, z.ZodObject<{
-            address: z.ZodString;
-            family: z.ZodNumber;
-        }, "strip", z.ZodTypeAny, {
-            address: string;
-            family: number;
-        }, {
-            address: string;
-            family: number;
-        }>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodObject<{
-            address: z.ZodString;
-            family: z.ZodNumber;
-        }, "strip", z.ZodTypeAny, {
-            address: string;
-            family: number;
-        }, {
-            address: string;
-            family: number;
-        }>]>, "many">]>, z.ZodUnion<[z.ZodNumber, z.ZodString]>, z.ZodString], z.ZodUnknown>, z.ZodBoolean>>;
-    }, "strip", z.ZodTypeAny, {
-        ipBlackList?: string[] | undefined;
-        ipExceptionList?: string[] | undefined;
-        hostnameExceptionList?: string[] | undefined;
-        checkAddress?: ((args_0: string | {
-            address: string;
-            family: number;
-        } | (string | {
-            address: string;
-            family: number;
-        })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
-    }, {
-        ipBlackList?: string[] | undefined;
-        ipExceptionList?: string[] | undefined;
-        hostnameExceptionList?: string[] | undefined;
-        checkAddress?: ((args_0: string | {
-            address: string;
-            family: number;
-        } | (string | {
-            address: string;
-            family: number;
-        })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
-    }>>;
-    match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-    ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
-    __protocolWhiteListSet: z.ZodReadonly<z.ZodOptional<z.ZodSet<z.ZodString>>>;
-}, "strip", z.ZodTypeAny, {
-    domainWhiteList: string[];
-    protocolWhiteList: string[];
-    csrf: {
-        type: "ctoken" | "referer" | "all" | "any";
-        enable: boolean;
-        ignoreJSON: boolean;
-        cookieName: string | string[];
-        sessionName: string;
-        headerName: string;
-        bodyName: string | string[];
-        queryName: string | string[];
-        rotateWhenInvalid: boolean;
-        useSession: boolean;
-        supportedRequests: {
-            path: RegExp;
-            methods: string[];
-        }[];
-        refererWhiteList: string[];
-        cookieOptions: {
-            signed: boolean;
-            httpOnly: boolean;
-            overwrite: boolean;
-        };
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
-    };
-    hsts: {
-        enable: boolean;
-        maxAge: number;
-        includeSubdomains: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    };
-    methodnoallow: {
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    };
-    noopen: {
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    };
-    nosniff: {
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    };
-    csp: {
-        enable: boolean;
-        policy: Record<string, string | boolean | string[]>;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        reportOnly?: boolean | undefined;
-        supportIE?: boolean | undefined;
-    };
-    xssProtection: {
-        value: string;
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    };
-    xframe: {
-        value: string;
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    };
-    dta: {
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    };
-    defaultMiddleware: string | ("csrf" | "hsts" | "methodnoallow" | "noopen" | "nosniff" | "csp" | "xssProtection" | "xframe" | "dta")[];
-    referrerPolicy: {
-        value: string;
-        enable: boolean;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    };
-    ssrf: {
-        ipBlackList?: string[] | undefined;
-        ipExceptionList?: string[] | undefined;
-        hostnameExceptionList?: string[] | undefined;
-        checkAddress?: ((args_0: string | {
-            address: string;
-            family: number;
-        } | (string | {
-            address: string;
-            family: number;
-        })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
-    };
-    match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    __protocolWhiteListSet?: ReadonlySet<string> | undefined;
-}, {
-    domainWhiteList?: string[] | undefined;
-    protocolWhiteList?: string[] | undefined;
-    csrf?: unknown;
-    hsts?: {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-        maxAge?: number | undefined;
-        includeSubdomains?: boolean | undefined;
-    } | undefined;
-    methodnoallow?: {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    } | undefined;
-    noopen?: {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    } | undefined;
-    nosniff?: {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    } | undefined;
-    csp?: {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-        policy?: Record<string, string | boolean | string[]> | undefined;
-        reportOnly?: boolean | undefined;
-        supportIE?: boolean | undefined;
-    } | undefined;
-    xssProtection?: {
-        value?: string | undefined;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    } | undefined;
-    xframe?: {
-        value?: string | undefined;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    } | undefined;
-    dta?: {
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    } | undefined;
-    defaultMiddleware?: string | ("csrf" | "hsts" | "methodnoallow" | "noopen" | "nosniff" | "csp" | "xssProtection" | "xframe" | "dta")[] | undefined;
-    match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-    referrerPolicy?: {
-        value?: string | undefined;
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        enable?: boolean | undefined;
-    } | undefined;
-    ssrf?: {
-        ipBlackList?: string[] | undefined;
-        ipExceptionList?: string[] | undefined;
-        hostnameExceptionList?: string[] | undefined;
-        checkAddress?: ((args_0: string | {
-            address: string;
-            family: number;
-        } | (string | {
-            address: string;
-            family: number;
-        })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
-    } | undefined;
-    __protocolWhiteListSet?: ReadonlySet<string> | undefined;
-}>;
-export type SecurityConfig = z.infer<typeof SecurityConfig>;
-declare const SecurityHelperOnTagAttrHandler: z.ZodFunction<z.ZodTuple<[z.ZodString, z.ZodString, z.ZodString, z.ZodBoolean], z.ZodUnknown>, z.ZodUnion<[z.ZodString, z.ZodVoid]>>;
-/**
- * (tag: string, name: string, value: string, isWhiteAttr: boolean) => string | void
- */
-export type SecurityHelperOnTagAttrHandler = z.infer<typeof SecurityHelperOnTagAttrHandler>;
-export declare const SecurityHelperConfig: z.ZodObject<{
-    shtml: z.ZodDefault<z.ZodObject<{
-        /**
-         * tag attribute white list
-         */
-        whiteList: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodArray<z.ZodString, "many">>>;
-        /**
-         * domain white list
-         * @deprecated use `config.security.domainWhiteList` instead
-         */
-        domainWhiteList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
-        /**
-         * tag attribute handler
-         */
-        onTagAttr: z.ZodOptional<z.ZodFunction<z.ZodTuple<[z.ZodString, z.ZodString, z.ZodString, z.ZodBoolean], z.ZodUnknown>, z.ZodUnion<[z.ZodString, z.ZodVoid]>>>;
-    }, "strip", z.ZodTypeAny, {
-        domainWhiteList?: string[] | undefined;
-        whiteList?: Record<string, string[]> | undefined;
-        onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
-    }, {
-        domainWhiteList?: string[] | undefined;
-        whiteList?: Record<string, string[]> | undefined;
-        onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
-    }>>;
-}, "strip", z.ZodTypeAny, {
-    shtml: {
-        domainWhiteList?: string[] | undefined;
-        whiteList?: Record<string, string[]> | undefined;
-        onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
-    };
-}, {
-    shtml?: {
-        domainWhiteList?: string[] | undefined;
-        whiteList?: Record<string, string[]> | undefined;
-        onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
-    } | undefined;
-}>;
-export type SecurityHelperConfig = z.infer<typeof SecurityHelperConfig>;
-declare const _default: {
-    security: {
-        domainWhiteList: string[];
-        protocolWhiteList: string[];
-        csrf: {
-            type: "ctoken" | "referer" | "all" | "any";
-            enable: boolean;
-            ignoreJSON: boolean;
-            cookieName: string | string[];
-            sessionName: string;
-            headerName: string;
-            bodyName: string | string[];
-            queryName: string | string[];
-            rotateWhenInvalid: boolean;
-            useSession: boolean;
-            supportedRequests: {
-                path: RegExp;
-                methods: string[];
-            }[];
-            refererWhiteList: string[];
-            cookieOptions: {
-                signed: boolean;
-                httpOnly: boolean;
-                overwrite: boolean;
-            };
-            match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
-        };
-        hsts: {
-            enable: boolean;
-            maxAge: number;
-            includeSubdomains: boolean;
-            match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        };
-        methodnoallow: {
-            enable: boolean;
-            match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        };
-        noopen: {
-            enable: boolean;
-            match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        };
-        nosniff: {
-            enable: boolean;
-            match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        };
-        csp: {
-            enable: boolean;
-            policy: Record<string, string | boolean | string[]>;
-            match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            reportOnly?: boolean | undefined;
-            supportIE?: boolean | undefined;
-        };
-        xssProtection: {
-            value: string;
-            enable: boolean;
-            match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        };
-        xframe: {
-            value: string;
-            enable: boolean;
-            match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        };
-        dta: {
-            enable: boolean;
-            match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        };
-        defaultMiddleware: string | ("csrf" | "hsts" | "methodnoallow" | "noopen" | "nosniff" | "csp" | "xssProtection" | "xframe" | "dta")[];
-        referrerPolicy: {
-            value: string;
-            enable: boolean;
-            match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-            ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        };
-        ssrf: {
-            ipBlackList?: string[] | undefined;
-            ipExceptionList?: string[] | undefined;
-            hostnameExceptionList?: string[] | undefined;
-            checkAddress?: ((args_0: string | {
-                address: string;
-                family: number;
-            } | (string | {
-                address: string;
-                family: number;
-            })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
-        };
-        match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
-        __protocolWhiteListSet?: ReadonlySet<string> | undefined;
-    };
-    helper: {
-        shtml: {
-            domainWhiteList?: string[] | undefined;
-            whiteList?: Record<string, string[]> | undefined;
-            onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
-        };
-    };
-};
-export default _default;