npm - @eggjs/security - Versions diffs - 5.0.0-beta.19 → 5.0.0-beta.21 - Mend

@eggjs/security 5.0.0-beta.19 → 5.0.0-beta.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (71) hide show

package/dist/agent.d.ts +5 -9
package/dist/agent.js +10 -14
package/dist/app/extend/agent.d.ts +4 -8
package/dist/app/extend/agent.js +8 -12
package/dist/app/extend/application.d.ts +7 -11
package/dist/app/extend/application.js +32 -32
package/dist/app/extend/context.d.ts +52 -55
package/dist/app/extend/context.js +241 -188
package/dist/app/extend/helper.d.ts +10 -22
package/dist/app/extend/helper.js +5 -7
package/dist/app/extend/response.d.ts +34 -38
package/dist/app/extend/response.js +82 -69
package/dist/app/middleware/securities.d.ts +4 -8
package/dist/app/middleware/securities.js +52 -38
package/dist/app.d.ts +5 -9
package/dist/app.js +24 -22
package/dist/config/config.default.d.ts +784 -787
package/dist/config/config.default.js +356 -156
package/dist/config/config.local.d.ts +2 -5
package/dist/config/config.local.js +8 -5
package/dist/index.d.ts +4 -1
package/dist/index.js +2 -2
package/dist/lib/extend/safe_curl.d.ts +9 -13
package/dist/lib/extend/safe_curl.js +23 -17
package/dist/lib/helper/cliFilter.d.ts +1 -4
package/dist/lib/helper/cliFilter.js +15 -16
package/dist/lib/helper/escape.d.ts +2 -2
package/dist/lib/helper/escape.js +3 -7
package/dist/lib/helper/escapeShellArg.d.ts +1 -4
package/dist/lib/helper/escapeShellArg.js +4 -6
package/dist/lib/helper/escapeShellCmd.d.ts +1 -4
package/dist/lib/helper/escapeShellCmd.js +13 -14
package/dist/lib/helper/index.d.ts +19 -22
package/dist/lib/helper/index.js +15 -19
package/dist/lib/helper/shtml.d.ts +2 -6
package/dist/lib/helper/shtml.js +68 -52
package/dist/lib/helper/sjs.d.ts +1 -4
package/dist/lib/helper/sjs.js +44 -31
package/dist/lib/helper/sjson.d.ts +1 -4
package/dist/lib/helper/sjson.js +35 -28
package/dist/lib/helper/spath.d.ts +5 -7
package/dist/lib/helper/spath.js +24 -15
package/dist/lib/helper/surl.d.ts +2 -6
package/dist/lib/helper/surl.js +27 -22
package/dist/lib/middlewares/csp.d.ts +3 -6
package/dist/lib/middlewares/csp.js +54 -43
package/dist/lib/middlewares/csrf.d.ts +3 -6
package/dist/lib/middlewares/csrf.js +35 -31
package/dist/lib/middlewares/dta.d.ts +2 -5
package/dist/lib/middlewares/dta.js +10 -11
package/dist/lib/middlewares/hsts.d.ts +3 -6
package/dist/lib/middlewares/hsts.js +19 -17
package/dist/lib/middlewares/index.d.ts +11 -16
package/dist/lib/middlewares/index.js +22 -26
package/dist/lib/middlewares/methodnoallow.d.ts +2 -5
package/dist/lib/middlewares/methodnoallow.js +18 -13
package/dist/lib/middlewares/noopen.d.ts +3 -6
package/dist/lib/middlewares/noopen.js +13 -15
package/dist/lib/middlewares/nosniff.d.ts +3 -6
package/dist/lib/middlewares/nosniff.js +24 -23
package/dist/lib/middlewares/referrerPolicy.d.ts +3 -6
package/dist/lib/middlewares/referrerPolicy.js +31 -27
package/dist/lib/middlewares/xframe.d.ts +3 -6
package/dist/lib/middlewares/xframe.js +15 -16
package/dist/lib/middlewares/xssProtection.d.ts +3 -6
package/dist/lib/middlewares/xssProtection.js +12 -15
package/dist/lib/utils.d.ts +12 -17
package/dist/lib/utils.js +177 -112
package/dist/types.d.ts +35 -37
package/dist/types.js +2 -1
package/package.json +6 -6

package/dist/app/extend/context.js CHANGED Viewed

@@ -1,191 +1,244 @@
-import { checkIfIgnore, getFromUrl, isSafeDomain } from "../../lib/utils.js";
-import { Context } from "egg";
-import { debuglog } from "node:util";
-import { nanoid } from "nanoid/non-secure";
-import Tokens from "csrf";
-//#region src/app/extend/context.ts
-const debug = debuglog("egg/security/app/extend/context");
+import { debuglog } from 'node:util';
+import { nanoid } from 'nanoid/non-secure';
+import Tokens from 'csrf';
+import { Context } from 'egg';
+import * as utils from "../../lib/utils.js";
+const debug = debuglog('egg/security/app/extend/context');
 const tokens = new Tokens();
-const CSRF_SECRET = Symbol("egg-security#CSRF_SECRET");
-const _CSRF_SECRET = Symbol("egg-security#_CSRF_SECRET");
-const NEW_CSRF_SECRET = Symbol("egg-security#NEW_CSRF_SECRET");
-const LOG_CSRF_NOTICE = Symbol("egg-security#LOG_CSRF_NOTICE");
-const INPUT_TOKEN = Symbol("egg-security#INPUT_TOKEN");
-const NONCE_CACHE = Symbol("egg-security#NONCE_CACHE");
-const SECURITY_OPTIONS = Symbol("egg-security#SECURITY_OPTIONS");
-const CSRF_REFERER_CHECK = Symbol("egg-security#CSRF_REFERER_CHECK");
-const CSRF_CTOKEN_CHECK = Symbol("egg-security#CSRF_CTOKEN_CHECK");
+const CSRF_SECRET = Symbol('egg-security#CSRF_SECRET');
+const _CSRF_SECRET = Symbol('egg-security#_CSRF_SECRET');
+const NEW_CSRF_SECRET = Symbol('egg-security#NEW_CSRF_SECRET');
+const LOG_CSRF_NOTICE = Symbol('egg-security#LOG_CSRF_NOTICE');
+const INPUT_TOKEN = Symbol('egg-security#INPUT_TOKEN');
+const NONCE_CACHE = Symbol('egg-security#NONCE_CACHE');
+const SECURITY_OPTIONS = Symbol('egg-security#SECURITY_OPTIONS');
+const CSRF_REFERER_CHECK = Symbol('egg-security#CSRF_REFERER_CHECK');
+const CSRF_CTOKEN_CHECK = Symbol('egg-security#CSRF_CTOKEN_CHECK');
 function findToken(obj, keys) {
-	if (!obj) return;
-	if (!keys || !keys.length) return;
-	if (typeof keys === "string") return obj[keys];
-	for (const key of keys) if (obj[key]) return obj[key];
+    if (!obj)
+        return;
+    if (!keys || !keys.length)
+        return;
+    if (typeof keys === 'string')
+        return obj[keys];
+    for (const key of keys) {
+        if (obj[key])
+            return obj[key];
+    }
 }
-var SecurityContext = class extends Context {
-	get securityOptions() {
-		if (!this[SECURITY_OPTIONS]) this[SECURITY_OPTIONS] = {};
-		return this[SECURITY_OPTIONS];
-	}
-	/**
-	* Check whether the specific `domain` is in / matches the whiteList or not.
-	* @param {string} domain The assigned domain.
-	* @param {Array<string>} [customWhiteList] The custom white list for domain.
-	* @return {boolean} If the domain is in / matches the whiteList, return true;
-	* otherwise false.
-	*/
-	isSafeDomain(domain, customWhiteList) {
-		const domainWhiteList = customWhiteList && customWhiteList.length > 0 ? customWhiteList : this.app.config.security.domainWhiteList;
-		return isSafeDomain(domain, domainWhiteList);
-	}
-	get nonce() {
-		if (!this[NONCE_CACHE]) this[NONCE_CACHE] = nanoid(16);
-		return this[NONCE_CACHE];
-	}
-	/**
-	* get csrf token, general use in template
-	* @return {String} csrf token
-	* @public
-	*/
-	get csrf() {
-		const secret = this[NEW_CSRF_SECRET] || this[CSRF_SECRET];
-		debug("get csrf token, NEW_CSRF_SECRET: %s, _CSRF_SECRET: %s", this[NEW_CSRF_SECRET], this[CSRF_SECRET]);
-		return secret ? tokens.create(secret) : "";
-	}
-	/**
-	* get csrf secret from session or cookie
-	* @return {String} csrf secret
-	* @private
-	*/
-	get [CSRF_SECRET]() {
-		if (this[_CSRF_SECRET]) return this[_CSRF_SECRET];
-		let { useSession, sessionName, cookieName: cookieNames, cookieOptions } = this.app.config.security.csrf;
-		if (useSession) this[_CSRF_SECRET] = this.session[sessionName] || "";
-		else {
-			if (!Array.isArray(cookieNames)) cookieNames = [cookieNames];
-			for (const cookieName of cookieNames) {
-				this[_CSRF_SECRET] = this.cookies.get(cookieName, { signed: cookieOptions.signed }) || "";
-				if (this[_CSRF_SECRET]) break;
-			}
-		}
-		return this[_CSRF_SECRET];
-	}
-	/**
-	* ensure csrf secret exists in session or cookie.
-	* @param {Boolean} [rotate] reset secret even if the secret exists
-	* @public
-	*/
-	ensureCsrfSecret(rotate) {
-		if (this[CSRF_SECRET] && !rotate) return;
-		debug("ensure csrf secret, exists: %s, rotate; %s", this[CSRF_SECRET], rotate);
-		const secret = tokens.secretSync();
-		this[NEW_CSRF_SECRET] = secret;
-		let { useSession, sessionName, cookieDomain, cookieName: cookieNames, cookieOptions } = this.app.config.security.csrf;
-		if (useSession) this.session[sessionName] = secret;
-		else {
-			if (typeof cookieDomain === "function") cookieDomain = cookieDomain(this);
-			const cookieOpts = {
-				domain: cookieDomain,
-				...cookieOptions
-			};
-			if (!Array.isArray(cookieNames)) cookieNames = [cookieNames];
-			for (const cookieName of cookieNames) this.cookies.set(cookieName, secret, cookieOpts);
-		}
-	}
-	get [INPUT_TOKEN]() {
-		const { headerName, bodyName, queryName } = this.app.config.security.csrf;
-		const token = findToken(this.request.query, queryName) || findToken(this.request.body, bodyName) || headerName && this.request.get(headerName);
-		debug("get token: %j, secret: %j", token, this[CSRF_SECRET]);
-		return token;
-	}
-	/**
-	* rotate csrf secret exists in session or cookie.
-	* must rotate the secret when user login
-	* @public
-	*/
-	rotateCsrfSecret() {
-		if (!this[NEW_CSRF_SECRET] && this[CSRF_SECRET]) this.ensureCsrfSecret(true);
-	}
-	/**
-	* assert csrf token/referer is present
-	* @public
-	*/
-	assertCsrf() {
-		if (checkIfIgnore(this.app.config.security.csrf, this)) {
-			debug("%s, ignore by csrf options", this.path);
-			return;
-		}
-		const { type } = this.app.config.security.csrf;
-		let message;
-		const messages = [];
-		switch (type) {
-			case "ctoken":
-				message = this[CSRF_CTOKEN_CHECK]();
-				if (message) this.throw(403, message);
-				break;
-			case "referer":
-				message = this[CSRF_REFERER_CHECK]();
-				if (message) this.throw(403, message);
-				break;
-			case "all":
-				message = this[CSRF_CTOKEN_CHECK]();
-				if (message) this.throw(403, message);
-				message = this[CSRF_REFERER_CHECK]();
-				if (message) this.throw(403, message);
-				break;
-			case "any":
-				message = this[CSRF_CTOKEN_CHECK]();
-				if (!message) return;
-				messages.push(message);
-				message = this[CSRF_REFERER_CHECK]();
-				if (!message) return;
-				messages.push(message);
-				this.throw(403, `both ctoken and referer check error: ${messages.join(", ")}`);
-				break;
-			default: this.throw(`invalid type ${type}`);
-		}
-	}
-	[CSRF_CTOKEN_CHECK]() {
-		if (!this[CSRF_SECRET]) {
-			debug("missing csrf token");
-			this[LOG_CSRF_NOTICE]("missing csrf token");
-			return "missing csrf token";
-		}
-		const token = this[INPUT_TOKEN];
-		if (token !== this[CSRF_SECRET] && !tokens.verify(this[CSRF_SECRET], token)) {
-			debug("verify secret and token error");
-			this[LOG_CSRF_NOTICE]("invalid csrf token");
-			const { rotateWhenInvalid } = this.app.config.security.csrf;
-			if (rotateWhenInvalid) this.rotateCsrfSecret();
-			return "invalid csrf token";
-		}
-	}
-	[CSRF_REFERER_CHECK]() {
-		const { refererWhiteList } = this.app.config.security.csrf;
-		const referer = (this.headers.referer ?? this.headers.origin ?? "").toLowerCase();
-		if (!referer) {
-			debug("missing csrf referer or origin");
-			this[LOG_CSRF_NOTICE]("missing csrf referer or origin");
-			return "missing csrf referer or origin";
-		}
-		const host = getFromUrl(referer, "host");
-		const domainList = refererWhiteList.concat(this.host);
-		if (!host || !isSafeDomain(host, domainList)) {
-			debug("verify referer or origin error");
-			this[LOG_CSRF_NOTICE]("invalid csrf referer or origin");
-			return "invalid csrf referer or origin";
-		}
-	}
-	[LOG_CSRF_NOTICE](msg) {
-		if (this.app.config.env === "local") this.logger.warn(`${msg}. See https://eggjs.org/zh-CN/core/security/#%E5%AE%89%E5%85%A8%E5%A8%81%E8%83%81-csrf-%E7%9A%84%E9%98%B2%E8%8C%83`);
-	}
-	async safeCurl(url, options) {
-		return await this.app.safeCurl(url, options);
-	}
-	unsafeRedirect(url, alt) {
-		this.response.unsafeRedirect(url, alt);
-	}
-};
-//#endregion
-export { SecurityContext as default };
+export default class SecurityContext extends Context {
+    get securityOptions() {
+        if (!this[SECURITY_OPTIONS]) {
+            this[SECURITY_OPTIONS] = {};
+        }
+        return this[SECURITY_OPTIONS];
+    }
+    /**
+     * Check whether the specific `domain` is in / matches the whiteList or not.
+     * @param {string} domain The assigned domain.
+     * @param {Array<string>} [customWhiteList] The custom white list for domain.
+     * @return {boolean} If the domain is in / matches the whiteList, return true;
+     * otherwise false.
+     */
+    isSafeDomain(domain, customWhiteList) {
+        const domainWhiteList = customWhiteList && customWhiteList.length > 0 ? customWhiteList : this.app.config.security.domainWhiteList;
+        return utils.isSafeDomain(domain, domainWhiteList);
+    }
+    // Add nonce, random characters will be OK.
+    // https://w3c.github.io/webappsec/specs/content-security-policy/#nonce_source
+    get nonce() {
+        if (!this[NONCE_CACHE]) {
+            this[NONCE_CACHE] = nanoid(16);
+        }
+        return this[NONCE_CACHE];
+    }
+    /**
+     * get csrf token, general use in template
+     * @return {String} csrf token
+     * @public
+     */
+    get csrf() {
+        // csrfSecret can be rotate, use NEW_CSRF_SECRET first
+        const secret = this[NEW_CSRF_SECRET] || this[CSRF_SECRET];
+        debug('get csrf token, NEW_CSRF_SECRET: %s, _CSRF_SECRET: %s', this[NEW_CSRF_SECRET], this[CSRF_SECRET]);
+        //  In order to protect against BREACH attacks,
+        //  the token is not simply the secret;
+        //  a random salt is prepended to the secret and used to scramble it.
+        //  http://breachattack.com/
+        return secret ? tokens.create(secret) : '';
+    }
+    /**
+     * get csrf secret from session or cookie
+     * @return {String} csrf secret
+     * @private
+     */
+    get [CSRF_SECRET]() {
+        if (this[_CSRF_SECRET]) {
+            return this[_CSRF_SECRET];
+        }
+        let { useSession, sessionName, cookieName: cookieNames, cookieOptions } = this.app.config.security.csrf;
+        // get secret from session or cookie
+        if (useSession) {
+            this[_CSRF_SECRET] = this.session[sessionName] || '';
+        }
+        else {
+            // cookieName support array. so we can change csrf cookie name smoothly
+            if (!Array.isArray(cookieNames)) {
+                cookieNames = [cookieNames];
+            }
+            for (const cookieName of cookieNames) {
+                this[_CSRF_SECRET] = this.cookies.get(cookieName, { signed: cookieOptions.signed }) || '';
+                if (this[_CSRF_SECRET]) {
+                    break;
+                }
+            }
+        }
+        return this[_CSRF_SECRET];
+    }
+    /**
+     * ensure csrf secret exists in session or cookie.
+     * @param {Boolean} [rotate] reset secret even if the secret exists
+     * @public
+     */
+    ensureCsrfSecret(rotate) {
+        if (this[CSRF_SECRET] && !rotate)
+            return;
+        debug('ensure csrf secret, exists: %s, rotate; %s', this[CSRF_SECRET], rotate);
+        const secret = tokens.secretSync();
+        this[NEW_CSRF_SECRET] = secret;
+        let { useSession, sessionName, cookieDomain, cookieName: cookieNames, cookieOptions, } = this.app.config.security.csrf;
+        if (useSession) {
+            // TODO(fengmk2): need to refactor egg-session plugin to support ctx.session type define
+            this.session[sessionName] = secret;
+        }
+        else {
+            if (typeof cookieDomain === 'function') {
+                cookieDomain = cookieDomain(this);
+            }
+            const cookieOpts = {
+                domain: cookieDomain,
+                ...cookieOptions,
+            };
+            // cookieName support array. so we can change csrf cookie name smoothly
+            if (!Array.isArray(cookieNames)) {
+                cookieNames = [cookieNames];
+            }
+            for (const cookieName of cookieNames) {
+                this.cookies.set(cookieName, secret, cookieOpts);
+            }
+        }
+    }
+    get [INPUT_TOKEN]() {
+        const { headerName, bodyName, queryName } = this.app.config.security.csrf;
+        // try order: query, body, header
+        const token = findToken(this.request.query, queryName) ||
+            findToken(this.request.body, bodyName) ||
+            (headerName && this.request.get(headerName));
+        debug('get token: %j, secret: %j', token, this[CSRF_SECRET]);
+        return token;
+    }
+    /**
+     * rotate csrf secret exists in session or cookie.
+     * must rotate the secret when user login
+     * @public
+     */
+    rotateCsrfSecret() {
+        if (!this[NEW_CSRF_SECRET] && this[CSRF_SECRET]) {
+            this.ensureCsrfSecret(true);
+        }
+    }
+    /**
+     * assert csrf token/referer is present
+     * @public
+     */
+    assertCsrf() {
+        if (utils.checkIfIgnore(this.app.config.security.csrf, this)) {
+            debug('%s, ignore by csrf options', this.path);
+            return;
+        }
+        const { type } = this.app.config.security.csrf;
+        let message;
+        const messages = [];
+        switch (type) {
+            case 'ctoken':
+                message = this[CSRF_CTOKEN_CHECK]();
+                if (message)
+                    this.throw(403, message);
+                break;
+            case 'referer':
+                message = this[CSRF_REFERER_CHECK]();
+                if (message)
+                    this.throw(403, message);
+                break;
+            case 'all':
+                message = this[CSRF_CTOKEN_CHECK]();
+                if (message)
+                    this.throw(403, message);
+                message = this[CSRF_REFERER_CHECK]();
+                if (message)
+                    this.throw(403, message);
+                break;
+            case 'any':
+                message = this[CSRF_CTOKEN_CHECK]();
+                if (!message)
+                    return;
+                messages.push(message);
+                message = this[CSRF_REFERER_CHECK]();
+                if (!message)
+                    return;
+                messages.push(message);
+                this.throw(403, `both ctoken and referer check error: ${messages.join(', ')}`);
+                break;
+            default:
+                this.throw(`invalid type ${type}`);
+        }
+    }
+    [CSRF_CTOKEN_CHECK]() {
+        if (!this[CSRF_SECRET]) {
+            debug('missing csrf token');
+            this[LOG_CSRF_NOTICE]('missing csrf token');
+            return 'missing csrf token';
+        }
+        const token = this[INPUT_TOKEN];
+        // AJAX requests get csrf token from cookie, in this situation token will equal to secret
+        // synchronize form requests' token always changing to protect against BREACH attacks
+        if (token !== this[CSRF_SECRET] && !tokens.verify(this[CSRF_SECRET], token)) {
+            debug('verify secret and token error');
+            this[LOG_CSRF_NOTICE]('invalid csrf token');
+            const { rotateWhenInvalid } = this.app.config.security.csrf;
+            if (rotateWhenInvalid) {
+                this.rotateCsrfSecret();
+            }
+            return 'invalid csrf token';
+        }
+    }
+    [CSRF_REFERER_CHECK]() {
+        const { refererWhiteList } = this.app.config.security.csrf;
+        // check Origin/Referer headers
+        const referer = (this.headers.referer ?? this.headers.origin ?? '').toLowerCase();
+        if (!referer) {
+            debug('missing csrf referer or origin');
+            this[LOG_CSRF_NOTICE]('missing csrf referer or origin');
+            return 'missing csrf referer or origin';
+        }
+        const host = utils.getFromUrl(referer, 'host');
+        const domainList = refererWhiteList.concat(this.host);
+        if (!host || !utils.isSafeDomain(host, domainList)) {
+            debug('verify referer or origin error');
+            this[LOG_CSRF_NOTICE]('invalid csrf referer or origin');
+            return 'invalid csrf referer or origin';
+        }
+    }
+    [LOG_CSRF_NOTICE](msg) {
+        if (this.app.config.env === 'local') {
+            this.logger.warn(`${msg}. See https://eggjs.org/zh-CN/core/security/#%E5%AE%89%E5%85%A8%E5%A8%81%E8%83%81-csrf-%E7%9A%84%E9%98%B2%E8%8C%83`);
+        }
+    }
+    async safeCurl(url, options) {
+        return await this.app.safeCurl(url, options);
+    }
+    unsafeRedirect(url, alt) {
+        this.response.unsafeRedirect(url, alt);
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29udGV4dC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9hcHAvZXh0ZW5kL2NvbnRleHQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFFBQVEsRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUVyQyxPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDM0MsT0FBTyxNQUFNLE1BQU0sTUFBTSxDQUFDO0FBQzFCLE9BQU8sRUFBRSxPQUFPLEVBQUUsTUFBTSxLQUFLLENBQUM7QUFFOUIsT0FBTyxLQUFLLEtBQUssTUFBTSxvQkFBb0IsQ0FBQztBQUs1QyxNQUFNLEtBQUssR0FBRyxRQUFRLENBQUMsaUNBQWlDLENBQUMsQ0FBQztBQUUxRCxNQUFNLE1BQU0sR0FBRyxJQUFJLE1BQU0sRUFBRSxDQUFDO0FBRTVCLE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0FBQ3ZELE1BQU0sWUFBWSxHQUFHLE1BQU0sQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO0FBQ3pELE1BQU0sZUFBZSxHQUFHLE1BQU0sQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO0FBQy9ELE1BQU0sZUFBZSxHQUFHLE1BQU0sQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO0FBQy9ELE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0FBQ3ZELE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0FBQ3ZELE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxDQUFDLCtCQUErQixDQUFDLENBQUM7QUFDakUsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLENBQUMsaUNBQWlDLENBQUMsQ0FBQztBQUNyRSxNQUFNLGlCQUFpQixHQUFHLE1BQU0sQ0FBQyxnQ0FBZ0MsQ0FBQyxDQUFDO0FBRW5FLFNBQVMsU0FBUyxDQUFDLEdBQTJCLEVBQUUsSUFBdUI7SUFDckUsSUFBSSxDQUFDLEdBQUc7UUFBRSxPQUFPO0lBQ2pCLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTTtRQUFFLE9BQU87SUFDbEMsSUFBSSxPQUFPLElBQUksS0FBSyxRQUFRO1FBQUUsT0FBTyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDL0MsS0FBSyxNQUFNLEdBQUcsSUFBSSxJQUFJLEVBQUUsQ0FBQztRQUN2QixJQUFJLEdBQUcsQ0FBQyxHQUFHLENBQUM7WUFBRSxPQUFPLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUNoQyxDQUFDO0FBQ0gsQ0FBQztBQUVELE1BQU0sQ0FBQyxPQUFPLE9BQU8sZUFBZ0IsU0FBUSxPQUFPO0lBR2xELElBQUksZUFBZTtRQUNqQixJQUFJLENBQUMsSUFBSSxDQUFDLGdCQUFnQixDQUFDLEVBQUUsQ0FBQztZQUM1QixJQUFJLENBQUMsZ0JBQWdCLENBQUMsR0FBRyxFQUFFLENBQUM7UUFDOUIsQ0FBQztRQUNELE9BQU8sSUFBSSxDQUFDLGdCQUFnQixDQUE0QixDQUFDO0lBQzNELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSCxZQUFZLENBQUMsTUFBYyxFQUFFLGVBQTBCO1FBQ3JELE1BQU0sZUFBZSxHQUNuQixlQUFlLElBQUksZUFBZSxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLGVBQWUsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLGVBQWUsQ0FBQztRQUM3RyxPQUFPLEtBQUssQ0FBQyxZQUFZLENBQUMsTUFBTSxFQUFFLGVBQWUsQ0FBQyxDQUFDO0lBQ3JELENBQUM7SUFFRCwyQ0FBMkM7SUFDM0MsOEVBQThFO0lBQzlFLElBQUksS0FBSztRQUNQLElBQUksQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQztZQUN2QixJQUFJLENBQUMsV0FBVyxDQUFDLEdBQUcsTUFBTSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ2pDLENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQyxXQUFXLENBQVcsQ0FBQztJQUNyQyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILElBQUksSUFBSTtRQUNOLHNEQUFzRDtRQUN0RCxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQzFELEtBQUssQ0FBQyx1REFBdUQsRUFBRSxJQUFJLENBQUMsZUFBZSxDQUFDLEVBQUUsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUM7UUFDekcsK0NBQStDO1FBQy9DLHVDQUF1QztRQUN2QyxxRUFBcUU7UUFDckUsNEJBQTRCO1FBQzVCLE9BQU8sTUFBTSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLE1BQWdCLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO0lBQ3ZELENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsSUFBSSxDQUFDLFdBQVcsQ0FBQztRQUNmLElBQUksSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUM7WUFDdkIsT0FBTyxJQUFJLENBQUMsWUFBWSxDQUFXLENBQUM7UUFDdEMsQ0FBQztRQUNELElBQUksRUFBRSxVQUFVLEVBQUUsV0FBVyxFQUFFLFVBQVUsRUFBRSxXQUFXLEVBQUUsYUFBYSxFQUFFLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQztRQUN4RyxvQ0FBb0M7UUFDcEMsSUFBSSxVQUFVLEVBQUUsQ0FBQztZQUNmLElBQUksQ0FBQyxZQUFZLENBQUMsR0FBSSxJQUFJLENBQUMsT0FBZSxDQUFDLFdBQVcsQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUNoRSxDQUFDO2FBQU0sQ0FBQztZQUNOLHVFQUF1RTtZQUN2RSxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsRUFBRSxDQUFDO2dCQUNoQyxXQUFXLEdBQUcsQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUM5QixDQUFDO1lBQ0QsS0FBSyxNQUFNLFVBQVUsSUFBSSxXQUFXLEVBQUUsQ0FBQztnQkFDckMsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLFVBQVUsRUFBRSxFQUFFLE1BQU0sRUFBRSxhQUFhLENBQUMsTUFBTSxFQUFFLENBQUMsSUFBSSxFQUFFLENBQUM7Z0JBQzFGLElBQUksSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUM7b0JBQ3ZCLE1BQU07Z0JBQ1IsQ0FBQztZQUNILENBQUM7UUFDSCxDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUMsWUFBWSxDQUFXLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxnQkFBZ0IsQ0FBQyxNQUFnQjtRQUMvQixJQUFJLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLE1BQU07WUFBRSxPQUFPO1FBQ3pDLEtBQUssQ0FBQyw0Q0FBNEMsRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDL0UsTUFBTSxNQUFNLEdBQUcsTUFBTSxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ25DLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxNQUFNLENBQUM7UUFDL0IsSUFBSSxFQUNGLFVBQVUsRUFDVixXQUFXLEVBQ1gsWUFBWSxFQUNaLFVBQVUsRUFBRSxXQUFXLEVBQ3ZCLGFBQWEsR0FDZCxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUM7UUFFbEMsSUFBSSxVQUFVLEVBQUUsQ0FBQztZQUNmLHdGQUF3RjtZQUN2RixJQUFJLENBQUMsT0FBZSxDQUFDLFdBQVcsQ0FBQyxHQUFHLE1BQU0sQ0FBQztRQUM5QyxDQUFDO2FBQU0sQ0FBQztZQUNOLElBQUksT0FBTyxZQUFZLEtBQUssVUFBVSxFQUFFLENBQUM7Z0JBQ3ZDLFlBQVksR0FBRyxZQUFZLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDcEMsQ0FBQztZQUNELE1BQU0sVUFBVSxHQUFHO2dCQUNqQixNQUFNLEVBQUUsWUFBWTtnQkFDcEIsR0FBRyxhQUFhO2FBQ2pCLENBQUM7WUFDRix1RUFBdUU7WUFDdkUsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQztnQkFDaEMsV0FBVyxHQUFHLENBQUMsV0FBVyxDQUFDLENBQUM7WUFDOUIsQ0FBQztZQUNELEtBQUssTUFBTSxVQUFVLElBQUksV0FBVyxFQUFFLENBQUM7Z0JBQ3JDLElBQUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLFVBQVUsRUFBRSxNQUFNLEVBQUUsVUFBVSxDQUFDLENBQUM7WUFDbkQsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDO0lBRUQsSUFBSSxDQUFDLFdBQVcsQ0FBQztRQUNmLE1BQU0sRUFBRSxVQUFVLEVBQUUsUUFBUSxFQUFFLFNBQVMsRUFBRSxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUM7UUFDMUUsaUNBQWlDO1FBQ2pDLE1BQU0sS0FBSyxHQUNULFNBQVMsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLEtBQUssRUFBRSxTQUFTLENBQUM7WUFDeEMsU0FBUyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLFFBQVEsQ0FBQztZQUN0QyxDQUFDLFVBQVUsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBUyxVQUFVLENBQUMsQ0FBQyxDQUFDO1FBQ3ZELEtBQUssQ0FBQywyQkFBMkIsRUFBRSxLQUFLLEVBQUUsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUM7UUFDN0QsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILGdCQUFnQjtRQUNkLElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FBQyxFQUFFLENBQUM7WUFDaEQsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxDQUFDO1FBQzlCLENBQUM7SUFDSCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0gsVUFBVTtRQUNSLElBQUksS0FBSyxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDN0QsS0FBSyxDQUFDLDRCQUE0QixFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUMvQyxPQUFPO1FBQ1QsQ0FBQztRQUVELE1BQU0sRUFBRSxJQUFJLEVBQUUsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDO1FBQy9DLElBQUksT0FBTyxDQUFDO1FBQ1osTUFBTSxRQUFRLEdBQUcsRUFBRSxDQUFDO1FBQ3BCLFFBQVEsSUFBSSxFQUFFLENBQUM7WUFDYixLQUFLLFFBQVE7Z0JBQ1gsT0FBTyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxFQUFFLENBQUM7Z0JBQ3BDLElBQUksT0FBTztvQkFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSxPQUFPLENBQUMsQ0FBQztnQkFDdEMsTUFBTTtZQUNSLEtBQUssU0FBUztnQkFDWixPQUFPLEdBQUcsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsQ0FBQztnQkFDckMsSUFBSSxPQUFPO29CQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsR0FBRyxFQUFFLE9BQU8sQ0FBQyxDQUFDO2dCQUN0QyxNQUFNO1lBQ1IsS0FBSyxLQUFLO2dCQUNSLE9BQU8sR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsRUFBRSxDQUFDO2dCQUNwQyxJQUFJLE9BQU87b0JBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsT0FBTyxDQUFDLENBQUM7Z0JBQ3RDLE9BQU8sR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsRUFBRSxDQUFDO2dCQUNyQyxJQUFJLE9BQU87b0JBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsT0FBTyxDQUFDLENBQUM7Z0JBQ3RDLE1BQU07WUFDUixLQUFLLEtBQUs7Z0JBQ1IsT0FBTyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxFQUFFLENBQUM7Z0JBQ3BDLElBQUksQ0FBQyxPQUFPO29CQUFFLE9BQU87Z0JBQ3JCLFFBQVEsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUM7Z0JBQ3ZCLE9BQU8sR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsRUFBRSxDQUFDO2dCQUNyQyxJQUFJLENBQUMsT0FBTztvQkFBRSxPQUFPO2dCQUNyQixRQUFRLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO2dCQUN2QixJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSx3Q0FBd0MsUUFBUSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUM7Z0JBQy9FLE1BQU07WUFDUjtnQkFDRSxJQUFJLENBQUMsS0FBSyxDQUFDLGdCQUFnQixJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBQ3ZDLENBQUM7SUFDSCxDQUFDO0lBRUQsQ0FBQyxpQkFBaUIsQ0FBQztRQUNqQixJQUFJLENBQUMsSUFBSSxDQUFDLFdBQVcsQ0FBQyxFQUFFLENBQUM7WUFDdkIsS0FBSyxDQUFDLG9CQUFvQixDQUFDLENBQUM7WUFDNUIsSUFBSSxDQUFDLGVBQWUsQ0FBQyxDQUFDLG9CQUFvQixDQUFDLENBQUM7WUFDNUMsT0FBTyxvQkFBb0IsQ0FBQztRQUM5QixDQUFDO1FBQ0QsTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQ2hDLHlGQUF5RjtRQUN6RixxRkFBcUY7UUFDckYsSUFBSSxLQUFLLEtBQUssSUFBSSxDQUFDLFdBQVcsQ0FBQyxJQUFJLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLEVBQUUsS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUM1RSxLQUFLLENBQUMsK0JBQStCLENBQUMsQ0FBQztZQUN2QyxJQUFJLENBQUMsZUFBZSxDQUFDLENBQUMsb0JBQW9CLENBQUMsQ0FBQztZQUM1QyxNQUFNLEVBQUUsaUJBQWlCLEVBQUUsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDO1lBQzVELElBQUksaUJBQWlCLEVBQUUsQ0FBQztnQkFDdEIsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDMUIsQ0FBQztZQUNELE9BQU8sb0JBQW9CLENBQUM7UUFDOUIsQ0FBQztJQUNILENBQUM7SUFFRCxDQUFDLGtCQUFrQixDQUFDO1FBQ2xCLE1BQU0sRUFBRSxnQkFBZ0IsRUFBRSxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUM7UUFDM0QsK0JBQStCO1FBQy9CLE1BQU0sT0FBTyxHQUFHLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxPQUFPLElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLElBQUksRUFBRSxDQUFDLENBQUMsV0FBVyxFQUFFLENBQUM7UUFFbEYsSUFBSSxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ2IsS0FBSyxDQUFDLGdDQUFnQyxDQUFDLENBQUM7WUFDeEMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxDQUFDLGdDQUFnQyxDQUFDLENBQUM7WUFDeEQsT0FBTyxnQ0FBZ0MsQ0FBQztRQUMxQyxDQUFDO1FBRUQsTUFBTSxJQUFJLEdBQUcsS0FBSyxDQUFDLFVBQVUsQ0FBQyxPQUFPLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDL0MsTUFBTSxVQUFVLEdBQUcsZ0JBQWdCLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUN0RCxJQUFJLENBQUMsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxJQUFJLEVBQUUsVUFBVSxDQUFDLEVBQUUsQ0FBQztZQUNuRCxLQUFLLENBQUMsZ0NBQWdDLENBQUMsQ0FBQztZQUN4QyxJQUFJLENBQUMsZUFBZSxDQUFDLENBQUMsZ0NBQWdDLENBQUMsQ0FBQztZQUN4RCxPQUFPLGdDQUFnQyxDQUFDO1FBQzFDLENBQUM7SUFDSCxDQUFDO0lBRUQsQ0FBQyxlQUFlLENBQUMsQ0FBQyxHQUFXO1FBQzNCLElBQUksSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxLQUFLLE9BQU8sRUFBRSxDQUFDO1lBQ3BDLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUNkLEdBQUcsR0FBRyxvSEFBb0gsQ0FDM0gsQ0FBQztRQUNKLENBQUM7SUFDSCxDQUFDO0lBRUQsS0FBSyxDQUFDLFFBQVEsQ0FBVSxHQUF5QixFQUFFLE9BQTJCO1FBQzVFLE9BQU8sTUFBTSxJQUFJLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBSSxHQUFHLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFDbEQsQ0FBQztJQUVELGNBQWMsQ0FBQyxHQUFXLEVBQUUsR0FBWTtRQUN0QyxJQUFJLENBQUMsUUFBUSxDQUFDLGNBQWMsQ0FBQyxHQUFHLEVBQUUsR0FBRyxDQUFDLENBQUM7SUFDekMsQ0FBQztDQUNGIn0=

package/dist/app/extend/helper.d.ts CHANGED Viewed

@@ -1,24 +1,12 @@
-import cliFilter from "../../lib/helper/cliFilter.js";
-import escapeShellArg from "../../lib/helper/escapeShellArg.js";
-import escapeShellCmd from "../../lib/helper/escapeShellCmd.js";
-import shtml from "../../lib/helper/shtml.js";
-import escapeJavaScript from "../../lib/helper/sjs.js";
-import jsonEscape from "../../lib/helper/sjson.js";
-import pathFilter from "../../lib/helper/spath.js";
-import surl from "../../lib/helper/surl.js";
-import * as escape_html0 from "escape-html";
-//#region src/app/extend/helper.d.ts
 declare const _default: {
-  cliFilter: typeof cliFilter;
-  escape: typeof escape_html0;
-  escapeShellArg: typeof escapeShellArg;
-  escapeShellCmd: typeof escapeShellCmd;
-  shtml: typeof shtml;
-  sjs: typeof escapeJavaScript;
-  sjson: typeof jsonEscape;
-  spath: typeof pathFilter;
-  surl: typeof surl;
+    cliFilter: typeof import("../../lib/helper/cliFilter.ts").default;
+    escape: typeof import("escape-html");
+    escapeShellArg: typeof import("../../lib/helper/escapeShellArg.ts").default;
+    escapeShellCmd: typeof import("../../lib/helper/escapeShellCmd.ts").default;
+    shtml: typeof import("../../lib/helper/shtml.ts").default;
+    sjs: typeof import("../../lib/helper/sjs.ts").default;
+    sjson: typeof import("../../lib/helper/sjson.ts").default;
+    spath: typeof import("../../lib/helper/spath.ts").default;
+    surl: typeof import("../../lib/helper/surl.ts").default;
 };
-//#endregion
-export { _default as default };
+export default _default;

package/dist/app/extend/helper.js CHANGED Viewed

@@ -1,7 +1,5 @@
-import helper_default$1 from "../../lib/helper/index.js";
-//#region src/app/extend/helper.ts
-var helper_default = { ...helper_default$1 };
-//#endregion
-export { helper_default as default };
+import helpers from "../../lib/helper/index.js";
+export default {
+    ...helpers,
+};
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGVscGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2FwcC9leHRlbmQvaGVscGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sT0FBTyxNQUFNLDJCQUEyQixDQUFDO0FBRWhELGVBQWU7SUFDYixHQUFHLE9BQU87Q0FDWCxDQUFDIn0=

package/dist/app/extend/response.d.ts CHANGED Viewed

@@ -1,39 +1,35 @@
-import SecurityContext from "./context.js";
-import { Response } from "egg";
-//#region src/app/extend/response.d.ts
-declare class SecurityResponse extends Response {
-  ctx: SecurityContext;
-  /**
-   * This is an unsafe redirection, and we WON'T check if the
-   * destination url is safe or not.
-   * Please DO NOT use this method unless in some very special cases,
-   * otherwise there may be security vulnerabilities.
-   *
-   * @function Response#unsafeRedirect
-   * @param {String} url URL to forward
-   * @example
-   * ```js
-   * ctx.response.unsafeRedirect('http://www.domain.com');
-   * ctx.unsafeRedirect('http://www.domain.com');
-   * ```
-   */
-  unsafeRedirect(url: string, alt?: string): void;
-  /**
-   * A safe redirection, and we'll check if the URL is in
-   * a safe domain or not.
-   * We've overridden the default Koa's implementation by adding a
-   * white list as the filter for that.
-   *
-   * @function Response#redirect
-   * @param {String} url URL to forward
-   * @example
-   * ```js
-   * ctx.response.redirect('/login');
-   * ctx.redirect('/login');
-   * ```
-   */
-  redirect(url: string, alt?: string): void;
+import { Response } from 'egg';
+import SecurityContext from './context.ts';
+export default class SecurityResponse extends Response {
+    ctx: SecurityContext;
+    /**
+     * This is an unsafe redirection, and we WON'T check if the
+     * destination url is safe or not.
+     * Please DO NOT use this method unless in some very special cases,
+     * otherwise there may be security vulnerabilities.
+     *
+     * @function Response#unsafeRedirect
+     * @param {String} url URL to forward
+     * @example
+     * ```js
+     * ctx.response.unsafeRedirect('http://www.domain.com');
+     * ctx.unsafeRedirect('http://www.domain.com');
+     * ```
+     */
+    unsafeRedirect(url: string, alt?: string): void;
+    /**
+     * A safe redirection, and we'll check if the URL is in
+     * a safe domain or not.
+     * We've overridden the default Koa's implementation by adding a
+     * white list as the filter for that.
+     *
+     * @function Response#redirect
+     * @param {String} url URL to forward
+     * @example
+     * ```js
+     * ctx.response.redirect('/login');
+     * ctx.redirect('/login');
+     * ```
+     */
+    redirect(url: string, alt?: string): void;
 }
-//#endregion
-export { SecurityResponse as default };