@eggjs/security 5.0.0-beta.19 → 5.0.0-beta.21

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. package/dist/agent.d.ts +5 -9
  2. package/dist/agent.js +10 -14
  3. package/dist/app/extend/agent.d.ts +4 -8
  4. package/dist/app/extend/agent.js +8 -12
  5. package/dist/app/extend/application.d.ts +7 -11
  6. package/dist/app/extend/application.js +32 -32
  7. package/dist/app/extend/context.d.ts +52 -55
  8. package/dist/app/extend/context.js +241 -188
  9. package/dist/app/extend/helper.d.ts +10 -22
  10. package/dist/app/extend/helper.js +5 -7
  11. package/dist/app/extend/response.d.ts +34 -38
  12. package/dist/app/extend/response.js +82 -69
  13. package/dist/app/middleware/securities.d.ts +4 -8
  14. package/dist/app/middleware/securities.js +52 -38
  15. package/dist/app.d.ts +5 -9
  16. package/dist/app.js +24 -22
  17. package/dist/config/config.default.d.ts +784 -787
  18. package/dist/config/config.default.js +356 -156
  19. package/dist/config/config.local.d.ts +2 -5
  20. package/dist/config/config.local.js +8 -5
  21. package/dist/index.d.ts +4 -1
  22. package/dist/index.js +2 -2
  23. package/dist/lib/extend/safe_curl.d.ts +9 -13
  24. package/dist/lib/extend/safe_curl.js +23 -17
  25. package/dist/lib/helper/cliFilter.d.ts +1 -4
  26. package/dist/lib/helper/cliFilter.js +15 -16
  27. package/dist/lib/helper/escape.d.ts +2 -2
  28. package/dist/lib/helper/escape.js +3 -7
  29. package/dist/lib/helper/escapeShellArg.d.ts +1 -4
  30. package/dist/lib/helper/escapeShellArg.js +4 -6
  31. package/dist/lib/helper/escapeShellCmd.d.ts +1 -4
  32. package/dist/lib/helper/escapeShellCmd.js +13 -14
  33. package/dist/lib/helper/index.d.ts +19 -22
  34. package/dist/lib/helper/index.js +15 -19
  35. package/dist/lib/helper/shtml.d.ts +2 -6
  36. package/dist/lib/helper/shtml.js +68 -52
  37. package/dist/lib/helper/sjs.d.ts +1 -4
  38. package/dist/lib/helper/sjs.js +44 -31
  39. package/dist/lib/helper/sjson.d.ts +1 -4
  40. package/dist/lib/helper/sjson.js +35 -28
  41. package/dist/lib/helper/spath.d.ts +5 -7
  42. package/dist/lib/helper/spath.js +24 -15
  43. package/dist/lib/helper/surl.d.ts +2 -6
  44. package/dist/lib/helper/surl.js +27 -22
  45. package/dist/lib/middlewares/csp.d.ts +3 -6
  46. package/dist/lib/middlewares/csp.js +54 -43
  47. package/dist/lib/middlewares/csrf.d.ts +3 -6
  48. package/dist/lib/middlewares/csrf.js +35 -31
  49. package/dist/lib/middlewares/dta.d.ts +2 -5
  50. package/dist/lib/middlewares/dta.js +10 -11
  51. package/dist/lib/middlewares/hsts.d.ts +3 -6
  52. package/dist/lib/middlewares/hsts.js +19 -17
  53. package/dist/lib/middlewares/index.d.ts +11 -16
  54. package/dist/lib/middlewares/index.js +22 -26
  55. package/dist/lib/middlewares/methodnoallow.d.ts +2 -5
  56. package/dist/lib/middlewares/methodnoallow.js +18 -13
  57. package/dist/lib/middlewares/noopen.d.ts +3 -6
  58. package/dist/lib/middlewares/noopen.js +13 -15
  59. package/dist/lib/middlewares/nosniff.d.ts +3 -6
  60. package/dist/lib/middlewares/nosniff.js +24 -23
  61. package/dist/lib/middlewares/referrerPolicy.d.ts +3 -6
  62. package/dist/lib/middlewares/referrerPolicy.js +31 -27
  63. package/dist/lib/middlewares/xframe.d.ts +3 -6
  64. package/dist/lib/middlewares/xframe.js +15 -16
  65. package/dist/lib/middlewares/xssProtection.d.ts +3 -6
  66. package/dist/lib/middlewares/xssProtection.js +12 -15
  67. package/dist/lib/utils.d.ts +12 -17
  68. package/dist/lib/utils.js +177 -112
  69. package/dist/types.d.ts +35 -37
  70. package/dist/types.js +2 -1
  71. package/package.json +6 -6
package/dist/config/config.default.d.ts CHANGED
@@ -1,870 +1,867 @@
1
- import z from "zod";
2
- import { Context } from "egg";
3
-
4
- //#region src/config/config.default.d.ts
1
+ import z from 'zod';
2
+ import { Context } from 'egg';
5
3
  declare const CSRFSupportRequestItem: z.ZodObject<{
6
- path: z.ZodType<RegExp, z.ZodTypeDef, RegExp>;
7
- methods: z.ZodArray<z.ZodString, "many">;
4
+ path: z.ZodType<RegExp, z.ZodTypeDef, RegExp>;
5
+ methods: z.ZodArray<z.ZodString, "many">;
8
6
  }, "strip", z.ZodTypeAny, {
9
- path: RegExp;
10
- methods: string[];
7
+ path: RegExp;
8
+ methods: string[];
11
9
  }, {
12
- path: RegExp;
13
- methods: string[];
10
+ path: RegExp;
11
+ methods: string[];
14
12
  }>;
15
- type CSRFSupportRequestItem = z.infer<typeof CSRFSupportRequestItem>;
16
- declare const LookupAddress: z.ZodObject<{
17
- address: z.ZodString;
18
- family: z.ZodNumber;
13
+ export type CSRFSupportRequestItem = z.infer<typeof CSRFSupportRequestItem>;
14
+ export declare const LookupAddress: z.ZodObject<{
15
+ address: z.ZodString;
16
+ family: z.ZodNumber;
19
17
  }, "strip", z.ZodTypeAny, {
20
- address: string;
21
- family: number;
18
+ address: string;
19
+ family: number;
22
20
  }, {
23
- address: string;
24
- family: number;
21
+ address: string;
22
+ family: number;
25
23
  }>;
26
- type LookupAddress = z.infer<typeof LookupAddress>;
24
+ export type LookupAddress = z.infer<typeof LookupAddress>;
27
25
  declare const SSRFCheckAddressFunction: z.ZodFunction<z.ZodTuple<[z.ZodUnion<[z.ZodString, z.ZodObject<{
28
- address: z.ZodString;
29
- family: z.ZodNumber;
26
+ address: z.ZodString;
27
+ family: z.ZodNumber;
30
28
  }, "strip", z.ZodTypeAny, {
31
- address: string;
32
- family: number;
29
+ address: string;
30
+ family: number;
33
31
  }, {
34
- address: string;
35
- family: number;
32
+ address: string;
33
+ family: number;
36
34
  }>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodObject<{
37
- address: z.ZodString;
38
- family: z.ZodNumber;
35
+ address: z.ZodString;
36
+ family: z.ZodNumber;
39
37
  }, "strip", z.ZodTypeAny, {
40
- address: string;
41
- family: number;
38
+ address: string;
39
+ family: number;
42
40
  }, {
43
- address: string;
44
- family: number;
41
+ address: string;
42
+ family: number;
45
43
  }>]>, "many">]>, z.ZodUnion<[z.ZodNumber, z.ZodString]>, z.ZodString], z.ZodUnknown>, z.ZodBoolean>;
46
44
  /**
47
45
  * SSRF check address function
48
46
  * `(address, family, hostname) => boolean`
49
47
  */
50
- type SSRFCheckAddressFunction = z.infer<typeof SSRFCheckAddressFunction>;
51
- declare const SecurityMiddlewareName: z.ZodEnum<["csrf", "hsts", "methodnoallow", "noopen", "nosniff", "csp", "xssProtection", "xframe", "dta"]>;
52
- type SecurityMiddlewareName = z.infer<typeof SecurityMiddlewareName>;
48
+ export type SSRFCheckAddressFunction = z.infer<typeof SSRFCheckAddressFunction>;
49
+ export declare const SecurityMiddlewareName: z.ZodEnum<["csrf", "hsts", "methodnoallow", "noopen", "nosniff", "csp", "xssProtection", "xframe", "dta"]>;
50
+ export type SecurityMiddlewareName = z.infer<typeof SecurityMiddlewareName>;
53
51
  /**
54
52
  * (ctx) => boolean
55
53
  */
56
54
  declare const IgnoreOrMatchHandler: z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>;
57
- type IgnoreOrMatchHandler = z.infer<typeof IgnoreOrMatchHandler>;
55
+ export type IgnoreOrMatchHandler = z.infer<typeof IgnoreOrMatchHandler>;
58
56
  declare const IgnoreOrMatch: z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>;
59
- type IgnoreOrMatch = z.infer<typeof IgnoreOrMatch>;
57
+ export type IgnoreOrMatch = z.infer<typeof IgnoreOrMatch>;
60
58
  declare const IgnoreOrMatchOption: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
61
- type IgnoreOrMatchOption = z.infer<typeof IgnoreOrMatchOption>;
62
- declare const SecurityConfig: z.ZodObject<{
63
- /**
64
- * domain white list
65
- *
66
- * Default to `[]`
67
- */
68
- domainWhiteList: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
69
- /**
70
- * protocol white list
71
- *
72
- * Default to `[]`
73
- */
74
- protocolWhiteList: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
75
- /**
76
- * default open security middleware
77
- *
78
- * Default to `'csrf,hsts,methodnoallow,noopen,nosniff,csp,xssProtection,xframe,dta'`
79
- */
80
- defaultMiddleware: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodEnum<["csrf", "hsts", "methodnoallow", "noopen", "nosniff", "csp", "xssProtection", "xframe", "dta"]>, "many">]>>;
81
- /**
82
- * whether defend csrf attack
83
- */
84
- csrf: z.ZodEffects<z.ZodDefault<z.ZodObject<{
85
- match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
86
- ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
87
- /**
88
- * Default to `true`
89
- */
90
- enable: z.ZodDefault<z.ZodBoolean>;
91
- /**
92
- * csrf token detect source type
93
- *
94
- * Default to `'ctoken'`
95
- */
96
- type: z.ZodDefault<z.ZodEnum<["ctoken", "referer", "all", "any"]>>;
97
- /**
98
- * ignore json request
99
- *
100
- * Default to `false`
101
- *
102
- * @deprecated is not safe now, don't use it
103
- */
104
- ignoreJSON: z.ZodDefault<z.ZodBoolean>;
105
- /**
106
- * csrf token cookie name
107
- *
108
- * Default to `'csrfToken'`
109
- */
110
- cookieName: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
59
+ export type IgnoreOrMatchOption = z.infer<typeof IgnoreOrMatchOption>;
60
+ export declare const SecurityConfig: z.ZodObject<{
111
61
  /**
112
- * csrf token session name
113
- *
114
- * Default to `'csrfToken'`
115
- */
116
- sessionName: z.ZodDefault<z.ZodString>;
117
- /**
118
- * csrf token request header name
119
- *
120
- * Default to `'x-csrf-token'`
121
- */
122
- headerName: z.ZodDefault<z.ZodString>;
123
- /**
124
- * csrf token request body field name
125
- *
126
- * Default to `'_csrf'`
127
- */
128
- bodyName: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
129
- /**
130
- * csrf token request query field name
131
- *
132
- * Default to `'_csrf'`
133
- */
134
- queryName: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
135
- /**
136
- * rotate csrf token when it is invalid
62
+ * domain white list
137
63
  *
138
- * Default to `false`
64
+ * Default to `[]`
139
65
  */
140
- rotateWhenInvalid: z.ZodDefault<z.ZodBoolean>;
66
+ domainWhiteList: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
141
67
  /**
142
- * These config works when using `'ctoken'` type
68
+ * protocol white list
143
69
  *
144
- * Default to `false`
70
+ * Default to `[]`
145
71
  */
146
- useSession: z.ZodDefault<z.ZodBoolean>;
72
+ protocolWhiteList: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
147
73
  /**
148
- * csrf token cookie domain setting,
149
- * can be `(ctx) => string` or `string`
74
+ * default open security middleware
150
75
  *
151
- * Default to `undefined`, auto set the cookie domain in the safe way
152
- */
153
- cookieDomain: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodString>]>>;
154
- /**
155
- * csrf token check requests config
156
- */
157
- supportedRequests: z.ZodDefault<z.ZodArray<z.ZodObject<{
158
- path: z.ZodType<RegExp, z.ZodTypeDef, RegExp>;
159
- methods: z.ZodArray<z.ZodString, "many">;
76
+ * Default to `'csrf,hsts,methodnoallow,noopen,nosniff,csp,xssProtection,xframe,dta'`
77
+ */
78
+ defaultMiddleware: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodEnum<["csrf", "hsts", "methodnoallow", "noopen", "nosniff", "csp", "xssProtection", "xframe", "dta"]>, "many">]>>;
79
+ /**
80
+ * whether defend csrf attack
81
+ */
82
+ csrf: z.ZodEffects<z.ZodDefault<z.ZodObject<{
83
+ match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
84
+ ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
85
+ /**
86
+ * Default to `true`
87
+ */
88
+ enable: z.ZodDefault<z.ZodBoolean>;
89
+ /**
90
+ * csrf token detect source type
91
+ *
92
+ * Default to `'ctoken'`
93
+ */
94
+ type: z.ZodDefault<z.ZodEnum<["ctoken", "referer", "all", "any"]>>;
95
+ /**
96
+ * ignore json request
97
+ *
98
+ * Default to `false`
99
+ *
100
+ * @deprecated is not safe now, don't use it
101
+ */
102
+ ignoreJSON: z.ZodDefault<z.ZodBoolean>;
103
+ /**
104
+ * csrf token cookie name
105
+ *
106
+ * Default to `'csrfToken'`
107
+ */
108
+ cookieName: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
109
+ /**
110
+ * csrf token session name
111
+ *
112
+ * Default to `'csrfToken'`
113
+ */
114
+ sessionName: z.ZodDefault<z.ZodString>;
115
+ /**
116
+ * csrf token request header name
117
+ *
118
+ * Default to `'x-csrf-token'`
119
+ */
120
+ headerName: z.ZodDefault<z.ZodString>;
121
+ /**
122
+ * csrf token request body field name
123
+ *
124
+ * Default to `'_csrf'`
125
+ */
126
+ bodyName: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
127
+ /**
128
+ * csrf token request query field name
129
+ *
130
+ * Default to `'_csrf'`
131
+ */
132
+ queryName: z.ZodDefault<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
133
+ /**
134
+ * rotate csrf token when it is invalid
135
+ *
136
+ * Default to `false`
137
+ */
138
+ rotateWhenInvalid: z.ZodDefault<z.ZodBoolean>;
139
+ /**
140
+ * These config works when using `'ctoken'` type
141
+ *
142
+ * Default to `false`
143
+ */
144
+ useSession: z.ZodDefault<z.ZodBoolean>;
145
+ /**
146
+ * csrf token cookie domain setting,
147
+ * can be `(ctx) => string` or `string`
148
+ *
149
+ * Default to `undefined`, auto set the cookie domain in the safe way
150
+ */
151
+ cookieDomain: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodString>]>>;
152
+ /**
153
+ * csrf token check requests config
154
+ */
155
+ supportedRequests: z.ZodDefault<z.ZodArray<z.ZodObject<{
156
+ path: z.ZodType<RegExp, z.ZodTypeDef, RegExp>;
157
+ methods: z.ZodArray<z.ZodString, "many">;
158
+ }, "strip", z.ZodTypeAny, {
159
+ path: RegExp;
160
+ methods: string[];
161
+ }, {
162
+ path: RegExp;
163
+ methods: string[];
164
+ }>, "many">>;
165
+ /**
166
+ * referer or origin header white list.
167
+ * It only works when using `'referer'` type
168
+ *
169
+ * Default to `[]`
170
+ */
171
+ refererWhiteList: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
172
+ /**
173
+ * csrf token cookie options
174
+ *
175
+ * Default to `{
176
+ * signed: false,
177
+ * httpOnly: false,
178
+ * overwrite: true,
179
+ * }`
180
+ */
181
+ cookieOptions: z.ZodDefault<z.ZodObject<{
182
+ signed: z.ZodBoolean;
183
+ httpOnly: z.ZodBoolean;
184
+ overwrite: z.ZodBoolean;
185
+ }, "strip", z.ZodTypeAny, {
186
+ signed: boolean;
187
+ overwrite: boolean;
188
+ httpOnly: boolean;
189
+ }, {
190
+ signed: boolean;
191
+ overwrite: boolean;
192
+ httpOnly: boolean;
193
+ }>>;
160
194
  }, "strip", z.ZodTypeAny, {
161
- path: RegExp;
162
- methods: string[];
195
+ type: "referer" | "all" | "ctoken" | "any";
196
+ enable: boolean;
197
+ ignoreJSON: boolean;
198
+ cookieName: string | string[];
199
+ sessionName: string;
200
+ headerName: string;
201
+ bodyName: string | string[];
202
+ queryName: string | string[];
203
+ rotateWhenInvalid: boolean;
204
+ useSession: boolean;
205
+ supportedRequests: {
206
+ path: RegExp;
207
+ methods: string[];
208
+ }[];
209
+ refererWhiteList: string[];
210
+ cookieOptions: {
211
+ signed: boolean;
212
+ overwrite: boolean;
213
+ httpOnly: boolean;
214
+ };
215
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
216
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
217
+ cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
163
218
  }, {
164
- path: RegExp;
165
- methods: string[];
166
- }>, "many">>;
167
- /**
168
- * referer or origin header white list.
169
- * It only works when using `'referer'` type
170
- *
171
- * Default to `[]`
172
- */
173
- refererWhiteList: z.ZodDefault<z.ZodArray<z.ZodString, "many">>;
174
- /**
175
- * csrf token cookie options
176
- *
177
- * Default to `{
178
- * signed: false,
179
- * httpOnly: false,
180
- * overwrite: true,
181
- * }`
182
- */
183
- cookieOptions: z.ZodDefault<z.ZodObject<{
184
- signed: z.ZodBoolean;
185
- httpOnly: z.ZodBoolean;
186
- overwrite: z.ZodBoolean;
219
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
220
+ type?: "referer" | "all" | "ctoken" | "any" | undefined;
221
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
222
+ enable?: boolean | undefined;
223
+ ignoreJSON?: boolean | undefined;
224
+ cookieName?: string | string[] | undefined;
225
+ sessionName?: string | undefined;
226
+ headerName?: string | undefined;
227
+ bodyName?: string | string[] | undefined;
228
+ queryName?: string | string[] | undefined;
229
+ rotateWhenInvalid?: boolean | undefined;
230
+ useSession?: boolean | undefined;
231
+ cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
232
+ supportedRequests?: {
233
+ path: RegExp;
234
+ methods: string[];
235
+ }[] | undefined;
236
+ refererWhiteList?: string[] | undefined;
237
+ cookieOptions?: {
238
+ signed: boolean;
239
+ overwrite: boolean;
240
+ httpOnly: boolean;
241
+ } | undefined;
242
+ }>>, {
243
+ type: "referer" | "all" | "ctoken" | "any";
244
+ enable: boolean;
245
+ ignoreJSON: boolean;
246
+ cookieName: string | string[];
247
+ sessionName: string;
248
+ headerName: string;
249
+ bodyName: string | string[];
250
+ queryName: string | string[];
251
+ rotateWhenInvalid: boolean;
252
+ useSession: boolean;
253
+ supportedRequests: {
254
+ path: RegExp;
255
+ methods: string[];
256
+ }[];
257
+ refererWhiteList: string[];
258
+ cookieOptions: {
259
+ signed: boolean;
260
+ overwrite: boolean;
261
+ httpOnly: boolean;
262
+ };
263
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
264
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
265
+ cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
266
+ }, unknown>;
267
+ /**
268
+ * whether enable X-Frame-Options response header
269
+ */
270
+ xframe: z.ZodDefault<z.ZodObject<{
271
+ match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
272
+ ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
273
+ /**
274
+ * Default to `true`
275
+ */
276
+ enable: z.ZodDefault<z.ZodBoolean>;
277
+ /**
278
+ * X-Frame-Options value, can be `'DENY'`, `'SAMEORIGIN'`, `'ALLOW-FROM https://example.com'`
279
+ *
280
+ * Default to `'SAMEORIGIN'`
281
+ */
282
+ value: z.ZodDefault<z.ZodString>;
187
283
  }, "strip", z.ZodTypeAny, {
188
- signed: boolean;
189
- httpOnly: boolean;
190
- overwrite: boolean;
284
+ enable: boolean;
285
+ value: string;
286
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
287
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
191
288
  }, {
192
- signed: boolean;
193
- httpOnly: boolean;
194
- overwrite: boolean;
289
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
290
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
291
+ enable?: boolean | undefined;
292
+ value?: string | undefined;
195
293
  }>>;
196
- }, "strip", z.ZodTypeAny, {
197
- type: "ctoken" | "referer" | "all" | "any";
198
- enable: boolean;
199
- ignoreJSON: boolean;
200
- cookieName: string | string[];
201
- sessionName: string;
202
- headerName: string;
203
- bodyName: string | string[];
204
- queryName: string | string[];
205
- rotateWhenInvalid: boolean;
206
- useSession: boolean;
207
- supportedRequests: {
208
- path: RegExp;
209
- methods: string[];
210
- }[];
211
- refererWhiteList: string[];
212
- cookieOptions: {
213
- signed: boolean;
214
- httpOnly: boolean;
215
- overwrite: boolean;
216
- };
217
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
218
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
219
- cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
220
- }, {
221
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
222
- type?: "ctoken" | "referer" | "all" | "any" | undefined;
223
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
224
- enable?: boolean | undefined;
225
- ignoreJSON?: boolean | undefined;
226
- cookieName?: string | string[] | undefined;
227
- sessionName?: string | undefined;
228
- headerName?: string | undefined;
229
- bodyName?: string | string[] | undefined;
230
- queryName?: string | string[] | undefined;
231
- rotateWhenInvalid?: boolean | undefined;
232
- useSession?: boolean | undefined;
233
- cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
234
- supportedRequests?: {
235
- path: RegExp;
236
- methods: string[];
237
- }[] | undefined;
238
- refererWhiteList?: string[] | undefined;
239
- cookieOptions?: {
240
- signed: boolean;
241
- httpOnly: boolean;
242
- overwrite: boolean;
243
- } | undefined;
244
- }>>, {
245
- type: "ctoken" | "referer" | "all" | "any";
246
- enable: boolean;
247
- ignoreJSON: boolean;
248
- cookieName: string | string[];
249
- sessionName: string;
250
- headerName: string;
251
- bodyName: string | string[];
252
- queryName: string | string[];
253
- rotateWhenInvalid: boolean;
254
- useSession: boolean;
255
- supportedRequests: {
256
- path: RegExp;
257
- methods: string[];
258
- }[];
259
- refererWhiteList: string[];
260
- cookieOptions: {
261
- signed: boolean;
262
- httpOnly: boolean;
263
- overwrite: boolean;
264
- };
265
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
266
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
267
- cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
268
- }, unknown>;
269
- /**
270
- * whether enable X-Frame-Options response header
271
- */
272
- xframe: z.ZodDefault<z.ZodObject<{
273
- match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
274
- ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
275
- /**
276
- * Default to `true`
277
- */
278
- enable: z.ZodDefault<z.ZodBoolean>;
279
294
  /**
280
- * X-Frame-Options value, can be `'DENY'`, `'SAMEORIGIN'`, `'ALLOW-FROM https://example.com'`
281
- *
282
- * Default to `'SAMEORIGIN'`
283
- */
284
- value: z.ZodDefault<z.ZodString>;
285
- }, "strip", z.ZodTypeAny, {
286
- value: string;
287
- enable: boolean;
288
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
289
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
290
- }, {
291
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
292
- value?: string | undefined;
293
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
294
- enable?: boolean | undefined;
295
- }>>;
296
- /**
297
- * whether enable Strict-Transport-Security response header
298
- */
299
- hsts: z.ZodDefault<z.ZodObject<{
300
- match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
301
- ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
302
- /**
303
- * Default to `false`
304
- */
305
- enable: z.ZodDefault<z.ZodBoolean>;
306
- /**
307
- * Max age of Strict-Transport-Security in seconds
308
- *
309
- * Default to `365 * 24 * 3600`
310
- */
311
- maxAge: z.ZodDefault<z.ZodNumber>;
312
- /**
313
- * Whether include sub domains
314
- *
315
- * Default to `false`
316
- */
317
- includeSubdomains: z.ZodDefault<z.ZodBoolean>;
318
- }, "strip", z.ZodTypeAny, {
319
- enable: boolean;
320
- maxAge: number;
321
- includeSubdomains: boolean;
322
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
323
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
324
- }, {
325
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
326
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
327
- enable?: boolean | undefined;
328
- maxAge?: number | undefined;
329
- includeSubdomains?: boolean | undefined;
330
- }>>;
331
- /**
332
- * whether enable Http Method filter
333
- */
334
- methodnoallow: z.ZodDefault<z.ZodObject<{
335
- match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
336
- ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
337
- /**
338
- * Default to `true`
339
- */
340
- enable: z.ZodDefault<z.ZodBoolean>;
341
- }, "strip", z.ZodTypeAny, {
342
- enable: boolean;
343
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
344
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
345
- }, {
346
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
347
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
348
- enable?: boolean | undefined;
349
- }>>;
350
- /**
351
- * whether enable IE automatically download open
352
- */
353
- noopen: z.ZodDefault<z.ZodObject<{
354
- match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
355
- ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
356
- /**
357
- * Default to `true`
358
- */
359
- enable: z.ZodDefault<z.ZodBoolean>;
360
- }, "strip", z.ZodTypeAny, {
361
- enable: boolean;
362
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
363
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
364
- }, {
365
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
366
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
367
- enable?: boolean | undefined;
368
- }>>;
369
- /**
370
- * whether enable IE8 automatically detect mime
371
- */
372
- nosniff: z.ZodDefault<z.ZodObject<{
373
- match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
374
- ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
375
- /**
376
- * Default to `true`
377
- */
378
- enable: z.ZodDefault<z.ZodBoolean>;
379
- }, "strip", z.ZodTypeAny, {
380
- enable: boolean;
381
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
382
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
383
- }, {
384
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
385
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
386
- enable?: boolean | undefined;
387
- }>>;
388
- /**
389
- * whether enable IE8 XSS Filter
390
- */
391
- xssProtection: z.ZodDefault<z.ZodObject<{
392
- match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
393
- ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
394
- /**
395
- * Default to `true`
396
- */
397
- enable: z.ZodDefault<z.ZodBoolean>;
295
+ * whether enable Strict-Transport-Security response header
296
+ */
297
+ hsts: z.ZodDefault<z.ZodObject<{
298
+ match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
299
+ ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
300
+ /**
301
+ * Default to `false`
302
+ */
303
+ enable: z.ZodDefault<z.ZodBoolean>;
304
+ /**
305
+ * Max age of Strict-Transport-Security in seconds
306
+ *
307
+ * Default to `365 * 24 * 3600`
308
+ */
309
+ maxAge: z.ZodDefault<z.ZodNumber>;
310
+ /**
311
+ * Whether include sub domains
312
+ *
313
+ * Default to `false`
314
+ */
315
+ includeSubdomains: z.ZodDefault<z.ZodBoolean>;
316
+ }, "strip", z.ZodTypeAny, {
317
+ enable: boolean;
318
+ maxAge: number;
319
+ includeSubdomains: boolean;
320
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
321
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
322
+ }, {
323
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
324
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
325
+ enable?: boolean | undefined;
326
+ maxAge?: number | undefined;
327
+ includeSubdomains?: boolean | undefined;
328
+ }>>;
398
329
  /**
399
- * X-XSS-Protection response header value
400
- *
401
- * Default to `'1; mode=block'`
330
+ * whether enable Http Method filter
402
331
  */
403
- value: z.ZodDefault<z.ZodString>;
404
- }, "strip", z.ZodTypeAny, {
405
- value: string;
406
- enable: boolean;
407
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
408
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
409
- }, {
410
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
411
- value?: string | undefined;
412
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
413
- enable?: boolean | undefined;
414
- }>>;
415
- /**
416
- * content security policy config
417
- */
418
- csp: z.ZodDefault<z.ZodObject<{
419
- match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
420
- ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
332
+ methodnoallow: z.ZodDefault<z.ZodObject<{
333
+ match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
334
+ ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
335
+ /**
336
+ * Default to `true`
337
+ */
338
+ enable: z.ZodDefault<z.ZodBoolean>;
339
+ }, "strip", z.ZodTypeAny, {
340
+ enable: boolean;
341
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
342
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
343
+ }, {
344
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
345
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
346
+ enable?: boolean | undefined;
347
+ }>>;
421
348
  /**
422
- * Default to `false`
349
+ * whether enable IE automatically download open
423
350
  */
424
- enable: z.ZodDefault<z.ZodBoolean>;
425
- policy: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">, z.ZodBoolean]>>>;
351
+ noopen: z.ZodDefault<z.ZodObject<{
352
+ match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
353
+ ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
354
+ /**
355
+ * Default to `true`
356
+ */
357
+ enable: z.ZodDefault<z.ZodBoolean>;
358
+ }, "strip", z.ZodTypeAny, {
359
+ enable: boolean;
360
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
361
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
362
+ }, {
363
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
364
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
365
+ enable?: boolean | undefined;
366
+ }>>;
426
367
  /**
427
- * whether enable report only mode
428
- * Default to `undefined`
368
+ * whether enable IE8 automatically detect mime
429
369
  */
430
- reportOnly: z.ZodOptional<z.ZodBoolean>;
370
+ nosniff: z.ZodDefault<z.ZodObject<{
371
+ match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
372
+ ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
373
+ /**
374
+ * Default to `true`
375
+ */
376
+ enable: z.ZodDefault<z.ZodBoolean>;
377
+ }, "strip", z.ZodTypeAny, {
378
+ enable: boolean;
379
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
380
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
381
+ }, {
382
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
383
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
384
+ enable?: boolean | undefined;
385
+ }>>;
431
386
  /**
432
- * whether support IE
433
- * Default to `undefined`
434
- */
435
- supportIE: z.ZodOptional<z.ZodBoolean>;
436
- }, "strip", z.ZodTypeAny, {
437
- enable: boolean;
438
- policy: Record<string, string | boolean | string[]>;
439
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
440
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
441
- reportOnly?: boolean | undefined;
442
- supportIE?: boolean | undefined;
443
- }, {
444
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
445
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
446
- enable?: boolean | undefined;
447
- policy?: Record<string, string | boolean | string[]> | undefined;
448
- reportOnly?: boolean | undefined;
449
- supportIE?: boolean | undefined;
450
- }>>;
451
- /**
452
- * whether enable referrer policy
453
- * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
454
- */
455
- referrerPolicy: z.ZodDefault<z.ZodObject<{
456
- match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
457
- ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
387
+ * whether enable IE8 XSS Filter
388
+ */
389
+ xssProtection: z.ZodDefault<z.ZodObject<{
390
+ match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
391
+ ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
392
+ /**
393
+ * Default to `true`
394
+ */
395
+ enable: z.ZodDefault<z.ZodBoolean>;
396
+ /**
397
+ * X-XSS-Protection response header value
398
+ *
399
+ * Default to `'1; mode=block'`
400
+ */
401
+ value: z.ZodDefault<z.ZodString>;
402
+ }, "strip", z.ZodTypeAny, {
403
+ enable: boolean;
404
+ value: string;
405
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
406
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
407
+ }, {
408
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
409
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
410
+ enable?: boolean | undefined;
411
+ value?: string | undefined;
412
+ }>>;
458
413
  /**
459
- * Default to `false`
460
- */
461
- enable: z.ZodDefault<z.ZodBoolean>;
414
+ * content security policy config
415
+ */
416
+ csp: z.ZodDefault<z.ZodObject<{
417
+ match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
418
+ ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
419
+ /**
420
+ * Default to `false`
421
+ */
422
+ enable: z.ZodDefault<z.ZodBoolean>;
423
+ policy: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">, z.ZodBoolean]>>>;
424
+ /**
425
+ * whether enable report only mode
426
+ * Default to `undefined`
427
+ */
428
+ reportOnly: z.ZodOptional<z.ZodBoolean>;
429
+ /**
430
+ * whether support IE
431
+ * Default to `undefined`
432
+ */
433
+ supportIE: z.ZodOptional<z.ZodBoolean>;
434
+ }, "strip", z.ZodTypeAny, {
435
+ enable: boolean;
436
+ policy: Record<string, string | boolean | string[]>;
437
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
438
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
439
+ reportOnly?: boolean | undefined;
440
+ supportIE?: boolean | undefined;
441
+ }, {
442
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
443
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
444
+ enable?: boolean | undefined;
445
+ policy?: Record<string, string | boolean | string[]> | undefined;
446
+ reportOnly?: boolean | undefined;
447
+ supportIE?: boolean | undefined;
448
+ }>>;
462
449
  /**
463
- * referrer policy value
464
- *
465
- * Default to `'no-referrer-when-downgrade'`
466
- */
467
- value: z.ZodDefault<z.ZodString>;
468
- }, "strip", z.ZodTypeAny, {
469
- value: string;
470
- enable: boolean;
471
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
472
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
473
- }, {
474
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
475
- value?: string | undefined;
476
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
477
- enable?: boolean | undefined;
478
- }>>;
479
- /**
480
- * whether enable auto avoid directory traversal attack
481
- */
482
- dta: z.ZodDefault<z.ZodObject<{
483
- match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
484
- ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
450
+ * whether enable referrer policy
451
+ * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
452
+ */
453
+ referrerPolicy: z.ZodDefault<z.ZodObject<{
454
+ match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
455
+ ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
456
+ /**
457
+ * Default to `false`
458
+ */
459
+ enable: z.ZodDefault<z.ZodBoolean>;
460
+ /**
461
+ * referrer policy value
462
+ *
463
+ * Default to `'no-referrer-when-downgrade'`
464
+ */
465
+ value: z.ZodDefault<z.ZodString>;
466
+ }, "strip", z.ZodTypeAny, {
467
+ enable: boolean;
468
+ value: string;
469
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
470
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
471
+ }, {
472
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
473
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
474
+ enable?: boolean | undefined;
475
+ value?: string | undefined;
476
+ }>>;
485
477
  /**
486
- * Default to `true`
478
+ * whether enable auto avoid directory traversal attack
487
479
  */
488
- enable: z.ZodDefault<z.ZodBoolean>;
489
- }, "strip", z.ZodTypeAny, {
490
- enable: boolean;
491
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
492
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
493
- }, {
494
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
495
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
496
- enable?: boolean | undefined;
497
- }>>;
498
- ssrf: z.ZodDefault<z.ZodObject<{
499
- ipBlackList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
500
- ipExceptionList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
501
- hostnameExceptionList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
502
- checkAddress: z.ZodOptional<z.ZodFunction<z.ZodTuple<[z.ZodUnion<[z.ZodString, z.ZodObject<{
503
- address: z.ZodString;
504
- family: z.ZodNumber;
480
+ dta: z.ZodDefault<z.ZodObject<{
481
+ match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
482
+ ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
483
+ /**
484
+ * Default to `true`
485
+ */
486
+ enable: z.ZodDefault<z.ZodBoolean>;
505
487
  }, "strip", z.ZodTypeAny, {
506
- address: string;
507
- family: number;
488
+ enable: boolean;
489
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
490
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
508
491
  }, {
509
- address: string;
510
- family: number;
511
- }>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodObject<{
512
- address: z.ZodString;
513
- family: z.ZodNumber;
492
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
493
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
494
+ enable?: boolean | undefined;
495
+ }>>;
496
+ ssrf: z.ZodDefault<z.ZodObject<{
497
+ ipBlackList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
498
+ ipExceptionList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
499
+ hostnameExceptionList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
500
+ checkAddress: z.ZodOptional<z.ZodFunction<z.ZodTuple<[z.ZodUnion<[z.ZodString, z.ZodObject<{
501
+ address: z.ZodString;
502
+ family: z.ZodNumber;
503
+ }, "strip", z.ZodTypeAny, {
504
+ address: string;
505
+ family: number;
506
+ }, {
507
+ address: string;
508
+ family: number;
509
+ }>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodObject<{
510
+ address: z.ZodString;
511
+ family: z.ZodNumber;
512
+ }, "strip", z.ZodTypeAny, {
513
+ address: string;
514
+ family: number;
515
+ }, {
516
+ address: string;
517
+ family: number;
518
+ }>]>, "many">]>, z.ZodUnion<[z.ZodNumber, z.ZodString]>, z.ZodString], z.ZodUnknown>, z.ZodBoolean>>;
514
519
  }, "strip", z.ZodTypeAny, {
515
- address: string;
516
- family: number;
520
+ ipBlackList?: string[] | undefined;
521
+ ipExceptionList?: string[] | undefined;
522
+ hostnameExceptionList?: string[] | undefined;
523
+ checkAddress?: ((args_0: string | {
524
+ address: string;
525
+ family: number;
526
+ } | (string | {
527
+ address: string;
528
+ family: number;
529
+ })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
517
530
  }, {
518
- address: string;
519
- family: number;
520
- }>]>, "many">]>, z.ZodUnion<[z.ZodNumber, z.ZodString]>, z.ZodString], z.ZodUnknown>, z.ZodBoolean>>;
521
- }, "strip", z.ZodTypeAny, {
522
- ipBlackList?: string[] | undefined;
523
- ipExceptionList?: string[] | undefined;
524
- hostnameExceptionList?: string[] | undefined;
525
- checkAddress?: ((args_0: string | {
526
- address: string;
527
- family: number;
528
- } | (string | {
529
- address: string;
530
- family: number;
531
- })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
532
- }, {
533
- ipBlackList?: string[] | undefined;
534
- ipExceptionList?: string[] | undefined;
535
- hostnameExceptionList?: string[] | undefined;
536
- checkAddress?: ((args_0: string | {
537
- address: string;
538
- family: number;
539
- } | (string | {
540
- address: string;
541
- family: number;
542
- })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
543
- }>>;
544
- match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
545
- ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
546
- __protocolWhiteListSet: z.ZodReadonly<z.ZodOptional<z.ZodSet<z.ZodString>>>;
547
- }, "strip", z.ZodTypeAny, {
548
- csrf: {
549
- type: "ctoken" | "referer" | "all" | "any";
550
- enable: boolean;
551
- ignoreJSON: boolean;
552
- cookieName: string | string[];
553
- sessionName: string;
554
- headerName: string;
555
- bodyName: string | string[];
556
- queryName: string | string[];
557
- rotateWhenInvalid: boolean;
558
- useSession: boolean;
559
- supportedRequests: {
560
- path: RegExp;
561
- methods: string[];
562
- }[];
563
- refererWhiteList: string[];
564
- cookieOptions: {
565
- signed: boolean;
566
- httpOnly: boolean;
567
- overwrite: boolean;
568
- };
569
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
570
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
571
- cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
572
- };
573
- hsts: {
574
- enable: boolean;
575
- maxAge: number;
576
- includeSubdomains: boolean;
577
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
578
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
579
- };
580
- methodnoallow: {
581
- enable: boolean;
582
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
583
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
584
- };
585
- noopen: {
586
- enable: boolean;
587
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
588
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
589
- };
590
- nosniff: {
591
- enable: boolean;
592
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
593
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
594
- };
595
- csp: {
596
- enable: boolean;
597
- policy: Record<string, string | boolean | string[]>;
598
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
599
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
600
- reportOnly?: boolean | undefined;
601
- supportIE?: boolean | undefined;
602
- };
603
- xssProtection: {
604
- value: string;
605
- enable: boolean;
606
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
607
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
608
- };
609
- xframe: {
610
- value: string;
611
- enable: boolean;
612
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
613
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
614
- };
615
- dta: {
616
- enable: boolean;
617
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
618
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
619
- };
620
- domainWhiteList: string[];
621
- protocolWhiteList: string[];
622
- defaultMiddleware: string | ("csrf" | "hsts" | "methodnoallow" | "noopen" | "nosniff" | "csp" | "xssProtection" | "xframe" | "dta")[];
623
- referrerPolicy: {
624
- value: string;
625
- enable: boolean;
626
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
627
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
628
- };
629
- ssrf: {
630
- ipBlackList?: string[] | undefined;
631
- ipExceptionList?: string[] | undefined;
632
- hostnameExceptionList?: string[] | undefined;
633
- checkAddress?: ((args_0: string | {
634
- address: string;
635
- family: number;
636
- } | (string | {
637
- address: string;
638
- family: number;
639
- })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
640
- };
641
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
642
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
643
- __protocolWhiteListSet?: ReadonlySet<string> | undefined;
644
- }, {
645
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
646
- csrf?: unknown;
647
- hsts?: {
648
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
649
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
650
- enable?: boolean | undefined;
651
- maxAge?: number | undefined;
652
- includeSubdomains?: boolean | undefined;
653
- } | undefined;
654
- methodnoallow?: {
655
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
656
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
657
- enable?: boolean | undefined;
658
- } | undefined;
659
- noopen?: {
660
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
661
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
662
- enable?: boolean | undefined;
663
- } | undefined;
664
- nosniff?: {
665
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
666
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
667
- enable?: boolean | undefined;
668
- } | undefined;
669
- csp?: {
670
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
671
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
672
- enable?: boolean | undefined;
673
- policy?: Record<string, string | boolean | string[]> | undefined;
674
- reportOnly?: boolean | undefined;
675
- supportIE?: boolean | undefined;
676
- } | undefined;
677
- xssProtection?: {
678
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
679
- value?: string | undefined;
680
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
681
- enable?: boolean | undefined;
682
- } | undefined;
683
- xframe?: {
684
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
685
- value?: string | undefined;
686
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
687
- enable?: boolean | undefined;
688
- } | undefined;
689
- dta?: {
690
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
691
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
692
- enable?: boolean | undefined;
693
- } | undefined;
694
- domainWhiteList?: string[] | undefined;
695
- protocolWhiteList?: string[] | undefined;
696
- defaultMiddleware?: string | ("csrf" | "hsts" | "methodnoallow" | "noopen" | "nosniff" | "csp" | "xssProtection" | "xframe" | "dta")[] | undefined;
697
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
698
- referrerPolicy?: {
699
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
700
- value?: string | undefined;
701
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
702
- enable?: boolean | undefined;
703
- } | undefined;
704
- ssrf?: {
705
- ipBlackList?: string[] | undefined;
706
- ipExceptionList?: string[] | undefined;
707
- hostnameExceptionList?: string[] | undefined;
708
- checkAddress?: ((args_0: string | {
709
- address: string;
710
- family: number;
711
- } | (string | {
712
- address: string;
713
- family: number;
714
- })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
715
- } | undefined;
716
- __protocolWhiteListSet?: ReadonlySet<string> | undefined;
717
- }>;
718
- type SecurityConfig = z.infer<typeof SecurityConfig>;
719
- declare const SecurityHelperOnTagAttrHandler: z.ZodFunction<z.ZodTuple<[z.ZodString, z.ZodString, z.ZodString, z.ZodBoolean], z.ZodUnknown>, z.ZodUnion<[z.ZodString, z.ZodVoid]>>;
720
- /**
721
- * (tag: string, name: string, value: string, isWhiteAttr: boolean) => string | void
722
- */
723
- type SecurityHelperOnTagAttrHandler = z.infer<typeof SecurityHelperOnTagAttrHandler>;
724
- declare const SecurityHelperConfig: z.ZodObject<{
725
- shtml: z.ZodDefault<z.ZodObject<{
726
- /**
727
- * tag attribute white list
728
- */
729
- whiteList: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodArray<z.ZodString, "many">>>;
730
- /**
731
- * domain white list
732
- * @deprecated use `config.security.domainWhiteList` instead
733
- */
734
- domainWhiteList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
735
- /**
736
- * tag attribute handler
737
- */
738
- onTagAttr: z.ZodOptional<z.ZodFunction<z.ZodTuple<[z.ZodString, z.ZodString, z.ZodString, z.ZodBoolean], z.ZodUnknown>, z.ZodUnion<[z.ZodString, z.ZodVoid]>>>;
739
- }, "strip", z.ZodTypeAny, {
740
- domainWhiteList?: string[] | undefined;
741
- whiteList?: Record<string, string[]> | undefined;
742
- onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
743
- }, {
744
- domainWhiteList?: string[] | undefined;
745
- whiteList?: Record<string, string[]> | undefined;
746
- onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
747
- }>>;
531
+ ipBlackList?: string[] | undefined;
532
+ ipExceptionList?: string[] | undefined;
533
+ hostnameExceptionList?: string[] | undefined;
534
+ checkAddress?: ((args_0: string | {
535
+ address: string;
536
+ family: number;
537
+ } | (string | {
538
+ address: string;
539
+ family: number;
540
+ })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
541
+ }>>;
542
+ match: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
543
+ ignore: z.ZodOptional<z.ZodUnion<[z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, z.ZodArray<z.ZodUnion<[z.ZodString, z.ZodType<RegExp, z.ZodTypeDef, RegExp>, z.ZodFunction<z.ZodTuple<[z.ZodType<Context, z.ZodTypeDef, Context>], z.ZodUnknown>, z.ZodBoolean>]>, "many">]>>;
544
+ __protocolWhiteListSet: z.ZodReadonly<z.ZodOptional<z.ZodSet<z.ZodString>>>;
748
545
  }, "strip", z.ZodTypeAny, {
749
- shtml: {
750
- domainWhiteList?: string[] | undefined;
751
- whiteList?: Record<string, string[]> | undefined;
752
- onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
753
- };
754
- }, {
755
- shtml?: {
756
- domainWhiteList?: string[] | undefined;
757
- whiteList?: Record<string, string[]> | undefined;
758
- onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
759
- } | undefined;
760
- }>;
761
- type SecurityHelperConfig = z.infer<typeof SecurityHelperConfig>;
762
- declare const _default: {
763
- security: {
546
+ domainWhiteList: string[];
547
+ protocolWhiteList: string[];
764
548
  csrf: {
765
- type: "ctoken" | "referer" | "all" | "any";
766
- enable: boolean;
767
- ignoreJSON: boolean;
768
- cookieName: string | string[];
769
- sessionName: string;
770
- headerName: string;
771
- bodyName: string | string[];
772
- queryName: string | string[];
773
- rotateWhenInvalid: boolean;
774
- useSession: boolean;
775
- supportedRequests: {
776
- path: RegExp;
777
- methods: string[];
778
- }[];
779
- refererWhiteList: string[];
780
- cookieOptions: {
781
- signed: boolean;
782
- httpOnly: boolean;
783
- overwrite: boolean;
784
- };
785
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
786
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
787
- cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
549
+ type: "referer" | "all" | "ctoken" | "any";
550
+ enable: boolean;
551
+ ignoreJSON: boolean;
552
+ cookieName: string | string[];
553
+ sessionName: string;
554
+ headerName: string;
555
+ bodyName: string | string[];
556
+ queryName: string | string[];
557
+ rotateWhenInvalid: boolean;
558
+ useSession: boolean;
559
+ supportedRequests: {
560
+ path: RegExp;
561
+ methods: string[];
562
+ }[];
563
+ refererWhiteList: string[];
564
+ cookieOptions: {
565
+ signed: boolean;
566
+ overwrite: boolean;
567
+ httpOnly: boolean;
568
+ };
569
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
570
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
571
+ cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
788
572
  };
789
573
  hsts: {
790
- enable: boolean;
791
- maxAge: number;
792
- includeSubdomains: boolean;
793
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
794
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
574
+ enable: boolean;
575
+ maxAge: number;
576
+ includeSubdomains: boolean;
577
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
578
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
795
579
  };
796
580
  methodnoallow: {
797
- enable: boolean;
798
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
799
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
581
+ enable: boolean;
582
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
583
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
800
584
  };
801
585
  noopen: {
802
- enable: boolean;
803
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
804
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
586
+ enable: boolean;
587
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
588
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
805
589
  };
806
590
  nosniff: {
807
- enable: boolean;
808
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
809
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
591
+ enable: boolean;
592
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
593
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
810
594
  };
811
595
  csp: {
812
- enable: boolean;
813
- policy: Record<string, string | boolean | string[]>;
814
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
815
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
816
- reportOnly?: boolean | undefined;
817
- supportIE?: boolean | undefined;
596
+ enable: boolean;
597
+ policy: Record<string, string | boolean | string[]>;
598
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
599
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
600
+ reportOnly?: boolean | undefined;
601
+ supportIE?: boolean | undefined;
818
602
  };
819
603
  xssProtection: {
820
- value: string;
821
- enable: boolean;
822
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
823
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
604
+ enable: boolean;
605
+ value: string;
606
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
607
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
824
608
  };
825
609
  xframe: {
826
- value: string;
827
- enable: boolean;
828
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
829
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
610
+ enable: boolean;
611
+ value: string;
612
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
613
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
830
614
  };
831
615
  dta: {
832
- enable: boolean;
833
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
834
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
616
+ enable: boolean;
617
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
618
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
835
619
  };
836
- domainWhiteList: string[];
837
- protocolWhiteList: string[];
838
620
  defaultMiddleware: string | ("csrf" | "hsts" | "methodnoallow" | "noopen" | "nosniff" | "csp" | "xssProtection" | "xframe" | "dta")[];
839
621
  referrerPolicy: {
840
- value: string;
841
- enable: boolean;
842
- match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
843
- ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
622
+ enable: boolean;
623
+ value: string;
624
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
625
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
844
626
  };
845
627
  ssrf: {
846
- ipBlackList?: string[] | undefined;
847
- ipExceptionList?: string[] | undefined;
848
- hostnameExceptionList?: string[] | undefined;
849
- checkAddress?: ((args_0: string | {
850
- address: string;
851
- family: number;
852
- } | (string | {
853
- address: string;
854
- family: number;
855
- })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
628
+ ipBlackList?: string[] | undefined;
629
+ ipExceptionList?: string[] | undefined;
630
+ hostnameExceptionList?: string[] | undefined;
631
+ checkAddress?: ((args_0: string | {
632
+ address: string;
633
+ family: number;
634
+ } | (string | {
635
+ address: string;
636
+ family: number;
637
+ })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
856
638
  };
857
639
  match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
858
640
  ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
859
641
  __protocolWhiteListSet?: ReadonlySet<string> | undefined;
860
- };
861
- helper: {
642
+ }, {
643
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
644
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
645
+ domainWhiteList?: string[] | undefined;
646
+ protocolWhiteList?: string[] | undefined;
647
+ csrf?: unknown;
648
+ hsts?: {
649
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
650
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
651
+ enable?: boolean | undefined;
652
+ maxAge?: number | undefined;
653
+ includeSubdomains?: boolean | undefined;
654
+ } | undefined;
655
+ methodnoallow?: {
656
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
657
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
658
+ enable?: boolean | undefined;
659
+ } | undefined;
660
+ noopen?: {
661
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
662
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
663
+ enable?: boolean | undefined;
664
+ } | undefined;
665
+ nosniff?: {
666
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
667
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
668
+ enable?: boolean | undefined;
669
+ } | undefined;
670
+ csp?: {
671
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
672
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
673
+ enable?: boolean | undefined;
674
+ policy?: Record<string, string | boolean | string[]> | undefined;
675
+ reportOnly?: boolean | undefined;
676
+ supportIE?: boolean | undefined;
677
+ } | undefined;
678
+ xssProtection?: {
679
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
680
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
681
+ enable?: boolean | undefined;
682
+ value?: string | undefined;
683
+ } | undefined;
684
+ xframe?: {
685
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
686
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
687
+ enable?: boolean | undefined;
688
+ value?: string | undefined;
689
+ } | undefined;
690
+ dta?: {
691
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
692
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
693
+ enable?: boolean | undefined;
694
+ } | undefined;
695
+ defaultMiddleware?: string | ("csrf" | "hsts" | "methodnoallow" | "noopen" | "nosniff" | "csp" | "xssProtection" | "xframe" | "dta")[] | undefined;
696
+ referrerPolicy?: {
697
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
698
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
699
+ enable?: boolean | undefined;
700
+ value?: string | undefined;
701
+ } | undefined;
702
+ ssrf?: {
703
+ ipBlackList?: string[] | undefined;
704
+ ipExceptionList?: string[] | undefined;
705
+ hostnameExceptionList?: string[] | undefined;
706
+ checkAddress?: ((args_0: string | {
707
+ address: string;
708
+ family: number;
709
+ } | (string | {
710
+ address: string;
711
+ family: number;
712
+ })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
713
+ } | undefined;
714
+ __protocolWhiteListSet?: ReadonlySet<string> | undefined;
715
+ }>;
716
+ export type SecurityConfig = z.infer<typeof SecurityConfig>;
717
+ declare const SecurityHelperOnTagAttrHandler: z.ZodFunction<z.ZodTuple<[z.ZodString, z.ZodString, z.ZodString, z.ZodBoolean], z.ZodUnknown>, z.ZodUnion<[z.ZodString, z.ZodVoid]>>;
718
+ /**
719
+ * (tag: string, name: string, value: string, isWhiteAttr: boolean) => string | void
720
+ */
721
+ export type SecurityHelperOnTagAttrHandler = z.infer<typeof SecurityHelperOnTagAttrHandler>;
722
+ export declare const SecurityHelperConfig: z.ZodObject<{
723
+ shtml: z.ZodDefault<z.ZodObject<{
724
+ /**
725
+ * tag attribute white list
726
+ */
727
+ whiteList: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodArray<z.ZodString, "many">>>;
728
+ /**
729
+ * domain white list
730
+ * @deprecated use `config.security.domainWhiteList` instead
731
+ */
732
+ domainWhiteList: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
733
+ /**
734
+ * tag attribute handler
735
+ */
736
+ onTagAttr: z.ZodOptional<z.ZodFunction<z.ZodTuple<[z.ZodString, z.ZodString, z.ZodString, z.ZodBoolean], z.ZodUnknown>, z.ZodUnion<[z.ZodString, z.ZodVoid]>>>;
737
+ }, "strip", z.ZodTypeAny, {
738
+ domainWhiteList?: string[] | undefined;
739
+ whiteList?: Record<string, string[]> | undefined;
740
+ onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
741
+ }, {
742
+ domainWhiteList?: string[] | undefined;
743
+ whiteList?: Record<string, string[]> | undefined;
744
+ onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
745
+ }>>;
746
+ }, "strip", z.ZodTypeAny, {
862
747
  shtml: {
863
- domainWhiteList?: string[] | undefined;
864
- whiteList?: Record<string, string[]> | undefined;
865
- onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
748
+ domainWhiteList?: string[] | undefined;
749
+ whiteList?: Record<string, string[]> | undefined;
750
+ onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
751
+ };
752
+ }, {
753
+ shtml?: {
754
+ domainWhiteList?: string[] | undefined;
755
+ whiteList?: Record<string, string[]> | undefined;
756
+ onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
757
+ } | undefined;
758
+ }>;
759
+ export type SecurityHelperConfig = z.infer<typeof SecurityHelperConfig>;
760
+ declare const _default: {
761
+ security: {
762
+ domainWhiteList: string[];
763
+ protocolWhiteList: string[];
764
+ csrf: {
765
+ type: "referer" | "all" | "ctoken" | "any";
766
+ enable: boolean;
767
+ ignoreJSON: boolean;
768
+ cookieName: string | string[];
769
+ sessionName: string;
770
+ headerName: string;
771
+ bodyName: string | string[];
772
+ queryName: string | string[];
773
+ rotateWhenInvalid: boolean;
774
+ useSession: boolean;
775
+ supportedRequests: {
776
+ path: RegExp;
777
+ methods: string[];
778
+ }[];
779
+ refererWhiteList: string[];
780
+ cookieOptions: {
781
+ signed: boolean;
782
+ overwrite: boolean;
783
+ httpOnly: boolean;
784
+ };
785
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
786
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
787
+ cookieDomain?: string | ((args_0: Context, ...args: unknown[]) => string) | undefined;
788
+ };
789
+ hsts: {
790
+ enable: boolean;
791
+ maxAge: number;
792
+ includeSubdomains: boolean;
793
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
794
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
795
+ };
796
+ methodnoallow: {
797
+ enable: boolean;
798
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
799
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
800
+ };
801
+ noopen: {
802
+ enable: boolean;
803
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
804
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
805
+ };
806
+ nosniff: {
807
+ enable: boolean;
808
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
809
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
810
+ };
811
+ csp: {
812
+ enable: boolean;
813
+ policy: Record<string, string | boolean | string[]>;
814
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
815
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
816
+ reportOnly?: boolean | undefined;
817
+ supportIE?: boolean | undefined;
818
+ };
819
+ xssProtection: {
820
+ enable: boolean;
821
+ value: string;
822
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
823
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
824
+ };
825
+ xframe: {
826
+ enable: boolean;
827
+ value: string;
828
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
829
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
830
+ };
831
+ dta: {
832
+ enable: boolean;
833
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
834
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
835
+ };
836
+ defaultMiddleware: string | ("csrf" | "hsts" | "methodnoallow" | "noopen" | "nosniff" | "csp" | "xssProtection" | "xframe" | "dta")[];
837
+ referrerPolicy: {
838
+ enable: boolean;
839
+ value: string;
840
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
841
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
842
+ };
843
+ ssrf: {
844
+ ipBlackList?: string[] | undefined;
845
+ ipExceptionList?: string[] | undefined;
846
+ hostnameExceptionList?: string[] | undefined;
847
+ checkAddress?: ((args_0: string | {
848
+ address: string;
849
+ family: number;
850
+ } | (string | {
851
+ address: string;
852
+ family: number;
853
+ })[], args_1: string | number, args_2: string, ...args: unknown[]) => boolean) | undefined;
854
+ };
855
+ match?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
856
+ ignore?: string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean) | (string | RegExp | ((args_0: Context, ...args: unknown[]) => boolean))[] | undefined;
857
+ __protocolWhiteListSet?: ReadonlySet<string> | undefined;
858
+ };
859
+ helper: {
860
+ shtml: {
861
+ domainWhiteList?: string[] | undefined;
862
+ whiteList?: Record<string, string[]> | undefined;
863
+ onTagAttr?: ((args_0: string, args_1: string, args_2: string, args_3: boolean, ...args: unknown[]) => string | void) | undefined;
864
+ };
866
865
  };
867
- };
868
866
  };
869
- //#endregion
870
- export { CSRFSupportRequestItem, IgnoreOrMatch, IgnoreOrMatchHandler, IgnoreOrMatchOption, LookupAddress, SSRFCheckAddressFunction, SecurityConfig, SecurityHelperConfig, SecurityHelperOnTagAttrHandler, SecurityMiddlewareName, _default as default };
867
+ export default _default;