@eggjs/security 5.0.0-beta.27 → 5.0.0-beta.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/dist/app/extend/context.d.ts +5 -11
  2. package/dist/app/extend/context.js +28 -30
  3. package/dist/app/extend/helper.d.ts +3 -12
  4. package/dist/app/extend/helper.js +3 -2
  5. package/dist/app/middleware/securities.d.ts +2 -3
  6. package/dist/app/middleware/securities.js +3 -3
  7. package/dist/config/config.default.d.ts +30 -838
  8. package/dist/config/config.default.js +19 -17
  9. package/dist/lib/extend/safe_curl.d.ts +1 -1
  10. package/dist/lib/helper/index.d.ts +2 -2
  11. package/dist/lib/helper/index.js +3 -2
  12. package/dist/lib/helper/shtml.js +1 -1
  13. package/dist/lib/middlewares/index.d.ts +22 -12
  14. package/dist/lib/middlewares/index.js +3 -2
  15. package/dist/lib/middlewares/referrerPolicy.js +1 -2
  16. package/dist/lib/utils.d.ts +1 -1
  17. package/dist/lib/utils.js +1 -1
  18. package/package.json +11 -10
package/dist/app/extend/context.d.ts CHANGED
@@ -2,11 +2,6 @@ import { Context } from 'egg';
2
2
  import type { HttpClientRequestURL, HttpClientOptions, HttpClientResponse } from '../../lib/extend/safe_curl.ts';
3
3
  import type { SecurityConfig } from '../../config/config.default.ts';
4
4
  import type SecurityResponse from './response.ts';
5
- declare const CSRF_SECRET: unique symbol;
6
- declare const LOG_CSRF_NOTICE: unique symbol;
7
- declare const INPUT_TOKEN: unique symbol;
8
- declare const CSRF_REFERER_CHECK: unique symbol;
9
- declare const CSRF_CTOKEN_CHECK: unique symbol;
10
5
  export default class SecurityContext extends Context {
11
6
  response: SecurityResponse;
12
7
  get securityOptions(): Partial<SecurityConfig>;
@@ -30,14 +25,14 @@ export default class SecurityContext extends Context {
30
25
  * @return {String} csrf secret
31
26
  * @private
32
27
  */
33
- get [CSRF_SECRET](): string;
28
+ private getCsrfSecret;
34
29
  /**
35
30
  * ensure csrf secret exists in session or cookie.
36
31
  * @param {Boolean} [rotate] reset secret even if the secret exists
37
32
  * @public
38
33
  */
39
34
  ensureCsrfSecret(rotate?: boolean): void;
40
- get [INPUT_TOKEN](): string;
35
+ private getInputToken;
41
36
  /**
42
37
  * rotate csrf secret exists in session or cookie.
43
38
  * must rotate the secret when user login
@@ -49,10 +44,9 @@ export default class SecurityContext extends Context {
49
44
  * @public
50
45
  */
51
46
  assertCsrf(): void;
52
- [CSRF_CTOKEN_CHECK](): "missing csrf token" | "invalid csrf token" | undefined;
53
- [CSRF_REFERER_CHECK](): "missing csrf referer or origin" | "invalid csrf referer or origin" | undefined;
54
- [LOG_CSRF_NOTICE](msg: string): void;
47
+ private csrfCtokenCheck;
48
+ private csrfRefererCheck;
49
+ private logCsrfNotice;
55
50
  safeCurl<T = any>(url: HttpClientRequestURL, options?: HttpClientOptions): Promise<HttpClientResponse<T>>;
56
51
  unsafeRedirect(url: string, alt?: string): void;
57
52
  }
58
- export {};
package/dist/app/extend/context.js CHANGED
@@ -5,15 +5,10 @@ import { Context } from 'egg';
5
5
  import * as utils from "../../lib/utils.js";
6
6
  const debug = debuglog('egg/security/app/extend/context');
7
7
  const tokens = new Tokens();
8
- const CSRF_SECRET = Symbol('egg-security#CSRF_SECRET');
9
8
  const _CSRF_SECRET = Symbol('egg-security#_CSRF_SECRET');
10
9
  const NEW_CSRF_SECRET = Symbol('egg-security#NEW_CSRF_SECRET');
11
- const LOG_CSRF_NOTICE = Symbol('egg-security#LOG_CSRF_NOTICE');
12
- const INPUT_TOKEN = Symbol('egg-security#INPUT_TOKEN');
13
10
  const NONCE_CACHE = Symbol('egg-security#NONCE_CACHE');
14
11
  const SECURITY_OPTIONS = Symbol('egg-security#SECURITY_OPTIONS');
15
- const CSRF_REFERER_CHECK = Symbol('egg-security#CSRF_REFERER_CHECK');
16
- const CSRF_CTOKEN_CHECK = Symbol('egg-security#CSRF_CTOKEN_CHECK');
17
12
  function findToken(obj, keys) {
18
13
  if (!obj)
19
14
  return;
@@ -59,8 +54,8 @@ export default class SecurityContext extends Context {
59
54
  */
60
55
  get csrf() {
61
56
  // csrfSecret can be rotate, use NEW_CSRF_SECRET first
62
- const secret = this[NEW_CSRF_SECRET] || this[CSRF_SECRET];
63
- debug('get csrf token, NEW_CSRF_SECRET: %s, _CSRF_SECRET: %s', this[NEW_CSRF_SECRET], this[CSRF_SECRET]);
57
+ const secret = this[NEW_CSRF_SECRET] || this.getCsrfSecret();
58
+ debug('get csrf token, NEW_CSRF_SECRET: %s, _CSRF_SECRET: %s', this[NEW_CSRF_SECRET], this.getCsrfSecret());
64
59
  // In order to protect against BREACH attacks,
65
60
  // the token is not simply the secret;
66
61
  // a random salt is prepended to the secret and used to scramble it.
@@ -72,7 +67,7 @@ export default class SecurityContext extends Context {
72
67
  * @return {String} csrf secret
73
68
  * @private
74
69
  */
75
- get [CSRF_SECRET]() {
70
+ getCsrfSecret() {
76
71
  if (this[_CSRF_SECRET]) {
77
72
  return this[_CSRF_SECRET];
78
73
  }
@@ -101,9 +96,11 @@ export default class SecurityContext extends Context {
101
96
  * @public
102
97
  */
103
98
  ensureCsrfSecret(rotate) {
104
- if (this[CSRF_SECRET] && !rotate)
99
+ const csrfSecret = this.getCsrfSecret();
100
+ if (csrfSecret && !rotate) {
105
101
  return;
106
- debug('ensure csrf secret, exists: %s, rotate; %s', this[CSRF_SECRET], rotate);
102
+ }
103
+ debug('ensure csrf secret, exists: %s, rotate; %s', csrfSecret, rotate);
107
104
  const secret = tokens.secretSync();
108
105
  this[NEW_CSRF_SECRET] = secret;
109
106
  let { useSession, sessionName, cookieDomain, cookieName: cookieNames, cookieOptions, } = this.app.config.security.csrf;
@@ -128,13 +125,13 @@ export default class SecurityContext extends Context {
128
125
  }
129
126
  }
130
127
  }
131
- get [INPUT_TOKEN]() {
128
+ getInputToken() {
132
129
  const { headerName, bodyName, queryName } = this.app.config.security.csrf;
133
130
  // try order: query, body, header
134
131
  const token = findToken(this.request.query, queryName) ||
135
132
  findToken(this.request.body, bodyName) ||
136
133
  (headerName && this.request.get(headerName));
137
- debug('get token: %j, secret: %j', token, this[CSRF_SECRET]);
134
+ debug('get token: %j, secret: %j', token, this.getCsrfSecret());
138
135
  return token;
139
136
  }
140
137
  /**
@@ -143,7 +140,7 @@ export default class SecurityContext extends Context {
143
140
  * @public
144
141
  */
145
142
  rotateCsrfSecret() {
146
- if (!this[NEW_CSRF_SECRET] && this[CSRF_SECRET]) {
143
+ if (!this[NEW_CSRF_SECRET] && this.getCsrfSecret()) {
147
144
  this.ensureCsrfSecret(true);
148
145
  }
149
146
  }
@@ -161,29 +158,29 @@ export default class SecurityContext extends Context {
161
158
  const messages = [];
162
159
  switch (type) {
163
160
  case 'ctoken':
164
- message = this[CSRF_CTOKEN_CHECK]();
161
+ message = this.csrfCtokenCheck();
165
162
  if (message)
166
163
  this.throw(403, message);
167
164
  break;
168
165
  case 'referer':
169
- message = this[CSRF_REFERER_CHECK]();
166
+ message = this.csrfRefererCheck();
170
167
  if (message)
171
168
  this.throw(403, message);
172
169
  break;
173
170
  case 'all':
174
- message = this[CSRF_CTOKEN_CHECK]();
171
+ message = this.csrfCtokenCheck();
175
172
  if (message)
176
173
  this.throw(403, message);
177
- message = this[CSRF_REFERER_CHECK]();
174
+ message = this.csrfRefererCheck();
178
175
  if (message)
179
176
  this.throw(403, message);
180
177
  break;
181
178
  case 'any':
182
- message = this[CSRF_CTOKEN_CHECK]();
179
+ message = this.csrfCtokenCheck();
183
180
  if (!message)
184
181
  return;
185
182
  messages.push(message);
186
- message = this[CSRF_REFERER_CHECK]();
183
+ message = this.csrfRefererCheck();
187
184
  if (!message)
188
185
  return;
189
186
  messages.push(message);
@@ -194,18 +191,19 @@ export default class SecurityContext extends Context {
194
191
  this.throw(`invalid type ${type}`);
195
192
  }
196
193
  }
197
- [CSRF_CTOKEN_CHECK]() {
198
- if (!this[CSRF_SECRET]) {
194
+ csrfCtokenCheck() {
195
+ const csrfSecret = this.getCsrfSecret();
196
+ if (!csrfSecret) {
199
197
  debug('missing csrf token');
200
- this[LOG_CSRF_NOTICE]('missing csrf token');
198
+ this.logCsrfNotice('missing csrf token');
201
199
  return 'missing csrf token';
202
200
  }
203
- const token = this[INPUT_TOKEN];
201
+ const token = this.getInputToken();
204
202
  // AJAX requests get csrf token from cookie, in this situation token will equal to secret
205
203
  // synchronize form requests' token always changing to protect against BREACH attacks
206
- if (token !== this[CSRF_SECRET] && !tokens.verify(this[CSRF_SECRET], token)) {
204
+ if (token !== csrfSecret && !tokens.verify(csrfSecret, token)) {
207
205
  debug('verify secret and token error');
208
- this[LOG_CSRF_NOTICE]('invalid csrf token');
206
+ this.logCsrfNotice('invalid csrf token');
209
207
  const { rotateWhenInvalid } = this.app.config.security.csrf;
210
208
  if (rotateWhenInvalid) {
211
209
  this.rotateCsrfSecret();
@@ -213,24 +211,24 @@ export default class SecurityContext extends Context {
213
211
  return 'invalid csrf token';
214
212
  }
215
213
  }
216
- [CSRF_REFERER_CHECK]() {
214
+ csrfRefererCheck() {
217
215
  const { refererWhiteList } = this.app.config.security.csrf;
218
216
  // check Origin/Referer headers
219
217
  const referer = (this.headers.referer ?? this.headers.origin ?? '').toLowerCase();
220
218
  if (!referer) {
221
219
  debug('missing csrf referer or origin');
222
- this[LOG_CSRF_NOTICE]('missing csrf referer or origin');
220
+ this.logCsrfNotice('missing csrf referer or origin');
223
221
  return 'missing csrf referer or origin';
224
222
  }
225
223
  const host = utils.getFromUrl(referer, 'host');
226
224
  const domainList = refererWhiteList.concat(this.host);
227
225
  if (!host || !utils.isSafeDomain(host, domainList)) {
228
226
  debug('verify referer or origin error');
229
- this[LOG_CSRF_NOTICE]('invalid csrf referer or origin');
227
+ this.logCsrfNotice('invalid csrf referer or origin');
230
228
  return 'invalid csrf referer or origin';
231
229
  }
232
230
  }
233
- [LOG_CSRF_NOTICE](msg) {
231
+ logCsrfNotice(msg) {
234
232
  if (this.app.config.env === 'local') {
235
233
  this.logger.warn(`${msg}. See https://eggjs.org/zh-CN/core/security/#%E5%AE%89%E5%85%A8%E5%A8%81%E8%83%81-csrf-%E7%9A%84%E9%98%B2%E8%8C%83`);
236
234
  }
@@ -242,4 +240,4 @@ export default class SecurityContext extends Context {
242
240
  this.response.unsafeRedirect(url, alt);
243
241
  }
244
242
  }
245
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29udGV4dC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9hcHAvZXh0ZW5kL2NvbnRleHQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFFBQVEsRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUVyQyxPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDM0MsT0FBTyxNQUFNLE1BQU0sTUFBTSxDQUFDO0FBQzFCLE9BQU8sRUFBRSxPQUFPLEVBQUUsTUFBTSxLQUFLLENBQUM7QUFFOUIsT0FBTyxLQUFLLEtBQUssTUFBTSxvQkFBb0IsQ0FBQztBQUs1QyxNQUFNLEtBQUssR0FBRyxRQUFRLENBQUMsaUNBQWlDLENBQUMsQ0FBQztBQUUxRCxNQUFNLE1BQU0sR0FBRyxJQUFJLE1BQU0sRUFBRSxDQUFDO0FBRTVCLE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0FBQ3ZELE1BQU0sWUFBWSxHQUFHLE1BQU0sQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO0FBQ3pELE1BQU0sZUFBZSxHQUFHLE1BQU0sQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO0FBQy9ELE1BQU0sZUFBZSxHQUFHLE1BQU0sQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO0FBQy9ELE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0FBQ3ZELE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0FBQ3ZELE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxDQUFDLCtCQUErQixDQUFDLENBQUM7QUFDakUsTUFBTSxrQkFBa0IsR0FBRyxNQUFNLENBQUMsaUNBQWlDLENBQUMsQ0FBQztBQUNyRSxNQUFNLGlCQUFpQixHQUFHLE1BQU0sQ0FBQyxnQ0FBZ0MsQ0FBQyxDQUFDO0FBRW5FLFNBQVMsU0FBUyxDQUFDLEdBQTJCLEVBQUUsSUFBdUI7SUFDckUsSUFBSSxDQUFDLEdBQUc7UUFBRSxPQUFPO0lBQ2pCLElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxJQUFJLENBQUMsTUFBTTtRQUFFLE9BQU87SUFDbEMsSUFBSSxPQUFPLElBQUksS0FBSyxRQUFRO1FBQUUsT0FBTyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDL0MsS0FBSyxNQUFNLEdBQUcsSUFBSSxJQUFJLEVBQUUsQ0FBQztRQUN2QixJQUFJLEdBQUcsQ0FBQyxHQUFHLENBQUM7WUFBRSxPQUFPLEdBQUcsQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUNoQyxDQUFDO0FBQ0gsQ0FBQztBQUVELE1BQU0sQ0FBQyxPQUFPLE9BQU8sZUFBZ0IsU0FBUSxPQUFPO0lBR2xELElBQUksZUFBZTtRQUNqQixJQUFJLENBQUMsSUFBSSxDQUFDLGdCQUFnQixDQUFDLEVBQUUsQ0FBQztZQUM1QixJQUFJLENBQUMsZ0JBQWdCLENBQUMsR0FBRyxFQUFFLENBQUM7UUFDOUIsQ0FBQztRQUNELE9BQU8sSUFBSSxDQUFDLGdCQUFnQixDQUE0QixDQUFDO0lBQzNELENBQUM7SUFFRDs7Ozs7O09BTUc7SUFDSCxZQUFZLENBQUMsTUFBYyxFQUFFLGVBQTBCO1FBQ3JELE1BQU0sZUFBZSxHQUNuQixlQUFlLElBQUksZUFBZSxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLGVBQWUsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLGVBQWUsQ0FBQztRQUM3RyxPQUFPLEtBQUssQ0FBQyxZQUFZLENBQUMsTUFBTSxFQUFFLGVBQWUsQ0FBQyxDQUFDO0lBQ3JELENBQUM7SUFFRCwyQ0FBMkM7SUFDM0MsOEVBQThFO0lBQzlFLElBQUksS0FBSztRQUNQLElBQUksQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQztZQUN2QixJQUFJLENBQUMsV0FBVyxDQUFDLEdBQUcsTUFBTSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ2pDLENBQUM7UUFDRCxPQUFPLElBQUksQ0FBQyxXQUFXLENBQVcsQ0FBQztJQUNyQyxDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILElBQUksSUFBSTtRQUNOLHNEQUFzRDtRQUN0RCxNQUFNLE1BQU0sR0FBRyxJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQzFELEtBQUssQ0FBQyx1REFBdUQsRUFBRSxJQUFJLENBQUMsZUFBZSxDQUFDLEVBQUUsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUM7UUFDekcsK0NBQStDO1FBQy9DLHVDQUF1QztRQUN2QyxxRUFBcUU7UUFDckUsNEJBQTRCO1FBQzVCLE9BQU8sTUFBTSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLE1BQWdCLENBQUMsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO0lBQ3ZELENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsSUFBSSxDQUFDLFdBQVcsQ0FBQztRQUNmLElBQUksSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUM7WUFDdkIsT0FBTyxJQUFJLENBQUMsWUFBWSxDQUFXLENBQUM7UUFDdEMsQ0FBQztRQUNELElBQUksRUFBRSxVQUFVLEVBQUUsV0FBVyxFQUFFLFVBQVUsRUFBRSxXQUFXLEVBQUUsYUFBYSxFQUFFLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQztRQUN4RyxvQ0FBb0M7UUFDcEMsSUFBSSxVQUFVLEVBQUUsQ0FBQztZQUNmLElBQUksQ0FBQyxZQUFZLENBQUMsR0FBSSxJQUFJLENBQUMsT0FBZSxDQUFDLFdBQVcsQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUNoRSxDQUFDO2FBQU0sQ0FBQztZQUNOLHVFQUF1RTtZQUN2RSxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsRUFBRSxDQUFDO2dCQUNoQyxXQUFXLEdBQUcsQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUM5QixDQUFDO1lBQ0QsS0FBSyxNQUFNLFVBQVUsSUFBSSxXQUFXLEVBQUUsQ0FBQztnQkFDckMsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLFVBQVUsRUFBRSxFQUFFLE1BQU0sRUFBRSxhQUFhLENBQUMsTUFBTSxFQUFFLENBQUMsSUFBSSxFQUFFLENBQUM7Z0JBQzFGLElBQUksSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUM7b0JBQ3ZCLE1BQU07Z0JBQ1IsQ0FBQztZQUNILENBQUM7UUFDSCxDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUMsWUFBWSxDQUFXLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxnQkFBZ0IsQ0FBQyxNQUFnQjtRQUMvQixJQUFJLElBQUksQ0FBQyxXQUFXLENBQUMsSUFBSSxDQUFDLE1BQU07WUFBRSxPQUFPO1FBQ3pDLEtBQUssQ0FBQyw0Q0FBNEMsRUFBRSxJQUFJLENBQUMsV0FBVyxDQUFDLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDL0UsTUFBTSxNQUFNLEdBQUcsTUFBTSxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ25DLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxNQUFNLENBQUM7UUFDL0IsSUFBSSxFQUNGLFVBQVUsRUFDVixXQUFXLEVBQ1gsWUFBWSxFQUNaLFVBQVUsRUFBRSxXQUFXLEVBQ3ZCLGFBQWEsR0FDZCxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUM7UUFFbEMsSUFBSSxVQUFVLEVBQUUsQ0FBQztZQUNmLHdGQUF3RjtZQUN2RixJQUFJLENBQUMsT0FBZSxDQUFDLFdBQVcsQ0FBQyxHQUFHLE1BQU0sQ0FBQztRQUM5QyxDQUFDO2FBQU0sQ0FBQztZQUNOLElBQUksT0FBTyxZQUFZLEtBQUssVUFBVSxFQUFFLENBQUM7Z0JBQ3ZDLFlBQVksR0FBRyxZQUFZLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDcEMsQ0FBQztZQUNELE1BQU0sVUFBVSxHQUFHO2dCQUNqQixNQUFNLEVBQUUsWUFBWTtnQkFDcEIsR0FBRyxhQUFhO2FBQ2pCLENBQUM7WUFDRix1RUFBdUU7WUFDdkUsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQztnQkFDaEMsV0FBVyxHQUFHLENBQUMsV0FBVyxDQUFDLENBQUM7WUFDOUIsQ0FBQztZQUNELEtBQUssTUFBTSxVQUFVLElBQUksV0FBVyxFQUFFLENBQUM7Z0JBQ3JDLElBQUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLFVBQVUsRUFBRSxNQUFNLEVBQUUsVUFBVSxDQUFDLENBQUM7WUFDbkQsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDO0lBRUQsSUFBSSxDQUFDLFdBQVcsQ0FBQztRQUNmLE1BQU0sRUFBRSxVQUFVLEVBQUUsUUFBUSxFQUFFLFNBQVMsRUFBRSxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUM7UUFDMUUsaUNBQWlDO1FBQ2pDLE1BQU0sS0FBSyxHQUNULFNBQVMsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLEtBQUssRUFBRSxTQUFTLENBQUM7WUFDeEMsU0FBUyxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLFFBQVEsQ0FBQztZQUN0QyxDQUFDLFVBQVUsSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBUyxVQUFVLENBQUMsQ0FBQyxDQUFDO1FBQ3ZELEtBQUssQ0FBQywyQkFBMkIsRUFBRSxLQUFLLEVBQUUsSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFDLENBQUM7UUFDN0QsT0FBTyxLQUFLLENBQUM7SUFDZixDQUFDO0lBRUQ7Ozs7T0FJRztJQUNILGdCQUFnQjtRQUNkLElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLElBQUksSUFBSSxDQUFDLFdBQVcsQ0FBQyxFQUFFLENBQUM7WUFDaEQsSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxDQUFDO1FBQzlCLENBQUM7SUFDSCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0gsVUFBVTtRQUNSLElBQUksS0FBSyxDQUFDLGFBQWEsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsSUFBSSxFQUFFLElBQUksQ0FBQyxFQUFFLENBQUM7WUFDN0QsS0FBSyxDQUFDLDRCQUE0QixFQUFFLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUMvQyxPQUFPO1FBQ1QsQ0FBQztRQUVELE1BQU0sRUFBRSxJQUFJLEVBQUUsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDO1FBQy9DLElBQUksT0FBTyxDQUFDO1FBQ1osTUFBTSxRQUFRLEdBQUcsRUFBRSxDQUFDO1FBQ3BCLFFBQVEsSUFBSSxFQUFFLENBQUM7WUFDYixLQUFLLFFBQVE7Z0JBQ1gsT0FBTyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxFQUFFLENBQUM7Z0JBQ3BDLElBQUksT0FBTztvQkFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSxPQUFPLENBQUMsQ0FBQztnQkFDdEMsTUFBTTtZQUNSLEtBQUssU0FBUztnQkFDWixPQUFPLEdBQUcsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEVBQUUsQ0FBQztnQkFDckMsSUFBSSxPQUFPO29CQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsR0FBRyxFQUFFLE9BQU8sQ0FBQyxDQUFDO2dCQUN0QyxNQUFNO1lBQ1IsS0FBSyxLQUFLO2dCQUNSLE9BQU8sR0FBRyxJQUFJLENBQUMsaUJBQWlCLENBQUMsRUFBRSxDQUFDO2dCQUNwQyxJQUFJLE9BQU87b0JBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsT0FBTyxDQUFDLENBQUM7Z0JBQ3RDLE9BQU8sR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsRUFBRSxDQUFDO2dCQUNyQyxJQUFJLE9BQU87b0JBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsT0FBTyxDQUFDLENBQUM7Z0JBQ3RDLE1BQU07WUFDUixLQUFLLEtBQUs7Z0JBQ1IsT0FBTyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxFQUFFLENBQUM7Z0JBQ3BDLElBQUksQ0FBQyxPQUFPO29CQUFFLE9BQU87Z0JBQ3JCLFFBQVEsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUM7Z0JBQ3ZCLE9BQU8sR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsRUFBRSxDQUFDO2dCQUNyQyxJQUFJLENBQUMsT0FBTztvQkFBRSxPQUFPO2dCQUNyQixRQUFRLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO2dCQUN2QixJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSx3Q0FBd0MsUUFBUSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUM7Z0JBQy9FLE1BQU07WUFDUjtnQkFDRSxnRkFBZ0Y7Z0JBQ2hGLElBQUksQ0FBQyxLQUFLLENBQUMsZ0JBQWdCLElBQUksRUFBRSxDQUFDLENBQUM7UUFDdkMsQ0FBQztJQUNILENBQUM7SUFFRCxDQUFDLGlCQUFpQixDQUFDO1FBQ2pCLElBQUksQ0FBQyxJQUFJLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQztZQUN2QixLQUFLLENBQUMsb0JBQW9CLENBQUMsQ0FBQztZQUM1QixJQUFJLENBQUMsZUFBZSxDQUFDLENBQUMsb0JBQW9CLENBQUMsQ0FBQztZQUM1QyxPQUFPLG9CQUFvQixDQUFDO1FBQzlCLENBQUM7UUFDRCxNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUM7UUFDaEMseUZBQXlGO1FBQ3pGLHFGQUFxRjtRQUNyRixJQUFJLEtBQUssS0FBSyxJQUFJLENBQUMsV0FBVyxDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsRUFBRSxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQzVFLEtBQUssQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO1lBQ3ZDLElBQUksQ0FBQyxlQUFlLENBQUMsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1lBQzVDLE1BQU0sRUFBRSxpQkFBaUIsRUFBRSxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUM7WUFDNUQsSUFBSSxpQkFBaUIsRUFBRSxDQUFDO2dCQUN0QixJQUFJLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztZQUMxQixDQUFDO1lBQ0QsT0FBTyxvQkFBb0IsQ0FBQztRQUM5QixDQUFDO0lBQ0gsQ0FBQztJQUVELENBQUMsa0JBQWtCLENBQUM7UUFDbEIsTUFBTSxFQUFFLGdCQUFnQixFQUFFLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQztRQUMzRCwrQkFBK0I7UUFDL0IsTUFBTSxPQUFPLEdBQUcsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLE9BQU8sSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sSUFBSSxFQUFFLENBQUMsQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUVsRixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDYixLQUFLLENBQUMsZ0NBQWdDLENBQUMsQ0FBQztZQUN4QyxJQUFJLENBQUMsZUFBZSxDQUFDLENBQUMsZ0NBQWdDLENBQUMsQ0FBQztZQUN4RCxPQUFPLGdDQUFnQyxDQUFDO1FBQzFDLENBQUM7UUFFRCxNQUFNLElBQUksR0FBRyxLQUFLLENBQUMsVUFBVSxDQUFDLE9BQU8sRUFBRSxNQUFNLENBQUMsQ0FBQztRQUMvQyxNQUFNLFVBQVUsR0FBRyxnQkFBZ0IsQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO1FBQ3RELElBQUksQ0FBQyxJQUFJLElBQUksQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLElBQUksRUFBRSxVQUFVLENBQUMsRUFBRSxDQUFDO1lBQ25ELEtBQUssQ0FBQyxnQ0FBZ0MsQ0FBQyxDQUFDO1lBQ3hDLElBQUksQ0FBQyxlQUFlLENBQUMsQ0FBQyxnQ0FBZ0MsQ0FBQyxDQUFDO1lBQ3hELE9BQU8sZ0NBQWdDLENBQUM7UUFDMUMsQ0FBQztJQUNILENBQUM7SUFFRCxDQUFDLGVBQWUsQ0FBQyxDQUFDLEdBQVc7UUFDM0IsSUFBSSxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLEtBQUssT0FBTyxFQUFFLENBQUM7WUFDcEMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQ2QsR0FBRyxHQUFHLG9IQUFvSCxDQUMzSCxDQUFDO1FBQ0osQ0FBQztJQUNILENBQUM7SUFFRCxLQUFLLENBQUMsUUFBUSxDQUFVLEdBQXlCLEVBQUUsT0FBMkI7UUFDNUUsT0FBTyxNQUFNLElBQUksQ0FBQyxHQUFHLENBQUMsUUFBUSxDQUFJLEdBQUcsRUFBRSxPQUFPLENBQUMsQ0FBQztJQUNsRCxDQUFDO0lBRUQsY0FBYyxDQUFDLEdBQVcsRUFBRSxHQUFZO1FBQ3RDLElBQUksQ0FBQyxRQUFRLENBQUMsY0FBYyxDQUFDLEdBQUcsRUFBRSxHQUFHLENBQUMsQ0FBQztJQUN6QyxDQUFDO0NBQ0YifQ==
243
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29udGV4dC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9hcHAvZXh0ZW5kL2NvbnRleHQudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxFQUFFLFFBQVEsRUFBRSxNQUFNLFdBQVcsQ0FBQztBQUVyQyxPQUFPLEVBQUUsTUFBTSxFQUFFLE1BQU0sbUJBQW1CLENBQUM7QUFDM0MsT0FBTyxNQUFNLE1BQU0sTUFBTSxDQUFDO0FBQzFCLE9BQU8sRUFBRSxPQUFPLEVBQUUsTUFBTSxLQUFLLENBQUM7QUFFOUIsT0FBTyxLQUFLLEtBQUssTUFBTSxvQkFBb0IsQ0FBQztBQUs1QyxNQUFNLEtBQUssR0FBRyxRQUFRLENBQUMsaUNBQWlDLENBQUMsQ0FBQztBQUUxRCxNQUFNLE1BQU0sR0FBRyxJQUFJLE1BQU0sRUFBRSxDQUFDO0FBRTVCLE1BQU0sWUFBWSxHQUFHLE1BQU0sQ0FBQywyQkFBMkIsQ0FBQyxDQUFDO0FBQ3pELE1BQU0sZUFBZSxHQUFHLE1BQU0sQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO0FBQy9ELE1BQU0sV0FBVyxHQUFHLE1BQU0sQ0FBQywwQkFBMEIsQ0FBQyxDQUFDO0FBQ3ZELE1BQU0sZ0JBQWdCLEdBQUcsTUFBTSxDQUFDLCtCQUErQixDQUFDLENBQUM7QUFFakUsU0FBUyxTQUFTLENBQUMsR0FBMkIsRUFBRSxJQUF1QjtJQUNyRSxJQUFJLENBQUMsR0FBRztRQUFFLE9BQU87SUFDakIsSUFBSSxDQUFDLElBQUksSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNO1FBQUUsT0FBTztJQUNsQyxJQUFJLE9BQU8sSUFBSSxLQUFLLFFBQVE7UUFBRSxPQUFPLEdBQUcsQ0FBQyxJQUFJLENBQUMsQ0FBQztJQUMvQyxLQUFLLE1BQU0sR0FBRyxJQUFJLElBQUksRUFBRSxDQUFDO1FBQ3ZCLElBQUksR0FBRyxDQUFDLEdBQUcsQ0FBQztZQUFFLE9BQU8sR0FBRyxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQ2hDLENBQUM7QUFDSCxDQUFDO0FBRUQsTUFBTSxDQUFDLE9BQU8sT0FBTyxlQUFnQixTQUFRLE9BQU87SUFHbEQsSUFBSSxlQUFlO1FBQ2pCLElBQUksQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsRUFBRSxDQUFDO1lBQzVCLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxHQUFHLEVBQUUsQ0FBQztRQUM5QixDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUMsZ0JBQWdCLENBQTRCLENBQUM7SUFDM0QsQ0FBQztJQUVEOzs7Ozs7T0FNRztJQUNILFlBQVksQ0FBQyxNQUFjLEVBQUUsZUFBMEI7UUFDckQsTUFBTSxlQUFlLEdBQ25CLGVBQWUsSUFBSSxlQUFlLENBQUMsTUFBTSxHQUFHLENBQUMsQ0FBQyxDQUFDLENBQUMsZUFBZSxDQUFDLENBQUMsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsZUFBZSxDQUFDO1FBQzdHLE9BQU8sS0FBSyxDQUFDLFlBQVksQ0FBQyxNQUFNLEVBQUUsZUFBZSxDQUFDLENBQUM7SUFDckQsQ0FBQztJQUVELDJDQUEyQztJQUMzQyw4RUFBOEU7SUFDOUUsSUFBSSxLQUFLO1FBQ1AsSUFBSSxDQUFDLElBQUksQ0FBQyxXQUFXLENBQUMsRUFBRSxDQUFDO1lBQ3ZCLElBQUksQ0FBQyxXQUFXLENBQUMsR0FBRyxNQUFNLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDakMsQ0FBQztRQUNELE9BQU8sSUFBSSxDQUFDLFdBQVcsQ0FBVyxDQUFDO0lBQ3JDLENBQUM7SUFFRDs7OztPQUlHO0lBQ0gsSUFBSSxJQUFJO1FBQ04sc0RBQXNEO1FBQ3RELE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsSUFBSSxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUM7UUFDN0QsS0FBSyxDQUFDLHVEQUF1RCxFQUFFLElBQUksQ0FBQyxlQUFlLENBQUMsRUFBRSxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUMsQ0FBQztRQUM1RywrQ0FBK0M7UUFDL0MsdUNBQXVDO1FBQ3ZDLHFFQUFxRTtRQUNyRSw0QkFBNEI7UUFDNUIsT0FBTyxNQUFNLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxNQUFNLENBQUMsTUFBZ0IsQ0FBQyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUM7SUFDdkQsQ0FBQztJQUVEOzs7O09BSUc7SUFDSyxhQUFhO1FBQ25CLElBQUksSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUM7WUFDdkIsT0FBTyxJQUFJLENBQUMsWUFBWSxDQUFXLENBQUM7UUFDdEMsQ0FBQztRQUNELElBQUksRUFBRSxVQUFVLEVBQUUsV0FBVyxFQUFFLFVBQVUsRUFBRSxXQUFXLEVBQUUsYUFBYSxFQUFFLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQztRQUN4RyxvQ0FBb0M7UUFDcEMsSUFBSSxVQUFVLEVBQUUsQ0FBQztZQUNmLElBQUksQ0FBQyxZQUFZLENBQUMsR0FBSSxJQUFJLENBQUMsT0FBZSxDQUFDLFdBQVcsQ0FBQyxJQUFJLEVBQUUsQ0FBQztRQUNoRSxDQUFDO2FBQU0sQ0FBQztZQUNOLHVFQUF1RTtZQUN2RSxJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsRUFBRSxDQUFDO2dCQUNoQyxXQUFXLEdBQUcsQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUM5QixDQUFDO1lBQ0QsS0FBSyxNQUFNLFVBQVUsSUFBSSxXQUFXLEVBQUUsQ0FBQztnQkFDckMsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLElBQUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLFVBQVUsRUFBRSxFQUFFLE1BQU0sRUFBRSxhQUFhLENBQUMsTUFBTSxFQUFFLENBQUMsSUFBSSxFQUFFLENBQUM7Z0JBQzFGLElBQUksSUFBSSxDQUFDLFlBQVksQ0FBQyxFQUFFLENBQUM7b0JBQ3ZCLE1BQU07Z0JBQ1IsQ0FBQztZQUNILENBQUM7UUFDSCxDQUFDO1FBQ0QsT0FBTyxJQUFJLENBQUMsWUFBWSxDQUFXLENBQUM7SUFDdEMsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxnQkFBZ0IsQ0FBQyxNQUFnQjtRQUMvQixNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUM7UUFDeEMsSUFBSSxVQUFVLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUMxQixPQUFPO1FBQ1QsQ0FBQztRQUNELEtBQUssQ0FBQyw0Q0FBNEMsRUFBRSxVQUFVLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDeEUsTUFBTSxNQUFNLEdBQUcsTUFBTSxDQUFDLFVBQVUsRUFBRSxDQUFDO1FBQ25DLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxNQUFNLENBQUM7UUFDL0IsSUFBSSxFQUNGLFVBQVUsRUFDVixXQUFXLEVBQ1gsWUFBWSxFQUNaLFVBQVUsRUFBRSxXQUFXLEVBQ3ZCLGFBQWEsR0FDZCxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUM7UUFFbEMsSUFBSSxVQUFVLEVBQUUsQ0FBQztZQUNmLHdGQUF3RjtZQUN2RixJQUFJLENBQUMsT0FBZSxDQUFDLFdBQVcsQ0FBQyxHQUFHLE1BQU0sQ0FBQztRQUM5QyxDQUFDO2FBQU0sQ0FBQztZQUNOLElBQUksT0FBTyxZQUFZLEtBQUssVUFBVSxFQUFFLENBQUM7Z0JBQ3ZDLFlBQVksR0FBRyxZQUFZLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDcEMsQ0FBQztZQUNELE1BQU0sVUFBVSxHQUFHO2dCQUNqQixNQUFNLEVBQUUsWUFBWTtnQkFDcEIsR0FBRyxhQUFhO2FBQ2pCLENBQUM7WUFDRix1RUFBdUU7WUFDdkUsSUFBSSxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDLEVBQUUsQ0FBQztnQkFDaEMsV0FBVyxHQUFHLENBQUMsV0FBVyxDQUFDLENBQUM7WUFDOUIsQ0FBQztZQUNELEtBQUssTUFBTSxVQUFVLElBQUksV0FBVyxFQUFFLENBQUM7Z0JBQ3JDLElBQUksQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLFVBQVUsRUFBRSxNQUFNLEVBQUUsVUFBVSxDQUFDLENBQUM7WUFDbkQsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDO0lBRU8sYUFBYTtRQUNuQixNQUFNLEVBQUUsVUFBVSxFQUFFLFFBQVEsRUFBRSxTQUFTLEVBQUUsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDO1FBQzFFLGlDQUFpQztRQUNqQyxNQUFNLEtBQUssR0FDVCxTQUFTLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsU0FBUyxDQUFDO1lBQ3hDLFNBQVMsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxRQUFRLENBQUM7WUFDdEMsQ0FBQyxVQUFVLElBQUksSUFBSSxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQVMsVUFBVSxDQUFDLENBQUMsQ0FBQztRQUN2RCxLQUFLLENBQUMsMkJBQTJCLEVBQUUsS0FBSyxFQUFFLElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQyxDQUFDO1FBQ2hFLE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztJQUVEOzs7O09BSUc7SUFDSCxnQkFBZ0I7UUFDZCxJQUFJLENBQUMsSUFBSSxDQUFDLGVBQWUsQ0FBQyxJQUFJLElBQUksQ0FBQyxhQUFhLEVBQUUsRUFBRSxDQUFDO1lBQ25ELElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUM5QixDQUFDO0lBQ0gsQ0FBQztJQUVEOzs7T0FHRztJQUNILFVBQVU7UUFDUixJQUFJLEtBQUssQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLElBQUksRUFBRSxJQUFJLENBQUMsRUFBRSxDQUFDO1lBQzdELEtBQUssQ0FBQyw0QkFBNEIsRUFBRSxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7WUFDL0MsT0FBTztRQUNULENBQUM7UUFFRCxNQUFNLEVBQUUsSUFBSSxFQUFFLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQztRQUMvQyxJQUFJLE9BQU8sQ0FBQztRQUNaLE1BQU0sUUFBUSxHQUFHLEVBQUUsQ0FBQztRQUNwQixRQUFRLElBQUksRUFBRSxDQUFDO1lBQ2IsS0FBSyxRQUFRO2dCQUNYLE9BQU8sR0FBRyxJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7Z0JBQ2pDLElBQUksT0FBTztvQkFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSxPQUFPLENBQUMsQ0FBQztnQkFDdEMsTUFBTTtZQUNSLEtBQUssU0FBUztnQkFDWixPQUFPLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7Z0JBQ2xDLElBQUksT0FBTztvQkFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsRUFBRSxPQUFPLENBQUMsQ0FBQztnQkFDdEMsTUFBTTtZQUNSLEtBQUssS0FBSztnQkFDUixPQUFPLEdBQUcsSUFBSSxDQUFDLGVBQWUsRUFBRSxDQUFDO2dCQUNqQyxJQUFJLE9BQU87b0JBQUUsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsT0FBTyxDQUFDLENBQUM7Z0JBQ3RDLE9BQU8sR0FBRyxJQUFJLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztnQkFDbEMsSUFBSSxPQUFPO29CQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsR0FBRyxFQUFFLE9BQU8sQ0FBQyxDQUFDO2dCQUN0QyxNQUFNO1lBQ1IsS0FBSyxLQUFLO2dCQUNSLE9BQU8sR0FBRyxJQUFJLENBQUMsZUFBZSxFQUFFLENBQUM7Z0JBQ2pDLElBQUksQ0FBQyxPQUFPO29CQUFFLE9BQU87Z0JBQ3JCLFFBQVEsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLENBQUM7Z0JBQ3ZCLE9BQU8sR0FBRyxJQUFJLENBQUMsZ0JBQWdCLEVBQUUsQ0FBQztnQkFDbEMsSUFBSSxDQUFDLE9BQU87b0JBQUUsT0FBTztnQkFDckIsUUFBUSxDQUFDLElBQUksQ0FBQyxPQUFPLENBQUMsQ0FBQztnQkFDdkIsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLEVBQUUsd0NBQXdDLFFBQVEsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDO2dCQUMvRSxNQUFNO1lBQ1I7Z0JBQ0UsZ0ZBQWdGO2dCQUNoRixJQUFJLENBQUMsS0FBSyxDQUFDLGdCQUFnQixJQUFJLEVBQUUsQ0FBQyxDQUFDO1FBQ3ZDLENBQUM7SUFDSCxDQUFDO0lBRU8sZUFBZTtRQUNyQixNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUM7UUFDeEMsSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQ2hCLEtBQUssQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1lBQzVCLElBQUksQ0FBQyxhQUFhLENBQUMsb0JBQW9CLENBQUMsQ0FBQztZQUN6QyxPQUFPLG9CQUFvQixDQUFDO1FBQzlCLENBQUM7UUFDRCxNQUFNLEtBQUssR0FBRyxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUM7UUFDbkMseUZBQXlGO1FBQ3pGLHFGQUFxRjtRQUNyRixJQUFJLEtBQUssS0FBSyxVQUFVLElBQUksQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLFVBQVUsRUFBRSxLQUFlLENBQUMsRUFBRSxDQUFDO1lBQ3hFLEtBQUssQ0FBQywrQkFBK0IsQ0FBQyxDQUFDO1lBQ3ZDLElBQUksQ0FBQyxhQUFhLENBQUMsb0JBQW9CLENBQUMsQ0FBQztZQUN6QyxNQUFNLEVBQUUsaUJBQWlCLEVBQUUsR0FBRyxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDO1lBQzVELElBQUksaUJBQWlCLEVBQUUsQ0FBQztnQkFDdEIsSUFBSSxDQUFDLGdCQUFnQixFQUFFLENBQUM7WUFDMUIsQ0FBQztZQUNELE9BQU8sb0JBQW9CLENBQUM7UUFDOUIsQ0FBQztJQUNILENBQUM7SUFFTyxnQkFBZ0I7UUFDdEIsTUFBTSxFQUFFLGdCQUFnQixFQUFFLEdBQUcsSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQztRQUMzRCwrQkFBK0I7UUFDL0IsTUFBTSxPQUFPLEdBQUcsQ0FBQyxJQUFJLENBQUMsT0FBTyxDQUFDLE9BQU8sSUFBSSxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sSUFBSSxFQUFFLENBQUMsQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUVsRixJQUFJLENBQUMsT0FBTyxFQUFFLENBQUM7WUFDYixLQUFLLENBQUMsZ0NBQWdDLENBQUMsQ0FBQztZQUN4QyxJQUFJLENBQUMsYUFBYSxDQUFDLGdDQUFnQyxDQUFDLENBQUM7WUFDckQsT0FBTyxnQ0FBZ0MsQ0FBQztRQUMxQyxDQUFDO1FBRUQsTUFBTSxJQUFJLEdBQUcsS0FBSyxDQUFDLFVBQVUsQ0FBQyxPQUFPLEVBQUUsTUFBTSxDQUFDLENBQUM7UUFDL0MsTUFBTSxVQUFVLEdBQUcsZ0JBQWdCLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUN0RCxJQUFJLENBQUMsSUFBSSxJQUFJLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxJQUFJLEVBQUUsVUFBVSxDQUFDLEVBQUUsQ0FBQztZQUNuRCxLQUFLLENBQUMsZ0NBQWdDLENBQUMsQ0FBQztZQUN4QyxJQUFJLENBQUMsYUFBYSxDQUFDLGdDQUFnQyxDQUFDLENBQUM7WUFDckQsT0FBTyxnQ0FBZ0MsQ0FBQztRQUMxQyxDQUFDO0lBQ0gsQ0FBQztJQUVPLGFBQWEsQ0FBQyxHQUFXO1FBQy9CLElBQUksSUFBSSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxLQUFLLE9BQU8sRUFBRSxDQUFDO1lBQ3BDLElBQUksQ0FBQyxNQUFNLENBQUMsSUFBSSxDQUNkLEdBQUcsR0FBRyxvSEFBb0gsQ0FDM0gsQ0FBQztRQUNKLENBQUM7SUFDSCxDQUFDO0lBRUQsS0FBSyxDQUFDLFFBQVEsQ0FBVSxHQUF5QixFQUFFLE9BQTJCO1FBQzVFLE9BQU8sTUFBTSxJQUFJLENBQUMsR0FBRyxDQUFDLFFBQVEsQ0FBSSxHQUFHLEVBQUUsT0FBTyxDQUFDLENBQUM7SUFDbEQsQ0FBQztJQUVELGNBQWMsQ0FBQyxHQUFXLEVBQUUsR0FBWTtRQUN0QyxJQUFJLENBQUMsUUFBUSxDQUFDLGNBQWMsQ0FBQyxHQUFHLEVBQUUsR0FBRyxDQUFDLENBQUM7SUFDekMsQ0FBQztDQUNGIn0=
package/dist/app/extend/helper.d.ts CHANGED
@@ -1,12 +1,3 @@
1
- declare const _default: {
2
- cliFilter: typeof import("../../lib/helper/cliFilter.ts").default;
3
- escape: typeof import("escape-html");
4
- escapeShellArg: typeof import("../../lib/helper/escapeShellArg.ts").default;
5
- escapeShellCmd: typeof import("../../lib/helper/escapeShellCmd.ts").default;
6
- shtml: typeof import("../../lib/helper/shtml.ts").default;
7
- sjs: typeof import("../../lib/helper/sjs.ts").default;
8
- sjson: typeof import("../../lib/helper/sjson.ts").default;
9
- spath: typeof import("../../lib/helper/spath.ts").default;
10
- surl: typeof import("../../lib/helper/surl.ts").default;
11
- };
12
- export default _default;
1
+ import helpers from '../../lib/helper/index.ts';
2
+ declare const securityHelpers: typeof helpers;
3
+ export default securityHelpers;
package/dist/app/extend/helper.js CHANGED
@@ -1,5 +1,6 @@
1
1
  import helpers from "../../lib/helper/index.js";
2
- export default {
2
+ const securityHelpers = {
3
3
  ...helpers,
4
4
  };
5
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGVscGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2FwcC9leHRlbmQvaGVscGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sT0FBTyxNQUFNLDJCQUEyQixDQUFDO0FBRWhELGVBQWU7SUFDYixHQUFHLE9BQU87Q0FDWCxDQUFDIn0=
5
+ export default securityHelpers;
6
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaGVscGVyLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2FwcC9leHRlbmQvaGVscGVyLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sT0FBTyxNQUFNLDJCQUEyQixDQUFDO0FBRWhELE1BQU0sZUFBZSxHQUFtQjtJQUN0QyxHQUFHLE9BQU87Q0FDWCxDQUFDO0FBRUYsZUFBZSxlQUFlLENBQUMifQ==
package/dist/app/middleware/securities.d.ts CHANGED
@@ -1,4 +1,3 @@
1
- import compose from 'koa-compose';
2
- import type { Application } from 'egg';
3
- declare const _default: (_: unknown, app: Application) => compose.ComposedMiddleware<import("egg").Context>;
1
+ import type { Application, MiddlewareFunc } from 'egg';
2
+ declare const _default: (_: unknown, app: Application) => MiddlewareFunc;
4
3
  export default _default;
package/dist/app/middleware/securities.js CHANGED
@@ -1,6 +1,6 @@
1
1
  import assert from 'node:assert';
2
2
  import compose from 'koa-compose';
3
- import { pathMatching } from 'egg-path-matching';
3
+ import { pathMatching } from '@eggjs/path-matching';
4
4
  import securityMiddlewares from "../../lib/middlewares/index.js";
5
5
  export default (_, app) => {
6
6
  const options = app.config.security;
@@ -19,7 +19,7 @@ export default (_, app) => {
19
19
  if (originalCookieDomain && typeof originalCookieDomain !== 'function') {
20
20
  options.csrf.cookieDomain = () => originalCookieDomain;
21
21
  }
22
- defaultMiddlewares.forEach(middlewareName => {
22
+ defaultMiddlewares.forEach((middlewareName) => {
23
23
  const opt = Reflect.get(options, middlewareName);
24
24
  if (opt === false) {
25
25
  app.coreLogger.warn('[egg-security] Please use `config.security.%s = { enable: false }` instead of `config.security.%s = false`', middlewareName, middlewareName);
@@ -50,4 +50,4 @@ export default (_, app) => {
50
50
  app.coreLogger.info('[@eggjs/security/middleware/securities] compose %d middlewares into one security middleware', middlewares.length);
51
51
  return compose(middlewares);
52
52
  };
53
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjdXJpdGllcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9hcHAvbWlkZGxld2FyZS9zZWN1cml0aWVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sTUFBTSxNQUFNLGFBQWEsQ0FBQztBQUVqQyxPQUFPLE9BQU8sTUFBTSxhQUFhLENBQUM7QUFDbEMsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLG1CQUFtQixDQUFDO0FBR2pELE9BQU8sbUJBQW1CLE1BQU0sZ0NBQWdDLENBQUM7QUFHakUsZUFBZSxDQUFDLENBQVUsRUFBRSxHQUFnQixFQUFFLEVBQUU7SUFDOUMsTUFBTSxPQUFPLEdBQUcsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUM7SUFDcEMsTUFBTSxXQUFXLEdBQXFCLEVBQUUsQ0FBQztJQUN6QyxNQUFNLGtCQUFrQixHQUN0QixPQUFPLE9BQU8sQ0FBQyxpQkFBaUIsS0FBSyxRQUFRO1FBQzNDLENBQUMsQ0FBRSxPQUFPLENBQUMsaUJBQWlCO2FBQ3ZCLEtBQUssQ0FBQyxHQUFHLENBQUM7YUFDVixHQUFHLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUM7YUFDbEIsTUFBTSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBOEI7UUFDbEQsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxpQkFBaUIsQ0FBQztJQUVoQyxJQUFJLE9BQU8sQ0FBQyxLQUFLLElBQUksT0FBTyxDQUFDLE1BQU0sRUFBRSxDQUFDO1FBQ3BDLEdBQUcsQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLHNGQUFzRixDQUFDLENBQUM7SUFDOUcsQ0FBQztJQUVELDJCQUEyQjtJQUMzQixNQUFNLG9CQUFvQixHQUFHLE9BQU8sQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDO0lBQ3ZELElBQUksb0JBQW9CLElBQUksT0FBTyxvQkFBb0IsS0FBSyxVQUFVLEVBQUUsQ0FBQztRQUN2RSxPQUFPLENBQUMsSUFBSSxDQUFDLFlBQVksR0FBRyxHQUFHLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQztJQUN6RCxDQUFDO0lBRUQsa0JBQWtCLENBQUMsT0FBTyxDQUFDLGNBQWMsQ0FBQyxFQUFFO1FBQzFDLE1BQU0sR0FBRyxHQUFHLE9BQU8sQ0FBQyxHQUFHLENBQUMsT0FBTyxFQUFFLGNBQWMsQ0FBUSxDQUFDO1FBQ3hELElBQUksR0FBRyxLQUFLLEtBQUssRUFBRSxDQUFDO1lBQ2xCLEdBQUcsQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUNqQiw0R0FBNEcsRUFDNUcsY0FBYyxFQUNkLGNBQWMsQ0FDZixDQUFDO1FBQ0osQ0FBQztRQUVELE1BQU0sQ0FDSixHQUFHLEtBQUssS0FBSyxJQUFJLE9BQU8sR0FBRyxLQUFLLFFBQVEsRUFDeEMsbUJBQW1CLGNBQWMsa0RBQWtELENBQ3BGLENBQUM7UUFFRixJQUFJLEdBQUcsS0FBSyxLQUFLLElBQUksQ0FBQyxHQUFHLElBQUksR0FBRyxDQUFDLE1BQU0sS0FBSyxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ25ELE9BQU87UUFDVCxDQUFDO1FBRUQsSUFBSSxjQUFjLEtBQUssTUFBTSxJQUFJLEdBQUcsQ0FBQyxVQUFVLElBQUksQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLE9BQU8sRUFBRSxDQUFDO1lBQ3hFLE1BQU0sSUFBSSxLQUFLLENBQUMseURBQXlELENBQUMsQ0FBQztRQUM3RSxDQUFDO1FBRUQsc0NBQXNDO1FBQ3RDLElBQUksR0FBRyxDQUFDLEtBQUssSUFBSSxHQUFHLENBQUMsTUFBTSxFQUFFLENBQUM7WUFDNUIsR0FBRyxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQ2pCLGtIQUFrSCxDQUNuSCxDQUFDO1lBQ0YsR0FBRyxDQUFDLE1BQU0sR0FBRyxTQUFTLENBQUM7UUFDekIsQ0FBQztRQUNELElBQUksQ0FBQyxHQUFHLENBQUMsTUFBTSxJQUFJLEdBQUcsQ0FBQyxTQUFTLEVBQUUsQ0FBQztZQUNqQyxHQUFHLENBQUMsU0FBUyxDQUNYLDBKQUEwSixDQUMzSixDQUFDO1lBQ0YsR0FBRyxDQUFDLE1BQU0sR0FBRyxHQUFHLENBQUMsU0FBUyxDQUFDO1FBQzdCLENBQUM7UUFDRCx1REFBdUQ7UUFDdkQsR0FBRyxDQUFDLFFBQVEsR0FBRyxZQUFZLENBQUMsR0FBRyxDQUFDLENBQUM7UUFFakMsTUFBTSxnQkFBZ0IsR0FBRyxtQkFBbUIsQ0FBQyxjQUFjLENBQUMsQ0FBQztRQUM3RCxNQUFNLEVBQUUsR0FBRyxnQkFBZ0IsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUNqQyxXQUFXLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ3JCLEdBQUcsQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUFDLDJEQUEyRCxFQUFFLGNBQWMsQ0FBQyxDQUFDO0lBQ25HLENBQUMsQ0FBQyxDQUFDO0lBRUgsR0FBRyxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQ2pCLDZGQUE2RixFQUM3RixXQUFXLENBQUMsTUFBTSxDQUNuQixDQUFDO0lBQ0YsT0FBTyxPQUFPLENBQUMsV0FBVyxDQUFDLENBQUM7QUFDOUIsQ0FBQyxDQUFDIn0=
53
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjdXJpdGllcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9hcHAvbWlkZGxld2FyZS9zZWN1cml0aWVzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sTUFBTSxNQUFNLGFBQWEsQ0FBQztBQUVqQyxPQUFPLE9BQU8sTUFBTSxhQUFhLENBQUM7QUFDbEMsT0FBTyxFQUFFLFlBQVksRUFBRSxNQUFNLHNCQUFzQixDQUFDO0FBR3BELE9BQU8sbUJBQW1CLE1BQU0sZ0NBQWdDLENBQUM7QUFHakUsZUFBZSxDQUFDLENBQVUsRUFBRSxHQUFnQixFQUFrQixFQUFFO0lBQzlELE1BQU0sT0FBTyxHQUFHLEdBQUcsQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDO0lBQ3BDLE1BQU0sV0FBVyxHQUFxQixFQUFFLENBQUM7SUFDekMsTUFBTSxrQkFBa0IsR0FDdEIsT0FBTyxPQUFPLENBQUMsaUJBQWlCLEtBQUssUUFBUTtRQUMzQyxDQUFDLENBQUUsT0FBTyxDQUFDLGlCQUFpQjthQUN2QixLQUFLLENBQUMsR0FBRyxDQUFDO2FBQ1YsR0FBRyxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLElBQUksRUFBRSxDQUFDO2FBQ2xCLE1BQU0sQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQThCO1FBQ2xELENBQUMsQ0FBQyxPQUFPLENBQUMsaUJBQWlCLENBQUM7SUFFaEMsSUFBSSxPQUFPLENBQUMsS0FBSyxJQUFJLE9BQU8sQ0FBQyxNQUFNLEVBQUUsQ0FBQztRQUNwQyxHQUFHLENBQUMsVUFBVSxDQUFDLElBQUksQ0FBQyxzRkFBc0YsQ0FBQyxDQUFDO0lBQzlHLENBQUM7SUFFRCwyQkFBMkI7SUFDM0IsTUFBTSxvQkFBb0IsR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQztJQUN2RCxJQUFJLG9CQUFvQixJQUFJLE9BQU8sb0JBQW9CLEtBQUssVUFBVSxFQUFFLENBQUM7UUFDdkUsT0FBTyxDQUFDLElBQUksQ0FBQyxZQUFZLEdBQUcsR0FBRyxFQUFFLENBQUMsb0JBQW9CLENBQUM7SUFDekQsQ0FBQztJQUVELGtCQUFrQixDQUFDLE9BQU8sQ0FBQyxDQUFDLGNBQXNDLEVBQUUsRUFBRTtRQUNwRSxNQUFNLEdBQUcsR0FBRyxPQUFPLENBQUMsR0FBRyxDQUFDLE9BQU8sRUFBRSxjQUFjLENBQVEsQ0FBQztRQUN4RCxJQUFJLEdBQUcsS0FBSyxLQUFLLEVBQUUsQ0FBQztZQUNsQixHQUFHLENBQUMsVUFBVSxDQUFDLElBQUksQ0FDakIsNEdBQTRHLEVBQzVHLGNBQWMsRUFDZCxjQUFjLENBQ2YsQ0FBQztRQUNKLENBQUM7UUFFRCxNQUFNLENBQ0osR0FBRyxLQUFLLEtBQUssSUFBSSxPQUFPLEdBQUcsS0FBSyxRQUFRLEVBQ3hDLG1CQUFtQixjQUFjLGtEQUFrRCxDQUNwRixDQUFDO1FBRUYsSUFBSSxHQUFHLEtBQUssS0FBSyxJQUFJLENBQUMsR0FBRyxJQUFJLEdBQUcsQ0FBQyxNQUFNLEtBQUssS0FBSyxDQUFDLEVBQUUsQ0FBQztZQUNuRCxPQUFPO1FBQ1QsQ0FBQztRQUVELElBQUksY0FBYyxLQUFLLE1BQU0sSUFBSSxHQUFHLENBQUMsVUFBVSxJQUFJLENBQUMsR0FBRyxDQUFDLE9BQU8sQ0FBQyxPQUFPLEVBQUUsQ0FBQztZQUN4RSxNQUFNLElBQUksS0FBSyxDQUFDLHlEQUF5RCxDQUFDLENBQUM7UUFDN0UsQ0FBQztRQUVELHNDQUFzQztRQUN0QyxJQUFJLEdBQUcsQ0FBQyxLQUFLLElBQUksR0FBRyxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQzVCLEdBQUcsQ0FBQyxVQUFVLENBQUMsSUFBSSxDQUNqQixrSEFBa0gsQ0FDbkgsQ0FBQztZQUNGLEdBQUcsQ0FBQyxNQUFNLEdBQUcsU0FBUyxDQUFDO1FBQ3pCLENBQUM7UUFDRCxJQUFJLENBQUMsR0FBRyxDQUFDLE1BQU0sSUFBSSxHQUFHLENBQUMsU0FBUyxFQUFFLENBQUM7WUFDakMsR0FBRyxDQUFDLFNBQVMsQ0FDWCwwSkFBMEosQ0FDM0osQ0FBQztZQUNGLEdBQUcsQ0FBQyxNQUFNLEdBQUcsR0FBRyxDQUFDLFNBQVMsQ0FBQztRQUM3QixDQUFDO1FBQ0QsdURBQXVEO1FBQ3ZELEdBQUcsQ0FBQyxRQUFRLEdBQUcsWUFBWSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBRWpDLE1BQU0sZ0JBQWdCLEdBQUcsbUJBQW1CLENBQUMsY0FBa0QsQ0FBQyxDQUFDO1FBQ2pHLE1BQU0sRUFBRSxHQUFHLGdCQUFnQixDQUFDLEdBQUcsQ0FBQyxDQUFDO1FBQ2pDLFdBQVcsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLENBQUM7UUFDckIsR0FBRyxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsMkRBQTJELEVBQUUsY0FBYyxDQUFDLENBQUM7SUFDbkcsQ0FBQyxDQUFDLENBQUM7SUFFSCxHQUFHLENBQUMsVUFBVSxDQUFDLElBQUksQ0FDakIsNkZBQTZGLEVBQzdGLFdBQVcsQ0FBQyxNQUFNLENBQ25CLENBQUM7SUFDRixPQUFPLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQztBQUM5QixDQUFDLENBQUMifQ==