@eggjs/security 5.0.0-beta.35 → 5.0.0-beta.36

package/dist/config/config.default.js

@@ -1,371 +1,167 @@
-import { Context } from 'egg';
-import z from 'zod';
+import { Context } from "egg";
+import z from "zod";
+
+//#region src/config/config.default.ts
 const CSRFSupportRequestItem = z.object({
-    path: z.instanceof(RegExp),
-    methods: z.array(z.string()),
+	path: z.instanceof(RegExp),
+	methods: z.array(z.string())
 });
-export const LookupAddress = z.object({
-    address: z.string(),
-    family: z.number(),
+const LookupAddress = z.object({
+	address: z.string(),
+	family: z.number()
 });
-const LookupAddressAndStringArray = z
-    .union([z.string(), LookupAddress])
-    .array();
-const SSRFCheckAddressFunction = z
-    .function()
-    .args(z.union([z.string(), LookupAddress, LookupAddressAndStringArray]), z.union([z.number(), z.string()]), z.string())
-    .returns(z.boolean());
-export const SecurityMiddlewareName = z.enum(['csrf', 'hsts', 'methodnoallow', 'noopen', 'nosniff', 'csp', 'xssProtection', 'xframe', 'dta']);
+const LookupAddressAndStringArray = z.union([z.string(), LookupAddress]).array();
+const SSRFCheckAddressFunction = z.function().args(z.union([
+	z.string(),
+	LookupAddress,
+	LookupAddressAndStringArray
+]), z.union([z.number(), z.string()]), z.string()).returns(z.boolean());
+const SecurityMiddlewareName = z.enum([
+	"csrf",
+	"hsts",
+	"methodnoallow",
+	"noopen",
+	"nosniff",
+	"csp",
+	"xssProtection",
+	"xframe",
+	"dta"
+]);
 /**
- * (ctx) => boolean
- */
-const IgnoreOrMatchHandler = z
-    .function()
-    .args(z.instanceof(Context))
-    .returns(z.boolean());
+* (ctx) => boolean
+*/
+const IgnoreOrMatchHandler = z.function().args(z.instanceof(Context)).returns(z.boolean());
 const IgnoreOrMatch = z.union([
-    z.string(),
-    z.instanceof(RegExp),
-    IgnoreOrMatchHandler,
+	z.string(),
+	z.instanceof(RegExp),
+	IgnoreOrMatchHandler
 ]);
-const IgnoreOrMatchOption = z
-    .union([IgnoreOrMatch, IgnoreOrMatch.array()])
-    .optional();
-export const SecurityConfig = z.object({
-    /**
-     * domain white list
-     *
-     * Default to `[]`
-     */
-    domainWhiteList: z.array(z.string()).default([]),
-    /**
-     * protocol white list
-     *
-     * Default to `[]`
-     */
-    protocolWhiteList: z.array(z.string()).default([]),
-    /**
-     * default open security middleware
-     *
-     * Default to `'csrf,hsts,methodnoallow,noopen,nosniff,csp,xssProtection,xframe,dta'`
-     */
-    defaultMiddleware: z.union([z.string(), z.array(SecurityMiddlewareName)]).default(SecurityMiddlewareName.options),
-    /**
-     * whether defend csrf attack
-     */
-    csrf: z.preprocess((val) => {
-        // transform old config, `csrf: false` to `csrf: { enable: false }`
-        if (typeof val === 'boolean') {
-            return { enable: val };
-        }
-        return val;
-    }, z
-        .object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: z.boolean().default(true),
-        /**
-         * csrf token detect source type
-         *
-         * Default to `'ctoken'`
-         */
-        type: z.enum(['ctoken', 'referer', 'all', 'any']).default('ctoken'),
-        /**
-         * ignore json request
-         *
-         * Default to `false`
-         *
-         * @deprecated is not safe now, don't use it
-         */
-        ignoreJSON: z.boolean().default(false),
-        /**
-         * csrf token cookie name
-         *
-         * Default to `'csrfToken'`
-         */
-        cookieName: z.union([z.string(), z.array(z.string())]).default('csrfToken'),
-        /**
-         * csrf token session name
-         *
-         * Default to `'csrfToken'`
-         */
-        sessionName: z.string().default('csrfToken'),
-        /**
-         * csrf token request header name
-         *
-         * Default to `'x-csrf-token'`
-         */
-        headerName: z.string().default('x-csrf-token'),
-        /**
-         * csrf token request body field name
-         *
-         * Default to `'_csrf'`
-         */
-        bodyName: z.union([z.string(), z.array(z.string())]).default('_csrf'),
-        /**
-         * csrf token request query field name
-         *
-         * Default to `'_csrf'`
-         */
-        queryName: z.union([z.string(), z.array(z.string())]).default('_csrf'),
-        /**
-         * rotate csrf token when it is invalid
-         *
-         * Default to `false`
-         */
-        rotateWhenInvalid: z.boolean().default(false),
-        /**
-         * These config works when using `'ctoken'` type
-         *
-         * Default to `false`
-         */
-        useSession: z.boolean().default(false),
-        /**
-         * csrf token cookie domain setting,
-         * can be `(ctx) => string` or `string`
-         *
-         * Default to `undefined`, auto set the cookie domain in the safe way
-         */
-        cookieDomain: z.union([z.string(), z.function().args(z.instanceof(Context)).returns(z.string())]).optional(),
-        /**
-         * csrf token check requests config
-         */
-        supportedRequests: z.array(CSRFSupportRequestItem).default([
-            {
-                path: /^\//,
-                methods: ['POST', 'PATCH', 'DELETE', 'PUT', 'CONNECT'],
-            },
-        ]),
-        /**
-         * referer or origin header white list.
-         * It only works when using `'referer'` type
-         *
-         * Default to `[]`
-         */
-        refererWhiteList: z.array(z.string()).default([]),
-        /**
-         * csrf token cookie options
-         *
-         * Default to `{
-         *   signed: false,
-         *   httpOnly: false,
-         *   overwrite: true,
-         * }`
-         */
-        cookieOptions: z
-            .object({
-            signed: z.boolean(),
-            httpOnly: z.boolean(),
-            overwrite: z.boolean(),
-        })
-            .default({
-            signed: false,
-            httpOnly: false,
-            overwrite: true,
-        }),
-    })
-        .default({})),
-    /**
-     * whether enable X-Frame-Options response header
-     */
-    xframe: z
-        .object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: z.boolean().default(true),
-        /**
-         * X-Frame-Options value, can be `'DENY'`, `'SAMEORIGIN'`, `'ALLOW-FROM https://example.com'`
-         *
-         * Default to `'SAMEORIGIN'`
-         */
-        value: z.string().default('SAMEORIGIN'),
-    })
-        .default({}),
-    /**
-     * whether enable Strict-Transport-Security response header
-     */
-    hsts: z
-        .object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `false`
-         */
-        enable: z.boolean().default(false),
-        /**
-         * Max age of Strict-Transport-Security in seconds
-         *
-         * Default to `365 * 24 * 3600`
-         */
-        maxAge: z.number().default(365 * 24 * 3600),
-        /**
-         * Whether include sub domains
-         *
-         * Default to `false`
-         */
-        includeSubdomains: z.boolean().default(false),
-    })
-        .default({}),
-    /**
-     * whether enable Http Method filter
-     */
-    methodnoallow: z
-        .object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: z.boolean().default(true),
-    })
-        .default({}),
-    /**
-     * whether enable IE automatically download open
-     */
-    noopen: z
-        .object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: z.boolean().default(true),
-    })
-        .default({}),
-    /**
-     * whether enable IE8 automatically detect mime
-     */
-    nosniff: z
-        .object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: z.boolean().default(true),
-    })
-        .default({}),
-    /**
-     * whether enable IE8 XSS Filter
-     */
-    xssProtection: z
-        .object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: z.boolean().default(true),
-        /**
-         * X-XSS-Protection response header value
-         *
-         * Default to `'1; mode=block'`
-         */
-        value: z.coerce.string().default('1; mode=block'),
-    })
-        .default({}),
-    /**
-     * content security policy config
-     */
-    csp: z
-        .object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `false`
-         */
-        enable: z.boolean().default(false),
-        // https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP#csp_overview
-        policy: z.record(z.union([z.string(), z.array(z.string()), z.boolean()])).default({}),
-        /**
-         * whether enable report only mode
-         * Default to `undefined`
-         */
-        reportOnly: z.boolean().optional(),
-        /**
-         * whether support IE
-         * Default to `undefined`
-         */
-        supportIE: z.boolean().optional(),
-    })
-        .default({}),
-    /**
-     * whether enable referrer policy
-     * @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
-     */
-    referrerPolicy: z
-        .object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `false`
-         */
-        enable: z.boolean().default(false),
-        /**
-         * referrer policy value
-         *
-         * Default to `'no-referrer-when-downgrade'`
-         */
-        value: z.string().default('no-referrer-when-downgrade'),
-    })
-        .default({}),
-    /**
-     * whether enable auto avoid directory traversal attack
-     */
-    dta: z
-        .object({
-        match: IgnoreOrMatchOption,
-        ignore: IgnoreOrMatchOption,
-        /**
-         * Default to `true`
-         */
-        enable: z.boolean().default(true),
-    })
-        .default({}),
-    ssrf: z
-        .object({
-        ipBlackList: z.array(z.string()).optional(),
-        ipExceptionList: z.array(z.string()).optional(),
-        hostnameExceptionList: z.array(z.string()).optional(),
-        checkAddress: SSRFCheckAddressFunction.optional(),
-    })
-        .default({}),
-    match: z.union([IgnoreOrMatch, IgnoreOrMatch.array()]).optional(),
-    ignore: z.union([IgnoreOrMatch, IgnoreOrMatch.array()]).optional(),
-    __protocolWhiteListSet: z.set(z.string()).optional().readonly(),
-});
-const SecurityHelperOnTagAttrHandler = z
-    .function()
-    .args(z.string(), z.string(), z.string(), z.boolean())
-    .returns(z.union([z.string(), z.void()]));
-export const SecurityHelperConfig = z.object({
-    shtml: z
-        .object({
-        /**
-         * tag attribute white list
-         */
-        whiteList: z.record(z.array(z.string())).optional(),
-        /**
-         * domain white list
-         * @deprecated use `config.security.domainWhiteList` instead
-         */
-        domainWhiteList: z.array(z.string()).optional(),
-        /**
-         * tag attribute handler
-         */
-        onTagAttr: SecurityHelperOnTagAttrHandler.optional(),
-    })
-        .default({}),
+const IgnoreOrMatchOption = z.union([IgnoreOrMatch, IgnoreOrMatch.array()]).optional();
+const SecurityConfig = z.object({
+	domainWhiteList: z.array(z.string()).default([]),
+	protocolWhiteList: z.array(z.string()).default([]),
+	defaultMiddleware: z.union([z.string(), z.array(SecurityMiddlewareName)]).default(SecurityMiddlewareName.options),
+	csrf: z.preprocess((val) => {
+		if (typeof val === "boolean") return { enable: val };
+		return val;
+	}, z.object({
+		match: IgnoreOrMatchOption,
+		ignore: IgnoreOrMatchOption,
+		enable: z.boolean().default(true),
+		type: z.enum([
+			"ctoken",
+			"referer",
+			"all",
+			"any"
+		]).default("ctoken"),
+		ignoreJSON: z.boolean().default(false),
+		cookieName: z.union([z.string(), z.array(z.string())]).default("csrfToken"),
+		sessionName: z.string().default("csrfToken"),
+		headerName: z.string().default("x-csrf-token"),
+		bodyName: z.union([z.string(), z.array(z.string())]).default("_csrf"),
+		queryName: z.union([z.string(), z.array(z.string())]).default("_csrf"),
+		rotateWhenInvalid: z.boolean().default(false),
+		useSession: z.boolean().default(false),
+		cookieDomain: z.union([z.string(), z.function().args(z.instanceof(Context)).returns(z.string())]).optional(),
+		supportedRequests: z.array(CSRFSupportRequestItem).default([{
+			path: /^\//,
+			methods: [
+				"POST",
+				"PATCH",
+				"DELETE",
+				"PUT",
+				"CONNECT"
+			]
+		}]),
+		refererWhiteList: z.array(z.string()).default([]),
+		cookieOptions: z.object({
+			signed: z.boolean(),
+			httpOnly: z.boolean(),
+			overwrite: z.boolean()
+		}).default({
+			signed: false,
+			httpOnly: false,
+			overwrite: true
+		})
+	}).default({})),
+	xframe: z.object({
+		match: IgnoreOrMatchOption,
+		ignore: IgnoreOrMatchOption,
+		enable: z.boolean().default(true),
+		value: z.string().default("SAMEORIGIN")
+	}).default({}),
+	hsts: z.object({
+		match: IgnoreOrMatchOption,
+		ignore: IgnoreOrMatchOption,
+		enable: z.boolean().default(false),
+		maxAge: z.number().default(365 * 24 * 3600),
+		includeSubdomains: z.boolean().default(false)
+	}).default({}),
+	methodnoallow: z.object({
+		match: IgnoreOrMatchOption,
+		ignore: IgnoreOrMatchOption,
+		enable: z.boolean().default(true)
+	}).default({}),
+	noopen: z.object({
+		match: IgnoreOrMatchOption,
+		ignore: IgnoreOrMatchOption,
+		enable: z.boolean().default(true)
+	}).default({}),
+	nosniff: z.object({
+		match: IgnoreOrMatchOption,
+		ignore: IgnoreOrMatchOption,
+		enable: z.boolean().default(true)
+	}).default({}),
+	xssProtection: z.object({
+		match: IgnoreOrMatchOption,
+		ignore: IgnoreOrMatchOption,
+		enable: z.boolean().default(true),
+		value: z.coerce.string().default("1; mode=block")
+	}).default({}),
+	csp: z.object({
+		match: IgnoreOrMatchOption,
+		ignore: IgnoreOrMatchOption,
+		enable: z.boolean().default(false),
+		policy: z.record(z.union([
+			z.string(),
+			z.array(z.string()),
+			z.boolean()
+		])).default({}),
+		reportOnly: z.boolean().optional(),
+		supportIE: z.boolean().optional()
+	}).default({}),
+	referrerPolicy: z.object({
+		match: IgnoreOrMatchOption,
+		ignore: IgnoreOrMatchOption,
+		enable: z.boolean().default(false),
+		value: z.string().default("no-referrer-when-downgrade")
+	}).default({}),
+	dta: z.object({
+		match: IgnoreOrMatchOption,
+		ignore: IgnoreOrMatchOption,
+		enable: z.boolean().default(true)
+	}).default({}),
+	ssrf: z.object({
+		ipBlackList: z.array(z.string()).optional(),
+		ipExceptionList: z.array(z.string()).optional(),
+		hostnameExceptionList: z.array(z.string()).optional(),
+		checkAddress: SSRFCheckAddressFunction.optional()
+	}).default({}),
+	match: z.union([IgnoreOrMatch, IgnoreOrMatch.array()]).optional(),
+	ignore: z.union([IgnoreOrMatch, IgnoreOrMatch.array()]).optional(),
+	__protocolWhiteListSet: z.set(z.string()).optional().readonly()
 });
+const SecurityHelperOnTagAttrHandler = z.function().args(z.string(), z.string(), z.string(), z.boolean()).returns(z.union([z.string(), z.void()]));
+const SecurityHelperConfig = z.object({ shtml: z.object({
+	whiteList: z.record(z.array(z.string())).optional(),
+	domainWhiteList: z.array(z.string()).optional(),
+	onTagAttr: SecurityHelperOnTagAttrHandler.optional()
+}).default({}) });
 const config = {
-    security: SecurityConfig.parse({}),
-    helper: SecurityHelperConfig.parse({}),
+	security: SecurityConfig.parse({}),
+	helper: SecurityHelperConfig.parse({})
 };
-export default config;
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmRlZmF1bHQuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvY29uZmlnL2NvbmZpZy5kZWZhdWx0LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxPQUFPLEVBQUUsTUFBTSxLQUFLLENBQUM7QUFDOUIsT0FBTyxDQUFDLE1BQU0sS0FBSyxDQUFDO0FBRXBCLE1BQU0sc0JBQXNCLEdBR3ZCLENBQUMsQ0FBQyxNQUFNLENBQUM7SUFDWixJQUFJLEVBQUUsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxNQUFNLENBQUM7SUFDMUIsT0FBTyxFQUFFLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDO0NBQzdCLENBQUMsQ0FBQztBQUdILE1BQU0sQ0FBQyxNQUFNLGFBQWEsR0FBRyxDQUFDLENBQUMsTUFBTSxDQUFDO0lBQ3BDLE9BQU8sRUFBRSxDQUFDLENBQUMsTUFBTSxFQUFFO0lBQ25CLE1BQU0sRUFBRSxDQUFDLENBQUMsTUFBTSxFQUFFO0NBQ25CLENBTUMsQ0FBQztBQUdILE1BQU0sMkJBQTJCLEdBQWdFLENBQUM7S0FDL0YsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLGFBQWEsQ0FBQyxDQUFDO0tBQ2xDLEtBQUssRUFBRSxDQUFDO0FBQ1gsTUFBTSx3QkFBd0IsR0FVMUIsQ0FBQztLQUNGLFFBQVEsRUFBRTtLQUNWLElBQUksQ0FDSCxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLGFBQWEsRUFBRSwyQkFBMkIsQ0FBQyxDQUFDLEVBQ2pFLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUMsRUFDakMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUNYO0tBQ0EsT0FBTyxDQUFDLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxDQUFDO0FBT3hCLE1BQU0sQ0FBQyxNQUFNLHNCQUFzQixHQUUvQixDQUFDLENBQUMsSUFBSSxDQUFDLENBQUMsTUFBTSxFQUFFLE1BQU0sRUFBRSxlQUFlLEVBQUUsUUFBUSxFQUFFLFNBQVMsRUFBRSxLQUFLLEVBQUUsZUFBZSxFQUFFLFFBQVEsRUFBRSxLQUFLLENBQUMsQ0FBQyxDQUFDO0FBRzVHOztHQUVHO0FBQ0gsTUFBTSxvQkFBb0IsR0FBZ0YsQ0FBQztLQUN4RyxRQUFRLEVBQUU7S0FDVixJQUFJLENBQUMsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsQ0FBQztLQUMzQixPQUFPLENBQUMsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLENBQUM7QUFHeEIsTUFBTSxhQUFhLEdBQThFLENBQUMsQ0FBQyxLQUFLLENBQUM7SUFDdkcsQ0FBQyxDQUFDLE1BQU0sRUFBRTtJQUNWLENBQUMsQ0FBQyxVQUFVLENBQUMsTUFBTSxDQUFDO0lBQ3BCLG9CQUFvQjtDQUNyQixDQUFDLENBQUM7QUFHSCxNQUFNLG1CQUFtQixHQUF3RixDQUFDO0tBQy9HLEtBQUssQ0FBQyxDQUFDLGFBQWEsRUFBRSxhQUFhLENBQUMsS0FBSyxFQUFFLENBQUMsQ0FBQztLQUM3QyxRQUFRLEVBQUUsQ0FBQztBQUdkLE1BQU0sQ0FBQyxNQUFNLGNBQWMsR0FBcUIsQ0FBQyxDQUFDLE1BQU0sQ0FBQztJQUN2RDs7OztPQUlHO0lBQ0gsZUFBZSxFQUFFLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztJQUNoRDs7OztPQUlHO0lBQ0gsaUJBQWlCLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO0lBQ2xEOzs7O09BSUc7SUFDSCxpQkFBaUIsRUFBRSxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQyxLQUFLLENBQUMsc0JBQXNCLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLHNCQUFzQixDQUFDLE9BQU8sQ0FBQztJQUNqSDs7T0FFRztJQUNILElBQUksRUFBRSxDQUFDLENBQUMsVUFBVSxDQUNoQixDQUFDLEdBQUcsRUFBRSxFQUFFO1FBQ04sbUVBQW1FO1FBQ25FLElBQUksT0FBTyxHQUFHLEtBQUssU0FBUyxFQUFFLENBQUM7WUFDN0IsT0FBTyxFQUFFLE1BQU0sRUFBRSxHQUFHLEVBQUUsQ0FBQztRQUN6QixDQUFDO1FBQ0QsT0FBTyxHQUFHLENBQUM7SUFDYixDQUFDLEVBQ0QsQ0FBQztTQUNFLE1BQU0sQ0FBQztRQUNOLEtBQUssRUFBRSxtQkFBbUI7UUFDMUIsTUFBTSxFQUFFLG1CQUFtQjtRQUMzQjs7V0FFRztRQUNILE1BQU0sRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQztRQUNqQzs7OztXQUlHO1FBQ0gsSUFBSSxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxRQUFRLEVBQUUsU0FBUyxFQUFFLEtBQUssRUFBRSxLQUFLLENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUM7UUFDbkU7Ozs7OztXQU1HO1FBQ0gsVUFBVSxFQUFFLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDO1FBQ3RDOzs7O1dBSUc7UUFDSCxVQUFVLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsV0FBVyxDQUFDO1FBQzNFOzs7O1dBSUc7UUFDSCxXQUFXLEVBQUUsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUM7UUFDNUM7Ozs7V0FJRztRQUNILFVBQVUsRUFBRSxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsT0FBTyxDQUFDLGNBQWMsQ0FBQztRQUM5Qzs7OztXQUlHO1FBQ0gsUUFBUSxFQUFFLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQztRQUNyRTs7OztXQUlHO1FBQ0gsU0FBUyxFQUFFLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQztRQUN0RTs7OztXQUlHO1FBQ0gsaUJBQWlCLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUM7UUFDN0M7Ozs7V0FJRztRQUNILFVBQVUsRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQztRQUN0Qzs7Ozs7V0FLRztRQUNILFlBQVksRUFBRSxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQyxRQUFRLEVBQUUsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsUUFBUSxFQUFFO1FBQzVHOztXQUVHO1FBQ0gsaUJBQWlCLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxzQkFBc0IsQ0FBQyxDQUFDLE9BQU8sQ0FBQztZQUN6RDtnQkFDRSxJQUFJLEVBQUUsS0FBSztnQkFDWCxPQUFPLEVBQUUsQ0FBQyxNQUFNLEVBQUUsT0FBTyxFQUFFLFFBQVEsRUFBRSxLQUFLLEVBQUUsU0FBUyxDQUFDO2FBQ3ZEO1NBQ0YsQ0FBQztRQUNGOzs7OztXQUtHO1FBQ0gsZ0JBQWdCLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxPQUFPLENBQUMsRUFBRSxDQUFDO1FBQ2pEOzs7Ozs7OztXQVFHO1FBQ0gsYUFBYSxFQUFFLENBQUM7YUFDYixNQUFNLENBQUM7WUFDTixNQUFNLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRTtZQUNuQixRQUFRLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRTtZQUNyQixTQUFTLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRTtTQUN2QixDQUFDO2FBQ0QsT0FBTyxDQUFDO1lBQ1AsTUFBTSxFQUFFLEtBQUs7WUFDYixRQUFRLEVBQUUsS0FBSztZQUNmLFNBQVMsRUFBRSxJQUFJO1NBQ2hCLENBQUM7S0FDTCxDQUFDO1NBQ0QsT0FBTyxDQUFDLEVBQUUsQ0FBQyxDQUNmO0lBQ0Q7O09BRUc7SUFDSCxNQUFNLEVBQUUsQ0FBQztTQUNOLE1BQU0sQ0FBQztRQUNOLEtBQUssRUFBRSxtQkFBbUI7UUFDMUIsTUFBTSxFQUFFLG1CQUFtQjtRQUMzQjs7V0FFRztRQUNILE1BQU0sRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQztRQUNqQzs7OztXQUlHO1FBQ0gsS0FBSyxFQUFFLENBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxPQUFPLENBQUMsWUFBWSxDQUFDO0tBQ3hDLENBQUM7U0FDRCxPQUFPLENBQUMsRUFBRSxDQUFDO0lBQ2Q7O09BRUc7SUFDSCxJQUFJLEVBQUUsQ0FBQztTQUNKLE1BQU0sQ0FBQztRQUNOLEtBQUssRUFBRSxtQkFBbUI7UUFDMUIsTUFBTSxFQUFFLG1CQUFtQjtRQUMzQjs7V0FFRztRQUNILE1BQU0sRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsT0FBTyxDQUFDLEtBQUssQ0FBQztRQUNsQzs7OztXQUlHO1FBQ0gsTUFBTSxFQUFFLENBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxPQUFPLENBQUMsR0FBRyxHQUFHLEVBQUUsR0FBRyxJQUFJLENBQUM7UUFDM0M7Ozs7V0FJRztRQUNILGlCQUFpQixFQUFFLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDO0tBQzlDLENBQUM7U0FDRCxPQUFPLENBQUMsRUFBRSxDQUFDO0lBQ2Q7O09BRUc7SUFDSCxhQUFhLEVBQUUsQ0FBQztTQUNiLE1BQU0sQ0FBQztRQUNOLEtBQUssRUFBRSxtQkFBbUI7UUFDMUIsTUFBTSxFQUFFLG1CQUFtQjtRQUMzQjs7V0FFRztRQUNILE1BQU0sRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQztLQUNsQyxDQUFDO1NBQ0QsT0FBTyxDQUFDLEVBQUUsQ0FBQztJQUNkOztPQUVHO0lBQ0gsTUFBTSxFQUFFLENBQUM7U0FDTixNQUFNLENBQUM7UUFDTixLQUFLLEVBQUUsbUJBQW1CO1FBQzFCLE1BQU0sRUFBRSxtQkFBbUI7UUFDM0I7O1dBRUc7UUFDSCxNQUFNLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUM7S0FDbEMsQ0FBQztTQUNELE9BQU8sQ0FBQyxFQUFFLENBQUM7SUFDZDs7T0FFRztJQUNILE9BQU8sRUFBRSxDQUFDO1NBQ1AsTUFBTSxDQUFDO1FBQ04sS0FBSyxFQUFFLG1CQUFtQjtRQUMxQixNQUFNLEVBQUUsbUJBQW1CO1FBQzNCOztXQUVHO1FBQ0gsTUFBTSxFQUFFLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDO0tBQ2xDLENBQUM7U0FDRCxPQUFPLENBQUMsRUFBRSxDQUFDO0lBQ2Q7O09BRUc7SUFDSCxhQUFhLEVBQUUsQ0FBQztTQUNiLE1BQU0sQ0FBQztRQUNOLEtBQUssRUFBRSxtQkFBbUI7UUFDMUIsTUFBTSxFQUFFLG1CQUFtQjtRQUMzQjs7V0FFRztRQUNILE1BQU0sRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQztRQUNqQzs7OztXQUlHO1FBQ0gsS0FBSyxFQUFFLENBQUMsQ0FBQyxNQUFNLENBQUMsTUFBTSxFQUFFLENBQUMsT0FBTyxDQUFDLGVBQWUsQ0FBQztLQUNsRCxDQUFDO1NBQ0QsT0FBTyxDQUFDLEVBQUUsQ0FBQztJQUNkOztPQUVHO0lBQ0gsR0FBRyxFQUFFLENBQUM7U0FDSCxNQUFNLENBQUM7UUFDTixLQUFLLEVBQUUsbUJBQW1CO1FBQzFCLE1BQU0sRUFBRSxtQkFBbUI7UUFDM0I7O1dBRUc7UUFDSCxNQUFNLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLE9BQU8sQ0FBQyxLQUFLLENBQUM7UUFDbEMscUVBQXFFO1FBQ3JFLE1BQU0sRUFBRSxDQUFDLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsRUFBRSxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQztRQUNyRjs7O1dBR0c7UUFDSCxVQUFVLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLFFBQVEsRUFBRTtRQUNsQzs7O1dBR0c7UUFDSCxTQUFTLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLFFBQVEsRUFBRTtLQUNsQyxDQUFDO1NBQ0QsT0FBTyxDQUFDLEVBQUUsQ0FBQztJQUNkOzs7T0FHRztJQUNILGNBQWMsRUFBRSxDQUFDO1NBQ2QsTUFBTSxDQUFDO1FBQ04sS0FBSyxFQUFFLG1CQUFtQjtRQUMxQixNQUFNLEVBQUUsbUJBQW1CO1FBQzNCOztXQUVHO1FBQ0gsTUFBTSxFQUFFLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDO1FBQ2xDOzs7O1dBSUc7UUFDSCxLQUFLLEVBQUUsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLE9BQU8sQ0FBQyw0QkFBNEIsQ0FBQztLQUN4RCxDQUFDO1NBQ0QsT0FBTyxDQUFDLEVBQUUsQ0FBQztJQUNkOztPQUVHO0lBQ0gsR0FBRyxFQUFFLENBQUM7U0FDSCxNQUFNLENBQUM7UUFDTixLQUFLLEVBQUUsbUJBQW1CO1FBQzFCLE1BQU0sRUFBRSxtQkFBbUI7UUFDM0I7O1dBRUc7UUFDSCxNQUFNLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUM7S0FDbEMsQ0FBQztTQUNELE9BQU8sQ0FBQyxFQUFFLENBQUM7SUFDZCxJQUFJLEVBQUUsQ0FBQztTQUNKLE1BQU0sQ0FBQztRQUNOLFdBQVcsRUFBRSxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxNQUFNLEVBQUUsQ0FBQyxDQUFDLFFBQVEsRUFBRTtRQUMzQyxlQUFlLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxRQUFRLEVBQUU7UUFDL0MscUJBQXFCLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxRQUFRLEVBQUU7UUFDckQsWUFBWSxFQUFFLHdCQUF3QixDQUFDLFFBQVEsRUFBRTtLQUNsRCxDQUFDO1NBQ0QsT0FBTyxDQUFDLEVBQUUsQ0FBQztJQUNkLEtBQUssRUFBRSxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsYUFBYSxFQUFFLGFBQWEsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxDQUFDLENBQUMsUUFBUSxFQUFFO0lBQ2pFLE1BQU0sRUFBRSxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsYUFBYSxFQUFFLGFBQWEsQ0FBQyxLQUFLLEVBQUUsQ0FBQyxDQUFDLENBQUMsUUFBUSxFQUFFO0lBQ2xFLHNCQUFzQixFQUFFLENBQUMsQ0FBQyxHQUFHLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxDQUFDLENBQUMsUUFBUSxFQUFFLENBQUMsUUFBUSxFQUFFO0NBQ2hFLENBQUMsQ0FBQztBQUdILE1BQU0sOEJBQThCLEdBR2hDLENBQUM7S0FDRixRQUFRLEVBQUU7S0FDVixJQUFJLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQyxNQUFNLEVBQUUsRUFBRSxDQUFDLENBQUMsTUFBTSxFQUFFLEVBQUUsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO0tBQ3JELE9BQU8sQ0FBQyxDQUFDLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDLE1BQU0sRUFBRSxFQUFFLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztBQU81QyxNQUFNLENBQUMsTUFBTSxvQkFBb0IsR0FBcUIsQ0FBQyxDQUFDLE1BQU0sQ0FBQztJQUM3RCxLQUFLLEVBQUUsQ0FBQztTQUNMLE1BQU0sQ0FBQztRQUNOOztXQUVHO1FBQ0gsU0FBUyxFQUFFLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxDQUFDLFFBQVEsRUFBRTtRQUNuRDs7O1dBR0c7UUFDSCxlQUFlLEVBQUUsQ0FBQyxDQUFDLEtBQUssQ0FBQyxDQUFDLENBQUMsTUFBTSxFQUFFLENBQUMsQ0FBQyxRQUFRLEVBQUU7UUFDL0M7O1dBRUc7UUFDSCxTQUFTLEVBQUUsOEJBQThCLENBQUMsUUFBUSxFQUFFO0tBQ3JELENBQUM7U0FDRCxPQUFPLENBQUMsRUFBRSxDQUFDO0NBQ2YsQ0FBQyxDQUFDO0FBUUgsTUFBTSxNQUFNLEdBQUc7SUFDYixRQUFRLEVBQUUsY0FBYyxDQUFDLEtBQUssQ0FBQyxFQUFFLENBQTRDO0lBQzdFLE1BQU0sRUFBRSxvQkFBb0IsQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUF3RDtDQUN2RCxDQUFDO0FBRXpDLGVBQWUsTUFBTSxDQUFDIn0=
+var config_default_default = config;
+
+//#endregion
+export { LookupAddress, SecurityConfig, SecurityHelperConfig, SecurityMiddlewareName, config_default_default as default };

package/dist/config/config.local.d.ts

@@ -1,3 +1,6 @@
-import type { PartialEggConfig } from 'egg';
-declare const _default: PartialEggConfig;
-export default _default;
+import { PartialEggConfig } from "egg";
+
+//#region src/config/config.local.d.ts
+declare const config: PartialEggConfig;
+//#endregion
+export { config as default };

package/dist/config/config.local.js

@@ -1,8 +1,6 @@
-export default {
-    security: {
-        hsts: {
-            enable: false,
-        },
-    },
-};
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY29uZmlnLmxvY2FsLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL2NvbmZpZy9jb25maWcubG9jYWwudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBRUEsZUFBZTtJQUNiLFFBQVEsRUFBRTtRQUNSLElBQUksRUFBRTtZQUNKLE1BQU0sRUFBRSxLQUFLO1NBQ2Q7S0FDRjtDQUNrQixDQUFDIn0=
+//#region src/config/config.local.ts
+const config = { security: { hsts: { enable: false } } };
+var config_local_default = config;
+
+//#endregion
+export { config_local_default as default };

package/dist/index.d.ts

@@ -1,18 +1,22 @@
-import './types.ts';
-import { type EggPluginFactory } from 'egg';
+import "./types.js";
+import { EggPluginFactory } from "egg";
+
+//#region src/index.d.ts
+
 /**
- * Security plugin
- *
- * @since 4.1.0
- * Usage:
- * ```ts
- * // config/plugin.ts
- * import securityPlugin from '@eggjs/security';
- *
- * export default {
- *   ...securityPlugin(),
- * };
- * ```
- */
+* Security plugin
+*
+* @since 4.1.0
+* Usage:
+* ```ts
+* // config/plugin.ts
+* import securityPlugin from '@eggjs/security';
+*
+* export default {
+*   ...securityPlugin(),
+* };
+* ```
+*/
 declare const _default: EggPluginFactory;
-export default _default;
+//#endregion
+export { _default as default };

package/dist/index.js

@@ -1,23 +1,26 @@
-import "./types.js";
-import { definePluginFactory } from 'egg';
+import { definePluginFactory } from "egg";
+
+//#region src/index.ts
 /**
- * Security plugin
- *
- * @since 4.1.0
- * Usage:
- * ```ts
- * // config/plugin.ts
- * import securityPlugin from '@eggjs/security';
- *
- * export default {
- *   ...securityPlugin(),
- * };
- * ```
- */
-export default definePluginFactory({
-    name: 'security',
-    enable: true,
-    path: import.meta.dirname,
-    optionalDependencies: ['session'],
+* Security plugin
+*
+* @since 4.1.0
+* Usage:
+* ```ts
+* // config/plugin.ts
+* import securityPlugin from '@eggjs/security';
+*
+* export default {
+*   ...securityPlugin(),
+* };
+* ```
+*/
+var src_default = definePluginFactory({
+	name: "security",
+	enable: true,
+	path: import.meta.dirname,
+	optionalDependencies: ["session"]
 });
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvaW5kZXgudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxZQUFZLENBQUM7QUFDcEIsT0FBTyxFQUFFLG1CQUFtQixFQUF5QixNQUFNLEtBQUssQ0FBQztBQUVqRTs7Ozs7Ozs7Ozs7OztHQWFHO0FBQ0gsZUFBZSxtQkFBbUIsQ0FBQztJQUNqQyxJQUFJLEVBQUUsVUFBVTtJQUNoQixNQUFNLEVBQUUsSUFBSTtJQUNaLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU87SUFDekIsb0JBQW9CLEVBQUUsQ0FBQyxTQUFTLENBQUM7Q0FDbEMsQ0FBcUIsQ0FBQyJ9
+
+//#endregion
+export { src_default as default };