@eggjs/security 5.0.0-beta.35 → 5.0.0-beta.36

package/dist/lib/middlewares/nosniff.js

@@ -1,28 +1,26 @@
 import { checkIfIgnore } from "../utils.js";
-// status codes for redirects
-// @see https://github.com/jshttp/statuses/blob/master/index.js#L33
+
+//#region src/lib/middlewares/nosniff.ts
 const RedirectStatus = {
-    300: true,
-    301: true,
-    302: true,
-    303: true,
-    305: true,
-    307: true,
-    308: true,
+	300: true,
+	301: true,
+	302: true,
+	303: true,
+	305: true,
+	307: true,
+	308: true
 };
-export default (options) => {
-    return async function nosniff(ctx, next) {
-        await next();
-        // ignore redirect response
-        if (RedirectStatus[ctx.status])
-            return;
-        const opts = {
-            ...options,
-            ...ctx.securityOptions.nosniff,
-        };
-        if (checkIfIgnore(opts, ctx))
-            return;
-        ctx.set('x-content-type-options', 'nosniff');
-    };
+var nosniff_default = (options) => {
+	return async function nosniff(ctx, next) {
+		await next();
+		if (RedirectStatus[ctx.status]) return;
+		if (checkIfIgnore({
+			...options,
+			...ctx.securityOptions.nosniff
+		}, ctx)) return;
+		ctx.set("x-content-type-options", "nosniff");
+	};
 };
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibm9zbmlmZi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9saWIvbWlkZGxld2FyZXMvbm9zbmlmZi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFHQSxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sYUFBYSxDQUFDO0FBRTVDLDZCQUE2QjtBQUM3QixtRUFBbUU7QUFDbkUsTUFBTSxjQUFjLEdBQTRCO0lBQzlDLEdBQUcsRUFBRSxJQUFJO0lBQ1QsR0FBRyxFQUFFLElBQUk7SUFDVCxHQUFHLEVBQUUsSUFBSTtJQUNULEdBQUcsRUFBRSxJQUFJO0lBQ1QsR0FBRyxFQUFFLElBQUk7SUFDVCxHQUFHLEVBQUUsSUFBSTtJQUNULEdBQUcsRUFBRSxJQUFJO0NBQ1YsQ0FBQztBQUVGLGVBQWUsQ0FBQyxPQUFrQyxFQUFrQixFQUFFO0lBQ3BFLE9BQU8sS0FBSyxVQUFVLE9BQU8sQ0FBQyxHQUFHLEVBQUUsSUFBSTtRQUNyQyxNQUFNLElBQUksRUFBRSxDQUFDO1FBRWIsMkJBQTJCO1FBQzNCLElBQUksY0FBYyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUM7WUFBRSxPQUFPO1FBRXZDLE1BQU0sSUFBSSxHQUFHO1lBQ1gsR0FBRyxPQUFPO1lBQ1YsR0FBRyxHQUFHLENBQUMsZUFBZSxDQUFDLE9BQU87U0FDL0IsQ0FBQztRQUNGLElBQUksYUFBYSxDQUFDLElBQUksRUFBRSxHQUFHLENBQUM7WUFBRSxPQUFPO1FBRXJDLEdBQUcsQ0FBQyxHQUFHLENBQUMsd0JBQXdCLEVBQUUsU0FBUyxDQUFDLENBQUM7SUFDL0MsQ0FBQyxDQUFDO0FBQ0osQ0FBQyxDQUFDIn0=
+
+//#endregion
+export { nosniff_default as default };

package/dist/lib/middlewares/referrerPolicy.d.ts

@@ -1,4 +1,7 @@
-import type { MiddlewareFunc } from 'egg';
-import type { SecurityConfig } from '../../config/config.default.ts';
+import { SecurityConfig } from "../../config/config.default.js";
+import { MiddlewareFunc } from "egg";
+
+//#region src/lib/middlewares/referrerPolicy.d.ts
 declare const _default: (options: SecurityConfig["referrerPolicy"]) => MiddlewareFunc;
-export default _default;
+//#endregion
+export { _default as default };

package/dist/lib/middlewares/referrerPolicy.js

@@ -1,34 +1,31 @@
 import { checkIfIgnore } from "../utils.js";
-// https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Headers/Referrer-Policy
+
+//#region src/lib/middlewares/referrerPolicy.ts
 const ALLOWED_POLICIES_ENUM = [
-    'no-referrer',
-    'no-referrer-when-downgrade',
-    'origin',
-    'origin-when-cross-origin',
-    'same-origin',
-    'strict-origin',
-    'strict-origin-when-cross-origin',
-    'unsafe-url',
-    '',
+	"no-referrer",
+	"no-referrer-when-downgrade",
+	"origin",
+	"origin-when-cross-origin",
+	"same-origin",
+	"strict-origin",
+	"strict-origin-when-cross-origin",
+	"unsafe-url",
+	""
 ];
-export default (options) => {
-    return async function referrerPolicy(ctx, next) {
-        await next();
-        const opts = {
-            ...options,
-            // check refererPolicy for backward compatibility
-            // typo on the old version
-            // @see https://github.com/eggjs/security/blob/e3408408adec5f8d009d37f75126ed082481d0ac/lib/middlewares/referrerPolicy.js#L21C59-L21C72
-            ...ctx.securityOptions.refererPolicy,
-            ...ctx.securityOptions.referrerPolicy,
-        };
-        if (checkIfIgnore(opts, ctx))
-            return;
-        const policy = opts.value;
-        if (!ALLOWED_POLICIES_ENUM.includes(policy)) {
-            throw new Error(`"${policy}" is not available.`);
-        }
-        ctx.set('referrer-policy', policy);
-    };
+var referrerPolicy_default = (options) => {
+	return async function referrerPolicy(ctx, next) {
+		await next();
+		const opts = {
+			...options,
+			...ctx.securityOptions.refererPolicy,
+			...ctx.securityOptions.referrerPolicy
+		};
+		if (checkIfIgnore(opts, ctx)) return;
+		const policy = opts.value;
+		if (!ALLOWED_POLICIES_ENUM.includes(policy)) throw new Error(`"${policy}" is not available.`);
+		ctx.set("referrer-policy", policy);
+	};
 };
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicmVmZXJyZXJQb2xpY3kuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi8uLi9zcmMvbGliL21pZGRsZXdhcmVzL3JlZmVycmVyUG9saWN5LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUdBLE9BQU8sRUFBRSxhQUFhLEVBQUUsTUFBTSxhQUFhLENBQUM7QUFFNUMsNEVBQTRFO0FBQzVFLE1BQU0scUJBQXFCLEdBQUc7SUFDNUIsYUFBYTtJQUNiLDRCQUE0QjtJQUM1QixRQUFRO0lBQ1IsMEJBQTBCO0lBQzFCLGFBQWE7SUFDYixlQUFlO0lBQ2YsaUNBQWlDO0lBQ2pDLFlBQVk7SUFDWixFQUFFO0NBQ0gsQ0FBQztBQUVGLGVBQWUsQ0FBQyxPQUF5QyxFQUFrQixFQUFFO0lBQzNFLE9BQU8sS0FBSyxVQUFVLGNBQWMsQ0FBQyxHQUFHLEVBQUUsSUFBSTtRQUM1QyxNQUFNLElBQUksRUFBRSxDQUFDO1FBRWIsTUFBTSxJQUFJLEdBQUc7WUFDWCxHQUFHLE9BQU87WUFDVixpREFBaUQ7WUFDakQsMEJBQTBCO1lBQzFCLHVJQUF1STtZQUN2SSxHQUFJLEdBQUcsQ0FBQyxlQUF1QixDQUFDLGFBQWE7WUFDN0MsR0FBRyxHQUFHLENBQUMsZUFBZSxDQUFDLGNBQWM7U0FDdEMsQ0FBQztRQUNGLElBQUksYUFBYSxDQUFDLElBQUksRUFBRSxHQUFHLENBQUM7WUFBRSxPQUFPO1FBRXJDLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUM7UUFDMUIsSUFBSSxDQUFDLHFCQUFxQixDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDO1lBQzVDLE1BQU0sSUFBSSxLQUFLLENBQUMsSUFBSSxNQUFNLHFCQUFxQixDQUFDLENBQUM7UUFDbkQsQ0FBQztRQUVELEdBQUcsQ0FBQyxHQUFHLENBQUMsaUJBQWlCLEVBQUUsTUFBTSxDQUFDLENBQUM7SUFDckMsQ0FBQyxDQUFDO0FBQ0osQ0FBQyxDQUFDIn0=
+
+//#endregion
+export { referrerPolicy_default as default };

package/dist/lib/middlewares/xframe.d.ts

@@ -1,4 +1,7 @@
-import type { MiddlewareFunc } from 'egg';
-import type { SecurityConfig } from '../../config/config.default.ts';
+import { SecurityConfig } from "../../config/config.default.js";
+import { MiddlewareFunc } from "egg";
+
+//#region src/lib/middlewares/xframe.d.ts
 declare const _default: (options: SecurityConfig["xframe"]) => MiddlewareFunc;
-export default _default;
+//#endregion
+export { _default as default };

package/dist/lib/middlewares/xframe.js

@@ -1,17 +1,18 @@
 import { checkIfIgnore } from "../utils.js";
-export default (options) => {
-    return async function xframe(ctx, next) {
-        await next();
-        const opts = {
-            ...options,
-            ...ctx.securityOptions.xframe,
-        };
-        if (checkIfIgnore(opts, ctx))
-            return;
-        // DENY, SAMEORIGIN, ALLOW-FROM
-        // https://developer.mozilla.org/en-US/docs/HTTP/X-Frame-Options?redirectlocale=en-US&redirectslug=The_X-FRAME-OPTIONS_response_header
-        const value = opts.value || 'SAMEORIGIN';
-        ctx.set('x-frame-options', value);
-    };
+
+//#region src/lib/middlewares/xframe.ts
+var xframe_default = (options) => {
+	return async function xframe(ctx, next) {
+		await next();
+		const opts = {
+			...options,
+			...ctx.securityOptions.xframe
+		};
+		if (checkIfIgnore(opts, ctx)) return;
+		const value = opts.value || "SAMEORIGIN";
+		ctx.set("x-frame-options", value);
+	};
 };
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoieGZyYW1lLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vc3JjL2xpYi9taWRkbGV3YXJlcy94ZnJhbWUudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBR0EsT0FBTyxFQUFFLGFBQWEsRUFBRSxNQUFNLGFBQWEsQ0FBQztBQUU1QyxlQUFlLENBQUMsT0FBaUMsRUFBa0IsRUFBRTtJQUNuRSxPQUFPLEtBQUssVUFBVSxNQUFNLENBQUMsR0FBRyxFQUFFLElBQUk7UUFDcEMsTUFBTSxJQUFJLEVBQUUsQ0FBQztRQUViLE1BQU0sSUFBSSxHQUFHO1lBQ1gsR0FBRyxPQUFPO1lBQ1YsR0FBRyxHQUFHLENBQUMsZUFBZSxDQUFDLE1BQU07U0FDOUIsQ0FBQztRQUNGLElBQUksYUFBYSxDQUFDLElBQUksRUFBRSxHQUFHLENBQUM7WUFBRSxPQUFPO1FBRXJDLCtCQUErQjtRQUMvQixzSUFBc0k7UUFDdEksTUFBTSxLQUFLLEdBQUcsSUFBSSxDQUFDLEtBQUssSUFBSSxZQUFZLENBQUM7UUFDekMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxpQkFBaUIsRUFBRSxLQUFLLENBQUMsQ0FBQztJQUNwQyxDQUFDLENBQUM7QUFDSixDQUFDLENBQUMifQ==
+
+//#endregion
+export { xframe_default as default };

package/dist/lib/middlewares/xssProtection.d.ts

@@ -1,4 +1,7 @@
-import type { MiddlewareFunc } from 'egg';
-import type { SecurityConfig } from '../../config/config.default.ts';
+import { SecurityConfig } from "../../config/config.default.js";
+import { MiddlewareFunc } from "egg";
+
+//#region src/lib/middlewares/xssProtection.d.ts
 declare const _default: (options: SecurityConfig["xssProtection"]) => MiddlewareFunc;
-export default _default;
+//#endregion
+export { _default as default };

package/dist/lib/middlewares/xssProtection.js

@@ -1,14 +1,17 @@
 import { checkIfIgnore } from "../utils.js";
-export default (options) => {
-    return async function xssProtection(ctx, next) {
-        await next();
-        const opts = {
-            ...options,
-            ...ctx.securityOptions.xssProtection,
-        };
-        if (checkIfIgnore(opts, ctx))
-            return;
-        ctx.set('x-xss-protection', opts.value);
-    };
+
+//#region src/lib/middlewares/xssProtection.ts
+var xssProtection_default = (options) => {
+	return async function xssProtection(ctx, next) {
+		await next();
+		const opts = {
+			...options,
+			...ctx.securityOptions.xssProtection
+		};
+		if (checkIfIgnore(opts, ctx)) return;
+		ctx.set("x-xss-protection", opts.value);
+	};
 };
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoieHNzUHJvdGVjdGlvbi5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3NyYy9saWIvbWlkZGxld2FyZXMveHNzUHJvdGVjdGlvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFHQSxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sYUFBYSxDQUFDO0FBRTVDLGVBQWUsQ0FBQyxPQUF3QyxFQUFrQixFQUFFO0lBQzFFLE9BQU8sS0FBSyxVQUFVLGFBQWEsQ0FBQyxHQUFHLEVBQUUsSUFBSTtRQUMzQyxNQUFNLElBQUksRUFBRSxDQUFDO1FBRWIsTUFBTSxJQUFJLEdBQUc7WUFDWCxHQUFHLE9BQU87WUFDVixHQUFHLEdBQUcsQ0FBQyxlQUFlLENBQUMsYUFBYTtTQUNyQyxDQUFDO1FBQ0YsSUFBSSxhQUFhLENBQUMsSUFBSSxFQUFFLEdBQUcsQ0FBQztZQUFFLE9BQU87UUFFckMsR0FBRyxDQUFDLEdBQUcsQ0FBQyxrQkFBa0IsRUFBRSxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUM7SUFDMUMsQ0FBQyxDQUFDO0FBQ0osQ0FBQyxDQUFDIn0=
+
+//#endregion
+export { xssProtection_default as default };

package/dist/lib/utils.d.ts

@@ -1,19 +1,24 @@
-import type { PathMatchingFun } from '@eggjs/path-matching';
-import type { Context } from 'egg';
-import type { SecurityConfig } from '../config/config.default.ts';
+import { SecurityConfig } from "../config/config.default.js";
+import { Context } from "egg";
+import { PathMatchingFun } from "@eggjs/path-matching";
+
+//#region src/lib/utils.d.ts
+
 /**
- * Check whether a domain is in the safe domain white list or not.
- * @param {String} domain The inputted domain.
- * @param {Array<string>} whiteList The white list for domain.
- * @return {Boolean} If the `domain` is in the white list, return true; otherwise false.
- */
-export declare function isSafeDomain(domain: string, whiteList: string[]): boolean;
-export declare function isSafePath(path: string, ctx: Context): boolean;
-export declare function checkIfIgnore(opts: {
-    enable: boolean;
-    matching?: PathMatchingFun;
+* Check whether a domain is in the safe domain white list or not.
+* @param {String} domain The inputted domain.
+* @param {Array<string>} whiteList The white list for domain.
+* @return {Boolean} If the `domain` is in the white list, return true; otherwise false.
+*/
+declare function isSafeDomain(domain: string, whiteList: string[]): boolean;
+declare function isSafePath(path: string, ctx: Context): boolean;
+declare function checkIfIgnore(opts: {
+  enable: boolean;
+  matching?: PathMatchingFun;
 }, ctx: Context): boolean;
-export declare function getCookieDomain(hostname: string): string;
-export declare function merge(origin: Record<string, any>, opts?: Record<string, any>): Record<string, any>;
-export declare function preprocessConfig(config: SecurityConfig): void;
-export declare function getFromUrl(url: string, prop: string): string | null;
+declare function getCookieDomain(hostname: string): string;
+declare function merge(origin: Record<string, any>, opts?: Record<string, any>): Record<string, any>;
+declare function preprocessConfig(config: SecurityConfig): void;
+declare function getFromUrl(url: string, prop: string): string | null;
+//#endregion
+export { checkIfIgnore, getCookieDomain, getFromUrl, isSafeDomain, isSafePath, merge, preprocessConfig };

package/dist/lib/utils.js

@@ -1,192 +1,127 @@
-import { normalize } from 'node:path';
-import IP from '@eggjs/ip';
-import matcher from 'matcher';
+import { normalize } from "node:path";
+import IP from "@eggjs/ip";
+import matcher from "matcher";
+
+//#region src/lib/utils.ts
 /**
- * Check whether a domain is in the safe domain white list or not.
- * @param {String} domain The inputted domain.
- * @param {Array<string>} whiteList The white list for domain.
- * @return {Boolean} If the `domain` is in the white list, return true; otherwise false.
- */
-export function isSafeDomain(domain, whiteList) {
-    // domain must be string, otherwise return false
-    if (typeof domain !== 'string')
-        return false;
-    // Ignore case sensitive first
-    domain = domain.toLowerCase();
-    // add prefix `.`, because all domains in white list start with `.`
-    const hostname = '.' + domain;
-    return whiteList.some((rule) => {
-        // Check whether we've got '*' as a wild character symbol
-        if (rule.includes('*')) {
-            return matcher.isMatch(domain, rule);
-        }
-        // If domain is an absolute path such as `http://...`
-        // We can directly check whether it directly equals to `domain`
-        // And we don't need to cope with `endWith`.
-        if (domain === rule)
-            return true;
-        // ensure wwweggjs.com not match eggjs.com
-        if (!rule.startsWith('.'))
-            rule = `.${rule}`;
-        return hostname.endsWith(rule);
-    });
+* Check whether a domain is in the safe domain white list or not.
+* @param {String} domain The inputted domain.
+* @param {Array<string>} whiteList The white list for domain.
+* @return {Boolean} If the `domain` is in the white list, return true; otherwise false.
+*/
+function isSafeDomain(domain, whiteList) {
+	if (typeof domain !== "string") return false;
+	domain = domain.toLowerCase();
+	const hostname = "." + domain;
+	return whiteList.some((rule) => {
+		if (rule.includes("*")) return matcher.isMatch(domain, rule);
+		if (domain === rule) return true;
+		if (!rule.startsWith(".")) rule = `.${rule}`;
+		return hostname.endsWith(rule);
+	});
 }
-export function isSafePath(path, ctx) {
-    path = '.' + path;
-    if (path.includes('%')) {
-        try {
-            path = decodeURIComponent(path);
-        }
-        catch {
-            if (ctx.app.config.env === 'local' || ctx.app.config.env === 'unittest') {
-                // not under production environment, output log
-                ctx.coreLogger.warn('[@eggjs/security: dta global block] : decode file path %j failed.', path);
-            }
-        }
-    }
-    const normalizePath = normalize(path);
-    return !(normalizePath.startsWith('../') || normalizePath.startsWith('..\\'));
+function isSafePath(path, ctx) {
+	path = "." + path;
+	if (path.includes("%")) try {
+		path = decodeURIComponent(path);
+	} catch {
+		if (ctx.app.config.env === "local" || ctx.app.config.env === "unittest") ctx.coreLogger.warn("[@eggjs/security: dta global block] : decode file path %j failed.", path);
+	}
+	const normalizePath = normalize(path);
+	return !(normalizePath.startsWith("../") || normalizePath.startsWith("..\\"));
 }
-export function checkIfIgnore(opts, ctx) {
-    // check opts.enable first
-    if (!opts.enable)
-        return true;
-    return !opts.matching?.(ctx);
+function checkIfIgnore(opts, ctx) {
+	if (!opts.enable) return true;
+	return !opts.matching?.(ctx);
 }
 const IP_RE = /^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/;
 const topDomains = {};
-['.net.cn', '.gov.cn', '.org.cn', '.com.cn'].forEach((item) => {
-    topDomains[item] = 2 - item.split('.').length;
+[
+	".net.cn",
+	".gov.cn",
+	".org.cn",
+	".com.cn"
+].forEach((item) => {
+	topDomains[item] = 2 - item.split(".").length;
 });
-export function getCookieDomain(hostname) {
-    // TODO(fengmk2): support ipv6
-    if (IP_RE.test(hostname)) {
-        return hostname;
-    }
-    // app.test.domain.com => .test.domain.com
-    // app.stable.domain.com => .domain.com
-    // app.domain.com => .domain.com
-    // domain=.domain.com;
-    const splits = hostname.split('.');
-    let index = -2;
-    // only when `*.test.*.com` set `.test.*.com`
-    if (splits.length >= 4 && splits[splits.length - 3] === 'test') {
-        index = -3;
-    }
-    let domain = getDomain(splits, index);
-    if (topDomains[domain]) {
-        // app.foo.org.cn => .foo.org.cn
-        domain = getDomain(splits, index + topDomains[domain]);
-    }
-    return domain;
+function getCookieDomain(hostname) {
+	if (IP_RE.test(hostname)) return hostname;
+	const splits = hostname.split(".");
+	let index = -2;
+	if (splits.length >= 4 && splits[splits.length - 3] === "test") index = -3;
+	let domain = getDomain(splits, index);
+	if (topDomains[domain]) domain = getDomain(splits, index + topDomains[domain]);
+	return domain;
 }
 function getDomain(splits, index) {
-    return '.' + splits.slice(index).join('.');
+	return "." + splits.slice(index).join(".");
 }
-export function merge(origin, opts) {
-    if (!opts) {
-        return origin;
-    }
-    const res = {};
-    const originKeys = Object.keys(origin);
-    for (let i = 0; i < originKeys.length; i++) {
-        const key = originKeys[i];
-        res[key] = origin[key];
-    }
-    const keys = Object.keys(opts);
-    for (let i = 0; i < keys.length; i++) {
-        const key = keys[i];
-        res[key] = opts[key];
-    }
-    return res;
+function merge(origin, opts) {
+	if (!opts) return origin;
+	const res = {};
+	const originKeys = Object.keys(origin);
+	for (let i = 0; i < originKeys.length; i++) {
+		const key = originKeys[i];
+		res[key] = origin[key];
+	}
+	const keys = Object.keys(opts);
+	for (let i = 0; i < keys.length; i++) {
+		const key = keys[i];
+		res[key] = opts[key];
+	}
+	return res;
 }
-export function preprocessConfig(config) {
-    // transfer ssrf.ipBlackList to ssrf.checkAddress
-    // ssrf.ipExceptionList can easily pick out unwanted ips from ipBlackList
-    // checkAddress has higher priority than ipBlackList
-    const ssrf = config.ssrf;
-    if (ssrf && ssrf.ipBlackList && !ssrf.checkAddress) {
-        const blackList = ssrf.ipBlackList.map(getContains);
-        const exceptionList = (ssrf.ipExceptionList || []).map(getContains);
-        const hostnameExceptionList = ssrf.hostnameExceptionList;
-        ssrf.checkAddress = (ipAddresses, _family, hostname) => {
-            // Check white hostname first
-            if (hostname && hostnameExceptionList) {
-                if (hostnameExceptionList.includes(hostname)) {
-                    return true;
-                }
-            }
-            // ipAddresses will be array address on Node.js >= 20
-            // [
-            //   { address: '220.181.125.241', family: 4 },
-            //   { address: '240e:964:ea02:b00:3::3ec', family: 6 }
-            // ]
-            if (!Array.isArray(ipAddresses)) {
-                ipAddresses = [ipAddresses];
-            }
-            for (const ipAddress of ipAddresses) {
-                let address;
-                if (typeof ipAddress === 'string') {
-                    address = ipAddress;
-                }
-                else {
-                    // FIXME: should support ipv6
-                    if (ipAddress.family === 6) {
-                        continue;
-                    }
-                    address = ipAddress.address;
-                }
-                // check white list first
-                for (const exception of exceptionList) {
-                    if (exception(address)) {
-                        return true;
-                    }
-                }
-                // check black list
-                for (const contains of blackList) {
-                    if (contains(address)) {
-                        return false;
-                    }
-                }
-            }
-            // default allow
-            return true;
-        };
-    }
-    // Make sure that `whiteList` or `protocolWhiteList` is case insensitive
-    config.domainWhiteList = config.domainWhiteList || [];
-    config.domainWhiteList = config.domainWhiteList.map((domain) => domain.toLowerCase());
-    config.protocolWhiteList = config.protocolWhiteList || [];
-    config.protocolWhiteList = config.protocolWhiteList.map((protocol) => protocol.toLowerCase());
-    // Make sure refererWhiteList is case insensitive
-    if (config.csrf && config.csrf.refererWhiteList) {
-        config.csrf.refererWhiteList = config.csrf.refererWhiteList.map((ref) => ref.toLowerCase());
-    }
-    // Directly converted to Set collection by a private property (not documented),
-    // And we NO LONGER need to do conversion in `foreach` again and again in `lib/helper/surl.ts`.
-    const protocolWhiteListSet = new Set(config.protocolWhiteList);
-    protocolWhiteListSet.add('http');
-    protocolWhiteListSet.add('https');
-    protocolWhiteListSet.add('file');
-    protocolWhiteListSet.add('data');
-    Object.defineProperty(config, '__protocolWhiteListSet', {
-        value: protocolWhiteListSet,
-        enumerable: false,
-    });
+function preprocessConfig(config) {
+	const ssrf = config.ssrf;
+	if (ssrf && ssrf.ipBlackList && !ssrf.checkAddress) {
+		const blackList = ssrf.ipBlackList.map(getContains);
+		const exceptionList = (ssrf.ipExceptionList || []).map(getContains);
+		const hostnameExceptionList = ssrf.hostnameExceptionList;
+		ssrf.checkAddress = (ipAddresses, _family, hostname) => {
+			if (hostname && hostnameExceptionList) {
+				if (hostnameExceptionList.includes(hostname)) return true;
+			}
+			if (!Array.isArray(ipAddresses)) ipAddresses = [ipAddresses];
+			for (const ipAddress of ipAddresses) {
+				let address;
+				if (typeof ipAddress === "string") address = ipAddress;
+				else {
+					if (ipAddress.family === 6) continue;
+					address = ipAddress.address;
+				}
+				for (const exception of exceptionList) if (exception(address)) return true;
+				for (const contains of blackList) if (contains(address)) return false;
+			}
+			return true;
+		};
+	}
+	config.domainWhiteList = config.domainWhiteList || [];
+	config.domainWhiteList = config.domainWhiteList.map((domain) => domain.toLowerCase());
+	config.protocolWhiteList = config.protocolWhiteList || [];
+	config.protocolWhiteList = config.protocolWhiteList.map((protocol) => protocol.toLowerCase());
+	if (config.csrf && config.csrf.refererWhiteList) config.csrf.refererWhiteList = config.csrf.refererWhiteList.map((ref) => ref.toLowerCase());
+	const protocolWhiteListSet = new Set(config.protocolWhiteList);
+	protocolWhiteListSet.add("http");
+	protocolWhiteListSet.add("https");
+	protocolWhiteListSet.add("file");
+	protocolWhiteListSet.add("data");
+	Object.defineProperty(config, "__protocolWhiteListSet", {
+		value: protocolWhiteListSet,
+		enumerable: false
+	});
 }
-export function getFromUrl(url, prop) {
-    try {
-        const parsed = new URL(url);
-        return Reflect.get(parsed, prop);
-    }
-    catch {
-        return null;
-    }
+function getFromUrl(url, prop) {
+	try {
+		const parsed = new URL(url);
+		return Reflect.get(parsed, prop);
+	} catch {
+		return null;
+	}
 }
 function getContains(ip) {
-    if (IP.isV4Format(ip) || IP.isV6Format(ip)) {
-        return (address) => address === ip;
-    }
-    return IP.cidrSubnet(ip).contains;
+	if (IP.isV4Format(ip) || IP.isV6Format(ip)) return (address) => address === ip;
+	return IP.cidrSubnet(ip).contains;
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidXRpbHMuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvbGliL3V0aWxzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBLE9BQU8sRUFBRSxTQUFTLEVBQUUsTUFBTSxXQUFXLENBQUM7QUFFdEMsT0FBTyxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBRzNCLE9BQU8sT0FBTyxNQUFNLFNBQVMsQ0FBQztBQUk5Qjs7Ozs7R0FLRztBQUNILE1BQU0sVUFBVSxZQUFZLENBQUMsTUFBYyxFQUFFLFNBQW1CO0lBQzlELGdEQUFnRDtJQUNoRCxJQUFJLE9BQU8sTUFBTSxLQUFLLFFBQVE7UUFBRSxPQUFPLEtBQUssQ0FBQztJQUM3Qyw4QkFBOEI7SUFDOUIsTUFBTSxHQUFHLE1BQU0sQ0FBQyxXQUFXLEVBQUUsQ0FBQztJQUM5QixtRUFBbUU7SUFDbkUsTUFBTSxRQUFRLEdBQUcsR0FBRyxHQUFHLE1BQU0sQ0FBQztJQUU5QixPQUFPLFNBQVMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRTtRQUM3Qix5REFBeUQ7UUFDekQsSUFBSSxJQUFJLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDdkIsT0FBTyxPQUFPLENBQUMsT0FBTyxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUMsQ0FBQztRQUN2QyxDQUFDO1FBQ0QscURBQXFEO1FBQ3JELCtEQUErRDtRQUMvRCw0Q0FBNEM7UUFDNUMsSUFBSSxNQUFNLEtBQUssSUFBSTtZQUFFLE9BQU8sSUFBSSxDQUFDO1FBQ2pDLDBDQUEwQztRQUMxQyxJQUFJLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxHQUFHLENBQUM7WUFBRSxJQUFJLEdBQUcsSUFBSSxJQUFJLEVBQUUsQ0FBQztRQUM3QyxPQUFPLFFBQVEsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDakMsQ0FBQyxDQUFDLENBQUM7QUFDTCxDQUFDO0FBRUQsTUFBTSxVQUFVLFVBQVUsQ0FBQyxJQUFZLEVBQUUsR0FBWTtJQUNuRCxJQUFJLEdBQUcsR0FBRyxHQUFHLElBQUksQ0FBQztJQUNsQixJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQztRQUN2QixJQUFJLENBQUM7WUFDSCxJQUFJLEdBQUcsa0JBQWtCLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDbEMsQ0FBQztRQUFDLE1BQU0sQ0FBQztZQUNQLElBQUksR0FBRyxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsR0FBRyxLQUFLLE9BQU8sSUFBSSxHQUFHLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxHQUFHLEtBQUssVUFBVSxFQUFFLENBQUM7Z0JBQ3hFLCtDQUErQztnQkFDL0MsR0FBRyxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsbUVBQW1FLEVBQUUsSUFBSSxDQUFDLENBQUM7WUFDakcsQ0FBQztRQUNILENBQUM7SUFDSCxDQUFDO0lBQ0QsTUFBTSxhQUFhLEdBQUcsU0FBUyxDQUFDLElBQUksQ0FBQyxDQUFDO0lBQ3RDLE9BQU8sQ0FBQyxDQUFDLGFBQWEsQ0FBQyxVQUFVLENBQUMsS0FBSyxDQUFDLElBQUksYUFBYSxDQUFDLFVBQVUsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDO0FBQ2hGLENBQUM7QUFFRCxNQUFNLFVBQVUsYUFBYSxDQUFDLElBQXFELEVBQUUsR0FBWTtJQUMvRiwwQkFBMEI7SUFDMUIsSUFBSSxDQUFDLElBQUksQ0FBQyxNQUFNO1FBQUUsT0FBTyxJQUFJLENBQUM7SUFDOUIsT0FBTyxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsQ0FBQyxHQUFHLENBQUMsQ0FBQztBQUMvQixDQUFDO0FBRUQsTUFBTSxLQUFLLEdBQUcsc0NBQXNDLENBQUM7QUFDckQsTUFBTSxVQUFVLEdBQTJCLEVBQUUsQ0FBQztBQUM5QyxDQUFDLFNBQVMsRUFBRSxTQUFTLEVBQUUsU0FBUyxFQUFFLFNBQVMsQ0FBQyxDQUFDLE9BQU8sQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFO0lBQzVELFVBQVUsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLEdBQUcsSUFBSSxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxNQUFNLENBQUM7QUFDaEQsQ0FBQyxDQUFDLENBQUM7QUFFSCxNQUFNLFVBQVUsZUFBZSxDQUFDLFFBQWdCO0lBQzlDLDhCQUE4QjtJQUM5QixJQUFJLEtBQUssQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQztRQUN6QixPQUFPLFFBQVEsQ0FBQztJQUNsQixDQUFDO0lBQ0QsMENBQTBDO0lBQzFDLHVDQUF1QztJQUN2QyxnQ0FBZ0M7SUFDaEMsc0JBQXNCO0lBQ3RCLE1BQU0sTUFBTSxHQUFHLFFBQVEsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7SUFDbkMsSUFBSSxLQUFLLEdBQUcsQ0FBQyxDQUFDLENBQUM7SUFFZiw2Q0FBNkM7SUFDN0MsSUFBSSxNQUFNLENBQUMsTUFBTSxJQUFJLENBQUMsSUFBSSxNQUFNLENBQUMsTUFBTSxDQUFDLE1BQU0sR0FBRyxDQUFDLENBQUMsS0FBSyxNQUFNLEVBQUUsQ0FBQztRQUMvRCxLQUFLLEdBQUcsQ0FBQyxDQUFDLENBQUM7SUFDYixDQUFDO0lBQ0QsSUFBSSxNQUFNLEdBQUcsU0FBUyxDQUFDLE1BQU0sRUFBRSxLQUFLLENBQUMsQ0FBQztJQUN0QyxJQUFJLFVBQVUsQ0FBQyxNQUFNLENBQUMsRUFBRSxDQUFDO1FBQ3ZCLGdDQUFnQztRQUNoQyxNQUFNLEdBQUcsU0FBUyxDQUFDLE1BQU0sRUFBRSxLQUFLLEdBQUcsVUFBVSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUM7SUFDekQsQ0FBQztJQUNELE9BQU8sTUFBTSxDQUFDO0FBQ2hCLENBQUM7QUFFRCxTQUFTLFNBQVMsQ0FBQyxNQUFnQixFQUFFLEtBQWE7SUFDaEQsT0FBTyxHQUFHLEdBQUcsTUFBTSxDQUFDLEtBQUssQ0FBQyxLQUFLLENBQUMsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7QUFDN0MsQ0FBQztBQUVELE1BQU0sVUFBVSxLQUFLLENBQUMsTUFBMkIsRUFBRSxJQUEwQjtJQUMzRSxJQUFJLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDVixPQUFPLE1BQU0sQ0FBQztJQUNoQixDQUFDO0lBQ0QsTUFBTSxHQUFHLEdBQXdCLEVBQUUsQ0FBQztJQUVwQyxNQUFNLFVBQVUsR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBQ3ZDLEtBQUssSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsR0FBRyxVQUFVLENBQUMsTUFBTSxFQUFFLENBQUMsRUFBRSxFQUFFLENBQUM7UUFDM0MsTUFBTSxHQUFHLEdBQUcsVUFBVSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBQzFCLEdBQUcsQ0FBQyxHQUFHLENBQUMsR0FBRyxNQUFNLENBQUMsR0FBRyxDQUFDLENBQUM7SUFDekIsQ0FBQztJQUVELE1BQU0sSUFBSSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDL0IsS0FBSyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxHQUFHLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQyxFQUFFLEVBQUUsQ0FBQztRQUNyQyxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDcEIsR0FBRyxDQUFDLEdBQUcsQ0FBQyxHQUFHLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztJQUN2QixDQUFDO0lBQ0QsT0FBTyxHQUFHLENBQUM7QUFDYixDQUFDO0FBRUQsTUFBTSxVQUFVLGdCQUFnQixDQUFDLE1BQXNCO0lBQ3JELGlEQUFpRDtJQUNqRCx5RUFBeUU7SUFDekUsb0RBQW9EO0lBQ3BELE1BQU0sSUFBSSxHQUFHLE1BQU0sQ0FBQyxJQUFJLENBQUM7SUFDekIsSUFBSSxJQUFJLElBQUksSUFBSSxDQUFDLFdBQVcsSUFBSSxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztRQUNuRCxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsV0FBVyxDQUFDLEdBQUcsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUNwRCxNQUFNLGFBQWEsR0FBRyxDQUFDLElBQUksQ0FBQyxlQUFlLElBQUksRUFBRSxDQUFDLENBQUMsR0FBRyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBQ3BFLE1BQU0scUJBQXFCLEdBQUcsSUFBSSxDQUFDLHFCQUFxQixDQUFDO1FBQ3pELElBQUksQ0FBQyxZQUFZLEdBQUcsQ0FDbEIsV0FBZ0UsRUFDaEUsT0FBd0IsRUFDeEIsUUFBZ0IsRUFDUCxFQUFFO1lBQ1gsNkJBQTZCO1lBQzdCLElBQUksUUFBUSxJQUFJLHFCQUFxQixFQUFFLENBQUM7Z0JBQ3RDLElBQUkscUJBQXFCLENBQUMsUUFBUSxDQUFDLFFBQVEsQ0FBQyxFQUFFLENBQUM7b0JBQzdDLE9BQU8sSUFBSSxDQUFDO2dCQUNkLENBQUM7WUFDSCxDQUFDO1lBQ0QscURBQXFEO1lBQ3JELElBQUk7WUFDSiwrQ0FBK0M7WUFDL0MsdURBQXVEO1lBQ3ZELElBQUk7WUFDSixJQUFJLENBQUMsS0FBSyxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsRUFBRSxDQUFDO2dCQUNoQyxXQUFXLEdBQUcsQ0FBQyxXQUFXLENBQUMsQ0FBQztZQUM5QixDQUFDO1lBQ0QsS0FBSyxNQUFNLFNBQVMsSUFBSSxXQUFXLEVBQUUsQ0FBQztnQkFDcEMsSUFBSSxPQUFlLENBQUM7Z0JBQ3BCLElBQUksT0FBTyxTQUFTLEtBQUssUUFBUSxFQUFFLENBQUM7b0JBQ2xDLE9BQU8sR0FBRyxTQUFTLENBQUM7Z0JBQ3RCLENBQUM7cUJBQU0sQ0FBQztvQkFDTiw2QkFBNkI7b0JBQzdCLElBQUksU0FBUyxDQUFDLE1BQU0sS0FBSyxDQUFDLEVBQUUsQ0FBQzt3QkFDM0IsU0FBUztvQkFDWCxDQUFDO29CQUNELE9BQU8sR0FBRyxTQUFTLENBQUMsT0FBTyxDQUFDO2dCQUM5QixDQUFDO2dCQUNELHlCQUF5QjtnQkFDekIsS0FBSyxNQUFNLFNBQVMsSUFBSSxhQUFhLEVBQUUsQ0FBQztvQkFDdEMsSUFBSSxTQUFTLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQzt3QkFDdkIsT0FBTyxJQUFJLENBQUM7b0JBQ2QsQ0FBQztnQkFDSCxDQUFDO2dCQUNELG1CQUFtQjtnQkFDbkIsS0FBSyxNQUFNLFFBQVEsSUFBSSxTQUFTLEVBQUUsQ0FBQztvQkFDakMsSUFBSSxRQUFRLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQzt3QkFDdEIsT0FBTyxLQUFLLENBQUM7b0JBQ2YsQ0FBQztnQkFDSCxDQUFDO1lBQ0gsQ0FBQztZQUNELGdCQUFnQjtZQUNoQixPQUFPLElBQUksQ0FBQztRQUNkLENBQUMsQ0FBQztJQUNKLENBQUM7SUFFRCx3RUFBd0U7SUFDeEUsTUFBTSxDQUFDLGVBQWUsR0FBRyxNQUFNLENBQUMsZUFBZSxJQUFJLEVBQUUsQ0FBQztJQUN0RCxNQUFNLENBQUMsZUFBZSxHQUFHLE1BQU0sQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLENBQUMsTUFBYyxFQUFFLEVBQUUsQ0FBQyxNQUFNLENBQUMsV0FBVyxFQUFFLENBQUMsQ0FBQztJQUU5RixNQUFNLENBQUMsaUJBQWlCLEdBQUcsTUFBTSxDQUFDLGlCQUFpQixJQUFJLEVBQUUsQ0FBQztJQUMxRCxNQUFNLENBQUMsaUJBQWlCLEdBQUcsTUFBTSxDQUFDLGlCQUFpQixDQUFDLEdBQUcsQ0FBQyxDQUFDLFFBQWdCLEVBQUUsRUFBRSxDQUFDLFFBQVEsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxDQUFDO0lBRXRHLGlEQUFpRDtJQUNqRCxJQUFJLE1BQU0sQ0FBQyxJQUFJLElBQUksTUFBTSxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxDQUFDO1FBQ2hELE1BQU0sQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLEdBQUcsTUFBTSxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsQ0FBQyxHQUFHLENBQUMsQ0FBQyxHQUFXLEVBQUUsRUFBRSxDQUFDLEdBQUcsQ0FBQyxXQUFXLEVBQUUsQ0FBQyxDQUFDO0lBQ3RHLENBQUM7SUFFRCwrRUFBK0U7SUFDL0UsK0ZBQStGO0lBQy9GLE1BQU0sb0JBQW9CLEdBQUcsSUFBSSxHQUFHLENBQUMsTUFBTSxDQUFDLGlCQUFpQixDQUFDLENBQUM7SUFDL0Qsb0JBQW9CLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBQ2pDLG9CQUFvQixDQUFDLEdBQUcsQ0FBQyxPQUFPLENBQUMsQ0FBQztJQUNsQyxvQkFBb0IsQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLENBQUM7SUFDakMsb0JBQW9CLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxDQUFDO0lBRWpDLE1BQU0sQ0FBQyxjQUFjLENBQUMsTUFBTSxFQUFFLHdCQUF3QixFQUFFO1FBQ3RELEtBQUssRUFBRSxvQkFBb0I7UUFDM0IsVUFBVSxFQUFFLEtBQUs7S0FDbEIsQ0FBQyxDQUFDO0FBQ0wsQ0FBQztBQUVELE1BQU0sVUFBVSxVQUFVLENBQUMsR0FBVyxFQUFFLElBQVk7SUFDbEQsSUFBSSxDQUFDO1FBQ0gsTUFBTSxNQUFNLEdBQUcsSUFBSSxHQUFHLENBQUMsR0FBRyxDQUFDLENBQUM7UUFDNUIsT0FBTyxPQUFPLENBQUMsR0FBRyxDQUFDLE1BQU0sRUFBRSxJQUFJLENBQUMsQ0FBQztJQUNuQyxDQUFDO0lBQUMsTUFBTSxDQUFDO1FBQ1AsT0FBTyxJQUFJLENBQUM7SUFDZCxDQUFDO0FBQ0gsQ0FBQztBQUVELFNBQVMsV0FBVyxDQUFDLEVBQVU7SUFDN0IsSUFBSSxFQUFFLENBQUMsVUFBVSxDQUFDLEVBQUUsQ0FBQyxJQUFJLEVBQUUsQ0FBQyxVQUFVLENBQUMsRUFBRSxDQUFDLEVBQUUsQ0FBQztRQUMzQyxPQUFPLENBQUMsT0FBZSxFQUFFLEVBQUUsQ0FBQyxPQUFPLEtBQUssRUFBRSxDQUFDO0lBQzdDLENBQUM7SUFDRCxPQUFPLEVBQUUsQ0FBQyxVQUFVLENBQUMsRUFBRSxDQUFDLENBQUMsUUFBUSxDQUFDO0FBQ3BDLENBQUMifQ==
+
+//#endregion
+export { checkIfIgnore, getCookieDomain, getFromUrl, isSafeDomain, isSafePath, merge, preprocessConfig };