@floegence/flowersec-core 0.19.0 → 0.19.2

package/dist/controlplane/request.js

@@ -13,6 +13,13 @@ export class ControlplaneRequestError extends Error {
 }
 export const DEFAULT_CONNECT_ARTIFACT_PATH = "/v1/connect/artifact";
 export const DEFAULT_ENTRY_CONNECT_ARTIFACT_PATH = "/v1/connect/artifact/entry";
+const DEFAULT_MAX_CONTROLPLANE_RESPONSE_BYTES = 1 << 20;
+class ControlplaneResponseTooLargeError extends Error {
+    constructor(maxBytes) {
+        super(`controlplane response exceeded ${maxBytes} bytes`);
+        this.name = "ControlplaneResponseTooLargeError";
+    }
+}
 function resolveFetch(fetchImpl) {
     if (fetchImpl)
         return fetchImpl;
@@ -37,6 +44,46 @@ function parseMaybeJSON(bodyText) {
         return trimmed;
     }
 }
+function parseContentLength(headerValue) {
+    const raw = String(headerValue ?? "").trim();
+    if (raw === "")
+        return null;
+    if (!/^[0-9]+$/.test(raw))
+        return null;
+    const parsed = Number(raw);
+    if (!Number.isSafeInteger(parsed) || parsed < 0)
+        return null;
+    return parsed;
+}
+async function readControlplaneText(response, maxBytes) {
+    const contentLength = parseContentLength(response.headers.get("Content-Length"));
+    if (contentLength !== null && contentLength > maxBytes) {
+        throw new ControlplaneResponseTooLargeError(maxBytes);
+    }
+    if (!response.body) {
+        return "";
+    }
+    const reader = response.body.getReader();
+    const decoder = new TextDecoder();
+    let totalBytes = 0;
+    let text = "";
+    while (true) {
+        const chunk = await reader.read();
+        if (chunk.done)
+            break;
+        totalBytes += chunk.value.byteLength;
+        if (totalBytes > maxBytes) {
+            try {
+                await reader.cancel();
+            }
+            catch { }
+            throw new ControlplaneResponseTooLargeError(maxBytes);
+        }
+        text += decoder.decode(chunk.value, { stream: true });
+    }
+    text += decoder.decode();
+    return text;
+}
 function decodeErrorMessage(status, responseBody) {
     let message = `controlplane request failed: ${status}`;
     let code = "";
@@ -61,7 +108,19 @@ export async function requestControlplaneJSON(url, init) {
         ...init,
         cache: "no-store",
     });
-    const rawBody = await response.text();
+    let rawBody = "";
+    try {
+        rawBody = await readControlplaneText(response, DEFAULT_MAX_CONTROLPLANE_RESPONSE_BYTES);
+    }
+    catch (err) {
+        if (err instanceof ControlplaneResponseTooLargeError && !response.ok) {
+            throw new ControlplaneRequestError({
+                status: response.status,
+                message: err.message,
+            });
+        }
+        throw err;
+    }
     const responseBody = parseMaybeJSON(rawBody);
     if (!response.ok) {
         const error = decodeErrorMessage(response.status, responseBody);

package/dist/proxy/cookieJar.d.ts

@@ -1,6 +1,7 @@
 export declare class CookieJar {
     private readonly cookies;
-    setCookie(setCookieHeader: string): void;
-    updateFromSetCookieHeaders(headers: readonly string[]): void;
+    private nextCreatedAtSeq;
+    setCookie(setCookieHeader: string, requestPath?: string): void;
+    updateFromSetCookieHeaders(headers: readonly string[], requestPath?: string): void;
     getCookieHeader(path: string): string;
 }

package/dist/proxy/cookieJar.js

@@ -11,9 +11,54 @@ function parseCookieNameValue(s) {
         return null;
     return { name, value };
 }
+function cookieStorageKey(name, path) {
+    return `${name}\u0000${path}`;
+}
+function requestPathOnly(path) {
+    const raw = path.trim();
+    if (!raw.startsWith("/"))
+        return "/";
+    const q = raw.indexOf("?");
+    const out = q >= 0 ? raw.slice(0, q) : raw;
+    return out === "" ? "/" : out;
+}
+function defaultCookiePathFromRequestPath(requestPath) {
+    const path = requestPathOnly(requestPath);
+    if (path === "/")
+        return "/";
+    const lastSlash = path.lastIndexOf("/");
+    if (lastSlash <= 0)
+        return "/";
+    return path.slice(0, lastSlash);
+}
+function normalizeCookiePath(pathAttr, requestPath) {
+    const path = pathAttr?.trim() ?? "";
+    if (path === "" || !path.startsWith("/"))
+        return defaultCookiePathFromRequestPath(requestPath);
+    return path;
+}
+function pathMatchesCookiePath(requestPath, cookiePath) {
+    const path = requestPathOnly(requestPath);
+    if (cookiePath === "/")
+        return true;
+    if (path === cookiePath)
+        return true;
+    if (!path.startsWith(cookiePath))
+        return false;
+    if (cookiePath.endsWith("/"))
+        return true;
+    return path.charAt(cookiePath.length) === "/";
+}
+function compareCookiesForHeader(a, b) {
+    const pathLenDiff = b.path.length - a.path.length;
+    if (pathLenDiff !== 0)
+        return pathLenDiff;
+    return a.createdAtSeq - b.createdAtSeq;
+}
 export class CookieJar {
     cookies = new Map();
-    setCookie(setCookieHeader) {
+    nextCreatedAtSeq = 0;
+    setCookie(setCookieHeader, requestPath = "/") {
         const raw = setCookieHeader.trim();
         if (raw === "")
             return;
@@ -23,15 +68,16 @@ export class CookieJar {
         const nv = parseCookieNameValue(parts[0] ?? "");
         if (nv == null)
             return;
-        let path = "/";
+        let pathAttr;
         let expiresAtMs;
+        let maxAgeSeen = false;
         for (let i = 1; i < parts.length; i++) {
             const p = parts[i];
             const lower = p.toLowerCase();
             if (lower.startsWith("path=")) {
                 const v = p.slice("path=".length).trim();
                 if (v !== "")
-                    path = v;
+                    pathAttr = v;
                 continue;
             }
             if (lower.startsWith("max-age=")) {
@@ -39,14 +85,13 @@ export class CookieJar {
                 const n = Number.parseInt(v, 10);
                 if (!Number.isFinite(n))
                     continue;
-                if (n <= 0) {
-                    this.cookies.delete(nv.name);
-                    return;
-                }
-                expiresAtMs = nowMs() + n * 1000;
+                maxAgeSeen = true;
+                expiresAtMs = n <= 0 ? 0 : nowMs() + n * 1000;
                 continue;
             }
             if (lower.startsWith("expires=")) {
+                if (maxAgeSeen)
+                    continue;
                 const v = p.slice("expires=".length).trim();
                 const t = Date.parse(v);
                 if (!Number.isFinite(t))
@@ -55,34 +100,37 @@ export class CookieJar {
                 continue;
             }
         }
-        // Expired via Expires.
+        const path = normalizeCookiePath(pathAttr, requestPath);
+        const key = cookieStorageKey(nv.name, path);
         if (expiresAtMs != null && expiresAtMs <= nowMs()) {
-            this.cookies.delete(nv.name);
+            this.cookies.delete(key);
             return;
         }
+        const createdAtSeq = this.cookies.get(key)?.createdAtSeq ?? this.nextCreatedAtSeq++;
         if (expiresAtMs == null) {
-            this.cookies.set(nv.name, { name: nv.name, value: nv.value, path });
+            this.cookies.set(key, { name: nv.name, value: nv.value, path, createdAtSeq });
         }
         else {
-            this.cookies.set(nv.name, { name: nv.name, value: nv.value, path, expiresAtMs });
+            this.cookies.set(key, { name: nv.name, value: nv.value, path, expiresAtMs, createdAtSeq });
         }
     }
-    updateFromSetCookieHeaders(headers) {
+    updateFromSetCookieHeaders(headers, requestPath = "/") {
         for (const h of headers)
-            this.setCookie(h);
+            this.setCookie(h, requestPath);
     }
     getCookieHeader(path) {
         const now = nowMs();
-        const pairs = [];
-        for (const c of this.cookies.values()) {
+        const matched = [];
+        for (const [key, c] of this.cookies.entries()) {
             if (c.expiresAtMs != null && c.expiresAtMs <= now) {
-                this.cookies.delete(c.name);
+                this.cookies.delete(key);
                 continue;
             }
-            if (c.path !== "/" && !path.startsWith(c.path))
+            if (!pathMatchesCookiePath(path, c.path))
                 continue;
-            pairs.push(`${c.name}=${c.value}`);
+            matched.push(c);
         }
-        return pairs.join("; ");
+        matched.sort(compareCookiesForHeader);
+        return matched.map((c) => `${c.name}=${c.value}`).join("; ");
     }
 }

package/dist/proxy/integration.js

@@ -1,7 +1,7 @@
 import { profileToPresetManifest } from "./profiles.js";
 import { resolveProxyPreset } from "./preset.js";
 import { registerServiceWorkerAndEnsureControl } from "./registerServiceWorker.js";
-import { createProxyRuntime } from "./runtime.js";
+import { createProxyRuntime, ensureServiceWorkerRuntimeRegistered } from "./runtime.js";
 import { createProxyServiceWorkerScript } from "./serviceWorker.js";
 function dedupeStrings(values) {
     const out = [];
@@ -252,6 +252,7 @@ export async function registerProxyIntegration(input) {
         maxRepairAttempts,
         controllerTimeoutMs,
     });
+    await ensureServiceWorkerRuntimeRegistered({ timeoutMs: controllerTimeoutMs });
     if (expectedScriptPathSuffix !== "") {
         const ok = await waitForControllerSuffix(expectedScriptPathSuffix, controllerTimeoutMs);
         if (!ok) {

package/dist/proxy/runtime.d.ts

@@ -7,6 +7,7 @@ type ProxyFetchReq = Readonly<{
     method: string;
     path: string;
     headers: readonly Header[];
+    external_origin?: string;
     body?: ArrayBuffer;
 }>;
 export type ProxyRuntimeLimits = Readonly<{
@@ -39,5 +40,9 @@ export type ProxyRuntimeOptions = Readonly<{
     extraWsHeaders?: readonly string[];
     cookieJar?: CookieJar;
 }>;
+export type EnsureServiceWorkerRuntimeRegisteredOptions = Readonly<{
+    timeoutMs?: number;
+}>;
 export declare function createProxyRuntime(opts: ProxyRuntimeOptions): ProxyRuntime;
+export declare function ensureServiceWorkerRuntimeRegistered(opts?: EnsureServiceWorkerRuntimeRegisteredOptions): Promise<void>;
 export {};

package/dist/proxy/runtime.js

@@ -38,6 +38,27 @@ function normalizeTimeoutMs(timeoutMs) {
         throw new Error("timeout_ms must be >= 0");
     return v;
 }
+function normalizeExternalOrigin(externalOriginRaw) {
+    if (typeof externalOriginRaw !== "string")
+        return undefined;
+    const externalOrigin = externalOriginRaw.trim();
+    if (externalOrigin === "")
+        return undefined;
+    let parsed;
+    try {
+        parsed = new URL(externalOrigin);
+    }
+    catch {
+        throw new Error("external_origin must be an http(s) origin");
+    }
+    if ((parsed.protocol !== "http:" && parsed.protocol !== "https:") || parsed.host === "") {
+        throw new Error("external_origin must be an http(s) origin");
+    }
+    if (parsed.username !== "" || parsed.password !== "" || (parsed.pathname !== "" && parsed.pathname !== "/") || parsed.search !== "" || parsed.hash !== "") {
+        throw new Error("external_origin must be an origin without credentials, path, query, or fragment");
+    }
+    return parsed.origin;
+}
 function normalizeMaxBytes(name, v, defaultValue) {
     if (v == null)
         return defaultValue;
@@ -97,13 +118,9 @@ export function createProxyRuntime(opts) {
     const extraResponseHeaders = opts.extraResponseHeaders ?? [];
     const extraWsHeaders = opts.extraWsHeaders ?? [];
     const registerRuntime = () => {
-        try {
-            const ctl = globalThis.navigator?.serviceWorker?.controller;
-            ctl?.postMessage({ type: "flowersec-proxy:register-runtime" });
-        }
-        catch {
-            // Best-effort: runtime can still work if SW picks it via matchAll().
-        }
+        void ensureServiceWorkerRuntimeRegistered({ timeoutMs: 2_000 }).catch(() => {
+            // Best-effort: controllerchange will retry once the active Service Worker is ready.
+        });
     };
     const onMessage = (ev) => {
         const data = ev.data;
@@ -134,6 +151,7 @@ export function createProxyRuntime(opts) {
             try {
                 const path = pathOnly(req.path);
                 const requestID = req.id.trim() !== "" ? req.id : randomB64u(18);
+                const externalOrigin = normalizeExternalOrigin(req.external_origin);
                 stream = await client.openStream(PROXY_KIND_HTTP1, { signal: ac.signal });
                 const reader = createByteReader(stream, { signal: ac.signal });
                 const filteredReqHeaders = filterRequestHeaders(req.headers, { extraAllowed: extraRequestHeaders });
@@ -145,6 +163,7 @@ export function createProxyRuntime(opts) {
                     method: req.method,
                     path,
                     headers: reqHeaders,
+                    ...(externalOrigin === undefined ? {} : { external_origin: externalOrigin }),
                     timeout_ms: timeoutMs
                 });
                 const body = req.body != null ? new Uint8Array(req.body) : new Uint8Array();
@@ -168,7 +187,7 @@ export function createProxyRuntime(opts) {
                 const status = Math.max(0, Math.floor(respMeta.status ?? 502));
                 const rawHeaders = Array.isArray(respMeta.headers) ? respMeta.headers : [];
                 const { passthrough, setCookie } = filterResponseHeaders(rawHeaders, { extraAllowed: extraResponseHeaders });
-                cookieJar.updateFromSetCookieHeaders(setCookie);
+                cookieJar.updateFromSetCookieHeaders(setCookie, path);
                 port.postMessage({ type: "flowersec-proxy:response_meta", status, headers: passthrough });
                 const chunks = await readChunkFrames(reader, maxChunkBytes, maxBodyBytes);
                 for await (const chunk of chunks) {
@@ -237,3 +256,60 @@ export function createProxyRuntime(opts) {
         }
     };
 }
+export async function ensureServiceWorkerRuntimeRegistered(opts = {}) {
+    const ctl = globalThis.navigator?.serviceWorker?.controller;
+    if (!ctl || typeof ctl.postMessage !== "function")
+        return;
+    const timeoutMs = Math.max(0, Math.floor(opts.timeoutMs ?? 2_000));
+    const ch = new MessageChannel();
+    await new Promise((resolve, reject) => {
+        let done = false;
+        let timer = null;
+        const finish = (error) => {
+            if (done)
+                return;
+            done = true;
+            if (timer != null)
+                clearTimeout(timer);
+            ch.port1.onmessage = null;
+            ch.port1.onmessageerror = null;
+            try {
+                ch.port1.close();
+            }
+            catch {
+                // Best-effort.
+            }
+            if (error == null) {
+                resolve();
+                return;
+            }
+            reject(error instanceof Error ? error : new Error(String(error)));
+        };
+        ch.port1.onmessage = (ev) => {
+            const data = ev.data;
+            if (data == null || typeof data !== "object")
+                return;
+            if (data.type !== "flowersec-proxy:register-runtime-ack")
+                return;
+            if (data.ok !== true) {
+                finish(new Error("service worker runtime registration was rejected"));
+                return;
+            }
+            finish();
+        };
+        ch.port1.onmessageerror = () => {
+            finish(new Error("service worker runtime registration failed"));
+        };
+        if (timeoutMs > 0) {
+            timer = setTimeout(() => {
+                finish(new Error("service worker runtime registration timed out"));
+            }, timeoutMs);
+        }
+        try {
+            ctl.postMessage({ type: "flowersec-proxy:register-runtime" }, [ch.port2]);
+        }
+        catch (error) {
+            finish(error);
+        }
+    });
+}

package/dist/proxy/serviceWorker.js

@@ -159,6 +159,7 @@ self.addEventListener("install", (event) => {
 });
 
 self.addEventListener("activate", (event) => {
+  runtimeClientId = null;
   event.waitUntil(self.clients.claim());
 });
 
@@ -167,7 +168,13 @@ self.addEventListener("message", (event) => {
   if (!data || typeof data !== "object") return;
   const msgType = typeof data.type === "string" ? data.type : "";
   if (msgType === "flowersec-proxy:register-runtime") {
-    if (event.source && typeof event.source.id === "string") runtimeClientId = event.source.id;
+    const ok = Boolean(event.source && typeof event.source.id === "string");
+    if (ok) runtimeClientId = event.source.id;
+    const port = event.ports && event.ports[0];
+    if (port) {
+      try { port.postMessage({ type: "flowersec-proxy:register-runtime-ack", ok }); } catch {}
+      try { port.close(); } catch {}
+    }
     return;
   }
   if (!FORWARD_FETCH_MESSAGE_TYPES.has(msgType)) return;
@@ -207,16 +214,10 @@ async function getWindowClient(preferredClientId) {
     return cs.length > 0 ? cs[0] : null;
   }
 
-  if (runtimeClientId) {
-    const c = await self.clients.get(runtimeClientId);
-    if (c) return c;
-    runtimeClientId = null;
-  }
-  const cs = await self.clients.matchAll({ type: "window", includeUncontrolled: true });
-  if (cs.length > 0) {
-    runtimeClientId = cs[0].id;
-    return cs[0];
-  }
+  if (!runtimeClientId) return null;
+  const c = await self.clients.get(runtimeClientId);
+  if (c) return c;
+  runtimeClientId = null;
   return null;
 }
 
@@ -367,6 +368,7 @@ async function handleFetch(event) {
     const req = event.request;
     const url = new URL(req.url);
     const id = Math.random().toString(16).slice(2) + Date.now().toString(16);
+    const externalOrigin = url.origin === self.location.origin ? url.origin : "";
 
     let body;
     if (req.method === "GET" || req.method === "HEAD") {
@@ -488,7 +490,14 @@ async function handleFetch(event) {
 
     target.postMessage({
       type: WINDOW_CLIENT_MESSAGE_TYPE,
-      req: { id, method: req.method, path, headers: headersToPairs(req.headers), body }
+      req: {
+        id,
+        method: req.method,
+        path,
+        headers: headersToPairs(req.headers),
+        ...(externalOrigin ? { external_origin: externalOrigin } : {}),
+        body
+      }
     }, [port2]);
 
     const meta = await metaPromise;

package/dist/proxy/types.d.ts

@@ -12,6 +12,7 @@ export type HttpRequestMetaV1 = Readonly<{
     method: string;
     path: string;
     headers: Header[];
+    external_origin?: string;
     timeout_ms?: number;
 }>;
 export type HttpResponseMetaV1 = Readonly<{

package/dist/proxy/windowBridgeProtocol.d.ts

@@ -13,6 +13,7 @@ export type ProxyWindowFetchRequest = Readonly<{
     method: string;
     path: string;
     headers: readonly Header[];
+    external_origin?: string;
     body?: ArrayBuffer;
 }>;
 export type ProxyWindowFetchForwardMsg = Readonly<{

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@floegence/flowersec-core",
-  "version": "0.19.0",
+  "version": "0.19.2",
   "description": "Flowersec core TypeScript library (browser-friendly E2EE + multiplexing over WebSocket).",
   "license": "MIT",
   "repository": {