@hyperspan/framework 1.0.0-alpha.7 → 1.0.0-alpha.9

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hyperspan/framework",
-  "version": "1.0.0-alpha.7",
+  "version": "1.0.0-alpha.9",
   "description": "Hyperspan Web Framework",
   "main": "src/server.ts",
   "types": "src/server.ts",

package/src/actions.test.ts

@@ -1,92 +1,33 @@
 import { test, expect, describe } from 'bun:test';
-import { formDataToJSON, createAction } from './actions';
+import { createAction } from './actions';
 import { html, render, type HSHtml } from '@hyperspan/html';
 import { createContext } from './server';
 import type { Hyperspan as HS } from './types';
 import * as z from 'zod/v4';
 
-describe('formDataToJSON', () => {
-  test('formDataToJSON returns empty object for empty FormData', () => {
-    const formData = new FormData();
-    const result = formDataToJSON(formData);
-
-    expect(result).toEqual({});
-  });
-
-  test('formDataToJSON handles simple FormData object', () => {
-    const formData = new FormData();
-    formData.append('name', 'John Doe');
-    formData.append('email', 'john@example.com');
-    formData.append('age', '30');
-
-    const result = formDataToJSON(formData);
-
-    expect(result).toEqual({
-      name: 'John Doe',
-      email: 'john@example.com',
-      age: '30',
-    });
-  });
-
-  test('formDataToJSON handles complex FormData with nested fields', () => {
-    const formData = new FormData();
-    formData.append('user[firstName]', 'John');
-    formData.append('user[lastName]', 'Doe');
-    formData.append('user[email]', 'john@example.com');
-    formData.append('user[address][street]', '123 Main St');
-    formData.append('user[address][city]', 'New York');
-    formData.append('user[address][zip]', '10001');
-
-    const result = formDataToJSON(formData);
-
-    expect(result).toEqual({
-      user: {
-        firstName: 'John',
-        lastName: 'Doe',
-        email: 'john@example.com',
-        address: {
-          street: '123 Main St',
-          city: 'New York',
-          zip: '10001',
-        },
-      },
-    } as any);
-  });
-
-  test('formDataToJSON handles FormData with array of values', () => {
-    const formData = new FormData();
-    formData.append('tags', 'javascript');
-    formData.append('tags', 'typescript');
-    formData.append('tags', 'nodejs');
-    formData.append('colors[]', 'red');
-    formData.append('colors[]', 'green');
-    formData.append('colors[]', 'blue');
-
-    const result = formDataToJSON(formData);
-
-    expect(result).toEqual({
-      tags: ['javascript', 'typescript', 'nodejs'],
-      colors: ['red', 'green', 'blue'],
-    });
-  });
-});
-
 describe('createAction', () => {
   test('creates an action with a simple form and no schema', async () => {
     const action = createAction({
-      form: (c: HS.Context) => {
-        return html`
+      name: 'test',
+      schema: z.object({
+        name: z.string().min(1, 'Name is required'),
+      }),
+    }).form((c) => {
+      return html`
           <form>
             <input type="text" name="name" />
             <button type="submit">Submit</button>
           </form>
         `;
-      },
+    }).post(async (c, { data }) => {
+      return c.res.html(`
+          <p>Hello, ${data?.name}!</p>
+        `);
     });
 
     expect(action).toBeDefined();
     expect(action._kind).toBe('hsAction');
-    expect(action._route).toContain('/__actions/');
+    expect(action._path()).toContain('/__actions/');
 
     // Test render method
     const request = new Request('http://localhost:3000/');
@@ -106,17 +47,17 @@ describe('createAction', () => {
     });
 
     const action = createAction({
+      name: 'test',
       schema,
-      form: (c: HS.Context, { data }) => {
-        return html`
+    }).form((c, { data }) => {
+      return html`
           <form>
-            <input type="text" name="name" value="${data?.name || ''}" />
-            <input type="email" name="email" value="${data?.email || ''}" />
+            <input type="text" name="name" />
+            <input type="email" name="email" />
             <button type="submit">Submit</button>
           </form>
         `;
-      },
-    }).post(async (c: HS.Context, { data }) => {
+    }).post(async (c, { data }) => {
       return c.res.html(`
         <p>Hello, ${data?.name}!</p>
         <p>Your email is ${data?.email}.</p>
@@ -125,7 +66,7 @@ describe('createAction', () => {
 
     expect(action).toBeDefined();
     expect(action._kind).toBe('hsAction');
-    expect(action._route).toContain('/__actions/');
+    expect(action._path()).toContain('/__actions/');
 
     // Test render method
     const request = new Request('http://localhost:3000/');
@@ -142,7 +83,7 @@ describe('createAction', () => {
     formData.append('name', 'John Doe');
     formData.append('email', 'john@example.com');
 
-    const postRequest = new Request(`http://localhost:3000${action._route}`, {
+    const postRequest = new Request(`http://localhost:3000${action._path()}`, {
       method: 'POST',
       body: formData,
     });
@@ -163,9 +104,10 @@ describe('createAction', () => {
     });
 
     const action = createAction({
+      name: 'test',
       schema,
-      form: (c: HS.Context, { data, error }) => {
-        return html`
+    }).form((c, { data, error }) => {
+      return html`
           <form>
             <input type="text" name="name" value="${data?.name || ''}" />
             ${error ? html`<div class="error">Validation failed</div>` : ''}
@@ -173,8 +115,7 @@ describe('createAction', () => {
             <button type="submit">Submit</button>
           </form>
         `;
-      },
-    }).post(async (c: HS.Context, { data }) => {
+    }).post(async (c, { data }) => {
       return c.res.html(`
         <p>Hello, ${data?.name}!</p>
         <p>Your email is ${data?.email}.</p>

package/src/cookies.ts

@@ -0,0 +1,234 @@
+import type { Hyperspan as HS } from './types';
+
+const REGEXP_PAIR_SPLIT = /; */;
+
+/**
+ * RegExp to match field-content in RFC 7230 sec 3.2
+ *
+ * field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ]
+ * field-vchar   = VCHAR / obs-text
+ * obs-text      = %x80-FF
+ */
+
+const REGEXP_FIELD_CONTENT = /^[\u0009\u0020-\u007e\u0080-\u00ff]+$/;
+
+/**
+ * Cookie parsing and serialization
+ */
+export class Cookies implements HS.Cookies {
+  _req: Request;
+  _responseHeaders: HS.Cookies['_responseHeaders'];
+  _parsedCookies: HS.Cookies['_parsedCookies'] = {};
+  _encrypt: HS.Cookies['_encrypt'];
+  _decrypt: HS.Cookies['_decrypt'];
+  constructor(req: Request, responseHeaders: HS.Cookies['_responseHeaders'] = undefined) {
+    this._req = req;
+    this._responseHeaders = responseHeaders;
+    this._parsedCookies = parse(req.headers.get('Cookie') || '');
+  }
+
+  get(name: string): string | undefined {
+    const value = this._parsedCookies[name];
+    if (value && this._decrypt) {
+      return this._decrypt(value);
+    }
+    return value;
+  }
+
+  set(name: string, value: string, options?: HS.CookieOptions) {
+    if (!this._responseHeaders) {
+      throw new Error('Set cookies in the response object. Cookies can only be read from the request object.');
+    }
+    if (this._encrypt) {
+      value = this._encrypt(value);
+    }
+    this._responseHeaders.set('Set-Cookie', serialize(name, value, options));
+  }
+
+  delete(name: string) {
+    this.set(name, '', { expires: new Date(0) });
+  }
+
+  /**
+   * Set the encoder and decoder functions for the cookies and re-parse the cookie header
+   */
+  setEncryption(encrypt: HS.Cookies['_encrypt'], decrypt: HS.Cookies['_decrypt']) {
+    this._encrypt = encrypt;
+    this._decrypt = decrypt;
+    this._parsedCookies = parse(this._req.headers.get('Cookie') || '');
+  }
+}
+
+/*!
+ * cookie
+ * @source https://github.com/jkohrman/cookie-parse/blob/master/index.js
+ * Copyright(c) 2012-2014 Roman Shtylman
+ * Copyright(c) 2015 Douglas Christopher Wilson
+ * Copyright(c) 2016 Jeff Kohrman
+ * MIT Licensed
+ */
+
+/**
+ * Parse a cookie header.
+ *
+ * Parse the given cookie header string into an object
+ * The object has the various cookies as keys(names) => values
+ *
+ * @param {string} str
+ * @param {object} [options]
+ * @return {object}
+ * @public
+ */
+
+function parse(str: string): Record<string, string | any | undefined> {
+  if (typeof str !== 'string') {
+    throw new TypeError('argument str must be a string');
+  }
+
+  const obj = {}
+  const pairs = str.split(REGEXP_PAIR_SPLIT);
+
+  for (let i = 0; i < pairs.length; i++) {
+    const pair = pairs[i];
+    let eq_idx = pair.indexOf('=');
+
+    // set true for things that don't look like key=value
+    let key;
+    let val;
+    if (eq_idx < 0) {
+      key = pair.trim();
+      val = 'true';
+    } else {
+      key = pair.substring(0, eq_idx).trim()
+      val = pair.substring(eq_idx + 1, eq_idx + 1 + pair.length).trim();
+    };
+
+    // quoted values
+    if ('"' == val[0]) {
+      val = val.slice(1, -1);
+    }
+
+    // only assign once
+    // @ts-ignore
+    if (undefined == obj[key]) {
+      // @ts-ignore
+      obj[key] = tryDecode(val, decodeURIComponent);
+    }
+  }
+
+  return obj;
+}
+
+/**
+ * Serialize data into a cookie header.
+ *
+ * Serialize the a name value pair into a cookie string suitable for
+ * http headers. An optional options object specified cookie parameters.
+ *
+ * serialize('foo', 'bar', { httpOnly: true })
+ *   => "foo=bar; httpOnly"
+ *
+ * @param {string} name
+ * @param {string} val
+ * @param {object} [options]
+ * @return {string}
+ * @public
+ */
+type SerializeOptions = {
+  encrypt?: (str: string) => string;
+  maxAge?: number;
+  domain?: string;
+  path?: string;
+  expires?: Date;
+  httpOnly?: boolean;
+  secure?: boolean;
+  sameSite?: 'lax' | 'strict' | true;
+};
+function serialize(name: string, val: string, options: SerializeOptions = {}) {
+  const opt = options || {};
+
+  if (!REGEXP_FIELD_CONTENT.test(name)) {
+    throw new TypeError('argument name is invalid');
+  }
+
+  let value = encodeURIComponent(val);
+
+  if (value && !REGEXP_FIELD_CONTENT.test(value)) {
+    throw new TypeError('argument val is invalid');
+  }
+
+  let str = name + '=' + value;
+
+  if (null != opt.maxAge) {
+    const maxAge = opt.maxAge - 0;
+    if (isNaN(maxAge)) throw new Error('maxAge should be a Number');
+    str += '; Max-Age=' + Math.floor(maxAge);
+  }
+
+  if (opt.domain) {
+    if (!REGEXP_FIELD_CONTENT.test(opt.domain)) {
+      throw new TypeError('option domain is invalid');
+    }
+
+    str += '; Domain=' + opt.domain;
+  }
+
+  if (opt.path) {
+    if (!REGEXP_FIELD_CONTENT.test(opt.path)) {
+      throw new TypeError('option path is invalid');
+    }
+
+    str += '; Path=' + opt.path;
+  }
+
+  if (opt.expires) {
+    if (typeof opt.expires.toUTCString !== 'function') {
+      throw new TypeError('option expires must be a Date object');
+    }
+
+    str += '; Expires=' + opt.expires.toUTCString();
+  }
+
+  if (opt.httpOnly) {
+    str += '; HttpOnly';
+  }
+
+  if (opt.secure) {
+    str += '; Secure';
+  }
+
+  if (opt.sameSite) {
+    const sameSite = typeof opt.sameSite === 'string'
+      ? opt.sameSite.toLowerCase() : opt.sameSite;
+
+    switch (sameSite) {
+      case true:
+      case 'strict':
+        str += '; SameSite=Strict';
+        break;
+      case 'lax':
+        str += '; SameSite=Lax';
+        break;
+      default:
+        throw new TypeError('option sameSite is invalid');
+    }
+  }
+
+  return str;
+}
+
+/**
+ * Try decoding a string using a decoding function.
+ *
+ * @param {string} str
+ * @param {function} decode
+ * @private
+ */
+
+function tryDecode(str: string, decode: (str: string) => string) {
+  try {
+    return decode(str);
+  } catch (e) {
+    return str;
+  }
+}

package/src/index.ts

@@ -1,2 +1,2 @@
-export { createConfig, createContext, createRoute, createServer, getRunnableRoute, StreamResponse, IS_PROD } from './server';
+export { createConfig, createContext, createRoute, createServer, getRunnableRoute, StreamResponse, IS_PROD, HTTPException } from './server';
 export type { Hyperspan } from './types';

package/src/server.test.ts

@@ -1,5 +1,5 @@
 import { test, expect } from 'bun:test';
-import { createRoute, createServer } from './server';
+import { createRoute, createServer, createContext } from './server';
 import type { Hyperspan as HS } from './types';
 
 test('route fetch() returns a Response', async () => {
@@ -89,3 +89,124 @@ test('returns 405 when route path matches but HTTP method does not', async () =>
   const text = await response.text();
   expect(text).toContain('Method not allowed');
 });
+
+test('createContext() can get and set cookies', () => {
+  // Create a request with cookies in the Cookie header
+  const request = new Request('http://localhost:3000/', {
+    headers: {
+      'Cookie': 'sessionId=abc123; theme=dark; userId=42',
+    },
+  });
+
+  // Create context from the request
+  const context = createContext(request);
+
+  // Test reading cookies from request
+  expect(context.req.cookies.get('sessionId')).toBe('abc123');
+  expect(context.req.cookies.get('theme')).toBe('dark');
+  expect(context.req.cookies.get('userId')).toBe('42');
+  expect(context.req.cookies.get('nonExistent')).toBeUndefined();
+
+  // Test setting a simple cookie in response
+  context.res.cookies.set('newCookie', 'newValue');
+  let setCookieHeader = context.res.headers.get('Set-Cookie');
+  expect(setCookieHeader).toBeTruthy();
+  expect(setCookieHeader).toContain('newCookie=newValue');
+
+  // Test setting a cookie with options (this will overwrite the previous Set-Cookie header)
+  context.res.cookies.set('secureCookie', 'secureValue', {
+    httpOnly: true,
+    secure: true,
+    sameSite: 'strict',
+    maxAge: 3600,
+  });
+
+  // Verify Set-Cookie header contains the last cookie set
+  setCookieHeader = context.res.headers.get('Set-Cookie');
+  expect(setCookieHeader).toBeTruthy();
+  expect(setCookieHeader).toContain('secureCookie=secureValue');
+  expect(setCookieHeader).toContain('HttpOnly');
+  expect(setCookieHeader).toContain('Secure');
+  expect(setCookieHeader).toContain('SameSite=Strict');
+  expect(setCookieHeader).toContain('Max-Age=3600');
+
+  // Verify the previous cookie was overwritten
+  expect(setCookieHeader).not.toContain('newCookie=newValue');
+
+  // Test deleting a cookie
+  context.res.cookies.delete('sessionId');
+  setCookieHeader = context.res.headers.get('Set-Cookie');
+  expect(setCookieHeader).toBeTruthy();
+  if (setCookieHeader) {
+    expect(setCookieHeader).toContain('sessionId=');
+    expect(setCookieHeader).toContain('Expires=');
+    // Verify it's set to expire in the past (deleted)
+    const expiresMatch = setCookieHeader.match(/Expires=([^;]+)/);
+    expect(expiresMatch).toBeTruthy();
+    if (expiresMatch) {
+      const expiresDate = new Date(expiresMatch[1]);
+      expect(expiresDate.getTime()).toBeLessThanOrEqual(new Date(0).getTime());
+    }
+  }
+});
+
+test('createContext() merge() function preserves custom headers when using response methods', () => {
+  // Create a request
+  const request = new Request('http://localhost:3000/');
+
+  // Create context from the request
+  const context = createContext(request);
+
+  // Set custom headers on the context response
+  context.res.headers.set('X-Custom-Header', 'custom-value');
+  context.res.headers.set('X-Another-Header', 'another-value');
+  context.res.headers.set('Authorization', 'Bearer token123');
+
+  // Use html() method which should merge headers
+  const response = context.res.html('<h1>Test</h1>');
+
+  // Verify the response has both the custom headers and the Content-Type header
+  expect(response.headers.get('X-Custom-Header')).toBe('custom-value');
+  expect(response.headers.get('X-Another-Header')).toBe('another-value');
+  expect(response.headers.get('Authorization')).toBe('Bearer token123');
+  expect(response.headers.get('Content-Type')).toBe('text/html; charset=UTF-8');
+
+  // Verify response body is correct
+  expect(response.status).toBe(200);
+});
+
+test('createContext() merge() function preserves custom headers with json() method', () => {
+  const request = new Request('http://localhost:3000/');
+  const context = createContext(request);
+
+  // Set custom headers
+  context.res.headers.set('X-API-Version', 'v1');
+  context.res.headers.set('X-Request-ID', 'req-123');
+
+  // Use json() method
+  const response = context.res.json({ message: 'Hello' });
+
+  // Verify headers are merged
+  expect(response.headers.get('X-API-Version')).toBe('v1');
+  expect(response.headers.get('X-Request-ID')).toBe('req-123');
+  expect(response.headers.get('Content-Type')).toBe('application/json');
+});
+
+test('createContext() merge() function allows response headers to override context headers', () => {
+  const request = new Request('http://localhost:3000/');
+  const context = createContext(request);
+
+  // Set a header on context
+  context.res.headers.set('X-Header', 'context-value');
+
+  // Use html() with options that include the same header (should override)
+  const response = context.res.html('<h1>Test</h1>', {
+    headers: {
+      'X-Header': 'response-value',
+    },
+  });
+
+  // Response header should override context header
+  expect(response.headers.get('X-Header')).toBe('response-value');
+  expect(response.headers.get('Content-Type')).toBe('text/html; charset=UTF-8');
+});

package/src/server.ts

@@ -1,9 +1,10 @@
 import { HSHtml, html, isHSHtml, renderStream, renderAsync, render } from '@hyperspan/html';
 import { executeMiddleware } from './middleware';
-import type { Hyperspan as HS } from './types';
 import { clientJSPlugin } from './plugins';
 import { parsePath } from './utils';
-export type { HS as Hyperspan };
+import { Cookies } from './cookies';
+
+import type { Hyperspan as HS } from './types';
 
 export const IS_PROD = process.env.NODE_ENV === 'production';
 
@@ -37,6 +38,19 @@ export function createContext(req: Request, route?: HS.Route): HS.Context {
   // @ts-ignore - Bun will put 'params' on the Request object even though it's not standardized
   const params: HS.RouteParamsParser<path> = req?.params || {};
 
+  const merge = (response: Response) => {
+    // Convert headers to plain objects and merge (response headers override context headers)
+    const mergedHeaders = {
+      ...Object.fromEntries(headers.entries()),
+      ...Object.fromEntries(response.headers.entries()),
+    };
+
+    return new Response(response.body, {
+      status: response.status,
+      headers: mergedHeaders,
+    });
+  };
+
   return {
     vars: {},
     route: {
@@ -50,20 +64,23 @@ export function createContext(req: Request, route?: HS.Route): HS.Context {
       method,
       headers,
       query,
+      cookies: new Cookies(req),
       async text() { return req.text() },
       async json<T = unknown>() { return await req.json() as T },
       async formData<T = unknown>() { return await req.formData() as T },
       async urlencoded() { return new URLSearchParams(await req.text()) },
     },
     res: {
-      headers: new Headers(),
+      cookies: new Cookies(req, headers),
+      headers,
       raw: new Response(),
-      html: (html: string, options?: { status?: number; headers?: Headers | Record<string, string> }) => new Response(html, { ...options, headers: { 'Content-Type': 'text/html; charset=UTF-8', ...options?.headers } }),
-      json: (json: any, options?: { status?: number; headers?: Headers | Record<string, string> }) => new Response(JSON.stringify(json), { ...options, headers: { 'Content-Type': 'application/json', ...options?.headers } }),
-      text: (text: string, options?: { status?: number; headers?: Headers | Record<string, string> }) => new Response(text, { ...options, headers: { 'Content-Type': 'text/plain; charset=UTF-8', ...options?.headers } }),
-      redirect: (url: string, options?: { status?: number; headers?: Headers | Record<string, string> }) => new Response(null, { status: 302, headers: { Location: url, ...options?.headers } }),
-      error: (error: Error, options?: { status?: number; headers?: Headers | Record<string, string> }) => new Response(error.message, { status: 500, ...options }),
-      notFound: (options?: { status?: number; headers?: Headers | Record<string, string> }) => new Response('Not Found', { status: 404, ...options }),
+      html: (html: string, options?: { status?: number; headers?: Headers | Record<string, string> }) => merge(new Response(html, { ...options, headers: { 'Content-Type': 'text/html; charset=UTF-8', ...options?.headers } })),
+      json: (json: any, options?: { status?: number; headers?: Headers | Record<string, string> }) => merge(new Response(JSON.stringify(json), { ...options, headers: { 'Content-Type': 'application/json', ...options?.headers } })),
+      text: (text: string, options?: { status?: number; headers?: Headers | Record<string, string> }) => merge(new Response(text, { ...options, headers: { 'Content-Type': 'text/plain; charset=UTF-8', ...options?.headers } })),
+      redirect: (url: string, options?: { status?: number; headers?: Headers | Record<string, string> }) => merge(new Response(null, { status: 302, headers: { Location: url, ...options?.headers } })),
+      error: (error: Error, options?: { status?: number; headers?: Headers | Record<string, string> }) => merge(new Response(error.message, { status: 500, ...options })),
+      notFound: (options?: { status?: number; headers?: Headers | Record<string, string> }) => merge(new Response('Not Found', { status: 404, ...options })),
+      merge,
     },
   };
 }
@@ -79,7 +96,6 @@ export function createRoute(config: HS.RouteConfig = {}): HS.Route {
 
   const api: HS.Route = {
     _kind: 'hsRoute',
-    _name: config.name,
     _config: config,
     _methods: () => Object.keys(_handlers),
     _path() {

package/src/types.ts

@@ -29,6 +29,26 @@ export namespace Hyperspan {
     afterRoutesAdded?: (server: Hyperspan.Server) => void;
   };
 
+  export type CookieOptions = {
+    maxAge?: number;
+    domain?: string;
+    path?: string;
+    expires?: Date;
+    httpOnly?: boolean;
+    secure?: boolean;
+    sameSite?: 'lax' | 'strict' | true;
+  };
+  export type Cookies = {
+    _req: Request;
+    _responseHeaders: Headers | undefined;
+    _parsedCookies: Record<string, any>;
+    _encrypt: ((str: string) => string) | undefined;
+    _decrypt: ((str: string) => string) | undefined;
+    get: (name: string) => string | undefined;
+    set: (name: string, value: string, options?: CookieOptions) => void;
+    delete: (name: string) => void;
+  }
+
   export interface Context {
     vars: Record<string, any>;
     route: {
@@ -42,12 +62,14 @@ export namespace Hyperspan {
       method: string; // Always uppercase
       headers: Headers; // Case-insensitive
       query: URLSearchParams;
+      cookies: Hyperspan.Cookies;
       text: () => Promise<string>;
       json<T = unknown>(): Promise<T>;
-      formData<T = unknown>(): Promise<T>;
+      formData(): Promise<FormData>;
       urlencoded(): Promise<URLSearchParams>;
     };
     res: {
+      cookies: Hyperspan.Cookies;
       headers: Headers; // Headers to merge with final outgoing response
       html: (html: string, options?: { status?: number; headers?: Record<string, string> }) => Response
       json: (json: any, options?: { status?: number; headers?: Record<string, string> }) => Response;
@@ -55,6 +77,7 @@ export namespace Hyperspan {
       redirect: (url: string, options?: { status?: number; headers?: Record<string, string> }) => Response;
       error: (error: Error, options?: { status?: number; headers?: Record<string, string> }) => Response;
       notFound: (options?: { status?: number; headers?: Record<string, string> }) => Response;
+      merge: (response: Response) => Response;
       raw: Response;
     };
   };

package/src/utils.test.ts

@@ -0,0 +1,196 @@
+import { test, expect, describe } from 'bun:test';
+import { formDataToJSON, parsePath } from './utils';
+
+describe('formDataToJSON', () => {
+  test('formDataToJSON returns empty object for empty FormData', () => {
+    const formData = new FormData();
+    const result = formDataToJSON(formData);
+
+    expect(result).toEqual({});
+  });
+
+  test('formDataToJSON handles simple FormData object', () => {
+    const formData = new FormData();
+    formData.append('name', 'John Doe');
+    formData.append('email', 'john@example.com');
+    formData.append('age', '30');
+
+    const result = formDataToJSON(formData);
+
+    expect(result).toEqual({
+      name: 'John Doe',
+      email: 'john@example.com',
+      age: '30',
+    });
+  });
+
+  test('formDataToJSON handles complex FormData with nested fields', () => {
+    const formData = new FormData();
+    formData.append('user[firstName]', 'John');
+    formData.append('user[lastName]', 'Doe');
+    formData.append('user[email]', 'john@example.com');
+    formData.append('user[address][street]', '123 Main St');
+    formData.append('user[address][city]', 'New York');
+    formData.append('user[address][zip]', '10001');
+
+    const result = formDataToJSON(formData);
+
+    expect(result).toEqual({
+      user: {
+        firstName: 'John',
+        lastName: 'Doe',
+        email: 'john@example.com',
+        address: {
+          street: '123 Main St',
+          city: 'New York',
+          zip: '10001',
+        },
+      },
+    } as any);
+  });
+
+  test('formDataToJSON handles FormData with array of values', () => {
+    const formData = new FormData();
+    formData.append('tags', 'javascript');
+    formData.append('tags', 'typescript');
+    formData.append('tags', 'nodejs');
+    formData.append('colors[]', 'red');
+    formData.append('colors[]', 'green');
+    formData.append('colors[]', 'blue');
+
+    const result = formDataToJSON(formData);
+
+    expect(result).toEqual({
+      tags: ['javascript', 'typescript', 'nodejs'],
+      colors: ['red', 'green', 'blue'],
+    });
+  });
+});
+
+describe('parsePath', () => {
+  test('parsePath returns root path for empty string', () => {
+    const result = parsePath('');
+    expect(result.path).toBe('/');
+    expect(result.params).toEqual([]);
+  });
+
+  test('parsePath handles simple path', () => {
+    const result = parsePath('users');
+    expect(result.path).toBe('/users');
+    expect(result.params).toEqual([]);
+  });
+
+  test('parsePath removes leading slash', () => {
+    const result = parsePath('/users');
+    expect(result.path).toBe('/users');
+    expect(result.params).toEqual([]);
+  });
+
+  test('parsePath removes trailing slash', () => {
+    const result = parsePath('users/');
+    expect(result.path).toBe('/users');
+    expect(result.params).toEqual([]);
+  });
+
+  test('parsePath removes both leading and trailing slashes', () => {
+    const result = parsePath('/users/');
+    expect(result.path).toBe('/users');
+    expect(result.params).toEqual([]);
+  });
+
+  test('parsePath handles nested paths', () => {
+    const result = parsePath('users/posts');
+    expect(result.path).toBe('/users/posts');
+    expect(result.params).toEqual([]);
+  });
+
+  test('parsePath lowercases path segments', () => {
+    const result = parsePath('Users/Posts');
+    expect(result.path).toBe('/users/posts');
+    expect(result.params).toEqual([]);
+  });
+
+  test('parsePath removes .ts extension', () => {
+    const result = parsePath('users.ts');
+    expect(result.path).toBe('/users');
+    expect(result.params).toEqual([]);
+  });
+
+  test('parsePath removes .js extension', () => {
+    const result = parsePath('users.js');
+    expect(result.path).toBe('/users');
+    expect(result.params).toEqual([]);
+  });
+
+  test('parsePath removes index from path', () => {
+    const result = parsePath('index');
+    expect(result.path).toBe('/');
+    expect(result.params).toEqual([]);
+  });
+
+  test('parsePath removes index.ts from path', () => {
+    const result = parsePath('index.ts');
+    expect(result.path).toBe('/');
+    expect(result.params).toEqual([]);
+  });
+
+  test('parsePath handles dynamic param with brackets', () => {
+    const result = parsePath('users/[userId]');
+    expect(result.path).toBe('/users/:userId');
+    expect(result.params).toEqual(['userId']);
+  });
+
+  test('parsePath handles multiple dynamic params', () => {
+    const result = parsePath('users/[userId]/posts/[postId]');
+    expect(result.path).toBe('/users/:userId/posts/:postId');
+    expect(result.params).toEqual(['userId', 'postId']);
+  });
+
+  test('parsePath handles catch-all param with spread', () => {
+    const result = parsePath('users/[...slug]');
+    expect(result.path).toBe('/users/*');
+    expect(result.params).toEqual(['slug']);
+  });
+
+  test('parsePath handles catch-all param at root', () => {
+    const result = parsePath('[...slug]');
+    expect(result.path).toBe('/*');
+    expect(result.params).toEqual(['slug']);
+  });
+
+  test('parsePath preserves param names in path but converts format', () => {
+    const result = parsePath('users/[userId]');
+    expect(result.path).toBe('/users/:userId');
+    expect(result.params).toEqual(['userId']);
+    // Param segment should not be lowercased
+    expect(result.path).toContain(':userId');
+  });
+
+  test('parsePath handles complex nested path with params', () => {
+    const result = parsePath('/api/users/[userId]/posts/[postId]/comments');
+    expect(result.path).toBe('/api/users/:userId/posts/:postId/comments');
+    expect(result.params).toEqual(['userId', 'postId']);
+  });
+
+  test('parsePath handles path with dots in param name', () => {
+    const result = parsePath('users/[user.id]');
+    expect(result.path).toBe('/users/:user.id');
+    expect(result.params).toEqual(['user.id']);
+  });
+
+  test('parsePath handles mixed case with params', () => {
+    const result = parsePath('Users/[UserId]/Posts');
+    expect(result.path).toBe('/users/:UserId/posts');
+    expect(result.params).toEqual(['UserId']);
+    // Non-param segments should be lowercased, but param name preserved
+    expect(result.path).toContain('/users/');
+    expect(result.path).toContain('/posts');
+  });
+
+  test('parsePath handles file path format', () => {
+    const result = parsePath('/routes/users/[userId].ts');
+    expect(result.path).toBe('/routes/users/:userId');
+    expect(result.params).toEqual(['userId']);
+  });
+});
+

package/src/utils.ts

@@ -33,7 +33,7 @@ export function parsePath(urlPath: string): { path: string, params: string[] } {
   // Dynamic params
   if (ROUTE_SEGMENT_REGEX.test(urlPath)) {
     urlPath = urlPath.replace(ROUTE_SEGMENT_REGEX, (match: string) => {
-      const paramName = match.replace(/[^a-zA-Z_\.]+/g, '');
+      const paramName = match.replace(/[^a-zA-Z_\.]+/g, '').replace('...', '');
       params.push(paramName);
 
       if (match.includes('...')) {