@kassol/mcp-searxng 1.0.3-custom.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 IS
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,255 @@
+# SearXNG MCP Server
+
+An [MCP server](https://modelcontextprotocol.io/introduction) that integrates the [SearXNG](https://docs.searxng.org) API, giving AI assistants web search capabilities.
+
+This fork is published as `@kassol/mcp-searxng` and includes support for custom outgoing headers via `SEARXNG_HEADERS` and `URL_READER_HEADERS`.
+
+[![https://nodei.co/npm/mcp-searxng.png?downloads=true&downloadRank=true&stars=true](https://nodei.co/npm/mcp-searxng.png?downloads=true&downloadRank=true&stars=true)](https://www.npmjs.com/package/mcp-searxng)
+
+[![https://badgen.net/docker/pulls/isokoliuk/mcp-searxng](https://badgen.net/docker/pulls/isokoliuk/mcp-searxng)](https://hub.docker.com/r/isokoliuk/mcp-searxng)
+
+<a href="https://glama.ai/mcp/servers/0j7jjyt7m9"><img width="380" height="200" src="https://glama.ai/mcp/servers/0j7jjyt7m9/badge" alt="SearXNG Server MCP server" /></a>
+
+## Quick Start
+
+Add to your MCP client configuration (e.g. `claude_desktop_config.json`):
+
+```json
+{
+  "mcpServers": {
+    "searxng": {
+      "command": "npx",
+      "args": ["-y", "@kassol/mcp-searxng"],
+      "env": {
+        "SEARXNG_URL": "YOUR_SEARXNG_INSTANCE_URL"
+      }
+    }
+  }
+}
+```
+
+Replace `YOUR_SEARXNG_INSTANCE_URL` with the URL of your SearXNG instance (e.g. `https://search.example.com`).
+
+## Features
+
+- **Web Search**: General queries, news, articles, with pagination.
+- **URL Content Reading**: Advanced content extraction with pagination, section filtering, and heading extraction.
+- **Intelligent Caching**: URL content is cached with TTL (Time-To-Live) to improve performance and reduce redundant requests.
+- **Pagination**: Control which page of results to retrieve.
+- **Time Filtering**: Filter results by time range (day, month, year).
+- **Language Selection**: Filter results by preferred language.
+- **Safe Search**: Control content filtering level for search results.
+
+## How It Works
+
+`mcp-searxng` is a standalone MCP server — a separate Node.js process that your AI assistant connects to for web search. It queries any SearXNG instance via its HTTP JSON API.
+
+> **Not a SearXNG plugin:** This project cannot be installed as a native SearXNG plugin. Point it at any existing SearXNG instance by setting `SEARXNG_URL`.
+
+```
+AI Assistant (e.g. Claude)
+        │  MCP protocol
+        ▼
+  mcp-searxng  (this project — Node.js process)
+        │  HTTP JSON API  (SEARXNG_URL)
+        ▼
+  SearXNG instance
+```
+
+## Tools
+
+- **searxng_web_search**
+  - Execute web searches with pagination
+  - Inputs:
+    - `query` (string): The search query. This string is passed to external search services.
+    - `pageno` (number, optional): Search page number, starts at 1 (default 1)
+    - `time_range` (string, optional): Filter results by time range - one of: "day", "month", "year" (default: none)
+    - `language` (string, optional): Language code for results (e.g., "en", "fr", "de") or "all" (default: "all")
+    - `safesearch` (number, optional): Safe search filter level (0: None, 1: Moderate, 2: Strict) (default: instance setting)
+
+- **web_url_read**
+  - Read and convert the content from a URL to markdown with advanced content extraction options
+  - Inputs:
+    - `url` (string): The URL to fetch and process
+    - `startChar` (number, optional): Starting character position for content extraction (default: 0)
+    - `maxLength` (number, optional): Maximum number of characters to return
+    - `section` (string, optional): Extract content under a specific heading (searches for heading text)
+    - `paragraphRange` (string, optional): Return specific paragraph ranges (e.g., '1-5', '3', '10-')
+    - `readHeadings` (boolean, optional): Return only a list of headings instead of full content
+
+## Installation
+
+<details>
+<summary>NPM (global install)</summary>
+
+```bash
+npm install -g @kassol/mcp-searxng
+```
+
+```json
+{
+  "mcpServers": {
+    "searxng": {
+      "command": "mcp-searxng",
+      "env": {
+        "SEARXNG_URL": "YOUR_SEARXNG_INSTANCE_URL"
+      }
+    }
+  }
+}
+```
+
+</details>
+
+<details>
+<summary>Docker</summary>
+
+**Pre-built image:**
+
+```bash
+docker pull isokoliuk/mcp-searxng:latest
+```
+
+```json
+{
+  "mcpServers": {
+    "searxng": {
+      "command": "docker",
+      "args": [
+        "run", "-i", "--rm",
+        "-e", "SEARXNG_URL",
+        "isokoliuk/mcp-searxng:latest"
+      ],
+      "env": {
+        "SEARXNG_URL": "YOUR_SEARXNG_INSTANCE_URL"
+      }
+    }
+  }
+}
+```
+
+To pass additional env vars, add `-e VAR_NAME` to `args` and the variable to `env`.
+
+**Build locally:**
+
+```bash
+docker build -t mcp-searxng:latest -f Dockerfile .
+```
+
+Use the same config above, replacing `isokoliuk/mcp-searxng:latest` with `mcp-searxng:latest`.
+
+</details>
+
+<details>
+<summary>Docker Compose</summary>
+
+`docker-compose.yml`:
+
+```yaml
+services:
+  mcp-searxng:
+    image: isokoliuk/mcp-searxng:latest
+    stdin_open: true
+    environment:
+      - SEARXNG_URL=YOUR_SEARXNG_INSTANCE_URL
+      # Add optional variables as needed — see CONFIGURATION.md
+```
+
+MCP client config:
+
+```json
+{
+  "mcpServers": {
+    "searxng": {
+      "command": "docker-compose",
+      "args": ["run", "--rm", "mcp-searxng"]
+    }
+  }
+}
+```
+
+</details>
+
+<details>
+<summary>HTTP Transport</summary>
+
+By default the server uses STDIO. Set `MCP_HTTP_PORT` to enable HTTP mode:
+
+```json
+{
+  "mcpServers": {
+    "searxng-http": {
+      "command": "mcp-searxng",
+      "env": {
+        "SEARXNG_URL": "YOUR_SEARXNG_INSTANCE_URL",
+        "MCP_HTTP_PORT": "3000"
+      }
+    }
+  }
+}
+```
+
+**Endpoints:** `POST/GET/DELETE /mcp` (MCP protocol), `GET /health` (health check)
+
+**Test it:**
+
+```bash
+MCP_HTTP_PORT=3000 SEARXNG_URL=http://localhost:8080 mcp-searxng
+curl http://localhost:3000/health
+```
+
+</details>
+
+## Configuration
+
+Set `SEARXNG_URL` to your SearXNG instance URL. All other variables are optional.
+
+Protected SearXNG instances can receive extra search request headers through `SEARXNG_HEADERS`:
+
+```json
+{
+  "mcpServers": {
+    "searxng": {
+      "command": "npx",
+      "args": ["-y", "@kassol/mcp-searxng"],
+      "env": {
+        "SEARXNG_URL": "https://search.example.com",
+        "SEARXNG_HEADERS": "{\"CF-Access-Client-Id\":\"your-client-id.access\",\"CF-Access-Client-Secret\":\"your-client-secret\"}"
+      }
+    }
+  }
+}
+```
+
+Full environment variable reference: [CONFIGURATION.md](CONFIGURATION.md)
+
+## Troubleshooting
+
+### 403 Forbidden from SearXNG
+
+Your SearXNG instance likely has JSON format disabled. Edit `settings.yml` (usually `/etc/searxng/settings.yml`):
+
+```yaml
+search:
+  formats:
+    - html
+    - json
+```
+
+Restart SearXNG (`docker restart searxng`) then verify:
+
+```bash
+curl 'http://localhost:8080/search?q=test&format=json'
+```
+
+You should receive a JSON response. If not, confirm the file is correctly mounted and YAML indentation is valid.
+
+See also: [SearXNG settings docs](https://docs.searxng.org/admin/settings/settings.html) · [discussion](https://github.com/searxng/searxng/discussions/1789)
+
+## Contributing
+
+See [CONTRIBUTING.md](CONTRIBUTING.md)
+
+## License
+
+MIT — see [LICENSE](LICENSE) for details.

package/dist/cache.d.ts

@@ -0,0 +1,26 @@
+interface CacheEntry {
+    htmlContent: string;
+    markdownContent: string;
+    timestamp: number;
+}
+declare class SimpleCache {
+    private cache;
+    private readonly ttlMs;
+    private cleanupInterval;
+    constructor(ttlMs?: number, cleanupIntervalMs?: number);
+    private startCleanup;
+    private cleanupExpired;
+    get(url: string): CacheEntry | null;
+    set(url: string, htmlContent: string, markdownContent: string): void;
+    clear(): void;
+    destroy(): void;
+    getStats(): {
+        size: number;
+        entries: Array<{
+            url: string;
+            age: number;
+        }>;
+    };
+}
+export declare const urlCache: SimpleCache;
+export { SimpleCache };

package/dist/cache.js

@@ -0,0 +1,68 @@
+class SimpleCache {
+    cache = new Map();
+    ttlMs;
+    cleanupInterval = null;
+    constructor(ttlMs = 60000, cleanupIntervalMs = 30000) {
+        this.ttlMs = ttlMs;
+        this.startCleanup(cleanupIntervalMs);
+    }
+    startCleanup(cleanupIntervalMs) {
+        // Clean up expired entries every cleanupIntervalMs milliseconds (default 30s)
+        this.cleanupInterval = setInterval(() => {
+            this.cleanupExpired();
+        }, cleanupIntervalMs);
+    }
+    cleanupExpired() {
+        const now = Date.now();
+        for (const [key, entry] of this.cache.entries()) {
+            if (now - entry.timestamp > this.ttlMs) {
+                this.cache.delete(key);
+            }
+        }
+    }
+    get(url) {
+        const entry = this.cache.get(url);
+        if (!entry) {
+            return null;
+        }
+        // Check if expired
+        if (Date.now() - entry.timestamp > this.ttlMs) {
+            this.cache.delete(url);
+            return null;
+        }
+        return entry;
+    }
+    set(url, htmlContent, markdownContent) {
+        this.cache.set(url, {
+            htmlContent,
+            markdownContent,
+            timestamp: Date.now()
+        });
+    }
+    clear() {
+        this.cache.clear();
+    }
+    destroy() {
+        if (this.cleanupInterval) {
+            clearInterval(this.cleanupInterval);
+            this.cleanupInterval = null;
+        }
+        this.clear();
+    }
+    // Get cache statistics for debugging
+    getStats() {
+        const now = Date.now();
+        const entries = Array.from(this.cache.entries()).map(([url, entry]) => ({
+            url,
+            age: now - entry.timestamp
+        }));
+        return {
+            size: this.cache.size,
+            entries
+        };
+    }
+}
+// Global cache instance
+export const urlCache = new SimpleCache();
+// Export for testing and cleanup
+export { SimpleCache };

package/dist/error-handler.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Concise error handling for MCP SearXNG server
+ * Provides clear, focused error messages that identify the root cause
+ */
+export interface ErrorContext {
+    url?: string;
+    searxngUrl?: string;
+    proxyAgent?: boolean;
+    username?: string;
+    timeout?: number;
+    query?: string;
+}
+export declare class MCPSearXNGError extends Error {
+    constructor(message: string);
+}
+export declare function createConfigurationError(message: string): MCPSearXNGError;
+export declare function createNetworkError(error: any, context: ErrorContext): MCPSearXNGError;
+export declare function createServerError(status: number, statusText: string, responseBody: string, context: ErrorContext): MCPSearXNGError;
+export declare function createJSONError(responseText: string, context: ErrorContext): MCPSearXNGError;
+export declare function createDataError(data: any, context: ErrorContext): MCPSearXNGError;
+export declare function createNoResultsMessage(query: string): string;
+export declare function createURLFormatError(url: string): MCPSearXNGError;
+export declare function createURLSecurityPolicyError(url: string): MCPSearXNGError;
+export declare function createContentError(message: string, url: string): MCPSearXNGError;
+export declare function createConversionError(error: any, url: string, htmlContent: string): MCPSearXNGError;
+export declare function createTimeoutError(timeout: number, url: string): MCPSearXNGError;
+export declare function createEmptyContentWarning(url: string, htmlLength: number, htmlPreview: string): string;
+export declare function createUnexpectedError(error: any, context: ErrorContext): MCPSearXNGError;
+export declare function validateEnvironment(): string | null;

package/dist/error-handler.js

@@ -0,0 +1,148 @@
+/**
+ * Concise error handling for MCP SearXNG server
+ * Provides clear, focused error messages that identify the root cause
+ */
+export class MCPSearXNGError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'MCPSearXNGError';
+    }
+}
+export function createConfigurationError(message) {
+    return new MCPSearXNGError(`🔧 Configuration Error: ${message}`);
+}
+const TLS_ERROR_CODES = new Set([
+    'UNABLE_TO_GET_ISSUER_CERT_LOCALLY', 'UNABLE_TO_VERIFY_LEAF_SIGNATURE',
+    'CERT_UNTRUSTED', 'CERT_HAS_EXPIRED', 'DEPTH_ZERO_SELF_SIGNED_CERT',
+    'SELF_SIGNED_CERT_IN_CHAIN', 'UNABLE_TO_GET_ISSUER_CERT',
+    'CERT_CHAIN_TOO_LONG', 'INVALID_CA',
+]);
+function isTLSError(error) {
+    if (TLS_ERROR_CODES.has(error?.code))
+        return true;
+    if (TLS_ERROR_CODES.has(error?.cause?.code))
+        return true;
+    if (error?.message?.includes('certificate'))
+        return true;
+    if (error?.cause?.message?.includes('certificate'))
+        return true;
+    return false;
+}
+function getTLSRemediationMessage() {
+    const { platform } = process;
+    if (platform === 'win32') {
+        return 'Set NODE_EXTRA_CA_CERTS=C:\\path\\to\\ca-bundle.pem before starting the server.';
+    }
+    if (platform === 'darwin') {
+        return 'Run: sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /path/to/ca.crt';
+    }
+    return 'Run: sudo cp /path/to/ca.crt /usr/local/share/ca-certificates/ && sudo update-ca-certificates';
+}
+export function createNetworkError(error, context) {
+    const target = context.searxngUrl ? 'SearXNG server' : 'website';
+    if (error.code === 'ECONNREFUSED') {
+        return new MCPSearXNGError(`🌐 Connection Error: ${target} is not responding (${context.url})`);
+    }
+    if (error.code === 'ENOTFOUND' || error.code === 'EAI_NONAME') {
+        const hostname = context.url ? new URL(context.url).hostname : 'unknown';
+        return new MCPSearXNGError(`🌐 DNS Error: Cannot resolve hostname "${hostname}"`);
+    }
+    if (error.code === 'ETIMEDOUT') {
+        return new MCPSearXNGError(`🌐 Timeout Error: ${target} is too slow to respond`);
+    }
+    if (isTLSError(error)) {
+        const causeCode = error?.cause?.code || error?.code || 'CERT_ERROR';
+        return new MCPSearXNGError(`🔒 SSL/TLS Error: Certificate verification failed for ${target} (${causeCode}). ` +
+            getTLSRemediationMessage());
+    }
+    // For generic fetch failures, provide root cause guidance
+    const errorMsg = error.message || error.code || 'Connection failed';
+    if (errorMsg === 'fetch failed' || errorMsg === 'Connection failed') {
+        const guidance = context.searxngUrl
+            ? 'Check if the SEARXNG_URL is correct and the SearXNG server is available'
+            : 'Check if the website URL is accessible';
+        return new MCPSearXNGError(`🌐 Network Error: ${errorMsg}. ${guidance}`);
+    }
+    return new MCPSearXNGError(`🌐 Network Error: ${errorMsg}`);
+}
+export function createServerError(status, statusText, responseBody, context) {
+    const target = context.searxngUrl ? 'SearXNG server' : 'Website';
+    if (status === 403) {
+        const reason = context.searxngUrl ? 'Authentication required or IP blocked' : 'Access blocked (bot detection or geo-restriction)';
+        return new MCPSearXNGError(`🚫 ${target} Error (${status}): ${reason}`);
+    }
+    if (status === 404) {
+        const reason = context.searxngUrl ? 'Search endpoint not found' : 'Page not found';
+        return new MCPSearXNGError(`🚫 ${target} Error (${status}): ${reason}`);
+    }
+    if (status === 429) {
+        return new MCPSearXNGError(`🚫 ${target} Error (${status}): Rate limit exceeded`);
+    }
+    if (status >= 500) {
+        return new MCPSearXNGError(`🚫 ${target} Error (${status}): Internal server error`);
+    }
+    return new MCPSearXNGError(`🚫 ${target} Error (${status}): ${statusText}`);
+}
+export function createJSONError(responseText, context) {
+    const preview = responseText.substring(0, 100).replace(/\n/g, ' ');
+    return new MCPSearXNGError(`🔍 SearXNG Response Error: Invalid JSON format. Response: "${preview}..."`);
+}
+export function createDataError(data, context) {
+    return new MCPSearXNGError(`🔍 SearXNG Data Error: Missing results array in response`);
+}
+export function createNoResultsMessage(query) {
+    return `🔍 No results found for "${query}". Try different search terms or check if SearXNG search engines are working.`;
+}
+export function createURLFormatError(url) {
+    return new MCPSearXNGError(`🔧 URL Format Error: Invalid URL "${url}"`);
+}
+export function createURLSecurityPolicyError(url) {
+    return new MCPSearXNGError(`🔒 URL blocked by security policy: ${url}. ` +
+        "Enable MCP_HTTP_ALLOW_PRIVATE_URLS=true only if internal URL reads are intentional.");
+}
+export function createContentError(message, url) {
+    return new MCPSearXNGError(`📄 Content Error: ${message} (${url})`);
+}
+export function createConversionError(error, url, htmlContent) {
+    return new MCPSearXNGError(`🔄 Conversion Error: Cannot convert HTML to Markdown (${url})`);
+}
+export function createTimeoutError(timeout, url) {
+    const hostname = new URL(url).hostname;
+    return new MCPSearXNGError(`⏱️ Timeout Error: ${hostname} took longer than ${timeout}ms to respond`);
+}
+export function createEmptyContentWarning(url, htmlLength, htmlPreview) {
+    return `📄 Content Warning: Page fetched but appears empty after conversion (${url}). May contain only media or require JavaScript.`;
+}
+export function createUnexpectedError(error, context) {
+    return new MCPSearXNGError(`❓ Unexpected Error: ${error.message || String(error)}`);
+}
+export function validateEnvironment() {
+    const issues = [];
+    const searxngUrl = process.env.SEARXNG_URL;
+    if (!searxngUrl) {
+        issues.push("SEARXNG_URL not set");
+    }
+    else {
+        try {
+            const url = new URL(searxngUrl);
+            if (!['http:', 'https:'].includes(url.protocol)) {
+                issues.push(`SEARXNG_URL invalid protocol: ${url.protocol}`);
+            }
+        }
+        catch (error) {
+            issues.push(`SEARXNG_URL invalid format: ${searxngUrl}`);
+        }
+    }
+    const authUsername = process.env.AUTH_USERNAME;
+    const authPassword = process.env.AUTH_PASSWORD;
+    if (authUsername && !authPassword) {
+        issues.push("AUTH_USERNAME set but AUTH_PASSWORD missing");
+    }
+    else if (!authUsername && authPassword) {
+        issues.push("AUTH_PASSWORD set but AUTH_USERNAME missing");
+    }
+    if (issues.length === 0) {
+        return null;
+    }
+    return `⚠️ Configuration Issues: ${issues.join(', ')}. Set SEARXNG_URL (e.g., http://localhost:8080 or https://search.example.com)`;
+}

package/dist/headers.d.ts

@@ -0,0 +1,3 @@
+export type HeaderRecord = Record<string, string>;
+export declare function parseHeadersFromEnv(envVarName: string): HeaderRecord;
+export declare function mergeHeaders(headers: HeadersInit | undefined, additionalHeaders: HeaderRecord): HeaderRecord;

package/dist/headers.js

@@ -0,0 +1,77 @@
+import { createConfigurationError } from "./error-handler.js";
+const HEADER_NAME_REGEX = /^[!#$%&'*+\-.^_`|~0-9A-Za-z]+$/;
+const RESERVED_HEADER_NAMES = new Set(["__proto__", "constructor", "prototype"]);
+function createHeaderRecord() {
+    return Object.create(null);
+}
+function normalizeHeaderName(envVarName, name) {
+    const normalizedName = name.trim().toLowerCase();
+    if (normalizedName === "") {
+        throw createConfigurationError(`${envVarName} contains an empty header name`);
+    }
+    if (!HEADER_NAME_REGEX.test(normalizedName)) {
+        throw createConfigurationError(`${envVarName} contains invalid header name "${name}"`);
+    }
+    if (RESERVED_HEADER_NAMES.has(normalizedName)) {
+        throw createConfigurationError(`${envVarName} contains reserved header name "${name}"`);
+    }
+    return normalizedName;
+}
+function setHeader(headers, envVarName, name, value) {
+    headers[normalizeHeaderName(envVarName, name)] = value;
+}
+function normalizeHeaders(headers) {
+    const normalizedHeaders = createHeaderRecord();
+    if (!headers) {
+        return normalizedHeaders;
+    }
+    if (headers instanceof Headers) {
+        for (const [name, value] of headers.entries()) {
+            setHeader(normalizedHeaders, "headers", name, value);
+        }
+        return normalizedHeaders;
+    }
+    if (Array.isArray(headers)) {
+        for (const [name, value] of headers) {
+            setHeader(normalizedHeaders, "headers", name, value);
+        }
+        return normalizedHeaders;
+    }
+    for (const [name, value] of Object.entries(headers)) {
+        setHeader(normalizedHeaders, "headers", name, value);
+    }
+    return normalizedHeaders;
+}
+export function parseHeadersFromEnv(envVarName) {
+    const rawHeaders = process.env[envVarName];
+    if (!rawHeaders) {
+        return createHeaderRecord();
+    }
+    let parsedHeaders;
+    try {
+        parsedHeaders = JSON.parse(rawHeaders);
+    }
+    catch {
+        throw createConfigurationError(`${envVarName} must be valid JSON`);
+    }
+    if (typeof parsedHeaders !== "object" ||
+        parsedHeaders === null ||
+        Array.isArray(parsedHeaders)) {
+        throw createConfigurationError(`${envVarName} must be a JSON object`);
+    }
+    const headers = createHeaderRecord();
+    for (const [name, value] of Object.entries(parsedHeaders)) {
+        if (typeof value !== "string") {
+            throw createConfigurationError(`${envVarName}.${name} must be a string`);
+        }
+        setHeader(headers, envVarName, name, value);
+    }
+    return headers;
+}
+export function mergeHeaders(headers, additionalHeaders) {
+    const mergedHeaders = normalizeHeaders(headers);
+    for (const [name, value] of Object.entries(additionalHeaders)) {
+        setHeader(mergedHeaders, "headers", name, value);
+    }
+    return mergedHeaders;
+}

package/dist/http-security.d.ts

@@ -0,0 +1,15 @@
+export interface HttpSecurityConfig {
+    harden: boolean;
+    requireAuth: boolean;
+    authToken?: string;
+    restrictOrigins: boolean;
+    allowedOrigins: string[];
+    enableDnsRebindingProtection: boolean;
+    allowedHosts: string[];
+    exposeFullConfig: boolean;
+    allowPrivateUrls: boolean;
+}
+export declare function getHttpSecurityConfig(): HttpSecurityConfig;
+export declare function validateHttpSecurityConfig(config: HttpSecurityConfig): void;
+export declare function isRequestAuthorized(headerValue: string | undefined, config: HttpSecurityConfig): boolean;
+export declare function isOriginAllowed(origin: string | undefined, config: HttpSecurityConfig): boolean;