@liflig/cdk 2.9.2 → 2.10.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/lib/webapp/index.d.ts +1 -0
  2. package/lib/webapp/index.js +4 -2
  3. package/lib/webapp/security-headers.d.ts +18 -20
  4. package/lib/webapp/security-headers.js +71 -68
  5. package/lib/webapp/webapp.d.ts +34 -17
  6. package/lib/webapp/webapp.js +7 -11
  7. package/package.json +7 -7
package/lib/webapp/index.d.ts CHANGED
@@ -1 +1,2 @@
1
1
  export { Webapp, WebappProps } from "./webapp";
2
+ export { generateContentSecurityPolicyHeader } from "./security-headers";
package/lib/webapp/index.js CHANGED
@@ -1,6 +1,8 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.Webapp = void 0;
3
+ exports.generateContentSecurityPolicyHeader = exports.Webapp = void 0;
4
4
  var webapp_1 = require("./webapp");
5
5
  Object.defineProperty(exports, "Webapp", { enumerable: true, get: function () { return webapp_1.Webapp; } });
6
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvd2ViYXBwL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLG1DQUE4QztBQUFyQyxnR0FBQSxNQUFNLE9BQUEiLCJzb3VyY2VzQ29udGVudCI6WyJleHBvcnQgeyBXZWJhcHAsIFdlYmFwcFByb3BzIH0gZnJvbSBcIi4vd2ViYXBwXCJcbiJdfQ==
6
+ var security_headers_1 = require("./security-headers");
7
+ Object.defineProperty(exports, "generateContentSecurityPolicyHeader", { enumerable: true, get: function () { return security_headers_1.generateContentSecurityPolicyHeader; } });
8
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi8uLi9zcmMvd2ViYXBwL2luZGV4LnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiI7OztBQUFBLG1DQUE4QztBQUFyQyxnR0FBQSxNQUFNLE9BQUE7QUFDZix1REFBd0U7QUFBL0QsdUlBQUEsbUNBQW1DLE9BQUEiLCJzb3VyY2VzQ29udGVudCI6WyJleHBvcnQgeyBXZWJhcHAsIFdlYmFwcFByb3BzIH0gZnJvbSBcIi4vd2ViYXBwXCJcbmV4cG9ydCB7IGdlbmVyYXRlQ29udGVudFNlY3VyaXR5UG9saWN5SGVhZGVyIH0gZnJvbSBcIi4vc2VjdXJpdHktaGVhZGVyc1wiXG4iXX0=
package/lib/webapp/security-headers.d.ts CHANGED
@@ -1,18 +1,15 @@
1
1
  import * as constructs from "constructs";
2
2
  import * as cloudfront from "aws-cdk-lib/aws-cloudfront";
3
- export interface FrameOptionsHeader {
4
- value?: "DENY" | "SAMEORIGIN";
5
- }
6
- export interface ReferrerPolicyHeader {
7
- value?: string;
8
- }
9
- export interface StrictTransportSecurityHeader {
10
- maxAge?: number;
11
- includeSubDomains?: boolean;
12
- preload?: boolean;
13
- }
3
+ export type WebappSecurityHeadersProps = Partial<cloudfront.ResponseSecurityHeadersBehavior & {
4
+ contentSecurityPolicy?: cloudfront.ResponseSecurityHeadersBehavior["contentSecurityPolicy"] & {
5
+ /**
6
+ * Whether to only monitor the effects of the content security policy without actually blocking anything.
7
+ * @default false
8
+ */
9
+ reportOnly?: boolean;
10
+ };
11
+ }>;
14
12
  export interface ContentSecurityPolicyHeader {
15
- reportOnly?: boolean;
16
13
  baseUri?: string;
17
14
  childSrc?: string;
18
15
  defaultSrc?: string;
@@ -28,13 +25,14 @@ export interface ContentSecurityPolicyHeader {
28
25
  styleSrc?: string;
29
26
  connectSrc?: string;
30
27
  }
31
- export interface SecurityHeaders {
32
- contentSecurityPolicy?: ContentSecurityPolicyHeader;
33
- strictTransportSecurity?: StrictTransportSecurityHeader;
34
- referrerPolicy?: ReferrerPolicyHeader;
35
- frameOptions?: FrameOptionsHeader;
36
- }
28
+ /**
29
+ * Helper function that generates a string containing a Content Security Policy that can be
30
+ * used in a security header.
31
+ *
32
+ * NOTE: The string can be further extended using string concatenation for directives that aren't currently supported by the function.
33
+ */
34
+ export declare function generateContentSecurityPolicyHeader(headerOptions?: ContentSecurityPolicyHeader): string;
37
35
  export declare class WebappSecurityHeaders extends constructs.Construct {
38
- readonly securityHeadersFunction: cloudfront.Function;
39
- constructor(scope: constructs.Construct, id: string, props: SecurityHeaders);
36
+ readonly responseHeadersPolicy: cloudfront.ResponseHeadersPolicy;
37
+ constructor(scope: constructs.Construct, id: string, props: WebappSecurityHeadersProps);
40
38
  }
package/lib/webapp/security-headers.js CHANGED
@@ -1,6 +1,7 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.WebappSecurityHeaders = void 0;
3
+ exports.WebappSecurityHeaders = exports.generateContentSecurityPolicyHeader = void 0;
4
+ const cdk = require("aws-cdk-lib");
4
5
  const constructs = require("constructs");
5
6
  const cloudfront = require("aws-cdk-lib/aws-cloudfront");
6
7
  function validateCspParam(param) {
@@ -19,17 +20,23 @@ function validateCspParam(param) {
19
20
  function trim(value) {
20
21
  return value.replace(/\s+/g, " ").trim();
21
22
  }
23
+ /**
24
+ * Helper function that generates a string containing a Content Security Policy that can be
25
+ * used in a security header.
26
+ *
27
+ * NOTE: The string can be further extended using string concatenation for directives that aren't currently supported by the function.
28
+ */
22
29
  function generateContentSecurityPolicyHeader(headerOptions) {
23
30
  const defaultValues = {
24
31
  baseUri: "'self'",
25
- childSrc: "'none'",
26
- connectSrc: "'self'",
27
- defaultSrc: "'self'",
32
+ childSrc: "'self'",
33
+ connectSrc: "'self' https:",
34
+ defaultSrc: "'none'",
28
35
  fontSrc: "'self'",
29
- formAction: "'self'",
36
+ formAction: "'none'",
30
37
  frameAncestors: "'none'",
31
38
  frameSrc: "'self'",
32
- imgSrc: "'self'",
39
+ imgSrc: "'self' data:",
33
40
  manifestSrc: "'self'",
34
41
  mediaSrc: "'self'",
35
42
  objectSrc: "'none'",
@@ -48,79 +55,75 @@ function generateContentSecurityPolicyHeader(headerOptions) {
48
55
  headerValue += `default-src ${trim(options.defaultSrc)};`;
49
56
  headerValue += `font-src ${trim(options.fontSrc)};`;
50
57
  headerValue += `frame-src ${trim(options.frameSrc)};`;
58
+ headerValue += `form-action ${trim(options.formAction)};`;
59
+ headerValue += `frame-ancestors ${trim(options.frameAncestors)};`;
51
60
  headerValue += `img-src ${trim(options.imgSrc)};`;
52
61
  headerValue += `manifest-src ${trim(options.manifestSrc)};`;
53
62
  headerValue += `media-src ${trim(options.mediaSrc)};`;
54
63
  headerValue += `object-src ${trim(options.objectSrc)};`;
55
64
  headerValue += `script-src ${trim(options.scriptSrc)};`;
56
- headerValue += `style-src ${trim(options.styleSrc)};`;
65
+ headerValue += `style-src ${trim(options.styleSrc)}`;
57
66
  return trim(headerValue);
58
67
  }
59
- function generateStrictTransportSecurityHeader(headerOptions) {
60
- const defaultValues = {
61
- maxAge: 63072000,
62
- includeSubDomains: false,
63
- preload: false,
64
- };
65
- const options = {
66
- ...defaultValues,
67
- ...headerOptions,
68
- };
69
- let headerValue = "";
70
- headerValue += `max-age=${options.maxAge};`;
71
- headerValue += options.preload ? "preload;" : "";
72
- headerValue += options.includeSubDomains ? "includeSubDomains;" : "";
73
- return trim(headerValue);
74
- }
75
- function generateReferrerPolicyHeader(headerOptions) {
76
- const defaultValues = {
77
- value: "strict-origin-when-cross-origin",
78
- };
79
- const options = {
80
- ...defaultValues,
81
- ...headerOptions,
82
- };
83
- return options.value;
84
- }
85
- function generateFrameOptionsHeader(headerOptions) {
86
- const defaultValues = {
87
- value: "DENY",
88
- };
89
- const options = {
90
- ...defaultValues,
91
- ...headerOptions,
92
- };
93
- return trim(options.value);
94
- }
68
+ exports.generateContentSecurityPolicyHeader = generateContentSecurityPolicyHeader;
95
69
  class WebappSecurityHeaders extends constructs.Construct {
96
70
  constructor(scope, id, props) {
97
- var _a;
98
71
  super(scope, id);
99
- const cspHeaderName = ((_a = props.contentSecurityPolicy) === null || _a === void 0 ? void 0 : _a.reportOnly)
100
- ? "content-security-policy-report-only"
101
- : "content-security-policy";
102
- const contentSecurityPolicy = generateContentSecurityPolicyHeader(props.contentSecurityPolicy);
103
- const strictTransportSecurity = generateStrictTransportSecurityHeader(props.strictTransportSecurity);
104
- const referrerPolicy = generateReferrerPolicyHeader(props.referrerPolicy);
105
- const frameOptions = generateFrameOptionsHeader(props.frameOptions);
106
- const lambdaCode = `function handler(event) {
107
- var response = event.response;
108
- var headers = response.headers;
109
- headers['referrer-policy'] = {value: '${referrerPolicy}'};
110
- headers['strict-transport-security'] = {value: '${strictTransportSecurity}'};
111
- headers['x-content-type-options'] = {value: 'nosniff'};
112
- headers['x-frame-options'] = {value: '${frameOptions}'};
113
- headers['x-xss-protection'] = {value: '1; mode=block'};
114
- headers['${cspHeaderName}'] = {value: "${contentSecurityPolicy}"};
115
- return response;
116
- }`;
117
- // Hardcoded logical ID due to bug: https://github.com/aws/aws-cdk/issues/15523
118
- const functionId = `Function${this.node.addr}`;
119
- this.securityHeadersFunction = new cloudfront.Function(this, functionId, {
120
- functionName: functionId,
121
- code: cloudfront.FunctionCode.fromInline(lambdaCode),
72
+ const { contentSecurityPolicy: contentSecurityPolicyOverride, ...overrides } = props;
73
+ const contentSecurityPolicyCustomHeader = contentSecurityPolicyOverride || {
74
+ reportOnly: false,
75
+ contentSecurityPolicy: generateContentSecurityPolicyHeader(),
76
+ override: true,
77
+ };
78
+ const defaultValues = {
79
+ contentTypeOptions: {
80
+ override: true,
81
+ },
82
+ referrerPolicy: {
83
+ override: true,
84
+ referrerPolicy: cloudfront.HeadersReferrerPolicy.SAME_ORIGIN,
85
+ },
86
+ frameOptions: {
87
+ frameOption: cloudfront.HeadersFrameOption.DENY,
88
+ override: true,
89
+ },
90
+ strictTransportSecurity: {
91
+ override: true,
92
+ accessControlMaxAge: cdk.Duration.days(182.5),
93
+ includeSubdomains: false,
94
+ preload: false,
95
+ },
96
+ xssProtection: {
97
+ override: true,
98
+ protection: true,
99
+ modeBlock: true,
100
+ },
101
+ };
102
+ this.responseHeadersPolicy = new cloudfront.ResponseHeadersPolicy(this, "ResponseHeadersPolicy", {
103
+ securityHeadersBehavior: {
104
+ ...defaultValues,
105
+ ...overrides,
106
+ ...(!contentSecurityPolicyCustomHeader.reportOnly && {
107
+ contentSecurityPolicy: {
108
+ contentSecurityPolicy: contentSecurityPolicyCustomHeader.contentSecurityPolicy,
109
+ override: contentSecurityPolicyCustomHeader.override,
110
+ },
111
+ }),
112
+ },
113
+ ...(contentSecurityPolicyCustomHeader.reportOnly && {
114
+ customHeadersBehavior: {
115
+ // Report only is not supported by securityHeadersBehavior in AWS and must be defined as custom header
116
+ customHeaders: [
117
+ {
118
+ header: "Content-Security-Policy-Report-Only",
119
+ value: contentSecurityPolicyCustomHeader.contentSecurityPolicy,
120
+ override: contentSecurityPolicyCustomHeader.override,
121
+ },
122
+ ],
123
+ },
124
+ }),
122
125
  });
123
126
  }
124
127
  }
125
128
  exports.WebappSecurityHeaders = WebappSecurityHeaders;
126
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjdXJpdHktaGVhZGVycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy93ZWJhcHAvc2VjdXJpdHktaGVhZGVycy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSx5Q0FBd0M7QUFDeEMseURBQXdEO0FBeUN4RCxTQUFTLGdCQUFnQixDQUFDLEtBQWE7SUFDckMsSUFBSSxLQUFLLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFO1FBQzdCLE1BQU0sS0FBSyxDQUFDLDJDQUEyQyxDQUFDLENBQUE7S0FDekQ7SUFFRCxJQUFJLEtBQUssQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUU7UUFDN0IsTUFBTSxLQUFLLENBQUMsMkNBQTJDLENBQUMsQ0FBQTtLQUN6RDtJQUVELElBQUksS0FBSyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRTtRQUM5QixNQUFNLEtBQUssQ0FBQyw0Q0FBNEMsQ0FBQyxDQUFBO0tBQzFEO0lBRUQsT0FBTyxLQUFLLENBQUE7QUFDZCxDQUFDO0FBRUQsNERBQTREO0FBQzVELFNBQVMsSUFBSSxDQUFDLEtBQWE7SUFDekIsT0FBTyxLQUFLLENBQUMsT0FBTyxDQUFDLE1BQU0sRUFBRSxHQUFHLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQTtBQUMxQyxDQUFDO0FBRUQsU0FBUyxtQ0FBbUMsQ0FDMUMsYUFBMkM7SUFFM0MsTUFBTSxhQUFhLEdBQUc7UUFDcEIsT0FBTyxFQUFFLFFBQVE7UUFDakIsUUFBUSxFQUFFLFFBQVE7UUFDbEIsVUFBVSxFQUFFLFFBQVE7UUFDcEIsVUFBVSxFQUFFLFFBQVE7UUFDcEIsT0FBTyxFQUFFLFFBQVE7UUFDakIsVUFBVSxFQUFFLFFBQVE7UUFDcEIsY0FBYyxFQUFFLFFBQVE7UUFDeEIsUUFBUSxFQUFFLFFBQVE7UUFDbEIsTUFBTSxFQUFFLFFBQVE7UUFDaEIsV0FBVyxFQUFFLFFBQVE7UUFDckIsUUFBUSxFQUFFLFFBQVE7UUFDbEIsU0FBUyxFQUFFLFFBQVE7UUFDbkIsU0FBUyxFQUFFLFFBQVE7UUFDbkIsUUFBUSxFQUFFLFFBQVE7S0FDbkIsQ0FBQTtJQUVELE1BQU0sT0FBTyxHQUFHO1FBQ2QsR0FBRyxhQUFhO1FBQ2hCLEdBQUcsYUFBYTtLQUNqQixDQUFBO0lBRUQsTUFBTSxDQUFDLE1BQU0sQ0FBQyxPQUFPLENBQUMsQ0FBQyxPQUFPLENBQzVCLENBQUMsQ0FBQyxFQUFFLEVBQUUsQ0FBQyxPQUFPLENBQUMsS0FBSyxRQUFRLElBQUksZ0JBQWdCLENBQUMsQ0FBQyxDQUFDLENBQ3BELENBQUE7SUFFRCxJQUFJLFdBQVcsR0FBRyxFQUFFLENBQUE7SUFDcEIsV0FBVyxJQUFJLFlBQVksSUFBSSxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsR0FBRyxDQUFBO0lBQ25ELFdBQVcsSUFBSSxhQUFhLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQTtJQUNyRCxXQUFXLElBQUksZUFBZSxJQUFJLENBQUMsT0FBTyxDQUFDLFVBQVUsQ0FBQyxHQUFHLENBQUE7SUFDekQsV0FBVyxJQUFJLGVBQWUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFBO0lBQ3pELFdBQVcsSUFBSSxZQUFZLElBQUksQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQTtJQUNuRCxXQUFXLElBQUksYUFBYSxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUE7SUFDckQsV0FBVyxJQUFJLFdBQVcsSUFBSSxDQUFDLE9BQU8sQ0FBQyxNQUFNLENBQUMsR0FBRyxDQUFBO0lBQ2pELFdBQVcsSUFBSSxnQkFBZ0IsSUFBSSxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsR0FBRyxDQUFBO0lBQzNELFdBQVcsSUFBSSxhQUFhLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQTtJQUNyRCxXQUFXLElBQUksY0FBYyxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUE7SUFDdkQsV0FBVyxJQUFJLGNBQWMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsR0FBRyxDQUFBO0lBQ3ZELFdBQVcsSUFBSSxhQUFhLElBQUksQ0FBQyxPQUFPLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQTtJQUVyRCxPQUFPLElBQUksQ0FBQyxXQUFXLENBQUMsQ0FBQTtBQUMxQixDQUFDO0FBRUQsU0FBUyxxQ0FBcUMsQ0FDNUMsYUFBNkM7SUFFN0MsTUFBTSxhQUFhLEdBQUc7UUFDcEIsTUFBTSxFQUFFLFFBQVE7UUFDaEIsaUJBQWlCLEVBQUUsS0FBSztRQUN4QixPQUFPLEVBQUUsS0FBSztLQUNmLENBQUE7SUFDRCxNQUFNLE9BQU8sR0FBRztRQUNkLEdBQUcsYUFBYTtRQUNoQixHQUFHLGFBQWE7S0FDakIsQ0FBQTtJQUNELElBQUksV0FBVyxHQUFHLEVBQUUsQ0FBQTtJQUNwQixXQUFXLElBQUksV0FBVyxPQUFPLENBQUMsTUFBTSxHQUFHLENBQUE7SUFDM0MsV0FBVyxJQUFJLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLFVBQVUsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFBO0lBQ2hELFdBQVcsSUFBSSxPQUFPLENBQUMsaUJBQWlCLENBQUMsQ0FBQyxDQUFDLG9CQUFvQixDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUE7SUFDcEUsT0FBTyxJQUFJLENBQUMsV0FBVyxDQUFDLENBQUE7QUFDMUIsQ0FBQztBQUVELFNBQVMsNEJBQTRCLENBQUMsYUFBb0M7SUFDeEUsTUFBTSxhQUFhLEdBQUc7UUFDcEIsS0FBSyxFQUFFLGlDQUFpQztLQUN6QyxDQUFBO0lBQ0QsTUFBTSxPQUFPLEdBQUc7UUFDZCxHQUFHLGFBQWE7UUFDaEIsR0FBRyxhQUFhO0tBQ2pCLENBQUE7SUFDRCxPQUFPLE9BQU8sQ0FBQyxLQUFLLENBQUE7QUFDdEIsQ0FBQztBQUVELFNBQVMsMEJBQTBCLENBQUMsYUFBa0M7SUFDcEUsTUFBTSxhQUFhLEdBQUc7UUFDcEIsS0FBSyxFQUFFLE1BQU07S0FDZCxDQUFBO0lBQ0QsTUFBTSxPQUFPLEdBQUc7UUFDZCxHQUFHLGFBQWE7UUFDaEIsR0FBRyxhQUFhO0tBQ2pCLENBQUE7SUFDRCxPQUFPLElBQUksQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUE7QUFDNUIsQ0FBQztBQUVELE1BQWEscUJBQXNCLFNBQVEsVUFBVSxDQUFDLFNBQVM7SUFHN0QsWUFBWSxLQUEyQixFQUFFLEVBQVUsRUFBRSxLQUFzQjs7UUFDekUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQTtRQUVoQixNQUFNLGFBQWEsR0FBRyxDQUFBLE1BQUEsS0FBSyxDQUFDLHFCQUFxQiwwQ0FBRSxVQUFVO1lBQzNELENBQUMsQ0FBQyxxQ0FBcUM7WUFDdkMsQ0FBQyxDQUFDLHlCQUF5QixDQUFBO1FBRTdCLE1BQU0scUJBQXFCLEdBQUcsbUNBQW1DLENBQy9ELEtBQUssQ0FBQyxxQkFBcUIsQ0FDNUIsQ0FBQTtRQUNELE1BQU0sdUJBQXVCLEdBQUcscUNBQXFDLENBQ25FLEtBQUssQ0FBQyx1QkFBdUIsQ0FDOUIsQ0FBQTtRQUNELE1BQU0sY0FBYyxHQUFHLDRCQUE0QixDQUFDLEtBQUssQ0FBQyxjQUFjLENBQUMsQ0FBQTtRQUN6RSxNQUFNLFlBQVksR0FBRywwQkFBMEIsQ0FBQyxLQUFLLENBQUMsWUFBWSxDQUFDLENBQUE7UUFFbkUsTUFBTSxVQUFVLEdBQUc7Ozs4Q0FHdUIsY0FBYzt3REFDSix1QkFBdUI7OzhDQUVqQyxZQUFZOztpQkFFekMsYUFBYSxpQkFBaUIscUJBQXFCOztNQUU5RCxDQUFBO1FBRUYsK0VBQStFO1FBQy9FLE1BQU0sVUFBVSxHQUFHLFdBQVcsSUFBSSxDQUFDLElBQUksQ0FBQyxJQUFJLEVBQUUsQ0FBQTtRQUU5QyxJQUFJLENBQUMsdUJBQXVCLEdBQUcsSUFBSSxVQUFVLENBQUMsUUFBUSxDQUFDLElBQUksRUFBRSxVQUFVLEVBQUU7WUFDdkUsWUFBWSxFQUFFLFVBQVU7WUFDeEIsSUFBSSxFQUFFLFVBQVUsQ0FBQyxZQUFZLENBQUMsVUFBVSxDQUFDLFVBQVUsQ0FBQztTQUNyRCxDQUFDLENBQUE7SUFDSixDQUFDO0NBQ0Y7QUF2Q0Qsc0RBdUNDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY29uc3RydWN0cyBmcm9tIFwiY29uc3RydWN0c1wiXG5pbXBvcnQgKiBhcyBjbG91ZGZyb250IGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtY2xvdWRmcm9udFwiXG5cbmV4cG9ydCBpbnRlcmZhY2UgRnJhbWVPcHRpb25zSGVhZGVyIHtcbiAgdmFsdWU/OiBcIkRFTllcIiB8IFwiU0FNRU9SSUdJTlwiXG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUmVmZXJyZXJQb2xpY3lIZWFkZXIge1xuICB2YWx1ZT86IHN0cmluZ1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIFN0cmljdFRyYW5zcG9ydFNlY3VyaXR5SGVhZGVyIHtcbiAgbWF4QWdlPzogbnVtYmVyXG4gIGluY2x1ZGVTdWJEb21haW5zPzogYm9vbGVhblxuICBwcmVsb2FkPzogYm9vbGVhblxufVxuXG5leHBvcnQgaW50ZXJmYWNlIENvbnRlbnRTZWN1cml0eVBvbGljeUhlYWRlciB7XG4gIHJlcG9ydE9ubHk/OiBib29sZWFuXG4gIGJhc2VVcmk/OiBzdHJpbmdcbiAgY2hpbGRTcmM/OiBzdHJpbmdcbiAgZGVmYXVsdFNyYz86IHN0cmluZ1xuICBmb250U3JjPzogc3RyaW5nXG4gIGZyYW1lU3JjPzogc3RyaW5nXG4gIGZvcm1BY3Rpb24/OiBzdHJpbmdcbiAgZnJhbWVBbmNlc3RvcnM/OiBzdHJpbmdcbiAgaW1nU3JjPzogc3RyaW5nXG4gIG1hbmlmZXN0U3JjPzogc3RyaW5nXG4gIG1lZGlhU3JjPzogc3RyaW5nXG4gIG9iamVjdFNyYz86IHN0cmluZ1xuICBzY3JpcHRTcmM/OiBzdHJpbmdcbiAgc3R5bGVTcmM/OiBzdHJpbmdcbiAgY29ubmVjdFNyYz86IHN0cmluZ1xufVxuXG5leHBvcnQgaW50ZXJmYWNlIFNlY3VyaXR5SGVhZGVycyB7XG4gIGNvbnRlbnRTZWN1cml0eVBvbGljeT86IENvbnRlbnRTZWN1cml0eVBvbGljeUhlYWRlclxuICBzdHJpY3RUcmFuc3BvcnRTZWN1cml0eT86IFN0cmljdFRyYW5zcG9ydFNlY3VyaXR5SGVhZGVyXG4gIHJlZmVycmVyUG9saWN5PzogUmVmZXJyZXJQb2xpY3lIZWFkZXJcbiAgZnJhbWVPcHRpb25zPzogRnJhbWVPcHRpb25zSGVhZGVyXG59XG5cbmZ1bmN0aW9uIHZhbGlkYXRlQ3NwUGFyYW0ocGFyYW06IHN0cmluZyk6IHN0cmluZyB7XG4gIGlmIChwYXJhbS5pbmRleE9mKCdcIicpICE9PSAtMSkge1xuICAgIHRocm93IEVycm9yKCdDU1Agb3ZlcnJpZGUgY29udGFpbnMgaW52YWxpZCBjaGFyYWN0ZXIgXCInKVxuICB9XG5cbiAgaWYgKHBhcmFtLmluZGV4T2YoXCI7XCIpICE9PSAtMSkge1xuICAgIHRocm93IEVycm9yKFwiQ1NQIG92ZXJyaWRlIGNvbnRhaW5zIGludmFsaWQgY2hhcmFjdGVyIDtcIilcbiAgfVxuXG4gIGlmIChwYXJhbS5pbmRleE9mKFwiXFxcXFwiKSAhPT0gLTEpIHtcbiAgICB0aHJvdyBFcnJvcihcIkNTUCBvdmVycmlkZSBjb250YWlucyBpbnZhbGlkIGNoYXJhY3RlciBcXFxcXCIpXG4gIH1cblxuICByZXR1cm4gcGFyYW1cbn1cblxuLyogUmVwbGFjZSBhbGwgd2hpdGVzcGFjZSBpbiBhIHN0cmluZyB3aXRoIGEgc2luZ2xlIHNwYWNlICovXG5mdW5jdGlvbiB0cmltKHZhbHVlOiBzdHJpbmcpOiBzdHJpbmcge1xuICByZXR1cm4gdmFsdWUucmVwbGFjZSgvXFxzKy9nLCBcIiBcIikudHJpbSgpXG59XG5cbmZ1bmN0aW9uIGdlbmVyYXRlQ29udGVudFNlY3VyaXR5UG9saWN5SGVhZGVyKFxuICBoZWFkZXJPcHRpb25zPzogQ29udGVudFNlY3VyaXR5UG9saWN5SGVhZGVyLFxuKSB7XG4gIGNvbnN0IGRlZmF1bHRWYWx1ZXMgPSB7XG4gICAgYmFzZVVyaTogXCInc2VsZidcIixcbiAgICBjaGlsZFNyYzogXCInbm9uZSdcIixcbiAgICBjb25uZWN0U3JjOiBcIidzZWxmJ1wiLFxuICAgIGRlZmF1bHRTcmM6IFwiJ3NlbGYnXCIsXG4gICAgZm9udFNyYzogXCInc2VsZidcIixcbiAgICBmb3JtQWN0aW9uOiBcIidzZWxmJ1wiLFxuICAgIGZyYW1lQW5jZXN0b3JzOiBcIidub25lJ1wiLFxuICAgIGZyYW1lU3JjOiBcIidzZWxmJ1wiLFxuICAgIGltZ1NyYzogXCInc2VsZidcIixcbiAgICBtYW5pZmVzdFNyYzogXCInc2VsZidcIixcbiAgICBtZWRpYVNyYzogXCInc2VsZidcIixcbiAgICBvYmplY3RTcmM6IFwiJ25vbmUnXCIsXG4gICAgc2NyaXB0U3JjOiBcIidzZWxmJ1wiLFxuICAgIHN0eWxlU3JjOiBcIidzZWxmJ1wiLFxuICB9XG5cbiAgY29uc3Qgb3B0aW9ucyA9IHtcbiAgICAuLi5kZWZhdWx0VmFsdWVzLFxuICAgIC4uLmhlYWRlck9wdGlvbnMsXG4gIH1cblxuICBPYmplY3QudmFsdWVzKG9wdGlvbnMpLmZvckVhY2goXG4gICAgKHYpID0+IHR5cGVvZiB2ID09PSBcInN0cmluZ1wiICYmIHZhbGlkYXRlQ3NwUGFyYW0odiksXG4gIClcblxuICBsZXQgaGVhZGVyVmFsdWUgPSBcIlwiXG4gIGhlYWRlclZhbHVlICs9IGBiYXNlLXVyaSAke3RyaW0ob3B0aW9ucy5iYXNlVXJpKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgY2hpbGQtc3JjICR7dHJpbShvcHRpb25zLmNoaWxkU3JjKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgY29ubmVjdC1zcmMgJHt0cmltKG9wdGlvbnMuY29ubmVjdFNyYyl9O2BcbiAgaGVhZGVyVmFsdWUgKz0gYGRlZmF1bHQtc3JjICR7dHJpbShvcHRpb25zLmRlZmF1bHRTcmMpfTtgXG4gIGhlYWRlclZhbHVlICs9IGBmb250LXNyYyAke3RyaW0ob3B0aW9ucy5mb250U3JjKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgZnJhbWUtc3JjICR7dHJpbShvcHRpb25zLmZyYW1lU3JjKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgaW1nLXNyYyAke3RyaW0ob3B0aW9ucy5pbWdTcmMpfTtgXG4gIGhlYWRlclZhbHVlICs9IGBtYW5pZmVzdC1zcmMgJHt0cmltKG9wdGlvbnMubWFuaWZlc3RTcmMpfTtgXG4gIGhlYWRlclZhbHVlICs9IGBtZWRpYS1zcmMgJHt0cmltKG9wdGlvbnMubWVkaWFTcmMpfTtgXG4gIGhlYWRlclZhbHVlICs9IGBvYmplY3Qtc3JjICR7dHJpbShvcHRpb25zLm9iamVjdFNyYyl9O2BcbiAgaGVhZGVyVmFsdWUgKz0gYHNjcmlwdC1zcmMgJHt0cmltKG9wdGlvbnMuc2NyaXB0U3JjKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgc3R5bGUtc3JjICR7dHJpbShvcHRpb25zLnN0eWxlU3JjKX07YFxuXG4gIHJldHVybiB0cmltKGhlYWRlclZhbHVlKVxufVxuXG5mdW5jdGlvbiBnZW5lcmF0ZVN0cmljdFRyYW5zcG9ydFNlY3VyaXR5SGVhZGVyKFxuICBoZWFkZXJPcHRpb25zPzogU3RyaWN0VHJhbnNwb3J0U2VjdXJpdHlIZWFkZXIsXG4pIHtcbiAgY29uc3QgZGVmYXVsdFZhbHVlcyA9IHtcbiAgICBtYXhBZ2U6IDYzMDcyMDAwLFxuICAgIGluY2x1ZGVTdWJEb21haW5zOiBmYWxzZSxcbiAgICBwcmVsb2FkOiBmYWxzZSxcbiAgfVxuICBjb25zdCBvcHRpb25zID0ge1xuICAgIC4uLmRlZmF1bHRWYWx1ZXMsXG4gICAgLi4uaGVhZGVyT3B0aW9ucyxcbiAgfVxuICBsZXQgaGVhZGVyVmFsdWUgPSBcIlwiXG4gIGhlYWRlclZhbHVlICs9IGBtYXgtYWdlPSR7b3B0aW9ucy5tYXhBZ2V9O2BcbiAgaGVhZGVyVmFsdWUgKz0gb3B0aW9ucy5wcmVsb2FkID8gXCJwcmVsb2FkO1wiIDogXCJcIlxuICBoZWFkZXJWYWx1ZSArPSBvcHRpb25zLmluY2x1ZGVTdWJEb21haW5zID8gXCJpbmNsdWRlU3ViRG9tYWlucztcIiA6IFwiXCJcbiAgcmV0dXJuIHRyaW0oaGVhZGVyVmFsdWUpXG59XG5cbmZ1bmN0aW9uIGdlbmVyYXRlUmVmZXJyZXJQb2xpY3lIZWFkZXIoaGVhZGVyT3B0aW9ucz86IFJlZmVycmVyUG9saWN5SGVhZGVyKSB7XG4gIGNvbnN0IGRlZmF1bHRWYWx1ZXMgPSB7XG4gICAgdmFsdWU6IFwic3RyaWN0LW9yaWdpbi13aGVuLWNyb3NzLW9yaWdpblwiLFxuICB9XG4gIGNvbnN0IG9wdGlvbnMgPSB7XG4gICAgLi4uZGVmYXVsdFZhbHVlcyxcbiAgICAuLi5oZWFkZXJPcHRpb25zLFxuICB9XG4gIHJldHVybiBvcHRpb25zLnZhbHVlXG59XG5cbmZ1bmN0aW9uIGdlbmVyYXRlRnJhbWVPcHRpb25zSGVhZGVyKGhlYWRlck9wdGlvbnM/OiBGcmFtZU9wdGlvbnNIZWFkZXIpIHtcbiAgY29uc3QgZGVmYXVsdFZhbHVlcyA9IHtcbiAgICB2YWx1ZTogXCJERU5ZXCIsXG4gIH1cbiAgY29uc3Qgb3B0aW9ucyA9IHtcbiAgICAuLi5kZWZhdWx0VmFsdWVzLFxuICAgIC4uLmhlYWRlck9wdGlvbnMsXG4gIH1cbiAgcmV0dXJuIHRyaW0ob3B0aW9ucy52YWx1ZSlcbn1cblxuZXhwb3J0IGNsYXNzIFdlYmFwcFNlY3VyaXR5SGVhZGVycyBleHRlbmRzIGNvbnN0cnVjdHMuQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IHNlY3VyaXR5SGVhZGVyc0Z1bmN0aW9uOiBjbG91ZGZyb250LkZ1bmN0aW9uXG5cbiAgY29uc3RydWN0b3Ioc2NvcGU6IGNvbnN0cnVjdHMuQ29uc3RydWN0LCBpZDogc3RyaW5nLCBwcm9wczogU2VjdXJpdHlIZWFkZXJzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKVxuXG4gICAgY29uc3QgY3NwSGVhZGVyTmFtZSA9IHByb3BzLmNvbnRlbnRTZWN1cml0eVBvbGljeT8ucmVwb3J0T25seVxuICAgICAgPyBcImNvbnRlbnQtc2VjdXJpdHktcG9saWN5LXJlcG9ydC1vbmx5XCJcbiAgICAgIDogXCJjb250ZW50LXNlY3VyaXR5LXBvbGljeVwiXG5cbiAgICBjb25zdCBjb250ZW50U2VjdXJpdHlQb2xpY3kgPSBnZW5lcmF0ZUNvbnRlbnRTZWN1cml0eVBvbGljeUhlYWRlcihcbiAgICAgIHByb3BzLmNvbnRlbnRTZWN1cml0eVBvbGljeSxcbiAgICApXG4gICAgY29uc3Qgc3RyaWN0VHJhbnNwb3J0U2VjdXJpdHkgPSBnZW5lcmF0ZVN0cmljdFRyYW5zcG9ydFNlY3VyaXR5SGVhZGVyKFxuICAgICAgcHJvcHMuc3RyaWN0VHJhbnNwb3J0U2VjdXJpdHksXG4gICAgKVxuICAgIGNvbnN0IHJlZmVycmVyUG9saWN5ID0gZ2VuZXJhdGVSZWZlcnJlclBvbGljeUhlYWRlcihwcm9wcy5yZWZlcnJlclBvbGljeSlcbiAgICBjb25zdCBmcmFtZU9wdGlvbnMgPSBnZW5lcmF0ZUZyYW1lT3B0aW9uc0hlYWRlcihwcm9wcy5mcmFtZU9wdGlvbnMpXG5cbiAgICBjb25zdCBsYW1iZGFDb2RlID0gYGZ1bmN0aW9uIGhhbmRsZXIoZXZlbnQpIHtcbiAgICAgIHZhciByZXNwb25zZSA9IGV2ZW50LnJlc3BvbnNlO1xuICAgICAgdmFyIGhlYWRlcnMgPSByZXNwb25zZS5oZWFkZXJzO1xuICAgICAgaGVhZGVyc1sncmVmZXJyZXItcG9saWN5J10gPSB7dmFsdWU6ICcke3JlZmVycmVyUG9saWN5fSd9O1xuICAgICAgaGVhZGVyc1snc3RyaWN0LXRyYW5zcG9ydC1zZWN1cml0eSddID0ge3ZhbHVlOiAnJHtzdHJpY3RUcmFuc3BvcnRTZWN1cml0eX0nfTtcbiAgICAgIGhlYWRlcnNbJ3gtY29udGVudC10eXBlLW9wdGlvbnMnXSA9IHt2YWx1ZTogJ25vc25pZmYnfTtcbiAgICAgIGhlYWRlcnNbJ3gtZnJhbWUtb3B0aW9ucyddID0ge3ZhbHVlOiAnJHtmcmFtZU9wdGlvbnN9J307XG4gICAgICBoZWFkZXJzWyd4LXhzcy1wcm90ZWN0aW9uJ10gPSB7dmFsdWU6ICcxOyBtb2RlPWJsb2NrJ307XG4gICAgICBoZWFkZXJzWycke2NzcEhlYWRlck5hbWV9J10gPSB7dmFsdWU6IFwiJHtjb250ZW50U2VjdXJpdHlQb2xpY3l9XCJ9O1xuICAgICAgcmV0dXJuIHJlc3BvbnNlO1xuICAgIH1gXG5cbiAgICAvLyBIYXJkY29kZWQgbG9naWNhbCBJRCBkdWUgdG8gYnVnOiBodHRwczovL2dpdGh1Yi5jb20vYXdzL2F3cy1jZGsvaXNzdWVzLzE1NTIzXG4gICAgY29uc3QgZnVuY3Rpb25JZCA9IGBGdW5jdGlvbiR7dGhpcy5ub2RlLmFkZHJ9YFxuXG4gICAgdGhpcy5zZWN1cml0eUhlYWRlcnNGdW5jdGlvbiA9IG5ldyBjbG91ZGZyb250LkZ1bmN0aW9uKHRoaXMsIGZ1bmN0aW9uSWQsIHtcbiAgICAgIGZ1bmN0aW9uTmFtZTogZnVuY3Rpb25JZCxcbiAgICAgIGNvZGU6IGNsb3VkZnJvbnQuRnVuY3Rpb25Db2RlLmZyb21JbmxpbmUobGFtYmRhQ29kZSksXG4gICAgfSlcbiAgfVxufVxuIl19
129
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjdXJpdHktaGVhZGVycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3NyYy93ZWJhcHAvc2VjdXJpdHktaGVhZGVycy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7QUFBQSxtQ0FBa0M7QUFDbEMseUNBQXdDO0FBQ3hDLHlEQUF3RDtBQStCeEQsU0FBUyxnQkFBZ0IsQ0FBQyxLQUFhO0lBQ3JDLElBQUksS0FBSyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUMsS0FBSyxDQUFDLENBQUMsRUFBRTtRQUM3QixNQUFNLEtBQUssQ0FBQywyQ0FBMkMsQ0FBQyxDQUFBO0tBQ3pEO0lBRUQsSUFBSSxLQUFLLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFO1FBQzdCLE1BQU0sS0FBSyxDQUFDLDJDQUEyQyxDQUFDLENBQUE7S0FDekQ7SUFFRCxJQUFJLEtBQUssQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQyxDQUFDLEVBQUU7UUFDOUIsTUFBTSxLQUFLLENBQUMsNENBQTRDLENBQUMsQ0FBQTtLQUMxRDtJQUVELE9BQU8sS0FBSyxDQUFBO0FBQ2QsQ0FBQztBQUVELDREQUE0RDtBQUM1RCxTQUFTLElBQUksQ0FBQyxLQUFhO0lBQ3pCLE9BQU8sS0FBSyxDQUFDLE9BQU8sQ0FBQyxNQUFNLEVBQUUsR0FBRyxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUE7QUFDMUMsQ0FBQztBQUVEOzs7OztHQUtHO0FBQ0gsU0FBZ0IsbUNBQW1DLENBQ2pELGFBQTJDO0lBRTNDLE1BQU0sYUFBYSxHQUFHO1FBQ3BCLE9BQU8sRUFBRSxRQUFRO1FBQ2pCLFFBQVEsRUFBRSxRQUFRO1FBQ2xCLFVBQVUsRUFBRSxlQUFlO1FBQzNCLFVBQVUsRUFBRSxRQUFRO1FBQ3BCLE9BQU8sRUFBRSxRQUFRO1FBQ2pCLFVBQVUsRUFBRSxRQUFRO1FBQ3BCLGNBQWMsRUFBRSxRQUFRO1FBQ3hCLFFBQVEsRUFBRSxRQUFRO1FBQ2xCLE1BQU0sRUFBRSxjQUFjO1FBQ3RCLFdBQVcsRUFBRSxRQUFRO1FBQ3JCLFFBQVEsRUFBRSxRQUFRO1FBQ2xCLFNBQVMsRUFBRSxRQUFRO1FBQ25CLFNBQVMsRUFBRSxRQUFRO1FBQ25CLFFBQVEsRUFBRSxRQUFRO0tBQ25CLENBQUE7SUFFRCxNQUFNLE9BQU8sR0FBRztRQUNkLEdBQUcsYUFBYTtRQUNoQixHQUFHLGFBQWE7S0FDakIsQ0FBQTtJQUVELE1BQU0sQ0FBQyxNQUFNLENBQUMsT0FBTyxDQUFDLENBQUMsT0FBTyxDQUM1QixDQUFDLENBQUMsRUFBRSxFQUFFLENBQUMsT0FBTyxDQUFDLEtBQUssUUFBUSxJQUFJLGdCQUFnQixDQUFDLENBQUMsQ0FBQyxDQUNwRCxDQUFBO0lBRUQsSUFBSSxXQUFXLEdBQUcsRUFBRSxDQUFBO0lBQ3BCLFdBQVcsSUFBSSxZQUFZLElBQUksQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLEdBQUcsQ0FBQTtJQUNuRCxXQUFXLElBQUksYUFBYSxJQUFJLENBQUMsT0FBTyxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUE7SUFDckQsV0FBVyxJQUFJLGVBQWUsSUFBSSxDQUFDLE9BQU8sQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFBO0lBQ3pELFdBQVcsSUFBSSxlQUFlLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQTtJQUN6RCxXQUFXLElBQUksWUFBWSxJQUFJLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxHQUFHLENBQUE7SUFDbkQsV0FBVyxJQUFJLGFBQWEsSUFBSSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFBO0lBQ3JELFdBQVcsSUFBSSxlQUFlLElBQUksQ0FBQyxPQUFPLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQTtJQUN6RCxXQUFXLElBQUksbUJBQW1CLElBQUksQ0FBQyxPQUFPLENBQUMsY0FBYyxDQUFDLEdBQUcsQ0FBQTtJQUNqRSxXQUFXLElBQUksV0FBVyxJQUFJLENBQUMsT0FBTyxDQUFDLE1BQU0sQ0FBQyxHQUFHLENBQUE7SUFDakQsV0FBVyxJQUFJLGdCQUFnQixJQUFJLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxHQUFHLENBQUE7SUFDM0QsV0FBVyxJQUFJLGFBQWEsSUFBSSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFBO0lBQ3JELFdBQVcsSUFBSSxjQUFjLElBQUksQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDLEdBQUcsQ0FBQTtJQUN2RCxXQUFXLElBQUksY0FBYyxJQUFJLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxHQUFHLENBQUE7SUFDdkQsV0FBVyxJQUFJLGFBQWEsSUFBSSxDQUFDLE9BQU8sQ0FBQyxRQUFRLENBQUMsRUFBRSxDQUFBO0lBRXBELE9BQU8sSUFBSSxDQUFDLFdBQVcsQ0FBQyxDQUFBO0FBQzFCLENBQUM7QUE5Q0Qsa0ZBOENDO0FBQ0QsTUFBYSxxQkFBc0IsU0FBUSxVQUFVLENBQUMsU0FBUztJQUc3RCxZQUNFLEtBQTJCLEVBQzNCLEVBQVUsRUFDVixLQUFpQztRQUVqQyxLQUFLLENBQUMsS0FBSyxFQUFFLEVBQUUsQ0FBQyxDQUFBO1FBRWhCLE1BQU0sRUFDSixxQkFBcUIsRUFBRSw2QkFBNkIsRUFDcEQsR0FBRyxTQUFTLEVBQ2IsR0FBRyxLQUFLLENBQUE7UUFFVCxNQUFNLGlDQUFpQyxHQUFHLDZCQUE2QixJQUFJO1lBQ3pFLFVBQVUsRUFBRSxLQUFLO1lBQ2pCLHFCQUFxQixFQUFFLG1DQUFtQyxFQUFFO1lBQzVELFFBQVEsRUFBRSxJQUFJO1NBQ2YsQ0FBQTtRQUVELE1BQU0sYUFBYSxHQUdmO1lBQ0Ysa0JBQWtCLEVBQUU7Z0JBQ2xCLFFBQVEsRUFBRSxJQUFJO2FBQ2Y7WUFDRCxjQUFjLEVBQUU7Z0JBQ2QsUUFBUSxFQUFFLElBQUk7Z0JBQ2QsY0FBYyxFQUFFLFVBQVUsQ0FBQyxxQkFBcUIsQ0FBQyxXQUFXO2FBQzdEO1lBQ0QsWUFBWSxFQUFFO2dCQUNaLFdBQVcsRUFBRSxVQUFVLENBQUMsa0JBQWtCLENBQUMsSUFBSTtnQkFDL0MsUUFBUSxFQUFFLElBQUk7YUFDZjtZQUNELHVCQUF1QixFQUFFO2dCQUN2QixRQUFRLEVBQUUsSUFBSTtnQkFDZCxtQkFBbUIsRUFBRSxHQUFHLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxLQUFLLENBQUM7Z0JBQzdDLGlCQUFpQixFQUFFLEtBQUs7Z0JBQ3hCLE9BQU8sRUFBRSxLQUFLO2FBQ2Y7WUFDRCxhQUFhLEVBQUU7Z0JBQ2IsUUFBUSxFQUFFLElBQUk7Z0JBQ2QsVUFBVSxFQUFFLElBQUk7Z0JBQ2hCLFNBQVMsRUFBRSxJQUFJO2FBQ2hCO1NBQ0YsQ0FBQTtRQUVELElBQUksQ0FBQyxxQkFBcUIsR0FBRyxJQUFJLFVBQVUsQ0FBQyxxQkFBcUIsQ0FDL0QsSUFBSSxFQUNKLHVCQUF1QixFQUN2QjtZQUNFLHVCQUF1QixFQUFFO2dCQUN2QixHQUFHLGFBQWE7Z0JBQ2hCLEdBQUcsU0FBUztnQkFDWixHQUFHLENBQUMsQ0FBQyxpQ0FBaUMsQ0FBQyxVQUFVLElBQUk7b0JBQ25ELHFCQUFxQixFQUFFO3dCQUNyQixxQkFBcUIsRUFDbkIsaUNBQWlDLENBQUMscUJBQXFCO3dCQUN6RCxRQUFRLEVBQUUsaUNBQWlDLENBQUMsUUFBUTtxQkFDckQ7aUJBQ0YsQ0FBQzthQUNIO1lBQ0QsR0FBRyxDQUFDLGlDQUFpQyxDQUFDLFVBQVUsSUFBSTtnQkFDbEQscUJBQXFCLEVBQUU7b0JBQ3JCLHNHQUFzRztvQkFDdEcsYUFBYSxFQUFFO3dCQUNiOzRCQUNFLE1BQU0sRUFBRSxxQ0FBcUM7NEJBQzdDLEtBQUssRUFBRSxpQ0FBaUMsQ0FBQyxxQkFBcUI7NEJBQzlELFFBQVEsRUFBRSxpQ0FBaUMsQ0FBQyxRQUFRO3lCQUNyRDtxQkFDRjtpQkFDRjthQUNGLENBQUM7U0FDSCxDQUNGLENBQUE7SUFDSCxDQUFDO0NBQ0Y7QUEvRUQsc0RBK0VDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY2RrIGZyb20gXCJhd3MtY2RrLWxpYlwiXG5pbXBvcnQgKiBhcyBjb25zdHJ1Y3RzIGZyb20gXCJjb25zdHJ1Y3RzXCJcbmltcG9ydCAqIGFzIGNsb3VkZnJvbnQgZnJvbSBcImF3cy1jZGstbGliL2F3cy1jbG91ZGZyb250XCJcblxuZXhwb3J0IHR5cGUgV2ViYXBwU2VjdXJpdHlIZWFkZXJzUHJvcHMgPSBQYXJ0aWFsPFxuICBjbG91ZGZyb250LlJlc3BvbnNlU2VjdXJpdHlIZWFkZXJzQmVoYXZpb3IgJiB7XG4gICAgY29udGVudFNlY3VyaXR5UG9saWN5PzogY2xvdWRmcm9udC5SZXNwb25zZVNlY3VyaXR5SGVhZGVyc0JlaGF2aW9yW1wiY29udGVudFNlY3VyaXR5UG9saWN5XCJdICYge1xuICAgICAgLyoqXG4gICAgICAgKiBXaGV0aGVyIHRvIG9ubHkgbW9uaXRvciB0aGUgZWZmZWN0cyBvZiB0aGUgY29udGVudCBzZWN1cml0eSBwb2xpY3kgd2l0aG91dCBhY3R1YWxseSBibG9ja2luZyBhbnl0aGluZy5cbiAgICAgICAqIEBkZWZhdWx0IGZhbHNlXG4gICAgICAgKi9cbiAgICAgIHJlcG9ydE9ubHk/OiBib29sZWFuXG4gICAgfVxuICB9XG4+XG5cbmV4cG9ydCBpbnRlcmZhY2UgQ29udGVudFNlY3VyaXR5UG9saWN5SGVhZGVyIHtcbiAgYmFzZVVyaT86IHN0cmluZ1xuICBjaGlsZFNyYz86IHN0cmluZ1xuICBkZWZhdWx0U3JjPzogc3RyaW5nXG4gIGZvbnRTcmM/OiBzdHJpbmdcbiAgZnJhbWVTcmM/OiBzdHJpbmdcbiAgZm9ybUFjdGlvbj86IHN0cmluZ1xuICBmcmFtZUFuY2VzdG9ycz86IHN0cmluZ1xuICBpbWdTcmM/OiBzdHJpbmdcbiAgbWFuaWZlc3RTcmM/OiBzdHJpbmdcbiAgbWVkaWFTcmM/OiBzdHJpbmdcbiAgb2JqZWN0U3JjPzogc3RyaW5nXG4gIHNjcmlwdFNyYz86IHN0cmluZ1xuICBzdHlsZVNyYz86IHN0cmluZ1xuICBjb25uZWN0U3JjPzogc3RyaW5nXG59XG5cbmZ1bmN0aW9uIHZhbGlkYXRlQ3NwUGFyYW0ocGFyYW06IHN0cmluZyk6IHN0cmluZyB7XG4gIGlmIChwYXJhbS5pbmRleE9mKCdcIicpICE9PSAtMSkge1xuICAgIHRocm93IEVycm9yKCdDU1Agb3ZlcnJpZGUgY29udGFpbnMgaW52YWxpZCBjaGFyYWN0ZXIgXCInKVxuICB9XG5cbiAgaWYgKHBhcmFtLmluZGV4T2YoXCI7XCIpICE9PSAtMSkge1xuICAgIHRocm93IEVycm9yKFwiQ1NQIG92ZXJyaWRlIGNvbnRhaW5zIGludmFsaWQgY2hhcmFjdGVyIDtcIilcbiAgfVxuXG4gIGlmIChwYXJhbS5pbmRleE9mKFwiXFxcXFwiKSAhPT0gLTEpIHtcbiAgICB0aHJvdyBFcnJvcihcIkNTUCBvdmVycmlkZSBjb250YWlucyBpbnZhbGlkIGNoYXJhY3RlciBcXFxcXCIpXG4gIH1cblxuICByZXR1cm4gcGFyYW1cbn1cblxuLyogUmVwbGFjZSBhbGwgd2hpdGVzcGFjZSBpbiBhIHN0cmluZyB3aXRoIGEgc2luZ2xlIHNwYWNlICovXG5mdW5jdGlvbiB0cmltKHZhbHVlOiBzdHJpbmcpOiBzdHJpbmcge1xuICByZXR1cm4gdmFsdWUucmVwbGFjZSgvXFxzKy9nLCBcIiBcIikudHJpbSgpXG59XG5cbi8qKlxuICogSGVscGVyIGZ1bmN0aW9uIHRoYXQgZ2VuZXJhdGVzIGEgc3RyaW5nIGNvbnRhaW5pbmcgYSBDb250ZW50IFNlY3VyaXR5IFBvbGljeSB0aGF0IGNhbiBiZVxuICogdXNlZCBpbiBhIHNlY3VyaXR5IGhlYWRlci5cbiAqXG4gKiBOT1RFOiBUaGUgc3RyaW5nIGNhbiBiZSBmdXJ0aGVyIGV4dGVuZGVkIHVzaW5nIHN0cmluZyBjb25jYXRlbmF0aW9uIGZvciBkaXJlY3RpdmVzIHRoYXQgYXJlbid0IGN1cnJlbnRseSBzdXBwb3J0ZWQgYnkgdGhlIGZ1bmN0aW9uLlxuICovXG5leHBvcnQgZnVuY3Rpb24gZ2VuZXJhdGVDb250ZW50U2VjdXJpdHlQb2xpY3lIZWFkZXIoXG4gIGhlYWRlck9wdGlvbnM/OiBDb250ZW50U2VjdXJpdHlQb2xpY3lIZWFkZXIsXG4pIHtcbiAgY29uc3QgZGVmYXVsdFZhbHVlcyA9IHtcbiAgICBiYXNlVXJpOiBcIidzZWxmJ1wiLFxuICAgIGNoaWxkU3JjOiBcIidzZWxmJ1wiLFxuICAgIGNvbm5lY3RTcmM6IFwiJ3NlbGYnIGh0dHBzOlwiLFxuICAgIGRlZmF1bHRTcmM6IFwiJ25vbmUnXCIsXG4gICAgZm9udFNyYzogXCInc2VsZidcIixcbiAgICBmb3JtQWN0aW9uOiBcIidub25lJ1wiLFxuICAgIGZyYW1lQW5jZXN0b3JzOiBcIidub25lJ1wiLFxuICAgIGZyYW1lU3JjOiBcIidzZWxmJ1wiLFxuICAgIGltZ1NyYzogXCInc2VsZicgZGF0YTpcIixcbiAgICBtYW5pZmVzdFNyYzogXCInc2VsZidcIixcbiAgICBtZWRpYVNyYzogXCInc2VsZidcIixcbiAgICBvYmplY3RTcmM6IFwiJ25vbmUnXCIsXG4gICAgc2NyaXB0U3JjOiBcIidzZWxmJ1wiLFxuICAgIHN0eWxlU3JjOiBcIidzZWxmJ1wiLFxuICB9XG5cbiAgY29uc3Qgb3B0aW9ucyA9IHtcbiAgICAuLi5kZWZhdWx0VmFsdWVzLFxuICAgIC4uLmhlYWRlck9wdGlvbnMsXG4gIH1cblxuICBPYmplY3QudmFsdWVzKG9wdGlvbnMpLmZvckVhY2goXG4gICAgKHYpID0+IHR5cGVvZiB2ID09PSBcInN0cmluZ1wiICYmIHZhbGlkYXRlQ3NwUGFyYW0odiksXG4gIClcblxuICBsZXQgaGVhZGVyVmFsdWUgPSBcIlwiXG4gIGhlYWRlclZhbHVlICs9IGBiYXNlLXVyaSAke3RyaW0ob3B0aW9ucy5iYXNlVXJpKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgY2hpbGQtc3JjICR7dHJpbShvcHRpb25zLmNoaWxkU3JjKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgY29ubmVjdC1zcmMgJHt0cmltKG9wdGlvbnMuY29ubmVjdFNyYyl9O2BcbiAgaGVhZGVyVmFsdWUgKz0gYGRlZmF1bHQtc3JjICR7dHJpbShvcHRpb25zLmRlZmF1bHRTcmMpfTtgXG4gIGhlYWRlclZhbHVlICs9IGBmb250LXNyYyAke3RyaW0ob3B0aW9ucy5mb250U3JjKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgZnJhbWUtc3JjICR7dHJpbShvcHRpb25zLmZyYW1lU3JjKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgZm9ybS1hY3Rpb24gJHt0cmltKG9wdGlvbnMuZm9ybUFjdGlvbil9O2BcbiAgaGVhZGVyVmFsdWUgKz0gYGZyYW1lLWFuY2VzdG9ycyAke3RyaW0ob3B0aW9ucy5mcmFtZUFuY2VzdG9ycyl9O2BcbiAgaGVhZGVyVmFsdWUgKz0gYGltZy1zcmMgJHt0cmltKG9wdGlvbnMuaW1nU3JjKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgbWFuaWZlc3Qtc3JjICR7dHJpbShvcHRpb25zLm1hbmlmZXN0U3JjKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgbWVkaWEtc3JjICR7dHJpbShvcHRpb25zLm1lZGlhU3JjKX07YFxuICBoZWFkZXJWYWx1ZSArPSBgb2JqZWN0LXNyYyAke3RyaW0ob3B0aW9ucy5vYmplY3RTcmMpfTtgXG4gIGhlYWRlclZhbHVlICs9IGBzY3JpcHQtc3JjICR7dHJpbShvcHRpb25zLnNjcmlwdFNyYyl9O2BcbiAgaGVhZGVyVmFsdWUgKz0gYHN0eWxlLXNyYyAke3RyaW0ob3B0aW9ucy5zdHlsZVNyYyl9YFxuXG4gIHJldHVybiB0cmltKGhlYWRlclZhbHVlKVxufVxuZXhwb3J0IGNsYXNzIFdlYmFwcFNlY3VyaXR5SGVhZGVycyBleHRlbmRzIGNvbnN0cnVjdHMuQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IHJlc3BvbnNlSGVhZGVyc1BvbGljeTogY2xvdWRmcm9udC5SZXNwb25zZUhlYWRlcnNQb2xpY3lcblxuICBjb25zdHJ1Y3RvcihcbiAgICBzY29wZTogY29uc3RydWN0cy5Db25zdHJ1Y3QsXG4gICAgaWQ6IHN0cmluZyxcbiAgICBwcm9wczogV2ViYXBwU2VjdXJpdHlIZWFkZXJzUHJvcHMsXG4gICkge1xuICAgIHN1cGVyKHNjb3BlLCBpZClcblxuICAgIGNvbnN0IHtcbiAgICAgIGNvbnRlbnRTZWN1cml0eVBvbGljeTogY29udGVudFNlY3VyaXR5UG9saWN5T3ZlcnJpZGUsXG4gICAgICAuLi5vdmVycmlkZXNcbiAgICB9ID0gcHJvcHNcblxuICAgIGNvbnN0IGNvbnRlbnRTZWN1cml0eVBvbGljeUN1c3RvbUhlYWRlciA9IGNvbnRlbnRTZWN1cml0eVBvbGljeU92ZXJyaWRlIHx8IHtcbiAgICAgIHJlcG9ydE9ubHk6IGZhbHNlLFxuICAgICAgY29udGVudFNlY3VyaXR5UG9saWN5OiBnZW5lcmF0ZUNvbnRlbnRTZWN1cml0eVBvbGljeUhlYWRlcigpLFxuICAgICAgb3ZlcnJpZGU6IHRydWUsXG4gICAgfVxuXG4gICAgY29uc3QgZGVmYXVsdFZhbHVlczogT21pdDxcbiAgICAgIGNsb3VkZnJvbnQuUmVzcG9uc2VTZWN1cml0eUhlYWRlcnNCZWhhdmlvcixcbiAgICAgIFwiY29udGVudFNlY3VyaXR5UG9saWN5XCJcbiAgICA+ID0ge1xuICAgICAgY29udGVudFR5cGVPcHRpb25zOiB7XG4gICAgICAgIG92ZXJyaWRlOiB0cnVlLFxuICAgICAgfSxcbiAgICAgIHJlZmVycmVyUG9saWN5OiB7XG4gICAgICAgIG92ZXJyaWRlOiB0cnVlLFxuICAgICAgICByZWZlcnJlclBvbGljeTogY2xvdWRmcm9udC5IZWFkZXJzUmVmZXJyZXJQb2xpY3kuU0FNRV9PUklHSU4sXG4gICAgICB9LFxuICAgICAgZnJhbWVPcHRpb25zOiB7XG4gICAgICAgIGZyYW1lT3B0aW9uOiBjbG91ZGZyb250LkhlYWRlcnNGcmFtZU9wdGlvbi5ERU5ZLFxuICAgICAgICBvdmVycmlkZTogdHJ1ZSxcbiAgICAgIH0sXG4gICAgICBzdHJpY3RUcmFuc3BvcnRTZWN1cml0eToge1xuICAgICAgICBvdmVycmlkZTogdHJ1ZSxcbiAgICAgICAgYWNjZXNzQ29udHJvbE1heEFnZTogY2RrLkR1cmF0aW9uLmRheXMoMTgyLjUpLFxuICAgICAgICBpbmNsdWRlU3ViZG9tYWluczogZmFsc2UsXG4gICAgICAgIHByZWxvYWQ6IGZhbHNlLFxuICAgICAgfSxcbiAgICAgIHhzc1Byb3RlY3Rpb246IHtcbiAgICAgICAgb3ZlcnJpZGU6IHRydWUsXG4gICAgICAgIHByb3RlY3Rpb246IHRydWUsXG4gICAgICAgIG1vZGVCbG9jazogdHJ1ZSxcbiAgICAgIH0sXG4gICAgfVxuXG4gICAgdGhpcy5yZXNwb25zZUhlYWRlcnNQb2xpY3kgPSBuZXcgY2xvdWRmcm9udC5SZXNwb25zZUhlYWRlcnNQb2xpY3koXG4gICAgICB0aGlzLFxuICAgICAgXCJSZXNwb25zZUhlYWRlcnNQb2xpY3lcIixcbiAgICAgIHtcbiAgICAgICAgc2VjdXJpdHlIZWFkZXJzQmVoYXZpb3I6IHtcbiAgICAgICAgICAuLi5kZWZhdWx0VmFsdWVzLFxuICAgICAgICAgIC4uLm92ZXJyaWRlcyxcbiAgICAgICAgICAuLi4oIWNvbnRlbnRTZWN1cml0eVBvbGljeUN1c3RvbUhlYWRlci5yZXBvcnRPbmx5ICYmIHtcbiAgICAgICAgICAgIGNvbnRlbnRTZWN1cml0eVBvbGljeToge1xuICAgICAgICAgICAgICBjb250ZW50U2VjdXJpdHlQb2xpY3k6XG4gICAgICAgICAgICAgICAgY29udGVudFNlY3VyaXR5UG9saWN5Q3VzdG9tSGVhZGVyLmNvbnRlbnRTZWN1cml0eVBvbGljeSxcbiAgICAgICAgICAgICAgb3ZlcnJpZGU6IGNvbnRlbnRTZWN1cml0eVBvbGljeUN1c3RvbUhlYWRlci5vdmVycmlkZSxcbiAgICAgICAgICAgIH0sXG4gICAgICAgICAgfSksXG4gICAgICAgIH0sXG4gICAgICAgIC4uLihjb250ZW50U2VjdXJpdHlQb2xpY3lDdXN0b21IZWFkZXIucmVwb3J0T25seSAmJiB7XG4gICAgICAgICAgY3VzdG9tSGVhZGVyc0JlaGF2aW9yOiB7XG4gICAgICAgICAgICAvLyBSZXBvcnQgb25seSBpcyBub3Qgc3VwcG9ydGVkIGJ5IHNlY3VyaXR5SGVhZGVyc0JlaGF2aW9yIGluIEFXUyBhbmQgbXVzdCBiZSBkZWZpbmVkIGFzIGN1c3RvbSBoZWFkZXJcbiAgICAgICAgICAgIGN1c3RvbUhlYWRlcnM6IFtcbiAgICAgICAgICAgICAge1xuICAgICAgICAgICAgICAgIGhlYWRlcjogXCJDb250ZW50LVNlY3VyaXR5LVBvbGljeS1SZXBvcnQtT25seVwiLFxuICAgICAgICAgICAgICAgIHZhbHVlOiBjb250ZW50U2VjdXJpdHlQb2xpY3lDdXN0b21IZWFkZXIuY29udGVudFNlY3VyaXR5UG9saWN5LFxuICAgICAgICAgICAgICAgIG92ZXJyaWRlOiBjb250ZW50U2VjdXJpdHlQb2xpY3lDdXN0b21IZWFkZXIub3ZlcnJpZGUsXG4gICAgICAgICAgICAgIH0sXG4gICAgICAgICAgICBdLFxuICAgICAgICAgIH0sXG4gICAgICAgIH0pLFxuICAgICAgfSxcbiAgICApXG4gIH1cbn1cbiJdfQ==
package/lib/webapp/webapp.d.ts CHANGED
@@ -5,7 +5,7 @@ import * as origins from "aws-cdk-lib/aws-cloudfront-origins";
5
5
  import * as r53 from "aws-cdk-lib/aws-route53";
6
6
  import * as s3 from "aws-cdk-lib/aws-s3";
7
7
  import * as webappDeploy from "@capraconsulting/webapp-deploy-lambda";
8
- import { SecurityHeaders } from "./security-headers";
8
+ import { WebappSecurityHeadersProps } from "./security-headers";
9
9
  export interface WebappProps {
10
10
  /**
11
11
  * ACM certificate that covers the specifeid domain names.
@@ -42,27 +42,44 @@ export interface WebappProps {
42
42
  */
43
43
  webAclErrorPagePath?: string;
44
44
  /**
45
- * Enable adding common security headers to CloudFront responses using a CloudFront Function.
46
- *
47
- * If enabled, the default behavior is to add the following headers with fairly strict defaults. Most of the headers can be customized:
48
- * - Content-Security-Policy
49
- * - Referrer-Policy
50
- * - Strict-Transport-Security
51
- * - X-Content-Type-Options
52
- * - X-Frame-Options
53
- * - X-XSS-Protection
54
- *
55
- * @default - No security headers will be added to responses
45
+ * Enable, disable or configure security headers for the web application
46
+ * @default - a set of strict security headers are configured by default
56
47
  */
57
- enableSecurityHeaders?: boolean;
48
+ securityHeaders?: {
49
+ /**
50
+ * Enable adding common security headers to CloudFront responses
51
+ *
52
+ * If enabled, the default behavior is to add the following headers with fairly strict defaults. Most of the headers can be customized:
53
+ * - Content-Security-Policy
54
+ * - Referrer-Policy
55
+ * - Strict-Transport-Security
56
+ * - X-Content-Type-Options
57
+ * - X-Frame-Options
58
+ * - X-XSS-Protection
59
+ *
60
+ *
61
+ * @default true
62
+ */
63
+ enabled?: boolean;
64
+ /**
65
+ * Security headers overrides.
66
+ *
67
+ * Used to override certain default security header values if the webapp requires different settings than the defaults.
68
+ *
69
+ * NOTE: If you need to disable certain headers, you must explicitly set them to undefined
70
+ *
71
+ * @default - A set of strict security header values will be used
72
+ */
73
+ behaviorOverrides?: WebappSecurityHeadersProps;
74
+ };
58
75
  /**
59
- * Security headers overrides.
76
+ * Cloudfront behavior overrides.
60
77
  *
61
- * Used to override certain security header values if the webapp requires more lax settings compared to the defaults.
78
+ * Used to override cloudfront behavior
62
79
  *
63
- * @default - A set of strict security header values will be used
80
+ * NOTE: ResponseHeadersPolicy defined here will overwrite BOTH the default security headers policy and
81
+ * any values specified in securityHeaders.behaviorOverrides.
64
82
  */
65
- securityHeadersOverrides?: SecurityHeaders;
66
83
  overrideCloudFrontBehaviourOptions?: Partial<cloudfront.BehaviorOptions>;
67
84
  }
68
85
  /**
package/lib/webapp/webapp.js CHANGED
@@ -19,6 +19,7 @@ const security_headers_1 = require("./security-headers");
19
19
  */
20
20
  class Webapp extends constructs.Construct {
21
21
  constructor(scope, id, props) {
22
+ var _a, _b, _c;
22
23
  super(scope, id);
23
24
  if (props.webAclErrorPagePath != null && props.webAclId == null) {
24
25
  throw new Error("webAclErrorPagePath set but webAclId is missing");
@@ -62,23 +63,18 @@ class Webapp extends constructs.Construct {
62
63
  responsePagePath: props.webAclErrorPagePath,
63
64
  });
64
65
  }
65
- let functionAssociations;
66
- if (props.enableSecurityHeaders) {
66
+ let responseHeadersPolicy;
67
+ if ((_b = (_a = props.securityHeaders) === null || _a === void 0 ? void 0 : _a.enabled) !== null && _b !== void 0 ? _b : true) {
67
68
  const securityHeaders = new security_headers_1.WebappSecurityHeaders(this, "SecurityHeaders", {
68
- ...props.securityHeadersOverrides,
69
+ ...(_c = props.securityHeaders) === null || _c === void 0 ? void 0 : _c.behaviorOverrides,
69
70
  });
70
- functionAssociations = [
71
- {
72
- function: securityHeaders.securityHeadersFunction,
73
- eventType: cloudfront.FunctionEventType.VIEWER_RESPONSE,
74
- },
75
- ];
71
+ responseHeadersPolicy = securityHeaders.responseHeadersPolicy;
76
72
  }
77
73
  this.distribution = new cloudfront.Distribution(this, "Distribution", {
78
74
  defaultBehavior: {
79
75
  origin: this.webappOrigin,
80
76
  viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
81
- functionAssociations: functionAssociations,
77
+ responseHeadersPolicy: responseHeadersPolicy,
82
78
  ...props.overrideCloudFrontBehaviourOptions,
83
79
  },
84
80
  defaultRootObject: "index.html",
@@ -118,4 +114,4 @@ class Webapp extends constructs.Construct {
118
114
  }
119
115
  }
120
116
  exports.Webapp = Webapp;
121
- //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2ViYXBwLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3dlYmFwcC93ZWJhcHAudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEseUNBQXdDO0FBRXhDLHlEQUF3RDtBQUN4RCw4REFBNkQ7QUFDN0QsMkNBQTBDO0FBQzFDLCtDQUE4QztBQUM5Qyx3REFBdUQ7QUFDdkQseUNBQXdDO0FBQ3hDLHNFQUFxRTtBQUNyRSx5REFBMkU7QUE4RDNFOzs7Ozs7R0FNRztBQUNILE1BQWEsTUFBTyxTQUFRLFVBQVUsQ0FBQyxTQUFTO0lBSzlDLFlBQVksS0FBMkIsRUFBRSxFQUFVLEVBQUUsS0FBa0I7UUFDckUsS0FBSyxDQUFDLEtBQUssRUFBRSxFQUFFLENBQUMsQ0FBQTtRQUVoQixJQUFJLEtBQUssQ0FBQyxtQkFBbUIsSUFBSSxJQUFJLElBQUksS0FBSyxDQUFDLFFBQVEsSUFBSSxJQUFJLEVBQUU7WUFDL0QsTUFBTSxJQUFJLEtBQUssQ0FBQyxpREFBaUQsQ0FBQyxDQUFBO1NBQ25FO1FBRUQsSUFBSSxDQUFDLFlBQVksR0FBRyxJQUFJLEVBQUUsQ0FBQyxNQUFNLENBQUMsSUFBSSxFQUFFLFFBQVEsRUFBRTtZQUNoRCxVQUFVLEVBQUUsRUFBRSxDQUFDLGdCQUFnQixDQUFDLFVBQVU7U0FDM0MsQ0FBQyxDQUFBO1FBRUYsTUFBTSxvQkFBb0IsR0FBRyxJQUFJLFVBQVUsQ0FBQyxvQkFBb0IsQ0FDOUQsSUFBSSxFQUNKLHNCQUFzQixDQUN2QixDQUFBO1FBRUQsSUFBSSxDQUFDLFlBQVksQ0FBQyxtQkFBbUIsQ0FDbkMsSUFBSSxHQUFHLENBQUMsZUFBZSxDQUFDO1lBQ3RCLFNBQVMsRUFBRSxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsYUFBYSxDQUFDLEdBQUcsQ0FBQyxDQUFDO1lBQ2pELE9BQU8sRUFBRSxDQUFDLGNBQWMsQ0FBQztZQUN6QixVQUFVLEVBQUUsQ0FBQyxvQkFBb0IsQ0FBQyxjQUFjLENBQUM7U0FDbEQsQ0FBQyxDQUNILENBQUE7UUFFRCxJQUFJLENBQUMsWUFBWSxDQUFDLG1CQUFtQixDQUNuQyxJQUFJLEdBQUcsQ0FBQyxlQUFlLENBQUM7WUFDdEIsU0FBUyxFQUFFLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxTQUFTLENBQUM7WUFDeEMsMkRBQTJEO1lBQzNELHVEQUF1RDtZQUN2RCwyREFBMkQ7WUFDM0QsdURBQXVEO1lBQ3ZELDZJQUE2STtZQUM3SSxPQUFPLEVBQUUsQ0FBQyxlQUFlLENBQUM7WUFDMUIsVUFBVSxFQUFFLENBQUMsb0JBQW9CLENBQUMsY0FBYyxDQUFDO1NBQ2xELENBQUMsQ0FDSCxDQUFBO1FBRUQsSUFBSSxDQUFDLFlBQVksR0FBRyxJQUFJLE9BQU8sQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLFlBQVksRUFBRTtZQUMxRCx3REFBd0Q7WUFDeEQsMERBQTBEO1lBQzFELFVBQVUsRUFBRSxNQUFNO1lBQ2xCLG9CQUFvQjtTQUNyQixDQUFDLENBQUE7UUFFRixNQUFNLGNBQWMsR0FBK0I7WUFDakQ7Z0JBQ0UsVUFBVSxFQUFFLEdBQUc7Z0JBQ2Ysa0JBQWtCLEVBQUUsR0FBRztnQkFDdkIsZ0JBQWdCLEVBQUUsYUFBYTthQUNoQztTQUNGLENBQUE7UUFFRCxJQUFJLEtBQUssQ0FBQyxtQkFBbUIsSUFBSSxJQUFJLEVBQUU7WUFDckMsY0FBYyxDQUFDLElBQUksQ0FBQztnQkFDbEIsVUFBVSxFQUFFLEdBQUc7Z0JBQ2Ysa0JBQWtCLEVBQUUsR0FBRztnQkFDdkIsZ0JBQWdCLEVBQUUsS0FBSyxDQUFDLG1CQUFtQjthQUM1QyxDQUFDLENBQUE7U0FDSDtRQUVELElBQUksb0JBQWtFLENBQUE7UUFDdEUsSUFBSSxLQUFLLENBQUMscUJBQXFCLEVBQUU7WUFDL0IsTUFBTSxlQUFlLEdBQUcsSUFBSSx3Q0FBcUIsQ0FDL0MsSUFBSSxFQUNKLGlCQUFpQixFQUNqQjtnQkFDRSxHQUFHLEtBQUssQ0FBQyx3QkFBd0I7YUFDbEMsQ0FDRixDQUFBO1lBQ0Qsb0JBQW9CLEdBQUc7Z0JBQ3JCO29CQUNFLFFBQVEsRUFBRSxlQUFlLENBQUMsdUJBQXVCO29CQUNqRCxTQUFTLEVBQUUsVUFBVSxDQUFDLGlCQUFpQixDQUFDLGVBQWU7aUJBQ3hEO2FBQ0YsQ0FBQTtTQUNGO1FBRUQsSUFBSSxDQUFDLFlBQVksR0FBRyxJQUFJLFVBQVUsQ0FBQyxZQUFZLENBQUMsSUFBSSxFQUFFLGNBQWMsRUFBRTtZQUNwRSxlQUFlLEVBQUU7Z0JBQ2YsTUFBTSxFQUFFLElBQUksQ0FBQyxZQUFZO2dCQUN6QixvQkFBb0IsRUFBRSxVQUFVLENBQUMsb0JBQW9CLENBQUMsaUJBQWlCO2dCQUN2RSxvQkFBb0IsRUFBRSxvQkFBb0I7Z0JBQzFDLEdBQUcsS0FBSyxDQUFDLGtDQUFrQzthQUM1QztZQUNELGlCQUFpQixFQUFFLFlBQVk7WUFDL0IsVUFBVSxFQUFFLFVBQVUsQ0FBQyxVQUFVLENBQUMsZUFBZTtZQUNqRCxXQUFXLEVBQUUsS0FBSyxDQUFDLHFCQUFxQjtZQUN4QyxXQUFXLEVBQUUsS0FBSyxDQUFDLFdBQVc7WUFDOUIsY0FBYztZQUNkLFFBQVEsRUFBRSxLQUFLLENBQUMsUUFBUTtTQUN6QixDQUFDLENBQUE7SUFDSixDQUFDO0lBRUQsWUFBWSxDQUFDLFVBQTJCLEVBQUUsVUFBa0I7UUFDMUQsSUFBSSxHQUFHLENBQUMsT0FBTyxDQUFDLElBQUksRUFBRSxZQUFZLFVBQVUsRUFBRSxFQUFFO1lBQzlDLElBQUksRUFBRSxVQUFVO1lBQ2hCLFVBQVUsRUFBRSxHQUFHLFVBQVUsR0FBRztZQUM1QixNQUFNLEVBQUUsR0FBRyxDQUFDLFlBQVksQ0FBQyxTQUFTLENBQ2hDLElBQUksSUFBSSxDQUFDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsQ0FDN0M7U0FDRixDQUFDLENBQUE7SUFDSixDQUFDO0lBRUQ7Ozs7O09BS0c7SUFDSCxhQUFhO0lBQ1g7O09BRUc7SUFDSCxNQUE0QixFQUM1QixLQU9DOztRQUVELE1BQU0sZ0JBQWdCLEdBQUcsTUFBQSxLQUFLLGFBQUwsS0FBSyx1QkFBTCxLQUFLLENBQUUsZ0JBQWdCLG1DQUFJLEtBQUssQ0FBQTtRQUV6RCxJQUFJLFlBQVksQ0FBQyxZQUFZLENBQUMsSUFBSSxFQUFFLFFBQVEsRUFBRTtZQUM1QyxNQUFNLEVBQUUsTUFBTTtZQUNkLFNBQVMsRUFBRSxJQUFJLENBQUMsWUFBWTtZQUM1QixZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVk7WUFDL0IsY0FBYyxFQUFFLGdCQUFnQixDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUMsQ0FBQyxDQUFDLFNBQVM7U0FDekQsQ0FBQyxDQUFBO0lBQ0osQ0FBQztDQUNGO0FBeklELHdCQXlJQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIGNvbnN0cnVjdHMgZnJvbSBcImNvbnN0cnVjdHNcIlxuaW1wb3J0ICogYXMgY2VydGlmaWNhdGVtYW5hZ2VyIGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtY2VydGlmaWNhdGVtYW5hZ2VyXCJcbmltcG9ydCAqIGFzIGNsb3VkZnJvbnQgZnJvbSBcImF3cy1jZGstbGliL2F3cy1jbG91ZGZyb250XCJcbmltcG9ydCAqIGFzIG9yaWdpbnMgZnJvbSBcImF3cy1jZGstbGliL2F3cy1jbG91ZGZyb250LW9yaWdpbnNcIlxuaW1wb3J0ICogYXMgaWFtIGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtaWFtXCJcbmltcG9ydCAqIGFzIHI1MyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXJvdXRlNTNcIlxuaW1wb3J0ICogYXMgcjUzdCBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXJvdXRlNTMtdGFyZ2V0c1wiXG5pbXBvcnQgKiBhcyBzMyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLXMzXCJcbmltcG9ydCAqIGFzIHdlYmFwcERlcGxveSBmcm9tIFwiQGNhcHJhY29uc3VsdGluZy93ZWJhcHAtZGVwbG95LWxhbWJkYVwiXG5pbXBvcnQgeyBXZWJhcHBTZWN1cml0eUhlYWRlcnMsIFNlY3VyaXR5SGVhZGVycyB9IGZyb20gXCIuL3NlY3VyaXR5LWhlYWRlcnNcIlxuXG5leHBvcnQgaW50ZXJmYWNlIFdlYmFwcFByb3BzIHtcbiAgLyoqXG4gICAqIEFDTSBjZXJ0aWZpY2F0ZSB0aGF0IGNvdmVycyB0aGUgc3BlY2lmZWlkIGRvbWFpbiBuYW1lcy5cbiAgICpcbiAgICogVGhpcyBjZXJ0aWZpY2F0ZSBtdXN0IGJlIGNyZWF0ZWQgaW4gdGhlIHJlZ2lvbiB1cy1lYXN0LTEuXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gVGhlIENsb3VkRnJvbnQgd2lsZGNhcmQgY2VydGlmaWNhdGUgKCouY2xvdWRmcm9udC5uZXQpIHdpbGwgYmUgdXNlZC5cbiAgICovXG4gIGNsb3VkZnJvbnRDZXJ0aWZpY2F0ZT86IGNlcnRpZmljYXRlbWFuYWdlci5JQ2VydGlmaWNhdGVcbiAgLyoqXG4gICAqIExpc3Qgb2YgZG9tYWluIG5hbWVzIHRoZSBDbG91ZEZyb250IGRpc3RyaWJ1dGlvbiBzaG91bGQgdXNlLlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIEdlbmVyYXRlZCBuYW1lIChlLmcuLCBkMTExMTExYWJjZGVmOC5jbG91ZGZyb250Lm5ldClcbiAgICovXG4gIGRvbWFpbk5hbWVzPzogc3RyaW5nW11cbiAgLyoqXG4gICAqIEFXUyBXQUYgd2ViIEFDTCB0byBhc3NvY2lhdGUgd2l0aCB0aGUgQ2xvdWRGcm9udCBkaXN0cmlidXRpb24uXG4gICAqXG4gICAqIFRvIHNwZWNpZnkgYSB3ZWIgQUNMIGNyZWF0ZWQgdXNpbmcgdGhlIGxhdGVzdCB2ZXJzaW9uIG9mIEFXUyBXQUYsIHVzZSB0aGUgQUNMIEFSTiwgZm9yIGV4YW1wbGVcbiAgICogYGFybjphd3M6d2FmdjI6dXMtZWFzdC0xOjEyMzQ1Njc4OTAxMjpnbG9iYWwvd2ViYWNsL0V4YW1wbGVXZWJBQ0wvNDczZTY0ZmQtZjMwYi00NzY1LTgxYTAtNjJhZDk2ZGQxNjdhYC5cbiAgICogVG8gc3BlY2lmeSBhIHdlYiBBQ0wgY3JlYXRlZCB1c2luZyBBV1MgV0FGIENsYXNzaWMsIHVzZSB0aGUgQUNMIElELCBmb3IgZXhhbXBsZSBgNDczZTY0ZmQtZjMwYi00NzY1LTgxYTAtNjJhZDk2ZGQxNjdhYC5cbiAgICpcbiAgICogQGRlZmF1bHQgLSBObyBBV1MgV2ViIEFwcGxpY2F0aW9uIEZpcmV3YWxsIHdlYiBhY2Nlc3MgY29udHJvbCBsaXN0ICh3ZWIgQUNMKS5cbiAgICovXG4gIHdlYkFjbElkPzogc3RyaW5nXG4gIC8qKlxuICAgKiBUaGUgcGF0aCB0byB0aGUgcGFnZSB0aGF0IHdpbGwgYmUgc2VydmVkIGZvciB1c2VycyBub3QgYWxsb3dlZCB0byBhY2Nlc3NcbiAgICogdGhlIHNpdGUgd2hlbiB1c2luZyBXQUYuIEUuZy4gXCIvNHh4LWVycm9ycy80MDMtZm9yYmlkZGVuLmh0bWxcIi5cbiAgICpcbiAgICogTm90ZSB0aGF0IHRoaXMgd2lsIGNhdGNoIGFueSA0MDMgZXJyb3JzIGZyb20gdGhlIG9yaWdpbihzKSwgdGhhdCBtaWdodFxuICAgKiBjb3ZlciBhbnkgb3RoZXIgYmVoYXZpb3JzIGlzIGFkZGVkLlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIE5vIGN1c3RvbSBwYWdlIGZvciA0MDMgZXJyb3JzLlxuICAgKi9cbiAgd2ViQWNsRXJyb3JQYWdlUGF0aD86IHN0cmluZ1xuICAvKipcbiAgICogRW5hYmxlIGFkZGluZyBjb21tb24gc2VjdXJpdHkgaGVhZGVycyB0byBDbG91ZEZyb250IHJlc3BvbnNlcyB1c2luZyBhIENsb3VkRnJvbnQgRnVuY3Rpb24uXG4gICAqXG4gICAqIElmIGVuYWJsZWQsIHRoZSBkZWZhdWx0IGJlaGF2aW9yIGlzIHRvIGFkZCB0aGUgZm9sbG93aW5nIGhlYWRlcnMgd2l0aCBmYWlybHkgc3RyaWN0IGRlZmF1bHRzLiBNb3N0IG9mIHRoZSBoZWFkZXJzIGNhbiBiZSBjdXN0b21pemVkOlxuICAgKiAtIENvbnRlbnQtU2VjdXJpdHktUG9saWN5XG4gICAqIC0gUmVmZXJyZXItUG9saWN5XG4gICAqIC0gU3RyaWN0LVRyYW5zcG9ydC1TZWN1cml0eVxuICAgKiAtIFgtQ29udGVudC1UeXBlLU9wdGlvbnNcbiAgICogLSBYLUZyYW1lLU9wdGlvbnNcbiAgICogLSBYLVhTUy1Qcm90ZWN0aW9uXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gTm8gc2VjdXJpdHkgaGVhZGVycyB3aWxsIGJlIGFkZGVkIHRvIHJlc3BvbnNlc1xuICAgKi9cbiAgZW5hYmxlU2VjdXJpdHlIZWFkZXJzPzogYm9vbGVhblxuICAvKipcbiAgICogU2VjdXJpdHkgaGVhZGVycyBvdmVycmlkZXMuXG4gICAqXG4gICAqIFVzZWQgdG8gb3ZlcnJpZGUgY2VydGFpbiBzZWN1cml0eSBoZWFkZXIgdmFsdWVzIGlmIHRoZSB3ZWJhcHAgcmVxdWlyZXMgbW9yZSBsYXggc2V0dGluZ3MgY29tcGFyZWQgdG8gdGhlIGRlZmF1bHRzLlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIEEgc2V0IG9mIHN0cmljdCBzZWN1cml0eSBoZWFkZXIgdmFsdWVzIHdpbGwgYmUgdXNlZFxuICAgKi9cbiAgc2VjdXJpdHlIZWFkZXJzT3ZlcnJpZGVzPzogU2VjdXJpdHlIZWFkZXJzXG4gIG92ZXJyaWRlQ2xvdWRGcm9udEJlaGF2aW91ck9wdGlvbnM/OiBQYXJ0aWFsPGNsb3VkZnJvbnQuQmVoYXZpb3JPcHRpb25zPlxufVxuXG4vKipcbiAqIENsb3VkRnJvbnQgZm9yIGEgU2luZ2xlLVBhZ2UtQXBwbGljYXRpb24uXG4gKlxuICogQSBidWNrZXQgd2lsbCBiZSBjcmVhdGVkIGFuZCBpdHMgcHJlZml4IFwid2ViXCIgaXMgdXNlZCB0b1xuICogc2VydmUgZmlsZXMuIFVzZSB0aGUgYWRkRGVwbG95bWVudCBtZXRob2QgdG8gYXV0b21hdGljYWxseVxuICogZGVwbG95IGZpbGVzIGFzIHBhcnQgdGhlIHRoZSBDREsgZGVwbG95bWVudC5cbiAqL1xuZXhwb3J0IGNsYXNzIFdlYmFwcCBleHRlbmRzIGNvbnN0cnVjdHMuQ29uc3RydWN0IHtcbiAgcHVibGljIHJlYWRvbmx5IGRpc3RyaWJ1dGlvbjogY2xvdWRmcm9udC5EaXN0cmlidXRpb25cbiAgcHVibGljIHJlYWRvbmx5IHdlYmFwcEJ1Y2tldDogczMuQnVja2V0XG4gIHB1YmxpYyByZWFkb25seSB3ZWJhcHBPcmlnaW46IG9yaWdpbnMuUzNPcmlnaW5cblxuICBjb25zdHJ1Y3RvcihzY29wZTogY29uc3RydWN0cy5Db25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBXZWJhcHBQcm9wcykge1xuICAgIHN1cGVyKHNjb3BlLCBpZClcblxuICAgIGlmIChwcm9wcy53ZWJBY2xFcnJvclBhZ2VQYXRoICE9IG51bGwgJiYgcHJvcHMud2ViQWNsSWQgPT0gbnVsbCkge1xuICAgICAgdGhyb3cgbmV3IEVycm9yKFwid2ViQWNsRXJyb3JQYWdlUGF0aCBzZXQgYnV0IHdlYkFjbElkIGlzIG1pc3NpbmdcIilcbiAgICB9XG5cbiAgICB0aGlzLndlYmFwcEJ1Y2tldCA9IG5ldyBzMy5CdWNrZXQodGhpcywgXCJCdWNrZXRcIiwge1xuICAgICAgZW5jcnlwdGlvbjogczMuQnVja2V0RW5jcnlwdGlvbi5TM19NQU5BR0VELFxuICAgIH0pXG5cbiAgICBjb25zdCBvcmlnaW5BY2Nlc3NJZGVudGl0eSA9IG5ldyBjbG91ZGZyb250Lk9yaWdpbkFjY2Vzc0lkZW50aXR5KFxuICAgICAgdGhpcyxcbiAgICAgIFwiT3JpZ2luQWNjZXNzSWRlbnRpdHlcIixcbiAgICApXG5cbiAgICB0aGlzLndlYmFwcEJ1Y2tldC5hZGRUb1Jlc291cmNlUG9saWN5KFxuICAgICAgbmV3IGlhbS5Qb2xpY3lTdGF0ZW1lbnQoe1xuICAgICAgICByZXNvdXJjZXM6IFt0aGlzLndlYmFwcEJ1Y2tldC5hcm5Gb3JPYmplY3RzKFwiKlwiKV0sXG4gICAgICAgIGFjdGlvbnM6IFtcInMzOkdldE9iamVjdFwiXSxcbiAgICAgICAgcHJpbmNpcGFsczogW29yaWdpbkFjY2Vzc0lkZW50aXR5LmdyYW50UHJpbmNpcGFsXSxcbiAgICAgIH0pLFxuICAgIClcblxuICAgIHRoaXMud2ViYXBwQnVja2V0LmFkZFRvUmVzb3VyY2VQb2xpY3koXG4gICAgICBuZXcgaWFtLlBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgIHJlc291cmNlczogW3RoaXMud2ViYXBwQnVja2V0LmJ1Y2tldEFybl0sXG4gICAgICAgIC8vIEdyYW50IHMzOkxpc3RCdWNrZXQgc28gdGhhdCBDbG91ZEZyb250IHJlY2VpdmVzIDQwNCBmcm9tXG4gICAgICAgIC8vIHRoZSBvcmlnaW4gcmF0aGVyIHRoYW4gNDAzIHdoZW4gYWNjZXNzaW5nIGZpbGVzIHRoYXRcbiAgICAgICAgLy8gZG9lcyBub3QgZXhpc3QuIFdlIGNhbm5vdCBmYWxsYmFjayB0byBpbmRleC5odG1sIGZvciA0MDNcbiAgICAgICAgLy8gZXJyb3JzIHNpbmNlIGl0IHdvdWxkIGFsc28gYmUgc2VydmVkIGlmIHVzaW5nIGEgV0FGLlxuICAgICAgICAvLyBTZWUgaHR0cHM6Ly9hd3MuYW1hem9uLmNvbS9wcmVtaXVtc3VwcG9ydC9rbm93bGVkZ2UtY2VudGVyL3MzLXdlYnNpdGUtY2xvdWRmcm9udC1lcnJvci00MDMvI1RoZV9yZXF1ZXN0ZWRfb2JqZWN0c19tdXN0X2V4aXN0X2luX3RoZV9idWNrZXRcbiAgICAgICAgYWN0aW9uczogW1wiczM6TGlzdEJ1Y2tldFwiXSxcbiAgICAgICAgcHJpbmNpcGFsczogW29yaWdpbkFjY2Vzc0lkZW50aXR5LmdyYW50UHJpbmNpcGFsXSxcbiAgICAgIH0pLFxuICAgIClcblxuICAgIHRoaXMud2ViYXBwT3JpZ2luID0gbmV3IG9yaWdpbnMuUzNPcmlnaW4odGhpcy53ZWJhcHBCdWNrZXQsIHtcbiAgICAgIC8vIHdlYmFwcC1kZXBsb3ktbGFtYmRhIHdpbGwgdXBsb2FkIGZpbGVzIHRvIHRoaXMgZm9sZGVyXG4gICAgICAvLyBzaW5jZSBpdCBrZWVwcyBzb21lIG90aGVyIGFkbWluaXN0cmF0aXZlIGZpbGVzIG91dHNpZGUuXG4gICAgICBvcmlnaW5QYXRoOiBcIi93ZWJcIixcbiAgICAgIG9yaWdpbkFjY2Vzc0lkZW50aXR5LFxuICAgIH0pXG5cbiAgICBjb25zdCBlcnJvclJlc3BvbnNlczogY2xvdWRmcm9udC5FcnJvclJlc3BvbnNlW10gPSBbXG4gICAgICB7XG4gICAgICAgIGh0dHBTdGF0dXM6IDQwNCxcbiAgICAgICAgcmVzcG9uc2VIdHRwU3RhdHVzOiAyMDAsXG4gICAgICAgIHJlc3BvbnNlUGFnZVBhdGg6IFwiL2luZGV4Lmh0bWxcIixcbiAgICAgIH0sXG4gICAgXVxuXG4gICAgaWYgKHByb3BzLndlYkFjbEVycm9yUGFnZVBhdGggIT0gbnVsbCkge1xuICAgICAgZXJyb3JSZXNwb25zZXMucHVzaCh7XG4gICAgICAgIGh0dHBTdGF0dXM6IDQwMyxcbiAgICAgICAgcmVzcG9uc2VIdHRwU3RhdHVzOiA0MDMsXG4gICAgICAgIHJlc3BvbnNlUGFnZVBhdGg6IHByb3BzLndlYkFjbEVycm9yUGFnZVBhdGgsXG4gICAgICB9KVxuICAgIH1cblxuICAgIGxldCBmdW5jdGlvbkFzc29jaWF0aW9uczogY2xvdWRmcm9udC5GdW5jdGlvbkFzc29jaWF0aW9uW10gfCB1bmRlZmluZWRcbiAgICBpZiAocHJvcHMuZW5hYmxlU2VjdXJpdHlIZWFkZXJzKSB7XG4gICAgICBjb25zdCBzZWN1cml0eUhlYWRlcnMgPSBuZXcgV2ViYXBwU2VjdXJpdHlIZWFkZXJzKFxuICAgICAgICB0aGlzLFxuICAgICAgICBcIlNlY3VyaXR5SGVhZGVyc1wiLFxuICAgICAgICB7XG4gICAgICAgICAgLi4ucHJvcHMuc2VjdXJpdHlIZWFkZXJzT3ZlcnJpZGVzLFxuICAgICAgICB9LFxuICAgICAgKVxuICAgICAgZnVuY3Rpb25Bc3NvY2lhdGlvbnMgPSBbXG4gICAgICAgIHtcbiAgICAgICAgICBmdW5jdGlvbjogc2VjdXJpdHlIZWFkZXJzLnNlY3VyaXR5SGVhZGVyc0Z1bmN0aW9uLFxuICAgICAgICAgIGV2ZW50VHlwZTogY2xvdWRmcm9udC5GdW5jdGlvbkV2ZW50VHlwZS5WSUVXRVJfUkVTUE9OU0UsXG4gICAgICAgIH0sXG4gICAgICBdXG4gICAgfVxuXG4gICAgdGhpcy5kaXN0cmlidXRpb24gPSBuZXcgY2xvdWRmcm9udC5EaXN0cmlidXRpb24odGhpcywgXCJEaXN0cmlidXRpb25cIiwge1xuICAgICAgZGVmYXVsdEJlaGF2aW9yOiB7XG4gICAgICAgIG9yaWdpbjogdGhpcy53ZWJhcHBPcmlnaW4sXG4gICAgICAgIHZpZXdlclByb3RvY29sUG9saWN5OiBjbG91ZGZyb250LlZpZXdlclByb3RvY29sUG9saWN5LlJFRElSRUNUX1RPX0hUVFBTLFxuICAgICAgICBmdW5jdGlvbkFzc29jaWF0aW9uczogZnVuY3Rpb25Bc3NvY2lhdGlvbnMsXG4gICAgICAgIC4uLnByb3BzLm92ZXJyaWRlQ2xvdWRGcm9udEJlaGF2aW91ck9wdGlvbnMsXG4gICAgICB9LFxuICAgICAgZGVmYXVsdFJvb3RPYmplY3Q6IFwiaW5kZXguaHRtbFwiLFxuICAgICAgcHJpY2VDbGFzczogY2xvdWRmcm9udC5QcmljZUNsYXNzLlBSSUNFX0NMQVNTXzEwMCxcbiAgICAgIGNlcnRpZmljYXRlOiBwcm9wcy5jbG91ZGZyb250Q2VydGlmaWNhdGUsXG4gICAgICBkb21haW5OYW1lczogcHJvcHMuZG9tYWluTmFtZXMsXG4gICAgICBlcnJvclJlc3BvbnNlcyxcbiAgICAgIHdlYkFjbElkOiBwcm9wcy53ZWJBY2xJZCxcbiAgICB9KVxuICB9XG5cbiAgYWRkRG5zUmVjb3JkKGhvc3RlZFpvbmU6IHI1My5JSG9zdGVkWm9uZSwgZG9tYWluTmFtZTogc3RyaW5nKTogdm9pZCB7XG4gICAgbmV3IHI1My5BUmVjb3JkKHRoaXMsIGBEbnNSZWNvcmQke2RvbWFpbk5hbWV9YCwge1xuICAgICAgem9uZTogaG9zdGVkWm9uZSxcbiAgICAgIHJlY29yZE5hbWU6IGAke2RvbWFpbk5hbWV9LmAsXG4gICAgICB0YXJnZXQ6IHI1My5SZWNvcmRUYXJnZXQuZnJvbUFsaWFzKFxuICAgICAgICBuZXcgcjUzdC5DbG91ZEZyb250VGFyZ2V0KHRoaXMuZGlzdHJpYnV0aW9uKSxcbiAgICAgICksXG4gICAgfSlcbiAgfVxuXG4gIC8qKlxuICAgKiBBZGQgYSBkZXBsb3ltZW50IHVzaW5nIHdlYmFwcC1kZXBsb3ktbGFtYmRhLlxuICAgKlxuICAgKiBTZWUgaHR0cHM6Ly9naXRodWIuY29tL2NhcHJhY29uc3VsdGluZy93ZWJhcHAtZGVwbG95LWxhbWJkYVxuICAgKiBmb3IgZGV0YWlscyBhYm91dCBob3cgdGhpcyB3b3Jrcy5cbiAgICovXG4gIGFkZERlcGxveW1lbnQoXG4gICAgLyoqXG4gICAgICogVGhlIGRlcGxveW1lbnQgc291cmNlLlxuICAgICAqL1xuICAgIHNvdXJjZTogd2ViYXBwRGVwbG95LklTb3VyY2UsXG4gICAgcHJvcHM/OiB7XG4gICAgICAvKipcbiAgICAgICAqIEluY2x1ZGUgc291cmNlIG1hcHMgaW4gdGhlIGRlcGxveW1lbnQuXG4gICAgICAgKlxuICAgICAgICogQGRlZmF1bHQgZmFsc2VcbiAgICAgICAqL1xuICAgICAgZGVwbG95U291cmNlTWFwcz86IGJvb2xlYW5cbiAgICB9LFxuICApOiB2b2lkIHtcbiAgICBjb25zdCBkZXBsb3lTb3VyY2VNYXBzID0gcHJvcHM/LmRlcGxveVNvdXJjZU1hcHMgPz8gZmFsc2VcblxuICAgIG5ldyB3ZWJhcHBEZXBsb3kuV2ViYXBwRGVwbG95KHRoaXMsIFwiRGVwbG95XCIsIHtcbiAgICAgIHNvdXJjZTogc291cmNlLFxuICAgICAgd2ViQnVja2V0OiB0aGlzLndlYmFwcEJ1Y2tldCxcbiAgICAgIGRpc3RyaWJ1dGlvbjogdGhpcy5kaXN0cmlidXRpb24sXG4gICAgICBleGNsdWRlUGF0dGVybjogZGVwbG95U291cmNlTWFwcyA/IHVuZGVmaW5lZCA6IFwiXFxcXC5tYXAkXCIsXG4gICAgfSlcbiAgfVxufVxuIl19
117
+ //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoid2ViYXBwLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vc3JjL3dlYmFwcC93ZWJhcHAudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEseUNBQXdDO0FBRXhDLHlEQUF3RDtBQUN4RCw4REFBNkQ7QUFDN0QsMkNBQTBDO0FBQzFDLCtDQUE4QztBQUM5Qyx3REFBdUQ7QUFDdkQseUNBQXdDO0FBQ3hDLHNFQUFxRTtBQUNyRSx5REFHMkI7QUErRTNCOzs7Ozs7R0FNRztBQUNILE1BQWEsTUFBTyxTQUFRLFVBQVUsQ0FBQyxTQUFTO0lBSzlDLFlBQVksS0FBMkIsRUFBRSxFQUFVLEVBQUUsS0FBa0I7O1FBQ3JFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUE7UUFFaEIsSUFBSSxLQUFLLENBQUMsbUJBQW1CLElBQUksSUFBSSxJQUFJLEtBQUssQ0FBQyxRQUFRLElBQUksSUFBSSxFQUFFO1lBQy9ELE1BQU0sSUFBSSxLQUFLLENBQUMsaURBQWlELENBQUMsQ0FBQTtTQUNuRTtRQUVELElBQUksQ0FBQyxZQUFZLEdBQUcsSUFBSSxFQUFFLENBQUMsTUFBTSxDQUFDLElBQUksRUFBRSxRQUFRLEVBQUU7WUFDaEQsVUFBVSxFQUFFLEVBQUUsQ0FBQyxnQkFBZ0IsQ0FBQyxVQUFVO1NBQzNDLENBQUMsQ0FBQTtRQUVGLE1BQU0sb0JBQW9CLEdBQUcsSUFBSSxVQUFVLENBQUMsb0JBQW9CLENBQzlELElBQUksRUFDSixzQkFBc0IsQ0FDdkIsQ0FBQTtRQUVELElBQUksQ0FBQyxZQUFZLENBQUMsbUJBQW1CLENBQ25DLElBQUksR0FBRyxDQUFDLGVBQWUsQ0FBQztZQUN0QixTQUFTLEVBQUUsQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLGFBQWEsQ0FBQyxHQUFHLENBQUMsQ0FBQztZQUNqRCxPQUFPLEVBQUUsQ0FBQyxjQUFjLENBQUM7WUFDekIsVUFBVSxFQUFFLENBQUMsb0JBQW9CLENBQUMsY0FBYyxDQUFDO1NBQ2xELENBQUMsQ0FDSCxDQUFBO1FBRUQsSUFBSSxDQUFDLFlBQVksQ0FBQyxtQkFBbUIsQ0FDbkMsSUFBSSxHQUFHLENBQUMsZUFBZSxDQUFDO1lBQ3RCLFNBQVMsRUFBRSxDQUFDLElBQUksQ0FBQyxZQUFZLENBQUMsU0FBUyxDQUFDO1lBQ3hDLDJEQUEyRDtZQUMzRCx1REFBdUQ7WUFDdkQsMkRBQTJEO1lBQzNELHVEQUF1RDtZQUN2RCw2SUFBNkk7WUFDN0ksT0FBTyxFQUFFLENBQUMsZUFBZSxDQUFDO1lBQzFCLFVBQVUsRUFBRSxDQUFDLG9CQUFvQixDQUFDLGNBQWMsQ0FBQztTQUNsRCxDQUFDLENBQ0gsQ0FBQTtRQUVELElBQUksQ0FBQyxZQUFZLEdBQUcsSUFBSSxPQUFPLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxZQUFZLEVBQUU7WUFDMUQsd0RBQXdEO1lBQ3hELDBEQUEwRDtZQUMxRCxVQUFVLEVBQUUsTUFBTTtZQUNsQixvQkFBb0I7U0FDckIsQ0FBQyxDQUFBO1FBRUYsTUFBTSxjQUFjLEdBQStCO1lBQ2pEO2dCQUNFLFVBQVUsRUFBRSxHQUFHO2dCQUNmLGtCQUFrQixFQUFFLEdBQUc7Z0JBQ3ZCLGdCQUFnQixFQUFFLGFBQWE7YUFDaEM7U0FDRixDQUFBO1FBRUQsSUFBSSxLQUFLLENBQUMsbUJBQW1CLElBQUksSUFBSSxFQUFFO1lBQ3JDLGNBQWMsQ0FBQyxJQUFJLENBQUM7Z0JBQ2xCLFVBQVUsRUFBRSxHQUFHO2dCQUNmLGtCQUFrQixFQUFFLEdBQUc7Z0JBQ3ZCLGdCQUFnQixFQUFFLEtBQUssQ0FBQyxtQkFBbUI7YUFDNUMsQ0FBQyxDQUFBO1NBQ0g7UUFFRCxJQUFJLHFCQUFvRSxDQUFBO1FBRXhFLElBQUksTUFBQSxNQUFBLEtBQUssQ0FBQyxlQUFlLDBDQUFFLE9BQU8sbUNBQUksSUFBSSxFQUFFO1lBQzFDLE1BQU0sZUFBZSxHQUFHLElBQUksd0NBQXFCLENBQy9DLElBQUksRUFDSixpQkFBaUIsRUFDakI7Z0JBQ0UsR0FBRyxNQUFBLEtBQUssQ0FBQyxlQUFlLDBDQUFFLGlCQUFpQjthQUM1QyxDQUNGLENBQUE7WUFDRCxxQkFBcUIsR0FBRyxlQUFlLENBQUMscUJBQXFCLENBQUE7U0FDOUQ7UUFFRCxJQUFJLENBQUMsWUFBWSxHQUFHLElBQUksVUFBVSxDQUFDLFlBQVksQ0FBQyxJQUFJLEVBQUUsY0FBYyxFQUFFO1lBQ3BFLGVBQWUsRUFBRTtnQkFDZixNQUFNLEVBQUUsSUFBSSxDQUFDLFlBQVk7Z0JBQ3pCLG9CQUFvQixFQUFFLFVBQVUsQ0FBQyxvQkFBb0IsQ0FBQyxpQkFBaUI7Z0JBQ3ZFLHFCQUFxQixFQUFFLHFCQUFxQjtnQkFDNUMsR0FBRyxLQUFLLENBQUMsa0NBQWtDO2FBQzVDO1lBQ0QsaUJBQWlCLEVBQUUsWUFBWTtZQUMvQixVQUFVLEVBQUUsVUFBVSxDQUFDLFVBQVUsQ0FBQyxlQUFlO1lBQ2pELFdBQVcsRUFBRSxLQUFLLENBQUMscUJBQXFCO1lBQ3hDLFdBQVcsRUFBRSxLQUFLLENBQUMsV0FBVztZQUM5QixjQUFjO1lBQ2QsUUFBUSxFQUFFLEtBQUssQ0FBQyxRQUFRO1NBQ3pCLENBQUMsQ0FBQTtJQUNKLENBQUM7SUFFRCxZQUFZLENBQUMsVUFBMkIsRUFBRSxVQUFrQjtRQUMxRCxJQUFJLEdBQUcsQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLFlBQVksVUFBVSxFQUFFLEVBQUU7WUFDOUMsSUFBSSxFQUFFLFVBQVU7WUFDaEIsVUFBVSxFQUFFLEdBQUcsVUFBVSxHQUFHO1lBQzVCLE1BQU0sRUFBRSxHQUFHLENBQUMsWUFBWSxDQUFDLFNBQVMsQ0FDaEMsSUFBSSxJQUFJLENBQUMsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUM3QztTQUNGLENBQUMsQ0FBQTtJQUNKLENBQUM7SUFFRDs7Ozs7T0FLRztJQUNILGFBQWE7SUFDWDs7T0FFRztJQUNILE1BQTRCLEVBQzVCLEtBT0M7O1FBRUQsTUFBTSxnQkFBZ0IsR0FBRyxNQUFBLEtBQUssYUFBTCxLQUFLLHVCQUFMLEtBQUssQ0FBRSxnQkFBZ0IsbUNBQUksS0FBSyxDQUFBO1FBRXpELElBQUksWUFBWSxDQUFDLFlBQVksQ0FBQyxJQUFJLEVBQUUsUUFBUSxFQUFFO1lBQzVDLE1BQU0sRUFBRSxNQUFNO1lBQ2QsU0FBUyxFQUFFLElBQUksQ0FBQyxZQUFZO1lBQzVCLFlBQVksRUFBRSxJQUFJLENBQUMsWUFBWTtZQUMvQixjQUFjLEVBQUUsZ0JBQWdCLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsU0FBUztTQUN6RCxDQUFDLENBQUE7SUFDSixDQUFDO0NBQ0Y7QUFySUQsd0JBcUlDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY29uc3RydWN0cyBmcm9tIFwiY29uc3RydWN0c1wiXG5pbXBvcnQgKiBhcyBjZXJ0aWZpY2F0ZW1hbmFnZXIgZnJvbSBcImF3cy1jZGstbGliL2F3cy1jZXJ0aWZpY2F0ZW1hbmFnZXJcIlxuaW1wb3J0ICogYXMgY2xvdWRmcm9udCBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWNsb3VkZnJvbnRcIlxuaW1wb3J0ICogYXMgb3JpZ2lucyBmcm9tIFwiYXdzLWNkay1saWIvYXdzLWNsb3VkZnJvbnQtb3JpZ2luc1wiXG5pbXBvcnQgKiBhcyBpYW0gZnJvbSBcImF3cy1jZGstbGliL2F3cy1pYW1cIlxuaW1wb3J0ICogYXMgcjUzIGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mtcm91dGU1M1wiXG5pbXBvcnQgKiBhcyByNTN0IGZyb20gXCJhd3MtY2RrLWxpYi9hd3Mtcm91dGU1My10YXJnZXRzXCJcbmltcG9ydCAqIGFzIHMzIGZyb20gXCJhd3MtY2RrLWxpYi9hd3MtczNcIlxuaW1wb3J0ICogYXMgd2ViYXBwRGVwbG95IGZyb20gXCJAY2FwcmFjb25zdWx0aW5nL3dlYmFwcC1kZXBsb3ktbGFtYmRhXCJcbmltcG9ydCB7XG4gIFdlYmFwcFNlY3VyaXR5SGVhZGVycyxcbiAgV2ViYXBwU2VjdXJpdHlIZWFkZXJzUHJvcHMsXG59IGZyb20gXCIuL3NlY3VyaXR5LWhlYWRlcnNcIlxuXG5leHBvcnQgaW50ZXJmYWNlIFdlYmFwcFByb3BzIHtcbiAgLyoqXG4gICAqIEFDTSBjZXJ0aWZpY2F0ZSB0aGF0IGNvdmVycyB0aGUgc3BlY2lmZWlkIGRvbWFpbiBuYW1lcy5cbiAgICpcbiAgICogVGhpcyBjZXJ0aWZpY2F0ZSBtdXN0IGJlIGNyZWF0ZWQgaW4gdGhlIHJlZ2lvbiB1cy1lYXN0LTEuXG4gICAqXG4gICAqIEBkZWZhdWx0IC0gVGhlIENsb3VkRnJvbnQgd2lsZGNhcmQgY2VydGlmaWNhdGUgKCouY2xvdWRmcm9udC5uZXQpIHdpbGwgYmUgdXNlZC5cbiAgICovXG4gIGNsb3VkZnJvbnRDZXJ0aWZpY2F0ZT86IGNlcnRpZmljYXRlbWFuYWdlci5JQ2VydGlmaWNhdGVcbiAgLyoqXG4gICAqIExpc3Qgb2YgZG9tYWluIG5hbWVzIHRoZSBDbG91ZEZyb250IGRpc3RyaWJ1dGlvbiBzaG91bGQgdXNlLlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIEdlbmVyYXRlZCBuYW1lIChlLmcuLCBkMTExMTExYWJjZGVmOC5jbG91ZGZyb250Lm5ldClcbiAgICovXG4gIGRvbWFpbk5hbWVzPzogc3RyaW5nW11cbiAgLyoqXG4gICAqIEFXUyBXQUYgd2ViIEFDTCB0byBhc3NvY2lhdGUgd2l0aCB0aGUgQ2xvdWRGcm9udCBkaXN0cmlidXRpb24uXG4gICAqXG4gICAqIFRvIHNwZWNpZnkgYSB3ZWIgQUNMIGNyZWF0ZWQgdXNpbmcgdGhlIGxhdGVzdCB2ZXJzaW9uIG9mIEFXUyBXQUYsIHVzZSB0aGUgQUNMIEFSTiwgZm9yIGV4YW1wbGVcbiAgICogYGFybjphd3M6d2FmdjI6dXMtZWFzdC0xOjEyMzQ1Njc4OTAxMjpnbG9iYWwvd2ViYWNsL0V4YW1wbGVXZWJBQ0wvNDczZTY0ZmQtZjMwYi00NzY1LTgxYTAtNjJhZDk2ZGQxNjdhYC5cbiAgICogVG8gc3BlY2lmeSBhIHdlYiBBQ0wgY3JlYXRlZCB1c2luZyBBV1MgV0FGIENsYXNzaWMsIHVzZSB0aGUgQUNMIElELCBmb3IgZXhhbXBsZSBgNDczZTY0ZmQtZjMwYi00NzY1LTgxYTAtNjJhZDk2ZGQxNjdhYC5cbiAgICpcbiAgICogQGRlZmF1bHQgLSBObyBBV1MgV2ViIEFwcGxpY2F0aW9uIEZpcmV3YWxsIHdlYiBhY2Nlc3MgY29udHJvbCBsaXN0ICh3ZWIgQUNMKS5cbiAgICovXG4gIHdlYkFjbElkPzogc3RyaW5nXG4gIC8qKlxuICAgKiBUaGUgcGF0aCB0byB0aGUgcGFnZSB0aGF0IHdpbGwgYmUgc2VydmVkIGZvciB1c2VycyBub3QgYWxsb3dlZCB0byBhY2Nlc3NcbiAgICogdGhlIHNpdGUgd2hlbiB1c2luZyBXQUYuIEUuZy4gXCIvNHh4LWVycm9ycy80MDMtZm9yYmlkZGVuLmh0bWxcIi5cbiAgICpcbiAgICogTm90ZSB0aGF0IHRoaXMgd2lsIGNhdGNoIGFueSA0MDMgZXJyb3JzIGZyb20gdGhlIG9yaWdpbihzKSwgdGhhdCBtaWdodFxuICAgKiBjb3ZlciBhbnkgb3RoZXIgYmVoYXZpb3JzIGlzIGFkZGVkLlxuICAgKlxuICAgKiBAZGVmYXVsdCAtIE5vIGN1c3RvbSBwYWdlIGZvciA0MDMgZXJyb3JzLlxuICAgKi9cbiAgd2ViQWNsRXJyb3JQYWdlUGF0aD86IHN0cmluZ1xuICAvKipcbiAgICogIEVuYWJsZSwgZGlzYWJsZSBvciBjb25maWd1cmUgc2VjdXJpdHkgaGVhZGVycyBmb3IgdGhlIHdlYiBhcHBsaWNhdGlvblxuICAgKiBAZGVmYXVsdCAtIGEgc2V0IG9mIHN0cmljdCBzZWN1cml0eSBoZWFkZXJzIGFyZSBjb25maWd1cmVkIGJ5IGRlZmF1bHRcbiAgICovXG4gIHNlY3VyaXR5SGVhZGVycz86IHtcbiAgICAvKipcbiAgICAgKiBFbmFibGUgYWRkaW5nIGNvbW1vbiBzZWN1cml0eSBoZWFkZXJzIHRvIENsb3VkRnJvbnQgcmVzcG9uc2VzXG4gICAgICpcbiAgICAgKiBJZiBlbmFibGVkLCB0aGUgZGVmYXVsdCBiZWhhdmlvciBpcyB0byBhZGQgdGhlIGZvbGxvd2luZyBoZWFkZXJzIHdpdGggZmFpcmx5IHN0cmljdCBkZWZhdWx0cy4gTW9zdCBvZiB0aGUgaGVhZGVycyBjYW4gYmUgY3VzdG9taXplZDpcbiAgICAgKiAtIENvbnRlbnQtU2VjdXJpdHktUG9saWN5XG4gICAgICogLSBSZWZlcnJlci1Qb2xpY3lcbiAgICAgKiAtIFN0cmljdC1UcmFuc3BvcnQtU2VjdXJpdHlcbiAgICAgKiAtIFgtQ29udGVudC1UeXBlLU9wdGlvbnNcbiAgICAgKiAtIFgtRnJhbWUtT3B0aW9uc1xuICAgICAqIC0gWC1YU1MtUHJvdGVjdGlvblxuICAgICAqXG4gICAgICpcbiAgICAgKiBAZGVmYXVsdCB0cnVlXG4gICAgICovXG4gICAgZW5hYmxlZD86IGJvb2xlYW5cbiAgICAvKipcbiAgICAgKiBTZWN1cml0eSBoZWFkZXJzIG92ZXJyaWRlcy5cbiAgICAgKlxuICAgICAqIFVzZWQgdG8gb3ZlcnJpZGUgY2VydGFpbiBkZWZhdWx0IHNlY3VyaXR5IGhlYWRlciB2YWx1ZXMgaWYgdGhlIHdlYmFwcCByZXF1aXJlcyBkaWZmZXJlbnQgc2V0dGluZ3MgdGhhbiB0aGUgZGVmYXVsdHMuXG4gICAgICpcbiAgICAgKiBOT1RFOiBJZiB5b3UgbmVlZCB0byBkaXNhYmxlIGNlcnRhaW4gaGVhZGVycywgeW91IG11c3QgZXhwbGljaXRseSBzZXQgdGhlbSB0byB1bmRlZmluZWRcbiAgICAgKlxuICAgICAqIEBkZWZhdWx0IC0gQSBzZXQgb2Ygc3RyaWN0IHNlY3VyaXR5IGhlYWRlciB2YWx1ZXMgd2lsbCBiZSB1c2VkXG4gICAgICovXG4gICAgYmVoYXZpb3JPdmVycmlkZXM/OiBXZWJhcHBTZWN1cml0eUhlYWRlcnNQcm9wc1xuICB9XG4gIC8qKlxuICAgKiBDbG91ZGZyb250IGJlaGF2aW9yIG92ZXJyaWRlcy5cbiAgICpcbiAgICogVXNlZCB0byBvdmVycmlkZSBjbG91ZGZyb250IGJlaGF2aW9yXG4gICAqXG4gICAqIE5PVEU6IFJlc3BvbnNlSGVhZGVyc1BvbGljeSBkZWZpbmVkIGhlcmUgd2lsbCBvdmVyd3JpdGUgQk9USCB0aGUgZGVmYXVsdCBzZWN1cml0eSBoZWFkZXJzIHBvbGljeSBhbmRcbiAgICogYW55IHZhbHVlcyBzcGVjaWZpZWQgaW4gc2VjdXJpdHlIZWFkZXJzLmJlaGF2aW9yT3ZlcnJpZGVzLlxuICAgKi9cbiAgb3ZlcnJpZGVDbG91ZEZyb250QmVoYXZpb3VyT3B0aW9ucz86IFBhcnRpYWw8Y2xvdWRmcm9udC5CZWhhdmlvck9wdGlvbnM+XG59XG5cbi8qKlxuICogQ2xvdWRGcm9udCBmb3IgYSBTaW5nbGUtUGFnZS1BcHBsaWNhdGlvbi5cbiAqXG4gKiBBIGJ1Y2tldCB3aWxsIGJlIGNyZWF0ZWQgYW5kIGl0cyBwcmVmaXggXCJ3ZWJcIiBpcyB1c2VkIHRvXG4gKiBzZXJ2ZSBmaWxlcy4gVXNlIHRoZSBhZGREZXBsb3ltZW50IG1ldGhvZCB0byBhdXRvbWF0aWNhbGx5XG4gKiBkZXBsb3kgZmlsZXMgYXMgcGFydCB0aGUgdGhlIENESyBkZXBsb3ltZW50LlxuICovXG5leHBvcnQgY2xhc3MgV2ViYXBwIGV4dGVuZHMgY29uc3RydWN0cy5Db25zdHJ1Y3Qge1xuICBwdWJsaWMgcmVhZG9ubHkgZGlzdHJpYnV0aW9uOiBjbG91ZGZyb250LkRpc3RyaWJ1dGlvblxuICBwdWJsaWMgcmVhZG9ubHkgd2ViYXBwQnVja2V0OiBzMy5CdWNrZXRcbiAgcHVibGljIHJlYWRvbmx5IHdlYmFwcE9yaWdpbjogb3JpZ2lucy5TM09yaWdpblxuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBjb25zdHJ1Y3RzLkNvbnN0cnVjdCwgaWQ6IHN0cmluZywgcHJvcHM6IFdlYmFwcFByb3BzKSB7XG4gICAgc3VwZXIoc2NvcGUsIGlkKVxuXG4gICAgaWYgKHByb3BzLndlYkFjbEVycm9yUGFnZVBhdGggIT0gbnVsbCAmJiBwcm9wcy53ZWJBY2xJZCA9PSBudWxsKSB7XG4gICAgICB0aHJvdyBuZXcgRXJyb3IoXCJ3ZWJBY2xFcnJvclBhZ2VQYXRoIHNldCBidXQgd2ViQWNsSWQgaXMgbWlzc2luZ1wiKVxuICAgIH1cblxuICAgIHRoaXMud2ViYXBwQnVja2V0ID0gbmV3IHMzLkJ1Y2tldCh0aGlzLCBcIkJ1Y2tldFwiLCB7XG4gICAgICBlbmNyeXB0aW9uOiBzMy5CdWNrZXRFbmNyeXB0aW9uLlMzX01BTkFHRUQsXG4gICAgfSlcblxuICAgIGNvbnN0IG9yaWdpbkFjY2Vzc0lkZW50aXR5ID0gbmV3IGNsb3VkZnJvbnQuT3JpZ2luQWNjZXNzSWRlbnRpdHkoXG4gICAgICB0aGlzLFxuICAgICAgXCJPcmlnaW5BY2Nlc3NJZGVudGl0eVwiLFxuICAgIClcblxuICAgIHRoaXMud2ViYXBwQnVja2V0LmFkZFRvUmVzb3VyY2VQb2xpY3koXG4gICAgICBuZXcgaWFtLlBvbGljeVN0YXRlbWVudCh7XG4gICAgICAgIHJlc291cmNlczogW3RoaXMud2ViYXBwQnVja2V0LmFybkZvck9iamVjdHMoXCIqXCIpXSxcbiAgICAgICAgYWN0aW9uczogW1wiczM6R2V0T2JqZWN0XCJdLFxuICAgICAgICBwcmluY2lwYWxzOiBbb3JpZ2luQWNjZXNzSWRlbnRpdHkuZ3JhbnRQcmluY2lwYWxdLFxuICAgICAgfSksXG4gICAgKVxuXG4gICAgdGhpcy53ZWJhcHBCdWNrZXQuYWRkVG9SZXNvdXJjZVBvbGljeShcbiAgICAgIG5ldyBpYW0uUG9saWN5U3RhdGVtZW50KHtcbiAgICAgICAgcmVzb3VyY2VzOiBbdGhpcy53ZWJhcHBCdWNrZXQuYnVja2V0QXJuXSxcbiAgICAgICAgLy8gR3JhbnQgczM6TGlzdEJ1Y2tldCBzbyB0aGF0IENsb3VkRnJvbnQgcmVjZWl2ZXMgNDA0IGZyb21cbiAgICAgICAgLy8gdGhlIG9yaWdpbiByYXRoZXIgdGhhbiA0MDMgd2hlbiBhY2Nlc3NpbmcgZmlsZXMgdGhhdFxuICAgICAgICAvLyBkb2VzIG5vdCBleGlzdC4gV2UgY2Fubm90IGZhbGxiYWNrIHRvIGluZGV4Lmh0bWwgZm9yIDQwM1xuICAgICAgICAvLyBlcnJvcnMgc2luY2UgaXQgd291bGQgYWxzbyBiZSBzZXJ2ZWQgaWYgdXNpbmcgYSBXQUYuXG4gICAgICAgIC8vIFNlZSBodHRwczovL2F3cy5hbWF6b24uY29tL3ByZW1pdW1zdXBwb3J0L2tub3dsZWRnZS1jZW50ZXIvczMtd2Vic2l0ZS1jbG91ZGZyb250LWVycm9yLTQwMy8jVGhlX3JlcXVlc3RlZF9vYmplY3RzX211c3RfZXhpc3RfaW5fdGhlX2J1Y2tldFxuICAgICAgICBhY3Rpb25zOiBbXCJzMzpMaXN0QnVja2V0XCJdLFxuICAgICAgICBwcmluY2lwYWxzOiBbb3JpZ2luQWNjZXNzSWRlbnRpdHkuZ3JhbnRQcmluY2lwYWxdLFxuICAgICAgfSksXG4gICAgKVxuXG4gICAgdGhpcy53ZWJhcHBPcmlnaW4gPSBuZXcgb3JpZ2lucy5TM09yaWdpbih0aGlzLndlYmFwcEJ1Y2tldCwge1xuICAgICAgLy8gd2ViYXBwLWRlcGxveS1sYW1iZGEgd2lsbCB1cGxvYWQgZmlsZXMgdG8gdGhpcyBmb2xkZXJcbiAgICAgIC8vIHNpbmNlIGl0IGtlZXBzIHNvbWUgb3RoZXIgYWRtaW5pc3RyYXRpdmUgZmlsZXMgb3V0c2lkZS5cbiAgICAgIG9yaWdpblBhdGg6IFwiL3dlYlwiLFxuICAgICAgb3JpZ2luQWNjZXNzSWRlbnRpdHksXG4gICAgfSlcblxuICAgIGNvbnN0IGVycm9yUmVzcG9uc2VzOiBjbG91ZGZyb250LkVycm9yUmVzcG9uc2VbXSA9IFtcbiAgICAgIHtcbiAgICAgICAgaHR0cFN0YXR1czogNDA0LFxuICAgICAgICByZXNwb25zZUh0dHBTdGF0dXM6IDIwMCxcbiAgICAgICAgcmVzcG9uc2VQYWdlUGF0aDogXCIvaW5kZXguaHRtbFwiLFxuICAgICAgfSxcbiAgICBdXG5cbiAgICBpZiAocHJvcHMud2ViQWNsRXJyb3JQYWdlUGF0aCAhPSBudWxsKSB7XG4gICAgICBlcnJvclJlc3BvbnNlcy5wdXNoKHtcbiAgICAgICAgaHR0cFN0YXR1czogNDAzLFxuICAgICAgICByZXNwb25zZUh0dHBTdGF0dXM6IDQwMyxcbiAgICAgICAgcmVzcG9uc2VQYWdlUGF0aDogcHJvcHMud2ViQWNsRXJyb3JQYWdlUGF0aCxcbiAgICAgIH0pXG4gICAgfVxuXG4gICAgbGV0IHJlc3BvbnNlSGVhZGVyc1BvbGljeTogY2xvdWRmcm9udC5JUmVzcG9uc2VIZWFkZXJzUG9saWN5IHwgdW5kZWZpbmVkXG5cbiAgICBpZiAocHJvcHMuc2VjdXJpdHlIZWFkZXJzPy5lbmFibGVkID8/IHRydWUpIHtcbiAgICAgIGNvbnN0IHNlY3VyaXR5SGVhZGVycyA9IG5ldyBXZWJhcHBTZWN1cml0eUhlYWRlcnMoXG4gICAgICAgIHRoaXMsXG4gICAgICAgIFwiU2VjdXJpdHlIZWFkZXJzXCIsXG4gICAgICAgIHtcbiAgICAgICAgICAuLi5wcm9wcy5zZWN1cml0eUhlYWRlcnM/LmJlaGF2aW9yT3ZlcnJpZGVzLFxuICAgICAgICB9LFxuICAgICAgKVxuICAgICAgcmVzcG9uc2VIZWFkZXJzUG9saWN5ID0gc2VjdXJpdHlIZWFkZXJzLnJlc3BvbnNlSGVhZGVyc1BvbGljeVxuICAgIH1cblxuICAgIHRoaXMuZGlzdHJpYnV0aW9uID0gbmV3IGNsb3VkZnJvbnQuRGlzdHJpYnV0aW9uKHRoaXMsIFwiRGlzdHJpYnV0aW9uXCIsIHtcbiAgICAgIGRlZmF1bHRCZWhhdmlvcjoge1xuICAgICAgICBvcmlnaW46IHRoaXMud2ViYXBwT3JpZ2luLFxuICAgICAgICB2aWV3ZXJQcm90b2NvbFBvbGljeTogY2xvdWRmcm9udC5WaWV3ZXJQcm90b2NvbFBvbGljeS5SRURJUkVDVF9UT19IVFRQUyxcbiAgICAgICAgcmVzcG9uc2VIZWFkZXJzUG9saWN5OiByZXNwb25zZUhlYWRlcnNQb2xpY3ksXG4gICAgICAgIC4uLnByb3BzLm92ZXJyaWRlQ2xvdWRGcm9udEJlaGF2aW91ck9wdGlvbnMsXG4gICAgICB9LFxuICAgICAgZGVmYXVsdFJvb3RPYmplY3Q6IFwiaW5kZXguaHRtbFwiLFxuICAgICAgcHJpY2VDbGFzczogY2xvdWRmcm9udC5QcmljZUNsYXNzLlBSSUNFX0NMQVNTXzEwMCxcbiAgICAgIGNlcnRpZmljYXRlOiBwcm9wcy5jbG91ZGZyb250Q2VydGlmaWNhdGUsXG4gICAgICBkb21haW5OYW1lczogcHJvcHMuZG9tYWluTmFtZXMsXG4gICAgICBlcnJvclJlc3BvbnNlcyxcbiAgICAgIHdlYkFjbElkOiBwcm9wcy53ZWJBY2xJZCxcbiAgICB9KVxuICB9XG5cbiAgYWRkRG5zUmVjb3JkKGhvc3RlZFpvbmU6IHI1My5JSG9zdGVkWm9uZSwgZG9tYWluTmFtZTogc3RyaW5nKTogdm9pZCB7XG4gICAgbmV3IHI1My5BUmVjb3JkKHRoaXMsIGBEbnNSZWNvcmQke2RvbWFpbk5hbWV9YCwge1xuICAgICAgem9uZTogaG9zdGVkWm9uZSxcbiAgICAgIHJlY29yZE5hbWU6IGAke2RvbWFpbk5hbWV9LmAsXG4gICAgICB0YXJnZXQ6IHI1My5SZWNvcmRUYXJnZXQuZnJvbUFsaWFzKFxuICAgICAgICBuZXcgcjUzdC5DbG91ZEZyb250VGFyZ2V0KHRoaXMuZGlzdHJpYnV0aW9uKSxcbiAgICAgICksXG4gICAgfSlcbiAgfVxuXG4gIC8qKlxuICAgKiBBZGQgYSBkZXBsb3ltZW50IHVzaW5nIHdlYmFwcC1kZXBsb3ktbGFtYmRhLlxuICAgKlxuICAgKiBTZWUgaHR0cHM6Ly9naXRodWIuY29tL2NhcHJhY29uc3VsdGluZy93ZWJhcHAtZGVwbG95LWxhbWJkYVxuICAgKiBmb3IgZGV0YWlscyBhYm91dCBob3cgdGhpcyB3b3Jrcy5cbiAgICovXG4gIGFkZERlcGxveW1lbnQoXG4gICAgLyoqXG4gICAgICogVGhlIGRlcGxveW1lbnQgc291cmNlLlxuICAgICAqL1xuICAgIHNvdXJjZTogd2ViYXBwRGVwbG95LklTb3VyY2UsXG4gICAgcHJvcHM/OiB7XG4gICAgICAvKipcbiAgICAgICAqIEluY2x1ZGUgc291cmNlIG1hcHMgaW4gdGhlIGRlcGxveW1lbnQuXG4gICAgICAgKlxuICAgICAgICogQGRlZmF1bHQgZmFsc2VcbiAgICAgICAqL1xuICAgICAgZGVwbG95U291cmNlTWFwcz86IGJvb2xlYW5cbiAgICB9LFxuICApOiB2b2lkIHtcbiAgICBjb25zdCBkZXBsb3lTb3VyY2VNYXBzID0gcHJvcHM/LmRlcGxveVNvdXJjZU1hcHMgPz8gZmFsc2VcblxuICAgIG5ldyB3ZWJhcHBEZXBsb3kuV2ViYXBwRGVwbG95KHRoaXMsIFwiRGVwbG95XCIsIHtcbiAgICAgIHNvdXJjZTogc291cmNlLFxuICAgICAgd2ViQnVja2V0OiB0aGlzLndlYmFwcEJ1Y2tldCxcbiAgICAgIGRpc3RyaWJ1dGlvbjogdGhpcy5kaXN0cmlidXRpb24sXG4gICAgICBleGNsdWRlUGF0dGVybjogZGVwbG95U291cmNlTWFwcyA/IHVuZGVmaW5lZCA6IFwiXFxcXC5tYXAkXCIsXG4gICAgfSlcbiAgfVxufVxuIl19
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@liflig/cdk",
3
- "version": "2.9.2",
3
+ "version": "2.10.1",
4
4
  "description": "CDK library for Liflig",
5
5
  "repository": {
6
6
  "type": "git",
@@ -36,15 +36,15 @@
36
36
  "devDependencies": {
37
37
  "@commitlint/cli": "17.4.2",
38
38
  "@commitlint/config-conventional": "17.4.2",
39
- "@aws-cdk/assert": "2.61.1",
40
- "@types/aws-lambda": "8.10.109",
39
+ "@aws-cdk/assert": "2.62.0",
40
+ "@types/aws-lambda": "8.10.110",
41
41
  "@types/jest": "27.5.2",
42
42
  "@types/node": "18.11.18",
43
43
  "@typescript-eslint/eslint-plugin": "5.49.0",
44
44
  "@typescript-eslint/parser": "5.49.0",
45
- "aws-cdk": "2.61.1",
46
- "aws-cdk-lib": "2.61.1",
47
- "constructs": "10.1.229",
45
+ "aws-cdk": "2.62.0",
46
+ "aws-cdk-lib": "2.62.0",
47
+ "constructs": "10.1.232",
48
48
  "eslint": "8.32.0",
49
49
  "eslint-config-prettier": "8.6.0",
50
50
  "eslint-plugin-prettier": "4.2.1",
@@ -52,7 +52,7 @@
52
52
  "jest": "27.5.1",
53
53
  "jest-cdk-snapshot": "2.0.1",
54
54
  "prettier": "2.8.3",
55
- "semantic-release": "20.0.4",
55
+ "semantic-release": "20.1.0",
56
56
  "ts-jest": "27.1.5",
57
57
  "ts-node": "10.9.1",
58
58
  "typescript": "4.9.4"