@morojs/moro 1.7.25 → 1.7.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/http/http-server.d.ts +7 -1
- package/dist/core/http/http-server.js +318 -15
- package/dist/core/http/http-server.js.map +1 -1
- package/dist/core/middleware/built-in/auth/jwt-helpers.js +5 -1
- package/dist/core/middleware/built-in/auth/jwt-helpers.js.map +1 -1
- package/dist/core/middleware/built-in/body-parsers/index.d.ts +19 -0
- package/dist/core/middleware/built-in/body-parsers/index.js +38 -0
- package/dist/core/middleware/built-in/body-parsers/index.js.map +1 -0
- package/dist/core/middleware/built-in/cors/core.d.ts +1 -0
- package/dist/core/middleware/built-in/cors/core.js +6 -2
- package/dist/core/middleware/built-in/cors/core.js.map +1 -1
- package/dist/core/middleware/built-in/index.d.ts +1 -0
- package/dist/core/middleware/built-in/index.js +1 -0
- package/dist/core/middleware/built-in/index.js.map +1 -1
- package/dist/core/middleware/built-in/session/core.js +0 -1
- package/dist/core/middleware/built-in/session/core.js.map +1 -1
- package/dist/core/middleware/built-in/static/core.js +6 -3
- package/dist/core/middleware/built-in/static/core.js.map +1 -1
- package/dist/core/middleware/built-in/template/core.d.ts +0 -1
- package/dist/core/middleware/built-in/template/core.js +26 -34
- package/dist/core/middleware/built-in/template/core.js.map +1 -1
- package/dist/core/routing/create-router.d.ts +32 -0
- package/dist/core/routing/create-router.js +87 -0
- package/dist/core/routing/create-router.js.map +1 -0
- package/dist/core/routing/unified-router.d.ts +3 -0
- package/dist/core/routing/unified-router.js +47 -15
- package/dist/core/routing/unified-router.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.js +6 -0
- package/dist/index.js.map +1 -1
- package/dist/moro.d.ts +45 -0
- package/dist/moro.js +152 -0
- package/dist/moro.js.map +1 -1
- package/dist/types/http.d.ts +25 -0
- package/package.json +1 -1
|
@@ -41,7 +41,11 @@ export async function safeVerifyJWT(token, secret, options = {}) {
|
|
|
41
41
|
};
|
|
42
42
|
}
|
|
43
43
|
try {
|
|
44
|
-
|
|
44
|
+
// Pin algorithms to prevent algorithm-confusion attacks (e.g. RS→HS where an
|
|
45
|
+
// attacker forges an HS256 token signed with the server's RS256 public key).
|
|
46
|
+
// Callers can override by passing their own `algorithms` in options.
|
|
47
|
+
const verifyOptions = { algorithms: ['HS256'], ...options };
|
|
48
|
+
const payload = jwt.verify(token, secret, verifyOptions);
|
|
45
49
|
return {
|
|
46
50
|
success: true,
|
|
47
51
|
payload,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt-helpers.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/auth/jwt-helpers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AAazE;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,KAAa,EACb,MAAc,EACd,UAAe,EAAE;IAEjB,qCAAqC;IACrC,IAAI,GAAQ,CAAC;IACb,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,kBAAkB,CAAC,cAAc,CAAC,CAAC;QACnD,GAAG,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE;gBACL,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EACL,wDAAwD;oBACxD,sEAAsE;aACzE;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE;gBACL,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EACL,sCAAsC;oBACtC,iDAAiD;aACpD;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,
|
|
1
|
+
{"version":3,"file":"jwt-helpers.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/auth/jwt-helpers.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,kBAAkB,EAAE,MAAM,qCAAqC,CAAC;AAazE;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,KAAa,EACb,MAAc,EACd,UAAe,EAAE;IAEjB,qCAAqC;IACrC,IAAI,GAAQ,CAAC;IACb,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,kBAAkB,CAAC,cAAc,CAAC,CAAC;QACnD,GAAG,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE;gBACL,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EACL,wDAAwD;oBACxD,sEAAsE;aACzE;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE;gBACL,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EACL,sCAAsC;oBACtC,iDAAiD;aACpD;SACF,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,6EAA6E;QAC7E,6EAA6E;QAC7E,qEAAqE;QACrE,MAAM,aAAa,GAAG,EAAE,UAAU,EAAE,CAAC,OAAO,CAAC,EAAE,GAAG,OAAO,EAAE,CAAC;QAC5D,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,aAAa,CAAC,CAAC;QACzD,OAAO;YACL,OAAO,EAAE,IAAI;YACb,OAAO;SACR,CAAC;IACJ,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,wCAAwC;QACxC,IAAI,KAAK,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;YACvC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,uBAAuB;oBAChC,SAAS,EAAE,KAAK,CAAC,SAAS;iBAC3B;aACF,CAAC;QACJ,CAAC;aAAM,IAAI,KAAK,CAAC,IAAI,KAAK,mBAAmB,EAAE,CAAC;YAC9C,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,uCAAuC;iBACjD;aACF,CAAC;QACJ,CAAC;aAAM,IAAI,KAAK,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;YAC3C,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,6BAA6B;oBACtC,IAAI,EAAE,KAAK,CAAC,IAAI;iBACjB;aACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE;oBACL,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,4BAA4B,KAAK,CAAC,OAAO,EAAE;iBACrD;aACF,CAAC;QACJ,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,UAA8B;IACjE,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,KAAK,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IACtC,OAAO,KAAK,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC;AAC9B,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,uBAAuB,CAAC,KAAqC;IAC3E,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,uBAAuB;YAC9B,OAAO,EAAE,8BAA8B;SACxC,CAAC;IACJ,CAAC;IAED,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;QACnB,KAAK,SAAS;YACZ,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,eAAe;gBACtB,OAAO,EAAE,iDAAiD;gBAC1D,SAAS,EAAE,KAAK,CAAC,SAAS;aAC3B,CAAC;QAEJ,KAAK,SAAS;YACZ,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,eAAe;gBACtB,OAAO,EAAE,+CAA+C;aACzD,CAAC;QAEJ,KAAK,WAAW;YACd,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,iBAAiB;gBACxB,OAAO,EAAE,4CAA4C;gBACrD,WAAW,EAAE,KAAK,CAAC,IAAI;aACxB,CAAC;QAEJ,KAAK,gBAAgB;YACnB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,qBAAqB;gBAC5B,OAAO,EAAE,oDAAoD;aAC9D,CAAC;QAEJ;YACE,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,uBAAuB;gBAC9B,OAAO,EAAE,KAAK,CAAC,OAAO,IAAI,qCAAqC;aAChE,CAAC;IACN,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4DG"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
import type { Middleware } from '../../../../types/http.js';
|
|
2
|
+
/**
|
|
3
|
+
* JSON body-parser middleware. MoroJS auto-parses JSON bodies on POST/PUT/PATCH
|
|
4
|
+
* requests upstream, so this middleware is effectively a pass-through. It exists
|
|
5
|
+
* so code written in the `app.use(json())` idiom works verbatim without rewrites.
|
|
6
|
+
*/
|
|
7
|
+
export declare function json(_options?: {
|
|
8
|
+
limit?: number | string;
|
|
9
|
+
strict?: boolean;
|
|
10
|
+
}): Middleware;
|
|
11
|
+
/**
|
|
12
|
+
* URL-encoded body-parser middleware. Parses `application/x-www-form-urlencoded`
|
|
13
|
+
* request bodies when the automatic parser left them as strings, populating
|
|
14
|
+
* `req.body` with the decoded object.
|
|
15
|
+
*/
|
|
16
|
+
export declare function urlencoded(_options?: {
|
|
17
|
+
extended?: boolean;
|
|
18
|
+
limit?: number | string;
|
|
19
|
+
}): Middleware;
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* JSON body-parser middleware. MoroJS auto-parses JSON bodies on POST/PUT/PATCH
|
|
3
|
+
* requests upstream, so this middleware is effectively a pass-through. It exists
|
|
4
|
+
* so code written in the `app.use(json())` idiom works verbatim without rewrites.
|
|
5
|
+
*/
|
|
6
|
+
export function json(_options) {
|
|
7
|
+
return function moroJsonBodyParser(_req, _res, next) {
|
|
8
|
+
next();
|
|
9
|
+
};
|
|
10
|
+
}
|
|
11
|
+
/**
|
|
12
|
+
* URL-encoded body-parser middleware. Parses `application/x-www-form-urlencoded`
|
|
13
|
+
* request bodies when the automatic parser left them as strings, populating
|
|
14
|
+
* `req.body` with the decoded object.
|
|
15
|
+
*/
|
|
16
|
+
export function urlencoded(_options) {
|
|
17
|
+
return function moroUrlencodedBodyParser(req, _res, next) {
|
|
18
|
+
const ct = (req.headers['content-type'] || '');
|
|
19
|
+
if (!ct.toLowerCase().startsWith('application/x-www-form-urlencoded')) {
|
|
20
|
+
return next();
|
|
21
|
+
}
|
|
22
|
+
if (typeof req.body === 'string') {
|
|
23
|
+
const parsed = {};
|
|
24
|
+
const pairs = req.body.split('&');
|
|
25
|
+
for (const pair of pairs) {
|
|
26
|
+
if (!pair)
|
|
27
|
+
continue;
|
|
28
|
+
const eq = pair.indexOf('=');
|
|
29
|
+
const k = eq === -1 ? pair : pair.substring(0, eq);
|
|
30
|
+
const v = eq === -1 ? '' : pair.substring(eq + 1);
|
|
31
|
+
parsed[decodeURIComponent(k.replace(/\+/g, ' '))] = decodeURIComponent(v.replace(/\+/g, ' '));
|
|
32
|
+
}
|
|
33
|
+
req.body = parsed;
|
|
34
|
+
}
|
|
35
|
+
next();
|
|
36
|
+
};
|
|
37
|
+
}
|
|
38
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/body-parsers/index.ts"],"names":[],"mappings":"AAEA;;;;GAIG;AACH,MAAM,UAAU,IAAI,CAAC,QAAwD;IAC3E,OAAO,SAAS,kBAAkB,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI;QACjD,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,UAAU,CAAC,QAA0D;IACnF,OAAO,SAAS,wBAAwB,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI;QACtD,MAAM,EAAE,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,EAAE,CAAW,CAAC;QACzD,IAAI,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,mCAAmC,CAAC,EAAE,CAAC;YACtE,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;QACD,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YACjC,MAAM,MAAM,GAA2B,EAAE,CAAC;YAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAClC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,CAAC,IAAI;oBAAE,SAAS;gBACpB,MAAM,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;gBAC7B,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACnD,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;gBAClD,MAAM,CAAC,kBAAkB,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC,GAAG,kBAAkB,CACpE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CACtB,CAAC;YACJ,CAAC;YACD,GAAG,CAAC,IAAI,GAAG,MAAM,CAAC;QACpB,CAAC;QACD,IAAI,EAAE,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}
|
|
@@ -10,6 +10,7 @@ export class CORSCore {
|
|
|
10
10
|
options;
|
|
11
11
|
cachedMethods;
|
|
12
12
|
cachedAllowedHeaders;
|
|
13
|
+
wildcardCredentialsWarned = false;
|
|
13
14
|
constructor(options = {}) {
|
|
14
15
|
this.options = {
|
|
15
16
|
origin: '*',
|
|
@@ -82,8 +83,11 @@ export class CORSCore {
|
|
|
82
83
|
// Credentials — guard against invalid credentials + wildcard combination (CORS spec violation)
|
|
83
84
|
if (this.options.credentials) {
|
|
84
85
|
if (originHeader === '*') {
|
|
85
|
-
|
|
86
|
-
|
|
86
|
+
if (!this.wildcardCredentialsWarned) {
|
|
87
|
+
this.wildcardCredentialsWarned = true;
|
|
88
|
+
logger.warn('[MoroJS Security] CORS credentials:true with origin:* is a spec violation — browsers will reject this. ' +
|
|
89
|
+
'Forcing credentials:false. Configure specific allowed origins for credential support.', 'CORSCore');
|
|
90
|
+
}
|
|
87
91
|
}
|
|
88
92
|
else {
|
|
89
93
|
res.setHeader('Access-Control-Allow-Credentials', 'true');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"core.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/cors/core.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAEjE,MAAM,MAAM,GAAG,qBAAqB,CAAC,UAAU,CAAC,CAAC;AAmBjD,yBAAyB;AAEzB;;;;GAIG;AACH,MAAM,OAAO,QAAQ;IACX,OAAO,CAAc;IACrB,aAAa,CAAS;IACtB,oBAAoB,CAAS;
|
|
1
|
+
{"version":3,"file":"core.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/cors/core.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAEjE,MAAM,MAAM,GAAG,qBAAqB,CAAC,UAAU,CAAC,CAAC;AAmBjD,yBAAyB;AAEzB;;;;GAIG;AACH,MAAM,OAAO,QAAQ;IACX,OAAO,CAAc;IACrB,aAAa,CAAS;IACtB,oBAAoB,CAAS;IAC7B,yBAAyB,GAAG,KAAK,CAAC;IAE1C,YAAY,UAAuB,EAAE;QACnC,IAAI,CAAC,OAAO,GAAG;YACb,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,6BAA6B;YACtC,cAAc,EAAE,4BAA4B;YAC5C,WAAW,EAAE,KAAK;YAClB,GAAG,OAAO;SACX,CAAC;QACF,IAAI,CAAC,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC;YACtD,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC;YAChC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,IAAI,6BAA6B,CAAC;QAC1D,IAAI,CAAC,oBAAoB,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;YACpE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC;YACvC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,cAAc,IAAI,4BAA4B,CAAC;IAClE,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,SAAS,CAAC,GAAiB,EAAE,GAAgB;QACjD,sDAAsD;QACtD,IAAI,cAAc,GAAgC,GAAG,CAAC;QAEtD,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC9C,MAAM,aAAa,GAAI,GAAG,CAAC,OAAe,CAAC,MAAM,IAAK,GAAG,CAAC,OAAe,CAAC,MAAM,CAAC;YACjF,cAAc,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC;QACjE,CAAC;aAAM,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC7C,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;QACvC,CAAC;QAED,sDAAsD;QACtD,IAAI,cAAc,KAAK,KAAK,EAAE,CAAC;YAC7B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,2BAA2B;QAC3B,IAAI,cAAc,KAAK,IAAI,EAAE,CAAC;YAC5B,cAAc,GAAG,GAAG,CAAC;QACvB,CAAC;QAED,sEAAsE;QACtE,sFAAsF;QACtF,IAAI,YAAoB,CAAC;QACzB,IAAI,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;YAClC,IAAI,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;gBAC7B,kFAAkF;gBAClF,MAAM,aAAa,GAAI,GAAG,CAAC,OAAe,CAAC,MAAM,IAAK,GAAG,CAAC,OAAe,CAAC,MAAM,CAAC;gBAEjF,gFAAgF;gBAChF,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC;gBAC1C,CAAC;qBAAM,IAAI,cAAc,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oBAClD,YAAY,GAAG,aAAa,CAAC;gBAC/B,CAAC;qBAAM,CAAC;oBACN,4CAA4C;oBAC5C,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,iFAAiF;gBACjF,YAAY,GAAG,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;aAAM,CAAC;YACN,YAAY,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC;QACxC,CAAC;QAED,GAAG,CAAC,SAAS,CAAC,6BAA6B,EAAE,YAAY,CAAC,CAAC;QAE3D,UAAU;QACV,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;QAElE,UAAU;QACV,GAAG,CAAC,SAAS,CAAC,8BAA8B,EAAE,IAAI,CAAC,oBAAoB,CAAC,CAAC;QAEzE,+FAA+F;QAC/F,IAAI,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;YAC7B,IAAI,YAAY,KAAK,GAAG,EAAE,CAAC;gBACzB,IAAI,CAAC,IAAI,CAAC,yBAAyB,EAAE,CAAC;oBACpC,IAAI,CAAC,yBAAyB,GAAG,IAAI,CAAC;oBACtC,MAAM,CAAC,IAAI,CACT,yGAAyG;wBACvG,uFAAuF,EACzF,UAAU,CACX,CAAC;gBACJ,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,GAAG,CAAC,SAAS,CAAC,kCAAkC,EAAE,MAAM,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;QAED,UAAU;QACV,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;YACxB,GAAG,CAAC,SAAS,CAAC,wBAAwB,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC;QACvE,CAAC;QAED,kBAAkB;QAClB,IAAI,IAAI,CAAC,OAAO,CAAC,cAAc,IAAI,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1E,GAAG,CAAC,SAAS,CAAC,+BAA+B,EAAE,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACxF,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}
|
|
@@ -16,6 +16,7 @@ export { http2 } from './http2/index.js';
|
|
|
16
16
|
export { helmet } from './helmet/index.js';
|
|
17
17
|
export { compression } from './compression/index.js';
|
|
18
18
|
export { bodySize } from './body-size/index.js';
|
|
19
|
+
export { json, urlencoded } from './body-parsers/index.js';
|
|
19
20
|
export { staticFiles } from './static/index.js';
|
|
20
21
|
export { upload } from './upload/index.js';
|
|
21
22
|
export { template } from './template/index.js';
|
|
@@ -21,6 +21,7 @@ export { http2 } from './http2/index.js';
|
|
|
21
21
|
export { helmet } from './helmet/index.js';
|
|
22
22
|
export { compression } from './compression/index.js';
|
|
23
23
|
export { bodySize } from './body-size/index.js';
|
|
24
|
+
export { json, urlencoded } from './body-parsers/index.js';
|
|
24
25
|
export { staticFiles } from './static/index.js';
|
|
25
26
|
export { upload } from './upload/index.js';
|
|
26
27
|
export { template } from './template/index.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/core/middleware/built-in/index.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,6CAA6C;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAE7C,gCAAgC;AAChC,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAErC,oBAAoB;AACpB,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,4BAA4B;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,sCAAsC;AACtC,OAAO,EACL,WAAW,EACX,WAAW,EACX,iBAAiB,EACjB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,QAAQ,EACR,cAAc,EACd,SAAS,EACT,aAAa,EACb,cAAc,GACf,MAAM,mBAAmB,CAAC;AAE3B,sCAAsC;AACtC,OAAO,EACL,aAAa,EACb,oBAAoB,EACpB,uBAAuB,GAExB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EACL,iBAAiB,EACjB,mBAAmB,EACnB,yBAAyB,EACzB,wBAAwB,GACzB,MAAM,qBAAqB,CAAC;AAE7B,yBAAyB;AACzB,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,IAAI;IACJ,SAAS;IACT,IAAI,EAAE,QAAQ;IACd,UAAU;IACV,sBAAsB;IACtB,MAAM;IACN,IAAI;IACJ,GAAG;IACH,GAAG;IACH,OAAO;IACP,gCAAgC;IAChC,KAAK;IACL,GAAG;IACH,UAAU;IACV,OAAO;IACP,SAAS;IACT,KAAK;IACL,iBAAiB;IACjB,MAAM;IACN,WAAW;IACX,QAAQ;IACR,WAAW;IACX,MAAM;IACN,QAAQ;IACR,KAAK;CACN,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,aAAa;IACb,kBAAkB;IAClB,YAAY;CACb,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/core/middleware/built-in/index.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,6CAA6C;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAE7C,gCAAgC;AAChC,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AAErC,oBAAoB;AACpB,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,4BAA4B;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,sCAAsC;AACtC,OAAO,EACL,WAAW,EACX,WAAW,EACX,iBAAiB,EACjB,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,QAAQ,EACR,cAAc,EACd,SAAS,EACT,aAAa,EACb,cAAc,GACf,MAAM,mBAAmB,CAAC;AAE3B,sCAAsC;AACtC,OAAO,EACL,aAAa,EACb,oBAAoB,EACpB,uBAAuB,GAExB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EACL,iBAAiB,EACjB,mBAAmB,EACnB,yBAAyB,EACzB,wBAAwB,GACzB,MAAM,qBAAqB,CAAC;AAE7B,yBAAyB;AACzB,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,kBAAkB,EAAE,MAAM,gCAAgC,CAAC;AACpE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AACvC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,GAAG,EAAE,MAAM,gBAAgB,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAC3C,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAEzC,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,IAAI;IACJ,SAAS;IACT,IAAI,EAAE,QAAQ;IACd,UAAU;IACV,sBAAsB;IACtB,MAAM;IACN,IAAI;IACJ,GAAG;IACH,GAAG;IACH,OAAO;IACP,gCAAgC;IAChC,KAAK;IACL,GAAG;IACH,UAAU;IACV,OAAO;IACP,SAAS;IACT,KAAK;IACL,iBAAiB;IACjB,MAAM;IACN,WAAW;IACX,QAAQ;IACR,WAAW;IACX,MAAM;IACN,QAAQ;IACR,KAAK;CACN,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAG;IAC9B,aAAa;IACb,kBAAkB;IAClB,YAAY;CACb,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"core.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/session/core.ts"],"names":[],"mappings":"AAAA,mDAAmD;AACnD,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAEjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,mCAAmC,CAAC;AACvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AAGnE,MAAM,MAAM,GAAG,qBAAqB,CAAC,aAAa,CAAC,CAAC;AAsDpD,4BAA4B;AAE5B,MAAM,OAAO,OAAO;IACV,IAAI,GAAgB,EAAE,CAAC;IACvB,EAAE,CAAS;IACX,KAAK,CAAe;IACpB,OAAO,CAAiB;IACxB,KAAK,GAAY,KAAK,CAAC;IACvB,UAAU,GAAY,KAAK,CAAC;IAEpC,YAAY,EAAU,EAAE,KAAmB,EAAE,OAAuB,EAAE,QAAiB,KAAK;QAC1F,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,0CAA0C;IAC1C,MAAM,CAAC,MAAM,CACX,EAAU,EACV,KAAmB,EACnB,OAAuB,EACvB,OAAoB,EAAE,EACtB,QAAiB,KAAK;QAEtB,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QACvD,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;QAEpB,OAAO,IAAI,KAAK,CAAC,OAAO,EAAE;YACxB,GAAG,CAAC,MAAM,EAAE,IAAI;gBACd,IAAI,IAAI,IAAI,MAAM,EAAE,CAAC;oBACnB,OAAO,MAAM,CAAC,IAAqB,CAAC,CAAC;gBACvC,CAAC;gBACD,OAAO,MAAM,CAAC,IAAI,CAAC,IAAc,CAAC,CAAC;YACrC,CAAC;YAED,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK;gBACrB,IAAI,IAAI,IAAI,MAAM,EAAE,CAAC;oBAClB,MAAc,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;gBAChC,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,IAAI,CAAC,IAAc,CAAC,GAAG,KAAK,CAAC;oBACpC,MAAM,CAAC,UAAU,GAAG,IAAI,CAAC;gBAC3B,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,GAAG,CAAC,MAAM,EAAE,IAAI;gBACd,OAAO,IAAI,IAAI,MAAM,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC;YAC/C,CAAC;YAED,cAAc,CAAC,MAAM,EAAE,IAAI;gBACzB,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;oBACxB,OAAO,MAAM,CAAC,IAAI,CAAC,IAAc,CAAC,CAAC;oBACnC,MAAM,CAAC,UAAU,GAAG,IAAI,CAAC;oBACzB,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;YACzD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM;gBACrC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC;gBAC/C,CAAC,CAAC,KAAK,CAAC,CAAC,cAAc;YACzB,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YAC9C,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;YACxB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;YACnB,MAAM,CAAC,KAAK,CAAC,kBAAkB,IAAI,CAAC,EAAE,EAAE,EAAE,aAAa,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,IAAI,GAAG,EAAE,CAAC;QACf,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;QACxB,MAAM,CAAC,KAAK,CAAC,sBAAsB,IAAI,CAAC,EAAE,EAAE,EAAE,gBAAgB,CAAC,CAAC;IAClE,CAAC;IAED,KAAK,CAAC,UAAU;QACd,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC5B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QAClB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACvB,MAAM,CAAC,KAAK,CAAC,wBAAwB,IAAI,CAAC,EAAE,EAAE,EAAE,mBAAmB,CAAC,CAAC;QACrE,OAAO,IAAI,CAAC,EAAE,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACzB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;YACvB,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QACpB,CAAC;IACH,CAAC;IAEO,UAAU;QAChB,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACvB,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QAC9B,CAAC;QAED,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,EAAE,CAAC;IACjB,CAAC;CACF;AAED,0BAA0B;AAE1B;;;;GAIG;AACH,MAAM,OAAO,WAAW;IACd,KAAK,CAAe;IACpB,OAAO,CAAiB;IAEhC,YAAY,UAA0B,EAAE;QACtC,IAAI,CAAC,OAAO,GAAG;YACb,KAAK,EAAE,QAAQ;YACf,IAAI,EAAE,aAAa;YACnB,
|
|
1
|
+
{"version":3,"file":"core.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/session/core.ts"],"names":[],"mappings":"AAAA,mDAAmD;AACnD,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAC;AAEjE,OAAO,EAAE,kBAAkB,EAAE,MAAM,mCAAmC,CAAC;AACvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AAGnE,MAAM,MAAM,GAAG,qBAAqB,CAAC,aAAa,CAAC,CAAC;AAsDpD,4BAA4B;AAE5B,MAAM,OAAO,OAAO;IACV,IAAI,GAAgB,EAAE,CAAC;IACvB,EAAE,CAAS;IACX,KAAK,CAAe;IACpB,OAAO,CAAiB;IACxB,KAAK,GAAY,KAAK,CAAC;IACvB,UAAU,GAAY,KAAK,CAAC;IAEpC,YAAY,EAAU,EAAE,KAAmB,EAAE,OAAuB,EAAE,QAAiB,KAAK;QAC1F,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;QACb,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;QACnB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,0CAA0C;IAC1C,MAAM,CAAC,MAAM,CACX,EAAU,EACV,KAAmB,EACnB,OAAuB,EACvB,OAAoB,EAAE,EACtB,QAAiB,KAAK;QAEtB,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QACvD,OAAO,CAAC,IAAI,GAAG,IAAI,CAAC;QAEpB,OAAO,IAAI,KAAK,CAAC,OAAO,EAAE;YACxB,GAAG,CAAC,MAAM,EAAE,IAAI;gBACd,IAAI,IAAI,IAAI,MAAM,EAAE,CAAC;oBACnB,OAAO,MAAM,CAAC,IAAqB,CAAC,CAAC;gBACvC,CAAC;gBACD,OAAO,MAAM,CAAC,IAAI,CAAC,IAAc,CAAC,CAAC;YACrC,CAAC;YAED,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK;gBACrB,IAAI,IAAI,IAAI,MAAM,EAAE,CAAC;oBAClB,MAAc,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC;gBAChC,CAAC;qBAAM,CAAC;oBACN,MAAM,CAAC,IAAI,CAAC,IAAc,CAAC,GAAG,KAAK,CAAC;oBACpC,MAAM,CAAC,UAAU,GAAG,IAAI,CAAC;gBAC3B,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,GAAG,CAAC,MAAM,EAAE,IAAI;gBACd,OAAO,IAAI,IAAI,MAAM,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI,CAAC;YAC/C,CAAC;YAED,cAAc,CAAC,MAAM,EAAE,IAAI;gBACzB,IAAI,IAAI,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;oBACxB,OAAO,MAAM,CAAC,IAAI,CAAC,IAAc,CAAC,CAAC;oBACnC,MAAM,CAAC,UAAU,GAAG,IAAI,CAAC;oBACzB,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC;SACF,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;YACzD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM;gBACrC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC;gBAC/C,CAAC,CAAC,KAAK,CAAC,CAAC,cAAc;YACzB,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YAC9C,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;YACxB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;YACnB,MAAM,CAAC,KAAK,CAAC,kBAAkB,IAAI,CAAC,EAAE,EAAE,EAAE,aAAa,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,OAAO;QACX,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC9B,IAAI,CAAC,IAAI,GAAG,EAAE,CAAC;QACf,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;QACxB,MAAM,CAAC,KAAK,CAAC,sBAAsB,IAAI,CAAC,EAAE,EAAE,EAAE,gBAAgB,CAAC,CAAC;IAClE,CAAC;IAED,KAAK,CAAC,UAAU;QACd,MAAM,IAAI,CAAC,OAAO,EAAE,CAAC;QACrB,IAAI,CAAC,EAAE,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAC5B,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;QAClB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACvB,MAAM,CAAC,KAAK,CAAC,wBAAwB,IAAI,CAAC,EAAE,EAAE,EAAE,mBAAmB,CAAC,CAAC;QACrE,OAAO,IAAI,CAAC,EAAE,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,KAAK;QACT,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YACzB,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;YACvB,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QACpB,CAAC;IACH,CAAC;IAEO,UAAU;QAChB,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACvB,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QAC9B,CAAC;QAED,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IAED,IAAI,SAAS;QACX,OAAO,IAAI,CAAC,EAAE,CAAC;IACjB,CAAC;CACF;AAED,0BAA0B;AAE1B;;;;GAIG;AACH,MAAM,OAAO,WAAW;IACd,KAAK,CAAe;IACpB,OAAO,CAAiB;IAEhC,YAAY,UAA0B,EAAE;QACtC,IAAI,CAAC,OAAO,GAAG;YACb,KAAK,EAAE,QAAQ;YACf,IAAI,EAAE,aAAa;YACnB,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,KAAK;YACb,iBAAiB,EAAE,KAAK;YACxB,MAAM,EAAE;gBACN,MAAM,EAAE,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,EAAE,WAAW;gBACxC,QAAQ,EAAE,IAAI;gBACd,MAAM,EAAE,KAAK;gBACb,QAAQ,EAAE,KAAK;gBACf,IAAI,EAAE,GAAG;aACV;YACD,KAAK,EAAE,MAAM;YACb,GAAG,OAAO;SACX,CAAC;QAEF,mBAAmB;QACnB,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC3C,QAAQ,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBAC3B,KAAK,OAAO;oBACV,IAAI,CAAC,KAAK,GAAG,IAAI,iBAAiB,CAAC;wBACjC,SAAS,EAAE,OAAO;wBAClB,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY;qBAC7B,CAAC,CAAC;oBACH,MAAM;gBACR,KAAK,MAAM;oBACT,IAAI,CAAC,KAAK,GAAG,IAAI,gBAAgB,CAAC;wBAChC,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,IAAI,YAAY;qBAC1D,CAAC,CAAC;oBACH,MAAM;gBACR,KAAK,QAAQ,CAAC;gBACd;oBACE,IAAI,CAAC,KAAK,GAAG,IAAI,kBAAkB,EAAE,CAAC;oBACtC,MAAM;YACV,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,KAAqB,CAAC;QAClD,CAAC;IACH,CAAC;IAED,iBAAiB;QACf,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACvB,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QAC9B,CAAC;QACD,OAAO,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,SAAiB;QACjC,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAC7C,MAAM,CAAC,KAAK,CAAC,mBAAmB,SAAS,EAAE,EAAE,aAAa,CAAC,CAAC;YAC5D,OAAO,IAAI,IAAI,IAAI,CAAC;QACtB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,IAAI,CAAC,2BAA2B,SAAS,EAAE,EAAE,kBAAkB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;YACnF,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAAgB,EAAE,GAAiB,EAAE,SAAkB;QACzE,MAAM,EAAE,GAAG,SAAS,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACjD,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,EAAE,IAAI,CAAC,CAAC;QAEvE,qBAAqB;QACrB,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,aAAa,EAAE,EAAE,EAAE;YACjD,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM;YACtB,MAAM,EACJ,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM;gBAC3B,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,OAAO,CAAC;SACvE,CAAC,CAAC;QAEH,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAAgB,EAAE,GAAiB,EAAE,SAAkB;QACzE,IAAI,EAAE,GAAG,SAAS,CAAC;QACnB,IAAI,WAAW,GAAgB,EAAE,CAAC;QAClC,IAAI,KAAK,GAAG,KAAK,CAAC;QAElB,IAAI,EAAE,EAAE,CAAC;YACP,WAAW,GAAG,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YACjD,uCAAuC;YACvC,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,EAAE,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBAC9B,KAAK,GAAG,IAAI,CAAC;YACf,CAAC;iBAAM,CAAC;gBACN,IAAI,OAAO,GAAG,KAAK,CAAC;gBACpB,6DAA6D;gBAC7D,KAAK,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC;oBAC5B,OAAO,GAAG,IAAI,CAAC;oBACf,MAAM;gBACR,CAAC;gBACD,IAAI,CAAC,OAAO,EAAE,CAAC;oBACb,EAAE,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;oBAC9B,KAAK,GAAG,IAAI,CAAC;gBACf,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,EAAE,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC9B,KAAK,GAAG,IAAI,CAAC;QACf,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,OAAO,EAAE,WAAW,EAAE,KAAK,CAAC,CAAC;QAEjF,uCAAuC;QACvC,IAAI,KAAK,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YAClC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,aAAa,EAAE,EAAE,EAAE;gBACjD,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM;gBACtB,MAAM,EACJ,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM;oBAC3B,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,KAAK,OAAO,CAAC;aACvE,CAAC,CAAC;QACL,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,OAAgB;QAChC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,IACE,IAAI,CAAC,OAAO,CAAC,iBAAiB;gBAC9B,CAAE,OAAe,CAAC,KAAK;gBACtB,OAAe,CAAC,UAAU,EAC3B,CAAC;gBACD,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;YACvB,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,wBAAwB,EAAE,kBAAkB,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,UAAU;QACR,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;CACF"}
|
|
@@ -40,15 +40,18 @@ export class StaticCore {
|
|
|
40
40
|
}
|
|
41
41
|
try {
|
|
42
42
|
let filePath = path.join(this.root, req.path);
|
|
43
|
-
// Security: prevent directory traversal
|
|
44
|
-
|
|
43
|
+
// Security: prevent directory traversal. The trailing separator is required —
|
|
44
|
+
// a bare prefix check would allow sibling dirs like `/app/static-backups` to
|
|
45
|
+
// satisfy `startsWith('/app/static')` and escape the root.
|
|
46
|
+
const rootWithSep = this.root.endsWith(path.sep) ? this.root : this.root + path.sep;
|
|
47
|
+
if (filePath !== this.root && !filePath.startsWith(rootWithSep)) {
|
|
45
48
|
res.status(403).json({ success: false, error: 'Forbidden' });
|
|
46
49
|
return true;
|
|
47
50
|
}
|
|
48
51
|
// Security: resolve symlinks and re-check path to prevent symlink-based traversal
|
|
49
52
|
try {
|
|
50
53
|
const realPath = await fs.realpath(filePath);
|
|
51
|
-
if (!realPath.startsWith(
|
|
54
|
+
if (realPath !== this.root && !realPath.startsWith(rootWithSep)) {
|
|
52
55
|
res.status(403).json({ success: false, error: 'Forbidden' });
|
|
53
56
|
return true;
|
|
54
57
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"core.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/static/core.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AAUjC,MAAM,OAAO,UAAU;IACb,IAAI,CAAS;IACb,MAAM,CAAS;IACf,KAAK,CAAW;IAChB,QAAQ,CAA8B;IACtC,IAAI,CAAU;IAEd,SAAS,GAA2B;QAC1C,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE,UAAU;QAClB,KAAK,EAAE,wBAAwB;QAC/B,OAAO,EAAE,kBAAkB;QAC3B,MAAM,EAAE,WAAW;QACnB,MAAM,EAAE,YAAY;QACpB,OAAO,EAAE,YAAY;QACrB,MAAM,EAAE,WAAW;QACnB,MAAM,EAAE,eAAe;QACvB,MAAM,EAAE,cAAc;QACtB,MAAM,EAAE,iBAAiB;QACzB,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,iBAAiB;QACzB,OAAO,EAAE,WAAW;QACpB,QAAQ,EAAE,YAAY;QACtB,MAAM,EAAE,UAAU;QAClB,MAAM,EAAE,+BAA+B;KACxC,CAAC;IAEF,YAAY,OAAsB;QAChC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACvC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;QAC1D,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,QAAQ,CAAC;QAC7C,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,KAAK,KAAK,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAAgB,EAAE,GAAiB;QACrD,oCAAoC;QACpC,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAClD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC;YACH,IAAI,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;YAE9C,
|
|
1
|
+
{"version":3,"file":"core.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/static/core.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AAUjC,MAAM,OAAO,UAAU;IACb,IAAI,CAAS;IACb,MAAM,CAAS;IACf,KAAK,CAAW;IAChB,QAAQ,CAA8B;IACtC,IAAI,CAAU;IAEd,SAAS,GAA2B;QAC1C,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE,UAAU;QAClB,KAAK,EAAE,wBAAwB;QAC/B,OAAO,EAAE,kBAAkB;QAC3B,MAAM,EAAE,WAAW;QACnB,MAAM,EAAE,YAAY;QACpB,OAAO,EAAE,YAAY;QACrB,MAAM,EAAE,WAAW;QACnB,MAAM,EAAE,eAAe;QACvB,MAAM,EAAE,cAAc;QACtB,MAAM,EAAE,iBAAiB;QACzB,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,iBAAiB;QACzB,OAAO,EAAE,WAAW;QACpB,QAAQ,EAAE,YAAY;QACtB,MAAM,EAAE,UAAU;QAClB,MAAM,EAAE,+BAA+B;KACxC,CAAC;IAEF,YAAY,OAAsB;QAChC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACvC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;QAC1D,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,QAAQ,CAAC;QAC7C,IAAI,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,KAAK,KAAK,CAAC;IACrC,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,GAAgB,EAAE,GAAiB;QACrD,oCAAoC;QACpC,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAClD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC;YACH,IAAI,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;YAE9C,8EAA8E;YAC9E,6EAA6E;YAC7E,2DAA2D;YAC3D,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC;YACpF,IAAI,QAAQ,KAAK,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;gBAChE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;gBAC7D,OAAO,IAAI,CAAC;YACd,CAAC;YAED,kFAAkF;YAClF,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAC7C,IAAI,QAAQ,KAAK,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;oBAChE,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;oBAC7D,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,QAAQ,GAAG,QAAQ,CAAC;YACtB,CAAC;YAAC,MAAM,CAAC;gBACP,+DAA+D;YACjE,CAAC;YAED,kBAAkB;YAClB,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACzC,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC7B,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;oBAC7B,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;oBAC7D,OAAO,IAAI,CAAC;gBACd,CAAC;qBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBACtC,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YAED,IAAI,KAAK,CAAC;YACV,IAAI,CAAC;gBACH,KAAK,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAClC,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC,CAAC,8CAA8C;YAC9D,CAAC;YAED,qBAAqB;YACrB,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;gBACxB,IAAI,UAAU,GAAG,KAAK,CAAC;gBAEvB,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;oBACnC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;oBACjD,IAAI,CAAC;wBACH,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;wBAC5C,IAAI,UAAU,CAAC,MAAM,EAAE,EAAE,CAAC;4BACxB,QAAQ,GAAG,SAAS,CAAC;4BACrB,KAAK,GAAG,UAAU,CAAC;4BACnB,UAAU,GAAG,IAAI,CAAC;4BAClB,MAAM;wBACR,CAAC;oBACH,CAAC;oBAAC,MAAM,CAAC;wBACP,8BAA8B;oBAChC,CAAC;gBACH,CAAC;gBAED,IAAI,CAAC,UAAU,EAAE,CAAC;oBAChB,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YAED,+CAA+C;YAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACnC,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,IAAI,0BAA0B,CAAC;YACrF,MAAM,WAAW,GAAG,IAAI,CAAC,kBAAkB,CAAC,YAAY,CAAC,CAAC;YAE1D,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC;YAC3C,GAAG,CAAC,SAAS,CAAC,gBAAgB,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YAE5C,gBAAgB;YAChB,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpB,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,mBAAmB,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACnE,CAAC;YAED,eAAe;YACf,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,MAAM,IAAI,GAAG,MAAM;qBAChB,UAAU,CAAC,KAAK,CAAC;qBACjB,MAAM,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,OAAO,EAAE,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;qBAChD,MAAM,CAAC,KAAK,CAAC,CAAC;gBACjB,GAAG,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,IAAI,GAAG,CAAC,CAAC;gBAEnC,8BAA8B;gBAC9B,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;gBACjD,IAAI,WAAW,KAAK,IAAI,IAAI,GAAG,EAAE,CAAC;oBAChC,GAAG,CAAC,UAAU,GAAG,GAAG,CAAC;oBACrB,GAAG,CAAC,GAAG,EAAE,CAAC;oBACV,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;YAED,uBAAuB;YACvB,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC1B,GAAG,CAAC,GAAG,EAAE,CAAC;gBACV,OAAO,IAAI,CAAC;YACd,CAAC;YAED,YAAY;YACZ,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACzC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YACd,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,uBAAuB,EAAE,CAAC,CAAC;YACzE,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAEO,kBAAkB,CAAC,QAAgB;QACzC,MAAM,SAAS,GAAG;YAChB,OAAO;YACP,kBAAkB;YAClB,wBAAwB;YACxB,iBAAiB;YACjB,eAAe;SAChB,CAAC;QACF,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QACvE,OAAO,YAAY,CAAC,CAAC,CAAC,GAAG,QAAQ,iBAAiB,CAAC,CAAC,CAAC,QAAQ,CAAC;IAChE,CAAC;IAED,OAAO;QACL,OAAO,IAAI,CAAC,IAAI,CAAC;IACnB,CAAC;CACF"}
|
|
@@ -11,7 +11,6 @@ export declare class TemplateCore {
|
|
|
11
11
|
private cache;
|
|
12
12
|
private defaultLayout?;
|
|
13
13
|
private templateCache;
|
|
14
|
-
private deprecationWarned;
|
|
15
14
|
constructor(options: TemplateOptions);
|
|
16
15
|
addRenderMethod(req: HttpRequest, res: HttpResponse): void;
|
|
17
16
|
private renderTemplate;
|
|
@@ -1,7 +1,5 @@
|
|
|
1
|
-
import { createFrameworkLogger } from '../../../logger/index.js';
|
|
2
1
|
import * as fs from 'fs/promises';
|
|
3
2
|
import * as path from 'path';
|
|
4
|
-
const logger = createFrameworkLogger('TemplateCore');
|
|
5
3
|
const ESCAPE_MAP = {
|
|
6
4
|
'&': '&',
|
|
7
5
|
'<': '<',
|
|
@@ -12,10 +10,11 @@ const ESCAPE_MAP = {
|
|
|
12
10
|
function escapeHtml(str) {
|
|
13
11
|
return str.replace(/[&<>"']/g, char => ESCAPE_MAP[char]);
|
|
14
12
|
}
|
|
15
|
-
// Pre-compiled regex patterns — avoids recompilation on every render call
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
const
|
|
13
|
+
// Pre-compiled regex patterns — avoids recompilation on every render call.
|
|
14
|
+
// Triple-brace {{{var}}} is raw output; double-brace {{var}} is HTML-escaped.
|
|
15
|
+
// Triple MUST be matched before double to avoid double consuming its braces.
|
|
16
|
+
const RE_RAW_VAR = /\{\{\{([\w.]+)\}\}\}/g;
|
|
17
|
+
const RE_VAR = /\{\{([\w.]+)\}\}/g;
|
|
19
18
|
const RE_EACH_BLOCK = /\{\{#each (\w+)\}\}(.*?)\{\{\/each\}\}/gs;
|
|
20
19
|
const RE_IF_BLOCK = /\{\{#if (\w+)\}\}(.*?)\{\{\/if\}\}/gs;
|
|
21
20
|
function resolveNestedValue(obj, path) {
|
|
@@ -29,7 +28,6 @@ export class TemplateCore {
|
|
|
29
28
|
cache;
|
|
30
29
|
defaultLayout;
|
|
31
30
|
templateCache = new Map();
|
|
32
|
-
deprecationWarned = false;
|
|
33
31
|
constructor(options) {
|
|
34
32
|
this.views = path.resolve(options.views);
|
|
35
33
|
this.engine = options.engine || 'moro';
|
|
@@ -40,6 +38,12 @@ export class TemplateCore {
|
|
|
40
38
|
res.render = async (template, data = {}) => {
|
|
41
39
|
try {
|
|
42
40
|
const templatePath = path.join(this.views, `${template}.html`);
|
|
41
|
+
// Security: prevent directory traversal via user-controlled template names.
|
|
42
|
+
const viewsWithSep = this.views.endsWith(path.sep) ? this.views : this.views + path.sep;
|
|
43
|
+
if (!templatePath.startsWith(viewsWithSep)) {
|
|
44
|
+
res.status(403).json({ success: false, error: 'Forbidden' });
|
|
45
|
+
return;
|
|
46
|
+
}
|
|
43
47
|
let templateContent;
|
|
44
48
|
// Check cache first
|
|
45
49
|
if (this.cache && this.templateCache.has(templatePath)) {
|
|
@@ -75,30 +79,16 @@ export class TemplateCore {
|
|
|
75
79
|
}
|
|
76
80
|
renderTemplate(content, data) {
|
|
77
81
|
let rendered = content;
|
|
78
|
-
//
|
|
79
|
-
|
|
82
|
+
// Raw output: {{{variable}}} — inserted verbatim. Must run before {{var}}
|
|
83
|
+
// so the outer braces of the triple form aren't consumed as a double match.
|
|
84
|
+
rendered = rendered.replace(RE_RAW_VAR, (match, key) => {
|
|
80
85
|
const value = resolveNestedValue(data, key);
|
|
81
|
-
return value !== undefined ?
|
|
82
|
-
});
|
|
83
|
-
// Handle basic variable substitution (unescaped — existing behavior preserved)
|
|
84
|
-
rendered = rendered.replace(RE_SIMPLE_VAR, (match, key) => {
|
|
85
|
-
if (data[key] !== undefined) {
|
|
86
|
-
if (!this.deprecationWarned) {
|
|
87
|
-
logger.warn('[MoroJS Security] Template uses unescaped interpolation {{' +
|
|
88
|
-
key +
|
|
89
|
-
'}}. Use {{=' +
|
|
90
|
-
key +
|
|
91
|
-
'}} for HTML-escaped output. Raw interpolation will be deprecated in a future major version.', 'TemplateCore');
|
|
92
|
-
this.deprecationWarned = true;
|
|
93
|
-
}
|
|
94
|
-
return String(data[key]);
|
|
95
|
-
}
|
|
96
|
-
return match;
|
|
86
|
+
return value !== undefined ? String(value) : match;
|
|
97
87
|
});
|
|
98
|
-
//
|
|
99
|
-
rendered = rendered.replace(
|
|
88
|
+
// Default: {{variable}} is HTML-escaped (Mustache/Handlebars convention).
|
|
89
|
+
rendered = rendered.replace(RE_VAR, (match, key) => {
|
|
100
90
|
const value = resolveNestedValue(data, key);
|
|
101
|
-
return value !== undefined ? String(value) : match;
|
|
91
|
+
return value !== undefined ? escapeHtml(String(value)) : match;
|
|
102
92
|
});
|
|
103
93
|
// Handle loops: {{#each items}}{{name}}{{/each}}
|
|
104
94
|
rendered = rendered.replace(RE_EACH_BLOCK, (match, arrayKey, template) => {
|
|
@@ -108,13 +98,15 @@ export class TemplateCore {
|
|
|
108
98
|
return array
|
|
109
99
|
.map(item => {
|
|
110
100
|
let itemTemplate = template;
|
|
111
|
-
//
|
|
112
|
-
itemTemplate = itemTemplate.replace(
|
|
113
|
-
|
|
101
|
+
// {{{key}}} raw inside loops
|
|
102
|
+
itemTemplate = itemTemplate.replace(RE_RAW_VAR, (match, key) => {
|
|
103
|
+
const value = resolveNestedValue(item, key);
|
|
104
|
+
return value !== undefined ? String(value) : match;
|
|
114
105
|
});
|
|
115
|
-
//
|
|
116
|
-
itemTemplate = itemTemplate.replace(
|
|
117
|
-
|
|
106
|
+
// {{key}} escaped inside loops
|
|
107
|
+
itemTemplate = itemTemplate.replace(RE_VAR, (match, key) => {
|
|
108
|
+
const value = resolveNestedValue(item, key);
|
|
109
|
+
return value !== undefined ? escapeHtml(String(value)) : match;
|
|
118
110
|
});
|
|
119
111
|
return itemTemplate;
|
|
120
112
|
})
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"core.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/template/core.ts"],"names":[],"mappings":"AAEA,OAAO,
|
|
1
|
+
{"version":3,"file":"core.js","sourceRoot":"","sources":["../../../../../src/core/middleware/built-in/template/core.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAE7B,MAAM,UAAU,GAA2B;IACzC,GAAG,EAAE,OAAO;IACZ,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,QAAQ;IACb,GAAG,EAAE,QAAQ;CACd,CAAC;AAEF,SAAS,UAAU,CAAC,GAAW;IAC7B,OAAO,GAAG,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,2EAA2E;AAC3E,8EAA8E;AAC9E,6EAA6E;AAC7E,MAAM,UAAU,GAAG,uBAAuB,CAAC;AAC3C,MAAM,MAAM,GAAG,mBAAmB,CAAC;AACnC,MAAM,aAAa,GAAG,0CAA0C,CAAC;AACjE,MAAM,WAAW,GAAG,sCAAsC,CAAC;AAE3D,SAAS,kBAAkB,CAAC,GAAQ,EAAE,IAAY;IAChD,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;IAC5C,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAM,EAAE,CAAS,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AACpE,CAAC;AASD,MAAM,OAAO,YAAY;IACf,KAAK,CAAS;IACd,MAAM,CAAS;IACf,KAAK,CAAU;IACf,aAAa,CAAU;IACvB,aAAa,GAAG,IAAI,GAAG,EAAkB,CAAC;IAElD,YAAY,OAAwB;QAClC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACzC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,MAAM,CAAC;QACvC,IAAI,CAAC,KAAK,GAAG,OAAO,CAAC,KAAK,KAAK,KAAK,CAAC;QACrC,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;IAC7C,CAAC;IAED,eAAe,CAAC,GAAgB,EAAE,GAAiB;QACjD,GAAG,CAAC,MAAM,GAAG,KAAK,EAAE,QAAgB,EAAE,OAAY,EAAE,EAAE,EAAE;YACtD,IAAI,CAAC;gBACH,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,GAAG,QAAQ,OAAO,CAAC,CAAC;gBAE/D,4EAA4E;gBAC5E,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC;gBACxF,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;oBAC3C,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;oBAC7D,OAAO;gBACT,CAAC;gBAED,IAAI,eAAuB,CAAC;gBAE5B,oBAAoB;gBACpB,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;oBACvD,oEAAoE;oBACpE,eAAe,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAE,CAAC;gBAC1D,CAAC;qBAAM,CAAC;oBACN,eAAe,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;oBAC3D,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;wBACf,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,EAAE,eAAe,CAAC,CAAC;oBACxD,CAAC;gBACH,CAAC;gBAED,yBAAyB;gBACzB,IAAI,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,eAAe,EAAE,IAAI,CAAC,CAAC;gBAE1D,gBAAgB;gBAChB,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;oBACvB,QAAQ,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;gBACpD,CAAC;gBAED,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,0BAA0B,CAAC,CAAC;gBAC1D,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACpB,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,YAAY,CAAC;gBAC3D,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC;oBACnB,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,2BAA2B;oBAClC,GAAG,CAAC,YAAY;wBACd,CAAC,CAAC,EAAE;wBACJ,CAAC,CAAC,EAAE,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;iBACzE,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC;IACJ,CAAC;IAEO,cAAc,CAAC,OAAe,EAAE,IAAS;QAC/C,IAAI,QAAQ,GAAG,OAAO,CAAC;QAEvB,0EAA0E;QAC1E,4EAA4E;QAC5E,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,KAAa,EAAE,GAAW,EAAE,EAAE;YACrE,MAAM,KAAK,GAAG,kBAAkB,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YAC5C,OAAO,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QACrD,CAAC,CAAC,CAAC;QAEH,0EAA0E;QAC1E,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,GAAW,EAAE,EAAE;YACjE,MAAM,KAAK,GAAG,kBAAkB,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;YAC5C,OAAO,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QACjE,CAAC,CAAC,CAAC;QAEH,iDAAiD;QACjD,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE;YACvE,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC7B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;gBAAE,OAAO,EAAE,CAAC;YAErC,OAAO,KAAK;iBACT,GAAG,CAAC,IAAI,CAAC,EAAE;gBACV,IAAI,YAAY,GAAG,QAAQ,CAAC;gBAC5B,6BAA6B;gBAC7B,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,KAAa,EAAE,GAAW,EAAE,EAAE;oBAC7E,MAAM,KAAK,GAAG,kBAAkB,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;oBAC5C,OAAO,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;gBACrD,CAAC,CAAC,CAAC;gBACH,+BAA+B;gBAC/B,YAAY,GAAG,YAAY,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,GAAW,EAAE,EAAE;oBACzE,MAAM,KAAK,GAAG,kBAAkB,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;oBAC5C,OAAO,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;gBACjE,CAAC,CAAC,CAAC;gBACH,OAAO,YAAY,CAAC;YACtB,CAAC,CAAC;iBACD,IAAI,CAAC,EAAE,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;QAEH,uDAAuD;QACvD,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,KAAK,EAAE,YAAY,EAAE,OAAO,EAAE,EAAE;YACxE,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC;YACrC,OAAO,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QAClC,CAAC,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,WAAW,CAAC,OAAe,EAAE,KAAU;QACnD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC,aAAa,OAAO,CAAC,CAAC;QAClF,IAAI,CAAC;YACH,IAAI,aAAqB,CAAC;YAE1B,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;gBACrD,oEAAoE;gBACpE,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,UAAU,CAAE,CAAC;YACtD,CAAC;iBAAM,CAAC;gBACN,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;gBACvD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;oBACf,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC;YAED,OAAO,aAAa,CAAC,OAAO,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;QACxD,CAAC;QAAC,MAAM,CAAC;YACP,yCAAyC;YACzC,OAAO,OAAO,CAAC;QACjB,CAAC;IACH,CAAC;IAED,UAAU;QACR,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,CAAC;IAC7B,CAAC;CACF"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
import type { Middleware } from '../../types/http.js';
|
|
2
|
+
/**
|
|
3
|
+
* Standalone router. Collects routes and middlewares, then mounts them onto an
|
|
4
|
+
* app at a given prefix via `app.use(prefix, router)` or `router.mount(app, prefix)`.
|
|
5
|
+
*
|
|
6
|
+
* @example
|
|
7
|
+
* const r = createRouter();
|
|
8
|
+
* r.get('/users', getUsers);
|
|
9
|
+
* r.post('/users', createUser);
|
|
10
|
+
* app.use('/api', r);
|
|
11
|
+
*/
|
|
12
|
+
export declare class MoroRouter {
|
|
13
|
+
/** @internal — tag used by app.use(path, router) to detect router instances. */
|
|
14
|
+
readonly _morojsRouter = true;
|
|
15
|
+
private routes;
|
|
16
|
+
private globalMiddlewares;
|
|
17
|
+
use(...middleware: Middleware[]): this;
|
|
18
|
+
get(path: string, ...handlers: any[]): this;
|
|
19
|
+
post(path: string, ...handlers: any[]): this;
|
|
20
|
+
put(path: string, ...handlers: any[]): this;
|
|
21
|
+
delete(path: string, ...handlers: any[]): this;
|
|
22
|
+
patch(path: string, ...handlers: any[]): this;
|
|
23
|
+
head(path: string, ...handlers: any[]): this;
|
|
24
|
+
options(path: string, ...handlers: any[]): this;
|
|
25
|
+
/** Register the same handler(s) for all HTTP methods on the path. */
|
|
26
|
+
all(path: string, ...handlers: any[]): this;
|
|
27
|
+
private addRoute;
|
|
28
|
+
/** Mount all collected routes onto `app` at the given prefix. */
|
|
29
|
+
mount(app: any, prefix?: string): void;
|
|
30
|
+
}
|
|
31
|
+
/** Factory for a standalone router. */
|
|
32
|
+
export declare function createRouter(): MoroRouter;
|
|
@@ -0,0 +1,87 @@
|
|
|
1
|
+
// Standalone router — collects route registrations and mounts them onto an app
|
|
2
|
+
// at a given prefix. Equivalent semantics to Express's Router(), so migrations
|
|
3
|
+
// from Express become a one-token swap: `express.Router()` → `createRouter()`.
|
|
4
|
+
/**
|
|
5
|
+
* Standalone router. Collects routes and middlewares, then mounts them onto an
|
|
6
|
+
* app at a given prefix via `app.use(prefix, router)` or `router.mount(app, prefix)`.
|
|
7
|
+
*
|
|
8
|
+
* @example
|
|
9
|
+
* const r = createRouter();
|
|
10
|
+
* r.get('/users', getUsers);
|
|
11
|
+
* r.post('/users', createUser);
|
|
12
|
+
* app.use('/api', r);
|
|
13
|
+
*/
|
|
14
|
+
export class MoroRouter {
|
|
15
|
+
/** @internal — tag used by app.use(path, router) to detect router instances. */
|
|
16
|
+
_morojsRouter = true;
|
|
17
|
+
routes = [];
|
|
18
|
+
globalMiddlewares = [];
|
|
19
|
+
use(...middleware) {
|
|
20
|
+
for (const mw of middleware)
|
|
21
|
+
this.globalMiddlewares.push(mw);
|
|
22
|
+
return this;
|
|
23
|
+
}
|
|
24
|
+
get(path, ...handlers) {
|
|
25
|
+
return this.addRoute('GET', path, handlers);
|
|
26
|
+
}
|
|
27
|
+
post(path, ...handlers) {
|
|
28
|
+
return this.addRoute('POST', path, handlers);
|
|
29
|
+
}
|
|
30
|
+
put(path, ...handlers) {
|
|
31
|
+
return this.addRoute('PUT', path, handlers);
|
|
32
|
+
}
|
|
33
|
+
delete(path, ...handlers) {
|
|
34
|
+
return this.addRoute('DELETE', path, handlers);
|
|
35
|
+
}
|
|
36
|
+
patch(path, ...handlers) {
|
|
37
|
+
return this.addRoute('PATCH', path, handlers);
|
|
38
|
+
}
|
|
39
|
+
head(path, ...handlers) {
|
|
40
|
+
return this.addRoute('HEAD', path, handlers);
|
|
41
|
+
}
|
|
42
|
+
options(path, ...handlers) {
|
|
43
|
+
return this.addRoute('OPTIONS', path, handlers);
|
|
44
|
+
}
|
|
45
|
+
/** Register the same handler(s) for all HTTP methods on the path. */
|
|
46
|
+
all(path, ...handlers) {
|
|
47
|
+
const methods = [
|
|
48
|
+
'GET',
|
|
49
|
+
'POST',
|
|
50
|
+
'PUT',
|
|
51
|
+
'DELETE',
|
|
52
|
+
'PATCH',
|
|
53
|
+
'HEAD',
|
|
54
|
+
'OPTIONS',
|
|
55
|
+
];
|
|
56
|
+
for (const m of methods)
|
|
57
|
+
this.addRoute(m, path, handlers);
|
|
58
|
+
return this;
|
|
59
|
+
}
|
|
60
|
+
addRoute(method, path, handlers) {
|
|
61
|
+
if (handlers.length === 0) {
|
|
62
|
+
throw new Error(`${method} ${path}: handler is required`);
|
|
63
|
+
}
|
|
64
|
+
const handler = handlers[handlers.length - 1];
|
|
65
|
+
const middlewares = handlers.slice(0, -1);
|
|
66
|
+
this.routes.push({ method, path, middlewares, handler });
|
|
67
|
+
return this;
|
|
68
|
+
}
|
|
69
|
+
/** Mount all collected routes onto `app` at the given prefix. */
|
|
70
|
+
mount(app, prefix = '') {
|
|
71
|
+
const normalizedPrefix = prefix && !prefix.startsWith('/') ? `/${prefix}` : prefix;
|
|
72
|
+
const cleanPrefix = normalizedPrefix.endsWith('/')
|
|
73
|
+
? normalizedPrefix.slice(0, -1)
|
|
74
|
+
: normalizedPrefix;
|
|
75
|
+
for (const route of this.routes) {
|
|
76
|
+
const fullPath = cleanPrefix + (route.path.startsWith('/') ? route.path : `/${route.path}`);
|
|
77
|
+
const combinedMiddleware = [...this.globalMiddlewares, ...route.middlewares];
|
|
78
|
+
const method = route.method.toLowerCase();
|
|
79
|
+
app[method](fullPath, route.handler, { middleware: combinedMiddleware });
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
/** Factory for a standalone router. */
|
|
84
|
+
export function createRouter() {
|
|
85
|
+
return new MoroRouter();
|
|
86
|
+
}
|
|
87
|
+
//# sourceMappingURL=create-router.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"create-router.js","sourceRoot":"","sources":["../../../src/core/routing/create-router.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,+EAA+E;AAC/E,+EAA+E;AAW/E;;;;;;;;;GASG;AACH,MAAM,OAAO,UAAU;IACrB,gFAAgF;IACvE,aAAa,GAAG,IAAI,CAAC;IACtB,MAAM,GAAiB,EAAE,CAAC;IAC1B,iBAAiB,GAAiB,EAAE,CAAC;IAE7C,GAAG,CAAC,GAAG,UAAwB;QAC7B,KAAK,MAAM,EAAE,IAAI,UAAU;YAAE,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7D,OAAO,IAAI,CAAC;IACd,CAAC;IAED,GAAG,CAAC,IAAY,EAAE,GAAG,QAAe;QAClC,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC9C,CAAC;IACD,IAAI,CAAC,IAAY,EAAE,GAAG,QAAe;QACnC,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC/C,CAAC;IACD,GAAG,CAAC,IAAY,EAAE,GAAG,QAAe;QAClC,OAAO,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC9C,CAAC;IACD,MAAM,CAAC,IAAY,EAAE,GAAG,QAAe;QACrC,OAAO,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;IACjD,CAAC;IACD,KAAK,CAAC,IAAY,EAAE,GAAG,QAAe;QACpC,OAAO,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;IAChD,CAAC;IACD,IAAI,CAAC,IAAY,EAAE,GAAG,QAAe;QACnC,OAAO,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC/C,CAAC;IACD,OAAO,CAAC,IAAY,EAAE,GAAG,QAAe;QACtC,OAAO,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;IAClD,CAAC;IAED,qEAAqE;IACrE,GAAG,CAAC,IAAY,EAAE,GAAG,QAAe;QAClC,MAAM,OAAO,GAA2B;YACtC,KAAK;YACL,MAAM;YACN,KAAK;YACL,QAAQ;YACR,OAAO;YACP,MAAM;YACN,SAAS;SACV,CAAC;QACF,KAAK,MAAM,CAAC,IAAI,OAAO;YAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC;QAC1D,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,QAAQ,CAAC,MAA4B,EAAE,IAAY,EAAE,QAAe;QAC1E,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,MAAM,IAAI,KAAK,CAAC,GAAG,MAAM,IAAI,IAAI,uBAAuB,CAAC,CAAC;QAC5D,CAAC;QACD,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC9C,MAAM,WAAW,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAiB,CAAC;QAC1D,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,iEAAiE;IACjE,KAAK,CAAC,GAAQ,EAAE,MAAM,GAAG,EAAE;QACzB,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,MAAM,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;QACnF,MAAM,WAAW,GAAG,gBAAgB,CAAC,QAAQ,CAAC,GAAG,CAAC;YAChD,CAAC,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YAC/B,CAAC,CAAC,gBAAgB,CAAC;QAErB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,WAAW,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YAC5F,MAAM,kBAAkB,GAAG,CAAC,GAAG,IAAI,CAAC,iBAAiB,EAAE,GAAG,KAAK,CAAC,WAAW,CAAC,CAAC;YAC7E,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,WAAW,EAO1B,CAAC;YACd,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,KAAK,CAAC,OAAO,EAAE,EAAE,UAAU,EAAE,kBAAkB,EAAE,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC;CACF;AAED,uCAAuC;AACvC,MAAM,UAAU,YAAY;IAC1B,OAAO,IAAI,UAAU,EAAE,CAAC;AAC1B,CAAC"}
|
|
@@ -59,6 +59,9 @@ export declare class UnifiedRouter {
|
|
|
59
59
|
private radixRouter;
|
|
60
60
|
private stats;
|
|
61
61
|
constructor();
|
|
62
|
+
private errorHandler?;
|
|
63
|
+
setErrorHandler(fn: (err: any, req: HttpRequest, res: HttpResponse) => any | Promise<any>): void;
|
|
64
|
+
private invokeErrorHandler;
|
|
62
65
|
/**
|
|
63
66
|
* Get singleton instance (optional - can still create new instances)
|
|
64
67
|
*/
|