@nexus_js/server 0.8.0 → 0.9.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/actions.d.ts +46 -8
- package/dist/actions.d.ts.map +1 -1
- package/dist/actions.js +169 -17
- package/dist/actions.js.map +1 -1
- package/dist/context.d.ts +21 -1
- package/dist/context.d.ts.map +1 -1
- package/dist/context.js +12 -3
- package/dist/context.js.map +1 -1
- package/dist/csrf.d.ts +16 -2
- package/dist/csrf.d.ts.map +1 -1
- package/dist/csrf.js +26 -9
- package/dist/csrf.js.map +1 -1
- package/dist/index.d.ts +29 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +61 -15
- package/dist/index.js.map +1 -1
- package/dist/metadata.d.ts +91 -0
- package/dist/metadata.d.ts.map +1 -0
- package/dist/metadata.js +128 -0
- package/dist/metadata.js.map +1 -0
- package/dist/navigate.d.ts +0 -5
- package/dist/navigate.d.ts.map +1 -1
- package/dist/navigate.js +0 -1
- package/dist/navigate.js.map +1 -1
- package/dist/rate-limit.d.ts.map +1 -1
- package/dist/rate-limit.js +27 -14
- package/dist/rate-limit.js.map +1 -1
- package/dist/renderer.d.ts +18 -3
- package/dist/renderer.d.ts.map +1 -1
- package/dist/renderer.js +56 -18
- package/dist/renderer.js.map +1 -1
- package/dist/streaming.d.ts +3 -3
- package/dist/streaming.d.ts.map +1 -1
- package/dist/streaming.js +33 -13
- package/dist/streaming.js.map +1 -1
- package/package.json +7 -7
package/dist/actions.d.ts
CHANGED
|
@@ -29,6 +29,25 @@
|
|
|
29
29
|
*/
|
|
30
30
|
import type { NexusContext } from './context.js';
|
|
31
31
|
import { type RateLimitConfig } from './rate-limit.js';
|
|
32
|
+
/**
|
|
33
|
+
* Zod-compatible schema interface.
|
|
34
|
+
* Supports `.parse()` (throws on failure) and optionally `.safeParse()` (returns structured errors).
|
|
35
|
+
* Works with Zod, Valibot, ArkType, Superstruct, and any schema library following this contract.
|
|
36
|
+
*/
|
|
37
|
+
export interface NexusSchema<T> {
|
|
38
|
+
parse(data: unknown): T;
|
|
39
|
+
/** Optional — when present, used to extract structured field errors (Zod format). */
|
|
40
|
+
safeParse?: (data: unknown) => {
|
|
41
|
+
success: boolean;
|
|
42
|
+
error?: {
|
|
43
|
+
issues?: Array<{
|
|
44
|
+
path: Array<string | number>;
|
|
45
|
+
message: string;
|
|
46
|
+
}>;
|
|
47
|
+
};
|
|
48
|
+
data?: T;
|
|
49
|
+
};
|
|
50
|
+
}
|
|
32
51
|
export type ActionFn<TInput = FormData, TOutput = void> = (input: TInput, ctx: NexusContext & {
|
|
33
52
|
signal: AbortSignal;
|
|
34
53
|
}) => Promise<TOutput>;
|
|
@@ -70,13 +89,23 @@ export interface ActionOptions {
|
|
|
70
89
|
*/
|
|
71
90
|
csrf?: boolean;
|
|
72
91
|
/**
|
|
73
|
-
*
|
|
74
|
-
*
|
|
75
|
-
*
|
|
92
|
+
* Zod-compatible schema for input validation.
|
|
93
|
+
* The action rejects invalid input **before** calling the handler —
|
|
94
|
+
* preventing SQL injection, type coercion attacks, and untrusted data reaching business logic.
|
|
95
|
+
*
|
|
96
|
+
* Accepts any object with a `.parse()` method (Zod, Valibot, ArkType, etc.)
|
|
97
|
+
* or `.safeParse()` for structured error extraction.
|
|
98
|
+
*
|
|
99
|
+
* @example
|
|
100
|
+
* ```ts
|
|
101
|
+
* import { z } from 'zod';
|
|
102
|
+
* export const updateUser = createAction({
|
|
103
|
+
* schema: z.object({ name: z.string().min(1).max(100), age: z.number().int().min(0) }),
|
|
104
|
+
* handler: async ({ name, age }, ctx) => { ... },
|
|
105
|
+
* });
|
|
106
|
+
* ```
|
|
76
107
|
*/
|
|
77
|
-
schema?:
|
|
78
|
-
parse: (data: unknown) => unknown;
|
|
79
|
-
};
|
|
108
|
+
schema?: NexusSchema<unknown>;
|
|
80
109
|
/**
|
|
81
110
|
* Maximum request body size in bytes. Default: 10 MB.
|
|
82
111
|
* Lower this for actions that only receive small form payloads (e.g. login forms).
|
|
@@ -93,13 +122,18 @@ export interface ActionResult<T = unknown> {
|
|
|
93
122
|
/** Server-side execution time in ms */
|
|
94
123
|
duration?: number;
|
|
95
124
|
}
|
|
125
|
+
/**
|
|
126
|
+
* Verifies an action name signature. Returns true if the signature is valid or
|
|
127
|
+
* if we are in dev mode (no NEXUS_SECRET set — signature is optional in dev).
|
|
128
|
+
*/
|
|
129
|
+
export declare function verifyActionSig(name: string, sig: string | null): boolean;
|
|
96
130
|
/**
|
|
97
131
|
* Defines a Server Action with integrated security, rate limiting, and
|
|
98
132
|
* race-condition management. The returned object is registered automatically
|
|
99
133
|
* and ready to be called by the client.
|
|
100
134
|
*
|
|
101
135
|
* Security layers applied (in order):
|
|
102
|
-
* 1. CSRF
|
|
136
|
+
* 1. CSRF: custom header `x-nexus-action: 1` (Tier 1) + optional HMAC token (Tier 2)
|
|
103
137
|
* 2. Rate limiting (sliding window, per-IP or per-user)
|
|
104
138
|
* 3. Input schema validation (Zod or any .parse() compatible schema)
|
|
105
139
|
* 4. AbortController (client disconnect + timeout)
|
|
@@ -126,7 +160,11 @@ export declare function getRegisteredActionNames(): ReadonlySet<string>;
|
|
|
126
160
|
export declare class ActionError extends Error {
|
|
127
161
|
readonly status: number;
|
|
128
162
|
readonly code?: string | undefined;
|
|
129
|
-
|
|
163
|
+
/** Structured field-level validation errors (Zod-style). Key: field path, Value: message. */
|
|
164
|
+
readonly fieldErrors?: Record<string, string> | undefined;
|
|
165
|
+
constructor(message: string, status?: number, code?: string | undefined,
|
|
166
|
+
/** Structured field-level validation errors (Zod-style). Key: field path, Value: message. */
|
|
167
|
+
fieldErrors?: Record<string, string> | undefined);
|
|
130
168
|
}
|
|
131
169
|
export declare class ActionAbortedError extends ActionError {
|
|
132
170
|
constructor();
|
package/dist/actions.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"actions.d.ts","sourceRoot":"","sources":["../src/actions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAOjD,OAAO,EAKL,KAAK,eAAe,EACrB,MAAM,iBAAiB,CAAC;AAKzB,MAAM,MAAM,QAAQ,CAAC,MAAM,GAAG,QAAQ,EAAE,OAAO,GAAG,IAAI,IAAI,CACxD,KAAK,EAAE,MAAM,EACb,GAAG,EAAE,YAAY,GAAG;IAAE,MAAM,EAAE,WAAW,CAAA;CAAE,KACxC,OAAO,CAAC,OAAO,CAAC,CAAC;AAEtB,MAAM,MAAM,YAAY,GAAG,QAAQ,GAAG,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAEpE,MAAM,WAAW,aAAa;IAC5B;;;;;;OAMG;IACH,IAAI,CAAC,EAAE,YAAY,CAAC;IACpB;;;OAGG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB;;;;OAIG;IACH,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B;;;;OAIG;IACH,IAAI,CAAC,EAAE,OAAO,CAAC;IACf
|
|
1
|
+
{"version":3,"file":"actions.d.ts","sourceRoot":"","sources":["../src/actions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AAOjD,OAAO,EAKL,KAAK,eAAe,EACrB,MAAM,iBAAiB,CAAC;AAKzB;;;;GAIG;AACH,MAAM,WAAW,WAAW,CAAC,CAAC;IAC5B,KAAK,CAAC,IAAI,EAAE,OAAO,GAAG,CAAC,CAAC;IACxB,qFAAqF;IACrF,SAAS,CAAC,EAAE,CAAC,IAAI,EAAE,OAAO,KAAK;QAC7B,OAAO,EAAE,OAAO,CAAC;QACjB,KAAK,CAAC,EAAE;YAAE,MAAM,CAAC,EAAE,KAAK,CAAC;gBAAE,IAAI,EAAE,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC;gBAAC,OAAO,EAAE,MAAM,CAAA;aAAE,CAAC,CAAA;SAAE,CAAC;QAC9E,IAAI,CAAC,EAAE,CAAC,CAAC;KACV,CAAC;CACH;AAED,MAAM,MAAM,QAAQ,CAAC,MAAM,GAAG,QAAQ,EAAE,OAAO,GAAG,IAAI,IAAI,CACxD,KAAK,EAAE,MAAM,EACb,GAAG,EAAE,YAAY,GAAG;IAAE,MAAM,EAAE,WAAW,CAAA;CAAE,KACxC,OAAO,CAAC,OAAO,CAAC,CAAC;AAEtB,MAAM,MAAM,YAAY,GAAG,QAAQ,GAAG,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAEpE,MAAM,WAAW,aAAa;IAC5B;;;;;;OAMG;IACH,IAAI,CAAC,EAAE,YAAY,CAAC;IACpB;;;OAGG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB;;;;OAIG;IACH,SAAS,CAAC,EAAE,eAAe,CAAC;IAC5B;;;;OAIG;IACH,IAAI,CAAC,EAAE,OAAO,CAAC;IACf;;;;;;;;;;;;;;;;OAgBG;IACH,MAAM,CAAC,EAAE,WAAW,CAAC,OAAO,CAAC,CAAC;IAC9B;;;;OAIG;IACH,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,YAAY,CAAC,CAAC,GAAG,OAAO;IACvC,IAAI,CAAC,EAAE,CAAC,CAAC;IACT,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,8CAA8C;IAC9C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,uCAAuC;IACvC,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAyCD;;;GAGG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,IAAI,GAAG,OAAO,CAUzE;AAiCD;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAgB,YAAY,CAAC,MAAM,GAAG,QAAQ,EAAE,OAAO,GAAG,IAAI,EAC5D,QAAQ,EACJ,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,GACzB,CAAC,aAAa,GAAG;IAAE,OAAO,EAAE,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAAE,CAAC,EAC5D,UAAU,GAAE,aAAkB,GAC7B,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CA2D3B;AAED,wBAAgB,cAAc,CAC5B,IAAI,EAAE,MAAM,EACZ,EAAE,EAAE,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,EAC9B,IAAI,GAAE,aAAkB,GACvB,IAAI,CAKN;AAED,8FAA8F;AAC9F,wBAAgB,wBAAwB,IAAI,WAAW,CAAC,MAAM,CAAC,CAE9D;AAED,qBAAa,WAAY,SAAQ,KAAK;aAGlB,MAAM,EAAE,MAAM;aACd,IAAI,CAAC,EAAE,MAAM;IAC7B,6FAA6F;aAC7E,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;gBAJpD,OAAO,EAAE,MAAM,EACC,MAAM,GAAE,MAAY,EACpB,IAAI,CAAC,EAAE,MAAM,YAAA;IAC7B,6FAA6F;IAC7E,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,YAAA;CAKvD;AAED,qBAAa,kBAAmB,SAAQ,WAAW;;CAIlD;AA2CD;;;GAGG;AACH,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,CA2b7E;AAED;;;;;;;GAOG;AACH,wBAAsB,eAAe,CAAC,GAAG,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAsCtE;AAGD,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAC1G,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACjF,YAAY,EAAE,eAAe,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAErF;;;;GAIG;AACH,wBAAgB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAQ9C;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAkClD;AAID;;;;;;;;;;;;GAYG;AACH,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,MAAM,EACZ,QAAQ,GAAE,YAAuB,GAChC;IACD,GAAG,EAAE,MAAM,WAAW,CAAC;IACvB,KAAK,EAAE,MAAM,IAAI,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,EAAE,OAAO,CAAC;CAClB,CAyBA"}
|
package/dist/actions.js
CHANGED
|
@@ -31,7 +31,7 @@ import { createContext, NotFoundSignal, RedirectSignal } from './context.js';
|
|
|
31
31
|
import { serialize, deserialize } from '@nexus_js/serialize';
|
|
32
32
|
import { validateActionToken, extractSessionId, ACTION_TOKEN_HEADER, } from './csrf.js';
|
|
33
33
|
import { createRateLimiter, registerLimiter, getLimiter, RateLimitError, } from './rate-limit.js';
|
|
34
|
-
import { randomUUID } from 'node:crypto';
|
|
34
|
+
import { randomUUID, createHmac, timingSafeEqual } from 'node:crypto';
|
|
35
35
|
import { emitDevRadar, newTraceId, sanitizeTelemetryValue } from './devradar.js';
|
|
36
36
|
import { getExpectedNexusBuildId } from './build-id.js';
|
|
37
37
|
const ACTION_PREFIX = '/_nexus/action/';
|
|
@@ -42,14 +42,47 @@ const IDEMPOTENCY_TTL = 30_000; // 30 seconds
|
|
|
42
42
|
const inFlightActions = new Map();
|
|
43
43
|
const actionQueues = new Map();
|
|
44
44
|
const actionRegistry = new Map();
|
|
45
|
+
/**
|
|
46
|
+
* Generates an HMAC-SHA256 signature for an action name.
|
|
47
|
+
* Used to sign action URLs at SSR time so the server can verify they originated
|
|
48
|
+
* from a server-rendered page — not from an attacker enumerating action names.
|
|
49
|
+
* Skipped in dev (no NEXUS_SECRET required in dev mode).
|
|
50
|
+
*/
|
|
51
|
+
function signActionName(name) {
|
|
52
|
+
const secret = process.env['NEXUS_SECRET'];
|
|
53
|
+
if (!secret || secret === 'nexus-dev-secret-change-me')
|
|
54
|
+
return null;
|
|
55
|
+
return createHmac('sha256', secret).update(`action:${name}`).digest('base64url').slice(0, 16);
|
|
56
|
+
}
|
|
57
|
+
/**
|
|
58
|
+
* Verifies an action name signature. Returns true if the signature is valid or
|
|
59
|
+
* if we are in dev mode (no NEXUS_SECRET set — signature is optional in dev).
|
|
60
|
+
*/
|
|
61
|
+
export function verifyActionSig(name, sig) {
|
|
62
|
+
const expected = signActionName(name);
|
|
63
|
+
if (expected === null)
|
|
64
|
+
return true; // dev mode — skip verification
|
|
65
|
+
if (!sig)
|
|
66
|
+
return false;
|
|
67
|
+
// Constant-time comparison (sig is 16 base64url chars = 96 bits)
|
|
68
|
+
try {
|
|
69
|
+
return timingSafeEqual(Buffer.from(expected), Buffer.from(sig));
|
|
70
|
+
}
|
|
71
|
+
catch {
|
|
72
|
+
return false;
|
|
73
|
+
}
|
|
74
|
+
}
|
|
45
75
|
/**
|
|
46
76
|
* SSR and islands coerce `action={myAction}` with `String(myAction)`. The value is the
|
|
47
77
|
* wrapper from `createAction`, whose default `Function#toString()` is the entire wrapper
|
|
48
78
|
* source (CSRF, rate limit, …) — that string was being used as the form URL. After
|
|
49
79
|
* registration we pin `toString` / `@@toPrimitive` to the real POST path.
|
|
80
|
+
* In production (NEXUS_SECRET is set), the URL carries an HMAC query param
|
|
81
|
+
* (`?__sig=…`) so the server can reject calls with unsigned / forged action URLs.
|
|
50
82
|
*/
|
|
51
83
|
function patchRegisteredActionStringCoercion(fn, name) {
|
|
52
|
-
const
|
|
84
|
+
const sig = signActionName(name);
|
|
85
|
+
const url = sig ? `${ACTION_PREFIX}${name}?__sig=${sig}` : `${ACTION_PREFIX}${name}`;
|
|
53
86
|
Object.defineProperty(fn, 'toString', {
|
|
54
87
|
value: function nexusActionUrlString() {
|
|
55
88
|
return url;
|
|
@@ -75,7 +108,7 @@ function patchRegisteredActionStringCoercion(fn, name) {
|
|
|
75
108
|
* and ready to be called by the client.
|
|
76
109
|
*
|
|
77
110
|
* Security layers applied (in order):
|
|
78
|
-
* 1. CSRF
|
|
111
|
+
* 1. CSRF: custom header `x-nexus-action: 1` (Tier 1) + optional HMAC token (Tier 2)
|
|
79
112
|
* 2. Rate limiting (sliding window, per-IP or per-user)
|
|
80
113
|
* 3. Input schema validation (Zod or any .parse() compatible schema)
|
|
81
114
|
* 4. AbortController (client disconnect + timeout)
|
|
@@ -111,14 +144,33 @@ export function createAction(optsOrFn, legacyOpts = {}) {
|
|
|
111
144
|
throw new RateLimitError(result);
|
|
112
145
|
}
|
|
113
146
|
}
|
|
114
|
-
// 3. Schema validation
|
|
147
|
+
// 3. Schema validation — fail-fast before any business logic or DB access
|
|
115
148
|
if (opts.schema) {
|
|
116
|
-
|
|
117
|
-
|
|
149
|
+
if (typeof opts.schema.safeParse === 'function') {
|
|
150
|
+
// Structured path: extract field-level errors for the client
|
|
151
|
+
const result = opts.schema.safeParse(input);
|
|
152
|
+
if (!result.success) {
|
|
153
|
+
const issues = result.error?.issues ?? [];
|
|
154
|
+
const fieldErrors = {};
|
|
155
|
+
for (const issue of issues) {
|
|
156
|
+
const path = issue.path.join('.') || '_root';
|
|
157
|
+
fieldErrors[path] = issue.message;
|
|
158
|
+
}
|
|
159
|
+
throw new ActionError(issues.length > 0
|
|
160
|
+
? `Validation failed: ${issues.map((i) => `${i.path.join('.') || 'input'} — ${i.message}`).join('; ')}`
|
|
161
|
+
: 'Input validation failed', 400, 'VALIDATION_ERROR', fieldErrors);
|
|
162
|
+
}
|
|
163
|
+
if (result.data !== undefined)
|
|
164
|
+
input = result.data;
|
|
118
165
|
}
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
166
|
+
else {
|
|
167
|
+
try {
|
|
168
|
+
input = opts.schema.parse(input);
|
|
169
|
+
}
|
|
170
|
+
catch (err) {
|
|
171
|
+
const msg = err instanceof Error ? err.message : 'Input validation failed';
|
|
172
|
+
throw new ActionError(`Invalid input: ${msg}`, 400, 'VALIDATION_ERROR');
|
|
173
|
+
}
|
|
122
174
|
}
|
|
123
175
|
}
|
|
124
176
|
return fn(input, ctx);
|
|
@@ -138,10 +190,14 @@ export function getRegisteredActionNames() {
|
|
|
138
190
|
export class ActionError extends Error {
|
|
139
191
|
status;
|
|
140
192
|
code;
|
|
141
|
-
|
|
193
|
+
fieldErrors;
|
|
194
|
+
constructor(message, status = 400, code,
|
|
195
|
+
/** Structured field-level validation errors (Zod-style). Key: field path, Value: message. */
|
|
196
|
+
fieldErrors) {
|
|
142
197
|
super(message);
|
|
143
198
|
this.status = status;
|
|
144
199
|
this.code = code;
|
|
200
|
+
this.fieldErrors = fieldErrors;
|
|
145
201
|
this.name = 'ActionError';
|
|
146
202
|
}
|
|
147
203
|
}
|
|
@@ -150,6 +206,41 @@ export class ActionAbortedError extends ActionError {
|
|
|
150
206
|
super('Action was superseded by a newer request', 409, 'ABORTED');
|
|
151
207
|
}
|
|
152
208
|
}
|
|
209
|
+
/**
|
|
210
|
+
* Detects whether a request originates from a plain HTML form (no JS).
|
|
211
|
+
*
|
|
212
|
+
* A "native form" request:
|
|
213
|
+
* - Has `Content-Type: application/x-www-form-urlencoded`
|
|
214
|
+
* - Does NOT have the `x-nexus-action` custom header (added by the JS runtime)
|
|
215
|
+
* - Does NOT explicitly request `application/json` in Accept
|
|
216
|
+
*
|
|
217
|
+
* When true, the action handler responds with 303 redirects instead of JSON
|
|
218
|
+
* (Progressive Enhancement — the action works even when JS is disabled).
|
|
219
|
+
*/
|
|
220
|
+
function isNativeFormRequest(request) {
|
|
221
|
+
const ct = request.headers.get('content-type') ?? '';
|
|
222
|
+
const hasNexusHeader = request.headers.has('x-nexus-action');
|
|
223
|
+
const acceptsJson = (request.headers.get('accept') ?? '').includes('application/json');
|
|
224
|
+
return (ct.includes('application/x-www-form-urlencoded') &&
|
|
225
|
+
!hasNexusHeader &&
|
|
226
|
+
!acceptsJson);
|
|
227
|
+
}
|
|
228
|
+
/**
|
|
229
|
+
* Builds a 303 See Other redirect for progressive-enhancement form submissions.
|
|
230
|
+
* Follows the Post/Redirect/Get pattern to prevent duplicate submissions on refresh.
|
|
231
|
+
*
|
|
232
|
+
* Redirect target priority:
|
|
233
|
+
* 1. `__redirectTo` hidden field in the form
|
|
234
|
+
* 2. `Referer` header (the page that submitted the form)
|
|
235
|
+
* 3. `/` as final fallback
|
|
236
|
+
*/
|
|
237
|
+
function formRedirect(request, formData, status = 303) {
|
|
238
|
+
const redirectTo = formData.get('__redirectTo') ??
|
|
239
|
+
request.headers.get('referer') ??
|
|
240
|
+
'/';
|
|
241
|
+
const headers = new Headers({ location: redirectTo });
|
|
242
|
+
return new Response(null, { status, headers });
|
|
243
|
+
}
|
|
153
244
|
/**
|
|
154
245
|
* Main HTTP handler for /_nexus/action/:name
|
|
155
246
|
* This is where all the race-condition logic runs.
|
|
@@ -165,6 +256,7 @@ export async function handleActionRequest(request) {
|
|
|
165
256
|
headers: { allow: 'POST' },
|
|
166
257
|
});
|
|
167
258
|
}
|
|
259
|
+
const nativeForm = isNativeFormRequest(request);
|
|
168
260
|
// ── Guard: opaque (null) Origin ────────────────────────────────────────────
|
|
169
261
|
// Sandboxed iframes (<iframe sandbox> without allow-same-origin) and data:
|
|
170
262
|
// URIs send the string "null" as the Origin header. This is never a
|
|
@@ -191,6 +283,23 @@ export async function handleActionRequest(request) {
|
|
|
191
283
|
if (!registered) {
|
|
192
284
|
return jsonResponse({ error: `Action "${actionName}" not found`, status: 404 }, 404);
|
|
193
285
|
}
|
|
286
|
+
// ── Action URL signature verification (production only) ───────────────────
|
|
287
|
+
// In production (NEXUS_SECRET is set), action URLs are HMAC-signed during SSR.
|
|
288
|
+
// A request without a valid signature means the URL was manually crafted or
|
|
289
|
+
// the action name was enumerated — not server-rendered.
|
|
290
|
+
// In dev mode (no secret), signature check is skipped so hot-reload works.
|
|
291
|
+
const actionSig = url.searchParams.get('__sig');
|
|
292
|
+
if (!verifyActionSig(actionName, actionSig)) {
|
|
293
|
+
emitDevRadar({
|
|
294
|
+
type: 'security:audit',
|
|
295
|
+
payload: {
|
|
296
|
+
kind: 'csrf_blocked',
|
|
297
|
+
message: 'Action URL signature missing or invalid — possible action enumeration',
|
|
298
|
+
action: actionName,
|
|
299
|
+
},
|
|
300
|
+
});
|
|
301
|
+
return jsonResponse({ error: 'Invalid action URL', status: 403, code: 'INVALID_ACTION_SIG' }, 403);
|
|
302
|
+
}
|
|
194
303
|
// ── Build ID (client–server contract) ─────────────────────────────────────
|
|
195
304
|
// When `.nexus/build-id.json` exists (after `nexus build`), every action call
|
|
196
305
|
// must carry `x-nexus-build-id` matching that file. Stale tabs from a prior
|
|
@@ -221,7 +330,7 @@ export async function handleActionRequest(request) {
|
|
|
221
330
|
//
|
|
222
331
|
// Tier 1 — Custom header (default): Browsers cannot add arbitrary headers to
|
|
223
332
|
// cross-origin requests without a CORS preflight the server will reject.
|
|
224
|
-
// Requiring `x-nexus-action
|
|
333
|
+
// Requiring a non-empty `x-nexus-action` header blocks form-based CSRF from
|
|
225
334
|
// foreign origins without needing token generation on the server.
|
|
226
335
|
//
|
|
227
336
|
// Tier 2 — HMAC token (opt-in): When `x-nexus-action-token` is present the
|
|
@@ -238,7 +347,13 @@ export async function handleActionRequest(request) {
|
|
|
238
347
|
const nexusHeader = request.headers.get('x-nexus-action');
|
|
239
348
|
if (token) {
|
|
240
349
|
// Tier 2: full HMAC validation
|
|
241
|
-
const
|
|
350
|
+
const envSecret = process.env['NEXUS_SECRET'];
|
|
351
|
+
if (!envSecret && process.env['NODE_ENV'] === 'production') {
|
|
352
|
+
// listen() already blocks start without NEXUS_SECRET; this catches
|
|
353
|
+
// edge-runtimes / tests that bypass createNexusServer.
|
|
354
|
+
return jsonResponse({ error: 'Server misconfiguration: NEXUS_SECRET not set', status: 500, code: 'INSECURE_SECRET' }, 500);
|
|
355
|
+
}
|
|
356
|
+
const secret = envSecret ?? 'nexus-dev-secret-change-me';
|
|
242
357
|
const sessionId = extractSessionId(request);
|
|
243
358
|
const validation = validateActionToken(token, sessionId, actionName, secret);
|
|
244
359
|
if (!validation.valid) {
|
|
@@ -418,6 +533,11 @@ export async function handleActionRequest(request) {
|
|
|
418
533
|
// Cleanup old entries periodically
|
|
419
534
|
cleanIdempotencyCache();
|
|
420
535
|
}
|
|
536
|
+
// Progressive Enhancement: native HTML form → Post/Redirect/Get pattern
|
|
537
|
+
if (nativeForm) {
|
|
538
|
+
const fd = input instanceof FormData ? input : new FormData();
|
|
539
|
+
return formRedirect(request, fd);
|
|
540
|
+
}
|
|
421
541
|
// Serialize response with Nexus transport
|
|
422
542
|
const serialized = serialize({ data: result, status: 200, duration, idempotencyKey });
|
|
423
543
|
return new Response(serialized, {
|
|
@@ -467,7 +587,24 @@ export async function handleActionRequest(request) {
|
|
|
467
587
|
...(err.code !== undefined ? { code: err.code } : {}),
|
|
468
588
|
},
|
|
469
589
|
});
|
|
470
|
-
|
|
590
|
+
// Progressive Enhancement: redirect back with error encoded in query string
|
|
591
|
+
if (nativeForm) {
|
|
592
|
+
const referer = request.headers.get('referer') ?? '/';
|
|
593
|
+
const target = new URL(referer, request.url);
|
|
594
|
+
target.searchParams.set('__nexus_error', err.message);
|
|
595
|
+
if (err.code)
|
|
596
|
+
target.searchParams.set('__nexus_code', err.code);
|
|
597
|
+
return new Response(null, {
|
|
598
|
+
status: 303,
|
|
599
|
+
headers: { location: target.toString() },
|
|
600
|
+
});
|
|
601
|
+
}
|
|
602
|
+
return jsonResponse({
|
|
603
|
+
error: err.message,
|
|
604
|
+
status: err.status,
|
|
605
|
+
code: err.code,
|
|
606
|
+
...(err.fieldErrors ? { fieldErrors: err.fieldErrors } : {}),
|
|
607
|
+
}, err.status);
|
|
471
608
|
}
|
|
472
609
|
const errorId = randomUUID();
|
|
473
610
|
const mask = process.env['NEXUS_EXPOSE_ERRORS'] !== 'true' &&
|
|
@@ -518,11 +655,26 @@ export async function validateRequest(ctx) {
|
|
|
518
655
|
// Same-origin and same-site fetch() calls either omit Origin or match the host.
|
|
519
656
|
const origin = ctx.request.headers.get('origin');
|
|
520
657
|
const referer = ctx.request.headers.get('referer');
|
|
521
|
-
const
|
|
522
|
-
|
|
523
|
-
const
|
|
658
|
+
const rawHost = ctx.request.headers.get('host') ?? '';
|
|
659
|
+
// Derive scheme from X-Forwarded-Proto or default to http (covered by HTTPS terminator upstream)
|
|
660
|
+
const proto = ctx.request.headers.get('x-forwarded-proto') ?? 'http';
|
|
661
|
+
const expectedOrigin = `${proto}://${rawHost}`;
|
|
662
|
+
function isSameOrigin(headerValue) {
|
|
663
|
+
try {
|
|
664
|
+
const parsed = new URL(headerValue);
|
|
665
|
+
const expected = new URL(expectedOrigin);
|
|
666
|
+
return parsed.protocol === expected.protocol
|
|
667
|
+
&& parsed.hostname === expected.hostname
|
|
668
|
+
&& parsed.port === expected.port;
|
|
669
|
+
}
|
|
670
|
+
catch {
|
|
671
|
+
return false;
|
|
672
|
+
}
|
|
673
|
+
}
|
|
674
|
+
const suspectOrigin = origin && !isSameOrigin(origin);
|
|
675
|
+
const suspectReferer = !origin && referer && !isSameOrigin(referer);
|
|
524
676
|
if (suspectOrigin || suspectReferer) {
|
|
525
|
-
throw new ActionError(`Cross-origin action request blocked (host: ${
|
|
677
|
+
throw new ActionError(`Cross-origin action request blocked (host: ${rawHost})`, 403, 'CROSS_ORIGIN_BLOCKED');
|
|
526
678
|
}
|
|
527
679
|
}
|
|
528
680
|
// Re-export security primitives for use in app code
|
package/dist/actions.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"actions.js","sourceRoot":"","sources":["../src/actions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAE7E,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC7D,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,mBAAmB,GACpB,MAAM,WAAW,CAAC;AACnB,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,UAAU,EACV,cAAc,GAEf,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AACjF,OAAO,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AAuExD,MAAM,aAAa,GAAG,iBAAiB,CAAC;AAQxC,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAA4B,CAAC;AAC7D,MAAM,eAAe,GAAG,MAAM,CAAC,CAAC,aAAa;AAE7C,iFAAiF;AACjF,qDAAqD;AACrD,MAAM,eAAe,GAAG,IAAI,GAAG,EAA2B,CAAC;AAI3D,MAAM,YAAY,GAAG,IAAI,GAAG,EAAwB,CAAC;AAQrD,MAAM,cAAc,GAAG,IAAI,GAAG,EAA4B,CAAC;AAE3D;;;;;GAKG;AACH,SAAS,mCAAmC,CAAC,EAA8B,EAAE,IAAY;IACvF,MAAM,GAAG,GAAG,aAAa,GAAG,IAAI,CAAC;IACjC,MAAM,CAAC,cAAc,CAAC,EAAE,EAAE,UAAU,EAAE;QACpC,KAAK,EAAE,SAAS,oBAAoB;YAClC,OAAO,GAAG,CAAC;QACb,CAAC;QACD,YAAY,EAAE,IAAI;QAClB,UAAU,EAAE,KAAK;KAClB,CAAC,CAAC;IACH,IAAI,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,EAAE,EAAE,MAAM,CAAC,WAAW,EAAE;YAC5C,KAAK,EAAE,GAAG,EAAE,CAAC,GAAG;YAChB,YAAY,EAAE,IAAI;YAClB,UAAU,EAAE,KAAK;SAClB,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,YAAY;IACd,CAAC;AACH,CAAC;AAED,iFAAiF;AAEjF;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,UAAU,YAAY,CAC1B,QAE4D,EAC5D,aAA4B,EAAE;IAE9B,6EAA6E;IAC7E,MAAM,EAAE,GAAK,OAAO,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC;IAC1E,MAAM,IAAI,GAAG,OAAO,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC;IAEpE,4DAA4D;IAC5D,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAE1E,OAAO,KAAK,EACV,KAAa,EACb,GAA2C,EACzB,EAAE;QACpB,qBAAqB;QACrB,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;YACxB,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;QAC7B,CAAC;QAED,mBAAmB;QACnB,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC1C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,cAAc,CAAC,MAAM,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;QAED,uBAAuB;QACvB,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,CAAC;gBACH,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAW,CAAC;YAC7C,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,yBAAyB,CAAC;gBAC3E,MAAM,IAAI,WAAW,CAAC,kBAAkB,GAAG,EAAE,EAAE,GAAG,EAAE,kBAAkB,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC;QAED,OAAO,EAAE,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IACxB,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,cAAc,CAC5B,IAAY,EACZ,EAA8B,EAC9B,OAAsB,EAAE;IAExB,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC1E,IAAI,OAAO;QAAE,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC5C,mCAAmC,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAC9C,cAAc,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;AAC/C,CAAC;AAED,8FAA8F;AAC9F,MAAM,UAAU,wBAAwB;IACtC,OAAO,IAAI,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,OAAO,WAAY,SAAQ,KAAK;IAGlB;IACA;IAHlB,YACE,OAAe,EACC,SAAiB,GAAG,EACpB,IAAa;QAE7B,KAAK,CAAC,OAAO,CAAC,CAAC;QAHC,WAAM,GAAN,MAAM,CAAc;QACpB,SAAI,GAAJ,IAAI,CAAS;QAG7B,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;IAC5B,CAAC;CACF;AAED,MAAM,OAAO,kBAAmB,SAAQ,WAAW;IACjD;QACE,KAAK,CAAC,0CAA0C,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;IACpE,CAAC;CACF;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,OAAgB;IACxD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAEjC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,QAAQ,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC9B,OAAO,IAAI,QAAQ,CAAC,oBAAoB,EAAE;YACxC,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;SAC3B,CAAC,CAAC;IACL,CAAC;IAED,8EAA8E;IAC9E,2EAA2E;IAC3E,oEAAoE;IACpE,0EAA0E;IAC1E,mEAAmE;IACnE,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,SAAS,KAAK,MAAM,EAAE,CAAC;QACzB,YAAY,CAAC;YACX,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,+BAA+B,EAAE,MAAM,EAAE,GAAG,EAAE;SACzF,CAAC,CAAC;QACH,OAAO,YAAY,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,eAAe,EAAE,EAAE,GAAG,CAAC,CAAC;IACtG,CAAC;IAED,8EAA8E;IAC9E,8EAA8E;IAC9E,uEAAuE;IACvE,6EAA6E;IAC7E,MAAM,aAAa,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;IAC/D,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACzE,OAAO,YAAY,CAAC,EAAE,KAAK,EAAE,qBAAqB,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,qBAAqB,EAAE,EAAE,GAAG,CAAC,CAAC;IACvG,CAAC;IAED,MAAM,UAAU,GAAG,aAAa,CAAC;IACjC,MAAM,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAElD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,YAAY,CAAC,EAAE,KAAK,EAAE,WAAW,UAAU,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;IACvF,CAAC;IAED,6EAA6E;IAC7E,8EAA8E;IAC9E,4EAA4E;IAC5E,8EAA8E;IAC9E,MAAM,eAAe,GAAG,uBAAuB,EAAE,CAAC;IAClD,IAAI,eAAe,KAAK,IAAI,EAAE,CAAC;QAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC;QAC3D,IAAI,IAAI,KAAK,eAAe,EAAE,CAAC;YAC7B,YAAY,CAAC;gBACX,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE;oBACP,IAAI,EAAK,gBAAgB;oBACzB,OAAO,EAAE,gDAAgD;oBACzD,MAAM,EAAG,UAAU;iBACpB;aACF,CAAC,CAAC;YACH,OAAO,YAAY,CACjB;gBACE,KAAK,EAAG,kDAAkD;gBAC1D,MAAM,EAAE,GAAG;gBACX,IAAI,EAAI,gBAAgB;aACzB,EACD,GAAG,CACJ,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,UAAU,CAAC;IAChC,MAAM,IAAI,GAAM,IAAI,CAAC,IAAI,IAAO,QAAQ,CAAC;IACzC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,MAAM,CAAC;IAEvC,8EAA8E;IAC9E,EAAE;IACF,6EAA6E;IAC7E,2EAA2E;IAC3E,0EAA0E;IAC1E,oEAAoE;IACpE,EAAE;IACF,2EAA2E;IAC3E,4EAA4E;IAC5E,yEAAyE;IACzE,kDAAkD;IAClD,EAAE;IACF,QAAQ;IACR,wDAAwD;IACxD,8DAA8D;IAC9D,qCAAqC;IACrC,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QACxB,MAAM,KAAK,GAAS,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QAC7D,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAE1D,IAAI,KAAK,EAAE,CAAC;YACV,+BAA+B;YAC/B,MAAM,MAAM,GAAM,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,4BAA4B,CAAC;YAC9E,MAAM,SAAS,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAC5C,MAAM,UAAU,GAAG,mBAAmB,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;YAC7E,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;gBACtB,YAAY,CAAC;oBACX,IAAI,EAAE,gBAAgB;oBACtB,OAAO,EAAE;wBACP,IAAI,EAAK,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc;wBACxD,OAAO,EAAE,UAAU,CAAC,MAAM,IAAI,sBAAsB;wBACpD,MAAM,EAAG,UAAU;qBACpB;iBACF,CAAC,CAAC;gBACH,OAAO,YAAY,CAAC;oBAClB,KAAK,EAAG,UAAU,CAAC,MAAM,IAAI,sBAAsB;oBACnD,MAAM,EAAE,GAAG;oBACX,IAAI,EAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,oBAAoB;iBACrE,EAAE,GAAG,CAAC,CAAC;YACV,CAAC;QACH,CAAC;aAAM,IAAI,CAAC,WAAW,EAAE,CAAC;YACxB,yEAAyE;YACzE,YAAY,CAAC;gBACX,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE;oBACP,IAAI,EAAK,cAAc;oBACvB,OAAO,EAAE,sDAAsD;oBAC/D,MAAM,EAAG,UAAU;iBACpB;aACF,CAAC,CAAC;YACH,OAAO,YAAY,CAAC;gBAClB,KAAK,EAAG,sDAAsD;gBAC9D,MAAM,EAAE,GAAG;gBACX,IAAI,EAAI,qBAAqB;aAC9B,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;QACD,iFAAiF;IACnF,CAAC;IAED,8EAA8E;IAC9E,wEAAwE;IACxE,0EAA0E;IAC1E,0EAA0E;IAC1E,MAAM,OAAO,GAAG,UAAU,CAAC,UAAU,CAAC,CAAC;IACvC,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACtC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,YAAY,CAAC;gBACX,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE;oBACP,IAAI,EAAK,cAAc;oBACvB,OAAO,EAAE,YAAY,MAAM,CAAC,UAAU,GAAG;oBACzC,MAAM,EAAG,UAAU;iBACpB;aACF,CAAC,CAAC;YACH,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAQ,iCAAiC,MAAM,CAAC,UAAU,IAAI;gBACnE,MAAM,EAAO,GAAG;gBAChB,IAAI,EAAS,cAAc;gBAC3B,UAAU,EAAG,MAAM,CAAC,UAAU;gBAC9B,OAAO,EAAM,MAAM,CAAC,OAAO;aAC5B,CAAC,EACF;gBACE,MAAM,EAAG,GAAG;gBACZ,OAAO,EAAE;oBACP,cAAc,EAAG,kBAAkB;oBACnC,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;iBAC3B;aACF,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IAClE,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,SAAS,CAAC;IAErE,IAAI,cAAc,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACtC,MAAM,MAAM,GAAG,gBAAgB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACpD,IAAI,MAAM,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;YAC5C,YAAY,CAAC;gBACX,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE;oBACP,EAAE,EAAQ,OAAO;oBACjB,IAAI,EAAM,UAAU;oBACpB,MAAM,EAAI,sBAAsB,CAAC,MAAM,CAAC,MAAM,CAAC;oBAC/C,QAAQ,EAAE,CAAC;oBACX,MAAM,EAAI,IAAI;iBACf;aACF,CAAC,CAAC;YACH,OAAO,YAAY,CACjB,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,EAAE,EAC9D,MAAM,CAAC,MAAM,CACd,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,QAAQ,GAAG,SAAS,IAAI,QAAQ,CAAC;IACvC,MAAM,OAAO,GAAG,GAAG,QAAQ,IAAI,UAAU,EAAE,CAAC;IAE5C,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,IAAI,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YACjC,OAAO,YAAY,CAAC;gBAClB,KAAK,EAAE,4BAA4B;gBACnC,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,mBAAmB;aAC1B,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;IACH,CAAC;IAED,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC9C,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,KAAK,CAAC,IAAI,kBAAkB,EAAE,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;QACrB,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAED,8EAA8E;IAC9E,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IAEzC,sCAAsC;IACtC,OAAO,CAAC,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;QAC7C,UAAU,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,UAAU;IACV,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;QAChC,UAAU,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,wBAAwB,OAAO,IAAI,CAAC,CAAC,CAAC;IACnE,CAAC,EAAE,OAAO,CAAC,CAAC;IAEZ,eAAe,CAAC,GAAG,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IAEzC,6EAA6E;IAC7E,MAAM,GAAG,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;IACxE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,IAAI,CAAC;QACH,2EAA2E;QAC3E,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,IAAI,CAAC,YAAY,IAAI,qBAAqB,CAAC,CAAC;QAE1F,YAAY,CAAC;YACX,IAAI,EAAE,aAAa;YACnB,OAAO,EAAE;gBACP,EAAE,EAAS,OAAO;gBAClB,IAAI,EAAO,UAAU;gBACrB,KAAK,EAAM,sBAAsB,CAAC,KAAK,CAAC;gBACxC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3D,GAAG,CAAC,cAAc,IAAI,IAAI,IAAI,cAAc,KAAK,EAAE;oBACjD,CAAC,CAAC,EAAE,cAAc,EAAE;oBACpB,CAAC,CAAC,EAAE,CAAC;aACR;SACF,CAAC,CAAC;QAEH,IAAI,MAAe,CAAC;QACpB,IAAI,QAAQ,GAAG,CAAC,CAAC;QACjB,MAAM,WAAW,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;QAE5C,OAAO,QAAQ,GAAG,WAAW,EAAE,CAAC;YAC9B,IAAI,CAAC;gBACH,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;gBACxC,MAAM;YACR,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,cAAc,IAAI,GAAG,YAAY,cAAc;oBAAE,MAAM,GAAG,CAAC;gBAC9E,QAAQ,EAAE,CAAC;gBACX,IAAI,GAAG,YAAY,WAAW,IAAI,GAAG,YAAY,kBAAkB;oBAAE,MAAM,GAAG,CAAC;gBAC/E,IAAI,QAAQ,IAAI,WAAW;oBAAE,MAAM,GAAG,CAAC;gBACvC,MAAM,KAAK,CAAC,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,sBAAsB;YACrD,CAAC;QACH,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAExC,YAAY,CAAC;YACX,IAAI,EAAE,eAAe;YACrB,OAAO,EAAE;gBACP,EAAE,EAAQ,OAAO;gBACjB,IAAI,EAAM,UAAU;gBACpB,MAAM,EAAI,sBAAsB,CAAC,MAAM,CAAC;gBACxC,QAAQ;gBACR,MAAM,EAAI,KAAK;aAChB;SACF,CAAC,CAAC;QAEH,2BAA2B;QAC3B,IAAI,cAAc,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACtC,gBAAgB,CAAC,GAAG,CAAC,cAAc,EAAE;gBACnC,MAAM;gBACN,MAAM,EAAE,GAAG;gBACX,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe;aACxC,CAAC,CAAC;YACH,mCAAmC;YACnC,qBAAqB,EAAE,CAAC;QAC1B,CAAC;QAED,0CAA0C;QAC1C,MAAM,UAAU,GAAG,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,cAAc,EAAE,CAAC,CAAC;QACtF,OAAO,IAAI,QAAQ,CAAC,UAAU,EAAE;YAC9B,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,kBAAkB,EAAE,MAAM,CAAC,QAAQ,CAAC;gBACpC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,qBAAqB,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACrE;SACF,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAChC,YAAY,CAAC,OAAO,CAAC,CAAC;QAEtB,IAAI,UAAU,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YAC9B,OAAO,YAAY,CAAC;gBAClB,KAAK,EAAE,sBAAsB;gBAC7B,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,WAAW;aAClB,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;QAED,IAAI,GAAG,YAAY,cAAc,EAAE,CAAC;YAClC,YAAY,CAAC;gBACX,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE;oBACP,EAAE,EAAE,OAAO;oBACX,IAAI,EAAE,UAAU;oBAChB,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,MAAM,EAAE,GAAG,CAAC,MAAM;oBAClB,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;iBACjC;aACF,CAAC,CAAC;YACH,OAAO,0BAA0B,CAAC,GAAG,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,GAAG,YAAY,cAAc,EAAE,CAAC;YAClC,OAAO,YAAY,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,GAAG,YAAY,WAAW,EAAE,CAAC;YAC/B,YAAY,CAAC;gBACX,IAAI,EAAE,cAAc;gBACpB,OAAO,EAAE;oBACP,EAAE,EAAQ,OAAO;oBACjB,IAAI,EAAM,UAAU;oBACpB,KAAK,EAAK,GAAG,CAAC,OAAO;oBACrB,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;oBAChC,GAAG,CAAC,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBACtD;aACF,CAAC,CAAC;YACH,OAAO,YAAY,CAAC,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAC9F,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,MAAM,IAAI,GACR,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,MAAM;YAC7C,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,YAAY,CAAC;QAC3C,OAAO,CAAC,KAAK,CAAC,iBAAiB,OAAO,MAAM,UAAU,WAAW,EAAE,GAAG,CAAC,CAAC;QACxE,YAAY,CAAC;YACX,IAAI,EAAE,cAAc;YACpB,OAAO,EAAE;gBACP,EAAE,EAAQ,OAAO;gBACjB,IAAI,EAAM,UAAU;gBACpB,KAAK,EAAK,IAAI,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAC7F,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;gBAChC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7B;SACF,CAAC,CAAC;QACH,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,YAAY,CACjB;gBACE,KAAK,EAAI,uBAAuB;gBAChC,MAAM,EAAG,GAAG;gBACZ,OAAO;aACR,EACD,GAAG,CACJ,CAAC;QACJ,CAAC;QACD,OAAO,YAAY,CACjB;YACE,KAAK,EAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;YACxD,MAAM,EAAE,GAAG;SACZ,EACD,GAAG,CACJ,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAChC,YAAY,CAAC,OAAO,CAAC,CAAC;IACxB,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,GAAiB;IACrD,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC9D,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,WAAW,CAAC,+BAA+B,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC;IAChF,CAAC;IAED,gFAAgF;IAChF,gFAAgF;IAChF,MAAM,MAAM,GAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAClD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACnD,MAAM,IAAI,GAAM,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAEtD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC;IAC7E,MAAM,cAAc,GAAG,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC;IAE3F,IAAI,aAAa,IAAI,cAAc,EAAE,CAAC;QACpC,MAAM,IAAI,WAAW,CACnB,8CAA8C,IAAI,GAAG,EACrD,GAAG,EACH,sBAAsB,CACvB,CAAC;IACJ,CAAC;AACH,CAAC;AAED,oDAAoD;AACpD,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAC1G,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAGjF;;;;GAIG;AACH,MAAM,UAAU,SAAS,CAAC,GAAW;IACnC,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,CAAC,QAAQ,KAAK,OAAO,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ;YAAE,OAAO,KAAK,CAAC;IACtE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,GAAW;IACvC,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC,CAAC,oEAAoE;IACpF,CAAC;IAED,4EAA4E;IAC5E,0DAA0D;IAC1D,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE7E,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;IAExC,WAAW;IACX,IAAI,CAAC,KAAK,WAAW,IAAI,CAAC,KAAK,WAAW,IAAI,CAAC,KAAK,KAAK;QAAE,OAAO,IAAI,CAAC;IACvE,IAAI,kCAAkC,CAAC,IAAI,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5D,uEAAuE;IACvE,IAAI,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1C,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC;IAE1D,0BAA0B;IAC1B,IAAI,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACrC,IAAI,4BAA4B,CAAC,IAAI,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IACtD,IAAI,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAC;IAE1C,oBAAoB;IACpB,IAAI,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAElE,0BAA0B;IAC1B,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,iBAAiB;QAAE,OAAO,IAAI,CAAC;IAE5D,OAAO,KAAK,CAAC;AACf,CAAC;AAED,iFAAiF;AAEjF;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,iBAAiB,CAC/B,IAAY,EACZ,WAAyB,QAAQ;IAOjC,IAAI,iBAAiB,GAA2B,IAAI,CAAC;IACrD,IAAI,QAAQ,GAAG,KAAK,CAAC;IAErB,OAAO;QACL,GAAG;YACD,IAAI,QAAQ,KAAK,QAAQ,IAAI,iBAAiB,EAAE,CAAC;gBAC/C,iBAAiB,CAAC,KAAK,EAAE,CAAC;YAC5B,CAAC;YACD,iBAAiB,GAAG,IAAI,eAAe,EAAE,CAAC;YAC1C,QAAQ,GAAG,IAAI,CAAC;YAChB,iBAAiB,CAAC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAChF,OAAO,iBAAiB,CAAC,MAAM,CAAC;QAClC,CAAC;QACD,KAAK;YACH,iBAAiB,EAAE,KAAK,EAAE,CAAC;YAC3B,QAAQ,GAAG,KAAK,CAAC;QACnB,CAAC;QACD,IAAI,OAAO;YACT,OAAO,iBAAiB,EAAE,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;QACpD,CAAC;QACD,IAAI,OAAO;YACT,OAAO,QAAQ,CAAC;QAClB,CAAC;KACF,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,0GAA0G;AAC1G,MAAM,qBAAqB,GAAG,EAAE,GAAG,KAAK,GAAG,KAAK,CAAC;AAEjD,qGAAqG;AACrG,MAAM,cAAc,GAAG,EAAE,CAAC;AAE1B,oGAAoG;AACpG,MAAM,aAAa,GAAG,KAAK,CAAC;AAE5B;;;;;GAKG;AACH,SAAS,oBAAoB,CAAC,IAAY;IACxC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,IAAI,GAAI,CAAC,CAAC;IACd,IAAI,KAAK,GAAG,KAAK,CAAC;IAClB,IAAI,GAAG,GAAK,KAAK,CAAC;IAElB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC;QACpB,IAAI,GAAG,EAAc,CAAC;YAAC,GAAG,GAAG,KAAK,CAAC;YAAC,SAAS;QAAC,CAAC;QAC/C,IAAI,EAAE,KAAK,IAAI,IAAI,KAAK,EAAE,CAAC;YAAC,GAAG,GAAG,IAAI,CAAC;YAAE,SAAS;QAAC,CAAC;QACpD,IAAI,EAAE,KAAK,GAAG,EAAO,CAAC;YAAC,KAAK,GAAG,CAAC,KAAK,CAAC;YAAC,SAAS;QAAC,CAAC;QAClD,IAAI,KAAK,EAAY,CAAC;YAAC,SAAS;QAAC,CAAC;QAElC,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YAC7B,IAAI,EAAE,KAAK,GAAG,cAAc,EAAE,CAAC;gBAC7B,MAAM,IAAI,WAAW,CACnB,gCAAgC,cAAc,UAAU,EACxD,GAAG,EACH,eAAe,CAChB,CAAC;YACJ,CAAC;QACH,CAAC;aAAM,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACpC,KAAK,EAAE,CAAC;QACV,CAAC;aAAM,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACtB,IAAI,EAAE,IAAI,GAAG,aAAa,EAAE,CAAC;gBAC3B,MAAM,IAAI,WAAW,CACnB,2BAA2B,aAAa,QAAQ,EAChD,GAAG,EACH,kBAAkB,CACnB,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,OAAgB,EAAE,QAAQ,GAAG,qBAAqB;IAChF,oEAAoE;IACpE,kFAAkF;IAClF,MAAM,EAAE,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;IACtE,IAAI,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,QAAQ,EAAE,CAAC;QACzC,MAAM,IAAI,WAAW,CACnB,2BAA2B,EAAE,iBAAiB,QAAQ,GAAG,EACzD,GAAG,EACH,mBAAmB,CACpB,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;IAE9D,IAAI,WAAW,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;QAClC,IAAI,IAAI,CAAC,MAAM,GAAG,QAAQ,EAAE,CAAC;YAC3B,MAAM,IAAI,WAAW,CAAC,wBAAwB,EAAE,GAAG,EAAE,mBAAmB,CAAC,CAAC;QAC5E,CAAC;QACD,2EAA2E;QAC3E,yEAAyE;QACzE,oBAAoB,CAAC,IAAI,CAAC,CAAC;QAC3B,IAAI,CAAC;YACH,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,IACE,WAAW,CAAC,QAAQ,CAAC,qBAAqB,CAAC;QAC3C,WAAW,CAAC,QAAQ,CAAC,mCAAmC,CAAC,EACzD,CAAC;QACD,OAAO,OAAO,CAAC,QAAQ,EAAE,CAAC;IAC5B,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;IAClC,IAAI,IAAI,CAAC,MAAM,GAAG,QAAQ,EAAE,CAAC;QAC3B,MAAM,IAAI,WAAW,CAAC,wBAAwB,EAAE,GAAG,EAAE,mBAAmB,CAAC,CAAC;IAC5E,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,YAAY,CAAC,IAAa,EAAE,MAAc;IACjD,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;QACxC,MAAM;QACN,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;KAChD,CAAC,CAAC;AACL,CAAC;AAED,SAAS,0BAA0B,CAAC,GAAmB;IACrD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;IAC9B,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtC,GAAG,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACzC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;IACH,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,GAAW;IACpC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC1C,KAAK,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;QACxB,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,CAAC,CAAC,kCAAkC;IACvE,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,YAAY,CAAC,GAAW;IAC/B,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACpC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IACzC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC,8BAA8B;IAC7C,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACtB,IAAI,IAAI;QAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,iCAAiC;AAC7D,CAAC;AAED,SAAS,qBAAqB;IAC5B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,gBAAgB,CAAC,OAAO,EAAE,EAAE,CAAC;QACtD,IAAI,GAAG,GAAG,KAAK,CAAC,SAAS;YAAE,gBAAgB,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AAC3D,CAAC"}
|
|
1
|
+
{"version":3,"file":"actions.js","sourceRoot":"","sources":["../src/actions.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAE7E,OAAO,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAC7D,OAAO,EACL,mBAAmB,EACnB,gBAAgB,EAChB,mBAAmB,GACpB,MAAM,WAAW,CAAC;AACnB,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,UAAU,EACV,cAAc,GAEf,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AACtE,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,sBAAsB,EAAE,MAAM,eAAe,CAAC;AACjF,OAAO,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AAgGxD,MAAM,aAAa,GAAG,iBAAiB,CAAC;AAQxC,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAA4B,CAAC;AAC7D,MAAM,eAAe,GAAG,MAAM,CAAC,CAAC,aAAa;AAE7C,iFAAiF;AACjF,qDAAqD;AACrD,MAAM,eAAe,GAAG,IAAI,GAAG,EAA2B,CAAC;AAI3D,MAAM,YAAY,GAAG,IAAI,GAAG,EAAwB,CAAC;AAQrD,MAAM,cAAc,GAAG,IAAI,GAAG,EAA4B,CAAC;AAE3D;;;;;GAKG;AACH,SAAS,cAAc,CAAC,IAAY;IAClC,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAC3C,IAAI,CAAC,MAAM,IAAI,MAAM,KAAK,4BAA4B;QAAE,OAAO,IAAI,CAAC;IACpE,OAAO,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAChG,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,IAAY,EAAE,GAAkB;IAC9D,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;IACtC,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC,CAAC,+BAA+B;IACnE,IAAI,CAAC,GAAG;QAAE,OAAO,KAAK,CAAC;IACvB,iEAAiE;IACjE,IAAI,CAAC;QACH,OAAO,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAClE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,mCAAmC,CAAC,EAA8B,EAAE,IAAY;IACvF,MAAM,GAAG,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;IACjC,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,aAAa,GAAG,IAAI,UAAU,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,aAAa,GAAG,IAAI,EAAE,CAAC;IACrF,MAAM,CAAC,cAAc,CAAC,EAAE,EAAE,UAAU,EAAE;QACpC,KAAK,EAAE,SAAS,oBAAoB;YAClC,OAAO,GAAG,CAAC;QACb,CAAC;QACD,YAAY,EAAE,IAAI;QAClB,UAAU,EAAE,KAAK;KAClB,CAAC,CAAC;IACH,IAAI,CAAC;QACH,MAAM,CAAC,cAAc,CAAC,EAAE,EAAE,MAAM,CAAC,WAAW,EAAE;YAC5C,KAAK,EAAE,GAAG,EAAE,CAAC,GAAG;YAChB,YAAY,EAAE,IAAI;YAClB,UAAU,EAAE,KAAK;SAClB,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,YAAY;IACd,CAAC;AACH,CAAC;AAED,iFAAiF;AAEjF;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,UAAU,YAAY,CAC1B,QAE4D,EAC5D,aAA4B,EAAE;IAE9B,6EAA6E;IAC7E,MAAM,EAAE,GAAK,OAAO,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC;IAC1E,MAAM,IAAI,GAAG,OAAO,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC;IAEpE,4DAA4D;IAC5D,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAE1E,OAAO,KAAK,EACV,KAAa,EACb,GAA2C,EACzB,EAAE;QACpB,qBAAqB;QACrB,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;YACxB,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;QAC7B,CAAC;QAED,mBAAmB;QACnB,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC1C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACpB,MAAM,IAAI,cAAc,CAAC,MAAM,CAAC,CAAC;YACnC,CAAC;QACH,CAAC;QAED,0EAA0E;QAC1E,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,IAAI,OAAO,IAAI,CAAC,MAAM,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;gBAChD,6DAA6D;gBAC7D,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;gBAC5C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBACpB,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,EAAE,MAAM,IAAI,EAAE,CAAC;oBAC1C,MAAM,WAAW,GAA2B,EAAE,CAAC;oBAC/C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;wBAC3B,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC;wBAC7C,WAAW,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC;oBACpC,CAAC;oBACD,MAAM,IAAI,WAAW,CACnB,MAAM,CAAC,MAAM,GAAG,CAAC;wBACf,CAAC,CAAC,sBAAsB,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,OAAO,MAAM,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;wBACvG,CAAC,CAAC,yBAAyB,EAC7B,GAAG,EACH,kBAAkB,EAClB,WAAW,CACZ,CAAC;gBACJ,CAAC;gBACD,IAAI,MAAM,CAAC,IAAI,KAAK,SAAS;oBAAE,KAAK,GAAG,MAAM,CAAC,IAAc,CAAC;YAC/D,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC;oBACH,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAW,CAAC;gBAC7C,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,yBAAyB,CAAC;oBAC3E,MAAM,IAAI,WAAW,CAAC,kBAAkB,GAAG,EAAE,EAAE,GAAG,EAAE,kBAAkB,CAAC,CAAC;gBAC1E,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IACxB,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,cAAc,CAC5B,IAAY,EACZ,EAA8B,EAC9B,OAAsB,EAAE;IAExB,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC1E,IAAI,OAAO;QAAE,eAAe,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IAC5C,mCAAmC,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAC9C,cAAc,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;AAC/C,CAAC;AAED,8FAA8F;AAC9F,MAAM,UAAU,wBAAwB;IACtC,OAAO,IAAI,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,OAAO,WAAY,SAAQ,KAAK;IAGlB;IACA;IAEA;IALlB,YACE,OAAe,EACC,SAAiB,GAAG,EACpB,IAAa;IAC7B,6FAA6F;IAC7E,WAAoC;QAEpD,KAAK,CAAC,OAAO,CAAC,CAAC;QALC,WAAM,GAAN,MAAM,CAAc;QACpB,SAAI,GAAJ,IAAI,CAAS;QAEb,gBAAW,GAAX,WAAW,CAAyB;QAGpD,IAAI,CAAC,IAAI,GAAG,aAAa,CAAC;IAC5B,CAAC;CACF;AAED,MAAM,OAAO,kBAAmB,SAAQ,WAAW;IACjD;QACE,KAAK,CAAC,0CAA0C,EAAE,GAAG,EAAE,SAAS,CAAC,CAAC;IACpE,CAAC;CACF;AAED;;;;;;;;;;GAUG;AACH,SAAS,mBAAmB,CAAC,OAAgB;IAC3C,MAAM,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;IACrD,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC7D,MAAM,WAAW,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;IACvF,OAAO,CACL,EAAE,CAAC,QAAQ,CAAC,mCAAmC,CAAC;QAChD,CAAC,cAAc;QACf,CAAC,WAAW,CACb,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,SAAS,YAAY,CAAC,OAAgB,EAAE,QAAkB,EAAE,SAAc,GAAG;IAC3E,MAAM,UAAU,GACb,QAAQ,CAAC,GAAG,CAAC,cAAc,CAAmB;QAC/C,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC;QAC9B,GAAG,CAAC;IAEN,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;IACtD,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;AACjD,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,OAAgB;IACxD,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAEjC,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;QAC5C,OAAO,IAAI,QAAQ,CAAC,WAAW,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC9B,OAAO,IAAI,QAAQ,CAAC,oBAAoB,EAAE;YACxC,MAAM,EAAE,GAAG;YACX,OAAO,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;SAC3B,CAAC,CAAC;IACL,CAAC;IAED,MAAM,UAAU,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;IAEhD,8EAA8E;IAC9E,2EAA2E;IAC3E,oEAAoE;IACpE,0EAA0E;IAC1E,mEAAmE;IACnE,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,SAAS,KAAK,MAAM,EAAE,CAAC;QACzB,YAAY,CAAC;YACX,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,+BAA+B,EAAE,MAAM,EAAE,GAAG,EAAE;SACzF,CAAC,CAAC;QACH,OAAO,YAAY,CAAC,EAAE,KAAK,EAAE,0BAA0B,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,eAAe,EAAE,EAAE,GAAG,CAAC,CAAC;IACtG,CAAC;IAED,8EAA8E;IAC9E,8EAA8E;IAC9E,uEAAuE;IACvE,6EAA6E;IAC7E,MAAM,aAAa,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;IAC/D,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACzE,OAAO,YAAY,CAAC,EAAE,KAAK,EAAE,qBAAqB,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,qBAAqB,EAAE,EAAE,GAAG,CAAC,CAAC;IACvG,CAAC;IAED,MAAM,UAAU,GAAG,aAAa,CAAC;IACjC,MAAM,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAElD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,YAAY,CAAC,EAAE,KAAK,EAAE,WAAW,UAAU,aAAa,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;IACvF,CAAC;IAED,6EAA6E;IAC7E,+EAA+E;IAC/E,4EAA4E;IAC5E,wDAAwD;IACxD,2EAA2E;IAC3E,MAAM,SAAS,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAChD,IAAI,CAAC,eAAe,CAAC,UAAU,EAAE,SAAS,CAAC,EAAE,CAAC;QAC5C,YAAY,CAAC;YACX,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE;gBACP,IAAI,EAAK,cAAc;gBACvB,OAAO,EAAE,uEAAuE;gBAChF,MAAM,EAAG,UAAU;aACpB;SACF,CAAC,CAAC;QACH,OAAO,YAAY,CAAC,EAAE,KAAK,EAAE,oBAAoB,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,oBAAoB,EAAE,EAAE,GAAG,CAAC,CAAC;IACrG,CAAC;IAED,6EAA6E;IAC7E,8EAA8E;IAC9E,4EAA4E;IAC5E,8EAA8E;IAC9E,MAAM,eAAe,GAAG,uBAAuB,EAAE,CAAC;IAClD,IAAI,eAAe,KAAK,IAAI,EAAE,CAAC;QAC7B,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC;QAC3D,IAAI,IAAI,KAAK,eAAe,EAAE,CAAC;YAC7B,YAAY,CAAC;gBACX,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE;oBACP,IAAI,EAAK,gBAAgB;oBACzB,OAAO,EAAE,gDAAgD;oBACzD,MAAM,EAAG,UAAU;iBACpB;aACF,CAAC,CAAC;YACH,OAAO,YAAY,CACjB;gBACE,KAAK,EAAG,kDAAkD;gBAC1D,MAAM,EAAE,GAAG;gBACX,IAAI,EAAI,gBAAgB;aACzB,EACD,GAAG,CACJ,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,UAAU,CAAC;IAChC,MAAM,IAAI,GAAM,IAAI,CAAC,IAAI,IAAO,QAAQ,CAAC;IACzC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,IAAI,MAAM,CAAC;IAEvC,8EAA8E;IAC9E,EAAE;IACF,6EAA6E;IAC7E,2EAA2E;IAC3E,8EAA8E;IAC9E,oEAAoE;IACpE,EAAE;IACF,2EAA2E;IAC3E,4EAA4E;IAC5E,yEAAyE;IACzE,kDAAkD;IAClD,EAAE;IACF,QAAQ;IACR,wDAAwD;IACxD,8DAA8D;IAC9D,qCAAqC;IACrC,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QACxB,MAAM,KAAK,GAAS,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QAC7D,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QAE1D,IAAI,KAAK,EAAE,CAAC;YACV,+BAA+B;YAC/B,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAC9C,IAAI,CAAC,SAAS,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,YAAY,EAAE,CAAC;gBAC3D,mEAAmE;gBACnE,uDAAuD;gBACvD,OAAO,YAAY,CAAC,EAAE,KAAK,EAAE,+CAA+C,EAAE,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,iBAAiB,EAAE,EAAE,GAAG,CAAC,CAAC;YAC7H,CAAC;YACD,MAAM,MAAM,GAAM,SAAS,IAAI,4BAA4B,CAAC;YAC5D,MAAM,SAAS,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAC5C,MAAM,UAAU,GAAG,mBAAmB,CAAC,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;YAC7E,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;gBACtB,YAAY,CAAC;oBACX,IAAI,EAAE,gBAAgB;oBACtB,OAAO,EAAE;wBACP,IAAI,EAAK,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc;wBACxD,OAAO,EAAE,UAAU,CAAC,MAAM,IAAI,sBAAsB;wBACpD,MAAM,EAAG,UAAU;qBACpB;iBACF,CAAC,CAAC;gBACH,OAAO,YAAY,CAAC;oBAClB,KAAK,EAAG,UAAU,CAAC,MAAM,IAAI,sBAAsB;oBACnD,MAAM,EAAE,GAAG;oBACX,IAAI,EAAI,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,oBAAoB;iBACrE,EAAE,GAAG,CAAC,CAAC;YACV,CAAC;QACH,CAAC;aAAM,IAAI,CAAC,WAAW,EAAE,CAAC;YACxB,yEAAyE;YACzE,YAAY,CAAC;gBACX,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE;oBACP,IAAI,EAAK,cAAc;oBACvB,OAAO,EAAE,sDAAsD;oBAC/D,MAAM,EAAG,UAAU;iBACpB;aACF,CAAC,CAAC;YACH,OAAO,YAAY,CAAC;gBAClB,KAAK,EAAG,sDAAsD;gBAC9D,MAAM,EAAE,GAAG;gBACX,IAAI,EAAI,qBAAqB;aAC9B,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;QACD,iFAAiF;IACnF,CAAC;IAED,8EAA8E;IAC9E,wEAAwE;IACxE,0EAA0E;IAC1E,0EAA0E;IAC1E,MAAM,OAAO,GAAG,UAAU,CAAC,UAAU,CAAC,CAAC;IACvC,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACtC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,YAAY,CAAC;gBACX,IAAI,EAAE,gBAAgB;gBACtB,OAAO,EAAE;oBACP,IAAI,EAAK,cAAc;oBACvB,OAAO,EAAE,YAAY,MAAM,CAAC,UAAU,GAAG;oBACzC,MAAM,EAAG,UAAU;iBACpB;aACF,CAAC,CAAC;YACH,OAAO,IAAI,QAAQ,CACjB,IAAI,CAAC,SAAS,CAAC;gBACb,KAAK,EAAQ,iCAAiC,MAAM,CAAC,UAAU,IAAI;gBACnE,MAAM,EAAO,GAAG;gBAChB,IAAI,EAAS,cAAc;gBAC3B,UAAU,EAAG,MAAM,CAAC,UAAU;gBAC9B,OAAO,EAAM,MAAM,CAAC,OAAO;aAC5B,CAAC,EACF;gBACE,MAAM,EAAG,GAAG;gBACZ,OAAO,EAAE;oBACP,cAAc,EAAG,kBAAkB;oBACnC,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC;iBAC3B;aACF,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IAClE,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,SAAS,CAAC;IAErE,IAAI,cAAc,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACtC,MAAM,MAAM,GAAG,gBAAgB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;QACpD,IAAI,MAAM,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;YAC5C,YAAY,CAAC;gBACX,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE;oBACP,EAAE,EAAQ,OAAO;oBACjB,IAAI,EAAM,UAAU;oBACpB,MAAM,EAAI,sBAAsB,CAAC,MAAM,CAAC,MAAM,CAAC;oBAC/C,QAAQ,EAAE,CAAC;oBACX,MAAM,EAAI,IAAI;iBACf;aACF,CAAC,CAAC;YACH,OAAO,YAAY,CACjB,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,EAAE,EAC9D,MAAM,CAAC,MAAM,CACd,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,MAAM,QAAQ,GAAG,SAAS,IAAI,QAAQ,CAAC;IACvC,MAAM,OAAO,GAAG,GAAG,QAAQ,IAAI,UAAU,EAAE,CAAC;IAE5C,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,IAAI,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;YACjC,OAAO,YAAY,CAAC;gBAClB,KAAK,EAAE,4BAA4B;gBACnC,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,mBAAmB;aAC1B,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;IACH,CAAC;IAED,IAAI,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtB,MAAM,QAAQ,GAAG,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC9C,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,KAAK,CAAC,IAAI,kBAAkB,EAAE,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;QACrB,MAAM,WAAW,CAAC,OAAO,CAAC,CAAC;IAC7B,CAAC;IAED,8EAA8E;IAC9E,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IAEzC,sCAAsC;IACtC,OAAO,CAAC,MAAM,EAAE,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE;QAC7C,UAAU,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,UAAU;IACV,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE;QAChC,UAAU,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,wBAAwB,OAAO,IAAI,CAAC,CAAC,CAAC;IACnE,CAAC,EAAE,OAAO,CAAC,CAAC;IAEZ,eAAe,CAAC,GAAG,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IAEzC,6EAA6E;IAC7E,MAAM,GAAG,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;IACxE,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,IAAI,CAAC;QACH,2EAA2E;QAC3E,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,IAAI,CAAC,YAAY,IAAI,qBAAqB,CAAC,CAAC;QAE1F,YAAY,CAAC;YACX,IAAI,EAAE,aAAa;YACnB,OAAO,EAAE;gBACP,EAAE,EAAS,OAAO;gBAClB,IAAI,EAAO,UAAU;gBACrB,KAAK,EAAM,sBAAsB,CAAC,KAAK,CAAC;gBACxC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;gBACrB,GAAG,CAAC,SAAS,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3D,GAAG,CAAC,cAAc,IAAI,IAAI,IAAI,cAAc,KAAK,EAAE;oBACjD,CAAC,CAAC,EAAE,cAAc,EAAE;oBACpB,CAAC,CAAC,EAAE,CAAC;aACR;SACF,CAAC,CAAC;QAEH,IAAI,MAAe,CAAC;QACpB,IAAI,QAAQ,GAAG,CAAC,CAAC;QACjB,MAAM,WAAW,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;QAE5C,OAAO,QAAQ,GAAG,WAAW,EAAE,CAAC;YAC9B,IAAI,CAAC;gBACH,MAAM,GAAG,MAAM,EAAE,CAAC,KAAK,EAAE,aAAa,CAAC,CAAC;gBACxC,MAAM;YACR,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,cAAc,IAAI,GAAG,YAAY,cAAc;oBAAE,MAAM,GAAG,CAAC;gBAC9E,QAAQ,EAAE,CAAC;gBACX,IAAI,GAAG,YAAY,WAAW,IAAI,GAAG,YAAY,kBAAkB;oBAAE,MAAM,GAAG,CAAC;gBAC/E,IAAI,QAAQ,IAAI,WAAW;oBAAE,MAAM,GAAG,CAAC;gBACvC,MAAM,KAAK,CAAC,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,sBAAsB;YACrD,CAAC;QACH,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;QAExC,YAAY,CAAC;YACX,IAAI,EAAE,eAAe;YACrB,OAAO,EAAE;gBACP,EAAE,EAAQ,OAAO;gBACjB,IAAI,EAAM,UAAU;gBACpB,MAAM,EAAI,sBAAsB,CAAC,MAAM,CAAC;gBACxC,QAAQ;gBACR,MAAM,EAAI,KAAK;aAChB;SACF,CAAC,CAAC;QAEH,2BAA2B;QAC3B,IAAI,cAAc,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACtC,gBAAgB,CAAC,GAAG,CAAC,cAAc,EAAE;gBACnC,MAAM;gBACN,MAAM,EAAE,GAAG;gBACX,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,eAAe;aACxC,CAAC,CAAC;YACH,mCAAmC;YACnC,qBAAqB,EAAE,CAAC;QAC1B,CAAC;QAED,wEAAwE;QACxE,IAAI,UAAU,EAAE,CAAC;YACf,MAAM,EAAE,GAAG,KAAK,YAAY,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,QAAQ,EAAE,CAAC;YAC9D,OAAO,YAAY,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACnC,CAAC;QAED,0CAA0C;QAC1C,MAAM,UAAU,GAAG,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,QAAQ,EAAE,cAAc,EAAE,CAAC,CAAC;QACtF,OAAO,IAAI,QAAQ,CAAC,UAAU,EAAE;YAC9B,MAAM,EAAE,GAAG;YACX,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,kBAAkB,EAAE,MAAM,CAAC,QAAQ,CAAC;gBACpC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,qBAAqB,EAAE,cAAc,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACrE;SACF,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAChC,YAAY,CAAC,OAAO,CAAC,CAAC;QAEtB,IAAI,UAAU,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YAC9B,OAAO,YAAY,CAAC;gBAClB,KAAK,EAAE,sBAAsB;gBAC7B,MAAM,EAAE,GAAG;gBACX,IAAI,EAAE,WAAW;aAClB,EAAE,GAAG,CAAC,CAAC;QACV,CAAC;QAED,IAAI,GAAG,YAAY,cAAc,EAAE,CAAC;YAClC,YAAY,CAAC;gBACX,IAAI,EAAE,iBAAiB;gBACvB,OAAO,EAAE;oBACP,EAAE,EAAE,OAAO;oBACX,IAAI,EAAE,UAAU;oBAChB,QAAQ,EAAE,GAAG,CAAC,QAAQ;oBACtB,MAAM,EAAE,GAAG,CAAC,MAAM;oBAClB,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;iBACjC;aACF,CAAC,CAAC;YACH,OAAO,0BAA0B,CAAC,GAAG,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,GAAG,YAAY,cAAc,EAAE,CAAC;YAClC,OAAO,YAAY,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QAED,IAAI,GAAG,YAAY,WAAW,EAAE,CAAC;YAC/B,YAAY,CAAC;gBACX,IAAI,EAAE,cAAc;gBACpB,OAAO,EAAE;oBACP,EAAE,EAAQ,OAAO;oBACjB,IAAI,EAAM,UAAU;oBACpB,KAAK,EAAK,GAAG,CAAC,OAAO;oBACrB,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;oBAChC,GAAG,CAAC,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBACtD;aACF,CAAC,CAAC;YAEH,4EAA4E;YAC5E,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC;gBACtD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;gBAC7C,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,eAAe,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;gBACtD,IAAI,GAAG,CAAC,IAAI;oBAAE,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;gBAChE,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE;oBACxB,MAAM,EAAE,GAAG;oBACX,OAAO,EAAE,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,EAAE;iBACzC,CAAC,CAAC;YACL,CAAC;YAED,OAAO,YAAY,CACjB;gBACE,KAAK,EAAG,GAAG,CAAC,OAAO;gBACnB,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,IAAI,EAAI,GAAG,CAAC,IAAI;gBAChB,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7D,EACD,GAAG,CAAC,MAAM,CACX,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;QAC7B,MAAM,IAAI,GACR,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,KAAK,MAAM;YAC7C,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,YAAY,CAAC;QAC3C,OAAO,CAAC,KAAK,CAAC,iBAAiB,OAAO,MAAM,UAAU,WAAW,EAAE,GAAG,CAAC,CAAC;QACxE,YAAY,CAAC;YACX,IAAI,EAAE,cAAc;YACpB,OAAO,EAAE;gBACP,EAAE,EAAQ,OAAO;gBACjB,IAAI,EAAM,UAAU;gBACpB,KAAK,EAAK,IAAI,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAC7F,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;gBAChC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC7B;SACF,CAAC,CAAC;QACH,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,YAAY,CACjB;gBACE,KAAK,EAAI,uBAAuB;gBAChC,MAAM,EAAG,GAAG;gBACZ,OAAO;aACR,EACD,GAAG,CACJ,CAAC;QACJ,CAAC;QACD,OAAO,YAAY,CACjB;YACE,KAAK,EAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;YACxD,MAAM,EAAE,GAAG;SACZ,EACD,GAAG,CACJ,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,SAAS,CAAC,CAAC;QACxB,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAChC,YAAY,CAAC,OAAO,CAAC,CAAC;IACxB,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,GAAiB;IACrD,MAAM,WAAW,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC9D,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,MAAM,IAAI,WAAW,CAAC,+BAA+B,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC;IAChF,CAAC;IAED,gFAAgF;IAChF,gFAAgF;IAChF,MAAM,MAAM,GAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAClD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAEtD,iGAAiG;IACjG,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,IAAI,MAAM,CAAC;IACrE,MAAM,cAAc,GAAG,GAAG,KAAK,MAAM,OAAO,EAAE,CAAC;IAE/C,SAAS,YAAY,CAAC,WAAmB;QACvC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,CAAC;YACpC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,CAAC;YACzC,OAAO,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC,QAAQ;mBACrC,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC,QAAQ;mBACrC,MAAM,CAAC,IAAI,KAAQ,QAAQ,CAAC,IAAI,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED,MAAM,aAAa,GAAI,MAAM,IAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;IACxD,MAAM,cAAc,GAAG,CAAC,MAAM,IAAI,OAAO,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;IAEpE,IAAI,aAAa,IAAI,cAAc,EAAE,CAAC;QACpC,MAAM,IAAI,WAAW,CACnB,8CAA8C,OAAO,GAAG,EACxD,GAAG,EACH,sBAAsB,CACvB,CAAC;IACJ,CAAC;AACH,CAAC;AAED,oDAAoD;AACpD,OAAO,EAAE,mBAAmB,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAC1G,OAAO,EAAE,iBAAiB,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAGjF;;;;GAIG;AACH,MAAM,UAAU,SAAS,CAAC,GAAW;IACnC,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,CAAC,QAAQ,KAAK,OAAO,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ;YAAE,OAAO,KAAK,CAAC;IACtE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,GAAW;IACvC,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC,CAAC,oEAAoE;IACpF,CAAC;IAED,4EAA4E;IAC5E,0DAA0D;IAC1D,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE7E,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;IAExC,WAAW;IACX,IAAI,CAAC,KAAK,WAAW,IAAI,CAAC,KAAK,WAAW,IAAI,CAAC,KAAK,KAAK;QAAE,OAAO,IAAI,CAAC;IACvE,IAAI,kCAAkC,CAAC,IAAI,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5D,uEAAuE;IACvE,IAAI,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1C,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC;IAE1D,0BAA0B;IAC1B,IAAI,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACrC,IAAI,4BAA4B,CAAC,IAAI,CAAC,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IACtD,IAAI,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAC;IAE1C,oBAAoB;IACpB,IAAI,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAElE,0BAA0B;IAC1B,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,iBAAiB;QAAE,OAAO,IAAI,CAAC;IAE5D,OAAO,KAAK,CAAC;AACf,CAAC;AAED,iFAAiF;AAEjF;;;;;;;;;;;;GAYG;AACH,MAAM,UAAU,iBAAiB,CAC/B,IAAY,EACZ,WAAyB,QAAQ;IAOjC,IAAI,iBAAiB,GAA2B,IAAI,CAAC;IACrD,IAAI,QAAQ,GAAG,KAAK,CAAC;IAErB,OAAO;QACL,GAAG;YACD,IAAI,QAAQ,KAAK,QAAQ,IAAI,iBAAiB,EAAE,CAAC;gBAC/C,iBAAiB,CAAC,KAAK,EAAE,CAAC;YAC5B,CAAC;YACD,iBAAiB,GAAG,IAAI,eAAe,EAAE,CAAC;YAC1C,QAAQ,GAAG,IAAI,CAAC;YAChB,iBAAiB,CAAC,MAAM,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,EAAE,GAAG,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAChF,OAAO,iBAAiB,CAAC,MAAM,CAAC;QAClC,CAAC;QACD,KAAK;YACH,iBAAiB,EAAE,KAAK,EAAE,CAAC;YAC3B,QAAQ,GAAG,KAAK,CAAC;QACnB,CAAC;QACD,IAAI,OAAO;YACT,OAAO,iBAAiB,EAAE,MAAM,CAAC,OAAO,IAAI,KAAK,CAAC;QACpD,CAAC;QACD,IAAI,OAAO;YACT,OAAO,QAAQ,CAAC;QAClB,CAAC;KACF,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,0GAA0G;AAC1G,MAAM,qBAAqB,GAAG,EAAE,GAAG,KAAK,GAAG,KAAK,CAAC;AAEjD,qGAAqG;AACrG,MAAM,cAAc,GAAG,EAAE,CAAC;AAE1B,oGAAoG;AACpG,MAAM,aAAa,GAAG,KAAK,CAAC;AAE5B;;;;;GAKG;AACH,SAAS,oBAAoB,CAAC,IAAY;IACxC,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,IAAI,GAAI,CAAC,CAAC;IACd,IAAI,KAAK,GAAG,KAAK,CAAC;IAClB,IAAI,GAAG,GAAK,KAAK,CAAC;IAElB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC;QACpB,IAAI,GAAG,EAAc,CAAC;YAAC,GAAG,GAAG,KAAK,CAAC;YAAC,SAAS;QAAC,CAAC;QAC/C,IAAI,EAAE,KAAK,IAAI,IAAI,KAAK,EAAE,CAAC;YAAC,GAAG,GAAG,IAAI,CAAC;YAAE,SAAS;QAAC,CAAC;QACpD,IAAI,EAAE,KAAK,GAAG,EAAO,CAAC;YAAC,KAAK,GAAG,CAAC,KAAK,CAAC;YAAC,SAAS;QAAC,CAAC;QAClD,IAAI,KAAK,EAAY,CAAC;YAAC,SAAS;QAAC,CAAC;QAElC,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YAC7B,IAAI,EAAE,KAAK,GAAG,cAAc,EAAE,CAAC;gBAC7B,MAAM,IAAI,WAAW,CACnB,gCAAgC,cAAc,UAAU,EACxD,GAAG,EACH,eAAe,CAChB,CAAC;YACJ,CAAC;QACH,CAAC;aAAM,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACpC,KAAK,EAAE,CAAC;QACV,CAAC;aAAM,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACtB,IAAI,EAAE,IAAI,GAAG,aAAa,EAAE,CAAC;gBAC3B,MAAM,IAAI,WAAW,CACnB,2BAA2B,aAAa,QAAQ,EAChD,GAAG,EACH,kBAAkB,CACnB,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,OAAgB,EAAE,QAAQ,GAAG,qBAAqB;IAChF,oEAAoE;IACpE,kFAAkF;IAClF,MAAM,EAAE,GAAG,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;IACtE,IAAI,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE,GAAG,QAAQ,EAAE,CAAC;QACzC,MAAM,IAAI,WAAW,CACnB,2BAA2B,EAAE,iBAAiB,QAAQ,GAAG,EACzD,GAAG,EACH,mBAAmB,CACpB,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;IAE9D,IAAI,WAAW,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;QAClC,IAAI,IAAI,CAAC,MAAM,GAAG,QAAQ,EAAE,CAAC;YAC3B,MAAM,IAAI,WAAW,CAAC,wBAAwB,EAAE,GAAG,EAAE,mBAAmB,CAAC,CAAC;QAC5E,CAAC;QACD,2EAA2E;QAC3E,yEAAyE;QACzE,oBAAoB,CAAC,IAAI,CAAC,CAAC;QAC3B,IAAI,CAAC;YACH,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,IACE,WAAW,CAAC,QAAQ,CAAC,qBAAqB,CAAC;QAC3C,WAAW,CAAC,QAAQ,CAAC,mCAAmC,CAAC,EACzD,CAAC;QACD,OAAO,OAAO,CAAC,QAAQ,EAAE,CAAC;IAC5B,CAAC;IAED,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC;IAClC,IAAI,IAAI,CAAC,MAAM,GAAG,QAAQ,EAAE,CAAC;QAC3B,MAAM,IAAI,WAAW,CAAC,wBAAwB,EAAE,GAAG,EAAE,mBAAmB,CAAC,CAAC;IAC5E,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,YAAY,CAAC,IAAa,EAAE,MAAc;IACjD,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE;QACxC,MAAM;QACN,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;KAChD,CAAC,CAAC;AACL,CAAC;AAED,SAAS,0BAA0B,CAAC,GAAmB;IACrD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;IAC9B,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;IACtC,GAAG,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACzC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;IACH,OAAO,IAAI,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;AAC7D,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,GAAW;IACpC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC1C,KAAK,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;QACxB,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,CAAC,CAAC,kCAAkC;IACvE,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,YAAY,CAAC,GAAW;IAC/B,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACpC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IACzC,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC,8BAA8B;IAC7C,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;IACtB,IAAI,IAAI;QAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,iCAAiC;AAC7D,CAAC;AAED,SAAS,qBAAqB;IAC5B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,gBAAgB,CAAC,OAAO,EAAE,EAAE,CAAC;QACtD,IAAI,GAAG,GAAG,KAAK,CAAC,SAAS;YAAE,gBAAgB,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC;AAED,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AAC3D,CAAC"}
|
package/dist/context.d.ts
CHANGED
|
@@ -18,6 +18,26 @@ export interface NexusContext {
|
|
|
18
18
|
* Later routes override keys. Serialized to `__NEXUS_PRETEXT__` for `$pretext()` on the client.
|
|
19
19
|
*/
|
|
20
20
|
pretext?: Record<string, unknown>;
|
|
21
|
+
/**
|
|
22
|
+
* Per-request Content-Security-Policy nonce.
|
|
23
|
+
* When `security.hardened` is enabled, every HTML response gets a fresh random nonce.
|
|
24
|
+
* Add `nonce="{ctx.cspNonce}"` to any custom inline `<script>` or `<style>` tags in your
|
|
25
|
+
* layout's template so they are not blocked by the CSP.
|
|
26
|
+
*
|
|
27
|
+
* Usage in a layout load function:
|
|
28
|
+
* ```ts
|
|
29
|
+
* export async function load(ctx) {
|
|
30
|
+
* return { cspNonce: ctx.cspNonce, ... };
|
|
31
|
+
* }
|
|
32
|
+
* ```
|
|
33
|
+
* Then in the template:
|
|
34
|
+
* ```html
|
|
35
|
+
* <script nonce="{pretext.cspNonce}">...</script>
|
|
36
|
+
* ```
|
|
37
|
+
*
|
|
38
|
+
* Empty string when `security.hardened` is disabled.
|
|
39
|
+
*/
|
|
40
|
+
cspNonce: string;
|
|
21
41
|
/** Set a response header */
|
|
22
42
|
setHeader: (key: string, value: string) => void;
|
|
23
43
|
/** Set a cookie */
|
|
@@ -48,5 +68,5 @@ export declare class RedirectSignal {
|
|
|
48
68
|
/** Internal not-found signal */
|
|
49
69
|
export declare class NotFoundSignal {
|
|
50
70
|
}
|
|
51
|
-
export declare function createContext(request: Request, params?: Record<string, string
|
|
71
|
+
export declare function createContext(request: Request, params?: Record<string, string>, cspNonce?: string): NexusContext;
|
|
52
72
|
//# sourceMappingURL=context.d.ts.map
|
package/dist/context.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/B,GAAG,EAAE,GAAG,CAAC;IACT,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC;;;OAGG;IACH,OAAO,EAAE,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,4BAA4B;IAC5B,SAAS,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;IAChD,mBAAmB;IACnB,SAAS,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,aAAa,KAAK,IAAI,CAAC;IACvE,yBAAyB;IACzB,SAAS,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,GAAG,SAAS,CAAC;IAChD,+DAA+D;IAC/D,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,KAAK,KAAK,CAAC;IAC5E,kCAAkC;IAClC,QAAQ,EAAE,MAAM,KAAK,CAAC;CACvB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,IAAI,CAAC;IACf,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;CACtC;AAED,uFAAuF;AACvF,qBAAa,cAAc;aAEP,QAAQ,EAAE,MAAM;aAChB,MAAM,EAAE,MAAM;aACd,eAAe,EAAE,OAAO;gBAFxB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EACd,eAAe,EAAE,OAAO;CAE3C;AAED,gCAAgC;AAChC,qBAAa,cAAc;CAAG;AAE9B,wBAAgB,aAAa,CAC3B,OAAO,EAAE,OAAO,EAChB,MAAM,GAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAM,
|
|
1
|
+
{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC/B,GAAG,EAAE,GAAG,CAAC;IACT,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAChC;;;OAGG;IACH,OAAO,EAAE,WAAW,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC;;;OAGG;IACH,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC;;;;;;;;;;;;;;;;;;OAkBG;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB,4BAA4B;IAC5B,SAAS,EAAE,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,KAAK,IAAI,CAAC;IAChD,mBAAmB;IACnB,SAAS,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,aAAa,KAAK,IAAI,CAAC;IACvE,yBAAyB;IACzB,SAAS,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,GAAG,SAAS,CAAC;IAChD,+DAA+D;IAC/D,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,KAAK,KAAK,CAAC;IAC5E,kCAAkC;IAClC,QAAQ,EAAE,MAAM,KAAK,CAAC;CACvB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,IAAI,CAAC;IACf,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,QAAQ,CAAC,EAAE,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;CACtC;AAED,uFAAuF;AACvF,qBAAa,cAAc;aAEP,QAAQ,EAAE,MAAM;aAChB,MAAM,EAAE,MAAM;aACd,eAAe,EAAE,OAAO;gBAFxB,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EACd,eAAe,EAAE,OAAO;CAE3C;AAED,gCAAgC;AAChC,qBAAa,cAAc;CAAG;AAE9B,wBAAgB,aAAa,CAC3B,OAAO,EAAE,OAAO,EAChB,MAAM,GAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAM,EACnC,QAAQ,SAAK,GACZ,YAAY,CA0Cd"}
|
package/dist/context.js
CHANGED
|
@@ -17,7 +17,7 @@ export class RedirectSignal {
|
|
|
17
17
|
/** Internal not-found signal */
|
|
18
18
|
export class NotFoundSignal {
|
|
19
19
|
}
|
|
20
|
-
export function createContext(request, params = {}) {
|
|
20
|
+
export function createContext(request, params = {}, cspNonce = '') {
|
|
21
21
|
const url = new URL(request.url);
|
|
22
22
|
const responseHeaders = new Headers();
|
|
23
23
|
const cookies = parseCookies(request.headers.get('cookie') ?? '');
|
|
@@ -28,6 +28,7 @@ export function createContext(request, params = {}) {
|
|
|
28
28
|
headers: request.headers,
|
|
29
29
|
locals: {},
|
|
30
30
|
secrets: getVaultSecretsMap(),
|
|
31
|
+
cspNonce,
|
|
31
32
|
setHeader(key, value) {
|
|
32
33
|
responseHeaders.set(key, value);
|
|
33
34
|
},
|
|
@@ -64,8 +65,16 @@ function parseCookies(header) {
|
|
|
64
65
|
const result = {};
|
|
65
66
|
for (const part of header.split(';')) {
|
|
66
67
|
const [key, ...vals] = part.trim().split('=');
|
|
67
|
-
if (key)
|
|
68
|
-
|
|
68
|
+
if (!key)
|
|
69
|
+
continue;
|
|
70
|
+
const raw = vals.join('=').trim();
|
|
71
|
+
try {
|
|
72
|
+
result[key.trim()] = decodeURIComponent(raw);
|
|
73
|
+
}
|
|
74
|
+
catch {
|
|
75
|
+
// Malformed cookie value: keep raw to avoid dropping the cookie entirely
|
|
76
|
+
result[key.trim()] = raw;
|
|
77
|
+
}
|
|
69
78
|
}
|
|
70
79
|
return result;
|
|
71
80
|
}
|
package/dist/context.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"context.js","sourceRoot":"","sources":["../src/context.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AA4DxD,uFAAuF;AACvF,MAAM,OAAO,cAAc;IAEP;IACA;IACA;IAHlB,YACkB,QAAgB,EAChB,MAAc,EACd,eAAwB;QAFxB,aAAQ,GAAR,QAAQ,CAAQ;QAChB,WAAM,GAAN,MAAM,CAAQ;QACd,oBAAe,GAAf,eAAe,CAAS;IACvC,CAAC;CACL;AAED,gCAAgC;AAChC,MAAM,OAAO,cAAc;CAAG;AAE9B,MAAM,UAAU,aAAa,CAC3B,OAAgB,EAChB,SAAiC,EAAE,EACnC,QAAQ,GAAG,EAAE;IAEb,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACjC,MAAM,eAAe,GAAG,IAAI,OAAO,EAAE,CAAC;IACtC,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;IAElE,OAAO;QACL,OAAO;QACP,MAAM;QACN,GAAG;QACH,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,MAAM,EAAE,EAAE;QACV,OAAO,EAAE,kBAAkB,EAAE;QAC7B,QAAQ;QAER,SAAS,CAAC,GAAG,EAAE,KAAK;YAClB,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAClC,CAAC;QAED,SAAS,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,GAAG,EAAE;YAC9B,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,IAAI,kBAAkB,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACvD,IAAI,IAAI,CAAC,IAAI;gBAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;YAC/C,IAAI,IAAI,CAAC,MAAM;gBAAE,KAAK,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACrD,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;gBAAE,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YACpE,IAAI,IAAI,CAAC,OAAO;gBAAE,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YACtE,IAAI,IAAI,CAAC,QAAQ;gBAAE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC1C,IAAI,IAAI,CAAC,MAAM;gBAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACtC,IAAI,IAAI,CAAC,QAAQ;gBAAE,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC3D,eAAe,CAAC,MAAM,CAAC,YAAY,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACzD,CAAC;QAED,SAAS,CAAC,IAAI;YACZ,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC;QAED,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,GAAG;YAC7B,MAAM,IAAI,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,CAAC,CAAC;QAC9D,CAAC;QAED,QAAQ;YACN,MAAM,IAAI,cAAc,EAAE,CAAC;QAC7B,CAAC;KACF,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,MAAc;IAClC,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;QACrC,MAAM,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC9C,IAAI,CAAC,GAAG;YAAE,SAAS;QACnB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;QAClC,IAAI,CAAC;YACH,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,yEAAyE;YACzE,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,GAAG,CAAC;QAC3B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
package/dist/csrf.d.ts
CHANGED
|
@@ -19,6 +19,13 @@
|
|
|
19
19
|
*/
|
|
20
20
|
/** Request header name for the action token. */
|
|
21
21
|
export declare const ACTION_TOKEN_HEADER = "x-nexus-action-token";
|
|
22
|
+
/**
|
|
23
|
+
* Canonical session cookie name used across Nexus (CSRF binding, cache-control).
|
|
24
|
+
* Override with NEXUS_SESSION_COOKIE env var to match your auth layer's cookie name.
|
|
25
|
+
*
|
|
26
|
+
* Examples: 'next-auth.session-token', '__Secure-next-auth.session-token', 'sb-access-token'
|
|
27
|
+
*/
|
|
28
|
+
export declare const SESSION_COOKIE_NAME: string;
|
|
22
29
|
export interface TokenValidationResult {
|
|
23
30
|
valid: boolean;
|
|
24
31
|
reason?: string;
|
|
@@ -45,8 +52,15 @@ export declare function generateActionToken(sessionId: string, actionName: strin
|
|
|
45
52
|
*/
|
|
46
53
|
export declare function validateActionToken(token: string, sessionId: string, actionName: string, secret: string): TokenValidationResult;
|
|
47
54
|
/**
|
|
48
|
-
* Extracts session ID from a request using
|
|
49
|
-
*
|
|
55
|
+
* Extracts session ID from a request using the canonical session cookie
|
|
56
|
+
* (SESSION_COOKIE_NAME / NEXUS_SESSION_COOKIE env var).
|
|
57
|
+
*
|
|
58
|
+
* Falls back to an HMAC fingerprint of IP + User-Agent when no session cookie
|
|
59
|
+
* is present (anonymous users). The fingerprint is keyed with the app secret
|
|
60
|
+
* so it cannot be reproduced without knowing NEXUS_SECRET.
|
|
61
|
+
*
|
|
62
|
+
* In production, override this by passing a custom `sessionId` to
|
|
63
|
+
* `generateActionToken` / `validateActionToken` from your auth middleware.
|
|
50
64
|
*/
|
|
51
65
|
export declare function extractSessionId(request: Request): string;
|
|
52
66
|
/**
|
package/dist/csrf.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"csrf.d.ts","sourceRoot":"","sources":["../src/csrf.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AA0BH,gDAAgD;AAChD,eAAO,MAAM,mBAAmB,yBAAyB,CAAC;AAE1D,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAK,OAAO,CAAC;IAClB,MAAM,CAAC,EAAG,MAAM,CAAC;IACjB,0EAA0E;IAC1E,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAID;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CACjC,SAAS,EAAG,MAAM,EAClB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAM,MAAM,GACjB,MAAM,CAMR;AAID;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CACjC,KAAK,EAAO,MAAM,EAClB,SAAS,EAAG,MAAM,EAClB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAM,MAAM,GACjB,qBAAqB,CA6DvB;AAkCD
|
|
1
|
+
{"version":3,"file":"csrf.d.ts","sourceRoot":"","sources":["../src/csrf.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AA0BH,gDAAgD;AAChD,eAAO,MAAM,mBAAmB,yBAAyB,CAAC;AAE1D;;;;;GAKG;AACH,eAAO,MAAM,mBAAmB,EAAE,MACsB,CAAC;AAEzD,MAAM,WAAW,qBAAqB;IACpC,KAAK,EAAK,OAAO,CAAC;IAClB,MAAM,CAAC,EAAG,MAAM,CAAC;IACjB,0EAA0E;IAC1E,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAID;;;;;;;GAOG;AACH,wBAAgB,mBAAmB,CACjC,SAAS,EAAG,MAAM,EAClB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAM,MAAM,GACjB,MAAM,CAMR;AAID;;;;;;;;GAQG;AACH,wBAAgB,mBAAmB,CACjC,KAAK,EAAO,MAAM,EAClB,SAAS,EAAG,MAAM,EAClB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAM,MAAM,GACjB,qBAAqB,CA6DvB;AAkCD;;;;;;;;;;GAUG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,OAAO,GAAG,MAAM,CAiBzD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,MAAM,CAE1C"}
|