@nuxt/scripts 1.0.0-beta.1 → 1.0.0-beta.13

package/dist/runtime/registry/plausible-analytics.js

@@ -1,6 +1,6 @@
-import { useRegistryScript } from "../utils.js";
 import { any, array, boolean, literal, object, optional, record, string, union } from "#nuxt-scripts-validator";
 import { logger } from "../logger.js";
+import { useRegistryScript } from "../utils.js";
 const extensions = [
   literal("hash"),
   literal("outbound-links"),
@@ -55,12 +55,18 @@ export function useScriptPlausibleAnalytics(_options) {
       scriptSrc = "https://plausible.io/js/script.js";
     }
     const initOptions = {};
-    if (options?.customProperties) initOptions.customProperties = options.customProperties;
-    if (options?.endpoint) initOptions.endpoint = options.endpoint;
-    if (options?.fileDownloads) initOptions.fileDownloads = options.fileDownloads;
-    if (options?.hashBasedRouting !== void 0) initOptions.hashBasedRouting = options.hashBasedRouting;
-    if (options?.autoCapturePageviews !== void 0) initOptions.autoCapturePageviews = options.autoCapturePageviews;
-    if (options?.captureOnLocalhost !== void 0) initOptions.captureOnLocalhost = options.captureOnLocalhost;
+    if (options?.customProperties)
+      initOptions.customProperties = options.customProperties;
+    if (options?.endpoint)
+      initOptions.endpoint = options.endpoint;
+    if (options?.fileDownloads)
+      initOptions.fileDownloads = options.fileDownloads;
+    if (options?.hashBasedRouting !== void 0)
+      initOptions.hashBasedRouting = options.hashBasedRouting;
+    if (options?.autoCapturePageviews !== void 0)
+      initOptions.autoCapturePageviews = options.autoCapturePageviews;
+    if (options?.captureOnLocalhost !== void 0)
+      initOptions.captureOnLocalhost = options.captureOnLocalhost;
     const scriptInput = !useNewScript && options?.domain ? {
       "src": scriptSrc,
       "data-domain": options.domain
@@ -76,8 +82,8 @@ export function useScriptPlausibleAnalytics(_options) {
         },
         clientInit: import.meta.server ? void 0 : () => {
           const w = window;
-          w.plausible = w.plausible || function() {
-            (w.plausible.q = w.plausible.q || []).push(arguments);
+          w.plausible = w.plausible || function(...args) {
+            (w.plausible.q = w.plausible.q || []).push(args);
           };
           w.plausible.init = w.plausible.init || function(i) {
             w.plausible.o = i || {};

package/dist/runtime/registry/posthog.d.ts

@@ -1,10 +1,11 @@
-import type { PostHog } from 'posthog-js';
 import type { RegistryScriptInput } from '#nuxt-scripts/types';
+import type { PostHog } from 'posthog-js';
 export declare const PostHogOptions: import("valibot").ObjectSchema<{
     readonly apiKey: import("valibot").StringSchema<undefined>;
     readonly region: import("valibot").OptionalSchema<import("valibot").UnionSchema<[import("valibot").LiteralSchema<"us", undefined>, import("valibot").LiteralSchema<"eu", undefined>], undefined>, undefined>;
+    readonly apiHost: import("valibot").OptionalSchema<import("valibot").StringSchema<undefined>, undefined>;
     readonly autocapture: import("valibot").OptionalSchema<import("valibot").BooleanSchema<undefined>, undefined>;
-    readonly capturePageview: import("valibot").OptionalSchema<import("valibot").BooleanSchema<undefined>, undefined>;
+    readonly capturePageview: import("valibot").OptionalSchema<import("valibot").UnionSchema<[import("valibot").BooleanSchema<undefined>, import("valibot").LiteralSchema<"history_change", undefined>], undefined>, undefined>;
     readonly capturePageleave: import("valibot").OptionalSchema<import("valibot").BooleanSchema<undefined>, undefined>;
     readonly disableSessionRecording: import("valibot").OptionalSchema<import("valibot").BooleanSchema<undefined>, undefined>;
     readonly config: import("valibot").OptionalSchema<import("valibot").RecordSchema<import("valibot").StringSchema<undefined>, import("valibot").AnySchema, undefined>, undefined>;

package/dist/runtime/registry/posthog.js

@@ -1,11 +1,12 @@
-import { any, record, string, object, optional, boolean, union, literal } from "#nuxt-scripts-validator";
-import { useRegistryScript } from "../utils.js";
+import { any, boolean, literal, object, optional, record, string, union } from "#nuxt-scripts-validator";
 import { logger } from "../logger.js";
+import { useRegistryScript } from "../utils.js";
 export const PostHogOptions = object({
   apiKey: string(),
   region: optional(union([literal("us"), literal("eu")])),
+  apiHost: optional(string()),
   autocapture: optional(boolean()),
-  capturePageview: optional(boolean()),
+  capturePageview: optional(union([boolean(), literal("history_change")])),
   capturePageleave: optional(boolean()),
   disableSessionRecording: optional(boolean()),
   config: optional(record(string(), any()))
@@ -47,41 +48,36 @@ export function useScriptPostHog(_options) {
           return;
         }
         const region = options?.region || "us";
-        const apiHost = region === "eu" ? "https://eu.i.posthog.com" : "https://us.i.posthog.com";
-        console.log("[PostHog] Starting dynamic import of posthog-js...");
+        let apiHost = options?.apiHost || (region === "eu" ? "https://eu.i.posthog.com" : "https://us.i.posthog.com");
+        if (apiHost.startsWith("/"))
+          apiHost = window.location.origin + apiHost;
         window.__posthogInitPromise = import("posthog-js").then(({ default: posthog }) => {
-          console.log("[PostHog] posthog-js imported successfully");
           const config = {
             api_host: apiHost,
             ...options?.config
           };
           if (typeof options?.autocapture === "boolean")
             config.autocapture = options.autocapture;
-          if (typeof options?.capturePageview === "boolean")
+          if (typeof options?.capturePageview === "boolean" || options?.capturePageview === "history_change")
             config.capture_pageview = options.capturePageview;
           if (typeof options?.capturePageleave === "boolean")
             config.capture_pageleave = options.capturePageleave;
           if (typeof options?.disableSessionRecording === "boolean")
             config.disable_session_recording = options.disableSessionRecording;
-          console.log("[PostHog] Calling posthog.init with apiKey:", options.apiKey, "config:", config);
           const instance = posthog.init(options.apiKey, config);
           if (!instance) {
             logger.error("PostHog init returned undefined - initialization failed");
             delete window._posthogQueue;
             return void 0;
           }
-          console.log("[PostHog] posthog.init succeeded, instance:", instance);
           window.posthog = instance;
           if (window._posthogQueue && window._posthogQueue.length > 0) {
-            console.log("[PostHog] Flushing", window._posthogQueue.length, "queued calls");
             window._posthogQueue.forEach((q) => window.posthog[q.prop]?.(...q.args));
             delete window._posthogQueue;
           }
-          console.log("[PostHog] Initialization complete!");
           return window.posthog;
         }).catch((e) => {
           logger.error("Failed to load posthog-js:", e);
-          console.error("[PostHog] Import/init error:", e);
           delete window._posthogQueue;
           return void 0;
         });

package/dist/runtime/registry/reddit-pixel.js

@@ -1,5 +1,5 @@
-import { useRegistryScript } from "../utils.js";
 import { object, string } from "#nuxt-scripts-validator";
+import { useRegistryScript } from "../utils.js";
 export const RedditPixelOptions = object({
   id: string()
 });

package/dist/runtime/registry/rybbit-analytics.js

@@ -1,5 +1,5 @@
-import { useRegistryScript } from "../utils.js";
 import { array, boolean, number, object, optional, string, union } from "#nuxt-scripts-validator";
+import { useRegistryScript } from "../utils.js";
 export const RybbitAnalyticsOptions = object({
   siteId: union([string(), number()]),
   // required
@@ -17,7 +17,8 @@ export const RybbitAnalyticsOptions = object({
 });
 const RYBBIT_QUEUE_KEY = Symbol.for("nuxt-scripts.rybbit-queue");
 function getRybbitState() {
-  if (!import.meta.client) return;
+  if (!import.meta.client)
+    return;
   const g = globalThis;
   if (!g[RYBBIT_QUEUE_KEY]) {
     g[RYBBIT_QUEUE_KEY] = { queue: [], flushed: false };
@@ -28,7 +29,8 @@ export function useScriptRybbitAnalytics(_options) {
   const isRybbitReady = () => import.meta.client && typeof window !== "undefined" && window.rybbit && typeof window.rybbit.event === "function";
   const flushQueue = () => {
     const state = getRybbitState();
-    if (!state || state.flushed || !isRybbitReady()) return;
+    if (!state || state.flushed || !isRybbitReady())
+      return;
     state.flushed = true;
     while (state.queue.length > 0) {
       const [method, ...args] = state.queue.shift();

package/dist/runtime/registry/segment.js

@@ -1,6 +1,6 @@
+import { object, optional, string } from "#nuxt-scripts-validator";
 import { joinURL } from "ufo";
 import { useRegistryScript } from "../utils.js";
-import { object, optional, string } from "#nuxt-scripts-validator";
 export const SegmentOptions = object({
   writeKey: string(),
   analyticsKey: optional(string())

package/dist/runtime/registry/snapchat-pixel.js

@@ -1,5 +1,5 @@
-import { useRegistryScript } from "../utils.js";
 import { boolean, object, optional, string } from "#nuxt-scripts-validator";
+import { useRegistryScript } from "../utils.js";
 export const InitObjectPropertiesSchema = object({
   user_email: optional(string()),
   ip_address: optional(string()),

package/dist/runtime/registry/stripe.d.ts

@@ -1,5 +1,5 @@
-import type { StripeConstructor } from '@stripe/stripe-js';
 import type { RegistryScriptInput } from '#nuxt-scripts/types';
+import type { StripeConstructor } from '@stripe/stripe-js';
 export declare const StripeOptions: import("valibot").ObjectSchema<{
     readonly advancedFraudSignals: import("valibot").OptionalSchema<import("valibot").BooleanSchema<undefined>, undefined>;
 }, undefined>;

package/dist/runtime/registry/stripe.js

@@ -1,6 +1,6 @@
+import { boolean, object, optional } from "#nuxt-scripts-validator";
 import { withQuery } from "ufo";
 import { useRegistryScript } from "../utils.js";
-import { boolean, object, optional } from "#nuxt-scripts-validator";
 export const StripeOptions = object({
   advancedFraudSignals: optional(boolean())
 });

package/dist/runtime/registry/tiktok-pixel.d.ts

@@ -32,6 +32,7 @@ export interface TikTokPixelApi {
 }
 declare global {
     interface Window extends TikTokPixelApi {
+        TiktokAnalyticsObject: string;
     }
 }
 export declare const TikTokPixelOptions: import("valibot").ObjectSchema<{

package/dist/runtime/registry/tiktok-pixel.js

@@ -1,6 +1,6 @@
+import { boolean, object, optional, string } from "#nuxt-scripts-validator";
 import { withQuery } from "ufo";
 import { useRegistryScript } from "../utils.js";
-import { object, string, optional, boolean } from "#nuxt-scripts-validator";
 export const TikTokPixelOptions = object({
   id: string(),
   trackPageView: optional(boolean())
@@ -22,6 +22,7 @@ export function useScriptTikTokPixel(_options) {
       }
     },
     clientInit: import.meta.server ? void 0 : () => {
+      window.TiktokAnalyticsObject = "ttq";
       const ttq = window.ttq = function(...params) {
         if (ttq.callMethod) {
           ttq.callMethod(...params);

package/dist/runtime/registry/umami-analytics.js

@@ -1,5 +1,5 @@
+import { array, boolean, custom, object, optional, string, union } from "#nuxt-scripts-validator";
 import { useRegistryScript } from "../utils.js";
-import { object, optional, string, boolean, array, union, custom } from "#nuxt-scripts-validator";
 export const UmamiAnalyticsOptions = object({
   websiteId: string(),
   // required

package/dist/runtime/registry/vimeo-player.d.ts

@@ -1,6 +1,6 @@
-import type Vimeo from '@vimeo/player';
-import type { UseScriptContext } from '@unhead/vue';
 import type { RegistryScriptInput } from '#nuxt-scripts/types';
+import type { UseScriptContext } from '@unhead/vue';
+import type Vimeo from '@vimeo/player';
 type Constructor<T extends new (...args: any) => any> = T extends new (...args: infer A) => infer R ? new (...args: A) => R : never;
 export interface VimeoPlayerApi {
     Vimeo: {

package/dist/runtime/registry/vimeo-player.js

@@ -1,5 +1,5 @@
-import { watch } from "vue";
 import { useHead } from "@unhead/vue";
+import { watch } from "vue";
 import { useRegistryScript } from "../utils.js";
 export function useScriptVimeoPlayer(_options) {
   const instance = useRegistryScript("vimeoPlayer", () => ({

package/dist/runtime/registry/x-embed.d.ts

@@ -0,0 +1,77 @@
+import type { RegistryScriptInput } from '#nuxt-scripts/types';
+export interface XEmbedTweetData {
+    id_str: string;
+    text: string;
+    created_at: string;
+    favorite_count: number;
+    conversation_count: number;
+    user: {
+        name: string;
+        screen_name: string;
+        profile_image_url_https: string;
+        verified?: boolean;
+        is_blue_verified?: boolean;
+    };
+    entities?: {
+        media?: Array<{
+            media_url_https: string;
+            type: string;
+            sizes: Record<string, {
+                w: number;
+                h: number;
+            }>;
+        }>;
+        urls?: Array<{
+            url: string;
+            expanded_url: string;
+            display_url: string;
+        }>;
+    };
+    photos?: Array<{
+        url: string;
+        width: number;
+        height: number;
+    }>;
+    video?: {
+        poster: string;
+        variants: Array<{
+            type: string;
+            src: string;
+        }>;
+    };
+    quoted_tweet?: XEmbedTweetData;
+    parent?: {
+        user: {
+            screen_name: string;
+        };
+    };
+}
+export declare const XEmbedOptions: import("valibot").ObjectSchema<{
+    /**
+     * The tweet ID to embed
+     */
+    readonly tweetId: import("valibot").StringSchema<undefined>;
+    /**
+     * Optional: Custom API endpoint for fetching tweet data
+     * @default '/api/_scripts/x-embed'
+     */
+    readonly apiEndpoint: import("valibot").OptionalSchema<import("valibot").StringSchema<undefined>, undefined>;
+    /**
+     * Optional: Custom image proxy endpoint
+     * @default '/api/_scripts/x-embed-image'
+     */
+    readonly imageProxyEndpoint: import("valibot").OptionalSchema<import("valibot").StringSchema<undefined>, undefined>;
+}, undefined>;
+export type XEmbedInput = RegistryScriptInput<typeof XEmbedOptions, false, false, false>;
+/**
+ * Proxy an X/Twitter image URL through the server
+ */
+export declare function proxyXImageUrl(url: string, proxyEndpoint?: string): string;
+/**
+ * Format a tweet date for display
+ */
+export declare function formatTweetDate(dateString: string): string;
+/**
+ * Format a number for display (e.g., 1234 -> 1.2K)
+ */
+export declare function formatCount(count: number): string;

package/dist/runtime/registry/x-embed.js

@@ -0,0 +1,41 @@
+import { object, optional, string } from "#nuxt-scripts-validator";
+export const XEmbedOptions = object({
+  /**
+   * The tweet ID to embed
+   */
+  tweetId: string(),
+  /**
+   * Optional: Custom API endpoint for fetching tweet data
+   * @default '/api/_scripts/x-embed'
+   */
+  apiEndpoint: optional(string()),
+  /**
+   * Optional: Custom image proxy endpoint
+   * @default '/api/_scripts/x-embed-image'
+   */
+  imageProxyEndpoint: optional(string())
+});
+export function proxyXImageUrl(url, proxyEndpoint = "/api/_scripts/x-embed-image") {
+  const separator = proxyEndpoint.includes("?") ? "&" : "?";
+  return `${proxyEndpoint}${separator}url=${encodeURIComponent(url)}`;
+}
+export function formatTweetDate(dateString) {
+  const date = new Date(dateString);
+  const time = date.toLocaleString("en-US", {
+    hour: "numeric",
+    minute: "numeric",
+    hour12: true,
+    timeZone: "UTC"
+  });
+  const day = date.toLocaleString("en-US", { month: "short", timeZone: "UTC" });
+  return `${time} \xB7 ${day} ${date.getUTCDate()}, ${date.getUTCFullYear()}`;
+}
+export function formatCount(count) {
+  if (count >= 1e6) {
+    return `${(count / 1e6).toFixed(1)}M`;
+  }
+  if (count >= 1e3) {
+    return `${(count / 1e3).toFixed(1)}K`;
+  }
+  return count.toString();
+}

package/dist/runtime/registry/x-pixel.js

@@ -1,5 +1,5 @@
-import { useRegistryScript } from "../utils.js";
 import { object, optional, string } from "#nuxt-scripts-validator";
+import { useRegistryScript } from "../utils.js";
 export const XPixelOptions = object({
   id: string(),
   version: optional(string())

package/dist/runtime/registry/youtube-player.d.ts

@@ -1,18 +1,18 @@
+import type { RegistryScriptInput } from '#nuxt-scripts/types';
 import type { UseScriptContext } from '@unhead/vue';
 import type { MaybePromise } from '../utils.js';
-import type { RegistryScriptInput } from '#nuxt-scripts/types';
 export interface YouTubePlayerApi {
     YT: MaybePromise<{
         Player: YT.Player;
         PlayerState: YT.PlayerState;
-        get(k: string): any;
+        get: (k: string) => any;
         loaded: 0 | 1;
         loading: 0 | 1;
-        ready(f: () => void): void;
-        scan(): void;
-        setConfig(config: YT.PlayerOptions): void;
-        subscribe<EventName extends keyof YT.Events>(event: EventName, listener: YT.Events[EventName], context?: any): void;
-        unsubscribe<EventName extends keyof YT.Events>(event: EventName, listener: YT.Events[EventName], context?: any): void;
+        ready: (f: () => void) => void;
+        scan: () => void;
+        setConfig: (config: YT.PlayerOptions) => void;
+        subscribe: <EventName extends keyof YT.Events>(event: EventName, listener: YT.Events[EventName], context?: any) => void;
+        unsubscribe: <EventName extends keyof YT.Events>(event: EventName, listener: YT.Events[EventName], context?: any) => void;
     }>;
 }
 declare global {

package/dist/runtime/registry/youtube-player.js

@@ -1,5 +1,5 @@
-import { watch } from "vue";
 import { useHead } from "@unhead/vue";
+import { watch } from "vue";
 import { useRegistryScript } from "../utils.js";
 export function useScriptYouTubePlayer(_options) {
   let readyPromise = Promise.resolve();

package/dist/runtime/server/google-static-maps-proxy.js

@@ -1,7 +1,7 @@
+import { useRuntimeConfig } from "#imports";
 import { createError, defineEventHandler, getHeader, getQuery, setHeader } from "h3";
 import { $fetch } from "ofetch";
 import { withQuery } from "ufo";
-import { useRuntimeConfig } from "#imports";
 export default defineEventHandler(async (event) => {
   const runtimeConfig = useRuntimeConfig();
   const publicConfig = runtimeConfig.public["nuxt-scripts"]?.googleStaticMapsProxy;

package/dist/runtime/server/instagram-embed-asset.d.ts

@@ -0,0 +1,2 @@
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<any>>;
+export default _default;

package/dist/runtime/server/instagram-embed-asset.js

@@ -0,0 +1,42 @@
+import { createError, defineEventHandler, getQuery, setHeader } from "h3";
+import { $fetch } from "ofetch";
+export default defineEventHandler(async (event) => {
+  const query = getQuery(event);
+  const url = query.url?.replace(/&/g, "&");
+  if (!url) {
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Asset URL is required"
+    });
+  }
+  let parsedUrl;
+  try {
+    parsedUrl = new URL(url);
+  } catch {
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Invalid asset URL"
+    });
+  }
+  if (parsedUrl.hostname !== "static.cdninstagram.com") {
+    throw createError({
+      statusCode: 403,
+      statusMessage: "Domain not allowed"
+    });
+  }
+  const response = await $fetch.raw(url, {
+    headers: {
+      "Accept": "*/*",
+      "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
+    }
+  }).catch((error) => {
+    throw createError({
+      statusCode: error.statusCode || 500,
+      statusMessage: error.statusMessage || "Failed to fetch asset"
+    });
+  });
+  const contentType = response.headers.get("content-type") || "application/octet-stream";
+  setHeader(event, "Content-Type", contentType);
+  setHeader(event, "Cache-Control", "public, max-age=86400, s-maxage=86400");
+  return response._data;
+});

package/dist/runtime/server/instagram-embed-image.d.ts

@@ -0,0 +1,2 @@
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<any>>;
+export default _default;

package/dist/runtime/server/instagram-embed-image.js

@@ -0,0 +1,54 @@
+import { createError, defineEventHandler, getQuery, setHeader } from "h3";
+import { $fetch } from "ofetch";
+export default defineEventHandler(async (event) => {
+  const query = getQuery(event);
+  const url = query.url?.replace(/&/g, "&");
+  if (!url) {
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Image URL is required"
+    });
+  }
+  let parsedUrl;
+  try {
+    parsedUrl = new URL(url);
+  } catch {
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Invalid image URL"
+    });
+  }
+  if (parsedUrl.protocol !== "http:" && parsedUrl.protocol !== "https:") {
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Invalid URL scheme"
+    });
+  }
+  if (!parsedUrl.hostname.endsWith(".cdninstagram.com") && parsedUrl.hostname !== "scontent.cdninstagram.com") {
+    throw createError({
+      statusCode: 403,
+      statusMessage: "Domain not allowed"
+    });
+  }
+  const response = await $fetch.raw(url, {
+    redirect: "manual",
+    headers: {
+      "Accept": "image/webp,image/jpeg,image/png,image/*,*/*;q=0.8",
+      "User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
+    }
+  }).catch((error) => {
+    throw createError({
+      statusCode: error.statusCode || 500,
+      statusMessage: error.statusMessage || "Failed to fetch image"
+    });
+  });
+  if (response.status >= 300 && response.status < 400) {
+    throw createError({
+      statusCode: 403,
+      statusMessage: "Redirects not allowed"
+    });
+  }
+  setHeader(event, "Content-Type", response.headers.get("content-type") || "image/jpeg");
+  setHeader(event, "Cache-Control", "public, max-age=3600, s-maxage=3600");
+  return response._data;
+});

package/dist/runtime/server/instagram-embed.d.ts

@@ -0,0 +1,2 @@
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<string>>;
+export default _default;

package/dist/runtime/server/instagram-embed.js

@@ -0,0 +1,91 @@
+import { createError, defineEventHandler, getQuery, setHeader } from "h3";
+import { $fetch } from "ofetch";
+export default defineEventHandler(async (event) => {
+  const query = getQuery(event);
+  const postUrl = query.url;
+  const captions = query.captions === "true";
+  if (!postUrl) {
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Post URL is required"
+    });
+  }
+  let parsedUrl;
+  try {
+    parsedUrl = new URL(postUrl);
+  } catch {
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Invalid postUrl"
+    });
+  }
+  if (!["instagram.com", "www.instagram.com"].includes(parsedUrl.hostname)) {
+    throw createError({
+      statusCode: 400,
+      statusMessage: "Invalid Instagram URL"
+    });
+  }
+  const pathname = parsedUrl.pathname.endsWith("/") ? parsedUrl.pathname : `${parsedUrl.pathname}/`;
+  const cleanUrl = parsedUrl.origin + pathname;
+  const embedUrl = `${cleanUrl}embed/${captions ? "captioned/" : ""}`;
+  const html = await $fetch(embedUrl, {
+    headers: {
+      "Accept": "text/html",
+      // Use simple UA - full Chrome UA triggers JS-heavy version without static content
+      "User-Agent": "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
+    }
+  }).catch((error) => {
+    throw createError({
+      statusCode: error.statusCode || 500,
+      statusMessage: error.statusMessage || "Failed to fetch Instagram embed"
+    });
+  });
+  const cssUrls = [];
+  const linkRegex = /<link[^>]+rel=["']stylesheet["'][^>]+href=["']([^"']+)["'][^>]*>/gi;
+  let match;
+  while ((match = linkRegex.exec(html)) !== null) {
+    if (match[1])
+      cssUrls.push(match[1]);
+  }
+  const linkRegex2 = /<link[^>]+href=["']([^"']+)["'][^>]+rel=["']stylesheet["'][^>]*>/gi;
+  while ((match = linkRegex2.exec(html)) !== null) {
+    if (match[1])
+      cssUrls.push(match[1]);
+  }
+  const cssContents = await Promise.all(
+    cssUrls.map(
+      (url) => $fetch(url, {
+        headers: { Accept: "text/css" }
+      }).catch(() => "")
+    )
+  );
+  let combinedCss = cssContents.join("\n");
+  combinedCss = combinedCss.replace(
+    /url\(\/rsrc\.php([^)]+)\)/g,
+    (_m, path) => `url(/api/_scripts/instagram-embed-asset?url=${encodeURIComponent(`https://static.cdninstagram.com/rsrc.php${path}`)})`
+  );
+  const baseStyles = `
+    html { background: white; max-width: 540px; width: calc(100% - 2px); border-radius: 3px; border: 1px solid rgb(219, 219, 219); display: block; margin: 0px 0px 12px; min-width: 326px; padding: 0px; }
+    #splash-screen { display: none !important; }
+    .Embed { opacity: 1 !important; visibility: visible !important; }
+    .EmbeddedMedia, .EmbeddedMediaImage { display: block !important; visibility: visible !important; }
+  `;
+  let rewrittenHtml = html.replace(/<script[\s\S]*?<\/script>/gi, "").replace(/<link[^>]+rel=["']stylesheet["'][^>]*>/gi, "").replace(/<link[^>]+href=["'][^"']+\.css[^"']*["'][^>]*>/gi, "").replace(/<noscript>[\s\S]*?<\/noscript>/gi, "").replace(
+    /https:\/\/scontent[^"'\s),]+\.cdninstagram\.com[^"'\s),]+/g,
+    (m) => `/api/_scripts/instagram-embed-image?url=${encodeURIComponent(m.replace(/&amp;/g, "&"))}`
+  ).replace(
+    /https:\/\/static\.cdninstagram\.com[^"'\s),]+/g,
+    (m) => `/api/_scripts/instagram-embed-asset?url=${encodeURIComponent(m.replace(/&amp;/g, "&"))}`
+  ).replace(
+    /https:\/\/lookaside\.instagram\.com[^"'\s),]+/g,
+    (m) => `/api/_scripts/instagram-embed-image?url=${encodeURIComponent(m.replace(/&amp;/g, "&"))}`
+  );
+  rewrittenHtml = rewrittenHtml.replace(
+    "</head>",
+    `<style>${baseStyles}
+${combinedCss}</style></head>`
+  );
+  setHeader(event, "Content-Type", "text/html");
+  setHeader(event, "Cache-Control", "public, max-age=600, s-maxage=600");
+  return rewrittenHtml;
+});

package/dist/runtime/server/proxy-handler.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Privacy-aware proxy handler for first-party script collection endpoints.
+ * Routes requests to third-party analytics while protecting user privacy.
+ */
+declare const _default: import("h3").EventHandler<import("h3").EventHandlerRequest, Promise<string | Buffer<ArrayBuffer>>>;
+export default _default;