@orpc/server 0.0.0-next.e0f01a5 → 0.0.0-next.e385fb7

package/dist/index.mjs

@@ -1,9 +1,10 @@
 import { mergeErrorMap, mergeMeta, mergeRoute, mergePrefix, mergeTags, isContractProcedure, getContractRouter } from '@orpc/contract';
 export { ValidationError, eventIterator, type } from '@orpc/contract';
-import { P as Procedure, b as addMiddleware, c as createProcedureClient, e as enhanceRouter, l as lazy, s as setHiddenRouterContract, i as isProcedure, d as isLazy, f as createAssertedLazyProcedure, g as getRouter } from './shared/server.C37gDhSZ.mjs';
-export { L as LAZY_SYMBOL, p as call, r as createAccessibleLazyRouter, a as createContractedProcedure, h as createORPCErrorConstructorMap, q as getHiddenRouterContract, j as getLazyMeta, n as isStartWithMiddlewares, m as mergeCurrentContext, o as mergeMiddlewares, k as middlewareOutputFn, w as resolveContractProcedures, t as traverseContractProcedures, u as unlazy, x as unlazyRouter, v as validateORPCError } from './shared/server.C37gDhSZ.mjs';
+import { P as Procedure, b as addMiddleware, c as createProcedureClient, e as enhanceRouter, l as lazy, s as setHiddenRouterContract, i as isProcedure, d as isLazy, f as createAssertedLazyProcedure, g as getRouter } from './shared/server.DG7Tamti.mjs';
+export { L as LAZY_SYMBOL, p as call, r as createAccessibleLazyRouter, a as createContractedProcedure, h as createORPCErrorConstructorMap, q as getHiddenRouterContract, j as getLazyMeta, n as isStartWithMiddlewares, m as mergeCurrentContext, o as mergeMiddlewares, k as middlewareOutputFn, w as resolveContractProcedures, t as traverseContractProcedures, u as unlazy, x as unlazyRouter, v as validateORPCError } from './shared/server.DG7Tamti.mjs';
 import { toORPCError } from '@orpc/client';
 export { ORPCError, isDefinedError, safe } from '@orpc/client';
+import { resolveMaybeOptionalOptions } from '@orpc/shared';
 export { onError, onFinish, onStart, onSuccess } from '@orpc/shared';
 export { getEventMeta, withEventMeta } from '@orpc/standard-server';
 
@@ -50,6 +51,9 @@ function createActionableClient(client) {
     try {
       return [null, await client(input)];
     } catch (error) {
+      if (error instanceof Error && "digest" in error && typeof error.digest === "string" && error.digest.startsWith("NEXT_")) {
+        throw error;
+      }
       return [toORPCError(error).toJSON(), void 0];
     }
   };
@@ -57,18 +61,38 @@ function createActionableClient(client) {
 }
 
 class DecoratedProcedure extends Procedure {
+  /**
+   * Adds type-safe custom errors.
+   * The provided errors are spared-merged with any existing errors.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/error-handling#type%E2%80%90safe-error-handling Type-Safe Error Handling Docs}
+   */
   errors(errors) {
     return new DecoratedProcedure({
       ...this["~orpc"],
       errorMap: mergeErrorMap(this["~orpc"].errorMap, errors)
     });
   }
+  /**
+   * Sets or updates the metadata.
+   * The provided metadata is spared-merged with any existing metadata.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/metadata Metadata Docs}
+   */
   meta(meta) {
     return new DecoratedProcedure({
       ...this["~orpc"],
       meta: mergeMeta(this["~orpc"].meta, meta)
     });
   }
+  /**
+   * Sets or updates the route definition.
+   * The provided route is spared-merged with any existing route.
+   * This option is typically relevant when integrating with OpenAPI.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/openapi/routing OpenAPI Routing Docs}
+   * @see {@link https://orpc.unnoq.com/docs/openapi/input-output-structure OpenAPI Input/Output Structure Docs}
+   */
   route(route) {
     return new DecoratedProcedure({
       ...this["~orpc"],
@@ -84,6 +108,8 @@ class DecoratedProcedure extends Procedure {
   }
   /**
    * Make this procedure callable (works like a function while still being a procedure).
+   *
+   * @see {@link https://orpc.unnoq.com/docs/client/server-side Server-side Client Docs}
    */
   callable(...rest) {
     const client = createProcedureClient(this, ...rest);
@@ -98,6 +124,8 @@ class DecoratedProcedure extends Procedure {
   }
   /**
    * Make this procedure compatible with server action.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/server-action Server Action Docs}
    */
   actionable(...rest) {
     const action = createActionableClient(createProcedureClient(this, ...rest));
@@ -113,12 +141,18 @@ class DecoratedProcedure extends Procedure {
 }
 
 class Builder {
+  /**
+   * This property holds the defined options.
+   */
   "~orpc";
   constructor(def) {
     this["~orpc"] = def;
   }
   /**
-   * Reset config
+   * Sets or overrides the config.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/lifecycle#middlewares-order Middlewares Order Docs}
+   * @see {@link https://orpc.unnoq.com/docs/best-practices/dedupe-middleware#configuration Dedupe Middleware Docs}
    */
   $config(config) {
     const inputValidationCount = this["~orpc"].inputValidationIndex - fallbackConfig("initialInputValidationIndex", this["~orpc"].config.initialInputValidationIndex);
@@ -132,7 +166,9 @@ class Builder {
     });
   }
   /**
-   * Reset initial context
+   * Set or override the initial context.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/context Context Docs}
    */
   $context() {
     return new Builder({
@@ -143,7 +179,9 @@ class Builder {
     });
   }
   /**
-   * Reset initial meta
+   * Sets or overrides the initial meta.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/metadata Metadata Docs}
    */
   $meta(initialMeta) {
     return new Builder({
@@ -152,7 +190,11 @@ class Builder {
     });
   }
   /**
-   * Reset initial route
+   * Sets or overrides the initial route.
+   * This option is typically relevant when integrating with OpenAPI.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/openapi/routing OpenAPI Routing Docs}
+   * @see {@link https://orpc.unnoq.com/docs/openapi/input-output-structure OpenAPI Input/Output Structure Docs}
    */
   $route(initialRoute) {
     return new Builder({
@@ -160,15 +202,31 @@ class Builder {
       route: initialRoute
     });
   }
+  /**
+   * Sets or overrides the initial input schema.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/procedure#initial-configuration Initial Procedure Configuration Docs}
+   */
   $input(initialInputSchema) {
     return new Builder({
       ...this["~orpc"],
       inputSchema: initialInputSchema
     });
   }
+  /**
+   * Creates a middleware.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/middleware Middleware Docs}
+   */
   middleware(middleware) {
     return decorateMiddleware(middleware);
   }
+  /**
+   * Adds type-safe custom errors.
+   * The provided errors are spared-merged with any existing errors.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/error-handling#type%E2%80%90safe-error-handling Type-Safe Error Handling Docs}
+   */
   errors(errors) {
     return new Builder({
       ...this["~orpc"],
@@ -182,18 +240,37 @@ class Builder {
       middlewares: addMiddleware(this["~orpc"].middlewares, mapped)
     });
   }
+  /**
+   * Sets or updates the metadata.
+   * The provided metadata is spared-merged with any existing metadata.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/metadata Metadata Docs}
+   */
   meta(meta) {
     return new Builder({
       ...this["~orpc"],
       meta: mergeMeta(this["~orpc"].meta, meta)
     });
   }
+  /**
+   * Sets or updates the route definition.
+   * The provided route is spared-merged with any existing route.
+   * This option is typically relevant when integrating with OpenAPI.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/openapi/routing OpenAPI Routing Docs}
+   * @see {@link https://orpc.unnoq.com/docs/openapi/input-output-structure OpenAPI Input/Output Structure Docs}
+   */
   route(route) {
     return new Builder({
       ...this["~orpc"],
       route: mergeRoute(this["~orpc"].route, route)
     });
   }
+  /**
+   * Defines the input validation schema.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/procedure#input-output-validation Input Validation Docs}
+   */
   input(schema) {
     return new Builder({
       ...this["~orpc"],
@@ -201,6 +278,11 @@ class Builder {
       inputValidationIndex: fallbackConfig("initialInputValidationIndex", this["~orpc"].config.initialInputValidationIndex) + this["~orpc"].middlewares.length
     });
   }
+  /**
+   * Defines the output validation schema.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/procedure#input-output-validation Output Validation Docs}
+   */
   output(schema) {
     return new Builder({
       ...this["~orpc"],
@@ -208,27 +290,57 @@ class Builder {
       outputValidationIndex: fallbackConfig("initialOutputValidationIndex", this["~orpc"].config.initialOutputValidationIndex) + this["~orpc"].middlewares.length
     });
   }
+  /**
+   * Defines the handler of the procedure.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/procedure Procedure Docs}
+   */
   handler(handler) {
     return new DecoratedProcedure({
       ...this["~orpc"],
       handler
     });
   }
+  /**
+   * Prefixes all procedures in the router.
+   * The provided prefix is post-appended to any existing router prefix.
+   *
+   * @note This option does not affect procedures that do not define a path in their route definition.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/openapi/routing#route-prefixes OpenAPI Route Prefixes Docs}
+   */
   prefix(prefix) {
     return new Builder({
       ...this["~orpc"],
       prefix: mergePrefix(this["~orpc"].prefix, prefix)
     });
   }
+  /**
+   * Adds tags to all procedures in the router.
+   * This helpful when you want to group procedures together in the OpenAPI specification.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/openapi/openapi-specification#operation-metadata OpenAPI Operation Metadata Docs}
+   */
   tag(...tags) {
     return new Builder({
       ...this["~orpc"],
       tags: mergeTags(this["~orpc"].tags, tags)
     });
   }
+  /**
+   * Applies all of the previously defined options to the specified router.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/router#extending-router Extending Router Docs}
+   */
   router(router) {
     return enhanceRouter(router, this["~orpc"]);
   }
+  /**
+   * Create a lazy router
+   * And applies all of the previously defined options to the specified router.
+   *
+   * @see {@link https://orpc.unnoq.com/docs/router#extending-router Extending Router Docs}
+   */
   lazy(loader) {
     return enhanceRouter(lazy(loader), this["~orpc"]);
   }
@@ -338,10 +450,10 @@ function implement(contract, config = {}) {
 
 function createRouterClient(router, ...rest) {
   if (isProcedure(router)) {
-    const caller = createProcedureClient(router, ...rest);
+    const caller = createProcedureClient(router, resolveMaybeOptionalOptions(rest));
     return caller;
   }
-  const procedureCaller = isLazy(router) ? createProcedureClient(createAssertedLazyProcedure(router), ...rest) : {};
+  const procedureCaller = isLazy(router) ? createProcedureClient(createAssertedLazyProcedure(router), resolveMaybeOptionalOptions(rest)) : {};
   const recursive = new Proxy(procedureCaller, {
     get(target, key) {
       if (typeof key !== "string") {

package/dist/plugins/index.d.mts

@@ -1,8 +1,8 @@
-import { Value } from '@orpc/shared';
+import { Value, Promisable } from '@orpc/shared';
 import { StandardRequest, StandardHeaders } from '@orpc/standard-server';
 import { BatchResponseBodyItem } from '@orpc/standard-server/batch';
-import { S as StandardHandlerInterceptorOptions, a as StandardHandlerPlugin, b as StandardHandlerOptions } from '../shared/server.B1oIHH_j.mjs';
-import { C as Context, F as ProcedureClientInterceptorOptions } from '../shared/server.BVHsfJ99.mjs';
+import { S as StandardHandlerInterceptorOptions, a as StandardHandlerPlugin, b as StandardHandlerOptions } from '../shared/server.Dq8xr7PQ.mjs';
+import { C as Context, F as ProcedureClientInterceptorOptions } from '../shared/server.DD2C4ujN.mjs';
 import { Meta, ORPCError as ORPCError$1 } from '@orpc/contract';
 import { ORPCError } from '@orpc/client';
 
@@ -12,7 +12,7 @@ interface BatchHandlerOptions<T extends Context> {
      *
      * @default 10
      */
-    maxSize?: Value<number, [StandardHandlerInterceptorOptions<T>]>;
+    maxSize?: Value<Promisable<number>, [StandardHandlerInterceptorOptions<T>]>;
     /**
      * Map the request before processing it.
      *
@@ -24,14 +24,20 @@ interface BatchHandlerOptions<T extends Context> {
      *
      * @default 207
      */
-    successStatus?: Value<number, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+    successStatus?: Value<Promisable<number>, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
     /**
      * success batch response headers.
      *
      * @default {}
      */
-    headers?: Value<StandardHeaders, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+    headers?: Value<Promisable<StandardHeaders>, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
 }
+/**
+ * The Batch Request/Response Plugin allows you to combine multiple requests and responses into a single batch,
+ * reducing the overhead of sending each one separately.
+ *
+ * @see {@link https://orpc.unnoq.com/docs/plugins/batch-request-response Batch Request/Response Plugin Docs}
+ */
 declare class BatchHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly maxSize;
     private readonly mapRequestItem;
@@ -43,14 +49,19 @@ declare class BatchHandlerPlugin<T extends Context> implements StandardHandlerPl
 }
 
 interface CORSOptions<T extends Context> {
-    origin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
-    timingOrigin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
+    origin?: Value<Promisable<string | readonly string[] | null | undefined>, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
+    timingOrigin?: Value<Promisable<string | readonly string[] | null | undefined>, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
     allowMethods?: readonly string[];
     allowHeaders?: readonly string[];
     maxAge?: number;
     credentials?: boolean;
     exposeHeaders?: readonly string[];
 }
+/**
+ * CORSPlugin is a plugin for oRPC that allows you to configure CORS for your API.
+ *
+ * @see {@link https://orpc.unnoq.com/docs/plugins/cors CORS Plugin Docs}
+ */
 declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly options;
     order: number;
@@ -61,6 +72,12 @@ declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T>
 interface ResponseHeadersPluginContext {
     resHeaders?: Headers;
 }
+/**
+ * The Response Headers Plugin allows you to set response headers in oRPC.
+ * It injects a resHeaders instance into the context, enabling you to modify response headers easily.
+ *
+ * @see {@link https://orpc.unnoq.com/docs/plugins/response-headers Response Headers Plugin Docs}
+ */
 declare class ResponseHeadersPlugin<T extends ResponseHeadersPluginContext> implements StandardHandlerPlugin<T> {
     init(options: StandardHandlerOptions<T>): void;
 }
@@ -71,21 +88,21 @@ interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> {
      *
      * @default 'x-csrf-token'
      */
-    headerName?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    headerName?: Value<Promisable<string>, [options: StandardHandlerInterceptorOptions<T>]>;
     /**
      * The value of the header to check.
      *
      * @default 'orpc'
      *
      */
-    headerValue?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    headerValue?: Value<Promisable<string>, [options: StandardHandlerInterceptorOptions<T>]>;
     /**
      * Exclude a procedure from the plugin.
      *
      * @default false
      *
      */
-    exclude?: Value<boolean, [options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>]>;
+    exclude?: Value<Promisable<boolean>, [options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>]>;
     /**
      * The error thrown when the CSRF token is invalid.
      *
@@ -96,6 +113,13 @@ interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> {
      */
     error?: InstanceType<typeof ORPCError>;
 }
+/**
+ * This plugin adds basic Cross-Site Request Forgery (CSRF) protection to your oRPC application.
+ * It helps ensure that requests to your procedures originate from JavaScript code,
+ * not from other sources like standard HTML forms or direct browser navigation.
+ *
+ * @see {@link https://orpc.unnoq.com/docs/plugins/simple-csrf-protection Simple CSRF Protection Plugin Docs}
+ */
 declare class SimpleCsrfProtectionHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly headerName;
     private readonly headerValue;
@@ -114,6 +138,13 @@ interface StrictGetMethodPluginOptions {
      */
     error?: InstanceType<typeof ORPCError$1>;
 }
+/**
+ * This plugin enhances security by ensuring only procedures explicitly marked to accept GET requests
+ * can be called using the HTTP GET method for RPC Protocol. This helps prevent certain types of
+ * Cross-Site Request Forgery (CSRF) attacks.
+ *
+ * @see {@link https://orpc.unnoq.com/docs/plugins/strict-get-method Strict Get Method Plugin Docs}
+ */
 declare class StrictGetMethodPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly error;
     order: number;

package/dist/plugins/index.d.ts

@@ -1,8 +1,8 @@
-import { Value } from '@orpc/shared';
+import { Value, Promisable } from '@orpc/shared';
 import { StandardRequest, StandardHeaders } from '@orpc/standard-server';
 import { BatchResponseBodyItem } from '@orpc/standard-server/batch';
-import { S as StandardHandlerInterceptorOptions, a as StandardHandlerPlugin, b as StandardHandlerOptions } from '../shared/server.CaWivVk3.js';
-import { C as Context, F as ProcedureClientInterceptorOptions } from '../shared/server.BVHsfJ99.js';
+import { S as StandardHandlerInterceptorOptions, a as StandardHandlerPlugin, b as StandardHandlerOptions } from '../shared/server.-ACo36I0.js';
+import { C as Context, F as ProcedureClientInterceptorOptions } from '../shared/server.DD2C4ujN.js';
 import { Meta, ORPCError as ORPCError$1 } from '@orpc/contract';
 import { ORPCError } from '@orpc/client';
 
@@ -12,7 +12,7 @@ interface BatchHandlerOptions<T extends Context> {
      *
      * @default 10
      */
-    maxSize?: Value<number, [StandardHandlerInterceptorOptions<T>]>;
+    maxSize?: Value<Promisable<number>, [StandardHandlerInterceptorOptions<T>]>;
     /**
      * Map the request before processing it.
      *
@@ -24,14 +24,20 @@ interface BatchHandlerOptions<T extends Context> {
      *
      * @default 207
      */
-    successStatus?: Value<number, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+    successStatus?: Value<Promisable<number>, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
     /**
      * success batch response headers.
      *
      * @default {}
      */
-    headers?: Value<StandardHeaders, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
+    headers?: Value<Promisable<StandardHeaders>, [responses: Promise<BatchResponseBodyItem>[], batchOptions: StandardHandlerInterceptorOptions<T>]>;
 }
+/**
+ * The Batch Request/Response Plugin allows you to combine multiple requests and responses into a single batch,
+ * reducing the overhead of sending each one separately.
+ *
+ * @see {@link https://orpc.unnoq.com/docs/plugins/batch-request-response Batch Request/Response Plugin Docs}
+ */
 declare class BatchHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly maxSize;
     private readonly mapRequestItem;
@@ -43,14 +49,19 @@ declare class BatchHandlerPlugin<T extends Context> implements StandardHandlerPl
 }
 
 interface CORSOptions<T extends Context> {
-    origin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
-    timingOrigin?: Value<string | readonly string[] | null | undefined, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
+    origin?: Value<Promisable<string | readonly string[] | null | undefined>, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
+    timingOrigin?: Value<Promisable<string | readonly string[] | null | undefined>, [origin: string, options: StandardHandlerInterceptorOptions<T>]>;
     allowMethods?: readonly string[];
     allowHeaders?: readonly string[];
     maxAge?: number;
     credentials?: boolean;
     exposeHeaders?: readonly string[];
 }
+/**
+ * CORSPlugin is a plugin for oRPC that allows you to configure CORS for your API.
+ *
+ * @see {@link https://orpc.unnoq.com/docs/plugins/cors CORS Plugin Docs}
+ */
 declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly options;
     order: number;
@@ -61,6 +72,12 @@ declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T>
 interface ResponseHeadersPluginContext {
     resHeaders?: Headers;
 }
+/**
+ * The Response Headers Plugin allows you to set response headers in oRPC.
+ * It injects a resHeaders instance into the context, enabling you to modify response headers easily.
+ *
+ * @see {@link https://orpc.unnoq.com/docs/plugins/response-headers Response Headers Plugin Docs}
+ */
 declare class ResponseHeadersPlugin<T extends ResponseHeadersPluginContext> implements StandardHandlerPlugin<T> {
     init(options: StandardHandlerOptions<T>): void;
 }
@@ -71,21 +88,21 @@ interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> {
      *
      * @default 'x-csrf-token'
      */
-    headerName?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    headerName?: Value<Promisable<string>, [options: StandardHandlerInterceptorOptions<T>]>;
     /**
      * The value of the header to check.
      *
      * @default 'orpc'
      *
      */
-    headerValue?: Value<string, [options: StandardHandlerInterceptorOptions<T>]>;
+    headerValue?: Value<Promisable<string>, [options: StandardHandlerInterceptorOptions<T>]>;
     /**
      * Exclude a procedure from the plugin.
      *
      * @default false
      *
      */
-    exclude?: Value<boolean, [options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>]>;
+    exclude?: Value<Promisable<boolean>, [options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>]>;
     /**
      * The error thrown when the CSRF token is invalid.
      *
@@ -96,6 +113,13 @@ interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> {
      */
     error?: InstanceType<typeof ORPCError>;
 }
+/**
+ * This plugin adds basic Cross-Site Request Forgery (CSRF) protection to your oRPC application.
+ * It helps ensure that requests to your procedures originate from JavaScript code,
+ * not from other sources like standard HTML forms or direct browser navigation.
+ *
+ * @see {@link https://orpc.unnoq.com/docs/plugins/simple-csrf-protection Simple CSRF Protection Plugin Docs}
+ */
 declare class SimpleCsrfProtectionHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly headerName;
     private readonly headerValue;
@@ -114,6 +138,13 @@ interface StrictGetMethodPluginOptions {
      */
     error?: InstanceType<typeof ORPCError$1>;
 }
+/**
+ * This plugin enhances security by ensuring only procedures explicitly marked to accept GET requests
+ * can be called using the HTTP GET method for RPC Protocol. This helps prevent certain types of
+ * Cross-Site Request Forgery (CSRF) attacks.
+ *
+ * @see {@link https://orpc.unnoq.com/docs/plugins/strict-get-method Strict Get Method Plugin Docs}
+ */
 declare class StrictGetMethodPlugin<T extends Context> implements StandardHandlerPlugin<T> {
     private readonly error;
     order: number;

package/dist/plugins/index.mjs

@@ -1,5 +1,6 @@
 import { value, isAsyncIteratorObject } from '@orpc/shared';
 import { parseBatchRequest, toBatchResponse } from '@orpc/standard-server/batch';
+import { flattenHeader } from '@orpc/standard-server';
 import { ORPCError } from '@orpc/client';
 export { S as StrictGetMethodPlugin } from '../shared/server.BW-nUGgA.mjs';
 import '@orpc/contract';
@@ -123,13 +124,11 @@ class CORSPlugin {
           resHeaders["access-control-max-age"] = this.options.maxAge.toString();
         }
         if (this.options.allowMethods?.length) {
-          resHeaders["access-control-allow-methods"] = this.options.allowMethods.join(",");
+          resHeaders["access-control-allow-methods"] = flattenHeader(this.options.allowMethods);
         }
         const allowHeaders = this.options.allowHeaders ?? interceptorOptions.request.headers["access-control-request-headers"];
-        if (Array.isArray(allowHeaders) && allowHeaders.length) {
-          resHeaders["access-control-allow-headers"] = allowHeaders.join(",");
-        } else if (typeof allowHeaders === "string") {
-          resHeaders["access-control-allow-headers"] = allowHeaders;
+        if (typeof allowHeaders === "string" || allowHeaders?.length) {
+          resHeaders["access-control-allow-headers"] = flattenHeader(allowHeaders);
         }
         return {
           matched: true,
@@ -147,7 +146,7 @@ class CORSPlugin {
       if (!result.matched) {
         return result;
       }
-      const origin = Array.isArray(interceptorOptions.request.headers.origin) ? interceptorOptions.request.headers.origin.join(",") : interceptorOptions.request.headers.origin || "";
+      const origin = flattenHeader(interceptorOptions.request.headers.origin) ?? "";
       const allowedOrigin = await value(this.options.origin, origin, interceptorOptions);
       const allowedOriginArr = Array.isArray(allowedOrigin) ? allowedOrigin : [allowedOrigin];
       if (allowedOriginArr.includes("*")) {
@@ -169,7 +168,7 @@ class CORSPlugin {
         result.response.headers["access-control-allow-credentials"] = "true";
       }
       if (this.options.exposeHeaders?.length) {
-        result.response.headers["access-control-expose-headers"] = this.options.exposeHeaders.join(",");
+        result.response.headers["access-control-expose-headers"] = flattenHeader(this.options.exposeHeaders);
       }
       return result;
     });

package/dist/shared/{server.CaWivVk3.d.ts → server.-ACo36I0.d.ts}

@@ -1,17 +1,17 @@
 import { HTTPPath, ORPCError } from '@orpc/client';
-import { Meta, InferSchemaOutput, AnySchema, ErrorFromErrorMap } from '@orpc/contract';
-import { Interceptor, ThrowableError } from '@orpc/shared';
+import { Meta } from '@orpc/contract';
+import { Interceptor } from '@orpc/shared';
 import { StandardResponse, StandardLazyRequest } from '@orpc/standard-server';
-import { C as Context, f as AnyRouter, h as AnyProcedure, F as ProcedureClientInterceptorOptions, R as Router } from './server.BVHsfJ99.js';
+import { C as Context, R as Router, f as AnyRouter, h as AnyProcedure, F as ProcedureClientInterceptorOptions } from './server.DD2C4ujN.js';
 
-interface StandardHandlerPlugin<TContext extends Context> {
+interface StandardHandlerPlugin<T extends Context> {
     order?: number;
-    init?(options: StandardHandlerOptions<TContext>): void;
+    init?(options: StandardHandlerOptions<T>, router: Router<any, T>): void;
 }
 declare class CompositeStandardHandlerPlugin<T extends Context, TPlugin extends StandardHandlerPlugin<T>> implements StandardHandlerPlugin<T> {
     protected readonly plugins: TPlugin[];
     constructor(plugins?: readonly TPlugin[]);
-    init(options: StandardHandlerOptions<T>): void;
+    init(options: StandardHandlerOptions<T>, router: Router<any, T>): void;
 }
 
 type StandardParams = Record<string, string>;
@@ -49,16 +49,16 @@ interface StandardHandlerOptions<TContext extends Context> {
     /**
      * Interceptors at the request level, helpful when you want catch errors
      */
-    interceptors?: Interceptor<StandardHandlerInterceptorOptions<TContext>, StandardHandleResult, ThrowableError>[];
+    interceptors?: Interceptor<StandardHandlerInterceptorOptions<TContext>, Promise<StandardHandleResult>>[];
     /**
      * Interceptors at the root level, helpful when you want override the request/response
      */
-    rootInterceptors?: Interceptor<StandardHandlerInterceptorOptions<TContext>, StandardHandleResult, ThrowableError>[];
+    rootInterceptors?: Interceptor<StandardHandlerInterceptorOptions<TContext>, Promise<StandardHandleResult>>[];
     /**
      *
      * Interceptors for procedure client.
      */
-    clientInterceptors?: Interceptor<ProcedureClientInterceptorOptions<TContext, Record<never, never>, Meta>, InferSchemaOutput<AnySchema>, ErrorFromErrorMap<Record<never, never>>>[];
+    clientInterceptors?: Interceptor<ProcedureClientInterceptorOptions<TContext, Record<never, never>, Meta>, Promise<unknown>>[];
 }
 declare class StandardHandler<T extends Context> {
     private readonly matcher;

package/dist/shared/{server.D_vpYits.d.ts → server.BPAWobQg.d.ts}

@@ -1,17 +1,11 @@
 import { StandardRPCJsonSerializerOptions } from '@orpc/client/standard';
-import { C as Context, R as Router } from './server.BVHsfJ99.js';
-import { b as StandardHandlerOptions, i as StandardHandler } from './server.CaWivVk3.js';
+import { C as Context, R as Router } from './server.DD2C4ujN.js';
+import { b as StandardHandlerOptions, i as StandardHandler } from './server.-ACo36I0.js';
 
 interface StandardRPCHandlerOptions<T extends Context> extends StandardHandlerOptions<T>, StandardRPCJsonSerializerOptions {
-    /**
-     * Enables or disables the StrictGetMethodPlugin.
-     *
-     * @default true
-     */
-    strictGetMethodPluginEnabled?: boolean;
 }
 declare class StandardRPCHandler<T extends Context> extends StandardHandler<T> {
-    constructor(router: Router<any, T>, options: StandardRPCHandlerOptions<T>);
+    constructor(router: Router<any, T>, options?: StandardRPCHandlerOptions<T>);
 }
 
 export { StandardRPCHandler as a };