npm - @rangojs/router - Versions diffs - 0.0.0-experimental.b9cb8739 → 0.0.0-experimental.bd6e11bc - Mend

@rangojs/router 0.0.0-experimental.b9cb8739 → 0.0.0-experimental.bd6e11bc

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (285) hide show

package/README.md +196 -43
package/dist/bin/rango.js +277 -99
package/dist/testing/vitest.js +48 -0
package/dist/vite/index.js +2779 -1064
package/dist/vite/index.js.bak +5448 -0
package/dist/vite/plugins/cloudflare-protocol-loader-hook.mjs +76 -0
package/package.json +57 -11
package/skills/breadcrumbs/SKILL.md +3 -1
package/skills/bundle-analysis/SKILL.md +159 -0
package/skills/cache-guide/SKILL.md +243 -21
package/skills/caching/SKILL.md +155 -6
package/skills/composability/SKILL.md +27 -2
package/skills/document-cache/SKILL.md +78 -55
package/skills/handler-use/SKILL.md +364 -0
package/skills/hooks/SKILL.md +229 -20
package/skills/host-router/SKILL.md +45 -20
package/skills/i18n/SKILL.md +276 -0
package/skills/intercept/SKILL.md +46 -4
package/skills/layout/SKILL.md +28 -7
package/skills/links/SKILL.md +249 -17
package/skills/loader/SKILL.md +273 -53
package/skills/middleware/SKILL.md +49 -12
package/skills/migrate-nextjs/SKILL.md +562 -0
package/skills/migrate-react-router/SKILL.md +769 -0
package/skills/mime-routes/SKILL.md +27 -0
package/skills/observability/SKILL.md +137 -0
package/skills/parallel/SKILL.md +197 -6
package/skills/prerender/SKILL.md +123 -100
package/skills/rango/SKILL.md +242 -22
package/skills/react-compiler/SKILL.md +168 -0
package/skills/response-routes/SKILL.md +66 -9
package/skills/route/SKILL.md +88 -4
package/skills/router-setup/SKILL.md +90 -5
package/skills/server-actions/SKILL.md +751 -0
package/skills/streams-and-websockets/SKILL.md +283 -0
package/skills/testing/SKILL.md +716 -0
package/skills/typesafety/SKILL.md +329 -27
package/skills/use-cache/SKILL.md +34 -5
package/skills/view-transitions/SKILL.md +294 -0
package/src/__augment-tests__/augment.ts +81 -0
package/src/__augment-tests__/augmented.check.ts +117 -0
package/src/__internal.ts +1 -1
package/src/browser/action-coordinator.ts +53 -36
package/src/browser/app-shell.ts +52 -0
package/src/browser/app-version.ts +14 -0
package/src/browser/event-controller.ts +91 -70
package/src/browser/history-state.ts +21 -0
package/src/browser/index.ts +3 -3
package/src/browser/navigation-bridge.ts +102 -16
package/src/browser/navigation-client.ts +164 -59
package/src/browser/navigation-store.ts +75 -17
package/src/browser/navigation-transaction.ts +21 -37
package/src/browser/partial-update.ts +139 -38
package/src/browser/prefetch/cache.ts +175 -15
package/src/browser/prefetch/fetch.ts +180 -33
package/src/browser/prefetch/queue.ts +123 -20
package/src/browser/prefetch/resource-ready.ts +77 -0
package/src/browser/rango-state.ts +53 -13
package/src/browser/react/Link.tsx +81 -9
package/src/browser/react/NavigationProvider.tsx +110 -33
package/src/browser/react/context.ts +7 -2
package/src/browser/react/filter-segment-order.ts +51 -7
package/src/browser/react/index.ts +3 -0
package/src/browser/react/location-state-shared.ts +175 -4
package/src/browser/react/location-state.ts +39 -13
package/src/browser/react/use-handle.ts +23 -64
package/src/browser/react/use-navigation.ts +22 -2
package/src/browser/react/use-params.ts +20 -8
package/src/browser/react/use-reverse.ts +106 -0
package/src/browser/react/use-router.ts +43 -10
package/src/browser/react/use-segments.ts +11 -8
package/src/browser/response-adapter.ts +25 -0
package/src/browser/rsc-router.tsx +191 -74
package/src/browser/scroll-restoration.ts +41 -14
package/src/browser/segment-reconciler.ts +36 -9
package/src/browser/segment-structure-assert.ts +2 -2
package/src/browser/server-action-bridge.ts +31 -36
package/src/browser/types.ts +57 -5
package/src/build/collect-fallback-refs.ts +107 -0
package/src/build/generate-manifest.ts +65 -40
package/src/build/generate-route-types.ts +5 -0
package/src/build/index.ts +2 -0
package/src/build/route-trie.ts +52 -25
package/src/build/route-types/codegen.ts +4 -4
package/src/build/route-types/include-resolution.ts +9 -2
package/src/build/route-types/per-module-writer.ts +7 -4
package/src/build/route-types/router-processing.ts +278 -88
package/src/build/route-types/scan-filter.ts +9 -2
package/src/build/route-types/source-scan.ts +118 -0
package/src/build/runtime-discovery.ts +9 -20
package/src/cache/cache-runtime.ts +15 -11
package/src/cache/cache-scope.ts +76 -49
package/src/cache/cf/cf-cache-store.ts +501 -18
package/src/cache/cf/index.ts +5 -1
package/src/cache/document-cache.ts +17 -7
package/src/cache/index.ts +1 -0
package/src/cache/taint.ts +55 -0
package/src/client.rsc.tsx +3 -0
package/src/client.tsx +94 -238
package/src/context-var.ts +72 -2
package/src/debug.ts +2 -2
package/src/decode-loader-results.ts +36 -0
package/src/errors.ts +30 -1
package/src/handle.ts +65 -12
package/src/host/index.ts +2 -2
package/src/host/router.ts +129 -57
package/src/host/types.ts +31 -2
package/src/host/utils.ts +1 -1
package/src/href-client.ts +140 -20
package/src/index.rsc.ts +12 -5
package/src/index.ts +61 -11
package/src/loader-store.ts +500 -0
package/src/loader.rsc.ts +2 -5
package/src/loader.ts +3 -10
package/src/missing-id-error.ts +68 -0
package/src/outlet-context.ts +1 -1
package/src/prerender/store.ts +5 -4
package/src/prerender.ts +141 -80
package/src/response-utils.ts +37 -0
package/src/reverse.ts +65 -15
package/src/route-content-wrapper.tsx +6 -28
package/src/route-definition/dsl-helpers.ts +435 -260
package/src/route-definition/helper-factories.ts +29 -139
package/src/route-definition/helpers-types.ts +110 -34
package/src/route-definition/index.ts +3 -0
package/src/route-definition/redirect.ts +11 -3
package/src/route-definition/resolve-handler-use.ts +155 -0
package/src/route-definition/use-item-types.ts +32 -0
package/src/route-map-builder.ts +7 -1
package/src/route-types.ts +37 -41
package/src/router/basename.ts +14 -0
package/src/router/content-negotiation.ts +113 -1
package/src/router/error-handling.ts +1 -1
package/src/router/find-match.ts +4 -2
package/src/router/handler-context.ts +77 -38
package/src/router/intercept-resolution.ts +15 -22
package/src/router/lazy-includes.ts +12 -9
package/src/router/loader-resolution.ts +174 -22
package/src/router/logging.ts +5 -2
package/src/router/manifest.ts +31 -16
package/src/router/match-api.ts +128 -192
package/src/router/match-handlers.ts +63 -20
package/src/router/match-middleware/background-revalidation.ts +30 -2
package/src/router/match-middleware/cache-lookup.ts +136 -106
package/src/router/match-middleware/cache-store.ts +54 -10
package/src/router/match-middleware/intercept-resolution.ts +9 -7
package/src/router/match-middleware/segment-resolution.ts +61 -5
package/src/router/match-result.ts +125 -10
package/src/router/metrics.ts +7 -2
package/src/router/middleware-types.ts +21 -34
package/src/router/middleware.ts +103 -90
package/src/router/navigation-snapshot.ts +182 -0
package/src/router/pattern-matching.ts +101 -17
package/src/router/prerender-match.ts +110 -10
package/src/router/preview-match.ts +32 -102
package/src/router/request-classification.ts +286 -0
package/src/router/revalidation.ts +58 -2
package/src/router/route-snapshot.ts +245 -0
package/src/router/router-context.ts +6 -1
package/src/router/router-interfaces.ts +77 -28
package/src/router/router-options.ts +76 -11
package/src/router/router-registry.ts +2 -5
package/src/router/segment-resolution/fresh.ts +223 -24
package/src/router/segment-resolution/helpers.ts +29 -24
package/src/router/segment-resolution/loader-cache.ts +1 -0
package/src/router/segment-resolution/revalidation.ts +466 -285
package/src/router/segment-resolution/view-transition-default.ts +36 -0
package/src/router/segment-wrappers.ts +2 -0
package/src/router/substitute-pattern-params.ts +56 -0
package/src/router/telemetry.ts +99 -0
package/src/router/trie-matching.ts +18 -13
package/src/router/types.ts +9 -0
package/src/router/url-params.ts +49 -0
package/src/router.ts +91 -23
package/src/rsc/handler-context.ts +2 -2
package/src/rsc/handler.ts +440 -381
package/src/rsc/helpers.ts +91 -43
package/src/rsc/index.ts +1 -1
package/src/rsc/loader-fetch.ts +23 -3
package/src/rsc/manifest-init.ts +5 -1
package/src/rsc/origin-guard.ts +28 -10
package/src/rsc/progressive-enhancement.ts +18 -2
package/src/rsc/response-route-handler.ts +46 -53
package/src/rsc/rsc-rendering.ts +41 -48
package/src/rsc/runtime-warnings.ts +9 -10
package/src/rsc/server-action.ts +25 -37
package/src/rsc/ssr-setup.ts +18 -2
package/src/rsc/types.ts +17 -3
package/src/search-params.ts +4 -4
package/src/segment-content-promise.ts +67 -0
package/src/segment-loader-promise.ts +122 -0
package/src/segment-system.tsx +219 -67
package/src/serialize.ts +243 -0
package/src/server/context.ts +277 -61
package/src/server/cookie-store.ts +28 -4
package/src/server/handle-store.ts +19 -0
package/src/server/loader-registry.ts +9 -8
package/src/server/request-context.ts +204 -60
package/src/ssr/index.tsx +9 -1
package/src/static-handler.ts +19 -7
package/src/testing/cache-status.ts +166 -0
package/src/testing/collect-handle.ts +63 -0
package/src/testing/dispatch.ts +440 -0
package/src/testing/dom.entry.ts +22 -0
package/src/testing/e2e/fixture.ts +154 -0
package/src/testing/e2e/index.ts +149 -0
package/src/testing/e2e/matchers.ts +51 -0
package/src/testing/e2e/page-helpers.ts +272 -0
package/src/testing/e2e/parity.ts +306 -0
package/src/testing/e2e/server.ts +183 -0
package/src/testing/flight-matchers.ts +104 -0
package/src/testing/flight-runtime.d.ts +21 -0
package/src/testing/flight.entry.ts +22 -0
package/src/testing/flight.ts +182 -0
package/src/testing/generated-routes.ts +223 -0
package/src/testing/index.ts +106 -0
package/src/testing/internal/context.ts +255 -0
package/src/testing/render-route.tsx +565 -0
package/src/testing/run-loader.ts +296 -0
package/src/testing/run-middleware.ts +179 -0
package/src/testing/vitest-stubs/cloudflare-email.ts +9 -0
package/src/testing/vitest-stubs/cloudflare-workers.ts +21 -0
package/src/testing/vitest-stubs/plugin-rsc.ts +16 -0
package/src/testing/vitest-stubs/version.ts +5 -0
package/src/testing/vitest.ts +183 -0
package/src/types/cache-types.ts +4 -4
package/src/types/global-namespace.ts +39 -26
package/src/types/handler-context.ts +194 -72
package/src/types/index.ts +1 -0
package/src/types/loader-types.ts +41 -15
package/src/types/request-scope.ts +126 -0
package/src/types/route-entry.ts +19 -1
package/src/types/segments.ts +37 -1
package/src/urls/include-helper.ts +34 -67
package/src/urls/index.ts +0 -3
package/src/urls/path-helper-types.ts +50 -9
package/src/urls/path-helper.ts +63 -63
package/src/urls/pattern-types.ts +48 -19
package/src/urls/response-types.ts +25 -22
package/src/urls/type-extraction.ts +26 -116
package/src/urls/urls-function.ts +1 -5
package/src/use-loader.tsx +487 -44
package/src/vite/debug.ts +185 -0
package/src/vite/discovery/bundle-postprocess.ts +34 -37
package/src/vite/discovery/discover-routers.ts +105 -51
package/src/vite/discovery/discovery-errors.ts +194 -0
package/src/vite/discovery/gate-state.ts +171 -0
package/src/vite/discovery/prerender-collection.ts +188 -93
package/src/vite/discovery/route-types-writer.ts +40 -84
package/src/vite/discovery/self-gen-tracking.ts +27 -1
package/src/vite/discovery/state.ts +46 -6
package/src/vite/discovery/virtual-module-codegen.ts +13 -23
package/src/vite/index.ts +6 -0
package/src/vite/plugin-types.ts +111 -72
package/src/vite/plugins/cjs-to-esm.ts +8 -7
package/src/vite/plugins/client-ref-dedup.ts +16 -0
package/src/vite/plugins/client-ref-hashing.ts +28 -5
package/src/vite/plugins/cloudflare-protocol-loader-hook.d.mts +23 -0
package/src/vite/plugins/cloudflare-protocol-loader-hook.mjs +76 -0
package/src/vite/plugins/cloudflare-protocol-stub.ts +214 -0
package/src/vite/plugins/expose-action-id.ts +55 -33
package/src/vite/plugins/expose-id-utils.ts +24 -8
package/src/vite/plugins/expose-ids/export-analysis.ts +100 -20
package/src/vite/plugins/expose-ids/handler-transform.ts +12 -35
package/src/vite/plugins/expose-ids/loader-transform.ts +3 -5
package/src/vite/plugins/expose-ids/router-transform.ts +20 -3
package/src/vite/plugins/expose-internal-ids.ts +544 -317
package/src/vite/plugins/performance-tracks.ts +92 -0
package/src/vite/plugins/refresh-cmd.ts +88 -26
package/src/vite/plugins/use-cache-transform.ts +65 -50
package/src/vite/plugins/version-injector.ts +39 -23
package/src/vite/plugins/version-plugin.ts +72 -3
package/src/vite/plugins/virtual-entries.ts +2 -2
package/src/vite/rango.ts +265 -226
package/src/vite/router-discovery.ts +920 -137
package/src/vite/utils/ast-handler-extract.ts +15 -15
package/src/vite/utils/banner.ts +4 -4
package/src/vite/utils/bundle-analysis.ts +4 -2
package/src/vite/utils/client-chunks.ts +190 -0
package/src/vite/utils/forward-user-plugins.ts +193 -0
package/src/vite/utils/manifest-utils.ts +21 -5
package/src/vite/utils/package-resolution.ts +41 -1
package/src/vite/utils/prerender-utils.ts +38 -5
package/src/vite/utils/shared-utils.ts +109 -27
package/src/browser/action-response-classifier.ts +0 -99

package/src/router/middleware.ts CHANGED Viewed

@@ -10,6 +10,8 @@
  */
 import { contextGet, contextSet } from "../context-var.js";
+import { safeDecodeURIComponent } from "./url-params.js";
+import { fireAndForgetWaitUntil } from "../types/request-scope.js";
 import type {
   CollectedMiddleware,
   MiddlewareCollectableEntry,
@@ -21,6 +23,8 @@ import type {
 import { _getRequestContext } from "../server/request-context.js";
 import { isAutoGeneratedRouteName } from "../route-name.js";
 import { appendMetric, createMetricsStore } from "./metrics.js";
+import { stripInternalParams } from "./handler-context.js";
+import { isWebSocketUpgradeResponse } from "../response-utils.js";
 // Re-export types and cookie utilities for backward compatibility
 export type {
@@ -111,7 +115,12 @@ function escapeRegex(str: string): string {
 }
 /**
- * Extract params from a pathname using a pattern's regex and param names
+ * Extract params from a pathname using a pattern's regex and param names.
+ *
+ * Values are URL-decoded so apps see the raw string (e.g. "ivo@example.com")
+ * instead of the percent-encoded form ("ivo%40example.com"). This matches the
+ * contract assumed by ctx.reverse (which re-encodes) and aligns with
+ * Express/React Router/Fastify/Koa.
  */
 export function extractParams(
   pathname: string,
@@ -123,7 +132,7 @@ export function extractParams(
   const params: Record<string, string> = {};
   for (let i = 0; i < paramNames.length; i++) {
-    params[paramNames[i]] = match[i + 1] || "";
+    params[paramNames[i]] = safeDecodeURIComponent(match[i + 1] || "");
   }
   return params;
 }
@@ -147,7 +156,7 @@ export function createMiddlewareContext<TEnv>(
     search?: Record<string, unknown>,
   ) => string,
 ): MiddlewareContext<TEnv> {
-  const url = new URL(request.url);
+  const url = stripInternalParams(new URL(request.url));
   // Track the initial response to detect pre/post-next() phase.
   // Before next(): responseHolder.response === initialResponse (the stub).
@@ -178,14 +187,22 @@ export function createMiddlewareContext<TEnv>(
     return responseHolder.response;
   };
+  // Capture reqCtx once: the request-scoped platform fields
+  // (originalUrl, executionContext, waitUntil) are immutable per request,
+  // so snapshotting beats re-reading ALS on every access. The lazy getters
+  // below (routeName, theme, setTheme) stay lazy because those can change
+  // during `await next()`.
+  const reqCtx = _getRequestContext();
   return {
     request,
     url,
-    originalUrl: new URL(request.url),
+    originalUrl: reqCtx?.originalUrl ?? new URL(request.url),
     pathname: url.pathname,
     searchParams: url.searchParams,
     env: env as MiddlewareContext<TEnv>["env"],
     params,
+    executionContext: reqCtx?.executionContext,
+    waitUntil: reqCtx ? reqCtx.waitUntil.bind(reqCtx) : fireAndForgetWaitUntil,
     // Getter: re-derives from request context on each access so that global
     // middleware sees the matched route name after await next().
     get routeName(): MiddlewareContext<TEnv>["routeName"] {
@@ -203,12 +220,9 @@ export function createMiddlewareContext<TEnv>(
     get: ((keyOrVar: any) =>
       contextGet(variables, keyOrVar)) as MiddlewareContext<TEnv>["get"],
-    set: ((keyOrVar: any, value: unknown) => {
-      contextSet(variables, keyOrVar, value);
+    set: ((keyOrVar: any, value: unknown, options?: any) => {
+      contextSet(variables, keyOrVar, value, options);
     }) as MiddlewareContext<TEnv>["set"],
-    var: variables as MiddlewareContext<TEnv>["var"],
     header(name: string, value: string): void {
       // Before next(): delegate to shared RequestContext stub
       if (isPreNext()) {
@@ -293,6 +307,46 @@ export function matchMiddleware<TEnv>(
   return matches;
 }
+// Set-Cookie is appended; for other headers stubOverridesNonCookie=true
+// overwrites (chain ran to completion), false fills only missing slots (an
+// explicit short-circuit Response's own headers win).
+function mergeStubHeaders(
+  target: Headers,
+  stub: Headers,
+  stubOverridesNonCookie: boolean,
+): void {
+  stub.forEach((value, name) => {
+    if (name.toLowerCase() === "set-cookie") {
+      target.append(name, value);
+    } else if (stubOverridesNonCookie || !target.has(name)) {
+      target.set(name, value);
+    }
+  });
+}
+// Set-Cookie is deduped so a nested inner executeMiddleware that already merged
+// the same reqCtx cookies does not duplicate them; other headers fill if missing.
+function mergeReqCtxStub(
+  target: Headers,
+  reqCtx: ReturnType<typeof _getRequestContext>,
+): void {
+  if (!reqCtx) return;
+  const stubCookies = reqCtx.res.headers.getSetCookie();
+  if (stubCookies.length > 0) {
+    const existing = new Set(target.getSetCookie());
+    for (const cookie of stubCookies) {
+      if (!existing.has(cookie)) {
+        target.append("set-cookie", cookie);
+      }
+    }
+  }
+  reqCtx.res.headers.forEach((value, name) => {
+    if (name !== "set-cookie" && !target.has(name)) {
+      target.set(name, value);
+    }
+  });
+}
 /**
  * Execute middleware chain
  *
@@ -331,35 +385,13 @@ export async function executeMiddleware<TEnv>(
       // End of chain - call actual RSC handler
       const response = await finalHandler();
-      // Merge headers set on stub into the real response.
-      // Use append for Set-Cookie to preserve multiple cookies.
       const mergedHeaders = new Headers(response.headers);
-      stubResponse.headers.forEach((value, name) => {
-        if (name.toLowerCase() === "set-cookie") {
-          mergedHeaders.append(name, value);
-        } else {
-          mergedHeaders.set(name, value);
-        }
-      });
-      // Also merge shared RequestContext stub (cookies written via cookies().set()).
-      // Dedup Set-Cookie: an inner executeMiddleware (route-level middleware)
-      // may have already merged the same reqCtx cookies into the response.
-      const reqCtx = _getRequestContext();
-      if (reqCtx) {
-        const stubCookies = reqCtx.res.headers.getSetCookie();
-        if (stubCookies.length > 0) {
-          const existing = new Set(mergedHeaders.getSetCookie());
-          for (const cookie of stubCookies) {
-            if (!existing.has(cookie)) {
-              mergedHeaders.append("set-cookie", cookie);
-            }
-          }
-        }
-        reqCtx.res.headers.forEach((value, name) => {
-          if (name !== "set-cookie" && !mergedHeaders.has(name)) {
-            mergedHeaders.set(name, value);
-          }
-        });
+      mergeStubHeaders(mergedHeaders, stubResponse.headers, true);
+      mergeReqCtxStub(mergedHeaders, _getRequestContext());
+      if (isWebSocketUpgradeResponse(response)) {
+        responseHolder.response = response;
+        return response;
       }
       // Clone response with merged headers (mutable for post-next() modifications)
@@ -428,8 +460,16 @@ export async function executeMiddleware<TEnv>(
     try {
       result = await entry.handler(ctx, wrappedNext);
     } catch (error) {
-      finishMiddleware();
-      throw error;
+      // Thrown Response is short-circuit control flow, not an error.
+      // Fall through to the `if (result instanceof Response)` branch below
+      // so stub headers and request-context cookies merge as they do for
+      // an explicit `return new Response(...)`. Real errors propagate.
+      if (error instanceof Response) {
+        result = error;
+      } else {
+        finishMiddleware();
+        throw error;
+      }
     }
     finishMiddleware();
@@ -453,34 +493,13 @@ export async function executeMiddleware<TEnv>(
     // RequestContext stub headers (from ctx.setCookie) into the
     // returned Response so they are not lost.
     if (result instanceof Response) {
-      const mergedHeaders = new Headers(result.headers);
-      stubResponse.headers.forEach((value, name) => {
-        if (name.toLowerCase() === "set-cookie") {
-          mergedHeaders.append(name, value);
-        } else if (!mergedHeaders.has(name)) {
-          mergedHeaders.set(name, value);
-        }
-      });
-      // Also merge shared RequestContext stub (cookies written via setCookie).
-      // Dedup Set-Cookie: an inner executeMiddleware (route-level middleware)
-      // may have already merged the same reqCtx cookies into the response.
-      const reqCtx = _getRequestContext();
-      if (reqCtx) {
-        const stubCookies = reqCtx.res.headers.getSetCookie();
-        if (stubCookies.length > 0) {
-          const existing = new Set(mergedHeaders.getSetCookie());
-          for (const cookie of stubCookies) {
-            if (!existing.has(cookie)) {
-              mergedHeaders.append("set-cookie", cookie);
-            }
-          }
-        }
-        reqCtx.res.headers.forEach((value, name) => {
-          if (name !== "set-cookie" && !mergedHeaders.has(name)) {
-            mergedHeaders.set(name, value);
-          }
-        });
+      if (isWebSocketUpgradeResponse(result)) {
+        responseHolder.response = result;
+        return result;
       }
+      const mergedHeaders = new Headers(result.headers);
+      mergeStubHeaders(mergedHeaders, stubResponse.headers, false);
+      mergeReqCtxStub(mergedHeaders, _getRequestContext());
       const merged = new Response(result.body, {
         status: result.status,
         statusText: result.statusText,
@@ -529,23 +548,12 @@ export async function executeMiddleware<TEnv>(
   // last merge point (e.g. cookies().set() called after await next()).
   // The reqCtx stub may have already been partially merged during finalHandler
   // or early-return paths; only append *new* Set-Cookie entries to avoid dupes.
+  //
+  // Skip for upgrade responses: upgrade headers are semantically immutable and
+  // set-cookie on an upgrade is not meaningful.
   const reqCtx = _getRequestContext();
-  if (reqCtx) {
-    const stubCookies = reqCtx.res.headers.getSetCookie();
-    if (stubCookies.length > 0) {
-      const existingCookies = new Set(finalResponse.headers.getSetCookie());
-      for (const cookie of stubCookies) {
-        if (!existingCookies.has(cookie)) {
-          finalResponse.headers.append("set-cookie", cookie);
-        }
-      }
-    }
-    // Fill in non-cookie headers that aren't already on the response
-    reqCtx.res.headers.forEach((value, name) => {
-      if (name !== "set-cookie" && !finalResponse.headers.has(name)) {
-        finalResponse.headers.set(name, value);
-      }
-    });
+  if (reqCtx && !isWebSocketUpgradeResponse(finalResponse)) {
+    mergeReqCtxStub(finalResponse.headers, reqCtx);
   }
   return finalResponse;
@@ -615,7 +623,18 @@ export async function executeInterceptMiddleware<TEnv>(
       return next();
     };
-    const result = await middleware(ctx, guardedNext);
+    let result: Response | void;
+    try {
+      result = await middleware(ctx, guardedNext);
+    } catch (error) {
+      // Thrown Response is short-circuit control flow, parity with the
+      // explicit-return path below. Real errors propagate.
+      if (error instanceof Response) {
+        result = error;
+      } else {
+        throw error;
+      }
+    }
     if (result instanceof Response) {
       earlyResponse = result;
@@ -643,13 +662,7 @@ export async function executeInterceptMiddleware<TEnv>(
       // Only fill in missing headers — the returned Response's explicit
       // headers take precedence, matching executeMiddleware behavior.
       const mergedHeaders = new Headers(response.headers);
-      stubResponse.headers.forEach((value, name) => {
-        if (name.toLowerCase() === "set-cookie") {
-          mergedHeaders.append(name, value);
-        } else if (!mergedHeaders.has(name)) {
-          mergedHeaders.set(name, value);
-        }
-      });
+      mergeStubHeaders(mergedHeaders, stubResponse.headers, false);
       return new Response(response.body, {
         status: response.status,
         statusText: response.statusText,

package/src/router/navigation-snapshot.ts ADDED Viewed

@@ -0,0 +1,182 @@
+/**
+ * Navigation Snapshot
+ *
+ * Pure data type representing the navigation-specific state for partial requests.
+ * Consolidates the header parsing, previous-route matching, intercept-context
+ * detection, and segment ID filtering that previously lived inline in
+ * createMatchContextForPartial (match-api.ts).
+ *
+ * resolveNavigation() is the factory: given a request + URL + current route key,
+ * it returns a NavigationSnapshot (or null if no previous URL).
+ */
+import type { RouteMatchResult } from "./pattern-matching.js";
+/**
+ * Snapshot of navigation state for a partial (navigation/action) request.
+ *
+ * Contains the "where are we coming from?" data: previous route, intercept
+ * source, client segment state, and derived flags.
+ */
+export interface NavigationSnapshot {
+  /** Previous page URL (from X-RSC-Router-Client-Path or Referer) */
+  prevUrl: URL;
+  /** Params from the previous route match */
+  prevParams: Record<string, string>;
+  /** Previous route match result (null if prev URL doesn't match any route) */
+  prevMatch: RouteMatchResult | null;
+  /** URL used as intercept context source */
+  interceptContextUrl: URL;
+  /** Route match for the intercept context URL */
+  interceptContextMatch: RouteMatchResult | null;
+  /** Raw segment IDs the client currently has */
+  clientSegmentIds: string[];
+  /** Set version for O(1) lookup */
+  clientSegmentSet: Set<string>;
+  /** Segment IDs filtered to remove parallel (.@) and loader (D\d+.) entries */
+  filteredSegmentIds: string[];
+  /** Whether client considers its cache stale */
+  stale: boolean;
+  /** Whether the intercept context route is the same as the current route */
+  isSameRouteNavigation: boolean;
+  /** Effective "from" URL (intercept source URL when present, else prevUrl) */
+  effectiveFromUrl: URL;
+  /** Effective "from" match (intercept source match when present, else prevMatch) */
+  effectiveFromMatch: RouteMatchResult | null;
+  /** Whether an intercept source header was present */
+  hasInterceptSource: boolean;
+  /** Whether an HMR request header was present */
+  isHmr: boolean;
+}
+export interface ResolveNavigationDeps {
+  findMatch: (pathname: string) => RouteMatchResult | null;
+}
+/**
+ * Resolve navigation state from a partial request.
+ *
+ * Returns null if no previous URL is available (required for partial navigation).
+ *
+ * @param request - The incoming HTTP request
+ * @param url - Parsed URL of the request
+ * @param currentRouteKey - Route key of the current (target) route match
+ * @param deps - Dependencies (findMatch)
+ */
+export function resolveNavigation(
+  request: Request,
+  url: URL,
+  currentRouteKey: string,
+  deps: ResolveNavigationDeps,
+): NavigationSnapshot | null {
+  // Parse client state from RSC request params/headers
+  const clientSegmentIds =
+    url.searchParams.get("_rsc_segments")?.split(",").filter(Boolean) || [];
+  const stale = url.searchParams.get("_rsc_stale") === "true";
+  const previousUrl =
+    request.headers.get("X-RSC-Router-Client-Path") ||
+    request.headers.get("Referer");
+  const interceptSourceUrl = request.headers.get(
+    "X-RSC-Router-Intercept-Source",
+  );
+  const isHmr = !!request.headers.get("X-RSC-HMR");
+  if (!previousUrl) {
+    return null;
+  }
+  // Parse previous URL
+  let prevUrl: URL;
+  try {
+    prevUrl = new URL(previousUrl, url.origin);
+  } catch {
+    return null;
+  }
+  // Parse intercept context URL
+  let interceptContextUrl: URL;
+  try {
+    interceptContextUrl = interceptSourceUrl
+      ? new URL(interceptSourceUrl, url.origin)
+      : prevUrl;
+  } catch {
+    interceptContextUrl = prevUrl;
+  }
+  // Match previous and intercept context routes
+  const prevMatch = deps.findMatch(prevUrl.pathname);
+  const prevParams = prevMatch?.params || {};
+  const interceptContextMatch = interceptSourceUrl
+    ? deps.findMatch(interceptContextUrl.pathname)
+    : prevMatch;
+  // Derived state
+  const isSameRouteNavigation = !!(
+    interceptContextMatch && interceptContextMatch.routeKey === currentRouteKey
+  );
+  const hasInterceptSource = !!interceptSourceUrl;
+  const effectiveFromUrl = hasInterceptSource ? interceptContextUrl : prevUrl;
+  const effectiveFromMatch = hasInterceptSource
+    ? interceptContextMatch
+    : prevMatch;
+  // Filter segment IDs: remove parallel (.@) and loader (D\d+.) entries
+  const filteredSegmentIds = clientSegmentIds.filter((id) => {
+    if (id.includes(".@")) return false;
+    if (/D\d+\./.test(id)) return false;
+    return true;
+  });
+  const clientSegmentSet = new Set(clientSegmentIds);
+  return {
+    prevUrl,
+    prevParams,
+    prevMatch,
+    interceptContextUrl,
+    interceptContextMatch,
+    clientSegmentIds,
+    clientSegmentSet,
+    filteredSegmentIds,
+    stale,
+    isSameRouteNavigation,
+    effectiveFromUrl,
+    effectiveFromMatch,
+    hasInterceptSource,
+    isHmr,
+  };
+}
+/**
+ * Test helper: create a NavigationSnapshot with sensible defaults and overrides.
+ */
+export function createNavigationSnapshot(
+  overrides?: Partial<NavigationSnapshot>,
+): NavigationSnapshot {
+  const defaultUrl = new URL("http://localhost/");
+  return {
+    prevUrl: defaultUrl,
+    prevParams: {},
+    prevMatch: null,
+    interceptContextUrl: defaultUrl,
+    interceptContextMatch: null,
+    clientSegmentIds: [],
+    clientSegmentSet: new Set(),
+    filteredSegmentIds: [],
+    stale: false,
+    isSameRouteNavigation: false,
+    effectiveFromUrl: defaultUrl,
+    effectiveFromMatch: null,
+    hasInterceptSource: false,
+    isHmr: false,
+    ...overrides,
+  };
+}

package/src/router/pattern-matching.ts CHANGED Viewed

@@ -7,6 +7,7 @@
 import type { RouteEntry, TrailingSlashMode } from "../types";
 import type { EntryData } from "../server/context";
 import { debugLog, isRouterDebugEnabled } from "./logging.js";
+import { safeDecodeURIComponent } from "./url-params.js";
 /**
  * Parsed segment info
@@ -82,6 +83,13 @@ export interface CompiledPattern {
   paramNames: string[];
   optionalParams: Set<string>;
   hasTrailingSlash: boolean;
+  /**
+   * Param-name → allowed values for constrained params (e.g. `:lang(en|gb)`).
+   * Validated against the **decoded** param value after regex extraction so
+   * a URL like `/en%20GB` still matches `:lang(en GB)` — matching the trie
+   * path's behavior (trie-matching.ts:validateAndBuild).
+   */
+  constraints?: Record<string, string[]>;
 }
 // Module-level cache for compiled patterns. Route patterns are a finite set
@@ -142,6 +150,7 @@ export function compilePattern(pattern: string): CompiledPattern {
   const segments = parsePattern(normalizedPattern);
   const paramNames: string[] = [];
   const optionalParams = new Set<string>();
+  let constraints: Record<string, string[]> | undefined;
   let regexPattern = "";
@@ -152,11 +161,14 @@ export function compilePattern(pattern: string): CompiledPattern {
     } else if (segment.type === "param") {
       paramNames.push(segment.value);
       const suffixPattern = segment.suffix ? escapeRegex(segment.suffix) : "";
-      const valuePattern = segment.constraint
-        ? `(${segment.constraint.map(escapeRegex).join("|")})`
-        : segment.suffix
-          ? "([^/]+?)"
-          : "([^/]+)";
+      // Constrained params capture anything here; the allowed values are
+      // checked post-decode in findMatch so URL-encoded constraint values
+      // (e.g. `:lang(en GB)` via `/en%20GB`) still match.
+      const valuePattern = segment.suffix ? "([^/]+?)" : "([^/]+)";
+      if (segment.constraint) {
+        (constraints ??= {})[segment.value] = segment.constraint;
+      }
       if (segment.optional) {
         optionalParams.add(segment.value);
@@ -176,6 +188,20 @@ export function compilePattern(pattern: string): CompiledPattern {
     regexPattern = "/";
   }
+  // Patterns of only optional segments (e.g. `/:locale?`, `/:a?/:b?`) need
+  // an explicit `/` alternative so a bare `/` matches the absent form. The
+  // optional template `(?:/X)?` matches `/X` or empty string, but pathnames
+  // are never empty. Arises from `include("/:locale?", routes)` + inner
+  // `path("/")`. Skip when an explicit trailing slash already anchors the
+  // match.
+  const hasOnlyOptionalSegments =
+    !hasTrailingSlash &&
+    segments.length > 0 &&
+    segments.every((segment) => segment.type === "param" && segment.optional);
+  if (hasOnlyOptionalSegments) {
+    regexPattern = `(?:/|${regexPattern})`;
+  }
   // Add trailing slash to regex if pattern has one
   if (hasTrailingSlash) {
     regexPattern += "/";
@@ -186,9 +212,35 @@ export function compilePattern(pattern: string): CompiledPattern {
     paramNames,
     optionalParams,
     hasTrailingSlash,
+    ...(constraints ? { constraints } : {}),
   };
 }
+/**
+ * Validate decoded params against a compiled pattern's constraints.
+ * Returns false if any constrained param has a non-empty value not in the
+ * allowed list. Absent optionals (key missing or `undefined`) are allowed;
+ * `""` is also tolerated as "absent" so user-provided params or fixtures
+ * that pass empty strings explicitly behave the same way.
+ */
+function satisfiesConstraints(
+  params: Record<string, string>,
+  constraints: Record<string, string[]> | undefined,
+): boolean {
+  if (!constraints) return true;
+  for (const name in constraints) {
+    const value = params[name];
+    if (
+      value !== undefined &&
+      value !== "" &&
+      !constraints[name].includes(value)
+    ) {
+      return false;
+    }
+  }
+  return true;
+}
 /**
  * Escape special regex characters in a string
  */
@@ -196,6 +248,27 @@ function escapeRegex(str: string): string {
   return str.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
 }
+/**
+ * Build the named-params record from a regex match. Optional segments that
+ * didn't capture leave the corresponding group `undefined`; we skip those
+ * keys so `ctx.params.<name>` reads as `undefined` rather than `""`. This
+ * keeps the runtime aligned with the `ExtractParams` type and matches the
+ * trie matcher's contract (see `trie-matching.ts:validateAndBuild`).
+ */
+function buildParamsFromMatch(
+  match: RegExpExecArray,
+  paramNames: string[],
+): Record<string, string> {
+  const params: Record<string, string> = {};
+  paramNames.forEach((name, index) => {
+    const captured = match[index + 1];
+    if (captured !== undefined) {
+      params[name] = safeDecodeURIComponent(captured);
+    }
+  });
+  return params;
+}
 /**
  * Extract the static prefix from a route pattern.
  * Returns everything before the first param/wildcard.
@@ -247,8 +320,10 @@ export function extractStaticPrefix(pattern: string): string {
 /**
  * Match a pathname against registered routes
  *
- * Note: Optional params that are absent in the path will have empty string value.
- * Use the pattern definition to determine if a param is optional.
+ * Note: Optional params that are absent in the path are omitted from the
+ * returned `params` (read as `undefined`), matching the trie matcher and
+ * the `ExtractParams<"/:locale?/...">` type. Use the pattern definition or
+ * `optionalParams` to determine which keys are optional.
  *
  * Trailing slash handling (priority order):
  * 1. Per-route `trailingSlash` config from route()
@@ -392,8 +467,13 @@ export function findMatch<TEnv>(
         fullPattern = entry.prefix + pattern;
       }
-      const { regex, paramNames, optionalParams, hasTrailingSlash } =
-        getCompiledPattern(fullPattern);
+      const {
+        regex,
+        paramNames,
+        optionalParams,
+        hasTrailingSlash,
+        constraints,
+      } = getCompiledPattern(fullPattern);
       // Get trailing slash mode for this route (per-route config or pattern-based)
       const trailingSlashMode: TrailingSlashMode | undefined =
@@ -410,10 +490,13 @@ export function findMatch<TEnv>(
       // Try exact match first
       const match = regex.exec(pathname);
       if (match) {
-        const params: Record<string, string> = {};
-        paramNames.forEach((name, index) => {
-          params[name] = match[index + 1] ?? "";
-        });
+        const params = buildParamsFromMatch(match, paramNames);
+        // Validate constraints against decoded values; a failure falls
+        // through to the next route so other patterns can still match.
+        if (!satisfiesConstraints(params, constraints)) {
+          continue;
+        }
         if (effectiveDebug) {
           debugLog("findMatch", "matched route", {
@@ -465,10 +548,11 @@ export function findMatch<TEnv>(
       // Try alternate pathname (opposite trailing slash)
       const altMatch = regex.exec(alternatePathname);
       if (altMatch) {
-        const params: Record<string, string> = {};
-        paramNames.forEach((name, index) => {
-          params[name] = altMatch[index + 1] ?? "";
-        });
+        const params = buildParamsFromMatch(altMatch, paramNames);
+        if (!satisfiesConstraints(params, constraints)) {
+          continue;
+        }
         // Determine redirect behavior based on mode
         if (trailingSlashMode === "ignore") {