@rayselfs/cf-rule-engine 1.8.2 → 1.9.0

package/dist/adapters/lambda-edge.cjs

@@ -1,10 +1,10 @@
 "use strict";Object.defineProperty(exports, "__esModule", {value: true});
 
 
-var _chunk3BBLG4IXcjs = require('../chunk-3BBLG4IX.cjs');
+var _chunkG4JEAL6Lcjs = require('../chunk-G4JEAL6L.cjs');
 require('../chunk-WKYMSRCD.cjs');
 require('../chunk-75ZPJI57.cjs');
 
 
 
-exports.defineViewerRequest = _chunk3BBLG4IXcjs.defineViewerRequest; exports.defineViewerResponse = _chunk3BBLG4IXcjs.defineViewerResponse;
+exports.defineViewerRequest = _chunkG4JEAL6Lcjs.defineViewerRequest; exports.defineViewerResponse = _chunkG4JEAL6Lcjs.defineViewerResponse;

package/dist/adapters/lambda-edge.js

@@ -1,7 +1,7 @@
 import {
   defineViewerRequest,
   defineViewerResponse
-} from "../chunk-WEBU4R5C.js";
+} from "../chunk-ULR7EP5D.js";
 import "../chunk-Q4NP4C3B.js";
 import "../chunk-MLKGABMK.js";
 export {

package/dist/adapters/viewer-request-async.cjs

@@ -0,0 +1,26 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } }
+
+var _chunkWKYMSRCDcjs = require('../chunk-WKYMSRCD.cjs');
+
+
+
+
+var _chunk6NFAPLQ7cjs = require('../chunk-6NFAPLQ7.cjs');
+require('../chunk-75ZPJI57.cjs');
+
+// src/adapters/viewer-request-async.ts
+function defineViewerRequestAsync(setup) {
+  return async (event) => {
+    const ev = event;
+    const evReq = ev.request;
+    const originalCookies = _nullishCoalesce(evReq.cookies, () => ( {}));
+    const req = _chunk6NFAPLQ7cjs.normalizeRequest.call(void 0, event);
+    const rules = await setup(event);
+    const result = _chunkWKYMSRCDcjs.runRules.call(void 0, rules, req);
+    if (result.action === "respond") return _chunk6NFAPLQ7cjs.denormalizeResponse.call(void 0, result.response);
+    return _chunk6NFAPLQ7cjs.denormalizeRequest.call(void 0, result.request, originalCookies);
+  };
+}
+
+
+exports.defineViewerRequestAsync = defineViewerRequestAsync;

package/dist/adapters/viewer-request-async.d.cts

@@ -0,0 +1,5 @@
+import { Rule } from '../core/types.cjs';
+
+declare function defineViewerRequestAsync(setup: (event: unknown) => Promise<Rule[]>): (event: unknown) => Promise<unknown>;
+
+export { defineViewerRequestAsync };

package/dist/adapters/viewer-request-async.d.ts

@@ -0,0 +1,5 @@
+import { Rule } from '../core/types.js';
+
+declare function defineViewerRequestAsync(setup: (event: unknown) => Promise<Rule[]>): (event: unknown) => Promise<unknown>;
+
+export { defineViewerRequestAsync };

package/dist/adapters/viewer-request-async.js

@@ -0,0 +1,26 @@
+import {
+  runRules
+} from "../chunk-Q4NP4C3B.js";
+import {
+  denormalizeRequest,
+  denormalizeResponse,
+  normalizeRequest
+} from "../chunk-CQ7YZ3AR.js";
+import "../chunk-MLKGABMK.js";
+
+// src/adapters/viewer-request-async.ts
+function defineViewerRequestAsync(setup) {
+  return async (event) => {
+    const ev = event;
+    const evReq = ev.request;
+    const originalCookies = evReq.cookies ?? {};
+    const req = normalizeRequest(event);
+    const rules = await setup(event);
+    const result = runRules(rules, req);
+    if (result.action === "respond") return denormalizeResponse(result.response);
+    return denormalizeRequest(result.request, originalCookies);
+  };
+}
+export {
+  defineViewerRequestAsync
+};

package/dist/behaviors/index.cjs

@@ -1,5 +1,12 @@
 "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } } function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }
 
+var _chunkIHVOAORHcjs = require('../chunk-IHVOAORH.cjs');
+require('../chunk-ULICUDDH.cjs');
+
+
+var _chunkZXS23HXAcjs = require('../chunk-ZXS23HXA.cjs');
+
+
 var _chunkPPUHEL4Hcjs = require('../chunk-PPUHEL4H.cjs');
 
 
@@ -12,6 +19,9 @@ var _chunk3UXNXJ6Ncjs = require('../chunk-3UXNXJ6N.cjs');
 var _chunkMSES76XKcjs = require('../chunk-MSES76XK.cjs');
 
 
+var _chunkLTLBEBKLcjs = require('../chunk-LTLBEBKL.cjs');
+
+
 var _chunkKXC6ES3Bcjs = require('../chunk-KXC6ES3B.cjs');
 
 
@@ -21,25 +31,16 @@ var _chunkWWSRNCUPcjs = require('../chunk-WWSRNCUP.cjs');
 var _chunkSGEBNQR2cjs = require('../chunk-SGEBNQR2.cjs');
 
 
-var _chunkMRPTC74Icjs = require('../chunk-MRPTC74I.cjs');
+var _chunkBSH5JZBLcjs = require('../chunk-BSH5JZBL.cjs');
 
 
 var _chunkCV234DQTcjs = require('../chunk-CV234DQT.cjs');
 
 
-var _chunkAEZDDJEWcjs = require('../chunk-AEZDDJEW.cjs');
-
-
-var _chunkZXS23HXAcjs = require('../chunk-ZXS23HXA.cjs');
-
-
 var _chunkOSGZTNTScjs = require('../chunk-OSGZTNTS.cjs');
 
 
 var _chunkJU5WX5RUcjs = require('../chunk-JU5WX5RU.cjs');
-
-
-var _chunkLTLBEBKLcjs = require('../chunk-LTLBEBKL.cjs');
 require('../chunk-75ZPJI57.cjs');
 
 // src/behaviors/verify-token.ts
@@ -123,4 +124,4 @@ function verifyToken(options) {
 
 
 
-exports.constructResponse = _chunkOSGZTNTScjs.constructResponse; exports.copyHeader = _chunkJU5WX5RUcjs.copyHeader; exports.directoryIndex = _chunkLTLBEBKLcjs.directoryIndex; exports.imageOptimize = _chunkKXC6ES3Bcjs.imageOptimize; exports.redirect = _chunkWWSRNCUPcjs.redirect; exports.removeResponseHeaders = _chunkSGEBNQR2cjs.removeResponseHeaders; exports.rewriteUri = _chunkMRPTC74Icjs.rewriteUri; exports.setCacheControl = _chunkCV234DQTcjs.setCacheControl; exports.setCorsHeaders = _chunkAEZDDJEWcjs.setCorsHeaders; exports.setCsp = _chunkZXS23HXAcjs.setCsp; exports.setRequestHeader = _chunkPPUHEL4Hcjs.setRequestHeader; exports.setResponseHeader = _chunkB4WEJSEZcjs.setResponseHeader; exports.setSecurityHeaders = _chunk3UXNXJ6Ncjs.setSecurityHeaders; exports.stripQueryParams = _chunkMSES76XKcjs.stripQueryParams; exports.verifyToken = verifyToken;
+exports.constructResponse = _chunkOSGZTNTScjs.constructResponse; exports.copyHeader = _chunkJU5WX5RUcjs.copyHeader; exports.directoryIndex = _chunkLTLBEBKLcjs.directoryIndex; exports.imageOptimize = _chunkKXC6ES3Bcjs.imageOptimize; exports.redirect = _chunkWWSRNCUPcjs.redirect; exports.removeResponseHeaders = _chunkSGEBNQR2cjs.removeResponseHeaders; exports.rewriteUri = _chunkBSH5JZBLcjs.rewriteUri; exports.setCacheControl = _chunkCV234DQTcjs.setCacheControl; exports.setCorsHeaders = _chunkIHVOAORHcjs.setCorsHeaders; exports.setCsp = _chunkZXS23HXAcjs.setCsp; exports.setRequestHeader = _chunkPPUHEL4Hcjs.setRequestHeader; exports.setResponseHeader = _chunkB4WEJSEZcjs.setResponseHeader; exports.setSecurityHeaders = _chunk3UXNXJ6Ncjs.setSecurityHeaders; exports.stripQueryParams = _chunkMSES76XKcjs.stripQueryParams; exports.verifyToken = verifyToken;

package/dist/behaviors/index.js

@@ -1,3 +1,10 @@
+import {
+  setCorsHeaders
+} from "../chunk-H3RK4USR.js";
+import "../chunk-EEZ7NUJG.js";
+import {
+  setCsp
+} from "../chunk-XUI4Y22M.js";
 import {
   setRequestHeader
 } from "../chunk-M5KUQBDW.js";
@@ -10,6 +17,9 @@ import {
 import {
   stripQueryParams
 } from "../chunk-XPQG5IML.js";
+import {
+  directoryIndex
+} from "../chunk-R7WXS7BI.js";
 import {
   imageOptimize
 } from "../chunk-LQRLWDQQ.js";
@@ -21,25 +31,16 @@ import {
 } from "../chunk-BUAIBB3N.js";
 import {
   rewriteUri
-} from "../chunk-FTP7NLKX.js";
+} from "../chunk-QVY6REMD.js";
 import {
   setCacheControl
 } from "../chunk-ZTMSH34E.js";
-import {
-  setCorsHeaders
-} from "../chunk-CQA2DCVF.js";
-import {
-  setCsp
-} from "../chunk-XUI4Y22M.js";
 import {
   constructResponse
 } from "../chunk-6DBZBV2M.js";
 import {
   copyHeader
 } from "../chunk-BDNPQ7AU.js";
-import {
-  directoryIndex
-} from "../chunk-R7WXS7BI.js";
 import "../chunk-MLKGABMK.js";
 
 // src/behaviors/verify-token.ts

package/dist/behaviors/kvs.cjs

@@ -0,0 +1,24 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});require('../chunk-75ZPJI57.cjs');
+
+// src/behaviors/kvs.ts
+async function kvsRedirect(handle, key, statusCode) {
+  const raw = await handle.get(key);
+  const map = raw ? JSON.parse(raw) : {};
+  const code = statusCode !== void 0 ? statusCode : 301;
+  const desc = code === 302 ? "Found" : "Moved Permanently";
+  return (request) => {
+    const dest = map[request.uri];
+    if (!dest) return { action: "continue", request };
+    return {
+      action: "respond",
+      response: {
+        statusCode: code,
+        statusDescription: desc,
+        headers: { location: { value: dest } }
+      }
+    };
+  };
+}
+
+
+exports.kvsRedirect = kvsRedirect;

package/dist/behaviors/kvs.d.cts

@@ -0,0 +1,6 @@
+import { BehaviorFn } from '../core/types.cjs';
+import { KvsHandle } from '../shared/kvs.cjs';
+
+declare function kvsRedirect(handle: KvsHandle, key: string, statusCode?: number): Promise<BehaviorFn>;
+
+export { kvsRedirect };

package/dist/behaviors/kvs.d.ts

@@ -0,0 +1,6 @@
+import { BehaviorFn } from '../core/types.js';
+import { KvsHandle } from '../shared/kvs.js';
+
+declare function kvsRedirect(handle: KvsHandle, key: string, statusCode?: number): Promise<BehaviorFn>;
+
+export { kvsRedirect };

package/dist/behaviors/kvs.js

@@ -0,0 +1,24 @@
+import "../chunk-MLKGABMK.js";
+
+// src/behaviors/kvs.ts
+async function kvsRedirect(handle, key, statusCode) {
+  const raw = await handle.get(key);
+  const map = raw ? JSON.parse(raw) : {};
+  const code = statusCode !== void 0 ? statusCode : 301;
+  const desc = code === 302 ? "Found" : "Moved Permanently";
+  return (request) => {
+    const dest = map[request.uri];
+    if (!dest) return { action: "continue", request };
+    return {
+      action: "respond",
+      response: {
+        statusCode: code,
+        statusDescription: desc,
+        headers: { location: { value: dest } }
+      }
+    };
+  };
+}
+export {
+  kvsRedirect
+};

package/dist/behaviors/rewrite-uri.cjs

@@ -1,7 +1,7 @@
 "use strict";Object.defineProperty(exports, "__esModule", {value: true});
 
-var _chunkMRPTC74Icjs = require('../chunk-MRPTC74I.cjs');
+var _chunkBSH5JZBLcjs = require('../chunk-BSH5JZBL.cjs');
 require('../chunk-75ZPJI57.cjs');
 
 
-exports.rewriteUri = _chunkMRPTC74Icjs.rewriteUri;
+exports.rewriteUri = _chunkBSH5JZBLcjs.rewriteUri;

package/dist/behaviors/rewrite-uri.js

@@ -1,6 +1,6 @@
 import {
   rewriteUri
-} from "../chunk-FTP7NLKX.js";
+} from "../chunk-QVY6REMD.js";
 import "../chunk-MLKGABMK.js";
 export {
   rewriteUri

package/dist/behaviors/set-cors-headers.cjs

@@ -2,10 +2,11 @@
 
 
 
-var _chunkAEZDDJEWcjs = require('../chunk-AEZDDJEW.cjs');
+var _chunkIHVOAORHcjs = require('../chunk-IHVOAORH.cjs');
+require('../chunk-ULICUDDH.cjs');
 require('../chunk-75ZPJI57.cjs');
 
 
 
 
-exports.ORIGIN_ECHO = _chunkAEZDDJEWcjs.ORIGIN_ECHO; exports.ORIGIN_WILDCARD = _chunkAEZDDJEWcjs.ORIGIN_WILDCARD; exports.setCorsHeaders = _chunkAEZDDJEWcjs.setCorsHeaders;
+exports.ORIGIN_ECHO = _chunkIHVOAORHcjs.ORIGIN_ECHO; exports.ORIGIN_WILDCARD = _chunkIHVOAORHcjs.ORIGIN_WILDCARD; exports.setCorsHeaders = _chunkIHVOAORHcjs.setCorsHeaders;

package/dist/behaviors/set-cors-headers.d.cts

@@ -55,33 +55,6 @@ interface CorsOptions {
      */
     maxAge?: number;
 }
-/**
- * Sets CORS response headers with configurable origin policy.
- *
- * @param options - CORS configuration. `allowedOrigins` is required.
- * @returns A `ResponseBehaviorFn` to use directly in `defineViewerResponse` or wrapped in a `ResponseRule`.
- *
- * @example
- * ```ts
- * import { setCorsHeaders, ORIGIN_WILDCARD, ORIGIN_ECHO } from '@rayselfs/cf-rule-engine/behaviors/set-cors-headers'
- * import { defineViewerResponse } from '@rayselfs/cf-rule-engine/adapters/viewer-response'
- *
- * // Public API — static Access-Control-Allow-Origin: *
- * export default defineViewerResponse([
- *   setCorsHeaders({ allowedOrigins: ORIGIN_WILDCARD }),
- * ])
- *
- * // Restricted — echo only listed origins (supports wildcard subdomains)
- * export default defineViewerResponse([
- *   setCorsHeaders({ allowedOrigins: ['https://*.viverse.com', 'https://sdk-api.viverse.com'] }),
- * ])
- *
- * // Echo any origin (e.g. for credentialed requests)
- * export default defineViewerResponse([
- *   setCorsHeaders({ allowedOrigins: ORIGIN_ECHO, allowCredentials: true }),
- * ])
- * ```
- */
 declare function setCorsHeaders(options: CorsOptions): ResponseBehaviorFn;
 
 export { type CorsOptions, type Methods, ORIGIN_ECHO, ORIGIN_WILDCARD, type Origin, type OriginEcho, type OriginPolicy, type OriginWildcard, setCorsHeaders };

package/dist/behaviors/set-cors-headers.d.ts

@@ -55,33 +55,6 @@ interface CorsOptions {
      */
     maxAge?: number;
 }
-/**
- * Sets CORS response headers with configurable origin policy.
- *
- * @param options - CORS configuration. `allowedOrigins` is required.
- * @returns A `ResponseBehaviorFn` to use directly in `defineViewerResponse` or wrapped in a `ResponseRule`.
- *
- * @example
- * ```ts
- * import { setCorsHeaders, ORIGIN_WILDCARD, ORIGIN_ECHO } from '@rayselfs/cf-rule-engine/behaviors/set-cors-headers'
- * import { defineViewerResponse } from '@rayselfs/cf-rule-engine/adapters/viewer-response'
- *
- * // Public API — static Access-Control-Allow-Origin: *
- * export default defineViewerResponse([
- *   setCorsHeaders({ allowedOrigins: ORIGIN_WILDCARD }),
- * ])
- *
- * // Restricted — echo only listed origins (supports wildcard subdomains)
- * export default defineViewerResponse([
- *   setCorsHeaders({ allowedOrigins: ['https://*.viverse.com', 'https://sdk-api.viverse.com'] }),
- * ])
- *
- * // Echo any origin (e.g. for credentialed requests)
- * export default defineViewerResponse([
- *   setCorsHeaders({ allowedOrigins: ORIGIN_ECHO, allowCredentials: true }),
- * ])
- * ```
- */
 declare function setCorsHeaders(options: CorsOptions): ResponseBehaviorFn;
 
 export { type CorsOptions, type Methods, ORIGIN_ECHO, ORIGIN_WILDCARD, type Origin, type OriginEcho, type OriginPolicy, type OriginWildcard, setCorsHeaders };

package/dist/behaviors/set-cors-headers.js

@@ -2,7 +2,8 @@ import {
   ORIGIN_ECHO,
   ORIGIN_WILDCARD,
   setCorsHeaders
-} from "../chunk-CQA2DCVF.js";
+} from "../chunk-H3RK4USR.js";
+import "../chunk-EEZ7NUJG.js";
 import "../chunk-MLKGABMK.js";
 export {
   ORIGIN_ECHO,

package/dist/{chunk-ORW3KDO5.js → chunk-7EA7GFWX.js}

@@ -4,15 +4,12 @@ import {
 import {
   ORIGIN_ECHO,
   ORIGIN_WILDCARD
-} from "./chunk-CQA2DCVF.js";
+} from "./chunk-H3RK4USR.js";
+import {
+  matchesOriginPattern
+} from "./chunk-EEZ7NUJG.js";
 
 // src/helpers/preflight-request.ts
-function matchesOriginPattern(origin, pattern) {
-  if (pattern === "*") return true;
-  if (!pattern.includes("*")) return origin === pattern;
-  const escaped = pattern.replace(/[.+^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*");
-  return new RegExp(`^${escaped}$`).test(origin);
-}
 function preflightRequest(options) {
   const allowedOrigins = options.allowedOrigins;
   const allowedMethods = options.allowedMethods ?? ["GET", "POST", "OPTIONS"];

package/dist/{chunk-MRPTC74I.cjs → chunk-BSH5JZBL.cjs}

@@ -1,5 +1,6 @@
 "use strict";Object.defineProperty(exports, "__esModule", {value: true});// src/behaviors/rewrite-uri.ts
 function rewriteUri(mode, target, match) {
+  const re = mode === "regex-replace" && match !== void 0 ? new RegExp(match, "g") : null;
   return (request) => {
     let uri = request.uri;
     switch (mode) {
@@ -15,8 +16,9 @@ function rewriteUri(mode, target, match) {
         }
         break;
       case "regex-replace":
-        if (match !== void 0) {
-          uri = uri.replace(new RegExp(match, "g"), target);
+        if (re) {
+          re.lastIndex = 0;
+          uri = uri.replace(re, target);
         }
         break;
     }

package/dist/{chunk-2DE6WPPL.js → chunk-EEZ7NUJG.js}

@@ -1,5 +1,6 @@
 // src/shared/wildcard.ts
 var regexCache = /* @__PURE__ */ Object.create(null);
+var originPatternCache = /* @__PURE__ */ Object.create(null);
 function wildcardToRegex(pattern) {
   if (!(pattern in regexCache)) {
     const escaped = pattern.replace(/[.+^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*").replace(/\?/g, ".");
@@ -13,9 +14,19 @@ function matchesWildcard(str, pattern) {
 function matchesAnyWildcard(str, patterns) {
   return patterns.some((p) => matchesWildcard(str, p));
 }
+function matchesOriginPattern(origin, pattern) {
+  if (pattern === "*") return true;
+  if (!pattern.includes("*")) return origin === pattern;
+  if (!(pattern in originPatternCache)) {
+    const escaped = pattern.replace(/[.+^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*");
+    originPatternCache[pattern] = new RegExp(`^${escaped}$`);
+  }
+  return originPatternCache[pattern].test(origin);
+}
 
 export {
   wildcardToRegex,
   matchesWildcard,
-  matchesAnyWildcard
+  matchesAnyWildcard,
+  matchesOriginPattern
 };

package/dist/{chunk-PBR6AREG.cjs → chunk-EMDI676G.cjs}

@@ -4,15 +4,12 @@ var _chunkOTFDML3Kcjs = require('./chunk-OTFDML3K.cjs');
 
 
 
-var _chunkAEZDDJEWcjs = require('./chunk-AEZDDJEW.cjs');
+var _chunkIHVOAORHcjs = require('./chunk-IHVOAORH.cjs');
+
+
+var _chunkULICUDDHcjs = require('./chunk-ULICUDDH.cjs');
 
 // src/helpers/preflight-request.ts
-function matchesOriginPattern(origin, pattern) {
-  if (pattern === "*") return true;
-  if (!pattern.includes("*")) return origin === pattern;
-  const escaped = pattern.replace(/[.+^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*");
-  return new RegExp(`^${escaped}$`).test(origin);
-}
 function preflightRequest(options) {
   const allowedOrigins = options.allowedOrigins;
   const allowedMethods = _nullishCoalesce(options.allowedMethods, () => ( ["GET", "POST", "OPTIONS"]));
@@ -23,13 +20,13 @@ function preflightRequest(options) {
     criteria: _chunkOTFDML3Kcjs.methodIs.call(void 0, ["OPTIONS"]),
     behavior: (request) => {
       let allowOrigin;
-      if (allowedOrigins === _chunkAEZDDJEWcjs.ORIGIN_WILDCARD) {
+      if (allowedOrigins === _chunkIHVOAORHcjs.ORIGIN_WILDCARD) {
         allowOrigin = "*";
-      } else if (allowedOrigins === _chunkAEZDDJEWcjs.ORIGIN_ECHO) {
+      } else if (allowedOrigins === _chunkIHVOAORHcjs.ORIGIN_ECHO) {
         allowOrigin = _optionalChain([request, 'access', _ => _.headers, 'access', _2 => _2["origin"], 'optionalAccess', _3 => _3.value]);
       } else {
         const originHeader = _optionalChain([request, 'access', _4 => _4.headers, 'access', _5 => _5["origin"], 'optionalAccess', _6 => _6.value]);
-        if (originHeader && allowedOrigins.some((p) => matchesOriginPattern(originHeader, p))) {
+        if (originHeader && allowedOrigins.some((p) => _chunkULICUDDHcjs.matchesOriginPattern.call(void 0, originHeader, p))) {
           allowOrigin = originHeader;
         }
       }

package/dist/{chunk-3BBLG4IX.cjs → chunk-G4JEAL6L.cjs}

@@ -35,14 +35,17 @@ function denormalizeHeaders(headers) {
 }
 function parseQuerystring(qs) {
   if (!qs) return {};
-  return Object.fromEntries(
-    qs.split("&").map((p) => {
-      const parts = p.split("=");
-      const k = parts[0];
-      const v = parts[1] || "";
-      return [k, { value: v }];
-    })
-  );
+  const result = {};
+  const pairs = qs.split("&");
+  for (let i = 0; i < pairs.length; i++) {
+    const eq = pairs[i].indexOf("=");
+    if (eq === -1) {
+      result[pairs[i]] = { value: "" };
+    } else {
+      result[pairs[i].slice(0, eq)] = { value: pairs[i].slice(eq + 1) };
+    }
+  }
+  return result;
 }
 function serializeQuerystring(qs) {
   const qsEntries = Object.entries(qs);

package/dist/{chunk-CQA2DCVF.js → chunk-H3RK4USR.js}

@@ -1,12 +1,10 @@
+import {
+  matchesOriginPattern
+} from "./chunk-EEZ7NUJG.js";
+
 // src/behaviors/set-cors-headers.ts
 var ORIGIN_WILDCARD = "*";
 var ORIGIN_ECHO = "echo";
-function matchesOriginPattern(origin, pattern) {
-  if (pattern === "*") return true;
-  if (!pattern.includes("*")) return origin === pattern;
-  const escaped = pattern.replace(/[.+^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*");
-  return new RegExp(`^${escaped}$`).test(origin);
-}
 function setCorsHeaders(options) {
   const allowedOrigins = options.allowedOrigins;
   return (request, response) => {

package/dist/{chunk-RL7ZETZR.js → chunk-IHDSTTO2.js}

@@ -1,12 +1,12 @@
+import {
+  pathMatches
+} from "./chunk-Y7TIDVVC.js";
 import {
   userAgentMatches
-} from "./chunk-S2AAATFN.js";
+} from "./chunk-VQGBRWJK.js";
 import {
   ipCidr
-} from "./chunk-KW5YBTSD.js";
-import {
-  pathMatches
-} from "./chunk-LO2BO3RU.js";
+} from "./chunk-YHTUV2SA.js";
 import {
   redirect
 } from "./chunk-DSSFFJWL.js";

package/dist/{chunk-AEZDDJEW.cjs → chunk-IHVOAORH.cjs}

@@ -1,12 +1,10 @@
-"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }// src/behaviors/set-cors-headers.ts
+"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }
+
+var _chunkULICUDDHcjs = require('./chunk-ULICUDDH.cjs');
+
+// src/behaviors/set-cors-headers.ts
 var ORIGIN_WILDCARD = "*";
 var ORIGIN_ECHO = "echo";
-function matchesOriginPattern(origin, pattern) {
-  if (pattern === "*") return true;
-  if (!pattern.includes("*")) return origin === pattern;
-  const escaped = pattern.replace(/[.+^${}()|[\]\\]/g, "\\$&").replace(/\*/g, ".*");
-  return new RegExp(`^${escaped}$`).test(origin);
-}
 function setCorsHeaders(options) {
   const allowedOrigins = options.allowedOrigins;
   return (request, response) => {
@@ -17,7 +15,7 @@ function setCorsHeaders(options) {
       allowOrigin = _optionalChain([request, 'access', _ => _.headers, 'access', _2 => _2["origin"], 'optionalAccess', _3 => _3.value]);
     } else {
       const originHeader = _optionalChain([request, 'access', _4 => _4.headers, 'access', _5 => _5["origin"], 'optionalAccess', _6 => _6.value]);
-      if (originHeader && allowedOrigins.some((p) => matchesOriginPattern(originHeader, p))) {
+      if (originHeader && allowedOrigins.some((p) => _chunkULICUDDHcjs.matchesOriginPattern.call(void 0, originHeader, p))) {
         allowOrigin = originHeader;
       }
     }

package/dist/{chunk-T5EXFHVA.cjs → chunk-ISXKMJCN.cjs}

@@ -1,12 +1,12 @@
 "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } }
 
-var _chunkMVGYPBYBcjs = require('./chunk-MVGYPBYB.cjs');
+var _chunkZEFLAOTLcjs = require('./chunk-ZEFLAOTL.cjs');
 
 
-var _chunkD47P7HVZcjs = require('./chunk-D47P7HVZ.cjs');
+var _chunkLVOM5GJ6cjs = require('./chunk-LVOM5GJ6.cjs');
 
 
-var _chunkCF5PWWTFcjs = require('./chunk-CF5PWWTF.cjs');
+var _chunkMK4QBCD5cjs = require('./chunk-MK4QBCD5.cjs');
 
 
 var _chunkWWSRNCUPcjs = require('./chunk-WWSRNCUP.cjs');
@@ -20,9 +20,9 @@ var _chunkWKYMSRCDcjs = require('./chunk-WKYMSRCD.cjs');
 function whitelist(options) {
   const userAgents = _nullishCoalesce(options.userAgents, () => ( []));
   const bypassPaths = _nullishCoalesce(options.bypassPaths, () => ( []));
-  const criteria = [_chunkWKYMSRCDcjs.not.call(void 0, _chunkD47P7HVZcjs.ipCidr.call(void 0, options.cidrs)), _chunkWKYMSRCDcjs.not.call(void 0, _chunkMVGYPBYBcjs.userAgentMatches.call(void 0, userAgents))];
+  const criteria = [_chunkWKYMSRCDcjs.not.call(void 0, _chunkMK4QBCD5cjs.ipCidr.call(void 0, options.cidrs)), _chunkWKYMSRCDcjs.not.call(void 0, _chunkLVOM5GJ6cjs.userAgentMatches.call(void 0, userAgents))];
   if (bypassPaths.length > 0) {
-    criteria.push(_chunkWKYMSRCDcjs.not.call(void 0, _chunkCF5PWWTFcjs.pathMatches.call(void 0, bypassPaths)));
+    criteria.push(_chunkWKYMSRCDcjs.not.call(void 0, _chunkZEFLAOTLcjs.pathMatches.call(void 0, bypassPaths)));
   }
   return _chunkWKYMSRCDcjs.rule.call(void 0, _chunkWKYMSRCDcjs.all.call(void 0, criteria), _chunkWWSRNCUPcjs.redirect.call(void 0, 302, options.redirectUrl));
 }

package/dist/{chunk-MVGYPBYB.cjs → chunk-LVOM5GJ6.cjs}

@@ -1,13 +1,13 @@
 "use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }
 
-var _chunkIBXAK2A4cjs = require('./chunk-IBXAK2A4.cjs');
+var _chunkULICUDDHcjs = require('./chunk-ULICUDDH.cjs');
 
 // src/criteria/user-agent-matches.ts
 function userAgentMatches(patterns) {
   return (req) => {
     const ua = _optionalChain([req, 'access', _ => _.headers, 'access', _2 => _2["user-agent"], 'optionalAccess', _3 => _3.value]);
     if (!ua) return false;
-    return _chunkIBXAK2A4cjs.matchesAnyWildcard.call(void 0, ua, patterns);
+    return _chunkULICUDDHcjs.matchesAnyWildcard.call(void 0, ua, patterns);
   };
 }
 

package/dist/{chunk-D47P7HVZ.cjs → chunk-MK4QBCD5.cjs}

@@ -1,10 +1,10 @@
 "use strict";Object.defineProperty(exports, "__esModule", {value: true});
 
-var _chunkYVUR35RNcjs = require('./chunk-YVUR35RN.cjs');
+var _chunkWZKRNMF2cjs = require('./chunk-WZKRNMF2.cjs');
 
 // src/criteria/ip-cidr.ts
 function ipCidr(cidrs) {
-  return (req) => _chunkYVUR35RNcjs.matchesAnyCidr.call(void 0, req.clientIp, cidrs);
+  return (req) => _chunkWZKRNMF2cjs.matchesAnyCidr.call(void 0, req.clientIp, cidrs);
 }