@sourceregistry/node-webserver 1.0.0

package/dist/index.es.js

@@ -0,0 +1,936 @@
+import { createReadStream as k } from "node:fs";
+import { stat as W, realpath as L, lstat as I } from "node:fs/promises";
+import { sep as D, resolve as O, relative as $, isAbsolute as U, extname as F } from "node:path";
+import { Readable as z } from "node:stream";
+import { createServer as B } from "http";
+import { createServer as q } from "https";
+import { TLSSocket as X } from "tls";
+import { Readable as G, Transform as J, Writable as V } from "stream";
+import { WebSocketServer as K, WebSocket as P } from "ws";
+import { parse as E, serialize as Y } from "cookie";
+const Q = {
+  ".avif": "image/avif",
+  ".css": "text/css; charset=utf-8",
+  ".gif": "image/gif",
+  ".html": "text/html; charset=utf-8",
+  ".ico": "image/x-icon",
+  ".jpg": "image/jpeg",
+  ".jpeg": "image/jpeg",
+  ".js": "text/javascript; charset=utf-8",
+  ".json": "application/json; charset=utf-8",
+  ".mjs": "text/javascript; charset=utf-8",
+  ".pdf": "application/pdf",
+  ".png": "image/png",
+  ".svg": "image/svg+xml; charset=utf-8",
+  ".txt": "text/plain; charset=utf-8",
+  ".wasm": "application/wasm",
+  ".webp": "image/webp",
+  ".xml": "application/xml; charset=utf-8"
+}, Z = {
+  index: "index.html",
+  cacheControl: "public, max-age=0",
+  dotFiles: "ignore"
+};
+async function ee(a, e, t = {}) {
+  const s = oe(e), r = {
+    ...Z,
+    ...t
+  }, n = await te(a), o = se(s, r.dotFiles);
+  if (o instanceof Response)
+    return o;
+  const i = o.length > 0 ? o.join(D) : "", u = O(n, i);
+  if (!v(n, u))
+    return new Response("Forbidden", { status: 403 });
+  const c = await re(u, n, r.index);
+  if (c instanceof Response)
+    return c;
+  const l = await W(c), d = new Headers({
+    "content-length": String(l.size),
+    "content-type": ne(c),
+    "cache-control": r.cacheControl,
+    "last-modified": l.mtime.toUTCString(),
+    "x-content-type-options": "nosniff"
+  });
+  if (t.headers) {
+    const h = typeof t.headers == "function" ? t.headers(c, l) : t.headers;
+    new Headers(h).forEach((f, y) => {
+      d.set(y, f);
+    });
+  }
+  return new Response(z.toWeb(k(c)), {
+    status: 200,
+    headers: d
+  });
+}
+async function te(a) {
+  return L(a);
+}
+function se(a, e) {
+  if (a.includes("\0"))
+    return new Response("Bad Request", { status: 400 });
+  const t = a.replace(/\\/g, "/").split("/").filter(Boolean), s = [];
+  for (const r of t) {
+    let n;
+    try {
+      n = decodeURIComponent(r);
+    } catch {
+      return new Response("Bad Request", { status: 400 });
+    }
+    if (!(!n || n === ".")) {
+      if (n === ".." || n.includes("/") || n.includes("\\") || n.includes("\0"))
+        return new Response("Forbidden", { status: 403 });
+      if (n.startsWith(".")) {
+        if (e === "deny")
+          return new Response("Forbidden", { status: 403 });
+        if (e !== "allow")
+          return new Response("Not Found", { status: 404 });
+      }
+      s.push(n);
+    }
+  }
+  return s;
+}
+async function re(a, e, t) {
+  try {
+    if ((await I(a)).isDirectory()) {
+      const r = O(a, t);
+      return T(r, e);
+    }
+    return T(a, e);
+  } catch {
+    return new Response("Not Found", { status: 404 });
+  }
+}
+async function T(a, e) {
+  try {
+    const t = await L(a);
+    return v(e, t) ? (await W(t)).isFile() ? t : new Response("Not Found", { status: 404 }) : new Response("Forbidden", { status: 403 });
+  } catch {
+    return new Response("Not Found", { status: 404 });
+  }
+}
+function v(a, e) {
+  const t = $(a, e);
+  return t === "" || !t.startsWith("..") && !U(t);
+}
+function ne(a) {
+  return Q[F(a).toLowerCase()] ?? "application/octet-stream";
+}
+function oe(a) {
+  return typeof a.params.path == "string" ? a.params.path : a.url.pathname.replace(/^\/+/, "");
+}
+function _(a) {
+  return a instanceof Response && a.status >= 400 && a.status < 600;
+}
+function N(a) {
+  return a instanceof Response && a.status >= 300 && a.status < 400;
+}
+class ae {
+  constructor(e) {
+    this.data = /* @__PURE__ */ new Map(), this.windowMs = e.windowMs, this.startCleanup();
+  }
+  async incr(e) {
+    const t = Date.now();
+    let s = this.data.get(e);
+    return !s || t >= s.reset ? (s = { count: 1, reset: t + this.windowMs }, this.data.set(e, s)) : s.count++, { current: s.count, reset: s.reset };
+  }
+  startCleanup() {
+    this.cleanupInterval = setInterval(() => {
+      const e = Date.now();
+      for (const [t, { reset: s }] of this.data)
+        e >= s && this.data.delete(t);
+    }, Math.min(this.windowMs, 3e5));
+  }
+  stop() {
+    this.cleanupInterval && clearInterval(this.cleanupInterval);
+  }
+  async resetAll() {
+    this.data.clear();
+  }
+}
+function ie(a) {
+  const {
+    windowMs: e = 6e4,
+    max: t,
+    key: s = (c) => c.getClientAddress(),
+    message: r = "Too many requests, please try again later.",
+    statusCode: n = 429,
+    headers: o = "include",
+    onRateLimit: i,
+    store: u = new ae({ windowMs: e })
+  } = a;
+  return async (c, l) => {
+    const d = `rl:${s(c)}`, { current: h, reset: f } = await u.incr(d), y = Math.ceil((f - Date.now()) / 1e3);
+    if (h > t) {
+      i && i(c, { current: h, max: t, key: d });
+      const w = {
+        status: n,
+        headers: new Headers()
+      }, p = w.headers;
+      o === "include" && (p.set("X-RateLimit-Limit", String(t)), p.set("X-RateLimit-Remaining", "0"), p.set("X-RateLimit-Reset", String(Math.floor(f / 1e3))), p.set("Retry-After", String(y)));
+      let m;
+      return typeof r == "string" ? (m = r, p.set("Content-Type", "text/plain")) : (m = JSON.stringify(r), p.set("Content-Type", "application/json")), new Response(m, w);
+    }
+    if (c.rateLimit = {
+      current: h,
+      limit: t,
+      reset: new Date(f),
+      remaining: t - h
+    }, o === "include") {
+      const w = {
+        "X-RateLimit-Limit": String(t),
+        "X-RateLimit-Remaining": String(t - h),
+        "X-RateLimit-Reset": String(Math.floor(f / 1e3))
+      }, p = c.setHeaders;
+      c.setHeaders = (m) => {
+        p({
+          ...w,
+          ...m
+        });
+      }, p(w);
+    }
+    return l();
+  };
+}
+const Ee = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
+  __proto__: null,
+  fixedWindowLimit: ie
+}, Symbol.toStringTag, { value: "Module" })), ce = [
+  "GET",
+  "POST",
+  "PUT",
+  "DELETE",
+  "PATCH",
+  "HEAD",
+  "OPTIONS"
+], ue = [
+  "Accept",
+  "Accept-Language",
+  "Content-Language",
+  "Content-Type",
+  "Range"
+], le = [
+  "Authorization",
+  "X-Auth-Token",
+  "X-Requested-With",
+  "X-CSRF-Token",
+  "X-HTTP-Method-Override",
+  "X-Forwarded-For",
+  "X-Real-IP",
+  "X-Custom-Header"
+];
+function j(a, e) {
+  return !a || !e ? !1 : e === "*" ? !0 : e === "null" ? a === "null" : Array.isArray(e) ? e.some((t) => j(a, t)) : typeof e == "function" ? e(a) : e instanceof RegExp ? e.test(a) : a === e;
+}
+function de(a, e) {
+  const { origin: t = "*" } = e;
+  return a ? t === "*" ? e.credentials ? a : "*" : j(a, t) ? a : null : t === "*" ? "*" : null;
+}
+function he(a = {}) {
+  const {
+    methods: e = ce,
+    allowedHeaders: t = le,
+    exposedHeaders: s,
+    credentials: r = !1,
+    maxAge: n = 86400,
+    onResponse: o
+  } = a, i = "Origin,Access-Control-Request-Method,Access-Control-Request-Headers", u = e.join(","), c = [...ue, ...t].join(","), l = [
+    ["Vary", i],
+    ["Access-Control-Allow-Methods", u],
+    ["Access-Control-Allow-Headers", c]
+  ];
+  return s && l.push(["Access-Control-Expose-Headers", s.join(",")]), r && l.push(["Access-Control-Allow-Credentials", "true"]), n && l.push(["Access-Control-Max-Age", n.toString()]), async (d, h) => {
+    const f = d.request, y = f.headers.get("Origin"), w = f.method === "OPTIONS" && y !== null && f.headers.has("Access-Control-Request-Method"), p = de(y, a);
+    if (w) {
+      if (!p)
+        return new Response(null, { status: 403 });
+      const g = new Response(null, { status: 204 });
+      for (const [H, M] of l)
+        g.headers.set(H, M);
+      return g.headers.set("Access-Control-Allow-Origin", p), g;
+    }
+    const m = await h();
+    if (!m) return;
+    if (!p) return m;
+    const S = new Response(m.body, m);
+    for (const [g, H] of l)
+      S.headers.set(g, H);
+    S.headers.set("Access-Control-Allow-Origin", p);
+    let A = S;
+    if (o) {
+      const g = o(A);
+      g && (A = g);
+    }
+    return A;
+  };
+}
+const Te = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
+  __proto__: null,
+  policy: he
+}, Symbol.toStringTag, { value: "Module" })), fe = ["GET", "PUT", "POST", "DELETE", "PATCH", "HEAD", "OPTIONS"];
+class b {
+  static {
+    this.cache = /* @__PURE__ */ new Map();
+  }
+  static get(e) {
+    return this.cache.get(e);
+  }
+  static set(e, t) {
+    this.cache.set(e, t);
+  }
+}
+class x {
+  constructor() {
+    this._routes = [], this._wsRoutes = [], this._nestedRouters = [], this._middlewares = [], this._preHandlers = [], this._postHandlers = [], this.routesSorted = !1, this.wsRoutesSorted = !1;
+  }
+  get routes() {
+    return this._routes;
+  }
+  get nestedRouters() {
+    return this._nestedRouters;
+  }
+  // HTTP method handlers
+  GET(e, t, ...s) {
+    return this.addHandler("GET", e, t, s);
+  }
+  POST(e, t, ...s) {
+    return this.addHandler("POST", e, t, s);
+  }
+  PUT(e, t, ...s) {
+    return this.addHandler("PUT", e, t, s);
+  }
+  PATCH(e, t, ...s) {
+    return this.addHandler("PATCH", e, t, s);
+  }
+  DELETE(e, t, ...s) {
+    return this.addHandler("DELETE", e, t, s);
+  }
+  HEAD(e, t, ...s) {
+    return this.addHandler("HEAD", e, t, s);
+  }
+  OPTIONS(e, t, ...s) {
+    return this.addHandler("OPTIONS", e, t, s);
+  }
+  // Universal method
+  USE(e, t, ...s) {
+    return fe.forEach((r) => this.addHandler(r, e, t, s)), this;
+  }
+  // Action handler (POST only)
+  action(e, t, ...s) {
+    const r = async (n) => {
+      try {
+        const o = await t(n);
+        return this.formatActionResult(o);
+      } catch (o) {
+        return this.handleActionError(o);
+      }
+    };
+    return this.addHandler("POST", e, r, s);
+  }
+  use(e, t, ...s) {
+    let r, n, o = s;
+    Array.isArray(e) ? ([r, n] = e, o = e.length > 2 ? e.slice(2) : []) : (r = e, n = t);
+    const i = this.normalizePrefix(r), { regex: u, paramNames: c, isCatchAll: l, priority: d } = this.createPrefixRegex(i);
+    return this._nestedRouters.push({
+      prefix: i,
+      router: n,
+      regex: u,
+      paramNames: c,
+      isCatchAll: l,
+      priority: d,
+      middlewares: o
+    }), this;
+  }
+  // Global middleware
+  useMiddleware(...e) {
+    return this._middlewares.push(...e), this;
+  }
+  pre(...e) {
+    return this._preHandlers.push(...e), this;
+  }
+  post(...e) {
+    return this._postHandlers.push(...e), this;
+  }
+  // Discard routes or nested routers
+  discard(e, t) {
+    return this._nestedRouters = this._nestedRouters.filter((s) => s.prefix !== e), this._routes = this._routes.filter(
+      (s) => s.path !== e || t && s.method !== t
+    ), this;
+  }
+  // WebSocket route
+  WS(e, t, ...s) {
+    const { regex: r, paramNames: n, isCatchAll: o, priority: i } = this.createPathRegex(e);
+    return this._wsRoutes.push({
+      path: e,
+      regex: r,
+      paramNames: n,
+      isCatchAll: o,
+      priority: i,
+      handler: t,
+      middlewares: s
+    }), this.wsRoutesSorted = !1, this;
+  }
+  // Add this method to your Router class
+  /**
+   * Check if the router can handle a WebSocket connection for the given path
+   * This is used during the upgrade process to validate routes before attempting connection
+   */
+  async canHandleWebSocket(e) {
+    return this.canHandleWebSocketAtPath(e, e.url.pathname);
+  }
+  async canHandleWebSocketAtPath(e, t) {
+    this.wsRoutesSorted || this.sortWsRoutes();
+    for (const s of [...this._nestedRouters].sort((r, n) => n.priority - r.priority)) {
+      const r = t.match(s.regex);
+      if (!r || r.index !== 0) continue;
+      const n = r[0], o = t.slice(n.length) || "/", i = {
+        ...e,
+        params: { ...e.params, ...this.extractPrefixParams(s, n) }
+      };
+      if (await s.router.canHandleWebSocketAtPath(i, o))
+        return !0;
+    }
+    for (const s of this._wsRoutes)
+      if (s.regex.test(t))
+        return !0;
+    return !1;
+  }
+  // Handle WebSocket upgrade
+  async handleWebSocket(e, t) {
+    return this.handleWebSocketAtPath(e, t, e.url.pathname);
+  }
+  async handleWebSocketAtPath(e, t, s) {
+    this.wsRoutesSorted || this.sortWsRoutes();
+    for (const r of [...this._nestedRouters].sort((n, o) => o.priority - n.priority)) {
+      const n = s.match(r.regex);
+      if (!n || n.index !== 0) continue;
+      const o = n[0], i = s.slice(o.length) || "/", u = this.extractPrefixParams(r, o), c = {
+        ...e,
+        params: { ...e.params, ...u }
+      }, l = [...this._middlewares, ...r.middlewares], d = () => r.router.handleWebSocketAtPath(c, t, i);
+      if (await this.applyMiddlewaresWithList(c, l, d)) return !0;
+    }
+    for (const r of this._wsRoutes) {
+      if (!r.regex.test(s)) continue;
+      const n = s.match(r.regex);
+      if (!n) continue;
+      const o = Object.fromEntries(
+        r.paramNames.map((l, d) => [l, n[d + 1] || ""])
+      ), i = {
+        ...e,
+        params: { ...e.params, ...o },
+        route: { ...e.route, id: r.path },
+        websocket: t
+      }, u = [...this._middlewares, ...r.middlewares];
+      if (await this.applyMiddlewaresWithList(i, u, () => r.handler(i)) === void 0)
+        return !0;
+    }
+    return !1;
+  }
+  // Handle HTTP request - FIXED: Single middleware application
+  async handle(e) {
+    return this.handleAtPath(e, e.url.pathname);
+  }
+  async handleAtPath(e, t) {
+    const s = e.request.method;
+    let r = await this.runPreHandlers(e);
+    if (!r) {
+      const o = async () => {
+        const i = await this.handleNestedRouters(e, t);
+        return i || (this.routesSorted || this.sortRoutes(), this.handleLocalRoutes(e, s, t));
+      };
+      r = await this.applyMiddlewaresWithList(e, this._middlewares, o);
+    }
+    const n = r || new Response("No Content", { status: 204 });
+    return this.runPostHandlers(e, n);
+  }
+  // Apply middlewares utility
+  async applyMiddlewaresWithList(e, t, s) {
+    const r = [...t], n = async (o) => o >= r.length ? s() : r[o](e, () => n(o + 1));
+    return n(0);
+  }
+  async runPreHandlers(e) {
+    for (const t of this._preHandlers) {
+      const s = await t(e);
+      if (s instanceof Response)
+        return s;
+    }
+  }
+  async runPostHandlers(e, t) {
+    let s = t;
+    for (const r of this._postHandlers) {
+      const n = await r(e, s);
+      n instanceof Response && (s = n);
+    }
+    return s;
+  }
+  // Add route handler
+  addHandler(e, t, s, r = []) {
+    const { regex: n, paramNames: o, isCatchAll: i, priority: u } = this.createPathRegex(t);
+    return this._routes.push({
+      method: e,
+      path: t,
+      regex: n,
+      paramNames: o,
+      isCatchAll: i,
+      priority: u,
+      handler: s,
+      middlewares: r
+    }), this.routesSorted = !1, this;
+  }
+  // Create regex for route path
+  createPathRegex(e) {
+    const t = b.get(e);
+    if (t) return t;
+    const s = [];
+    let r = !1, n;
+    const o = e.split("/").filter(Boolean);
+    n = o.reduce((c, l) => l.startsWith("[...") ? c - 10 : l.startsWith("[[") ? c - 5 : l.startsWith("[") ? c - 1 : c + 1, 0);
+    let i = "^";
+    for (const c of o)
+      if (c.startsWith("[...") && c.endsWith("]")) {
+        r = !0;
+        const l = c.slice(4, -1);
+        s.push(l), i += "/(.+)";
+      } else if (c.startsWith("[[") && c.endsWith("]]")) {
+        const l = c.slice(2, -2);
+        s.push(l), i += "(?:/([^/]+))?";
+      } else if (c.startsWith("[") && c.endsWith("]")) {
+        const l = c.slice(1, -1);
+        s.push(l), i += "/([^/]+)";
+      } else
+        i += "/" + c.replace(/[-/\\^$*+?.()|[\]{}]/g, "\\$&");
+    i += "/?$";
+    const u = { regex: new RegExp(i), paramNames: s, isCatchAll: r, priority: n };
+    return b.set(e, u), u;
+  }
+  // Create regex for prefix
+  createPrefixRegex(e) {
+    const t = [];
+    let s = !1, r;
+    const n = e.split("/").filter(Boolean);
+    r = n.reduce((i, u) => u.startsWith("[...") ? i - 10 : u.startsWith("[[") ? i - 5 : u.startsWith("[") ? i - 1 : i + 1, 0);
+    let o = "^";
+    for (const i of n)
+      if (i.startsWith("[...") && i.endsWith("]")) {
+        s = !0;
+        const u = i.slice(4, -1);
+        t.push(u), o += "/(.+)";
+      } else if (i.startsWith("[[") && i.endsWith("]]")) {
+        const u = i.slice(2, -2);
+        t.push(u), o += "(?:/([^/]+))?";
+      } else if (i.startsWith("[") && i.endsWith("]")) {
+        const u = i.slice(1, -1);
+        t.push(u), o += "/([^/]+)";
+      } else
+        o += "/" + i.replace(/[-/\\^$*+?.()|[\]{}]/g, "\\$&");
+    return o += "(?=/|$)", { regex: new RegExp(o), paramNames: t, isCatchAll: s, priority: r };
+  }
+  normalizePrefix(e) {
+    return e.startsWith("/") ? e.replace(/\/$/, "") : `/${e.replace(/\/$/, "")}`;
+  }
+  extractPrefixParams(e, t) {
+    const s = t.match(e.regex);
+    if (!s) return {};
+    const r = {};
+    return e.isCatchAll && e.paramNames.length === 1 ? r[e.paramNames[0]] = s[1]?.replace(/^\//, "") || "" : e.paramNames.forEach((n, o) => {
+      r[n] = s[o + 1] || "";
+    }), r;
+  }
+  // FIXED: Nested router handling without duplicate middleware application
+  async handleNestedRouters(e, t) {
+    const s = [...this._nestedRouters].sort((r, n) => n.priority - r.priority);
+    for (const r of s) {
+      const n = t.match(r.regex);
+      if (!n || n.index !== 0) continue;
+      const o = n[0], i = t.slice(o.length) || "/", u = this.extractPrefixParams(r, o), c = {
+        ...e,
+        params: { ...e.params, ...u }
+      }, l = async () => await r.router.handleAtPath(c, i), d = await this.applyMiddlewaresWithList(c, r.middlewares, l);
+      if (d) return d;
+    }
+    return null;
+  }
+  // FIXED: Local route handling without duplicate middleware application
+  async handleLocalRoutes(e, t, s) {
+    const r = /* @__PURE__ */ new Set();
+    let n = !1;
+    for (const o of this._routes) {
+      if (!o.regex.test(s) || (r.add(o.method), o.method === "GET" && (n = !0, r.add("HEAD")), !(o.method === t || t === "HEAD" && o.method === "GET"))) continue;
+      const u = s.match(o.regex);
+      if (!u) continue;
+      const c = Object.fromEntries(
+        o.paramNames.map((d, h) => [d, u[h + 1] || ""])
+      );
+      e.params = { ...e.params, ...c }, e.route = { ...e.route, id: o.path };
+      const l = () => o.handler(e);
+      return await this.applyMiddlewaresWithList(e, o.middlewares, l);
+    }
+    if (r.size > 0 || t === "HEAD" && n) {
+      const o = [...r].join(", ");
+      return t === "OPTIONS" ? new Response(null, {
+        status: 200,
+        headers: { Allow: o }
+      }) : new Response("Method Not Allowed", {
+        status: 405,
+        headers: { Allow: o }
+      });
+    }
+    return new Response("Not Found", { status: 404 });
+  }
+  sortRoutes() {
+    this._routes.sort((e, t) => t.priority - e.priority), this.routesSorted = !0;
+  }
+  sortWsRoutes() {
+    this._wsRoutes.sort((e, t) => t.priority - e.priority), this.wsRoutesSorted = !0;
+  }
+  formatActionResult(e) {
+    return e instanceof Response ? e : e?.type === "failure" && "status" in e ? R.fail(e.status, e.data) : R.success(200, e ?? void 0);
+  }
+  handleActionError(e) {
+    if (_(e))
+      return R.error(e.status, e);
+    if (N(e)) {
+      const t = e.headers.get("Location") || "/";
+      return R.redirect(e.status, t);
+    }
+    return console.error(e), R.error(500, { message: "Internal Server Error" });
+  }
+  static New() {
+    return new x();
+  }
+}
+const R = {
+  success: (a = 200, e) => new Response(JSON.stringify({ data: e, type: "success", status: a }), {
+    status: a,
+    headers: { "Content-Type": "application/json" }
+  }),
+  redirect: (a = 302, e) => new Response(JSON.stringify({ location: e, type: "redirect", status: a }), {
+    status: a,
+    headers: { "Content-Type": "application/json" }
+  }),
+  error: (a = 500, e) => new Response(JSON.stringify({ error: e, type: "error", status: a }), {
+    status: a,
+    headers: { "Content-Type": "application/json" }
+  }),
+  fail: (a = 400, e) => new Response(JSON.stringify({ data: e, type: "failure", status: a }), {
+    status: a,
+    headers: { "Content-Type": "application/json" }
+  })
+};
+class pe {
+  constructor(e, t) {
+    this.raw = e.headers.get("cookie") ?? "", this.setCookieHeader = t;
+  }
+  get(e, t) {
+    return E(this.raw, t)[e];
+  }
+  getAll(e) {
+    return Object.entries(E(this.raw, e)).filter(([, t]) => t !== void 0).map(([t, s]) => ({ name: t, value: s }));
+  }
+  set(e, t, s) {
+    this.setCookieHeader(Y(e, t, s));
+  }
+  delete(e, t) {
+    this.set(e, "", { ...t, maxAge: 0 });
+  }
+}
+class C extends Error {
+  constructor(e = "Payload Too Large") {
+    super(e), this.status = 413, this.name = "PayloadTooLargeError";
+  }
+}
+class be {
+  constructor(e) {
+    this.upgradeHandlerInstalled = !1, this.config = e ?? { type: "http", options: {} }, this.router = new x(), this.wss = new K({
+      noServer: !0,
+      maxPayload: this.config.security?.maxWebSocketPayload ?? 1024 * 1024
+    });
+  }
+  get server() {
+    if (!this._server) {
+      const e = (t, s) => {
+        this.handleRequest(t, s).catch((r) => {
+          console.error("Unhandled request error:", r), s.statusCode = 500, s.end("Internal Server Error");
+        });
+      };
+      this._server = this.config.type === "https" ? q(this.config.options, e) : B(this.config.options, e);
+    }
+    return this._server;
+  }
+  discard(e, t) {
+    return this.router.discard(e, t), this;
+  }
+  listen(...e) {
+    return this.upgradeHandlerInstalled || (this.installUpgradeHandler(), this.upgradeHandlerInstalled = !0), this.server.listen(...e), this;
+  }
+  installUpgradeHandler() {
+    this.server.on("upgrade", (e, t, s) => {
+      if (e.headers.upgrade?.toLowerCase() !== "websocket") {
+        t.destroy();
+        return;
+      }
+      let r, n;
+      try {
+        r = this.toURL(e, !0), n = this.toRequest(e, r, !0);
+      } catch {
+        t.destroy();
+        return;
+      }
+      const o = this.toRequestEvent(n, r, {
+        getClientAddress: () => e.socket.remoteAddress ?? "127.0.0.1",
+        setHeader: () => {
+        },
+        pushSetCookie: () => {
+        }
+      });
+      this.router.canHandleWebSocket(o).then((i) => {
+        if (!i || !this.isAllowedWebSocketOrigin(e)) {
+          t.destroy();
+          return;
+        }
+        this.wss.handleUpgrade(e, t, s, (u) => {
+          this.router.handleWebSocket(o, u).then((c) => {
+            !c && u.readyState === P.OPEN && u.close(1008, "Route not found");
+          }).catch((c) => {
+            console.error("WebSocket routing error:", c), u.readyState === P.OPEN && u.close(1011, "Internal error");
+          });
+        });
+      }).catch(() => t.destroy());
+    });
+  }
+  close(e) {
+    this.wss.close(() => {
+      this.server.close(e);
+    });
+  }
+  address() {
+    return this.server.address();
+  }
+  get listening() {
+    return this.server.listening;
+  }
+  async handleRequest(e, t) {
+    if (!this.isRequestBodyAllowed(e)) {
+      t.statusCode = 413, t.end("Payload Too Large");
+      return;
+    }
+    const s = this.toWebRequest(e), r = new URL(s.url), n = {}, o = [], i = this.toRequestEvent(s, r, {
+      getClientAddress: () => e.socket.remoteAddress ?? "127.0.0.1",
+      setHeader: (c, l) => {
+        n[c.toLowerCase()] = l;
+      },
+      pushSetCookie: (c) => {
+        o.push(c);
+      }
+    });
+    let u;
+    try {
+      u = await this.router.handle(i);
+    } catch (c) {
+      u = this.handleError(c);
+    }
+    for (const [c, l] of Object.entries(n))
+      t.setHeader(c, l);
+    o.length > 0 && t.setHeader("Set-Cookie", o), await this.sendWebResponse(t, u);
+  }
+  toWebRequest(e) {
+    const t = this.toURL(e, !1);
+    return this.toRequest(e, t, !1);
+  }
+  toRequest(e, t, s) {
+    const r = {
+      method: s ? "GET" : e.method,
+      headers: this.toHeaders(e.headers),
+      // @ts-ignore
+      duplex: "half"
+    };
+    return !s && e.method !== "GET" && e.method !== "HEAD" && (r.body = G.toWeb(this.wrapRequestBody(e))), new Request(t, r);
+  }
+  wrapRequestBody(e) {
+    const t = this.config.security?.maxRequestBodySize;
+    if (!t)
+      return e;
+    let s = 0;
+    const r = new J({
+      transform(n, o, i) {
+        if (s += Buffer.byteLength(n), s > t) {
+          i(new C());
+          return;
+        }
+        i(null, n);
+      }
+    });
+    return e.on("aborted", () => r.destroy(new Error("Request aborted"))), e.on("error", (n) => r.destroy(n)), e.pipe(r), r;
+  }
+  toURL(e, t) {
+    const s = e.socket instanceof X ? t ? "wss" : "https" : t ? "ws" : "http", r = this.resolveAuthority(e);
+    return new URL(e.url ?? "/", `${s}://${r}`);
+  }
+  resolveAuthority(e) {
+    const t = this.config.security?.trustHostHeader ? this.normalizeTrustedHost(e.headers.host) : null;
+    if (t)
+      return t;
+    const s = this.server.address();
+    return s && typeof s == "object" ? `${s.address.includes(":") ? `[${s.address}]` : s.address}:${s.port}` : e.socket.localPort ? `127.0.0.1:${e.socket.localPort}` : "localhost";
+  }
+  normalizeTrustedHost(e) {
+    if (!e) return null;
+    let t;
+    try {
+      t = new URL(`http://${e}`);
+    } catch {
+      return null;
+    }
+    if (t.username || t.password || t.pathname !== "/" || t.search || t.hash)
+      return null;
+    const s = t.port ? `${t.hostname}:${t.port}` : t.hostname, r = this.config.security?.allowedHosts;
+    return !r || this.matchesValue(s, r) ? s : null;
+  }
+  matchesValue(e, t) {
+    return (Array.isArray(t) ? t : [t]).some((r) => typeof r == "string" ? r === e : r instanceof RegExp ? r.test(e) : r(e));
+  }
+  toHeaders(e) {
+    const t = new Headers();
+    for (const [s, r] of Object.entries(e))
+      if (r !== void 0) {
+        if (Array.isArray(r)) {
+          const n = s.toLowerCase() === "cookie" ? r.join("; ") : r.join(", ");
+          t.set(s, n);
+          continue;
+        }
+        t.set(s, r);
+      }
+    return t;
+  }
+  isRequestBodyAllowed(e) {
+    const t = this.config.security?.maxRequestBodySize;
+    if (!t) return !0;
+    const s = e.headers["content-length"];
+    if (!s) return !0;
+    const r = Number.parseInt(Array.isArray(s) ? s[0] : s, 10);
+    return Number.isFinite(r) && r <= t;
+  }
+  handleError(e) {
+    if (e instanceof C)
+      return new Response(e.message, { status: e.status });
+    if (_(e))
+      return new Response(JSON.stringify({
+        error: e.statusText || "Error",
+        status: e.status
+      }), {
+        status: e.status,
+        headers: { "Content-Type": "application/json" }
+      });
+    if (N(e)) {
+      const t = e.headers.get("Location") || "/";
+      return new Response(null, {
+        status: e.status,
+        headers: { Location: t }
+      });
+    }
+    return console.error("Unhandled error:", e), new Response("Internal Server Error", { status: 500 });
+  }
+  async sendWebResponse(e, t) {
+    if (e.statusCode = t.status, t.headers.forEach((n, o) => {
+      e.setHeader(o, n);
+    }), e.hasHeader("Server") || e.setHeader("Server", "WebHTTPServer"), !t.body || this.shouldOmitResponseBody(t, e.req?.method)) {
+      e.end();
+      return;
+    }
+    const s = t.body.getReader(), r = V.toWeb(e).getWriter();
+    try {
+      for (; ; ) {
+        const { done: n, value: o } = await s.read();
+        if (n) break;
+        await r.write(o);
+      }
+    } finally {
+      await r.close().catch(() => {
+      });
+    }
+  }
+  shouldOmitResponseBody(e, t) {
+    return t === "HEAD" ? !0 : e.status === 204 || e.status === 205 || e.status === 304;
+  }
+  isAllowedWebSocketOrigin(e) {
+    const t = e.headers.origin;
+    if (!t) return !0;
+    const s = this.config.security?.allowedWebSocketOrigins;
+    return s ? this.matchesValue(t, s) : !0;
+  }
+  toRequestEvent(e, t, s) {
+    const r = new pe(e, s.pushSetCookie), n = this.config, o = {}, i = { name: "WebHTTPServer" }, u = /* @__PURE__ */ new Set(), c = {
+      request: e,
+      url: t,
+      cookies: r,
+      getClientAddress: s.getClientAddress,
+      get locals() {
+        return o;
+      },
+      get platform() {
+        return i;
+      },
+      params: {},
+      route: { id: "" },
+      setHeaders: (l) => {
+        for (const [d, h] of Object.entries(l)) {
+          const f = d.toLowerCase();
+          if (f === "set-cookie")
+            throw new TypeError("Use event.cookies for Set-Cookie headers");
+          if (u.has(f))
+            throw new TypeError(`Header "${d}" has already been set`);
+          u.add(f), s.setHeader(d, h);
+        }
+      }
+    };
+    return n.locals && Object.assign(o, n.locals(c)), n.platform && Object.assign(i, n.platform(c)), c;
+  }
+}
+const Ce = async (a, e) => {
+  const t = JSON.stringify(await a);
+  return new Response(t, {
+    ...e,
+    headers: {
+      "content-type": "application/json",
+      "content-length": Buffer.byteLength(t).toString(),
+      ...e?.headers
+    }
+  });
+}, We = async (a, e) => {
+  const t = await a;
+  return new Response(t, {
+    ...e,
+    headers: {
+      "content-type": "text/plain",
+      "content-length": Buffer.byteLength(t).toString(),
+      ...e?.headers
+    }
+  });
+}, Le = async (a, e) => {
+  const t = await a;
+  return new Response(t, {
+    ...e,
+    headers: {
+      "content-type": "text/html",
+      "content-length": Buffer.byteLength(t).toString(),
+      ...e?.headers
+    }
+  });
+}, Oe = (a, e = {}) => (t) => ee(a, t, e);
+export {
+  R as Action,
+  Te as CORS,
+  Ee as RateLimiter,
+  fe as RequestMethods,
+  x as Router,
+  be as WebServer,
+  Oe as dir,
+  Le as html,
+  _ as isHttpError,
+  N as isRedirect,
+  Ce as json,
+  ee as serveStatic,
+  We as text
+};
+//# sourceMappingURL=index.es.js.map