@taujs/server 0.2.5 → 0.2.7

package/dist/build.js

@@ -251,10 +251,10 @@ var cspHook = (options = {}) => (req, reply, done) => {
   done();
 };
 var applyCSP = (security, reply) => {
-  if (!security?.csp) return;
   const nonce = generateNonce();
-  const { directives = {}, generateCSP = defaultGenerateCSP } = security.csp;
-  const header = generateCSP(directives, nonce);
+  const directives = security?.csp?.directives ?? DEV_CSP_DIRECTIVES;
+  const generate = security?.csp?.generateCSP ?? defaultGenerateCSP;
+  const header = generate(directives, nonce);
   reply.header("Content-Security-Policy", header);
   reply.request.nonce = nonce;
   return nonce;
@@ -330,16 +330,15 @@ function renderPreloadLink(file) {
       return "";
   }
 }
-var callServiceMethod = async (serviceRegistry, serviceName, serviceMethod, params) => {
-  const service = serviceRegistry[serviceName];
-  if (service && typeof service[serviceMethod] === "function") {
-    const method = service[serviceMethod];
-    const data = await method(params);
-    if (typeof data !== "object" || data === null)
-      throw new Error(`Expected object response from service method ${serviceMethod} on ${serviceName}, but got ${typeof data}`);
-    return data;
-  }
-  throw new Error(`Service method ${serviceMethod} does not exist on ${serviceName}`);
+var callServiceMethod = async (registry, serviceName, methodName, params) => {
+  const service = registry[serviceName];
+  if (!service) throw new Error(`Service ${String(serviceName)} does not exist in the registry`);
+  const method = service[methodName];
+  if (typeof method !== "function") throw new Error(`Service method ${String(methodName)} does not exist on ${String(serviceName)}`);
+  const data = await method(params);
+  if (typeof data !== "object" || data === null)
+    throw new Error(`Expected object response from ${String(serviceName)}.${String(methodName)}, but got ${typeof data}`);
+  return data;
 };
 var fetchData = async ({ url, options }) => {
   if (url) {
@@ -357,10 +356,10 @@ var fetchInitialData = async (attr, params, serviceRegistry) => {
       headers: { "Content-Type": "application/json" },
       params
     }).then(async (data) => {
-      if (data.serviceName && data.serviceMethod) {
+      if (data.serviceName && data.serviceMethod && typeof data.serviceName === "string" && typeof data.serviceMethod === "string")
         return await callServiceMethod(serviceRegistry, data.serviceName, data.serviceMethod, data.options?.params ?? {});
-      }
-      return await fetchData(data);
+      if (data.url && typeof data.url === "string") return await fetchData(data);
+      throw new Error("Invalid fetch configuration: must have either serviceName+serviceMethod or url");
     }).catch((error) => {
       console.error("Error fetching initial data:", error);
       throw error;
@@ -475,7 +474,7 @@ var SSRServer = (0, import_fastify_plugin.default)(
     app.addHook(
       "onRequest",
       cspHook({
-        directives: opts.security?.csp?.directives ?? DEV_CSP_DIRECTIVES,
+        directives: opts.security?.csp?.directives,
         generateCSP: opts.security?.csp?.generateCSP
       })
     );

package/dist/index.js

@@ -246,10 +246,10 @@ var cspHook = (options = {}) => (req, reply, done) => {
   done();
 };
 var applyCSP = (security, reply) => {
-  if (!security?.csp) return;
   const nonce = generateNonce();
-  const { directives = {}, generateCSP = defaultGenerateCSP } = security.csp;
-  const header = generateCSP(directives, nonce);
+  const directives = security?.csp?.directives ?? DEV_CSP_DIRECTIVES;
+  const generate = security?.csp?.generateCSP ?? defaultGenerateCSP;
+  const header = generate(directives, nonce);
   reply.header("Content-Security-Policy", header);
   reply.request.nonce = nonce;
   return nonce;
@@ -325,16 +325,15 @@ function renderPreloadLink(file) {
       return "";
   }
 }
-var callServiceMethod = async (serviceRegistry, serviceName, serviceMethod, params) => {
-  const service = serviceRegistry[serviceName];
-  if (service && typeof service[serviceMethod] === "function") {
-    const method = service[serviceMethod];
-    const data = await method(params);
-    if (typeof data !== "object" || data === null)
-      throw new Error(`Expected object response from service method ${serviceMethod} on ${serviceName}, but got ${typeof data}`);
-    return data;
-  }
-  throw new Error(`Service method ${serviceMethod} does not exist on ${serviceName}`);
+var callServiceMethod = async (registry, serviceName, methodName, params) => {
+  const service = registry[serviceName];
+  if (!service) throw new Error(`Service ${String(serviceName)} does not exist in the registry`);
+  const method = service[methodName];
+  if (typeof method !== "function") throw new Error(`Service method ${String(methodName)} does not exist on ${String(serviceName)}`);
+  const data = await method(params);
+  if (typeof data !== "object" || data === null)
+    throw new Error(`Expected object response from ${String(serviceName)}.${String(methodName)}, but got ${typeof data}`);
+  return data;
 };
 var fetchData = async ({ url, options }) => {
   if (url) {
@@ -352,10 +351,10 @@ var fetchInitialData = async (attr, params, serviceRegistry) => {
       headers: { "Content-Type": "application/json" },
       params
     }).then(async (data) => {
-      if (data.serviceName && data.serviceMethod) {
+      if (data.serviceName && data.serviceMethod && typeof data.serviceName === "string" && typeof data.serviceMethod === "string")
         return await callServiceMethod(serviceRegistry, data.serviceName, data.serviceMethod, data.options?.params ?? {});
-      }
-      return await fetchData(data);
+      if (data.url && typeof data.url === "string") return await fetchData(data);
+      throw new Error("Invalid fetch configuration: must have either serviceName+serviceMethod or url");
     }).catch((error) => {
       console.error("Error fetching initial data:", error);
       throw error;
@@ -470,7 +469,7 @@ var SSRServer = (0, import_fastify_plugin.default)(
     app.addHook(
       "onRequest",
       cspHook({
-        directives: opts.security?.csp?.directives ?? DEV_CSP_DIRECTIVES,
+        directives: opts.security?.csp?.directives,
         generateCSP: opts.security?.csp?.generateCSP
       })
     );

package/dist/security/csp.d.ts

@@ -98,7 +98,6 @@ type Manifest = {
 type RenderSSR = (initialDataResolved: Record<string, unknown>, location: string, meta?: Record<string, unknown>) => Promise<{
     headContent: string;
     appHtml: string;
-    initialDataScript: string;
 }>;
 type RenderStream = (serverResponse: ServerResponse, callbacks: RenderCallbacks, initialDataPromise: Promise<Record<string, unknown>>, location: string, bootstrapModules?: string, meta?: Record<string, unknown>) => void;
 type RenderModule = {

package/dist/security/csp.js

@@ -41,10 +41,10 @@ var cspHook = (options = {}) => (req, reply, done) => {
 };
 var getRequestNonce = (req) => req.nonce;
 var applyCSP = (security, reply) => {
-  if (!security?.csp) return;
   const nonce = generateNonce();
-  const { directives = {}, generateCSP = defaultGenerateCSP } = security.csp;
-  const header = generateCSP(directives, nonce);
+  const directives = security?.csp?.directives ?? DEV_CSP_DIRECTIVES;
+  const generate = security?.csp?.generateCSP ?? defaultGenerateCSP;
+  const header = generate(directives, nonce);
   reply.header("Content-Security-Policy", header);
   reply.request.nonce = nonce;
   return nonce;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@taujs/server",
-  "version": "0.2.5",
+  "version": "0.2.7",
   "description": "taujs | τjs",
   "author": "Aoede <taujs@aoede.uk.net> (https://www.aoede.uk.net)",
   "license": "MIT",