@temporary-name/server 1.9.3-alpha.f9f5ce625d5edee78250b87b3a64f1d9760c2244 → 1.9.3-alpha.fb7e3a67f82deaeffad5063e136b2f3c03c4b5b3

package/dist/shared/server.n1y5fcVQ.mjs

@@ -0,0 +1,315 @@
+import { isObject, NullProtoObj, fallbackContractConfig, stringifyJSON, isAsyncIteratorObject, tryDecodeURIComponent, toHttpPath, runWithSpan, ORPC_NAME, asyncIteratorWithSpan, setSpanError } from '@temporary-name/shared';
+import { e as encodeError, i as isAPIErrorStatus, s as standardizeHTTPPath, A as APIError, B as BadRequestError, t as toAPIError$1 } from './server.DvgWQUGK.mjs';
+import { c as createProcedureClient } from './server.D2NXNHIf.mjs';
+import { toAPIError, traverseContractProcedures, getLazyMeta, unlazy } from '@temporary-name/server';
+import { mapEventIterator, ErrorEvent } from '@temporary-name/standard-server';
+import { createRouter, addRoute, findRoute } from 'rou3';
+
+function bracketNotationDeserialize(serialized, { maxArrayIndex = 9999 } = {}) {
+  if (serialized.length === 0) {
+    return {};
+  }
+  const arrayPushStyles = /* @__PURE__ */ new WeakSet();
+  const ref = { value: [] };
+  for (const [path, value] of serialized) {
+    const segments = parsePath(path);
+    let currentRef = ref;
+    let nextSegment = "value";
+    segments.forEach((segment, i) => {
+      if (!Array.isArray(currentRef[nextSegment]) && !isObject(currentRef[nextSegment])) {
+        currentRef[nextSegment] = [];
+      }
+      if (i !== segments.length - 1) {
+        if (Array.isArray(currentRef[nextSegment]) && !isValidArrayIndex(segment, maxArrayIndex)) {
+          if (arrayPushStyles.has(currentRef[nextSegment])) {
+            arrayPushStyles.delete(currentRef[nextSegment]);
+            currentRef[nextSegment] = pushStyleArrayToObject(currentRef[nextSegment]);
+          } else {
+            currentRef[nextSegment] = arrayToObject(currentRef[nextSegment]);
+          }
+        }
+      } else {
+        if (Array.isArray(currentRef[nextSegment])) {
+          if (segment === "") {
+            if (currentRef[nextSegment].length && !arrayPushStyles.has(currentRef[nextSegment])) {
+              currentRef[nextSegment] = arrayToObject(currentRef[nextSegment]);
+            }
+          } else {
+            if (arrayPushStyles.has(currentRef[nextSegment])) {
+              arrayPushStyles.delete(currentRef[nextSegment]);
+              currentRef[nextSegment] = pushStyleArrayToObject(currentRef[nextSegment]);
+            } else if (!isValidArrayIndex(segment, maxArrayIndex)) {
+              currentRef[nextSegment] = arrayToObject(currentRef[nextSegment]);
+            }
+          }
+        }
+      }
+      currentRef = currentRef[nextSegment];
+      nextSegment = segment;
+    });
+    if (Array.isArray(currentRef) && nextSegment === "") {
+      arrayPushStyles.add(currentRef);
+      currentRef.push(value);
+    } else if (nextSegment in currentRef) {
+      if (Array.isArray(currentRef[nextSegment])) {
+        currentRef[nextSegment].push(value);
+      } else {
+        currentRef[nextSegment] = [currentRef[nextSegment], value];
+      }
+    } else {
+      currentRef[nextSegment] = value;
+    }
+  }
+  return ref.value;
+}
+function parsePath(path) {
+  const segments = [];
+  let inBrackets = false;
+  let currentSegment = "";
+  let backslashCount = 0;
+  for (let i = 0; i < path.length; i++) {
+    const char = path[i];
+    const nextChar = path[i + 1];
+    if (inBrackets && char === "]" && (nextChar === void 0 || nextChar === "[") && backslashCount % 2 === 0) {
+      if (nextChar === void 0) {
+        inBrackets = false;
+      }
+      segments.push(currentSegment);
+      currentSegment = "";
+      i++;
+    } else if (segments.length === 0 && char === "[" && backslashCount % 2 === 0) {
+      inBrackets = true;
+      segments.push(currentSegment);
+      currentSegment = "";
+    } else if (char === "\\") {
+      backslashCount++;
+    } else {
+      currentSegment += "\\".repeat(backslashCount / 2) + char;
+      backslashCount = 0;
+    }
+  }
+  return inBrackets || segments.length === 0 ? [path] : segments;
+}
+function isValidArrayIndex(value, maxIndex) {
+  return /^0$|^[1-9]\d*$/.test(value) && Number(value) <= maxIndex;
+}
+function arrayToObject(array) {
+  const obj = new NullProtoObj();
+  array.forEach((item, i) => {
+    obj[i] = item;
+  });
+  return obj;
+}
+function pushStyleArrayToObject(array) {
+  const obj = new NullProtoObj();
+  obj[""] = array.length === 1 ? array[0] : array;
+  return obj;
+}
+
+async function decode(request, pathParams) {
+  return {
+    path: pathParams ?? {},
+    query: bracketNotationDeserialize(Array.from(request.url.searchParams.entries())),
+    headers: request.headers,
+    body: await request.body() ?? {}
+  };
+}
+function asyncSafeSerialize(data) {
+  if (isAsyncIteratorObject(data)) {
+    return mapEventIterator(data, {
+      value: async (value) => value,
+      error: async (e) => {
+        return new ErrorEvent({
+          data: encodeError(toAPIError(e))["body"],
+          cause: e
+        });
+      }
+    });
+  }
+  return data;
+}
+function encode(output, procedure) {
+  const successStatus = fallbackContractConfig(
+    "defaultSuccessStatus",
+    procedure["~orpc"].route.successStatus
+  );
+  const outputStructure = fallbackContractConfig(
+    "defaultOutputStructure",
+    procedure["~orpc"].route.outputStructure
+  );
+  if (outputStructure === "compact") {
+    return {
+      status: successStatus,
+      headers: new Headers(),
+      body: asyncSafeSerialize(output)
+    };
+  }
+  if (!isDetailedOutput(output)) {
+    throw new Error(`
+        Invalid "detailed" output structure:
+        \u2022 Expected an object with optional properties:
+          - status (number 200-399)
+          - headers (Record<string, string | string[]>)
+          - body (any)
+        \u2022 No extra keys allowed.
+
+        Actual value:
+          ${stringifyJSON(output)}
+      `);
+  }
+  return {
+    status: output.status ?? successStatus,
+    headers: output.headers ?? new Headers(),
+    body: asyncSafeSerialize(output.body)
+  };
+}
+function isDetailedOutput(output) {
+  if (!isObject(output)) {
+    return false;
+  }
+  if (output.headers && !isObject(output.headers)) {
+    return false;
+  }
+  if (output.status !== void 0 && (typeof output.status !== "number" || !Number.isInteger(output.status) || isAPIErrorStatus(output.status))) {
+    return false;
+  }
+  return true;
+}
+
+function resolveFriendlyStandardHandleOptions(options) {
+  return {
+    ...options,
+    context: options.context ?? {}
+    // Context only optional if all fields are optional
+  };
+}
+function toRou3Pattern(path) {
+  return standardizeHTTPPath(path).replace(/\/\{\+([^}]+)\}/g, "/**:$1").replace(/\/\{([^}]+)\}/g, "/:$1");
+}
+function decodeParams(params) {
+  return Object.fromEntries(
+    Object.entries(params).map(([key, value]) => [key, tryDecodeURIComponent(value)])
+  );
+}
+
+class StandardOpenAPIMatcher {
+  tree = createRouter();
+  pendingRouters = [];
+  init(router, path = []) {
+    const laziedOptions = traverseContractProcedures({ router, path }, (traverseOptions) => {
+      const { path: path2, contract } = traverseOptions;
+      const method = fallbackContractConfig("defaultMethod", contract["~orpc"].route.method);
+      const httpPath = toRou3Pattern(contract["~orpc"].route.path ?? toHttpPath(path2));
+      addRoute(this.tree, method, httpPath, {
+        path: path2,
+        // cast is safe because router is typed as Router (not ContractRouter)
+        procedure: contract,
+        router
+      });
+    });
+    this.pendingRouters.push(
+      ...laziedOptions.map((option) => ({
+        ...option,
+        httpPathPrefix: toHttpPath(option.path),
+        laziedPrefix: getLazyMeta(option.router).prefix
+      }))
+    );
+  }
+  async match(method, pathname) {
+    if (this.pendingRouters.length) {
+      const newPendingRouters = [];
+      for (const pendingRouter of this.pendingRouters) {
+        if (!pendingRouter.laziedPrefix || pathname.startsWith(pendingRouter.laziedPrefix) || pathname.startsWith(pendingRouter.httpPathPrefix)) {
+          const { default: router } = await unlazy(pendingRouter.router);
+          this.init(router, pendingRouter.path);
+        } else {
+          newPendingRouters.push(pendingRouter);
+        }
+      }
+      this.pendingRouters = newPendingRouters;
+    }
+    const match = findRoute(this.tree, method, pathname);
+    if (!match) {
+      return void 0;
+    }
+    return {
+      path: match.data.path,
+      procedure: match.data.procedure,
+      params: match.params ? decodeParams(match.params) : void 0
+    };
+  }
+}
+
+class StandardHandler {
+  matcher;
+  constructor(router) {
+    this.matcher = new StandardOpenAPIMatcher();
+    this.matcher.init(router);
+  }
+  async handle(request, options) {
+    const prefix = options.prefix?.replace(/\/$/, "") || void 0;
+    if (prefix && !request.url.pathname.startsWith(`${prefix}/`) && request.url.pathname !== prefix) {
+      return { matched: false, response: void 0 };
+    }
+    return runWithSpan({ name: `${request.method} ${request.url.pathname}` }, async (span) => {
+      let step;
+      try {
+        const context = options.context;
+        const method = request.method;
+        const url = request.url;
+        const pathname = prefix ? url.pathname.replace(prefix, "") : url.pathname;
+        const match = await runWithSpan(
+          { name: "find_procedure" },
+          () => this.matcher.match(method, `/${pathname.replace(/^\/|\/$/g, "")}`)
+        );
+        if (!match) {
+          return { matched: false, response: void 0 };
+        }
+        span?.updateName(`${ORPC_NAME}.${match.path.join("/")}`);
+        span?.setAttribute("rpc.system", ORPC_NAME);
+        span?.setAttribute("rpc.method", match.path.join("."));
+        step = "decode_input";
+        const input = await runWithSpan({ name: "decode_input" }, () => decode(request, match.params));
+        step = void 0;
+        if (isAsyncIteratorObject(input.body)) {
+          input.body = asyncIteratorWithSpan(
+            { name: "consume_event_iterator_input", signal: request.signal },
+            input.body
+          );
+        }
+        const client = createProcedureClient(match.procedure, {
+          context,
+          path: match.path
+        });
+        step = "call_procedure";
+        const output = await client(input, {
+          request,
+          signal: request.signal,
+          lastEventId: request.headers.get("last-event-id") ?? void 0
+        });
+        step = void 0;
+        const response = encode(output, match.procedure);
+        return {
+          matched: true,
+          response
+        };
+      } catch (e) {
+        if (step !== "call_procedure") {
+          setSpanError(span, e);
+        }
+        const error = step === "decode_input" && !(e instanceof APIError) ? new BadRequestError({
+          code: "malformed_request",
+          message: `Malformed request. Ensure the request body is properly formatted and the 'Content-Type' header is set correctly.`,
+          cause: e
+        }) : toAPIError$1(e);
+        const response = encodeError(error);
+        return {
+          matched: true,
+          response
+        };
+      }
+    });
+  }
+}
+
+export { StandardHandler as S, StandardOpenAPIMatcher as a, decodeParams as b, decode as d, encode as e, resolveFriendlyStandardHandleOptions as r, toRou3Pattern as t };

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@temporary-name/server",
   "type": "module",
-  "version": "1.9.3-alpha.f9f5ce625d5edee78250b87b3a64f1d9760c2244",
+  "version": "1.9.3-alpha.fb7e3a67f82deaeffad5063e136b2f3c03c4b5b3",
   "license": "MIT",
   "homepage": "https://www.stainless.com/",
   "repository": {
@@ -23,15 +23,10 @@
       "import": "./dist/helpers/index.mjs",
       "default": "./dist/helpers/index.mjs"
     },
-    "./plugins": {
-      "types": "./dist/plugins/index.d.mts",
-      "import": "./dist/plugins/index.mjs",
-      "default": "./dist/plugins/index.mjs"
-    },
     "./standard": {
-      "types": "./dist/adapters/standard/index.d.mts",
-      "import": "./dist/adapters/standard/index.mjs",
-      "default": "./dist/adapters/standard/index.mjs"
+      "types": "./dist/handler/index.d.mts",
+      "import": "./dist/handler/index.mjs",
+      "default": "./dist/handler/index.mjs"
     },
     "./fetch": {
       "types": "./dist/adapters/fetch/index.d.mts",
@@ -57,31 +52,17 @@
   "files": [
     "dist"
   ],
-  "peerDependencies": {
-    "drizzle-orm": "^0.44.5",
-    "drizzle-zod": "^0.8.3"
-  },
-  "peerDependenciesMeta": {
-    "drizzle-orm": {
-      "optional": true
-    },
-    "drizzle-zod": {
-      "optional": true
-    }
-  },
   "dependencies": {
     "cookie": "^1.0.2",
     "rou3": "^0.7.7",
     "zod": "^4.1.12",
-    "@temporary-name/contract": "1.9.3-alpha.f9f5ce625d5edee78250b87b3a64f1d9760c2244",
-    "@temporary-name/interop": "1.9.3-alpha.f9f5ce625d5edee78250b87b3a64f1d9760c2244",
-    "@temporary-name/shared": "1.9.3-alpha.f9f5ce625d5edee78250b87b3a64f1d9760c2244",
-    "@temporary-name/standard-server": "1.9.3-alpha.f9f5ce625d5edee78250b87b3a64f1d9760c2244",
-    "@temporary-name/standard-server-aws-lambda": "1.9.3-alpha.f9f5ce625d5edee78250b87b3a64f1d9760c2244",
-    "@temporary-name/standard-server-fetch": "1.9.3-alpha.f9f5ce625d5edee78250b87b3a64f1d9760c2244",
-    "@temporary-name/standard-server-node": "1.9.3-alpha.f9f5ce625d5edee78250b87b3a64f1d9760c2244",
-    "@temporary-name/json-schema": "1.9.3-alpha.f9f5ce625d5edee78250b87b3a64f1d9760c2244",
-    "@temporary-name/zod": "1.9.3-alpha.f9f5ce625d5edee78250b87b3a64f1d9760c2244"
+    "@temporary-name/standard-server": "1.9.3-alpha.fb7e3a67f82deaeffad5063e136b2f3c03c4b5b3",
+    "@temporary-name/standard-server-aws-lambda": "1.9.3-alpha.fb7e3a67f82deaeffad5063e136b2f3c03c4b5b3",
+    "@temporary-name/standard-server-fetch": "1.9.3-alpha.fb7e3a67f82deaeffad5063e136b2f3c03c4b5b3",
+    "@temporary-name/standard-server-node": "1.9.3-alpha.fb7e3a67f82deaeffad5063e136b2f3c03c4b5b3",
+    "@temporary-name/interop": "1.9.3-alpha.fb7e3a67f82deaeffad5063e136b2f3c03c4b5b3",
+    "@temporary-name/zod": "1.9.3-alpha.fb7e3a67f82deaeffad5063e136b2f3c03c4b5b3",
+    "@temporary-name/shared": "1.9.3-alpha.fb7e3a67f82deaeffad5063e136b2f3c03c4b5b3"
   },
   "devDependencies": {
     "@types/supertest": "^6.0.3",
@@ -91,6 +72,7 @@
   "scripts": {
     "build": "unbuild",
     "build:watch": "pnpm run build --watch",
-    "type:check": "tsc -b"
+    "clean": "tsc -b --clean",
+    "lint:tsc": "tsc -b"
   }
 }

package/dist/adapters/standard/index.d.mts

@@ -1,30 +0,0 @@
-export { C as CompositeStandardHandlerPlugin, c as StandardHandleOptions, d as StandardHandleResult, e as StandardHandler, S as StandardHandlerInterceptorOptions, b as StandardHandlerOptions, a as StandardHandlerPlugin } from '../../shared/server.D6Qs_UcF.mjs';
-import { AnyProcedure, AnyRouter } from '@temporary-name/server';
-import { StandardLazyRequest, StandardHeaders, StandardResponse, ORPCError, HTTPPath } from '@temporary-name/shared';
-export { F as FriendlyStandardHandleOptions, d as decodeParams, r as resolveFriendlyStandardHandleOptions, t as toRou3Pattern } from '../../shared/server.7aL9gcoU.mjs';
-import '@temporary-name/contract';
-import '../../shared/server.BL2R5jcp.mjs';
-
-declare function decode(request: StandardLazyRequest, pathParams: Record<string, string> | undefined): Promise<{
-    path: unknown;
-    query: unknown;
-    headers: StandardHeaders;
-    body: unknown;
-}>;
-declare function encode(output: unknown, procedure: AnyProcedure): StandardResponse;
-declare function encodeError(error: ORPCError<any, any>): StandardResponse;
-
-type StandardMatchResult = {
-    path: readonly string[];
-    procedure: AnyProcedure;
-    params?: Record<string, string>;
-} | undefined;
-declare class StandardOpenAPIMatcher {
-    private readonly tree;
-    private pendingRouters;
-    init(router: AnyRouter, path?: readonly string[]): void;
-    match(method: string, pathname: HTTPPath): Promise<StandardMatchResult>;
-}
-
-export { StandardOpenAPIMatcher, decode, encode, encodeError };
-export type { StandardMatchResult };

package/dist/adapters/standard/index.d.ts

@@ -1,30 +0,0 @@
-export { C as CompositeStandardHandlerPlugin, c as StandardHandleOptions, d as StandardHandleResult, e as StandardHandler, S as StandardHandlerInterceptorOptions, b as StandardHandlerOptions, a as StandardHandlerPlugin } from '../../shared/server.DpoO_ER_.js';
-import { AnyProcedure, AnyRouter } from '@temporary-name/server';
-import { StandardLazyRequest, StandardHeaders, StandardResponse, ORPCError, HTTPPath } from '@temporary-name/shared';
-export { F as FriendlyStandardHandleOptions, d as decodeParams, r as resolveFriendlyStandardHandleOptions, t as toRou3Pattern } from '../../shared/server.DFptr1Nz.js';
-import '@temporary-name/contract';
-import '../../shared/server.BL2R5jcp.js';
-
-declare function decode(request: StandardLazyRequest, pathParams: Record<string, string> | undefined): Promise<{
-    path: unknown;
-    query: unknown;
-    headers: StandardHeaders;
-    body: unknown;
-}>;
-declare function encode(output: unknown, procedure: AnyProcedure): StandardResponse;
-declare function encodeError(error: ORPCError<any, any>): StandardResponse;
-
-type StandardMatchResult = {
-    path: readonly string[];
-    procedure: AnyProcedure;
-    params?: Record<string, string>;
-} | undefined;
-declare class StandardOpenAPIMatcher {
-    private readonly tree;
-    private pendingRouters;
-    init(router: AnyRouter, path?: readonly string[]): void;
-    match(method: string, pathname: HTTPPath): Promise<StandardMatchResult>;
-}
-
-export { StandardOpenAPIMatcher, decode, encode, encodeError };
-export type { StandardMatchResult };

package/dist/adapters/standard/index.mjs

@@ -1,9 +0,0 @@
-export { C as CompositeStandardHandlerPlugin, S as StandardHandler, b as StandardOpenAPIMatcher, d as decode, c as decodeParams, e as encode, a as encodeError, r as resolveFriendlyStandardHandleOptions, t as toRou3Pattern } from '../../shared/server.CVBLzkro.mjs';
-import '@temporary-name/shared';
-import '@temporary-name/standard-server';
-import '../../shared/server.ClhVCxfg.mjs';
-import '@temporary-name/contract';
-import '@temporary-name/zod';
-import '../../shared/server.JtIZ8YG7.mjs';
-import '@temporary-name/server';
-import 'rou3';

package/dist/plugins/index.d.mts

@@ -1,84 +0,0 @@
-import { Value, Promisable, ORPCError } from '@temporary-name/shared';
-import { S as StandardHandlerInterceptorOptions, a as StandardHandlerPlugin, b as StandardHandlerOptions } from '../shared/server.D6Qs_UcF.mjs';
-import { C as Context, G as ProcedureClientInterceptorOptions } from '../shared/server.BL2R5jcp.mjs';
-import { Meta } from '@temporary-name/contract';
-
-interface CORSOptions<T extends Context> {
-    origin?: Value<Promisable<string | readonly string[] | null | undefined>, [
-        origin: string,
-        options: StandardHandlerInterceptorOptions<T>
-    ]>;
-    timingOrigin?: Value<Promisable<string | readonly string[] | null | undefined>, [
-        origin: string,
-        options: StandardHandlerInterceptorOptions<T>
-    ]>;
-    allowMethods?: readonly string[];
-    allowHeaders?: readonly string[];
-    maxAge?: number;
-    credentials?: boolean;
-    exposeHeaders?: readonly string[];
-}
-/**
- * CORSPlugin is a plugin for oRPC that allows you to configure CORS for your API.
- *
- * @see {@link https://orpc.unnoq.com/docs/plugins/cors CORS Plugin Docs}
- */
-declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T> {
-    private readonly options;
-    order: number;
-    constructor(options?: CORSOptions<T>);
-    init(options: StandardHandlerOptions<T>): void;
-}
-
-interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> {
-    /**
-     * The name of the header to check.
-     *
-     * @default 'x-csrf-token'
-     */
-    headerName?: Value<Promisable<string>, [options: StandardHandlerInterceptorOptions<T>]>;
-    /**
-     * The value of the header to check.
-     *
-     * @default 'orpc'
-     *
-     */
-    headerValue?: Value<Promisable<string>, [options: StandardHandlerInterceptorOptions<T>]>;
-    /**
-     * Exclude a procedure from the plugin.
-     *
-     * @default false
-     *
-     */
-    exclude?: Value<Promisable<boolean>, [
-        options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>
-    ]>;
-    /**
-     * The error thrown when the CSRF token is invalid.
-     *
-     * @default new ORPCError('CSRF_TOKEN_MISMATCH', {
-     *   status: 403,
-     *   message: 'Invalid CSRF token',
-     * })
-     */
-    error?: InstanceType<typeof ORPCError>;
-}
-/**
- * This plugin adds basic Cross-Site Request Forgery (CSRF) protection to your oRPC application.
- * It helps ensure that requests to your procedures originate from JavaScript code,
- * not from other sources like standard HTML forms or direct browser navigation.
- *
- * @see {@link https://orpc.unnoq.com/docs/plugins/simple-csrf-protection Simple CSRF Protection Plugin Docs}
- */
-declare class SimpleCsrfProtectionHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
-    private readonly headerName;
-    private readonly headerValue;
-    private readonly exclude;
-    private readonly error;
-    constructor(options?: SimpleCsrfProtectionHandlerPluginOptions<T>);
-    order: number;
-    init(options: StandardHandlerOptions<T>): void;
-}
-
-export { CORSPlugin, SimpleCsrfProtectionHandlerPlugin };
-export type { CORSOptions, SimpleCsrfProtectionHandlerPluginOptions };

package/dist/plugins/index.d.ts

@@ -1,84 +0,0 @@
-import { Value, Promisable, ORPCError } from '@temporary-name/shared';
-import { S as StandardHandlerInterceptorOptions, a as StandardHandlerPlugin, b as StandardHandlerOptions } from '../shared/server.DpoO_ER_.js';
-import { C as Context, G as ProcedureClientInterceptorOptions } from '../shared/server.BL2R5jcp.js';
-import { Meta } from '@temporary-name/contract';
-
-interface CORSOptions<T extends Context> {
-    origin?: Value<Promisable<string | readonly string[] | null | undefined>, [
-        origin: string,
-        options: StandardHandlerInterceptorOptions<T>
-    ]>;
-    timingOrigin?: Value<Promisable<string | readonly string[] | null | undefined>, [
-        origin: string,
-        options: StandardHandlerInterceptorOptions<T>
-    ]>;
-    allowMethods?: readonly string[];
-    allowHeaders?: readonly string[];
-    maxAge?: number;
-    credentials?: boolean;
-    exposeHeaders?: readonly string[];
-}
-/**
- * CORSPlugin is a plugin for oRPC that allows you to configure CORS for your API.
- *
- * @see {@link https://orpc.unnoq.com/docs/plugins/cors CORS Plugin Docs}
- */
-declare class CORSPlugin<T extends Context> implements StandardHandlerPlugin<T> {
-    private readonly options;
-    order: number;
-    constructor(options?: CORSOptions<T>);
-    init(options: StandardHandlerOptions<T>): void;
-}
-
-interface SimpleCsrfProtectionHandlerPluginOptions<T extends Context> {
-    /**
-     * The name of the header to check.
-     *
-     * @default 'x-csrf-token'
-     */
-    headerName?: Value<Promisable<string>, [options: StandardHandlerInterceptorOptions<T>]>;
-    /**
-     * The value of the header to check.
-     *
-     * @default 'orpc'
-     *
-     */
-    headerValue?: Value<Promisable<string>, [options: StandardHandlerInterceptorOptions<T>]>;
-    /**
-     * Exclude a procedure from the plugin.
-     *
-     * @default false
-     *
-     */
-    exclude?: Value<Promisable<boolean>, [
-        options: ProcedureClientInterceptorOptions<T, Record<never, never>, Meta>
-    ]>;
-    /**
-     * The error thrown when the CSRF token is invalid.
-     *
-     * @default new ORPCError('CSRF_TOKEN_MISMATCH', {
-     *   status: 403,
-     *   message: 'Invalid CSRF token',
-     * })
-     */
-    error?: InstanceType<typeof ORPCError>;
-}
-/**
- * This plugin adds basic Cross-Site Request Forgery (CSRF) protection to your oRPC application.
- * It helps ensure that requests to your procedures originate from JavaScript code,
- * not from other sources like standard HTML forms or direct browser navigation.
- *
- * @see {@link https://orpc.unnoq.com/docs/plugins/simple-csrf-protection Simple CSRF Protection Plugin Docs}
- */
-declare class SimpleCsrfProtectionHandlerPlugin<T extends Context> implements StandardHandlerPlugin<T> {
-    private readonly headerName;
-    private readonly headerValue;
-    private readonly exclude;
-    private readonly error;
-    constructor(options?: SimpleCsrfProtectionHandlerPluginOptions<T>);
-    order: number;
-    init(options: StandardHandlerOptions<T>): void;
-}
-
-export { CORSPlugin, SimpleCsrfProtectionHandlerPlugin };
-export type { CORSOptions, SimpleCsrfProtectionHandlerPluginOptions };