@tknf/matchbox 0.2.5 → 0.3.0

package/dist/index.d.ts

@@ -1,4 +1,7 @@
 export { CgiContext, ConfigObject, MatchboxOptions, ModuleInfo, Page, SessionCookieOptions } from './cgi.js';
+export { HtaccessConfig } from './htaccess/types.js';
+export { parseHtaccess } from './htaccess/parser.js';
+export { corsHeaders, securityHeaders } from './htaccess/headers.js';
 export { createCgi } from './with-defaults.js';
 import 'hono/types';
 import 'hono';

package/dist/index.js

@@ -1,4 +1,8 @@
+import { corsHeaders, parseHtaccess, securityHeaders } from "./htaccess/index.js";
 import { createCgi } from "./with-defaults.js";
 export {
-  createCgi
+  corsHeaders,
+  createCgi,
+  parseHtaccess,
+  securityHeaders
 };

package/dist/middleware/auth.d.ts

@@ -0,0 +1,8 @@
+import { Hono } from 'hono';
+
+/**
+ * Apply Basic Auth middleware to Hono app for each directory
+ */
+declare function applyBasicAuth(app: Hono, authMap: Record<string, string>): void;
+
+export { applyBasicAuth };

package/dist/middleware/auth.js

@@ -0,0 +1,28 @@
+import { basicAuth } from "hono/basic-auth";
+function createBasicAuthMiddleware(htpasswdContent, realm = "Restricted Area") {
+  const credentials = htpasswdContent.split("\n").map((line) => line.trim()).filter((line) => line && !line.startsWith("#")).map((line) => {
+    const [username, password] = line.split(":");
+    return { username, password };
+  });
+  if (credentials.length === 0) {
+    return async (_c, next) => {
+      await next();
+    };
+  }
+  return async (c, next) => {
+    const handler = basicAuth({
+      verifyUser: (u, p) => credentials.some((cred) => cred.username === u && cred.password === p),
+      realm
+    });
+    return handler(c, next);
+  };
+}
+function applyBasicAuth(app, authMap) {
+  Object.entries(authMap).forEach(([dir, content]) => {
+    const authPath = dir === "/" ? "*" : `${dir.replace(/\/$/, "")}/*`;
+    app.use(authPath, createBasicAuthMiddleware(content));
+  });
+}
+export {
+  applyBasicAuth
+};

package/dist/middleware/htaccess.d.ts

@@ -0,0 +1,13 @@
+import { Hono } from 'hono';
+import { HtaccessConfig } from '../htaccess/types.js';
+
+/**
+ * Apply htaccess middleware to Hono app in the correct order
+ */
+declare function applyHtaccessMiddleware(app: Hono, htaccessConfig: HtaccessConfig): void;
+/**
+ * Apply error document middleware (must be applied last)
+ */
+declare function applyErrorDocumentMiddleware(app: Hono, htaccessConfig: HtaccessConfig): void;
+
+export { applyErrorDocumentMiddleware, applyHtaccessMiddleware };

package/dist/middleware/htaccess.js

@@ -0,0 +1,42 @@
+import { createRewriteMiddleware } from "../htaccess/rewrite.js";
+import { createHeaderMiddleware } from "../htaccess/headers.js";
+import { createErrorDocumentMiddleware } from "../htaccess/error-document.js";
+import { createAccessControlMiddleware } from "../htaccess/access-control.js";
+function applyHtaccessMiddleware(app, htaccessConfig) {
+  Object.entries(htaccessConfig).forEach(([dir, config]) => {
+    if (config.headers.length === 0) return;
+    const basePath = dir === "/" ? "" : dir.replace(/\/$/, "");
+    app.use(`${basePath}/*`, createHeaderMiddleware(config.headers));
+  });
+  Object.entries(htaccessConfig).forEach(([dir, config]) => {
+    const allRules = [
+      ...config.rewriteRules,
+      ...config.redirects.map((r) => ({
+        type: "rewrite",
+        pattern: `^${r.source}$`,
+        target: r.target,
+        flags: { redirect: r.code },
+        conditions: []
+      }))
+    ];
+    if (allRules.length === 0) return;
+    const basePath = dir === "/" ? "" : dir.replace(/\/$/, "");
+    app.use(`${basePath}/*`, createRewriteMiddleware(allRules, basePath));
+  });
+  Object.entries(htaccessConfig).forEach(([dir, config]) => {
+    if (!config.accessControl) return;
+    const basePath = dir === "/" ? "" : dir.replace(/\/$/, "");
+    app.use(`${basePath}/*`, createAccessControlMiddleware(config.accessControl));
+  });
+}
+function applyErrorDocumentMiddleware(app, htaccessConfig) {
+  Object.entries(htaccessConfig).forEach(([dir, config]) => {
+    if (config.errorDocuments.length === 0) return;
+    const basePath = dir === "/" ? "" : dir.replace(/\/$/, "");
+    app.use(`${basePath}/*`, createErrorDocumentMiddleware(config.errorDocuments, basePath));
+  });
+}
+export {
+  applyErrorDocumentMiddleware,
+  applyHtaccessMiddleware
+};

package/dist/middleware/index.d.ts

@@ -0,0 +1,10 @@
+export { applyBasicAuth } from './auth.js';
+export { applyErrorDocumentMiddleware, applyHtaccessMiddleware } from './htaccess.js';
+export { getSessionFromCookie, saveSessionToCookie } from './session.js';
+export { applyProtectedFilesMiddleware } from './protected-files.js';
+export { applyTrailingSlashMiddleware } from './trailing-slash.js';
+import 'hono';
+import '../htaccess/types.js';
+import '../cgi.js';
+import 'hono/types';
+import 'hono/utils/html';

package/dist/middleware/index.js

@@ -0,0 +1,14 @@
+import { applyBasicAuth } from "./auth.js";
+import { applyHtaccessMiddleware, applyErrorDocumentMiddleware } from "./htaccess.js";
+import { getSessionFromCookie, saveSessionToCookie } from "./session.js";
+import { applyProtectedFilesMiddleware } from "./protected-files.js";
+import { applyTrailingSlashMiddleware } from "./trailing-slash.js";
+export {
+  applyBasicAuth,
+  applyErrorDocumentMiddleware,
+  applyHtaccessMiddleware,
+  applyProtectedFilesMiddleware,
+  applyTrailingSlashMiddleware,
+  getSessionFromCookie,
+  saveSessionToCookie
+};

package/dist/middleware/protected-files.d.ts

@@ -0,0 +1,8 @@
+import { Hono } from 'hono';
+
+/**
+ * Apply protected files middleware to prevent access to sensitive configuration files
+ */
+declare function applyProtectedFilesMiddleware(app: Hono): void;
+
+export { applyProtectedFilesMiddleware };

package/dist/middleware/protected-files.js

@@ -0,0 +1,14 @@
+const PROTECTED_FILES = [".htaccess", ".htpasswd", ".htdigest", ".htgroup"];
+function applyProtectedFilesMiddleware(app) {
+  app.use("*", async (c, next) => {
+    const path = c.req.path;
+    const lastSegment = path.slice(path.lastIndexOf("/") + 1);
+    if (PROTECTED_FILES.some((file) => lastSegment === file)) {
+      return c.text("Forbidden", 403);
+    }
+    await next();
+  });
+}
+export {
+  applyProtectedFilesMiddleware
+};

package/dist/middleware/session.d.ts

@@ -0,0 +1,16 @@
+import { Context } from 'hono';
+import { SessionCookieOptions } from '../cgi.js';
+import 'hono/types';
+import 'hono/utils/html';
+import '../htaccess/types.js';
+
+/**
+ * Get session data from cookie
+ */
+declare function getSessionFromCookie(c: Context, sessionCookieName?: string): Record<string, unknown>;
+/**
+ * Save session data to cookie
+ */
+declare function saveSessionToCookie(c: Context, session: Record<string, unknown>, options?: SessionCookieOptions): void;
+
+export { getSessionFromCookie, saveSessionToCookie };

package/dist/middleware/session.js

@@ -0,0 +1,37 @@
+import { getCookie, setCookie } from "hono/cookie";
+const DEFAULT_SESSION_COOKIE_NAME = "_SESSION_ID";
+function getSessionFromCookie(c, sessionCookieName) {
+  const cookieName = sessionCookieName || DEFAULT_SESSION_COOKIE_NAME;
+  const sessionCookie = getCookie(c, cookieName);
+  if (sessionCookie) {
+    try {
+      return JSON.parse(decodeURIComponent(sessionCookie));
+    } catch {
+      return {};
+    }
+  }
+  return {};
+}
+function saveSessionToCookie(c, session, options) {
+  const cookieName = options?.name || DEFAULT_SESSION_COOKIE_NAME;
+  const sessionValue = encodeURIComponent(JSON.stringify(session));
+  const sessionOptions = {
+    path: options?.path || "/",
+    httpOnly: true,
+    sameSite: options?.sameSite || "Lax"
+  };
+  if (options?.secure !== void 0) {
+    sessionOptions.secure = options.secure;
+  }
+  if (options?.domain) {
+    sessionOptions.domain = options.domain;
+  }
+  if (options?.maxAge !== void 0) {
+    sessionOptions.maxAge = options.maxAge;
+  }
+  setCookie(c, cookieName, sessionValue, sessionOptions);
+}
+export {
+  getSessionFromCookie,
+  saveSessionToCookie
+};

package/dist/middleware/trailing-slash.d.ts

@@ -0,0 +1,8 @@
+import { Hono } from 'hono';
+
+/**
+ * Apply trailing slash middleware to enforce trailing slash on URLs
+ */
+declare function applyTrailingSlashMiddleware(app: Hono): void;
+
+export { applyTrailingSlashMiddleware };

package/dist/middleware/trailing-slash.js

@@ -0,0 +1,12 @@
+function applyTrailingSlashMiddleware(app) {
+  app.use("*", async (c, next) => {
+    const path = c.req.path;
+    if (!path.endsWith("/") && !path.includes(".")) {
+      return c.redirect(`${path}/`, 301);
+    }
+    await next();
+  });
+}
+export {
+  applyTrailingSlashMiddleware
+};

package/dist/plugin.js

@@ -12,7 +12,7 @@ const MatchboxPlugin = (options = {}) => {
           exclude: ["matchbox"]
         },
         ssr: {
-          noExternal: ["matchbox"]
+          noExternal: true
         },
         // .htpasswd, .htaccess, .htdigest, .htgroup files in /public should be treated as raw assets
         assetsInclude: [

package/dist/with-defaults.d.ts

@@ -1,7 +1,8 @@
-import { MatchboxOptions } from './cgi.js';
 import * as hono from 'hono';
 import * as hono_types from 'hono/types';
+import { MatchboxOptions } from './cgi.js';
 import 'hono/utils/html';
+import './htaccess/types.js';
 
 declare const createCgi: (options?: MatchboxOptions) => hono.Hono<hono_types.BlankEnv, hono_types.BlankSchema, "/">;
 

package/dist/with-defaults.js

@@ -1,4 +1,5 @@
 import { createCgiWithPages } from "./cgi.js";
+import { parseHtaccess } from "./htaccess/parser.js";
 const loadPagesFromPublic = () => {
   const modules = import.meta.glob("/public/**/*.cgi.{tsx,jsx}", {
     eager: true
@@ -38,40 +39,28 @@ const loadPagesFromPublic = () => {
     },
     {}
   );
-  const rewriteMap = Object.keys(htaccessFiles).reduce((acc, key) => {
+  const htaccessConfig = Object.keys(htaccessFiles).reduce((acc, key) => {
     const dir = key.replace(basePathRegex, "").replace(/\.htaccess$/, "") || "/";
-    const lines = htaccessFiles[key].split("\n");
-    const rules = lines.map((line) => {
-      const l = line.trim();
-      if (!l || l.startsWith("#")) return null;
-      const parts = l.split(/\s+/);
-      if (parts[0] === "RewriteRule") {
-        return {
-          type: "rewrite",
-          pattern: parts[1],
-          target: parts[2],
-          flags: parts[3] || ""
-        };
-      }
-      if (parts[0] === "Redirect") {
-        return {
-          type: "redirect",
-          code: parts[1],
-          source: parts[2],
-          target: parts[3]
-        };
-      }
-      return null;
-    }).filter(Boolean);
-    acc[dir] = rules;
+    const content = htaccessFiles[key];
+    try {
+      acc[dir] = parseHtaccess(content);
+    } catch (error) {
+      console.error(`Error parsing .htaccess in ${dir}:`, error.message);
+      acc[dir] = {
+        rewriteRules: [],
+        redirects: [],
+        errorDocuments: [],
+        headers: []
+      };
+    }
     return acc;
   }, {});
-  return { pages, authMap, rewriteMap };
+  return { pages, authMap, htaccessConfig };
 };
 const createCgi = (options) => {
   const resolvedConfig = typeof __MATCHBOX_CONFIG__ === "undefined" ? {} : __MATCHBOX_CONFIG__;
-  const { pages, authMap, rewriteMap } = loadPagesFromPublic();
-  return createCgiWithPages(pages, resolvedConfig, authMap, rewriteMap, options);
+  const { pages, authMap, htaccessConfig } = loadPagesFromPublic();
+  return createCgiWithPages(pages, resolvedConfig, authMap, htaccessConfig, options);
 };
 export {
   createCgi

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tknf/matchbox",
-  "version": "0.2.5",
+  "version": "0.3.0",
   "description": "A Simple Web Server Framework",
   "keywords": [
     "cgi",