@vlian/framework 1.1.1 → 1.2.16

package/dist/analytics.umd.js

@@ -0,0 +1,2406 @@
+/*!
+ * @vlian/framework v1.2.16
+ * Secra Framework - 一个现代化的低代码框架
+ * (c) 2026 Secra Framework Contributors
+ * Licensed under Apache-2.0
+ */
+(function (global, factory) {
+    typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports) :
+    typeof define === 'function' && define.amd ? define(['exports'], factory) :
+    (global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory(global.vlianFrameworkAnalytics = {}));
+})(this, (function (exports) { 'use strict';
+
+    /**
+     * 日志级别枚举
+     */ var LogLevel = /*#__PURE__*/ function(LogLevel) {
+        LogLevel[LogLevel["DEBUG"] = 0] = "DEBUG";
+        LogLevel[LogLevel["INFO"] = 1] = "INFO";
+        LogLevel[LogLevel["WARN"] = 2] = "WARN";
+        LogLevel[LogLevel["ERROR"] = 3] = "ERROR";
+        LogLevel[LogLevel["NONE"] = 4] = "NONE";
+        return LogLevel;
+    }({});
+
+    /*! @license DOMPurify 3.3.1 | (c) Cure53 and other contributors | Released under the Apache license 2.0 and Mozilla Public License 2.0 | github.com/cure53/DOMPurify/blob/3.3.1/LICENSE */
+
+    const {
+      entries,
+      setPrototypeOf,
+      isFrozen,
+      getPrototypeOf,
+      getOwnPropertyDescriptor
+    } = Object;
+    let {
+      freeze,
+      seal,
+      create
+    } = Object; // eslint-disable-line import/no-mutable-exports
+    let {
+      apply,
+      construct
+    } = typeof Reflect !== 'undefined' && Reflect;
+    if (!freeze) {
+      freeze = function freeze(x) {
+        return x;
+      };
+    }
+    if (!seal) {
+      seal = function seal(x) {
+        return x;
+      };
+    }
+    if (!apply) {
+      apply = function apply(func, thisArg) {
+        for (var _len = arguments.length, args = new Array(_len > 2 ? _len - 2 : 0), _key = 2; _key < _len; _key++) {
+          args[_key - 2] = arguments[_key];
+        }
+        return func.apply(thisArg, args);
+      };
+    }
+    if (!construct) {
+      construct = function construct(Func) {
+        for (var _len2 = arguments.length, args = new Array(_len2 > 1 ? _len2 - 1 : 0), _key2 = 1; _key2 < _len2; _key2++) {
+          args[_key2 - 1] = arguments[_key2];
+        }
+        return new Func(...args);
+      };
+    }
+    const arrayForEach = unapply(Array.prototype.forEach);
+    const arrayLastIndexOf = unapply(Array.prototype.lastIndexOf);
+    const arrayPop = unapply(Array.prototype.pop);
+    const arrayPush = unapply(Array.prototype.push);
+    const arraySplice = unapply(Array.prototype.splice);
+    const stringToLowerCase = unapply(String.prototype.toLowerCase);
+    const stringToString = unapply(String.prototype.toString);
+    const stringMatch = unapply(String.prototype.match);
+    const stringReplace = unapply(String.prototype.replace);
+    const stringIndexOf = unapply(String.prototype.indexOf);
+    const stringTrim = unapply(String.prototype.trim);
+    const objectHasOwnProperty = unapply(Object.prototype.hasOwnProperty);
+    const regExpTest = unapply(RegExp.prototype.test);
+    const typeErrorCreate = unconstruct(TypeError);
+    /**
+     * Creates a new function that calls the given function with a specified thisArg and arguments.
+     *
+     * @param func - The function to be wrapped and called.
+     * @returns A new function that calls the given function with a specified thisArg and arguments.
+     */
+    function unapply(func) {
+      return function (thisArg) {
+        if (thisArg instanceof RegExp) {
+          thisArg.lastIndex = 0;
+        }
+        for (var _len3 = arguments.length, args = new Array(_len3 > 1 ? _len3 - 1 : 0), _key3 = 1; _key3 < _len3; _key3++) {
+          args[_key3 - 1] = arguments[_key3];
+        }
+        return apply(func, thisArg, args);
+      };
+    }
+    /**
+     * Creates a new function that constructs an instance of the given constructor function with the provided arguments.
+     *
+     * @param func - The constructor function to be wrapped and called.
+     * @returns A new function that constructs an instance of the given constructor function with the provided arguments.
+     */
+    function unconstruct(Func) {
+      return function () {
+        for (var _len4 = arguments.length, args = new Array(_len4), _key4 = 0; _key4 < _len4; _key4++) {
+          args[_key4] = arguments[_key4];
+        }
+        return construct(Func, args);
+      };
+    }
+    /**
+     * Add properties to a lookup table
+     *
+     * @param set - The set to which elements will be added.
+     * @param array - The array containing elements to be added to the set.
+     * @param transformCaseFunc - An optional function to transform the case of each element before adding to the set.
+     * @returns The modified set with added elements.
+     */
+    function addToSet(set, array) {
+      let transformCaseFunc = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : stringToLowerCase;
+      if (setPrototypeOf) {
+        // Make 'in' and truthy checks like Boolean(set.constructor)
+        // independent of any properties defined on Object.prototype.
+        // Prevent prototype setters from intercepting set as a this value.
+        setPrototypeOf(set, null);
+      }
+      let l = array.length;
+      while (l--) {
+        let element = array[l];
+        if (typeof element === 'string') {
+          const lcElement = transformCaseFunc(element);
+          if (lcElement !== element) {
+            // Config presets (e.g. tags.js, attrs.js) are immutable.
+            if (!isFrozen(array)) {
+              array[l] = lcElement;
+            }
+            element = lcElement;
+          }
+        }
+        set[element] = true;
+      }
+      return set;
+    }
+    /**
+     * Clean up an array to harden against CSPP
+     *
+     * @param array - The array to be cleaned.
+     * @returns The cleaned version of the array
+     */
+    function cleanArray(array) {
+      for (let index = 0; index < array.length; index++) {
+        const isPropertyExist = objectHasOwnProperty(array, index);
+        if (!isPropertyExist) {
+          array[index] = null;
+        }
+      }
+      return array;
+    }
+    /**
+     * Shallow clone an object
+     *
+     * @param object - The object to be cloned.
+     * @returns A new object that copies the original.
+     */
+    function clone(object) {
+      const newObject = create(null);
+      for (const [property, value] of entries(object)) {
+        const isPropertyExist = objectHasOwnProperty(object, property);
+        if (isPropertyExist) {
+          if (Array.isArray(value)) {
+            newObject[property] = cleanArray(value);
+          } else if (value && typeof value === 'object' && value.constructor === Object) {
+            newObject[property] = clone(value);
+          } else {
+            newObject[property] = value;
+          }
+        }
+      }
+      return newObject;
+    }
+    /**
+     * This method automatically checks if the prop is function or getter and behaves accordingly.
+     *
+     * @param object - The object to look up the getter function in its prototype chain.
+     * @param prop - The property name for which to find the getter function.
+     * @returns The getter function found in the prototype chain or a fallback function.
+     */
+    function lookupGetter(object, prop) {
+      while (object !== null) {
+        const desc = getOwnPropertyDescriptor(object, prop);
+        if (desc) {
+          if (desc.get) {
+            return unapply(desc.get);
+          }
+          if (typeof desc.value === 'function') {
+            return unapply(desc.value);
+          }
+        }
+        object = getPrototypeOf(object);
+      }
+      function fallbackValue() {
+        return null;
+      }
+      return fallbackValue;
+    }
+
+    const html$1 = freeze(['a', 'abbr', 'acronym', 'address', 'area', 'article', 'aside', 'audio', 'b', 'bdi', 'bdo', 'big', 'blink', 'blockquote', 'body', 'br', 'button', 'canvas', 'caption', 'center', 'cite', 'code', 'col', 'colgroup', 'content', 'data', 'datalist', 'dd', 'decorator', 'del', 'details', 'dfn', 'dialog', 'dir', 'div', 'dl', 'dt', 'element', 'em', 'fieldset', 'figcaption', 'figure', 'font', 'footer', 'form', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'head', 'header', 'hgroup', 'hr', 'html', 'i', 'img', 'input', 'ins', 'kbd', 'label', 'legend', 'li', 'main', 'map', 'mark', 'marquee', 'menu', 'menuitem', 'meter', 'nav', 'nobr', 'ol', 'optgroup', 'option', 'output', 'p', 'picture', 'pre', 'progress', 'q', 'rp', 'rt', 'ruby', 's', 'samp', 'search', 'section', 'select', 'shadow', 'slot', 'small', 'source', 'spacer', 'span', 'strike', 'strong', 'style', 'sub', 'summary', 'sup', 'table', 'tbody', 'td', 'template', 'textarea', 'tfoot', 'th', 'thead', 'time', 'tr', 'track', 'tt', 'u', 'ul', 'var', 'video', 'wbr']);
+    const svg$1 = freeze(['svg', 'a', 'altglyph', 'altglyphdef', 'altglyphitem', 'animatecolor', 'animatemotion', 'animatetransform', 'circle', 'clippath', 'defs', 'desc', 'ellipse', 'enterkeyhint', 'exportparts', 'filter', 'font', 'g', 'glyph', 'glyphref', 'hkern', 'image', 'inputmode', 'line', 'lineargradient', 'marker', 'mask', 'metadata', 'mpath', 'part', 'path', 'pattern', 'polygon', 'polyline', 'radialgradient', 'rect', 'stop', 'style', 'switch', 'symbol', 'text', 'textpath', 'title', 'tref', 'tspan', 'view', 'vkern']);
+    const svgFilters = freeze(['feBlend', 'feColorMatrix', 'feComponentTransfer', 'feComposite', 'feConvolveMatrix', 'feDiffuseLighting', 'feDisplacementMap', 'feDistantLight', 'feDropShadow', 'feFlood', 'feFuncA', 'feFuncB', 'feFuncG', 'feFuncR', 'feGaussianBlur', 'feImage', 'feMerge', 'feMergeNode', 'feMorphology', 'feOffset', 'fePointLight', 'feSpecularLighting', 'feSpotLight', 'feTile', 'feTurbulence']);
+    // List of SVG elements that are disallowed by default.
+    // We still need to know them so that we can do namespace
+    // checks properly in case one wants to add them to
+    // allow-list.
+    const svgDisallowed = freeze(['animate', 'color-profile', 'cursor', 'discard', 'font-face', 'font-face-format', 'font-face-name', 'font-face-src', 'font-face-uri', 'foreignobject', 'hatch', 'hatchpath', 'mesh', 'meshgradient', 'meshpatch', 'meshrow', 'missing-glyph', 'script', 'set', 'solidcolor', 'unknown', 'use']);
+    const mathMl$1 = freeze(['math', 'menclose', 'merror', 'mfenced', 'mfrac', 'mglyph', 'mi', 'mlabeledtr', 'mmultiscripts', 'mn', 'mo', 'mover', 'mpadded', 'mphantom', 'mroot', 'mrow', 'ms', 'mspace', 'msqrt', 'mstyle', 'msub', 'msup', 'msubsup', 'mtable', 'mtd', 'mtext', 'mtr', 'munder', 'munderover', 'mprescripts']);
+    // Similarly to SVG, we want to know all MathML elements,
+    // even those that we disallow by default.
+    const mathMlDisallowed = freeze(['maction', 'maligngroup', 'malignmark', 'mlongdiv', 'mscarries', 'mscarry', 'msgroup', 'mstack', 'msline', 'msrow', 'semantics', 'annotation', 'annotation-xml', 'mprescripts', 'none']);
+    const text = freeze(['#text']);
+
+    const html = freeze(['accept', 'action', 'align', 'alt', 'autocapitalize', 'autocomplete', 'autopictureinpicture', 'autoplay', 'background', 'bgcolor', 'border', 'capture', 'cellpadding', 'cellspacing', 'checked', 'cite', 'class', 'clear', 'color', 'cols', 'colspan', 'controls', 'controlslist', 'coords', 'crossorigin', 'datetime', 'decoding', 'default', 'dir', 'disabled', 'disablepictureinpicture', 'disableremoteplayback', 'download', 'draggable', 'enctype', 'enterkeyhint', 'exportparts', 'face', 'for', 'headers', 'height', 'hidden', 'high', 'href', 'hreflang', 'id', 'inert', 'inputmode', 'integrity', 'ismap', 'kind', 'label', 'lang', 'list', 'loading', 'loop', 'low', 'max', 'maxlength', 'media', 'method', 'min', 'minlength', 'multiple', 'muted', 'name', 'nonce', 'noshade', 'novalidate', 'nowrap', 'open', 'optimum', 'part', 'pattern', 'placeholder', 'playsinline', 'popover', 'popovertarget', 'popovertargetaction', 'poster', 'preload', 'pubdate', 'radiogroup', 'readonly', 'rel', 'required', 'rev', 'reversed', 'role', 'rows', 'rowspan', 'spellcheck', 'scope', 'selected', 'shape', 'size', 'sizes', 'slot', 'span', 'srclang', 'start', 'src', 'srcset', 'step', 'style', 'summary', 'tabindex', 'title', 'translate', 'type', 'usemap', 'valign', 'value', 'width', 'wrap', 'xmlns', 'slot']);
+    const svg = freeze(['accent-height', 'accumulate', 'additive', 'alignment-baseline', 'amplitude', 'ascent', 'attributename', 'attributetype', 'azimuth', 'basefrequency', 'baseline-shift', 'begin', 'bias', 'by', 'class', 'clip', 'clippathunits', 'clip-path', 'clip-rule', 'color', 'color-interpolation', 'color-interpolation-filters', 'color-profile', 'color-rendering', 'cx', 'cy', 'd', 'dx', 'dy', 'diffuseconstant', 'direction', 'display', 'divisor', 'dur', 'edgemode', 'elevation', 'end', 'exponent', 'fill', 'fill-opacity', 'fill-rule', 'filter', 'filterunits', 'flood-color', 'flood-opacity', 'font-family', 'font-size', 'font-size-adjust', 'font-stretch', 'font-style', 'font-variant', 'font-weight', 'fx', 'fy', 'g1', 'g2', 'glyph-name', 'glyphref', 'gradientunits', 'gradienttransform', 'height', 'href', 'id', 'image-rendering', 'in', 'in2', 'intercept', 'k', 'k1', 'k2', 'k3', 'k4', 'kerning', 'keypoints', 'keysplines', 'keytimes', 'lang', 'lengthadjust', 'letter-spacing', 'kernelmatrix', 'kernelunitlength', 'lighting-color', 'local', 'marker-end', 'marker-mid', 'marker-start', 'markerheight', 'markerunits', 'markerwidth', 'maskcontentunits', 'maskunits', 'max', 'mask', 'mask-type', 'media', 'method', 'mode', 'min', 'name', 'numoctaves', 'offset', 'operator', 'opacity', 'order', 'orient', 'orientation', 'origin', 'overflow', 'paint-order', 'path', 'pathlength', 'patterncontentunits', 'patterntransform', 'patternunits', 'points', 'preservealpha', 'preserveaspectratio', 'primitiveunits', 'r', 'rx', 'ry', 'radius', 'refx', 'refy', 'repeatcount', 'repeatdur', 'restart', 'result', 'rotate', 'scale', 'seed', 'shape-rendering', 'slope', 'specularconstant', 'specularexponent', 'spreadmethod', 'startoffset', 'stddeviation', 'stitchtiles', 'stop-color', 'stop-opacity', 'stroke-dasharray', 'stroke-dashoffset', 'stroke-linecap', 'stroke-linejoin', 'stroke-miterlimit', 'stroke-opacity', 'stroke', 'stroke-width', 'style', 'surfacescale', 'systemlanguage', 'tabindex', 'tablevalues', 'targetx', 'targety', 'transform', 'transform-origin', 'text-anchor', 'text-decoration', 'text-rendering', 'textlength', 'type', 'u1', 'u2', 'unicode', 'values', 'viewbox', 'visibility', 'version', 'vert-adv-y', 'vert-origin-x', 'vert-origin-y', 'width', 'word-spacing', 'wrap', 'writing-mode', 'xchannelselector', 'ychannelselector', 'x', 'x1', 'x2', 'xmlns', 'y', 'y1', 'y2', 'z', 'zoomandpan']);
+    const mathMl = freeze(['accent', 'accentunder', 'align', 'bevelled', 'close', 'columnsalign', 'columnlines', 'columnspan', 'denomalign', 'depth', 'dir', 'display', 'displaystyle', 'encoding', 'fence', 'frame', 'height', 'href', 'id', 'largeop', 'length', 'linethickness', 'lspace', 'lquote', 'mathbackground', 'mathcolor', 'mathsize', 'mathvariant', 'maxsize', 'minsize', 'movablelimits', 'notation', 'numalign', 'open', 'rowalign', 'rowlines', 'rowspacing', 'rowspan', 'rspace', 'rquote', 'scriptlevel', 'scriptminsize', 'scriptsizemultiplier', 'selection', 'separator', 'separators', 'stretchy', 'subscriptshift', 'supscriptshift', 'symmetric', 'voffset', 'width', 'xmlns']);
+    const xml = freeze(['xlink:href', 'xml:id', 'xlink:title', 'xml:space', 'xmlns:xlink']);
+
+    // eslint-disable-next-line unicorn/better-regex
+    const MUSTACHE_EXPR = seal(/\{\{[\w\W]*|[\w\W]*\}\}/gm); // Specify template detection regex for SAFE_FOR_TEMPLATES mode
+    const ERB_EXPR = seal(/<%[\w\W]*|[\w\W]*%>/gm);
+    const TMPLIT_EXPR = seal(/\$\{[\w\W]*/gm); // eslint-disable-line unicorn/better-regex
+    const DATA_ATTR = seal(/^data-[\-\w.\u00B7-\uFFFF]+$/); // eslint-disable-line no-useless-escape
+    const ARIA_ATTR = seal(/^aria-[\-\w]+$/); // eslint-disable-line no-useless-escape
+    const IS_ALLOWED_URI = seal(/^(?:(?:(?:f|ht)tps?|mailto|tel|callto|sms|cid|xmpp|matrix):|[^a-z]|[a-z+.\-]+(?:[^a-z+.\-:]|$))/i // eslint-disable-line no-useless-escape
+    );
+    const IS_SCRIPT_OR_DATA = seal(/^(?:\w+script|data):/i);
+    const ATTR_WHITESPACE = seal(/[\u0000-\u0020\u00A0\u1680\u180E\u2000-\u2029\u205F\u3000]/g // eslint-disable-line no-control-regex
+    );
+    const DOCTYPE_NAME = seal(/^html$/i);
+    const CUSTOM_ELEMENT = seal(/^[a-z][.\w]*(-[.\w]+)+$/i);
+
+    var EXPRESSIONS = /*#__PURE__*/Object.freeze({
+      __proto__: null,
+      ARIA_ATTR: ARIA_ATTR,
+      ATTR_WHITESPACE: ATTR_WHITESPACE,
+      CUSTOM_ELEMENT: CUSTOM_ELEMENT,
+      DATA_ATTR: DATA_ATTR,
+      DOCTYPE_NAME: DOCTYPE_NAME,
+      ERB_EXPR: ERB_EXPR,
+      IS_ALLOWED_URI: IS_ALLOWED_URI,
+      IS_SCRIPT_OR_DATA: IS_SCRIPT_OR_DATA,
+      MUSTACHE_EXPR: MUSTACHE_EXPR,
+      TMPLIT_EXPR: TMPLIT_EXPR
+    });
+
+    /* eslint-disable @typescript-eslint/indent */
+    // https://developer.mozilla.org/en-US/docs/Web/API/Node/nodeType
+    const NODE_TYPE = {
+      element: 1,
+      text: 3,
+      // Deprecated
+      progressingInstruction: 7,
+      comment: 8,
+      document: 9};
+    const getGlobal = function getGlobal() {
+      return typeof window === 'undefined' ? null : window;
+    };
+    /**
+     * Creates a no-op policy for internal use only.
+     * Don't export this function outside this module!
+     * @param trustedTypes The policy factory.
+     * @param purifyHostElement The Script element used to load DOMPurify (to determine policy name suffix).
+     * @return The policy created (or null, if Trusted Types
+     * are not supported or creating the policy failed).
+     */
+    const _createTrustedTypesPolicy = function _createTrustedTypesPolicy(trustedTypes, purifyHostElement) {
+      if (typeof trustedTypes !== 'object' || typeof trustedTypes.createPolicy !== 'function') {
+        return null;
+      }
+      // Allow the callers to control the unique policy name
+      // by adding a data-tt-policy-suffix to the script element with the DOMPurify.
+      // Policy creation with duplicate names throws in Trusted Types.
+      let suffix = null;
+      const ATTR_NAME = 'data-tt-policy-suffix';
+      if (purifyHostElement && purifyHostElement.hasAttribute(ATTR_NAME)) {
+        suffix = purifyHostElement.getAttribute(ATTR_NAME);
+      }
+      const policyName = 'dompurify' + (suffix ? '#' + suffix : '');
+      try {
+        return trustedTypes.createPolicy(policyName, {
+          createHTML(html) {
+            return html;
+          },
+          createScriptURL(scriptUrl) {
+            return scriptUrl;
+          }
+        });
+      } catch (_) {
+        // Policy creation failed (most likely another DOMPurify script has
+        // already run). Skip creating the policy, as this will only cause errors
+        // if TT are enforced.
+        console.warn('TrustedTypes policy ' + policyName + ' could not be created.');
+        return null;
+      }
+    };
+    const _createHooksMap = function _createHooksMap() {
+      return {
+        afterSanitizeAttributes: [],
+        afterSanitizeElements: [],
+        afterSanitizeShadowDOM: [],
+        beforeSanitizeAttributes: [],
+        beforeSanitizeElements: [],
+        beforeSanitizeShadowDOM: [],
+        uponSanitizeAttribute: [],
+        uponSanitizeElement: [],
+        uponSanitizeShadowNode: []
+      };
+    };
+    function createDOMPurify() {
+      let window = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : getGlobal();
+      const DOMPurify = root => createDOMPurify(root);
+      DOMPurify.version = '3.3.1';
+      DOMPurify.removed = [];
+      if (!window || !window.document || window.document.nodeType !== NODE_TYPE.document || !window.Element) {
+        // Not running in a browser, provide a factory function
+        // so that you can pass your own Window
+        DOMPurify.isSupported = false;
+        return DOMPurify;
+      }
+      let {
+        document
+      } = window;
+      const originalDocument = document;
+      const currentScript = originalDocument.currentScript;
+      const {
+        DocumentFragment,
+        HTMLTemplateElement,
+        Node,
+        Element,
+        NodeFilter,
+        NamedNodeMap = window.NamedNodeMap || window.MozNamedAttrMap,
+        HTMLFormElement,
+        DOMParser,
+        trustedTypes
+      } = window;
+      const ElementPrototype = Element.prototype;
+      const cloneNode = lookupGetter(ElementPrototype, 'cloneNode');
+      const remove = lookupGetter(ElementPrototype, 'remove');
+      const getNextSibling = lookupGetter(ElementPrototype, 'nextSibling');
+      const getChildNodes = lookupGetter(ElementPrototype, 'childNodes');
+      const getParentNode = lookupGetter(ElementPrototype, 'parentNode');
+      // As per issue #47, the web-components registry is inherited by a
+      // new document created via createHTMLDocument. As per the spec
+      // (http://w3c.github.io/webcomponents/spec/custom/#creating-and-passing-registries)
+      // a new empty registry is used when creating a template contents owner
+      // document, so we use that as our parent document to ensure nothing
+      // is inherited.
+      if (typeof HTMLTemplateElement === 'function') {
+        const template = document.createElement('template');
+        if (template.content && template.content.ownerDocument) {
+          document = template.content.ownerDocument;
+        }
+      }
+      let trustedTypesPolicy;
+      let emptyHTML = '';
+      const {
+        implementation,
+        createNodeIterator,
+        createDocumentFragment,
+        getElementsByTagName
+      } = document;
+      const {
+        importNode
+      } = originalDocument;
+      let hooks = _createHooksMap();
+      /**
+       * Expose whether this browser supports running the full DOMPurify.
+       */
+      DOMPurify.isSupported = typeof entries === 'function' && typeof getParentNode === 'function' && implementation && implementation.createHTMLDocument !== undefined;
+      const {
+        MUSTACHE_EXPR,
+        ERB_EXPR,
+        TMPLIT_EXPR,
+        DATA_ATTR,
+        ARIA_ATTR,
+        IS_SCRIPT_OR_DATA,
+        ATTR_WHITESPACE,
+        CUSTOM_ELEMENT
+      } = EXPRESSIONS;
+      let {
+        IS_ALLOWED_URI: IS_ALLOWED_URI$1
+      } = EXPRESSIONS;
+      /**
+       * We consider the elements and attributes below to be safe. Ideally
+       * don't add any new ones but feel free to remove unwanted ones.
+       */
+      /* allowed element names */
+      let ALLOWED_TAGS = null;
+      const DEFAULT_ALLOWED_TAGS = addToSet({}, [...html$1, ...svg$1, ...svgFilters, ...mathMl$1, ...text]);
+      /* Allowed attribute names */
+      let ALLOWED_ATTR = null;
+      const DEFAULT_ALLOWED_ATTR = addToSet({}, [...html, ...svg, ...mathMl, ...xml]);
+      /*
+       * Configure how DOMPurify should handle custom elements and their attributes as well as customized built-in elements.
+       * @property {RegExp|Function|null} tagNameCheck one of [null, regexPattern, predicate]. Default: `null` (disallow any custom elements)
+       * @property {RegExp|Function|null} attributeNameCheck one of [null, regexPattern, predicate]. Default: `null` (disallow any attributes not on the allow list)
+       * @property {boolean} allowCustomizedBuiltInElements allow custom elements derived from built-ins if they pass CUSTOM_ELEMENT_HANDLING.tagNameCheck. Default: `false`.
+       */
+      let CUSTOM_ELEMENT_HANDLING = Object.seal(create(null, {
+        tagNameCheck: {
+          writable: true,
+          configurable: false,
+          enumerable: true,
+          value: null
+        },
+        attributeNameCheck: {
+          writable: true,
+          configurable: false,
+          enumerable: true,
+          value: null
+        },
+        allowCustomizedBuiltInElements: {
+          writable: true,
+          configurable: false,
+          enumerable: true,
+          value: false
+        }
+      }));
+      /* Explicitly forbidden tags (overrides ALLOWED_TAGS/ADD_TAGS) */
+      let FORBID_TAGS = null;
+      /* Explicitly forbidden attributes (overrides ALLOWED_ATTR/ADD_ATTR) */
+      let FORBID_ATTR = null;
+      /* Config object to store ADD_TAGS/ADD_ATTR functions (when used as functions) */
+      const EXTRA_ELEMENT_HANDLING = Object.seal(create(null, {
+        tagCheck: {
+          writable: true,
+          configurable: false,
+          enumerable: true,
+          value: null
+        },
+        attributeCheck: {
+          writable: true,
+          configurable: false,
+          enumerable: true,
+          value: null
+        }
+      }));
+      /* Decide if ARIA attributes are okay */
+      let ALLOW_ARIA_ATTR = true;
+      /* Decide if custom data attributes are okay */
+      let ALLOW_DATA_ATTR = true;
+      /* Decide if unknown protocols are okay */
+      let ALLOW_UNKNOWN_PROTOCOLS = false;
+      /* Decide if self-closing tags in attributes are allowed.
+       * Usually removed due to a mXSS issue in jQuery 3.0 */
+      let ALLOW_SELF_CLOSE_IN_ATTR = true;
+      /* Output should be safe for common template engines.
+       * This means, DOMPurify removes data attributes, mustaches and ERB
+       */
+      let SAFE_FOR_TEMPLATES = false;
+      /* Output should be safe even for XML used within HTML and alike.
+       * This means, DOMPurify removes comments when containing risky content.
+       */
+      let SAFE_FOR_XML = true;
+      /* Decide if document with <html>... should be returned */
+      let WHOLE_DOCUMENT = false;
+      /* Track whether config is already set on this instance of DOMPurify. */
+      let SET_CONFIG = false;
+      /* Decide if all elements (e.g. style, script) must be children of
+       * document.body. By default, browsers might move them to document.head */
+      let FORCE_BODY = false;
+      /* Decide if a DOM `HTMLBodyElement` should be returned, instead of a html
+       * string (or a TrustedHTML object if Trusted Types are supported).
+       * If `WHOLE_DOCUMENT` is enabled a `HTMLHtmlElement` will be returned instead
+       */
+      let RETURN_DOM = false;
+      /* Decide if a DOM `DocumentFragment` should be returned, instead of a html
+       * string  (or a TrustedHTML object if Trusted Types are supported) */
+      let RETURN_DOM_FRAGMENT = false;
+      /* Try to return a Trusted Type object instead of a string, return a string in
+       * case Trusted Types are not supported  */
+      let RETURN_TRUSTED_TYPE = false;
+      /* Output should be free from DOM clobbering attacks?
+       * This sanitizes markups named with colliding, clobberable built-in DOM APIs.
+       */
+      let SANITIZE_DOM = true;
+      /* Achieve full DOM Clobbering protection by isolating the namespace of named
+       * properties and JS variables, mitigating attacks that abuse the HTML/DOM spec rules.
+       *
+       * HTML/DOM spec rules that enable DOM Clobbering:
+       *   - Named Access on Window (§7.3.3)
+       *   - DOM Tree Accessors (§3.1.5)
+       *   - Form Element Parent-Child Relations (§4.10.3)
+       *   - Iframe srcdoc / Nested WindowProxies (§4.8.5)
+       *   - HTMLCollection (§4.2.10.2)
+       *
+       * Namespace isolation is implemented by prefixing `id` and `name` attributes
+       * with a constant string, i.e., `user-content-`
+       */
+      let SANITIZE_NAMED_PROPS = false;
+      const SANITIZE_NAMED_PROPS_PREFIX = 'user-content-';
+      /* Keep element content when removing element? */
+      let KEEP_CONTENT = true;
+      /* If a `Node` is passed to sanitize(), then performs sanitization in-place instead
+       * of importing it into a new Document and returning a sanitized copy */
+      let IN_PLACE = false;
+      /* Allow usage of profiles like html, svg and mathMl */
+      let USE_PROFILES = {};
+      /* Tags to ignore content of when KEEP_CONTENT is true */
+      let FORBID_CONTENTS = null;
+      const DEFAULT_FORBID_CONTENTS = addToSet({}, ['annotation-xml', 'audio', 'colgroup', 'desc', 'foreignobject', 'head', 'iframe', 'math', 'mi', 'mn', 'mo', 'ms', 'mtext', 'noembed', 'noframes', 'noscript', 'plaintext', 'script', 'style', 'svg', 'template', 'thead', 'title', 'video', 'xmp']);
+      /* Tags that are safe for data: URIs */
+      let DATA_URI_TAGS = null;
+      const DEFAULT_DATA_URI_TAGS = addToSet({}, ['audio', 'video', 'img', 'source', 'image', 'track']);
+      /* Attributes safe for values like "javascript:" */
+      let URI_SAFE_ATTRIBUTES = null;
+      const DEFAULT_URI_SAFE_ATTRIBUTES = addToSet({}, ['alt', 'class', 'for', 'id', 'label', 'name', 'pattern', 'placeholder', 'role', 'summary', 'title', 'value', 'style', 'xmlns']);
+      const MATHML_NAMESPACE = 'http://www.w3.org/1998/Math/MathML';
+      const SVG_NAMESPACE = 'http://www.w3.org/2000/svg';
+      const HTML_NAMESPACE = 'http://www.w3.org/1999/xhtml';
+      /* Document namespace */
+      let NAMESPACE = HTML_NAMESPACE;
+      let IS_EMPTY_INPUT = false;
+      /* Allowed XHTML+XML namespaces */
+      let ALLOWED_NAMESPACES = null;
+      const DEFAULT_ALLOWED_NAMESPACES = addToSet({}, [MATHML_NAMESPACE, SVG_NAMESPACE, HTML_NAMESPACE], stringToString);
+      let MATHML_TEXT_INTEGRATION_POINTS = addToSet({}, ['mi', 'mo', 'mn', 'ms', 'mtext']);
+      let HTML_INTEGRATION_POINTS = addToSet({}, ['annotation-xml']);
+      // Certain elements are allowed in both SVG and HTML
+      // namespace. We need to specify them explicitly
+      // so that they don't get erroneously deleted from
+      // HTML namespace.
+      const COMMON_SVG_AND_HTML_ELEMENTS = addToSet({}, ['title', 'style', 'font', 'a', 'script']);
+      /* Parsing of strict XHTML documents */
+      let PARSER_MEDIA_TYPE = null;
+      const SUPPORTED_PARSER_MEDIA_TYPES = ['application/xhtml+xml', 'text/html'];
+      const DEFAULT_PARSER_MEDIA_TYPE = 'text/html';
+      let transformCaseFunc = null;
+      /* Keep a reference to config to pass to hooks */
+      let CONFIG = null;
+      /* Ideally, do not touch anything below this line */
+      /* ______________________________________________ */
+      const formElement = document.createElement('form');
+      const isRegexOrFunction = function isRegexOrFunction(testValue) {
+        return testValue instanceof RegExp || testValue instanceof Function;
+      };
+      /**
+       * _parseConfig
+       *
+       * @param cfg optional config literal
+       */
+      // eslint-disable-next-line complexity
+      const _parseConfig = function _parseConfig() {
+        let cfg = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
+        if (CONFIG && CONFIG === cfg) {
+          return;
+        }
+        /* Shield configuration object from tampering */
+        if (!cfg || typeof cfg !== 'object') {
+          cfg = {};
+        }
+        /* Shield configuration object from prototype pollution */
+        cfg = clone(cfg);
+        PARSER_MEDIA_TYPE =
+        // eslint-disable-next-line unicorn/prefer-includes
+        SUPPORTED_PARSER_MEDIA_TYPES.indexOf(cfg.PARSER_MEDIA_TYPE) === -1 ? DEFAULT_PARSER_MEDIA_TYPE : cfg.PARSER_MEDIA_TYPE;
+        // HTML tags and attributes are not case-sensitive, converting to lowercase. Keeping XHTML as is.
+        transformCaseFunc = PARSER_MEDIA_TYPE === 'application/xhtml+xml' ? stringToString : stringToLowerCase;
+        /* Set configuration parameters */
+        ALLOWED_TAGS = objectHasOwnProperty(cfg, 'ALLOWED_TAGS') ? addToSet({}, cfg.ALLOWED_TAGS, transformCaseFunc) : DEFAULT_ALLOWED_TAGS;
+        ALLOWED_ATTR = objectHasOwnProperty(cfg, 'ALLOWED_ATTR') ? addToSet({}, cfg.ALLOWED_ATTR, transformCaseFunc) : DEFAULT_ALLOWED_ATTR;
+        ALLOWED_NAMESPACES = objectHasOwnProperty(cfg, 'ALLOWED_NAMESPACES') ? addToSet({}, cfg.ALLOWED_NAMESPACES, stringToString) : DEFAULT_ALLOWED_NAMESPACES;
+        URI_SAFE_ATTRIBUTES = objectHasOwnProperty(cfg, 'ADD_URI_SAFE_ATTR') ? addToSet(clone(DEFAULT_URI_SAFE_ATTRIBUTES), cfg.ADD_URI_SAFE_ATTR, transformCaseFunc) : DEFAULT_URI_SAFE_ATTRIBUTES;
+        DATA_URI_TAGS = objectHasOwnProperty(cfg, 'ADD_DATA_URI_TAGS') ? addToSet(clone(DEFAULT_DATA_URI_TAGS), cfg.ADD_DATA_URI_TAGS, transformCaseFunc) : DEFAULT_DATA_URI_TAGS;
+        FORBID_CONTENTS = objectHasOwnProperty(cfg, 'FORBID_CONTENTS') ? addToSet({}, cfg.FORBID_CONTENTS, transformCaseFunc) : DEFAULT_FORBID_CONTENTS;
+        FORBID_TAGS = objectHasOwnProperty(cfg, 'FORBID_TAGS') ? addToSet({}, cfg.FORBID_TAGS, transformCaseFunc) : clone({});
+        FORBID_ATTR = objectHasOwnProperty(cfg, 'FORBID_ATTR') ? addToSet({}, cfg.FORBID_ATTR, transformCaseFunc) : clone({});
+        USE_PROFILES = objectHasOwnProperty(cfg, 'USE_PROFILES') ? cfg.USE_PROFILES : false;
+        ALLOW_ARIA_ATTR = cfg.ALLOW_ARIA_ATTR !== false; // Default true
+        ALLOW_DATA_ATTR = cfg.ALLOW_DATA_ATTR !== false; // Default true
+        ALLOW_UNKNOWN_PROTOCOLS = cfg.ALLOW_UNKNOWN_PROTOCOLS || false; // Default false
+        ALLOW_SELF_CLOSE_IN_ATTR = cfg.ALLOW_SELF_CLOSE_IN_ATTR !== false; // Default true
+        SAFE_FOR_TEMPLATES = cfg.SAFE_FOR_TEMPLATES || false; // Default false
+        SAFE_FOR_XML = cfg.SAFE_FOR_XML !== false; // Default true
+        WHOLE_DOCUMENT = cfg.WHOLE_DOCUMENT || false; // Default false
+        RETURN_DOM = cfg.RETURN_DOM || false; // Default false
+        RETURN_DOM_FRAGMENT = cfg.RETURN_DOM_FRAGMENT || false; // Default false
+        RETURN_TRUSTED_TYPE = cfg.RETURN_TRUSTED_TYPE || false; // Default false
+        FORCE_BODY = cfg.FORCE_BODY || false; // Default false
+        SANITIZE_DOM = cfg.SANITIZE_DOM !== false; // Default true
+        SANITIZE_NAMED_PROPS = cfg.SANITIZE_NAMED_PROPS || false; // Default false
+        KEEP_CONTENT = cfg.KEEP_CONTENT !== false; // Default true
+        IN_PLACE = cfg.IN_PLACE || false; // Default false
+        IS_ALLOWED_URI$1 = cfg.ALLOWED_URI_REGEXP || IS_ALLOWED_URI;
+        NAMESPACE = cfg.NAMESPACE || HTML_NAMESPACE;
+        MATHML_TEXT_INTEGRATION_POINTS = cfg.MATHML_TEXT_INTEGRATION_POINTS || MATHML_TEXT_INTEGRATION_POINTS;
+        HTML_INTEGRATION_POINTS = cfg.HTML_INTEGRATION_POINTS || HTML_INTEGRATION_POINTS;
+        CUSTOM_ELEMENT_HANDLING = cfg.CUSTOM_ELEMENT_HANDLING || {};
+        if (cfg.CUSTOM_ELEMENT_HANDLING && isRegexOrFunction(cfg.CUSTOM_ELEMENT_HANDLING.tagNameCheck)) {
+          CUSTOM_ELEMENT_HANDLING.tagNameCheck = cfg.CUSTOM_ELEMENT_HANDLING.tagNameCheck;
+        }
+        if (cfg.CUSTOM_ELEMENT_HANDLING && isRegexOrFunction(cfg.CUSTOM_ELEMENT_HANDLING.attributeNameCheck)) {
+          CUSTOM_ELEMENT_HANDLING.attributeNameCheck = cfg.CUSTOM_ELEMENT_HANDLING.attributeNameCheck;
+        }
+        if (cfg.CUSTOM_ELEMENT_HANDLING && typeof cfg.CUSTOM_ELEMENT_HANDLING.allowCustomizedBuiltInElements === 'boolean') {
+          CUSTOM_ELEMENT_HANDLING.allowCustomizedBuiltInElements = cfg.CUSTOM_ELEMENT_HANDLING.allowCustomizedBuiltInElements;
+        }
+        if (SAFE_FOR_TEMPLATES) {
+          ALLOW_DATA_ATTR = false;
+        }
+        if (RETURN_DOM_FRAGMENT) {
+          RETURN_DOM = true;
+        }
+        /* Parse profile info */
+        if (USE_PROFILES) {
+          ALLOWED_TAGS = addToSet({}, text);
+          ALLOWED_ATTR = [];
+          if (USE_PROFILES.html === true) {
+            addToSet(ALLOWED_TAGS, html$1);
+            addToSet(ALLOWED_ATTR, html);
+          }
+          if (USE_PROFILES.svg === true) {
+            addToSet(ALLOWED_TAGS, svg$1);
+            addToSet(ALLOWED_ATTR, svg);
+            addToSet(ALLOWED_ATTR, xml);
+          }
+          if (USE_PROFILES.svgFilters === true) {
+            addToSet(ALLOWED_TAGS, svgFilters);
+            addToSet(ALLOWED_ATTR, svg);
+            addToSet(ALLOWED_ATTR, xml);
+          }
+          if (USE_PROFILES.mathMl === true) {
+            addToSet(ALLOWED_TAGS, mathMl$1);
+            addToSet(ALLOWED_ATTR, mathMl);
+            addToSet(ALLOWED_ATTR, xml);
+          }
+        }
+        /* Merge configuration parameters */
+        if (cfg.ADD_TAGS) {
+          if (typeof cfg.ADD_TAGS === 'function') {
+            EXTRA_ELEMENT_HANDLING.tagCheck = cfg.ADD_TAGS;
+          } else {
+            if (ALLOWED_TAGS === DEFAULT_ALLOWED_TAGS) {
+              ALLOWED_TAGS = clone(ALLOWED_TAGS);
+            }
+            addToSet(ALLOWED_TAGS, cfg.ADD_TAGS, transformCaseFunc);
+          }
+        }
+        if (cfg.ADD_ATTR) {
+          if (typeof cfg.ADD_ATTR === 'function') {
+            EXTRA_ELEMENT_HANDLING.attributeCheck = cfg.ADD_ATTR;
+          } else {
+            if (ALLOWED_ATTR === DEFAULT_ALLOWED_ATTR) {
+              ALLOWED_ATTR = clone(ALLOWED_ATTR);
+            }
+            addToSet(ALLOWED_ATTR, cfg.ADD_ATTR, transformCaseFunc);
+          }
+        }
+        if (cfg.ADD_URI_SAFE_ATTR) {
+          addToSet(URI_SAFE_ATTRIBUTES, cfg.ADD_URI_SAFE_ATTR, transformCaseFunc);
+        }
+        if (cfg.FORBID_CONTENTS) {
+          if (FORBID_CONTENTS === DEFAULT_FORBID_CONTENTS) {
+            FORBID_CONTENTS = clone(FORBID_CONTENTS);
+          }
+          addToSet(FORBID_CONTENTS, cfg.FORBID_CONTENTS, transformCaseFunc);
+        }
+        if (cfg.ADD_FORBID_CONTENTS) {
+          if (FORBID_CONTENTS === DEFAULT_FORBID_CONTENTS) {
+            FORBID_CONTENTS = clone(FORBID_CONTENTS);
+          }
+          addToSet(FORBID_CONTENTS, cfg.ADD_FORBID_CONTENTS, transformCaseFunc);
+        }
+        /* Add #text in case KEEP_CONTENT is set to true */
+        if (KEEP_CONTENT) {
+          ALLOWED_TAGS['#text'] = true;
+        }
+        /* Add html, head and body to ALLOWED_TAGS in case WHOLE_DOCUMENT is true */
+        if (WHOLE_DOCUMENT) {
+          addToSet(ALLOWED_TAGS, ['html', 'head', 'body']);
+        }
+        /* Add tbody to ALLOWED_TAGS in case tables are permitted, see #286, #365 */
+        if (ALLOWED_TAGS.table) {
+          addToSet(ALLOWED_TAGS, ['tbody']);
+          delete FORBID_TAGS.tbody;
+        }
+        if (cfg.TRUSTED_TYPES_POLICY) {
+          if (typeof cfg.TRUSTED_TYPES_POLICY.createHTML !== 'function') {
+            throw typeErrorCreate('TRUSTED_TYPES_POLICY configuration option must provide a "createHTML" hook.');
+          }
+          if (typeof cfg.TRUSTED_TYPES_POLICY.createScriptURL !== 'function') {
+            throw typeErrorCreate('TRUSTED_TYPES_POLICY configuration option must provide a "createScriptURL" hook.');
+          }
+          // Overwrite existing TrustedTypes policy.
+          trustedTypesPolicy = cfg.TRUSTED_TYPES_POLICY;
+          // Sign local variables required by `sanitize`.
+          emptyHTML = trustedTypesPolicy.createHTML('');
+        } else {
+          // Uninitialized policy, attempt to initialize the internal dompurify policy.
+          if (trustedTypesPolicy === undefined) {
+            trustedTypesPolicy = _createTrustedTypesPolicy(trustedTypes, currentScript);
+          }
+          // If creating the internal policy succeeded sign internal variables.
+          if (trustedTypesPolicy !== null && typeof emptyHTML === 'string') {
+            emptyHTML = trustedTypesPolicy.createHTML('');
+          }
+        }
+        // Prevent further manipulation of configuration.
+        // Not available in IE8, Safari 5, etc.
+        if (freeze) {
+          freeze(cfg);
+        }
+        CONFIG = cfg;
+      };
+      /* Keep track of all possible SVG and MathML tags
+       * so that we can perform the namespace checks
+       * correctly. */
+      const ALL_SVG_TAGS = addToSet({}, [...svg$1, ...svgFilters, ...svgDisallowed]);
+      const ALL_MATHML_TAGS = addToSet({}, [...mathMl$1, ...mathMlDisallowed]);
+      /**
+       * @param element a DOM element whose namespace is being checked
+       * @returns Return false if the element has a
+       *  namespace that a spec-compliant parser would never
+       *  return. Return true otherwise.
+       */
+      const _checkValidNamespace = function _checkValidNamespace(element) {
+        let parent = getParentNode(element);
+        // In JSDOM, if we're inside shadow DOM, then parentNode
+        // can be null. We just simulate parent in this case.
+        if (!parent || !parent.tagName) {
+          parent = {
+            namespaceURI: NAMESPACE,
+            tagName: 'template'
+          };
+        }
+        const tagName = stringToLowerCase(element.tagName);
+        const parentTagName = stringToLowerCase(parent.tagName);
+        if (!ALLOWED_NAMESPACES[element.namespaceURI]) {
+          return false;
+        }
+        if (element.namespaceURI === SVG_NAMESPACE) {
+          // The only way to switch from HTML namespace to SVG
+          // is via <svg>. If it happens via any other tag, then
+          // it should be killed.
+          if (parent.namespaceURI === HTML_NAMESPACE) {
+            return tagName === 'svg';
+          }
+          // The only way to switch from MathML to SVG is via`
+          // svg if parent is either <annotation-xml> or MathML
+          // text integration points.
+          if (parent.namespaceURI === MATHML_NAMESPACE) {
+            return tagName === 'svg' && (parentTagName === 'annotation-xml' || MATHML_TEXT_INTEGRATION_POINTS[parentTagName]);
+          }
+          // We only allow elements that are defined in SVG
+          // spec. All others are disallowed in SVG namespace.
+          return Boolean(ALL_SVG_TAGS[tagName]);
+        }
+        if (element.namespaceURI === MATHML_NAMESPACE) {
+          // The only way to switch from HTML namespace to MathML
+          // is via <math>. If it happens via any other tag, then
+          // it should be killed.
+          if (parent.namespaceURI === HTML_NAMESPACE) {
+            return tagName === 'math';
+          }
+          // The only way to switch from SVG to MathML is via
+          // <math> and HTML integration points
+          if (parent.namespaceURI === SVG_NAMESPACE) {
+            return tagName === 'math' && HTML_INTEGRATION_POINTS[parentTagName];
+          }
+          // We only allow elements that are defined in MathML
+          // spec. All others are disallowed in MathML namespace.
+          return Boolean(ALL_MATHML_TAGS[tagName]);
+        }
+        if (element.namespaceURI === HTML_NAMESPACE) {
+          // The only way to switch from SVG to HTML is via
+          // HTML integration points, and from MathML to HTML
+          // is via MathML text integration points
+          if (parent.namespaceURI === SVG_NAMESPACE && !HTML_INTEGRATION_POINTS[parentTagName]) {
+            return false;
+          }
+          if (parent.namespaceURI === MATHML_NAMESPACE && !MATHML_TEXT_INTEGRATION_POINTS[parentTagName]) {
+            return false;
+          }
+          // We disallow tags that are specific for MathML
+          // or SVG and should never appear in HTML namespace
+          return !ALL_MATHML_TAGS[tagName] && (COMMON_SVG_AND_HTML_ELEMENTS[tagName] || !ALL_SVG_TAGS[tagName]);
+        }
+        // For XHTML and XML documents that support custom namespaces
+        if (PARSER_MEDIA_TYPE === 'application/xhtml+xml' && ALLOWED_NAMESPACES[element.namespaceURI]) {
+          return true;
+        }
+        // The code should never reach this place (this means
+        // that the element somehow got namespace that is not
+        // HTML, SVG, MathML or allowed via ALLOWED_NAMESPACES).
+        // Return false just in case.
+        return false;
+      };
+      /**
+       * _forceRemove
+       *
+       * @param node a DOM node
+       */
+      const _forceRemove = function _forceRemove(node) {
+        arrayPush(DOMPurify.removed, {
+          element: node
+        });
+        try {
+          // eslint-disable-next-line unicorn/prefer-dom-node-remove
+          getParentNode(node).removeChild(node);
+        } catch (_) {
+          remove(node);
+        }
+      };
+      /**
+       * _removeAttribute
+       *
+       * @param name an Attribute name
+       * @param element a DOM node
+       */
+      const _removeAttribute = function _removeAttribute(name, element) {
+        try {
+          arrayPush(DOMPurify.removed, {
+            attribute: element.getAttributeNode(name),
+            from: element
+          });
+        } catch (_) {
+          arrayPush(DOMPurify.removed, {
+            attribute: null,
+            from: element
+          });
+        }
+        element.removeAttribute(name);
+        // We void attribute values for unremovable "is" attributes
+        if (name === 'is') {
+          if (RETURN_DOM || RETURN_DOM_FRAGMENT) {
+            try {
+              _forceRemove(element);
+            } catch (_) {}
+          } else {
+            try {
+              element.setAttribute(name, '');
+            } catch (_) {}
+          }
+        }
+      };
+      /**
+       * _initDocument
+       *
+       * @param dirty - a string of dirty markup
+       * @return a DOM, filled with the dirty markup
+       */
+      const _initDocument = function _initDocument(dirty) {
+        /* Create a HTML document */
+        let doc = null;
+        let leadingWhitespace = null;
+        if (FORCE_BODY) {
+          dirty = '<remove></remove>' + dirty;
+        } else {
+          /* If FORCE_BODY isn't used, leading whitespace needs to be preserved manually */
+          const matches = stringMatch(dirty, /^[\r\n\t ]+/);
+          leadingWhitespace = matches && matches[0];
+        }
+        if (PARSER_MEDIA_TYPE === 'application/xhtml+xml' && NAMESPACE === HTML_NAMESPACE) {
+          // Root of XHTML doc must contain xmlns declaration (see https://www.w3.org/TR/xhtml1/normative.html#strict)
+          dirty = '<html xmlns="http://www.w3.org/1999/xhtml"><head></head><body>' + dirty + '</body></html>';
+        }
+        const dirtyPayload = trustedTypesPolicy ? trustedTypesPolicy.createHTML(dirty) : dirty;
+        /*
+         * Use the DOMParser API by default, fallback later if needs be
+         * DOMParser not work for svg when has multiple root element.
+         */
+        if (NAMESPACE === HTML_NAMESPACE) {
+          try {
+            doc = new DOMParser().parseFromString(dirtyPayload, PARSER_MEDIA_TYPE);
+          } catch (_) {}
+        }
+        /* Use createHTMLDocument in case DOMParser is not available */
+        if (!doc || !doc.documentElement) {
+          doc = implementation.createDocument(NAMESPACE, 'template', null);
+          try {
+            doc.documentElement.innerHTML = IS_EMPTY_INPUT ? emptyHTML : dirtyPayload;
+          } catch (_) {
+            // Syntax error if dirtyPayload is invalid xml
+          }
+        }
+        const body = doc.body || doc.documentElement;
+        if (dirty && leadingWhitespace) {
+          body.insertBefore(document.createTextNode(leadingWhitespace), body.childNodes[0] || null);
+        }
+        /* Work on whole document or just its body */
+        if (NAMESPACE === HTML_NAMESPACE) {
+          return getElementsByTagName.call(doc, WHOLE_DOCUMENT ? 'html' : 'body')[0];
+        }
+        return WHOLE_DOCUMENT ? doc.documentElement : body;
+      };
+      /**
+       * Creates a NodeIterator object that you can use to traverse filtered lists of nodes or elements in a document.
+       *
+       * @param root The root element or node to start traversing on.
+       * @return The created NodeIterator
+       */
+      const _createNodeIterator = function _createNodeIterator(root) {
+        return createNodeIterator.call(root.ownerDocument || root, root,
+        // eslint-disable-next-line no-bitwise
+        NodeFilter.SHOW_ELEMENT | NodeFilter.SHOW_COMMENT | NodeFilter.SHOW_TEXT | NodeFilter.SHOW_PROCESSING_INSTRUCTION | NodeFilter.SHOW_CDATA_SECTION, null);
+      };
+      /**
+       * _isClobbered
+       *
+       * @param element element to check for clobbering attacks
+       * @return true if clobbered, false if safe
+       */
+      const _isClobbered = function _isClobbered(element) {
+        return element instanceof HTMLFormElement && (typeof element.nodeName !== 'string' || typeof element.textContent !== 'string' || typeof element.removeChild !== 'function' || !(element.attributes instanceof NamedNodeMap) || typeof element.removeAttribute !== 'function' || typeof element.setAttribute !== 'function' || typeof element.namespaceURI !== 'string' || typeof element.insertBefore !== 'function' || typeof element.hasChildNodes !== 'function');
+      };
+      /**
+       * Checks whether the given object is a DOM node.
+       *
+       * @param value object to check whether it's a DOM node
+       * @return true is object is a DOM node
+       */
+      const _isNode = function _isNode(value) {
+        return typeof Node === 'function' && value instanceof Node;
+      };
+      function _executeHooks(hooks, currentNode, data) {
+        arrayForEach(hooks, hook => {
+          hook.call(DOMPurify, currentNode, data, CONFIG);
+        });
+      }
+      /**
+       * _sanitizeElements
+       *
+       * @protect nodeName
+       * @protect textContent
+       * @protect removeChild
+       * @param currentNode to check for permission to exist
+       * @return true if node was killed, false if left alive
+       */
+      const _sanitizeElements = function _sanitizeElements(currentNode) {
+        let content = null;
+        /* Execute a hook if present */
+        _executeHooks(hooks.beforeSanitizeElements, currentNode, null);
+        /* Check if element is clobbered or can clobber */
+        if (_isClobbered(currentNode)) {
+          _forceRemove(currentNode);
+          return true;
+        }
+        /* Now let's check the element's type and name */
+        const tagName = transformCaseFunc(currentNode.nodeName);
+        /* Execute a hook if present */
+        _executeHooks(hooks.uponSanitizeElement, currentNode, {
+          tagName,
+          allowedTags: ALLOWED_TAGS
+        });
+        /* Detect mXSS attempts abusing namespace confusion */
+        if (SAFE_FOR_XML && currentNode.hasChildNodes() && !_isNode(currentNode.firstElementChild) && regExpTest(/<[/\w!]/g, currentNode.innerHTML) && regExpTest(/<[/\w!]/g, currentNode.textContent)) {
+          _forceRemove(currentNode);
+          return true;
+        }
+        /* Remove any occurrence of processing instructions */
+        if (currentNode.nodeType === NODE_TYPE.progressingInstruction) {
+          _forceRemove(currentNode);
+          return true;
+        }
+        /* Remove any kind of possibly harmful comments */
+        if (SAFE_FOR_XML && currentNode.nodeType === NODE_TYPE.comment && regExpTest(/<[/\w]/g, currentNode.data)) {
+          _forceRemove(currentNode);
+          return true;
+        }
+        /* Remove element if anything forbids its presence */
+        if (!(EXTRA_ELEMENT_HANDLING.tagCheck instanceof Function && EXTRA_ELEMENT_HANDLING.tagCheck(tagName)) && (!ALLOWED_TAGS[tagName] || FORBID_TAGS[tagName])) {
+          /* Check if we have a custom element to handle */
+          if (!FORBID_TAGS[tagName] && _isBasicCustomElement(tagName)) {
+            if (CUSTOM_ELEMENT_HANDLING.tagNameCheck instanceof RegExp && regExpTest(CUSTOM_ELEMENT_HANDLING.tagNameCheck, tagName)) {
+              return false;
+            }
+            if (CUSTOM_ELEMENT_HANDLING.tagNameCheck instanceof Function && CUSTOM_ELEMENT_HANDLING.tagNameCheck(tagName)) {
+              return false;
+            }
+          }
+          /* Keep content except for bad-listed elements */
+          if (KEEP_CONTENT && !FORBID_CONTENTS[tagName]) {
+            const parentNode = getParentNode(currentNode) || currentNode.parentNode;
+            const childNodes = getChildNodes(currentNode) || currentNode.childNodes;
+            if (childNodes && parentNode) {
+              const childCount = childNodes.length;
+              for (let i = childCount - 1; i >= 0; --i) {
+                const childClone = cloneNode(childNodes[i], true);
+                childClone.__removalCount = (currentNode.__removalCount || 0) + 1;
+                parentNode.insertBefore(childClone, getNextSibling(currentNode));
+              }
+            }
+          }
+          _forceRemove(currentNode);
+          return true;
+        }
+        /* Check whether element has a valid namespace */
+        if (currentNode instanceof Element && !_checkValidNamespace(currentNode)) {
+          _forceRemove(currentNode);
+          return true;
+        }
+        /* Make sure that older browsers don't get fallback-tag mXSS */
+        if ((tagName === 'noscript' || tagName === 'noembed' || tagName === 'noframes') && regExpTest(/<\/no(script|embed|frames)/i, currentNode.innerHTML)) {
+          _forceRemove(currentNode);
+          return true;
+        }
+        /* Sanitize element content to be template-safe */
+        if (SAFE_FOR_TEMPLATES && currentNode.nodeType === NODE_TYPE.text) {
+          /* Get the element's text content */
+          content = currentNode.textContent;
+          arrayForEach([MUSTACHE_EXPR, ERB_EXPR, TMPLIT_EXPR], expr => {
+            content = stringReplace(content, expr, ' ');
+          });
+          if (currentNode.textContent !== content) {
+            arrayPush(DOMPurify.removed, {
+              element: currentNode.cloneNode()
+            });
+            currentNode.textContent = content;
+          }
+        }
+        /* Execute a hook if present */
+        _executeHooks(hooks.afterSanitizeElements, currentNode, null);
+        return false;
+      };
+      /**
+       * _isValidAttribute
+       *
+       * @param lcTag Lowercase tag name of containing element.
+       * @param lcName Lowercase attribute name.
+       * @param value Attribute value.
+       * @return Returns true if `value` is valid, otherwise false.
+       */
+      // eslint-disable-next-line complexity
+      const _isValidAttribute = function _isValidAttribute(lcTag, lcName, value) {
+        /* Make sure attribute cannot clobber */
+        if (SANITIZE_DOM && (lcName === 'id' || lcName === 'name') && (value in document || value in formElement)) {
+          return false;
+        }
+        /* Allow valid data-* attributes: At least one character after "-"
+            (https://html.spec.whatwg.org/multipage/dom.html#embedding-custom-non-visible-data-with-the-data-*-attributes)
+            XML-compatible (https://html.spec.whatwg.org/multipage/infrastructure.html#xml-compatible and http://www.w3.org/TR/xml/#d0e804)
+            We don't need to check the value; it's always URI safe. */
+        if (ALLOW_DATA_ATTR && !FORBID_ATTR[lcName] && regExpTest(DATA_ATTR, lcName)) ; else if (ALLOW_ARIA_ATTR && regExpTest(ARIA_ATTR, lcName)) ; else if (EXTRA_ELEMENT_HANDLING.attributeCheck instanceof Function && EXTRA_ELEMENT_HANDLING.attributeCheck(lcName, lcTag)) ; else if (!ALLOWED_ATTR[lcName] || FORBID_ATTR[lcName]) {
+          if (
+          // First condition does a very basic check if a) it's basically a valid custom element tagname AND
+          // b) if the tagName passes whatever the user has configured for CUSTOM_ELEMENT_HANDLING.tagNameCheck
+          // and c) if the attribute name passes whatever the user has configured for CUSTOM_ELEMENT_HANDLING.attributeNameCheck
+          _isBasicCustomElement(lcTag) && (CUSTOM_ELEMENT_HANDLING.tagNameCheck instanceof RegExp && regExpTest(CUSTOM_ELEMENT_HANDLING.tagNameCheck, lcTag) || CUSTOM_ELEMENT_HANDLING.tagNameCheck instanceof Function && CUSTOM_ELEMENT_HANDLING.tagNameCheck(lcTag)) && (CUSTOM_ELEMENT_HANDLING.attributeNameCheck instanceof RegExp && regExpTest(CUSTOM_ELEMENT_HANDLING.attributeNameCheck, lcName) || CUSTOM_ELEMENT_HANDLING.attributeNameCheck instanceof Function && CUSTOM_ELEMENT_HANDLING.attributeNameCheck(lcName, lcTag)) ||
+          // Alternative, second condition checks if it's an `is`-attribute, AND
+          // the value passes whatever the user has configured for CUSTOM_ELEMENT_HANDLING.tagNameCheck
+          lcName === 'is' && CUSTOM_ELEMENT_HANDLING.allowCustomizedBuiltInElements && (CUSTOM_ELEMENT_HANDLING.tagNameCheck instanceof RegExp && regExpTest(CUSTOM_ELEMENT_HANDLING.tagNameCheck, value) || CUSTOM_ELEMENT_HANDLING.tagNameCheck instanceof Function && CUSTOM_ELEMENT_HANDLING.tagNameCheck(value))) ; else {
+            return false;
+          }
+          /* Check value is safe. First, is attr inert? If so, is safe */
+        } else if (URI_SAFE_ATTRIBUTES[lcName]) ; else if (regExpTest(IS_ALLOWED_URI$1, stringReplace(value, ATTR_WHITESPACE, ''))) ; else if ((lcName === 'src' || lcName === 'xlink:href' || lcName === 'href') && lcTag !== 'script' && stringIndexOf(value, 'data:') === 0 && DATA_URI_TAGS[lcTag]) ; else if (ALLOW_UNKNOWN_PROTOCOLS && !regExpTest(IS_SCRIPT_OR_DATA, stringReplace(value, ATTR_WHITESPACE, ''))) ; else if (value) {
+          return false;
+        } else ;
+        return true;
+      };
+      /**
+       * _isBasicCustomElement
+       * checks if at least one dash is included in tagName, and it's not the first char
+       * for more sophisticated checking see https://github.com/sindresorhus/validate-element-name
+       *
+       * @param tagName name of the tag of the node to sanitize
+       * @returns Returns true if the tag name meets the basic criteria for a custom element, otherwise false.
+       */
+      const _isBasicCustomElement = function _isBasicCustomElement(tagName) {
+        return tagName !== 'annotation-xml' && stringMatch(tagName, CUSTOM_ELEMENT);
+      };
+      /**
+       * _sanitizeAttributes
+       *
+       * @protect attributes
+       * @protect nodeName
+       * @protect removeAttribute
+       * @protect setAttribute
+       *
+       * @param currentNode to sanitize
+       */
+      const _sanitizeAttributes = function _sanitizeAttributes(currentNode) {
+        /* Execute a hook if present */
+        _executeHooks(hooks.beforeSanitizeAttributes, currentNode, null);
+        const {
+          attributes
+        } = currentNode;
+        /* Check if we have attributes; if not we might have a text node */
+        if (!attributes || _isClobbered(currentNode)) {
+          return;
+        }
+        const hookEvent = {
+          attrName: '',
+          attrValue: '',
+          keepAttr: true,
+          allowedAttributes: ALLOWED_ATTR,
+          forceKeepAttr: undefined
+        };
+        let l = attributes.length;
+        /* Go backwards over all attributes; safely remove bad ones */
+        while (l--) {
+          const attr = attributes[l];
+          const {
+            name,
+            namespaceURI,
+            value: attrValue
+          } = attr;
+          const lcName = transformCaseFunc(name);
+          const initValue = attrValue;
+          let value = name === 'value' ? initValue : stringTrim(initValue);
+          /* Execute a hook if present */
+          hookEvent.attrName = lcName;
+          hookEvent.attrValue = value;
+          hookEvent.keepAttr = true;
+          hookEvent.forceKeepAttr = undefined; // Allows developers to see this is a property they can set
+          _executeHooks(hooks.uponSanitizeAttribute, currentNode, hookEvent);
+          value = hookEvent.attrValue;
+          /* Full DOM Clobbering protection via namespace isolation,
+           * Prefix id and name attributes with `user-content-`
+           */
+          if (SANITIZE_NAMED_PROPS && (lcName === 'id' || lcName === 'name')) {
+            // Remove the attribute with this value
+            _removeAttribute(name, currentNode);
+            // Prefix the value and later re-create the attribute with the sanitized value
+            value = SANITIZE_NAMED_PROPS_PREFIX + value;
+          }
+          /* Work around a security issue with comments inside attributes */
+          if (SAFE_FOR_XML && regExpTest(/((--!?|])>)|<\/(style|title|textarea)/i, value)) {
+            _removeAttribute(name, currentNode);
+            continue;
+          }
+          /* Make sure we cannot easily use animated hrefs, even if animations are allowed */
+          if (lcName === 'attributename' && stringMatch(value, 'href')) {
+            _removeAttribute(name, currentNode);
+            continue;
+          }
+          /* Did the hooks approve of the attribute? */
+          if (hookEvent.forceKeepAttr) {
+            continue;
+          }
+          /* Did the hooks approve of the attribute? */
+          if (!hookEvent.keepAttr) {
+            _removeAttribute(name, currentNode);
+            continue;
+          }
+          /* Work around a security issue in jQuery 3.0 */
+          if (!ALLOW_SELF_CLOSE_IN_ATTR && regExpTest(/\/>/i, value)) {
+            _removeAttribute(name, currentNode);
+            continue;
+          }
+          /* Sanitize attribute content to be template-safe */
+          if (SAFE_FOR_TEMPLATES) {
+            arrayForEach([MUSTACHE_EXPR, ERB_EXPR, TMPLIT_EXPR], expr => {
+              value = stringReplace(value, expr, ' ');
+            });
+          }
+          /* Is `value` valid for this attribute? */
+          const lcTag = transformCaseFunc(currentNode.nodeName);
+          if (!_isValidAttribute(lcTag, lcName, value)) {
+            _removeAttribute(name, currentNode);
+            continue;
+          }
+          /* Handle attributes that require Trusted Types */
+          if (trustedTypesPolicy && typeof trustedTypes === 'object' && typeof trustedTypes.getAttributeType === 'function') {
+            if (namespaceURI) ; else {
+              switch (trustedTypes.getAttributeType(lcTag, lcName)) {
+                case 'TrustedHTML':
+                  {
+                    value = trustedTypesPolicy.createHTML(value);
+                    break;
+                  }
+                case 'TrustedScriptURL':
+                  {
+                    value = trustedTypesPolicy.createScriptURL(value);
+                    break;
+                  }
+              }
+            }
+          }
+          /* Handle invalid data-* attribute set by try-catching it */
+          if (value !== initValue) {
+            try {
+              if (namespaceURI) {
+                currentNode.setAttributeNS(namespaceURI, name, value);
+              } else {
+                /* Fallback to setAttribute() for browser-unrecognized namespaces e.g. "x-schema". */
+                currentNode.setAttribute(name, value);
+              }
+              if (_isClobbered(currentNode)) {
+                _forceRemove(currentNode);
+              } else {
+                arrayPop(DOMPurify.removed);
+              }
+            } catch (_) {
+              _removeAttribute(name, currentNode);
+            }
+          }
+        }
+        /* Execute a hook if present */
+        _executeHooks(hooks.afterSanitizeAttributes, currentNode, null);
+      };
+      /**
+       * _sanitizeShadowDOM
+       *
+       * @param fragment to iterate over recursively
+       */
+      const _sanitizeShadowDOM = function _sanitizeShadowDOM(fragment) {
+        let shadowNode = null;
+        const shadowIterator = _createNodeIterator(fragment);
+        /* Execute a hook if present */
+        _executeHooks(hooks.beforeSanitizeShadowDOM, fragment, null);
+        while (shadowNode = shadowIterator.nextNode()) {
+          /* Execute a hook if present */
+          _executeHooks(hooks.uponSanitizeShadowNode, shadowNode, null);
+          /* Sanitize tags and elements */
+          _sanitizeElements(shadowNode);
+          /* Check attributes next */
+          _sanitizeAttributes(shadowNode);
+          /* Deep shadow DOM detected */
+          if (shadowNode.content instanceof DocumentFragment) {
+            _sanitizeShadowDOM(shadowNode.content);
+          }
+        }
+        /* Execute a hook if present */
+        _executeHooks(hooks.afterSanitizeShadowDOM, fragment, null);
+      };
+      // eslint-disable-next-line complexity
+      DOMPurify.sanitize = function (dirty) {
+        let cfg = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
+        let body = null;
+        let importedNode = null;
+        let currentNode = null;
+        let returnNode = null;
+        /* Make sure we have a string to sanitize.
+          DO NOT return early, as this will return the wrong type if
+          the user has requested a DOM object rather than a string */
+        IS_EMPTY_INPUT = !dirty;
+        if (IS_EMPTY_INPUT) {
+          dirty = '<!-->';
+        }
+        /* Stringify, in case dirty is an object */
+        if (typeof dirty !== 'string' && !_isNode(dirty)) {
+          if (typeof dirty.toString === 'function') {
+            dirty = dirty.toString();
+            if (typeof dirty !== 'string') {
+              throw typeErrorCreate('dirty is not a string, aborting');
+            }
+          } else {
+            throw typeErrorCreate('toString is not a function');
+          }
+        }
+        /* Return dirty HTML if DOMPurify cannot run */
+        if (!DOMPurify.isSupported) {
+          return dirty;
+        }
+        /* Assign config vars */
+        if (!SET_CONFIG) {
+          _parseConfig(cfg);
+        }
+        /* Clean up removed elements */
+        DOMPurify.removed = [];
+        /* Check if dirty is correctly typed for IN_PLACE */
+        if (typeof dirty === 'string') {
+          IN_PLACE = false;
+        }
+        if (IN_PLACE) {
+          /* Do some early pre-sanitization to avoid unsafe root nodes */
+          if (dirty.nodeName) {
+            const tagName = transformCaseFunc(dirty.nodeName);
+            if (!ALLOWED_TAGS[tagName] || FORBID_TAGS[tagName]) {
+              throw typeErrorCreate('root node is forbidden and cannot be sanitized in-place');
+            }
+          }
+        } else if (dirty instanceof Node) {
+          /* If dirty is a DOM element, append to an empty document to avoid
+             elements being stripped by the parser */
+          body = _initDocument('<!---->');
+          importedNode = body.ownerDocument.importNode(dirty, true);
+          if (importedNode.nodeType === NODE_TYPE.element && importedNode.nodeName === 'BODY') {
+            /* Node is already a body, use as is */
+            body = importedNode;
+          } else if (importedNode.nodeName === 'HTML') {
+            body = importedNode;
+          } else {
+            // eslint-disable-next-line unicorn/prefer-dom-node-append
+            body.appendChild(importedNode);
+          }
+        } else {
+          /* Exit directly if we have nothing to do */
+          if (!RETURN_DOM && !SAFE_FOR_TEMPLATES && !WHOLE_DOCUMENT &&
+          // eslint-disable-next-line unicorn/prefer-includes
+          dirty.indexOf('<') === -1) {
+            return trustedTypesPolicy && RETURN_TRUSTED_TYPE ? trustedTypesPolicy.createHTML(dirty) : dirty;
+          }
+          /* Initialize the document to work on */
+          body = _initDocument(dirty);
+          /* Check we have a DOM node from the data */
+          if (!body) {
+            return RETURN_DOM ? null : RETURN_TRUSTED_TYPE ? emptyHTML : '';
+          }
+        }
+        /* Remove first element node (ours) if FORCE_BODY is set */
+        if (body && FORCE_BODY) {
+          _forceRemove(body.firstChild);
+        }
+        /* Get node iterator */
+        const nodeIterator = _createNodeIterator(IN_PLACE ? dirty : body);
+        /* Now start iterating over the created document */
+        while (currentNode = nodeIterator.nextNode()) {
+          /* Sanitize tags and elements */
+          _sanitizeElements(currentNode);
+          /* Check attributes next */
+          _sanitizeAttributes(currentNode);
+          /* Shadow DOM detected, sanitize it */
+          if (currentNode.content instanceof DocumentFragment) {
+            _sanitizeShadowDOM(currentNode.content);
+          }
+        }
+        /* If we sanitized `dirty` in-place, return it. */
+        if (IN_PLACE) {
+          return dirty;
+        }
+        /* Return sanitized string or DOM */
+        if (RETURN_DOM) {
+          if (RETURN_DOM_FRAGMENT) {
+            returnNode = createDocumentFragment.call(body.ownerDocument);
+            while (body.firstChild) {
+              // eslint-disable-next-line unicorn/prefer-dom-node-append
+              returnNode.appendChild(body.firstChild);
+            }
+          } else {
+            returnNode = body;
+          }
+          if (ALLOWED_ATTR.shadowroot || ALLOWED_ATTR.shadowrootmode) {
+            /*
+              AdoptNode() is not used because internal state is not reset
+              (e.g. the past names map of a HTMLFormElement), this is safe
+              in theory but we would rather not risk another attack vector.
+              The state that is cloned by importNode() is explicitly defined
+              by the specs.
+            */
+            returnNode = importNode.call(originalDocument, returnNode, true);
+          }
+          return returnNode;
+        }
+        let serializedHTML = WHOLE_DOCUMENT ? body.outerHTML : body.innerHTML;
+        /* Serialize doctype if allowed */
+        if (WHOLE_DOCUMENT && ALLOWED_TAGS['!doctype'] && body.ownerDocument && body.ownerDocument.doctype && body.ownerDocument.doctype.name && regExpTest(DOCTYPE_NAME, body.ownerDocument.doctype.name)) {
+          serializedHTML = '<!DOCTYPE ' + body.ownerDocument.doctype.name + '>\n' + serializedHTML;
+        }
+        /* Sanitize final string template-safe */
+        if (SAFE_FOR_TEMPLATES) {
+          arrayForEach([MUSTACHE_EXPR, ERB_EXPR, TMPLIT_EXPR], expr => {
+            serializedHTML = stringReplace(serializedHTML, expr, ' ');
+          });
+        }
+        return trustedTypesPolicy && RETURN_TRUSTED_TYPE ? trustedTypesPolicy.createHTML(serializedHTML) : serializedHTML;
+      };
+      DOMPurify.setConfig = function () {
+        let cfg = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
+        _parseConfig(cfg);
+        SET_CONFIG = true;
+      };
+      DOMPurify.clearConfig = function () {
+        CONFIG = null;
+        SET_CONFIG = false;
+      };
+      DOMPurify.isValidAttribute = function (tag, attr, value) {
+        /* Initialize shared config vars if necessary. */
+        if (!CONFIG) {
+          _parseConfig({});
+        }
+        const lcTag = transformCaseFunc(tag);
+        const lcName = transformCaseFunc(attr);
+        return _isValidAttribute(lcTag, lcName, value);
+      };
+      DOMPurify.addHook = function (entryPoint, hookFunction) {
+        if (typeof hookFunction !== 'function') {
+          return;
+        }
+        arrayPush(hooks[entryPoint], hookFunction);
+      };
+      DOMPurify.removeHook = function (entryPoint, hookFunction) {
+        if (hookFunction !== undefined) {
+          const index = arrayLastIndexOf(hooks[entryPoint], hookFunction);
+          return index === -1 ? undefined : arraySplice(hooks[entryPoint], index, 1)[0];
+        }
+        return arrayPop(hooks[entryPoint]);
+      };
+      DOMPurify.removeHooks = function (entryPoint) {
+        hooks[entryPoint] = [];
+      };
+      DOMPurify.removeAllHooks = function () {
+        hooks = _createHooksMap();
+      };
+      return DOMPurify;
+    }
+    var purify = createDOMPurify();
+
+    function _define_property$3(obj, key, value) {
+        if (key in obj) {
+            Object.defineProperty(obj, key, {
+                value: value,
+                enumerable: true,
+                configurable: true,
+                writable: true
+            });
+        } else {
+            obj[key] = value;
+        }
+        return obj;
+    }
+    /**
+     * 框架错误基类
+     */ class FrameworkError extends Error {
+        /**
+       * 转换为 JSON
+       */ toJSON() {
+            return {
+                name: this.name,
+                message: this.message,
+                type: this.type,
+                severity: this.severity,
+                code: this.code,
+                recoverable: this.recoverable,
+                context: this.context,
+                stack: this.stack,
+                originalError: this.originalError ? {
+                    name: this.originalError.name,
+                    message: this.originalError.message,
+                    stack: this.originalError.stack
+                } : undefined
+            };
+        }
+        constructor(message, type = "UNKNOWN", severity = "MEDIUM", options){
+            super(message), /**
+       * 错误类型
+       */ _define_property$3(this, "type", void 0), /**
+       * 错误严重程度
+       */ _define_property$3(this, "severity", void 0), /**
+       * 错误代码
+       */ _define_property$3(this, "code", void 0), /**
+       * 原始错误
+       */ _define_property$3(this, "originalError", void 0), /**
+       * 错误上下文
+       */ _define_property$3(this, "context", void 0), /**
+       * 是否可恢复
+       */ _define_property$3(this, "recoverable", void 0);
+            this.name = 'FrameworkError';
+            this.type = type;
+            this.severity = severity;
+            this.code = options?.code || `${type}_ERROR`;
+            this.originalError = options?.originalError;
+            this.context = options?.context;
+            this.recoverable = options?.recoverable ?? false;
+            // 保持正确的堆栈跟踪
+            if (Error.captureStackTrace) {
+                Error.captureStackTrace(this, FrameworkError);
+            }
+        }
+    }
+    /**
+     * 安全错误
+     */ class SecurityError extends FrameworkError {
+        constructor(message, originalError, context){
+            super(message, "SECURITY", "HIGH", {
+                code: 'SECURITY_ERROR',
+                originalError,
+                context,
+                recoverable: false
+            });
+            this.name = 'SecurityError';
+        }
+    }
+
+    /**
+     * 敏感数据标识（扩展列表）
+     */ const SENSITIVE_FIELDS = [
+        'password',
+        'pwd',
+        'passwd',
+        'token',
+        'secret',
+        'key',
+        'apiKey',
+        'apikey',
+        'api_key',
+        'accessToken',
+        'access_token',
+        'refreshToken',
+        'refresh_token',
+        'authorization',
+        'auth',
+        'cookie',
+        'session',
+        'sessionId',
+        'session_id',
+        'creditCard',
+        'credit_card',
+        'cardNumber',
+        'card_number',
+        'cvv',
+        'cvc',
+        'ssn',
+        'socialSecurityNumber',
+        'social_security_number',
+        'phone',
+        'phoneNumber',
+        'phone_number',
+        'mobile',
+        'email',
+        'emailAddress',
+        'email_address',
+        'privateKey',
+        'private_key',
+        'secretKey',
+        'secret_key',
+        'apiSecret',
+        'api_secret'
+    ];
+    /**
+     * 敏感信息检测模式（正则表达式）
+     */ const SENSITIVE_PATTERNS = [
+        /\b\d{4}[\s-]?\d{4}[\s-]?\d{4}[\s-]?\d{4}\b/,
+        /\b\d{3}-\d{2}-\d{4}\b/,
+        /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/,
+        /\b\d{10,}\b/
+    ];
+    /**
+     * 安全工具类
+     */ class SecurityUtils {
+        /**
+       * 清理 HTML，防止 XSS 攻击
+       */ static sanitizeHTML(html, config) {
+            if (typeof window === 'undefined') {
+                // Node.js 环境，返回原始字符串（需要服务端处理）
+                return html;
+            }
+            try {
+                if (config?.allowHTML) {
+                    // 默认禁止所有标签，除非明确允许
+                    const allowedTags = config.allowedTags && config.allowedTags.length > 0 ? config.allowedTags : [];
+                    const allowedAttributes = config.allowedAttributes && config.allowedAttributes.length > 0 ? config.allowedAttributes : [];
+                    return purify.sanitize(html, {
+                        ALLOWED_TAGS: allowedTags,
+                        ALLOWED_ATTR: allowedAttributes,
+                        FORBID_TAGS: [
+                            'script',
+                            'iframe',
+                            'object',
+                            'embed',
+                            'form',
+                            'link',
+                            'meta',
+                            'style'
+                        ],
+                        FORBID_ATTR: [
+                            'onerror',
+                            'onload',
+                            'onclick',
+                            'onmouseover',
+                            'onfocus',
+                            'onblur',
+                            'onchange'
+                        ],
+                        // 添加更多安全配置
+                        KEEP_CONTENT: false,
+                        RETURN_DOM: false,
+                        RETURN_DOM_FRAGMENT: false,
+                        RETURN_TRUSTED_TYPE: false
+                    });
+                }
+                // 默认模式：完全清理，不允许任何 HTML
+                return purify.sanitize(html, {
+                    ALLOWED_TAGS: [],
+                    KEEP_CONTENT: false
+                });
+            } catch (error) {
+                // 错误处理：不泄露敏感信息，记录错误但不抛出详细错误
+                const errorMessage = error instanceof Error ? error.message : 'Unknown error';
+                // 只记录错误类型，不记录具体内容
+                console.error('HTML 清理失败:', errorMessage.substring(0, 50));
+                // 返回安全的空字符串或清理后的文本
+                return this.sanitizeText(html);
+            }
+        }
+        /**
+       * 清理文本内容（移除所有 HTML 标签）
+       */ static sanitizeText(text) {
+            if (typeof window === 'undefined') {
+                return text.replace(/<[^>]*>/g, '');
+            }
+            try {
+                return purify.sanitize(text, {
+                    ALLOWED_TAGS: []
+                });
+            } catch (error) {
+                throw new SecurityError('文本清理失败', error instanceof Error ? error : undefined);
+            }
+        }
+        /**
+       * 检查字符串是否包含潜在的危险内容
+       */ static containsDangerousContent(text) {
+            const dangerousPatterns = [
+                /<script[\s\S]*?>[\s\S]*?<\/script>/gi,
+                /javascript:/gi,
+                /on\w+\s*=/gi,
+                /<iframe[\s\S]*?>/gi,
+                /<object[\s\S]*?>/gi,
+                /<embed[\s\S]*?>/gi,
+                /<link[\s\S]*?>/gi,
+                /<meta[\s\S]*?>/gi,
+                /data:text\/html/gi,
+                /vbscript:/gi,
+                /expression\s*\(/gi,
+                /@import/gi,
+                /<style[\s\S]*?>[\s\S]*?<\/style>/gi
+            ];
+            return dangerousPatterns.some((pattern)=>pattern.test(text));
+        }
+        /**
+       * 验证 URL 是否安全
+       */ static isSafeUrl(url) {
+            try {
+                const urlObj = new URL(url);
+                // 检查协议
+                if (![
+                    'http:',
+                    'https:'
+                ].includes(urlObj.protocol)) {
+                    return false;
+                }
+                // 检查是否包含危险内容
+                return !this.containsDangerousContent(url);
+            } catch  {
+                return false;
+            }
+        }
+        /**
+       * 检查字段名是否为敏感字段
+       */ static isSensitiveField(fieldName) {
+            const lowerFieldName = fieldName.toLowerCase();
+            return SENSITIVE_FIELDS.some((field)=>lowerFieldName.includes(field.toLowerCase()));
+        }
+        /**
+       * 检查值是否包含敏感信息（基于模式匹配）
+       */ static containsSensitiveData(value) {
+            return SENSITIVE_PATTERNS.some((pattern)=>pattern.test(value));
+        }
+        /**
+       * 生成 CSP（Content Security Policy）头
+       */ static generateCSP(config) {
+            const directives = [];
+            const allowUnsafeInline = config?.allowUnsafeInline ?? false;
+            const allowUnsafeEval = config?.allowUnsafeEval ?? false;
+            if (config?.defaultSrc) {
+                directives.push(`default-src ${config.defaultSrc.join(' ')}`);
+            } else {
+                directives.push("default-src 'self'");
+            }
+            if (config?.scriptSrc) {
+                directives.push(`script-src ${config.scriptSrc.join(' ')}`);
+            } else {
+                // 默认不允许 unsafe-inline 和 unsafe-eval，提高安全性
+                const scriptSrc = [
+                    "'self'"
+                ];
+                if (allowUnsafeInline) {
+                    scriptSrc.push("'unsafe-inline'");
+                }
+                if (allowUnsafeEval) {
+                    scriptSrc.push("'unsafe-eval'");
+                }
+                directives.push(`script-src ${scriptSrc.join(' ')}`);
+            }
+            if (config?.styleSrc) {
+                directives.push(`style-src ${config.styleSrc.join(' ')}`);
+            } else {
+                // 对于样式，可以使用 nonce 或 hash 替代 unsafe-inline
+                const styleSrc = [
+                    "'self'"
+                ];
+                if (allowUnsafeInline) {
+                    styleSrc.push("'unsafe-inline'");
+                }
+                directives.push(`style-src ${styleSrc.join(' ')}`);
+            }
+            if (config?.imgSrc) {
+                directives.push(`img-src ${config.imgSrc.join(' ')}`);
+            } else {
+                directives.push("img-src 'self' data: https:");
+            }
+            if (config?.connectSrc) {
+                directives.push(`connect-src ${config.connectSrc.join(' ')}`);
+            } else {
+                directives.push("connect-src 'self'");
+            }
+            if (config?.fontSrc) {
+                directives.push(`font-src ${config.fontSrc.join(' ')}`);
+            } else {
+                directives.push("font-src 'self' data:");
+            }
+            if (config?.frameSrc) {
+                directives.push(`frame-src ${config.frameSrc.join(' ')}`);
+            } else {
+                directives.push("frame-src 'none'");
+            }
+            return directives.join('; ');
+        }
+        /**
+       * 转义 HTML 特殊字符
+       */ static escapeHTML(text) {
+            const map = {
+                '&': '&amp;',
+                '<': '&lt;',
+                '>': '&gt;',
+                '"': '&quot;',
+                "'": '&#039;'
+            };
+            return text.replace(/[&<>"']/g, (char)=>map[char]);
+        }
+        /**
+       * 验证输入是否安全
+       */ static validateInput(input) {
+            if (typeof input !== 'string') {
+                return {
+                    safe: true
+                };
+            }
+            if (this.containsDangerousContent(input)) {
+                return {
+                    safe: false,
+                    sanitized: this.sanitizeText(input),
+                    reason: '包含潜在的危险内容'
+                };
+            }
+            // 检查是否包含敏感数据模式
+            if (this.containsSensitiveData(input)) {
+                return {
+                    safe: false,
+                    sanitized: this.sanitizeText(input),
+                    reason: '可能包含敏感信息'
+                };
+            }
+            return {
+                safe: true,
+                sanitized: input
+            };
+        }
+        /**
+       * 深度脱敏处理（递归处理嵌套对象）
+       */ static deepSanitize(data, maxDepth = 10, currentDepth = 0) {
+            if (currentDepth >= maxDepth) {
+                return '***'; // 防止无限递归
+            }
+            if (data === null || data === undefined) {
+                return data;
+            }
+            if (typeof data === 'string') {
+                if (this.containsDangerousContent(data) || this.containsSensitiveData(data)) {
+                    return this.sanitizeText(data);
+                }
+                return data;
+            }
+            if (typeof data === 'number' || typeof data === 'boolean') {
+                return data;
+            }
+            if (Array.isArray(data)) {
+                return data.map((item)=>this.deepSanitize(item, maxDepth, currentDepth + 1));
+            }
+            if (typeof data === 'object') {
+                const sanitized = {};
+                for (const [key, value] of Object.entries(data)){
+                    if (this.isSensitiveField(key)) {
+                        sanitized[key] = '***';
+                    } else {
+                        sanitized[key] = this.deepSanitize(value, maxDepth, currentDepth + 1);
+                    }
+                }
+                return sanitized;
+            }
+            return data;
+        }
+    }
+
+    function _define_property$2(obj, key, value) {
+        if (key in obj) {
+            Object.defineProperty(obj, key, {
+                value: value,
+                enumerable: true,
+                configurable: true,
+                writable: true
+            });
+        } else {
+            obj[key] = value;
+        }
+        return obj;
+    }
+    /**
+     * 日志追踪 ID 生成器
+     * 用于生成唯一的请求追踪 ID，便于日志关联和问题排查
+     */ /**
+     * 追踪 ID 生成器
+     */ class TraceIdGenerator {
+        /**
+       * 获取单例实例
+       */ static getInstance(prefix) {
+            if (!TraceIdGenerator.instance) {
+                TraceIdGenerator.instance = new TraceIdGenerator(prefix);
+            }
+            return TraceIdGenerator.instance;
+        }
+        /**
+       * 生成追踪 ID
+       */ generate() {
+            const timestamp = Date.now();
+            const random = Math.random().toString(36).substring(2, 9);
+            const counter = (this.counter++).toString(36).padStart(4, '0');
+            const parts = [
+                timestamp.toString(36),
+                random,
+                counter
+            ];
+            if (this.prefix) {
+                parts.unshift(this.prefix);
+            }
+            return parts.join('-');
+        }
+        /**
+       * 从字符串解析追踪 ID（用于验证）
+       */ static parse(traceId) {
+            const parts = traceId.split('-');
+            if (parts.length < 3) {
+                return null;
+            }
+            try {
+                const timestamp = parseInt(parts[parts.length - 3], 36);
+                const random = parts[parts.length - 2];
+                const counter = parseInt(parts[parts.length - 1], 36);
+                return {
+                    prefix: parts.length > 3 ? parts.slice(0, -3).join('-') : undefined,
+                    timestamp,
+                    random,
+                    counter
+                };
+            } catch  {
+                return null;
+            }
+        }
+        constructor(prefix = ''){
+            _define_property$2(this, "counter", 0);
+            _define_property$2(this, "prefix", void 0);
+            this.prefix = prefix;
+        }
+    }
+    _define_property$2(TraceIdGenerator, "instance", null);
+
+    function _define_property$1(obj, key, value) {
+        if (key in obj) {
+            Object.defineProperty(obj, key, {
+                value: value,
+                enumerable: true,
+                configurable: true,
+                writable: true
+            });
+        } else {
+            obj[key] = value;
+        }
+        return obj;
+    }
+    /**
+     * 检测运行环境是否为浏览器
+     */ const isBrowser = ()=>{
+        return typeof window !== 'undefined' && typeof window.document !== 'undefined';
+    };
+    /**
+     * ANSI 颜色代码（用于 Node.js 环境）
+     */ const ANSI_COLORS = {
+        reset: '\x1b[0m',
+        bright: '\x1b[1m',
+        dim: '\x1b[2m',
+        red: '\x1b[31m',
+        yellow: '\x1b[33m',
+        cyan: '\x1b[36m',
+        white: '\x1b[37m'};
+    /**
+     * 浏览器控制台样式（用于浏览器环境）
+     */ const BROWSER_STYLES = {
+        debug: 'color: #888; font-weight: normal;',
+        info: 'color: #2196F3; font-weight: normal;',
+        warn: 'color: #FF9800; font-weight: bold;',
+        error: 'color: #F44336; font-weight: bold;'
+    };
+    /**
+     * 日志级别对应的颜色配置
+     */ const LEVEL_COLORS = {
+        [LogLevel.DEBUG]: {
+            node: ANSI_COLORS.dim + ANSI_COLORS.white,
+            browser: BROWSER_STYLES.debug
+        },
+        [LogLevel.INFO]: {
+            node: ANSI_COLORS.cyan,
+            browser: BROWSER_STYLES.info
+        },
+        [LogLevel.WARN]: {
+            node: ANSI_COLORS.yellow,
+            browser: BROWSER_STYLES.warn
+        },
+        [LogLevel.ERROR]: {
+            node: ANSI_COLORS.red + ANSI_COLORS.bright,
+            browser: BROWSER_STYLES.error
+        },
+        [LogLevel.NONE]: {
+            node: '',
+            browser: ''
+        }
+    };
+    /**
+     * 日志级别标签
+     */ const LEVEL_LABELS = {
+        [LogLevel.DEBUG]: 'DEBUG',
+        [LogLevel.INFO]: 'INFO',
+        [LogLevel.WARN]: 'WARN',
+        [LogLevel.ERROR]: 'ERROR',
+        [LogLevel.NONE]: ''
+    };
+    /**
+     * Logger 类
+     */ let Logger = class Logger {
+        /**
+       * 设置日志级别
+       */ setLevel(level) {
+            this.level = level;
+        }
+        /**
+       * 获取当前日志级别
+       */ getLevel() {
+            return this.level;
+        }
+        /**
+       * 格式化时间戳
+       */ formatTimestamp() {
+            const now = new Date();
+            const year = now.getFullYear();
+            const month = String(now.getMonth() + 1).padStart(2, '0');
+            const day = String(now.getDate()).padStart(2, '0');
+            const hours = String(now.getHours()).padStart(2, '0');
+            const minutes = String(now.getMinutes()).padStart(2, '0');
+            const seconds = String(now.getSeconds()).padStart(2, '0');
+            const milliseconds = String(now.getMilliseconds()).padStart(3, '0');
+            return `${year}-${month}-${day} ${hours}:${minutes}:${seconds}.${milliseconds}`;
+        }
+        /**
+       * 构建日志前缀
+       */ buildPrefix(logLevel) {
+            const parts = [];
+            if (this.showTimestamp) {
+                parts.push(`[${this.formatTimestamp()}]`);
+            }
+            if (this.showLevel) {
+                parts.push(`[${LEVEL_LABELS[logLevel]}]`);
+            }
+            if (this.prefix) {
+                parts.push(`[${this.prefix}]`);
+            }
+            return parts.join(' ');
+        }
+        /**
+       * 输出日志（Node.js 环境）
+       */ logNode(level, ...args) {
+            if (level < this.level) {
+                return;
+            }
+            const prefix = this.buildPrefix(level);
+            const colorConfig = LEVEL_COLORS[level];
+            const reset = this.enableColors ? ANSI_COLORS.reset : '';
+            if (this.enableColors && colorConfig.node) {
+                console.log(`${colorConfig.node}${prefix}${reset}`, ...args);
+            } else {
+                console.log(prefix, ...args);
+            }
+        }
+        /**
+       * 输出日志（浏览器环境）
+       */ logBrowser(level, ...args) {
+            if (level < this.level) {
+                return;
+            }
+            const prefix = this.buildPrefix(level);
+            const colorConfig = LEVEL_COLORS[level];
+            if (this.enableColors && colorConfig.browser) {
+                console.log(`%c${prefix}`, colorConfig.browser, ...args);
+            } else {
+                console.log(prefix, ...args);
+            }
+        }
+        /**
+       * 脱敏处理
+       */ sanitizeValue(value) {
+            if (!this.enableSanitization) {
+                return value;
+            }
+            if (typeof value === 'string') {
+                // 检查是否包含敏感内容
+                if (SecurityUtils.containsDangerousContent(value)) {
+                    return SecurityUtils.sanitizeText(value);
+                }
+                return value;
+            }
+            if (value && typeof value === 'object') {
+                if (Array.isArray(value)) {
+                    return value.map((item)=>this.sanitizeValue(item));
+                }
+                const sanitized = {};
+                for (const [key, val] of Object.entries(value)){
+                    // 检查是否为敏感字段
+                    if (SecurityUtils.isSensitiveField(key)) {
+                        sanitized[key] = '***';
+                    } else {
+                        sanitized[key] = this.sanitizeValue(val);
+                    }
+                }
+                return sanitized;
+            }
+            return value;
+        }
+        /**
+       * 处理日志参数（脱敏、过滤等）
+       */ processLogArgs(...args) {
+            // 生产环境自动禁用 DEBUG 级别
+            if (this.isProduction && this.level === LogLevel.DEBUG) {
+                return [];
+            }
+            return args.map((arg)=>this.sanitizeValue(arg));
+        }
+        /**
+       * 设置日志格式
+       */ setFormat(format) {
+            this.format = format;
+        }
+        /**
+       * 设置日志上下文
+       */ setContext(context) {
+            this.context = {
+                ...this.context,
+                ...context
+            };
+        }
+        /**
+       * 更新日志上下文
+       */ updateContext(context) {
+            this.context = {
+                ...this.context,
+                ...context
+            };
+        }
+        /**
+       * 获取日志上下文
+       */ getContext() {
+            return {
+                ...this.context
+            };
+        }
+        /**
+       * 清除日志上下文
+       */ clearContext() {
+            this.context = {};
+        }
+        /**
+       * 注册日志处理器（用于日志聚合）
+       */ addLogHandler(handler) {
+            this.logHandlers.push(handler);
+            return ()=>{
+                const index = this.logHandlers.indexOf(handler);
+                if (index > -1) {
+                    this.logHandlers.splice(index, 1);
+                }
+            };
+        }
+        /**
+       * 创建结构化日志条目
+       */ createStructuredEntry(level, message, data) {
+            const entry = {
+                timestamp: new Date().toISOString(),
+                level,
+                message,
+                context: {
+                    ...this.context,
+                    traceId: this.context.traceId
+                },
+                source: this.prefix || 'framework'
+            };
+            if (data !== undefined) {
+                entry.data = this.sanitizeValue(data);
+            }
+            // 如果是错误，提取堆栈信息
+            if (data instanceof Error) {
+                entry.stack = data.stack;
+                entry.message = data.message || message;
+            }
+            return entry;
+        }
+        /**
+       * 输出结构化日志
+       */ outputStructured(entry) {
+            // 调用日志处理器
+            this.logHandlers.forEach((handler)=>{
+                try {
+                    handler(entry);
+                } catch (error) {
+                // 忽略处理器错误，避免循环
+                }
+            });
+            // 根据格式输出
+            if (this.format === "json") {
+                console.log(JSON.stringify(entry));
+            } else if (this.format === "structured") {
+                console.log(entry);
+            } else {
+                // TEXT 格式使用原有输出方式
+                const args = entry.data !== undefined ? [
+                    entry.data
+                ] : [];
+                if (isBrowser()) {
+                    this.logBrowser(entry.level, entry.message, ...args);
+                } else {
+                    this.logNode(entry.level, entry.message, ...args);
+                }
+            }
+        }
+        /**
+       * 通用日志输出方法
+       */ log(level, ...args) {
+            if (level < this.level) {
+                return;
+            }
+            const processedArgs = this.processLogArgs(...args);
+            // 如果处理后没有参数（被过滤），则不输出
+            if (processedArgs.length === 0) {
+                return;
+            }
+            // 提取消息和数据
+            const message = typeof processedArgs[0] === 'string' ? processedArgs[0] : 'Log message';
+            const data = processedArgs.length > 1 ? processedArgs.slice(1) : typeof processedArgs[0] === 'string' ? undefined : processedArgs[0];
+            // 创建结构化日志条目
+            const entry = this.createStructuredEntry(level, message, data);
+            // 输出日志
+            this.outputStructured(entry);
+        }
+        /**
+       * 输出 DEBUG 级别日志
+       */ debug(...args) {
+            this.log(LogLevel.DEBUG, ...args);
+        }
+        /**
+       * 输出 INFO 级别日志
+       */ info(...args) {
+            this.log(LogLevel.INFO, ...args);
+        }
+        /**
+       * 输出 WARN 级别日志
+       */ warn(...args) {
+            this.log(LogLevel.WARN, ...args);
+        }
+        /**
+       * 输出 ERROR 级别日志
+       */ error(...args) {
+            this.log(LogLevel.ERROR, ...args);
+        }
+        constructor(options = {}){
+            _define_property$1(this, "level", void 0);
+            _define_property$1(this, "enableColors", void 0);
+            _define_property$1(this, "showTimestamp", void 0);
+            _define_property$1(this, "showLevel", void 0);
+            _define_property$1(this, "prefix", void 0);
+            _define_property$1(this, "enableSanitization", void 0);
+            _define_property$1(this, "isProduction", void 0);
+            _define_property$1(this, "format", void 0);
+            _define_property$1(this, "context", {});
+            _define_property$1(this, "logHandlers", []);
+            this.level = options.level ?? LogLevel.INFO;
+            this.enableColors = options.enableColors ?? true;
+            this.showTimestamp = options.showTimestamp ?? true;
+            this.showLevel = options.showLevel ?? true;
+            this.prefix = options.prefix ?? '';
+            this.enableSanitization = options.enableSanitization ?? true;
+            this.isProduction = typeof process !== 'undefined' && process.env.NODE_ENV === 'production';
+            this.format = options.format ?? "text";
+            this.context = options.context ?? {};
+        }
+    };
+    /**
+     * 创建 Logger 实例
+     */ const createLogger = (options)=>{
+        return new Logger(options);
+    };
+    /**
+     * 默认 Logger 实例
+     */ const logger = createLogger();
+
+    function _define_property(obj, key, value) {
+        if (key in obj) {
+            Object.defineProperty(obj, key, {
+                value: value,
+                enumerable: true,
+                configurable: true,
+                writable: true
+            });
+        } else {
+            obj[key] = value;
+        }
+        return obj;
+    }
+    /**
+     * 分析服务类
+     */ class AnalyticsService {
+        /**
+       * 启动批量上报定时器
+       */ startBatchTimer() {
+            if (this.batchTimer) {
+                return;
+            }
+            this.batchTimer = setInterval(()=>{
+                this.flush();
+            }, this.config.batchInterval);
+        }
+        /**
+       * 停止批量上报定时器
+       */ stopBatchTimer() {
+            if (this.batchTimer) {
+                clearInterval(this.batchTimer);
+                this.batchTimer = null;
+            }
+        }
+        /**
+       * 记录事件
+       */ track(event) {
+            if (!this.config.enabled) {
+                return;
+            }
+            // 采样检查
+            if (Math.random() > this.config.sampleRate) {
+                return;
+            }
+            // 匿名化处理
+            const anonymizedEvent = {
+                ...event,
+                timestamp: Date.now(),
+                properties: this.anonymizeProperties(event.properties)
+            };
+            // 添加到队列
+            this.eventQueue.push(anonymizedEvent);
+            // 立即上报单个事件
+            if (this.config.onEvent) {
+                this.config.onEvent(anonymizedEvent);
+            }
+            // 检查是否需要批量上报
+            if (this.eventQueue.length >= this.config.batchSize) {
+                this.flush();
+            }
+        }
+        /**
+       * 记录页面浏览
+       */ trackPageView(page, properties) {
+            this.track({
+                type: 'pageview',
+                name: 'page_view',
+                properties: {
+                    page,
+                    ...properties
+                }
+            });
+        }
+        /**
+       * 记录点击事件
+       */ trackClick(element, properties) {
+            this.track({
+                type: 'click',
+                name: 'click',
+                properties: {
+                    element,
+                    ...properties
+                }
+            });
+        }
+        /**
+       * 记录自定义事件
+       */ trackCustom(name, properties) {
+            this.track({
+                type: 'custom',
+                name,
+                properties
+            });
+        }
+        /**
+       * 记录错误事件
+       */ trackError(error, properties) {
+            this.track({
+                type: 'error',
+                name: 'error',
+                properties: {
+                    errorName: error.name,
+                    errorMessage: error.message,
+                    errorStack: error.stack,
+                    ...properties
+                }
+            });
+        }
+        /**
+       * 记录性能事件
+       */ trackPerformance(metrics, properties) {
+            this.track({
+                type: 'performance',
+                name: 'performance',
+                properties: {
+                    ...metrics,
+                    ...properties
+                }
+            });
+        }
+        /**
+       * 匿名化属性（使用深度脱敏）
+       */ anonymizeProperties(properties) {
+            if (!this.config.anonymize || !properties) {
+                return properties;
+            }
+            // 使用深度脱敏处理
+            return SecurityUtils.deepSanitize(properties);
+        }
+        /**
+       * 刷新队列（批量上报）
+       */ flush() {
+            if (this.eventQueue.length === 0) {
+                return;
+            }
+            const events = [
+                ...this.eventQueue
+            ];
+            this.eventQueue = [];
+            if (this.config.onBatch) {
+                this.config.onBatch(events);
+            }
+            logger.debug(`分析服务批量上报 ${events.length} 个事件`);
+        }
+        /**
+       * 启用分析
+       */ enable() {
+            this.config.enabled = true;
+            this.startBatchTimer();
+        }
+        /**
+       * 禁用分析
+       */ disable() {
+            this.config.enabled = false;
+            this.stopBatchTimer();
+            this.flush();
+        }
+        /**
+       * 销毁服务
+       */ destroy() {
+            this.stopBatchTimer();
+            this.flush();
+        }
+        constructor(config = {}){
+            _define_property(this, "config", void 0);
+            _define_property(this, "eventQueue", []);
+            _define_property(this, "batchTimer", null);
+            this.config = {
+                enabled: config.enabled ?? true,
+                sampleRate: config.sampleRate ?? 1.0,
+                anonymize: config.anonymize ?? true,
+                onEvent: config.onEvent ?? (()=>{}),
+                onBatch: config.onBatch ?? (()=>{}),
+                batchSize: config.batchSize ?? 10,
+                batchInterval: config.batchInterval ?? 5000
+            };
+            if (this.config.enabled) {
+                this.startBatchTimer();
+            }
+        }
+    }
+    /**
+     * 默认分析服务实例
+     */ let defaultAnalyticsService = null;
+    /**
+     * 初始化默认分析服务
+     */ function initAnalytics(config) {
+        if (!defaultAnalyticsService) {
+            defaultAnalyticsService = new AnalyticsService(config);
+        }
+        return defaultAnalyticsService;
+    }
+    /**
+     * 获取默认分析服务
+     */ function getAnalytics() {
+        if (!defaultAnalyticsService) {
+            return initAnalytics();
+        }
+        return defaultAnalyticsService;
+    }
+
+    exports.AnalyticsService = AnalyticsService;
+    exports.getAnalytics = getAnalytics;
+    exports.initAnalytics = initAnalytics;
+
+}));
+//# sourceMappingURL=analytics.umd.js.map