@wooksjs/event-http 0.5.25 → 0.6.0

package/dist/index.cjs

@@ -24,6 +24,9 @@ var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__ge
 //#endregion
 const __wooksjs_event_core = __toESM(require("@wooksjs/event-core"));
 const buffer = __toESM(require("buffer"));
+const node_stream = __toESM(require("node:stream"));
+const node_util = __toESM(require("node:util"));
+const node_zlib = __toESM(require("node:zlib"));
 const url = __toESM(require("url"));
 const http = __toESM(require("http"));
 const wooks = __toESM(require("wooks"));
@@ -104,26 +107,417 @@ const cookieAttrFunc = {
 	sameSite: (v) => v ? `SameSite=${typeof v === "string" ? v : "Strict"}` : ""
 };
 
+//#endregion
+//#region packages/event-http/src/compressor/body-compressor.ts
+const compressors = { identity: {
+	compress: (v) => v,
+	uncompress: (v) => v,
+	stream: {
+		compress: (data) => data,
+		uncompress: (data) => data
+	}
+} };
+function encodingSupportsStream(encodings) {
+	return encodings.every((enc) => compressors[enc]?.stream);
+}
+async function uncompressBody(encodings, compressed) {
+	let buf = compressed;
+	for (const enc of encodings.slice().reverse()) {
+		const c = compressors[enc];
+		if (!c) throw new Error(`Unsupported compression type "${enc}".`);
+		buf = await c.uncompress(buf);
+	}
+	return buf;
+}
+async function uncompressBodyStream(encodings, src) {
+	if (!encodingSupportsStream(encodings)) throw new Error("Some encodings lack a streaming decompressor");
+	let out = src;
+	for (const enc of Array.from(encodings).reverse()) out = await compressors[enc].stream.uncompress(out);
+	return out;
+}
+
+//#endregion
+//#region packages/event-http/src/compressor/zlib-compressors.ts
+const pipeline = node_stream.pipeline;
+function iterableToReadable(src) {
+	return node_stream.Readable.from(src, { objectMode: false });
+}
+function pump(src, transform) {
+	pipeline(iterableToReadable(src), transform, (err) => {
+		if (err) transform.destroy(err);
+	});
+	return transform;
+}
+function addStreamCodec(name, createDeflater, createInflater) {
+	const c = compressors[name] ?? (compressors[name] = {
+		compress: (v) => v,
+		uncompress: (v) => v
+	});
+	c.stream = {
+		compress: async (src) => pump(src, createDeflater()),
+		uncompress: async (src) => pump(src, createInflater())
+	};
+}
+addStreamCodec("gzip", node_zlib.createGzip, node_zlib.createGunzip);
+addStreamCodec("deflate", node_zlib.createDeflate, node_zlib.createInflate);
+addStreamCodec("br", node_zlib.createBrotliCompress, node_zlib.createBrotliDecompress);
+let zp;
+async function zlib() {
+	if (!zp) {
+		const { gzip, gunzip, deflate, inflate, brotliCompress, brotliDecompress } = await import("node:zlib");
+		zp = {
+			gzip: (0, node_util.promisify)(gzip),
+			gunzip: (0, node_util.promisify)(gunzip),
+			deflate: (0, node_util.promisify)(deflate),
+			inflate: (0, node_util.promisify)(inflate),
+			brotliCompress: (0, node_util.promisify)(brotliCompress),
+			brotliDecompress: (0, node_util.promisify)(brotliDecompress)
+		};
+	}
+	return zp;
+}
+compressors.gzip.compress = async (b) => (await zlib()).gzip(b);
+compressors.gzip.uncompress = async (b) => (await zlib()).gunzip(b);
+compressors.deflate.compress = async (b) => (await zlib()).deflate(b);
+compressors.deflate.uncompress = async (b) => (await zlib()).inflate(b);
+compressors.br.compress = async (b) => (await zlib()).brotliCompress(b);
+compressors.br.uncompress = async (b) => (await zlib()).brotliDecompress(b);
+
+//#endregion
+//#region packages/event-http/src/response/renderer.ts
+var BaseHttpResponseRenderer = class {
+	render(response) {
+		if (typeof response.body === "string" || typeof response.body === "boolean" || typeof response.body === "number") {
+			if (!response.getContentType()) response.setContentType("text/plain");
+			return response.body.toString();
+		}
+		if (response.body === undefined) return "";
+		if (response.body instanceof Uint8Array) return response.body;
+		if (typeof response.body === "object") {
+			if (!response.getContentType()) response.setContentType("application/json");
+			return JSON.stringify(response.body);
+		}
+		throw new Error(`Unsupported body format "${typeof response.body}"`);
+	}
+};
+
+//#endregion
+//#region packages/event-http/src/utils/status-codes.ts
+const httpStatusCodes = {
+	100: "Continue",
+	101: "Switching protocols",
+	102: "Processing",
+	103: "Early Hints",
+	200: "OK",
+	201: "Created",
+	202: "Accepted",
+	203: "Non-Authoritative Information",
+	204: "No Content",
+	205: "Reset Content",
+	206: "Partial Content",
+	207: "Multi-Status",
+	208: "Already Reported",
+	226: "IM Used",
+	300: "Multiple Choices",
+	301: "Moved Permanently",
+	302: "Found (Previously \"Moved Temporarily\")",
+	303: "See Other",
+	304: "Not Modified",
+	305: "Use Proxy",
+	306: "Switch Proxy",
+	307: "Temporary Redirect",
+	308: "Permanent Redirect",
+	400: "Bad Request",
+	401: "Unauthorized",
+	402: "Payment Required",
+	403: "Forbidden",
+	404: "Not Found",
+	405: "Method Not Allowed",
+	406: "Not Acceptable",
+	407: "Proxy Authentication Required",
+	408: "Request Timeout",
+	409: "Conflict",
+	410: "Gone",
+	411: "Length Required",
+	412: "Precondition Failed",
+	413: "Payload Too Large",
+	414: "URI Too Long",
+	415: "Unsupported Media Type",
+	416: "Range Not Satisfiable",
+	417: "Expectation Failed",
+	418: "I'm a Teapot",
+	421: "Misdirected Request",
+	422: "Unprocessable Entity",
+	423: "Locked",
+	424: "Failed Dependency",
+	425: "Too Early",
+	426: "Upgrade Required",
+	428: "Precondition Required",
+	429: "Too Many Requests",
+	431: "Request Header Fields Too Large",
+	451: "Unavailable For Legal Reasons",
+	500: "Internal Server Error",
+	501: "Not Implemented",
+	502: "Bad Gateway",
+	503: "Service Unavailable",
+	504: "Gateway Timeout",
+	505: "HTTP Version Not Supported",
+	506: "Variant Also Negotiates",
+	507: "Insufficient Storage",
+	508: "Loop Detected",
+	510: "Not Extended",
+	511: "Network Authentication Required"
+};
+let EHttpStatusCode = function(EHttpStatusCode$1) {
+	EHttpStatusCode$1[EHttpStatusCode$1["Continue"] = 100] = "Continue";
+	EHttpStatusCode$1[EHttpStatusCode$1["SwitchingProtocols"] = 101] = "SwitchingProtocols";
+	EHttpStatusCode$1[EHttpStatusCode$1["Processing"] = 102] = "Processing";
+	EHttpStatusCode$1[EHttpStatusCode$1["EarlyHints"] = 103] = "EarlyHints";
+	EHttpStatusCode$1[EHttpStatusCode$1["OK"] = 200] = "OK";
+	EHttpStatusCode$1[EHttpStatusCode$1["Created"] = 201] = "Created";
+	EHttpStatusCode$1[EHttpStatusCode$1["Accepted"] = 202] = "Accepted";
+	EHttpStatusCode$1[EHttpStatusCode$1["NonAuthoritativeInformation"] = 203] = "NonAuthoritativeInformation";
+	EHttpStatusCode$1[EHttpStatusCode$1["NoContent"] = 204] = "NoContent";
+	EHttpStatusCode$1[EHttpStatusCode$1["ResetContent"] = 205] = "ResetContent";
+	EHttpStatusCode$1[EHttpStatusCode$1["PartialContent"] = 206] = "PartialContent";
+	EHttpStatusCode$1[EHttpStatusCode$1["MultiStatus"] = 207] = "MultiStatus";
+	EHttpStatusCode$1[EHttpStatusCode$1["AlreadyReported"] = 208] = "AlreadyReported";
+	EHttpStatusCode$1[EHttpStatusCode$1["IMUsed"] = 226] = "IMUsed";
+	EHttpStatusCode$1[EHttpStatusCode$1["MultipleChoices"] = 300] = "MultipleChoices";
+	EHttpStatusCode$1[EHttpStatusCode$1["MovedPermanently"] = 301] = "MovedPermanently";
+	EHttpStatusCode$1[EHttpStatusCode$1["Found"] = 302] = "Found";
+	EHttpStatusCode$1[EHttpStatusCode$1["SeeOther"] = 303] = "SeeOther";
+	EHttpStatusCode$1[EHttpStatusCode$1["NotModified"] = 304] = "NotModified";
+	EHttpStatusCode$1[EHttpStatusCode$1["UseProxy"] = 305] = "UseProxy";
+	EHttpStatusCode$1[EHttpStatusCode$1["SwitchProxy"] = 306] = "SwitchProxy";
+	EHttpStatusCode$1[EHttpStatusCode$1["TemporaryRedirect"] = 307] = "TemporaryRedirect";
+	EHttpStatusCode$1[EHttpStatusCode$1["PermanentRedirect"] = 308] = "PermanentRedirect";
+	EHttpStatusCode$1[EHttpStatusCode$1["BadRequest"] = 400] = "BadRequest";
+	EHttpStatusCode$1[EHttpStatusCode$1["Unauthorized"] = 401] = "Unauthorized";
+	EHttpStatusCode$1[EHttpStatusCode$1["PaymentRequired"] = 402] = "PaymentRequired";
+	EHttpStatusCode$1[EHttpStatusCode$1["Forbidden"] = 403] = "Forbidden";
+	EHttpStatusCode$1[EHttpStatusCode$1["NotFound"] = 404] = "NotFound";
+	EHttpStatusCode$1[EHttpStatusCode$1["MethodNotAllowed"] = 405] = "MethodNotAllowed";
+	EHttpStatusCode$1[EHttpStatusCode$1["NotAcceptable"] = 406] = "NotAcceptable";
+	EHttpStatusCode$1[EHttpStatusCode$1["ProxyAuthenticationRequired"] = 407] = "ProxyAuthenticationRequired";
+	EHttpStatusCode$1[EHttpStatusCode$1["RequestTimeout"] = 408] = "RequestTimeout";
+	EHttpStatusCode$1[EHttpStatusCode$1["Conflict"] = 409] = "Conflict";
+	EHttpStatusCode$1[EHttpStatusCode$1["Gone"] = 410] = "Gone";
+	EHttpStatusCode$1[EHttpStatusCode$1["LengthRequired"] = 411] = "LengthRequired";
+	EHttpStatusCode$1[EHttpStatusCode$1["PreconditionFailed"] = 412] = "PreconditionFailed";
+	EHttpStatusCode$1[EHttpStatusCode$1["PayloadTooLarge"] = 413] = "PayloadTooLarge";
+	EHttpStatusCode$1[EHttpStatusCode$1["URITooLong"] = 414] = "URITooLong";
+	EHttpStatusCode$1[EHttpStatusCode$1["UnsupportedMediaType"] = 415] = "UnsupportedMediaType";
+	EHttpStatusCode$1[EHttpStatusCode$1["RangeNotSatisfiable"] = 416] = "RangeNotSatisfiable";
+	EHttpStatusCode$1[EHttpStatusCode$1["ExpectationFailed"] = 417] = "ExpectationFailed";
+	EHttpStatusCode$1[EHttpStatusCode$1["ImATeapot"] = 418] = "ImATeapot";
+	EHttpStatusCode$1[EHttpStatusCode$1["MisdirectedRequest"] = 421] = "MisdirectedRequest";
+	EHttpStatusCode$1[EHttpStatusCode$1["UnprocessableEntity"] = 422] = "UnprocessableEntity";
+	EHttpStatusCode$1[EHttpStatusCode$1["Locked"] = 423] = "Locked";
+	EHttpStatusCode$1[EHttpStatusCode$1["FailedDependency"] = 424] = "FailedDependency";
+	EHttpStatusCode$1[EHttpStatusCode$1["TooEarly"] = 425] = "TooEarly";
+	EHttpStatusCode$1[EHttpStatusCode$1["UpgradeRequired"] = 426] = "UpgradeRequired";
+	EHttpStatusCode$1[EHttpStatusCode$1["PreconditionRequired"] = 428] = "PreconditionRequired";
+	EHttpStatusCode$1[EHttpStatusCode$1["TooManyRequests"] = 429] = "TooManyRequests";
+	EHttpStatusCode$1[EHttpStatusCode$1["RequestHeaderFieldsTooLarge"] = 431] = "RequestHeaderFieldsTooLarge";
+	EHttpStatusCode$1[EHttpStatusCode$1["UnavailableForLegalReasons"] = 451] = "UnavailableForLegalReasons";
+	EHttpStatusCode$1[EHttpStatusCode$1["InternalServerError"] = 500] = "InternalServerError";
+	EHttpStatusCode$1[EHttpStatusCode$1["NotImplemented"] = 501] = "NotImplemented";
+	EHttpStatusCode$1[EHttpStatusCode$1["BadGateway"] = 502] = "BadGateway";
+	EHttpStatusCode$1[EHttpStatusCode$1["ServiceUnavailable"] = 503] = "ServiceUnavailable";
+	EHttpStatusCode$1[EHttpStatusCode$1["GatewayTimeout"] = 504] = "GatewayTimeout";
+	EHttpStatusCode$1[EHttpStatusCode$1["HTTPVersionNotSupported"] = 505] = "HTTPVersionNotSupported";
+	EHttpStatusCode$1[EHttpStatusCode$1["VariantAlsoNegotiates"] = 506] = "VariantAlsoNegotiates";
+	EHttpStatusCode$1[EHttpStatusCode$1["InsufficientStorage"] = 507] = "InsufficientStorage";
+	EHttpStatusCode$1[EHttpStatusCode$1["LoopDetected"] = 508] = "LoopDetected";
+	EHttpStatusCode$1[EHttpStatusCode$1["NotExtended"] = 510] = "NotExtended";
+	EHttpStatusCode$1[EHttpStatusCode$1["NetworkAuthenticationRequired"] = 511] = "NetworkAuthenticationRequired";
+	return EHttpStatusCode$1;
+}({});
+
+//#endregion
+//#region packages/event-http/src/errors/error-renderer.ts
+const preStyles = "font-family: monospace;width: 100%;max-width: 900px;padding: 10px;margin: 20px auto;border-radius: 8px;background-color: #494949;box-shadow: 0px 0px 3px 2px rgb(255 255 255 / 20%);";
+var HttpErrorRenderer = class extends BaseHttpResponseRenderer {
+	renderHtml(response) {
+		const data = response.body || {};
+		response.setContentType("text/html");
+		const keys = Object.keys(data).filter((key) => ![
+			"statusCode",
+			"error",
+			"message"
+		].includes(key));
+		return "<html style=\"background-color: #333; color: #bbb;\">" + `<head><title>${data.statusCode} ${httpStatusCodes[data.statusCode]}</title></head>` + `<body><center><h1>${data.statusCode} ${httpStatusCodes[data.statusCode]}</h1></center>` + `<center><h4>${data.message}</h1></center><hr color="#666">` + `<center style="color: #666;"> Wooks v${"0.5.25"} </center>` + `${keys.length > 0 ? `<pre style="${preStyles}">${JSON.stringify({
+			...data,
+			statusCode: undefined,
+			message: undefined,
+			error: undefined
+		}, null, "  ")}</pre>` : ""}` + "</body></html>";
+	}
+	renderText(response) {
+		const data = response.body || {};
+		response.setContentType("text/plain");
+		const keys = Object.keys(data).filter((key) => ![
+			"statusCode",
+			"error",
+			"message"
+		].includes(key));
+		return `${data.statusCode} ${httpStatusCodes[data.statusCode]}\n${data.message}` + `\n\n${keys.length > 0 ? `${JSON.stringify({
+			...data,
+			statusCode: undefined,
+			message: undefined,
+			error: undefined
+		}, null, "  ")}` : ""}`;
+	}
+	renderJson(response) {
+		const data = response.body || {};
+		response.setContentType("application/json");
+		const keys = Object.keys(data).filter((key) => ![
+			"statusCode",
+			"error",
+			"message"
+		].includes(key));
+		return `{"statusCode":${escapeQuotes(data.statusCode)},` + `"error":"${escapeQuotes(data.error)}",` + `"message":"${escapeQuotes(data.message)}"` + `${keys.length > 0 ? `,${keys.map((k) => `"${escapeQuotes(k)}":${JSON.stringify(data[k])}`).join(",")}` : ""}}`;
+	}
+	render(response) {
+		const { acceptsJson, acceptsText, acceptsHtml } = useAccept();
+		response.status = response.body?.statusCode || 500;
+		if (acceptsJson()) return this.renderJson(response);
+else if (acceptsHtml()) return this.renderHtml(response);
+else if (acceptsText()) return this.renderText(response);
+else return this.renderJson(response);
+	}
+};
+function escapeQuotes(s) {
+	return (typeof s === "number" ? s : s || "").toString().replace(/"/gu, "\\\"");
+}
+
+//#endregion
+//#region packages/event-http/src/errors/http-error.ts
+var HttpError = class extends Error {
+	name = "HttpError";
+	constructor(code = 500, _body = "") {
+		super(typeof _body === "string" ? _body : _body.message);
+		this.code = code;
+		this._body = _body;
+	}
+	get body() {
+		return typeof this._body === "string" ? {
+			statusCode: this.code,
+			message: this.message,
+			error: httpStatusCodes[this.code]
+		} : {
+			...this._body,
+			statusCode: this.code,
+			message: this.message,
+			error: httpStatusCodes[this.code]
+		};
+	}
+	renderer;
+	attachRenderer(renderer) {
+		this.renderer = renderer;
+	}
+	getRenderer() {
+		return this.renderer;
+	}
+};
+
 //#endregion
 //#region packages/event-http/src/composables/request.ts
 const xForwardedFor = "x-forwarded-for";
+const DEFAULT_LIMITS = {
+	maxCompressed: 1048576,
+	maxInflated: 10485760,
+	maxRatio: 100,
+	readTimeoutMs: 1e4
+};
 function useRequest() {
 	const { store } = useHttpContext();
-	const { init } = store("request");
+	const { init, get, set } = store("request");
 	const event = store("event");
 	const req = event.get("req");
-	const rawBody = () => init("rawBody", () => new Promise((resolve, reject) => {
-		let body = buffer.Buffer.from("");
-		req.on("data", (chunk) => {
-			body = buffer.Buffer.concat([body, chunk]);
-		});
-		req.on("error", (err) => {
-			reject(err);
-		});
-		req.on("end", () => {
-			resolve(body);
-		});
-	}));
+	const contentEncoding = req.headers["content-encoding"];
+	const contentEncodings = () => init("contentEncodings", () => (contentEncoding || "").split(",").map((p) => p.trim()).filter((p) => !!p));
+	const isCompressed = () => init("isCompressed", () => {
+		const parts = contentEncodings();
+		for (const p of parts) if ([
+			"deflate",
+			"gzip",
+			"br"
+		].includes(p)) return true;
+		return false;
+	});
+	const getMaxCompressed = () => get("maxCompressed") ?? DEFAULT_LIMITS.maxCompressed;
+	const setMaxCompressed = (limit) => set("maxCompressed", limit);
+	const getReadTimeoutMs = () => get("readTimeoutMs") ?? DEFAULT_LIMITS.readTimeoutMs;
+	const setReadTimeoutMs = (limit) => set("readTimeoutMs", limit);
+	const getMaxInflated = () => get("maxInflated") ?? DEFAULT_LIMITS.maxInflated;
+	const setMaxInflated = (limit) => set("maxInflated", limit);
+	const rawBody = () => init("rawBody", async () => {
+		const encs = contentEncodings();
+		const isZip = isCompressed();
+		const streamable = isZip && encodingSupportsStream(encs);
+		const maxCompressed = getMaxCompressed();
+		const maxInflated = getMaxInflated();
+		const timeoutMs = getReadTimeoutMs();
+		const cl = Number(req.headers["content-length"] ?? 0);
+		const upfrontLimit = isZip ? maxCompressed : maxInflated;
+		if (cl && cl > upfrontLimit) throw new HttpError(413, "Payload Too Large");
+		for (const enc of encs) if (!compressors[enc]) throw new HttpError(415, `Unsupported Content-Encoding "${enc}"`);
+		let timer = null;
+		function resetTimer() {
+			if (timeoutMs === 0) return;
+			clearTimer();
+			timer = setTimeout(() => {
+				clearTimer();
+				req.destroy();
+			}, timeoutMs);
+		}
+		function clearTimer() {
+			if (timer) {
+				clearTimeout(timer);
+				timer = null;
+			}
+		}
+		let rawBytes = 0;
+		async function* limitedCompressed() {
+			resetTimer();
+			try {
+				for await (const chunk of req) {
+					rawBytes += chunk.length;
+					if (rawBytes > upfrontLimit) {
+						req.destroy();
+						throw new HttpError(413, "Payload Too Large");
+					}
+					resetTimer();
+					yield chunk;
+				}
+			} finally {
+				clearTimer();
+			}
+		}
+		let stream$1 = limitedCompressed();
+		if (streamable) stream$1 = await uncompressBodyStream(encs, stream$1);
+		const chunks = [];
+		let inflatedBytes = 0;
+		try {
+			for await (const chunk of stream$1) {
+				inflatedBytes += chunk.length;
+				if (inflatedBytes > maxInflated) throw new HttpError(413, "Inflated body too large");
+				chunks.push(chunk);
+			}
+		} catch (error) {
+			if (error instanceof HttpError) throw error;
+			throw new HttpError(408, "Request body timeout");
+		}
+		let body = buffer.Buffer.concat(chunks);
+		if (!streamable && isZip) {
+			body = await uncompressBody(encs, body);
+			inflatedBytes = body.byteLength;
+			if (inflatedBytes > maxInflated) throw new HttpError(413, "Inflated body too large");
+		}
+		return body;
+	});
 	const reqId = (0, __wooksjs_event_core.useEventId)().getId;
 	const forwardedIp = () => init("forwardedIp", () => {
 		if (typeof req.headers[xForwardedFor] === "string" && req.headers[xForwardedFor]) return req.headers[xForwardedFor].split(",").shift()?.trim();
@@ -146,7 +540,14 @@ else return remoteIp();
 		rawBody,
 		reqId,
 		getIp,
-		getIpList
+		getIpList,
+		isCompressed,
+		getMaxCompressed,
+		setMaxCompressed,
+		getReadTimeoutMs,
+		setReadTimeoutMs,
+		getMaxInflated,
+		setMaxInflated
 	};
 }
 
@@ -387,11 +788,15 @@ function useStatus() {
 //#region packages/event-http/src/utils/url-search-params.ts
 var WooksURLSearchParams = class extends url.URLSearchParams {
 	toJson() {
-		const json = {};
+		const json = Object.create(null);
 		for (const [key, value] of this.entries()) if (isArrayParam(key)) {
 			const a = json[key] = json[key] || [];
 			a.push(value);
-		} else json[key] = value;
+		} else {
+			if (key === "__proto__") throw new HttpError(400, `Illegal key name "${key}"`);
+			if (key in json) throw new HttpError(400, `Duplicate key "${key}"`);
+			json[key] = value;
+		}
 		return json;
 	}
 };
@@ -417,245 +822,6 @@ function useSearchParams() {
 	};
 }
 
-//#endregion
-//#region packages/event-http/src/response/renderer.ts
-var BaseHttpResponseRenderer = class {
-	render(response) {
-		if (typeof response.body === "string" || typeof response.body === "boolean" || typeof response.body === "number") {
-			if (!response.getContentType()) response.setContentType("text/plain");
-			return response.body.toString();
-		}
-		if (response.body === undefined) return "";
-		if (response.body instanceof Uint8Array) return response.body;
-		if (typeof response.body === "object") {
-			if (!response.getContentType()) response.setContentType("application/json");
-			return JSON.stringify(response.body);
-		}
-		throw new Error(`Unsupported body format "${typeof response.body}"`);
-	}
-};
-
-//#endregion
-//#region packages/event-http/src/utils/status-codes.ts
-const httpStatusCodes = {
-	100: "Continue",
-	101: "Switching protocols",
-	102: "Processing",
-	103: "Early Hints",
-	200: "OK",
-	201: "Created",
-	202: "Accepted",
-	203: "Non-Authoritative Information",
-	204: "No Content",
-	205: "Reset Content",
-	206: "Partial Content",
-	207: "Multi-Status",
-	208: "Already Reported",
-	226: "IM Used",
-	300: "Multiple Choices",
-	301: "Moved Permanently",
-	302: "Found (Previously \"Moved Temporarily\")",
-	303: "See Other",
-	304: "Not Modified",
-	305: "Use Proxy",
-	306: "Switch Proxy",
-	307: "Temporary Redirect",
-	308: "Permanent Redirect",
-	400: "Bad Request",
-	401: "Unauthorized",
-	402: "Payment Required",
-	403: "Forbidden",
-	404: "Not Found",
-	405: "Method Not Allowed",
-	406: "Not Acceptable",
-	407: "Proxy Authentication Required",
-	408: "Request Timeout",
-	409: "Conflict",
-	410: "Gone",
-	411: "Length Required",
-	412: "Precondition Failed",
-	413: "Payload Too Large",
-	414: "URI Too Long",
-	415: "Unsupported Media Type",
-	416: "Range Not Satisfiable",
-	417: "Expectation Failed",
-	418: "I'm a Teapot",
-	421: "Misdirected Request",
-	422: "Unprocessable Entity",
-	423: "Locked",
-	424: "Failed Dependency",
-	425: "Too Early",
-	426: "Upgrade Required",
-	428: "Precondition Required",
-	429: "Too Many Requests",
-	431: "Request Header Fields Too Large",
-	451: "Unavailable For Legal Reasons",
-	500: "Internal Server Error",
-	501: "Not Implemented",
-	502: "Bad Gateway",
-	503: "Service Unavailable",
-	504: "Gateway Timeout",
-	505: "HTTP Version Not Supported",
-	506: "Variant Also Negotiates",
-	507: "Insufficient Storage",
-	508: "Loop Detected",
-	510: "Not Extended",
-	511: "Network Authentication Required"
-};
-let EHttpStatusCode = function(EHttpStatusCode$1) {
-	EHttpStatusCode$1[EHttpStatusCode$1["Continue"] = 100] = "Continue";
-	EHttpStatusCode$1[EHttpStatusCode$1["SwitchingProtocols"] = 101] = "SwitchingProtocols";
-	EHttpStatusCode$1[EHttpStatusCode$1["Processing"] = 102] = "Processing";
-	EHttpStatusCode$1[EHttpStatusCode$1["EarlyHints"] = 103] = "EarlyHints";
-	EHttpStatusCode$1[EHttpStatusCode$1["OK"] = 200] = "OK";
-	EHttpStatusCode$1[EHttpStatusCode$1["Created"] = 201] = "Created";
-	EHttpStatusCode$1[EHttpStatusCode$1["Accepted"] = 202] = "Accepted";
-	EHttpStatusCode$1[EHttpStatusCode$1["NonAuthoritativeInformation"] = 203] = "NonAuthoritativeInformation";
-	EHttpStatusCode$1[EHttpStatusCode$1["NoContent"] = 204] = "NoContent";
-	EHttpStatusCode$1[EHttpStatusCode$1["ResetContent"] = 205] = "ResetContent";
-	EHttpStatusCode$1[EHttpStatusCode$1["PartialContent"] = 206] = "PartialContent";
-	EHttpStatusCode$1[EHttpStatusCode$1["MultiStatus"] = 207] = "MultiStatus";
-	EHttpStatusCode$1[EHttpStatusCode$1["AlreadyReported"] = 208] = "AlreadyReported";
-	EHttpStatusCode$1[EHttpStatusCode$1["IMUsed"] = 226] = "IMUsed";
-	EHttpStatusCode$1[EHttpStatusCode$1["MultipleChoices"] = 300] = "MultipleChoices";
-	EHttpStatusCode$1[EHttpStatusCode$1["MovedPermanently"] = 301] = "MovedPermanently";
-	EHttpStatusCode$1[EHttpStatusCode$1["Found"] = 302] = "Found";
-	EHttpStatusCode$1[EHttpStatusCode$1["SeeOther"] = 303] = "SeeOther";
-	EHttpStatusCode$1[EHttpStatusCode$1["NotModified"] = 304] = "NotModified";
-	EHttpStatusCode$1[EHttpStatusCode$1["UseProxy"] = 305] = "UseProxy";
-	EHttpStatusCode$1[EHttpStatusCode$1["SwitchProxy"] = 306] = "SwitchProxy";
-	EHttpStatusCode$1[EHttpStatusCode$1["TemporaryRedirect"] = 307] = "TemporaryRedirect";
-	EHttpStatusCode$1[EHttpStatusCode$1["PermanentRedirect"] = 308] = "PermanentRedirect";
-	EHttpStatusCode$1[EHttpStatusCode$1["BadRequest"] = 400] = "BadRequest";
-	EHttpStatusCode$1[EHttpStatusCode$1["Unauthorized"] = 401] = "Unauthorized";
-	EHttpStatusCode$1[EHttpStatusCode$1["PaymentRequired"] = 402] = "PaymentRequired";
-	EHttpStatusCode$1[EHttpStatusCode$1["Forbidden"] = 403] = "Forbidden";
-	EHttpStatusCode$1[EHttpStatusCode$1["NotFound"] = 404] = "NotFound";
-	EHttpStatusCode$1[EHttpStatusCode$1["MethodNotAllowed"] = 405] = "MethodNotAllowed";
-	EHttpStatusCode$1[EHttpStatusCode$1["NotAcceptable"] = 406] = "NotAcceptable";
-	EHttpStatusCode$1[EHttpStatusCode$1["ProxyAuthenticationRequired"] = 407] = "ProxyAuthenticationRequired";
-	EHttpStatusCode$1[EHttpStatusCode$1["RequestTimeout"] = 408] = "RequestTimeout";
-	EHttpStatusCode$1[EHttpStatusCode$1["Conflict"] = 409] = "Conflict";
-	EHttpStatusCode$1[EHttpStatusCode$1["Gone"] = 410] = "Gone";
-	EHttpStatusCode$1[EHttpStatusCode$1["LengthRequired"] = 411] = "LengthRequired";
-	EHttpStatusCode$1[EHttpStatusCode$1["PreconditionFailed"] = 412] = "PreconditionFailed";
-	EHttpStatusCode$1[EHttpStatusCode$1["PayloadTooLarge"] = 413] = "PayloadTooLarge";
-	EHttpStatusCode$1[EHttpStatusCode$1["URITooLong"] = 414] = "URITooLong";
-	EHttpStatusCode$1[EHttpStatusCode$1["UnsupportedMediaType"] = 415] = "UnsupportedMediaType";
-	EHttpStatusCode$1[EHttpStatusCode$1["RangeNotSatisfiable"] = 416] = "RangeNotSatisfiable";
-	EHttpStatusCode$1[EHttpStatusCode$1["ExpectationFailed"] = 417] = "ExpectationFailed";
-	EHttpStatusCode$1[EHttpStatusCode$1["ImATeapot"] = 418] = "ImATeapot";
-	EHttpStatusCode$1[EHttpStatusCode$1["MisdirectedRequest"] = 421] = "MisdirectedRequest";
-	EHttpStatusCode$1[EHttpStatusCode$1["UnprocessableEntity"] = 422] = "UnprocessableEntity";
-	EHttpStatusCode$1[EHttpStatusCode$1["Locked"] = 423] = "Locked";
-	EHttpStatusCode$1[EHttpStatusCode$1["FailedDependency"] = 424] = "FailedDependency";
-	EHttpStatusCode$1[EHttpStatusCode$1["TooEarly"] = 425] = "TooEarly";
-	EHttpStatusCode$1[EHttpStatusCode$1["UpgradeRequired"] = 426] = "UpgradeRequired";
-	EHttpStatusCode$1[EHttpStatusCode$1["PreconditionRequired"] = 428] = "PreconditionRequired";
-	EHttpStatusCode$1[EHttpStatusCode$1["TooManyRequests"] = 429] = "TooManyRequests";
-	EHttpStatusCode$1[EHttpStatusCode$1["RequestHeaderFieldsTooLarge"] = 431] = "RequestHeaderFieldsTooLarge";
-	EHttpStatusCode$1[EHttpStatusCode$1["UnavailableForLegalReasons"] = 451] = "UnavailableForLegalReasons";
-	EHttpStatusCode$1[EHttpStatusCode$1["InternalServerError"] = 500] = "InternalServerError";
-	EHttpStatusCode$1[EHttpStatusCode$1["NotImplemented"] = 501] = "NotImplemented";
-	EHttpStatusCode$1[EHttpStatusCode$1["BadGateway"] = 502] = "BadGateway";
-	EHttpStatusCode$1[EHttpStatusCode$1["ServiceUnavailable"] = 503] = "ServiceUnavailable";
-	EHttpStatusCode$1[EHttpStatusCode$1["GatewayTimeout"] = 504] = "GatewayTimeout";
-	EHttpStatusCode$1[EHttpStatusCode$1["HTTPVersionNotSupported"] = 505] = "HTTPVersionNotSupported";
-	EHttpStatusCode$1[EHttpStatusCode$1["VariantAlsoNegotiates"] = 506] = "VariantAlsoNegotiates";
-	EHttpStatusCode$1[EHttpStatusCode$1["InsufficientStorage"] = 507] = "InsufficientStorage";
-	EHttpStatusCode$1[EHttpStatusCode$1["LoopDetected"] = 508] = "LoopDetected";
-	EHttpStatusCode$1[EHttpStatusCode$1["NotExtended"] = 510] = "NotExtended";
-	EHttpStatusCode$1[EHttpStatusCode$1["NetworkAuthenticationRequired"] = 511] = "NetworkAuthenticationRequired";
-	return EHttpStatusCode$1;
-}({});
-
-//#endregion
-//#region packages/event-http/src/errors/error-renderer.ts
-const preStyles = "font-family: monospace;width: 100%;max-width: 900px;padding: 10px;margin: 20px auto;border-radius: 8px;background-color: #494949;box-shadow: 0px 0px 3px 2px rgb(255 255 255 / 20%);";
-var HttpErrorRenderer = class extends BaseHttpResponseRenderer {
-	renderHtml(response) {
-		const data = response.body || {};
-		response.setContentType("text/html");
-		const keys = Object.keys(data).filter((key) => ![
-			"statusCode",
-			"error",
-			"message"
-		].includes(key));
-		return "<html style=\"background-color: #333; color: #bbb;\">" + `<head><title>${data.statusCode} ${httpStatusCodes[data.statusCode]}</title></head>` + `<body><center><h1>${data.statusCode} ${httpStatusCodes[data.statusCode]}</h1></center>` + `<center><h4>${data.message}</h1></center><hr color="#666">` + `<center style="color: #666;"> Wooks v${"0.5.24"} </center>` + `${keys.length > 0 ? `<pre style="${preStyles}">${JSON.stringify({
-			...data,
-			statusCode: undefined,
-			message: undefined,
-			error: undefined
-		}, null, "  ")}</pre>` : ""}` + "</body></html>";
-	}
-	renderText(response) {
-		const data = response.body || {};
-		response.setContentType("text/plain");
-		const keys = Object.keys(data).filter((key) => ![
-			"statusCode",
-			"error",
-			"message"
-		].includes(key));
-		return `${data.statusCode} ${httpStatusCodes[data.statusCode]}\n${data.message}` + `\n\n${keys.length > 0 ? `${JSON.stringify({
-			...data,
-			statusCode: undefined,
-			message: undefined,
-			error: undefined
-		}, null, "  ")}` : ""}`;
-	}
-	renderJson(response) {
-		const data = response.body || {};
-		response.setContentType("application/json");
-		const keys = Object.keys(data).filter((key) => ![
-			"statusCode",
-			"error",
-			"message"
-		].includes(key));
-		return `{"statusCode":${escapeQuotes(data.statusCode)},` + `"error":"${escapeQuotes(data.error)}",` + `"message":"${escapeQuotes(data.message)}"` + `${keys.length > 0 ? `,${keys.map((k) => `"${escapeQuotes(k)}":${JSON.stringify(data[k])}`).join(",")}` : ""}}`;
-	}
-	render(response) {
-		const { acceptsJson, acceptsText, acceptsHtml } = useAccept();
-		response.status = response.body?.statusCode || 500;
-		if (acceptsJson()) return this.renderJson(response);
-else if (acceptsHtml()) return this.renderHtml(response);
-else if (acceptsText()) return this.renderText(response);
-else return this.renderJson(response);
-	}
-};
-function escapeQuotes(s) {
-	return (typeof s === "number" ? s : s || "").toString().replace(/"/gu, "\\\"");
-}
-
-//#endregion
-//#region packages/event-http/src/errors/http-error.ts
-var HttpError = class extends Error {
-	name = "HttpError";
-	constructor(code = 500, _body = "") {
-		super(typeof _body === "string" ? _body : _body.message);
-		this.code = code;
-		this._body = _body;
-	}
-	get body() {
-		return typeof this._body === "string" ? {
-			statusCode: this.code,
-			message: this.message,
-			error: httpStatusCodes[this.code]
-		} : {
-			...this._body,
-			statusCode: this.code,
-			message: this.message,
-			error: httpStatusCodes[this.code]
-		};
-	}
-	renderer;
-	attachRenderer(renderer) {
-		this.renderer = renderer;
-	}
-	getRenderer() {
-		return this.renderer;
-	}
-};
-
 //#endregion
 //#region packages/event-http/src/response/core.ts
 const defaultStatus = {
@@ -993,6 +1159,7 @@ function createHttpApp(opts, wooks$1) {
 //#endregion
 exports.BaseHttpResponse = BaseHttpResponse
 exports.BaseHttpResponseRenderer = BaseHttpResponseRenderer
+exports.DEFAULT_LIMITS = DEFAULT_LIMITS
 exports.EHttpStatusCode = EHttpStatusCode
 exports.HttpError = HttpError
 exports.HttpErrorRenderer = HttpErrorRenderer