@wooksjs/event-http 0.7.2 → 0.7.4

package/dist/index.cjs

@@ -27,9 +27,9 @@ const node_stream = __toESM(require("node:stream"));
 const node_util = __toESM(require("node:util"));
 const node_zlib = __toESM(require("node:zlib"));
 const url = __toESM(require("url"));
-const stream = __toESM(require("stream"));
 const http = __toESM(require("http"));
 const wooks = __toESM(require("wooks"));
+const stream = __toESM(require("stream"));
 const net = __toESM(require("net"));
 
 //#region packages/event-http/src/http-kind.ts
@@ -658,491 +658,119 @@ const useUrlParams = (0, __wooksjs_event_core.defineWook)((ctx) => ({
 }));
 
 //#endregion
-//#region packages/event-http/src/utils/time.ts
-function convertTime(time, unit = "ms") {
-	if (typeof time === "number") return time / units[unit];
-	const rg = /(\d+)(\w+)/gu;
-	let t = 0;
-	let r;
-	while (r = rg.exec(time)) t += Number(r[1]) * (units[r[2]] || 0);
-	return t / units[unit];
+//#region packages/event-http/src/event-http.ts
+/** Creates an HTTP event context and runs `fn` inside it. */
+function createHttpContext(options, seeds, fn) {
+	return (0, __wooksjs_event_core.createEventContext)(options, httpKind, seeds, fn);
+}
+/** Returns the current HTTP event context. */
+function useHttpContext(ctx) {
+	return ctx ?? (0, __wooksjs_event_core.current)();
 }
-const units = {
-	ms: 1,
-	s: 1e3,
-	m: 1e3 * 60,
-	h: 1e3 * 60 * 60,
-	d: 1e3 * 60 * 60 * 24,
-	w: 1e3 * 60 * 60 * 24 * 7,
-	M: 1e3 * 60 * 60 * 24 * 30,
-	Y: 1e3 * 60 * 60 * 24 * 365
-};
 
 //#endregion
-//#region packages/event-http/src/utils/cache-control.ts
-/** Renders a `TCacheControl` object into a `Cache-Control` header string. */
-function renderCacheControl(data) {
-	let attrs = "";
-	for (const [a, v] of Object.entries(data)) {
-		if (v === void 0) continue;
-		const func = cacheControlFunc[a];
-		if (typeof func === "function") {
-			const val = func(v);
-			if (val) attrs += attrs ? `, ${val}` : val;
-		} else throw new TypeError(`Unknown Cache-Control attribute ${a}`);
-	}
-	return attrs;
+//#region packages/event-http/src/errors/403.tl.svg
+function _403_tl_default(ctx) {
+	return `<svg height="64" viewBox="0 4 100 96" fill="none" xmlns="http://www.w3.org/2000/svg" stroke="#888888" stroke-width="2">
+  <path d="M50 90.625C64.4042 87.1875 83.5751 69.8667 83.5751 48.6937V24.0854L50 9.375L16.425 24.0833V48.6937C16.425 69.8667 35.5959 87.1875 50 90.625Z" fill="#ff000050">
+    <animate attributeName="fill" dur="2s" repeatCount="indefinite"
+             values="#ff000000;#ff000050;#ff000000" />
+  </path>
+
+  <path d="M61.5395 46.0812H38.4604C37.1061 46.0812 36.0083 47.1791 36.0083 48.5333V65.075C36.0083 66.4292 37.1061 67.5271 38.4604 67.5271H61.5395C62.8938 67.5271 63.9916 66.4292 63.9916 65.075V48.5333C63.9916 47.1791 62.8938 46.0812 61.5395 46.0812Z" />
+
+  <path d="M41.7834 46.0834V39.6813C41.7834 37.5021 42.6491 35.4121 44.1901 33.8712C45.731 32.3303 47.8209 31.4646 50.0001 31.4646C52.1793 31.4646 54.2693 32.3303 55.8102 33.8712C57.3511 35.4121 58.2168 37.5021 58.2168 39.6813V46.0813" />
+</svg>
+`;
 }
-const cacheControlFunc = {
-	mustRevalidate: (v) => v ? "must-revalidate" : "",
-	noCache: (v) => v ? typeof v === "string" ? `no-cache="${v}"` : "no-cache" : "",
-	noStore: (v) => v ? "no-store" : "",
-	noTransform: (v) => v ? "no-transform" : "",
-	public: (v) => v ? "public" : "",
-	private: (v) => v ? typeof v === "string" ? `private="${v}"` : "private" : "",
-	proxyRevalidate: (v) => v ? "proxy-revalidate" : "",
-	maxAge: (v) => `max-age=${convertTime(v, "s").toString()}`,
-	sMaxage: (v) => `s-maxage=${convertTime(v, "s").toString()}`
-};
 
 //#endregion
-//#region packages/event-http/src/utils/set-cookie.ts
-const COOKIE_NAME_RE = /^[\w!#$%&'*+\-.^`|~]+$/;
-function sanitizeCookieAttrValue(v) {
-	return v.replace(/[;\r\n]/g, "");
+//#region packages/event-http/src/errors/404.tl.svg
+function _404_tl_default(ctx) {
+	return `<svg height="64" viewBox="0 20 100 64" fill="none" xmlns="http://www.w3.org/2000/svg">
+  <defs>
+    <path id="sheet" d="M86.5 36.5V47.5H97.5V92.5H52.5V36.5H86.5ZM63 68.5H87V67.5H63V68.5ZM63 63.5H87V62.5H63V63.5ZM63 58.5H87V57.5H63V58.5ZM96.793 46.5H87.5V37.207L96.793 46.5Z" fill="#88888833" stroke="#888888aa"/>
+  </defs>
+
+  <g id="queue" transform="translate(-5 -10)">
+    <use href="#sheet" opacity="0">
+      <animateTransform attributeName="transform" type="translate"
+                        dur="3s" repeatCount="indefinite"
+                        keyTimes="0;0.1;0.32;0.42;1"
+                        values="30 0; -20 0; -20 0; -70 0; -70 0" />
+      <animate attributeName="opacity"
+               dur="3s" repeatCount="indefinite"
+                        keyTimes="0;0.1;0.32;0.42;1"
+               values="0;1;1;0;0" />
+    </use>
+
+    <use href="#sheet" opacity="0">
+      <animateTransform attributeName="transform" type="translate"
+                        dur="3s" begin="1s" repeatCount="indefinite"
+                        keyTimes="0;0.1;0.32;0.42;1"
+                        values="30 0; -20 0; -20 0; -70 0; -70 0" />
+      <animate attributeName="opacity"
+               dur="3s" begin="1s" repeatCount="indefinite"
+                        keyTimes="0;0.1;0.32;0.42;1"
+               values="0;1;1;0;0" />
+    </use>
+
+    <use href="#sheet" opacity="0">
+      <animateTransform attributeName="transform" type="translate"
+                        dur="3s" begin="2s" repeatCount="indefinite"
+                        keyTimes="0;0.1;0.32;0.42;1"
+                        values="30 0; -20 0; -20 0; -70 0; -70 0" />
+      <animate attributeName="opacity"
+               dur="3s" begin="2s" repeatCount="indefinite"
+                        keyTimes="0;0.1;0.32;0.42;1"
+               values="0;1;1;0;0" />
+    </use>
+  </g>
+
+  <g>
+    <path d="M49.5 32.5C58.3366 32.5 65.5 39.6634 65.5 48.5C65.5 54.4781 62.222 59.6923 57.3584 62.4404C55.0386 63.7512 52.3591 64.5 49.5 64.5C40.6634 64.5 33.5 57.3366 33.5 48.5C33.5 39.6634 40.6634 32.5 49.5 32.5Z" fill="#ffffff50" stroke="#888888" stroke-width="3"/>
+
+    <path d="M62.7101 74.5691C63.117 75.2907 64.0318 75.5459 64.7534 75.139C65.4751 74.7321 65.7302 73.8173 65.3233 73.0957L62.7101 74.5691ZM58.05 63.25L56.7434 63.9867L62.7101 74.5691L64.0167 73.8324L65.3233 73.0957L59.3567 62.5133L58.05 63.25Z" fill="#888888"/>
+  </g>
+</svg>
+
+`;
 }
-function renderCookie(key, data) {
-	if (!COOKIE_NAME_RE.test(key)) throw new TypeError(`Invalid cookie name "${key}"`);
-	let attrs = "";
-	for (const [a, v] of Object.entries(data.attrs)) {
-		const func = cookieAttrFunc[a];
-		if (typeof func === "function") {
-			const val = func(v);
-			attrs += val ? `; ${val}` : "";
-		} else throw new TypeError(`Unknown Set-Cookie attribute ${a}`);
-	}
-	return `${key}=${encodeURIComponent(data.value)}${attrs}`;
-}
-const cookieAttrFunc = {
-	expires: (v) => `Expires=${typeof v === "string" || typeof v === "number" ? new Date(v).toUTCString() : v.toUTCString()}`,
-	maxAge: (v) => `Max-Age=${convertTime(v, "s").toString()}`,
-	domain: (v) => `Domain=${sanitizeCookieAttrValue(String(v))}`,
-	path: (v) => `Path=${sanitizeCookieAttrValue(String(v))}`,
-	secure: (v) => v ? "Secure" : "",
-	httpOnly: (v) => v ? "HttpOnly" : "",
-	sameSite: (v) => v ? `SameSite=${typeof v === "string" ? v : "Strict"}` : ""
-};
-
-//#endregion
-//#region packages/event-http/src/response/http-response.ts
-const hasFetchResponse = typeof globalThis.Response === "function";
-const defaultStatus = {
-	GET: EHttpStatusCode.OK,
-	POST: EHttpStatusCode.Created,
-	PUT: EHttpStatusCode.Created,
-	PATCH: EHttpStatusCode.Accepted,
-	DELETE: EHttpStatusCode.Accepted
-};
-/**
-* Manages response status, headers, cookies, cache control, and body for an HTTP request.
-*
-* All header mutations are accumulated in memory and flushed in a single `writeHead()` call
-* when `send()` is invoked. Setter methods are chainable.
-*
-* @example
-* ```ts
-* const response = useResponse()
-* response.setStatus(200).setHeader('x-custom', 'value')
-* response.setCookie('session', 'abc', { httpOnly: true })
-* ```
-*/
-var HttpResponse = class {
-	/**
-	* @param _res - The underlying Node.js `ServerResponse`.
-	* @param _req - The underlying Node.js `IncomingMessage`.
-	* @param _logger - Logger instance for error reporting.
-	* @param defaultHeaders - Optional headers to pre-populate on this response (e.g. from `securityHeaders()`).
-	*/
-	constructor(_res, _req, _logger, defaultHeaders) {
-		this._res = _res;
-		this._req = _req;
-		this._logger = _logger;
-		if (defaultHeaders) for (const key in defaultHeaders) this._headers[key] = defaultHeaders[key];
-	}
-	_status = 0;
-	_body = void 0;
-	_headers = {};
-	_cookies = {};
-	_rawCookies = [];
-	_hasCookies = false;
-	_responded = false;
-	/** The HTTP status code. If not set, it is inferred automatically when `send()` is called. */
-	get status() {
-		return this._status;
-	}
-	set status(value) {
-		this._status = value;
-	}
-	/** Sets the HTTP status code (chainable). */
-	setStatus(value) {
-		this._status = value;
-		return this;
-	}
-	/** The response body. Automatically serialized by `send()` (objects → JSON, strings → text). */
-	get body() {
-		return this._body;
-	}
-	set body(value) {
-		this._body = value;
-	}
-	/** Sets the response body (chainable). */
-	setBody(value) {
-		this._body = value;
-		return this;
-	}
-	/** Sets a single response header (chainable). Arrays produce multi-value headers. */
-	setHeader(name, value) {
-		this._headers[name] = Array.isArray(value) ? value : value.toString();
-		return this;
-	}
-	/** Batch-sets multiple response headers from a record (chainable). Existing keys are overwritten. */
-	setHeaders(headers) {
-		for (const key in headers) this._headers[key] = headers[key];
-		return this;
-	}
-	/** Returns the value of a response header, or `undefined` if not set. */
-	getHeader(name) {
-		return this._headers[name];
-	}
-	/** Removes a response header (chainable). */
-	removeHeader(name) {
-		delete this._headers[name];
-		return this;
-	}
-	/** Returns a read-only snapshot of all response headers. */
-	headers() {
-		return this._headers;
-	}
-	/** Sets the `Content-Type` response header (chainable). */
-	setContentType(value) {
-		this._headers["content-type"] = value;
-		return this;
-	}
-	/** Returns the current `Content-Type` header value. */
-	getContentType() {
-		return this._headers["content-type"];
-	}
-	/** Sets the `Access-Control-Allow-Origin` header (chainable). Defaults to `'*'`. */
-	enableCors(origin = "*") {
-		this._headers["access-control-allow-origin"] = origin;
-		return this;
-	}
-	/** Sets an outgoing `Set-Cookie` header with optional attributes (chainable). */
-	setCookie(name, value, attrs) {
-		this._cookies[name] = {
-			value,
-			attrs: attrs || {}
-		};
-		this._hasCookies = true;
-		return this;
-	}
-	/** Returns a previously set cookie's data, or `undefined` if not set. */
-	getCookie(name) {
-		return this._cookies[name];
-	}
-	/** Removes a cookie from the outgoing set list (chainable). */
-	removeCookie(name) {
-		delete this._cookies[name];
-		return this;
-	}
-	/** Removes all outgoing cookies (chainable). */
-	clearCookies() {
-		this._cookies = {};
-		this._rawCookies = [];
-		this._hasCookies = false;
-		return this;
-	}
-	/** Appends a raw `Set-Cookie` header string (chainable). Use when you need full control over the cookie format. */
-	setCookieRaw(rawValue) {
-		this._rawCookies.push(rawValue);
-		this._hasCookies = true;
-		return this;
-	}
-	/** Sets the `Cache-Control` header from a directive object (chainable). */
-	setCacheControl(data) {
-		this._headers["cache-control"] = renderCacheControl(data);
-		return this;
-	}
-	/** Sets the `Age` header in seconds (chainable). Accepts a number or time string (e.g. `'2h 15m'`). */
-	setAge(value) {
-		this._headers.age = convertTime(value, "s").toString();
-		return this;
-	}
-	/** Sets the `Expires` header (chainable). Accepts a `Date`, date string, or timestamp. */
-	setExpires(value) {
-		this._headers.expires = typeof value === "string" || typeof value === "number" ? new Date(value).toUTCString() : value.toUTCString();
-		return this;
-	}
-	/** Sets or clears the `Pragma: no-cache` header (chainable). */
-	setPragmaNoCache(value = true) {
-		this._headers.pragma = value ? "no-cache" : "";
-		return this;
-	}
-	/**
-	* Returns the underlying Node.js `ServerResponse`.
-	* @param passthrough - If `true`, the framework still manages the response lifecycle. If `false` (default), the response is marked as "responded" and the framework will not touch it.
-	*/
-	getRawRes(passthrough) {
-		if (!passthrough) this._responded = true;
-		return this._res;
-	}
-	/** Whether the response has already been sent (or the underlying stream is no longer writable). */
-	get responded() {
-		return this._responded || !this._res.writable || this._res.writableEnded;
-	}
-	renderBody() {
-		const body = this._body;
-		if (body === void 0 || body === null) return "";
-		if (typeof body === "string") {
-			if (!this._headers["content-type"]) this._headers["content-type"] = "text/plain";
-			return body;
-		}
-		if (typeof body === "boolean" || typeof body === "number") {
-			if (!this._headers["content-type"]) this._headers["content-type"] = "text/plain";
-			return body.toString();
-		}
-		if (body instanceof Uint8Array) return body;
-		if (typeof body === "object") {
-			if (!this._headers["content-type"]) this._headers["content-type"] = "application/json";
-			return JSON.stringify(body);
-		}
-		throw new Error(`Unsupported body format "${typeof body}"`);
-	}
-	renderError(data, _ctx) {
-		this._status = data.statusCode || 500;
-		this._headers["content-type"] = "application/json";
-		this._body = JSON.stringify(data);
-	}
-	/** Renders and sends an HTTP error response. Called automatically by the framework when a handler throws an `HttpError`. */
-	sendError(error, ctx) {
-		const data = error.body;
-		this.renderError(data, ctx);
-		return this.send();
-	}
-	/**
-	* Finalizes and sends the response.
-	*
-	* Flushes all accumulated headers (including cookies) in a single `writeHead()` call,
-	* then writes the body. Supports `Readable` streams, `fetch` `Response` objects, and regular values.
-	*
-	* @throws Error if the response was already sent.
-	*/
-	send() {
-		if (this._responded) {
-			const err = /* @__PURE__ */ new Error("The response was already sent.");
-			this._logger.error(err.message, err);
-			throw err;
-		}
-		this._responded = true;
-		this.finalizeCookies();
-		const body = this._body;
-		const method = this._req.method;
-		if (body instanceof stream.Readable) return this.sendStream(body, method);
-		if (hasFetchResponse && body instanceof Response) return this.sendFetchResponse(body, method);
-		this.sendRegular(method);
-	}
-	finalizeCookies() {
-		if (!this._hasCookies) return;
-		const entries = Object.entries(this._cookies);
-		const rendered = [];
-		for (const [name, data] of entries) if (data) rendered.push(renderCookie(name, data));
-		if (this._rawCookies.length > 0) rendered.push(...this._rawCookies);
-		if (rendered.length > 0) {
-			const existing = this._headers["set-cookie"];
-			if (existing) this._headers["set-cookie"] = [...Array.isArray(existing) ? existing : [existing], ...rendered];
-			else this._headers["set-cookie"] = rendered;
-		}
-	}
-	autoStatus(hasBody) {
-		if (this._status) return;
-		if (!hasBody) {
-			this._status = EHttpStatusCode.NoContent;
-			return;
-		}
-		this._status = defaultStatus[this._req.method] || EHttpStatusCode.OK;
-	}
-	sendStream(stream$1, method) {
-		this.autoStatus(true);
-		this._res.writeHead(this._status, this._headers);
-		this._req.once("close", () => {
-			stream$1.destroy();
-		});
-		if (method === "HEAD") {
-			stream$1.destroy();
-			this._res.end();
-			return Promise.resolve();
-		}
-		return new Promise((resolve, reject) => {
-			stream$1.on("error", (e) => {
-				this._logger.error("Stream error", e);
-				stream$1.destroy();
-				this._res.end();
-				reject(e);
-			});
-			stream$1.on("close", () => {
-				stream$1.destroy();
-				resolve();
-			});
-			stream$1.pipe(this._res);
-		});
-	}
-	async sendFetchResponse(fetchResponse, method) {
-		this._status = this._status || fetchResponse.status;
-		const fetchContentLength = fetchResponse.headers.get("content-length");
-		if (fetchContentLength) this._headers["content-length"] = fetchContentLength;
-		const fetchContentType = fetchResponse.headers.get("content-type");
-		if (fetchContentType) this._headers["content-type"] = fetchContentType;
-		this._res.writeHead(this._status, this._headers);
-		if (method === "HEAD") {
-			this._res.end();
-			return;
-		}
-		const fetchBody = fetchResponse.body;
-		if (fetchBody) try {
-			for await (const chunk of fetchBody) this._res.write(chunk);
-		} catch (error) {
-			this._logger.error("Error streaming fetch response body", error);
-		}
-		if (!this._res.writableEnded) this._res.end();
-	}
-	sendRegular(method) {
-		const renderedBody = this.renderBody();
-		this.autoStatus(!!renderedBody);
-		const contentLength = typeof renderedBody === "string" ? Buffer.byteLength(renderedBody) : renderedBody.byteLength;
-		this._headers["content-length"] = contentLength.toString();
-		this._res.writeHead(this._status, this._headers).end(method === "HEAD" ? "" : renderedBody);
-	}
-};
-
-//#endregion
-//#region packages/event-http/src/event-http.ts
-/** Creates an async event context for an incoming HTTP request/response pair. */
-function createHttpContext(data, options, ResponseClass = HttpResponse) {
-	const response = new ResponseClass(data.res, data.req, options.logger);
-	return (fn) => (0, __wooksjs_event_core.createEventContext)(options, httpKind, {
-		req: data.req,
-		response,
-		requestLimits: data.requestLimits
-	}, fn);
-}
-/** Returns the current HTTP event context. */
-function useHttpContext(ctx) {
-	return ctx ?? (0, __wooksjs_event_core.current)();
-}
-
-//#endregion
-//#region packages/event-http/src/errors/403.tl.svg
-function _403_tl_default(ctx) {
-	return `<svg height="64" viewBox="0 4 100 96" fill="none" xmlns="http://www.w3.org/2000/svg" stroke="#888888" stroke-width="2">
-  <path d="M50 90.625C64.4042 87.1875 83.5751 69.8667 83.5751 48.6937V24.0854L50 9.375L16.425 24.0833V48.6937C16.425 69.8667 35.5959 87.1875 50 90.625Z" fill="#ff000050">
-    <animate attributeName="fill" dur="2s" repeatCount="indefinite"
-             values="#ff000000;#ff000050;#ff000000" />
-  </path>
-
-  <path d="M61.5395 46.0812H38.4604C37.1061 46.0812 36.0083 47.1791 36.0083 48.5333V65.075C36.0083 66.4292 37.1061 67.5271 38.4604 67.5271H61.5395C62.8938 67.5271 63.9916 66.4292 63.9916 65.075V48.5333C63.9916 47.1791 62.8938 46.0812 61.5395 46.0812Z" />
-
-  <path d="M41.7834 46.0834V39.6813C41.7834 37.5021 42.6491 35.4121 44.1901 33.8712C45.731 32.3303 47.8209 31.4646 50.0001 31.4646C52.1793 31.4646 54.2693 32.3303 55.8102 33.8712C57.3511 35.4121 58.2168 37.5021 58.2168 39.6813V46.0813" />
-</svg>
-`;
-}
-
-//#endregion
-//#region packages/event-http/src/errors/404.tl.svg
-function _404_tl_default(ctx) {
-	return `<svg height="64" viewBox="0 20 100 64" fill="none" xmlns="http://www.w3.org/2000/svg">
-  <defs>
-    <path id="sheet" d="M86.5 36.5V47.5H97.5V92.5H52.5V36.5H86.5ZM63 68.5H87V67.5H63V68.5ZM63 63.5H87V62.5H63V63.5ZM63 58.5H87V57.5H63V58.5ZM96.793 46.5H87.5V37.207L96.793 46.5Z" fill="#88888833" stroke="#888888aa"/>
-  </defs>
-
-  <g id="queue" transform="translate(-5 -10)">
-    <use href="#sheet" opacity="0">
-      <animateTransform attributeName="transform" type="translate"
-                        dur="3s" repeatCount="indefinite"
-                        keyTimes="0;0.1;0.32;0.42;1"
-                        values="30 0; -20 0; -20 0; -70 0; -70 0" />
-      <animate attributeName="opacity"
-               dur="3s" repeatCount="indefinite"
-                        keyTimes="0;0.1;0.32;0.42;1"
-               values="0;1;1;0;0" />
-    </use>
-
-    <use href="#sheet" opacity="0">
-      <animateTransform attributeName="transform" type="translate"
-                        dur="3s" begin="1s" repeatCount="indefinite"
-                        keyTimes="0;0.1;0.32;0.42;1"
-                        values="30 0; -20 0; -20 0; -70 0; -70 0" />
-      <animate attributeName="opacity"
-               dur="3s" begin="1s" repeatCount="indefinite"
-                        keyTimes="0;0.1;0.32;0.42;1"
-               values="0;1;1;0;0" />
-    </use>
-
-    <use href="#sheet" opacity="0">
-      <animateTransform attributeName="transform" type="translate"
-                        dur="3s" begin="2s" repeatCount="indefinite"
-                        keyTimes="0;0.1;0.32;0.42;1"
-                        values="30 0; -20 0; -20 0; -70 0; -70 0" />
-      <animate attributeName="opacity"
-               dur="3s" begin="2s" repeatCount="indefinite"
-                        keyTimes="0;0.1;0.32;0.42;1"
-               values="0;1;1;0;0" />
-    </use>
-  </g>
-
-  <g>
-    <path d="M49.5 32.5C58.3366 32.5 65.5 39.6634 65.5 48.5C65.5 54.4781 62.222 59.6923 57.3584 62.4404C55.0386 63.7512 52.3591 64.5 49.5 64.5C40.6634 64.5 33.5 57.3366 33.5 48.5C33.5 39.6634 40.6634 32.5 49.5 32.5Z" fill="#ffffff50" stroke="#888888" stroke-width="3"/>
-
-    <path d="M62.7101 74.5691C63.117 75.2907 64.0318 75.5459 64.7534 75.139C65.4751 74.7321 65.7302 73.8173 65.3233 73.0957L62.7101 74.5691ZM58.05 63.25L56.7434 63.9867L62.7101 74.5691L64.0167 73.8324L65.3233 73.0957L59.3567 62.5133L58.05 63.25Z" fill="#888888"/>
-  </g>
-</svg>
-
-`;
-}
-
-//#endregion
-//#region packages/event-http/src/errors/500.tl.svg
-function _500_tl_default(ctx) {
-	return `<svg  height="64" viewBox="0 0 120 100" xmlns="http://www.w3.org/2000/svg">
-
-  <g id="server">
-
-<g fill="#88888888" stroke="#88888888" stroke-width="2" >
-<path d="M18 90C13.5817 90 10 86.4182 10 82V38C10 33.5817 13.5817 30 18 30H50.5L58 43L52.5 53L56 68.5L49.0098 89.97L61.2141 71.4358L58.363 54.315L64.7769 43.5511L58.2763 30.2943L104.243 32.0434C108.658 32.2114 112.101 35.9267 111.933 40.3418L110.26 84.31C110.092 88.725 106.377 92.168 101.962 92L49 90H18Z" />
-</g>
-    <circle cx="30" cy="60" r="6" fill="red">
-      <animate attributeName="fill" dur="0.8s"
-               values="red;#2d0000;red" repeatCount="indefinite"/>
-    </circle>
-
-  </g>
-
-  <g fill="lightgray" opacity="0.75">
-    <circle cx="50" cy="35" r="6">
-      <animate attributeName="cy" from="35" to="15" dur="2s"
-               repeatCount="indefinite"/>
-      <animate attributeName="opacity" values="0.75;0" dur="2s"
-               repeatCount="indefinite"/>
-    </circle>
-    <circle cx="60" cy="40" r="4">
-      <animate attributeName="cy" from="40" to="20" dur="2s"
-               begin="0.4s" repeatCount="indefinite"/>
-      <animate attributeName="opacity" values="0.75;0" dur="2s"
-               begin="0.4s" repeatCount="indefinite"/>
-    </circle>
-  </g>
-
-</svg>
-`;
+
+//#endregion
+//#region packages/event-http/src/errors/500.tl.svg
+function _500_tl_default(ctx) {
+	return `<svg  height="64" viewBox="0 0 120 100" xmlns="http://www.w3.org/2000/svg">
+
+  <g id="server">
+
+<g fill="#88888888" stroke="#88888888" stroke-width="2" >
+<path d="M18 90C13.5817 90 10 86.4182 10 82V38C10 33.5817 13.5817 30 18 30H50.5L58 43L52.5 53L56 68.5L49.0098 89.97L61.2141 71.4358L58.363 54.315L64.7769 43.5511L58.2763 30.2943L104.243 32.0434C108.658 32.2114 112.101 35.9267 111.933 40.3418L110.26 84.31C110.092 88.725 106.377 92.168 101.962 92L49 90H18Z" />
+</g>
+    <circle cx="30" cy="60" r="6" fill="red">
+      <animate attributeName="fill" dur="0.8s"
+               values="red;#2d0000;red" repeatCount="indefinite"/>
+    </circle>
+
+  </g>
+
+  <g fill="lightgray" opacity="0.75">
+    <circle cx="50" cy="35" r="6">
+      <animate attributeName="cy" from="35" to="15" dur="2s"
+               repeatCount="indefinite"/>
+      <animate attributeName="opacity" values="0.75;0" dur="2s"
+               repeatCount="indefinite"/>
+    </circle>
+    <circle cx="60" cy="40" r="4">
+      <animate attributeName="cy" from="40" to="20" dur="2s"
+               begin="0.4s" repeatCount="indefinite"/>
+      <animate attributeName="opacity" values="0.75;0" dur="2s"
+               begin="0.4s" repeatCount="indefinite"/>
+    </circle>
+  </g>
+
+</svg>
+`;
 }
 
 //#endregion
@@ -1390,10 +1018,377 @@ function error_tl_default(ctx) {
 `;
 }
 
+//#endregion
+//#region packages/event-http/src/utils/time.ts
+function convertTime(time, unit = "ms") {
+	if (typeof time === "number") return time / units[unit];
+	const rg = /(\d+)(\w+)/gu;
+	let t = 0;
+	let r;
+	while (r = rg.exec(time)) t += Number(r[1]) * (units[r[2]] || 0);
+	return t / units[unit];
+}
+const units = {
+	ms: 1,
+	s: 1e3,
+	m: 1e3 * 60,
+	h: 1e3 * 60 * 60,
+	d: 1e3 * 60 * 60 * 24,
+	w: 1e3 * 60 * 60 * 24 * 7,
+	M: 1e3 * 60 * 60 * 24 * 30,
+	Y: 1e3 * 60 * 60 * 24 * 365
+};
+
+//#endregion
+//#region packages/event-http/src/utils/cache-control.ts
+/** Renders a `TCacheControl` object into a `Cache-Control` header string. */
+function renderCacheControl(data) {
+	let attrs = "";
+	for (const [a, v] of Object.entries(data)) {
+		if (v === void 0) continue;
+		const func = cacheControlFunc[a];
+		if (typeof func === "function") {
+			const val = func(v);
+			if (val) attrs += attrs ? `, ${val}` : val;
+		} else throw new TypeError(`Unknown Cache-Control attribute ${a}`);
+	}
+	return attrs;
+}
+const cacheControlFunc = {
+	mustRevalidate: (v) => v ? "must-revalidate" : "",
+	noCache: (v) => v ? typeof v === "string" ? `no-cache="${v}"` : "no-cache" : "",
+	noStore: (v) => v ? "no-store" : "",
+	noTransform: (v) => v ? "no-transform" : "",
+	public: (v) => v ? "public" : "",
+	private: (v) => v ? typeof v === "string" ? `private="${v}"` : "private" : "",
+	proxyRevalidate: (v) => v ? "proxy-revalidate" : "",
+	maxAge: (v) => `max-age=${convertTime(v, "s").toString()}`,
+	sMaxage: (v) => `s-maxage=${convertTime(v, "s").toString()}`
+};
+
+//#endregion
+//#region packages/event-http/src/utils/set-cookie.ts
+const COOKIE_NAME_RE = /^[\w!#$%&'*+\-.^`|~]+$/;
+function sanitizeCookieAttrValue(v) {
+	return v.replace(/[;\r\n]/g, "");
+}
+function renderCookie(key, data) {
+	if (!COOKIE_NAME_RE.test(key)) throw new TypeError(`Invalid cookie name "${key}"`);
+	let attrs = "";
+	for (const [a, v] of Object.entries(data.attrs)) {
+		const func = cookieAttrFunc[a];
+		if (typeof func === "function") {
+			const val = func(v);
+			attrs += val ? `; ${val}` : "";
+		} else throw new TypeError(`Unknown Set-Cookie attribute ${a}`);
+	}
+	return `${key}=${encodeURIComponent(data.value)}${attrs}`;
+}
+const cookieAttrFunc = {
+	expires: (v) => `Expires=${typeof v === "string" || typeof v === "number" ? new Date(v).toUTCString() : v.toUTCString()}`,
+	maxAge: (v) => `Max-Age=${convertTime(v, "s").toString()}`,
+	domain: (v) => `Domain=${sanitizeCookieAttrValue(String(v))}`,
+	path: (v) => `Path=${sanitizeCookieAttrValue(String(v))}`,
+	secure: (v) => v ? "Secure" : "",
+	httpOnly: (v) => v ? "HttpOnly" : "",
+	sameSite: (v) => v ? `SameSite=${typeof v === "string" ? v : "Strict"}` : ""
+};
+
+//#endregion
+//#region packages/event-http/src/response/http-response.ts
+const hasFetchResponse = typeof globalThis.Response === "function";
+const defaultStatus = {
+	GET: EHttpStatusCode.OK,
+	POST: EHttpStatusCode.Created,
+	PUT: EHttpStatusCode.Created,
+	PATCH: EHttpStatusCode.Accepted,
+	DELETE: EHttpStatusCode.Accepted
+};
+/**
+* Manages response status, headers, cookies, cache control, and body for an HTTP request.
+*
+* All header mutations are accumulated in memory and flushed in a single `writeHead()` call
+* when `send()` is invoked. Setter methods are chainable.
+*
+* @example
+* ```ts
+* const response = useResponse()
+* response.setStatus(200).setHeader('x-custom', 'value')
+* response.setCookie('session', 'abc', { httpOnly: true })
+* ```
+*/
+var HttpResponse = class {
+	/**
+	* @param _res - The underlying Node.js `ServerResponse`.
+	* @param _req - The underlying Node.js `IncomingMessage`.
+	* @param _logger - Logger instance for error reporting.
+	* @param defaultHeaders - Optional headers to pre-populate on this response (e.g. from `securityHeaders()`).
+	*/
+	constructor(_res, _req, _logger, defaultHeaders) {
+		this._res = _res;
+		this._req = _req;
+		this._logger = _logger;
+		if (defaultHeaders) for (const key in defaultHeaders) this._headers[key] = defaultHeaders[key];
+	}
+	_status = 0;
+	_body = void 0;
+	_headers = {};
+	_cookies = {};
+	_rawCookies = [];
+	_hasCookies = false;
+	_responded = false;
+	/** The HTTP status code. If not set, it is inferred automatically when `send()` is called. */
+	get status() {
+		return this._status;
+	}
+	set status(value) {
+		this._status = value;
+	}
+	/** Sets the HTTP status code (chainable). */
+	setStatus(value) {
+		this._status = value;
+		return this;
+	}
+	/** The response body. Automatically serialized by `send()` (objects → JSON, strings → text). */
+	get body() {
+		return this._body;
+	}
+	set body(value) {
+		this._body = value;
+	}
+	/** Sets the response body (chainable). */
+	setBody(value) {
+		this._body = value;
+		return this;
+	}
+	/** Sets a single response header (chainable). Arrays produce multi-value headers. */
+	setHeader(name, value) {
+		this._headers[name] = Array.isArray(value) ? value : value.toString();
+		return this;
+	}
+	/** Batch-sets multiple response headers from a record (chainable). Existing keys are overwritten. */
+	setHeaders(headers) {
+		for (const key in headers) this._headers[key] = headers[key];
+		return this;
+	}
+	/** Returns the value of a response header, or `undefined` if not set. */
+	getHeader(name) {
+		return this._headers[name];
+	}
+	/** Removes a response header (chainable). */
+	removeHeader(name) {
+		delete this._headers[name];
+		return this;
+	}
+	/** Returns a read-only snapshot of all response headers. */
+	headers() {
+		return this._headers;
+	}
+	/** Sets the `Content-Type` response header (chainable). */
+	setContentType(value) {
+		this._headers["content-type"] = value;
+		return this;
+	}
+	/** Returns the current `Content-Type` header value. */
+	getContentType() {
+		return this._headers["content-type"];
+	}
+	/** Sets the `Access-Control-Allow-Origin` header (chainable). Defaults to `'*'`. */
+	enableCors(origin = "*") {
+		this._headers["access-control-allow-origin"] = origin;
+		return this;
+	}
+	/** Sets an outgoing `Set-Cookie` header with optional attributes (chainable). */
+	setCookie(name, value, attrs) {
+		this._cookies[name] = {
+			value,
+			attrs: attrs || {}
+		};
+		this._hasCookies = true;
+		return this;
+	}
+	/** Returns a previously set cookie's data, or `undefined` if not set. */
+	getCookie(name) {
+		return this._cookies[name];
+	}
+	/** Removes a cookie from the outgoing set list (chainable). */
+	removeCookie(name) {
+		delete this._cookies[name];
+		return this;
+	}
+	/** Removes all outgoing cookies (chainable). */
+	clearCookies() {
+		this._cookies = {};
+		this._rawCookies = [];
+		this._hasCookies = false;
+		return this;
+	}
+	/** Appends a raw `Set-Cookie` header string (chainable). Use when you need full control over the cookie format. */
+	setCookieRaw(rawValue) {
+		this._rawCookies.push(rawValue);
+		this._hasCookies = true;
+		return this;
+	}
+	/** Sets the `Cache-Control` header from a directive object (chainable). */
+	setCacheControl(data) {
+		this._headers["cache-control"] = renderCacheControl(data);
+		return this;
+	}
+	/** Sets the `Age` header in seconds (chainable). Accepts a number or time string (e.g. `'2h 15m'`). */
+	setAge(value) {
+		this._headers.age = convertTime(value, "s").toString();
+		return this;
+	}
+	/** Sets the `Expires` header (chainable). Accepts a `Date`, date string, or timestamp. */
+	setExpires(value) {
+		this._headers.expires = typeof value === "string" || typeof value === "number" ? new Date(value).toUTCString() : value.toUTCString();
+		return this;
+	}
+	/** Sets or clears the `Pragma: no-cache` header (chainable). */
+	setPragmaNoCache(value = true) {
+		this._headers.pragma = value ? "no-cache" : "";
+		return this;
+	}
+	/**
+	* Returns the underlying Node.js `ServerResponse`.
+	* @param passthrough - If `true`, the framework still manages the response lifecycle. If `false` (default), the response is marked as "responded" and the framework will not touch it.
+	*/
+	getRawRes(passthrough) {
+		if (!passthrough) this._responded = true;
+		return this._res;
+	}
+	/** Whether the response has already been sent (or the underlying stream is no longer writable). */
+	get responded() {
+		return this._responded || !this._res.writable || this._res.writableEnded;
+	}
+	renderBody() {
+		const body = this._body;
+		if (body === void 0 || body === null) return "";
+		if (typeof body === "string") {
+			if (!this._headers["content-type"]) this._headers["content-type"] = "text/plain";
+			return body;
+		}
+		if (typeof body === "boolean" || typeof body === "number") {
+			if (!this._headers["content-type"]) this._headers["content-type"] = "text/plain";
+			return body.toString();
+		}
+		if (body instanceof Uint8Array) return body;
+		if (typeof body === "object") {
+			if (!this._headers["content-type"]) this._headers["content-type"] = "application/json";
+			return JSON.stringify(body);
+		}
+		throw new Error(`Unsupported body format "${typeof body}"`);
+	}
+	renderError(data, _ctx) {
+		this._status = data.statusCode || 500;
+		this._headers["content-type"] = "application/json";
+		this._body = JSON.stringify(data);
+	}
+	/** Renders and sends an HTTP error response. Called automatically by the framework when a handler throws an `HttpError`. */
+	sendError(error, ctx) {
+		const data = error.body;
+		this.renderError(data, ctx);
+		return this.send();
+	}
+	/**
+	* Finalizes and sends the response.
+	*
+	* Flushes all accumulated headers (including cookies) in a single `writeHead()` call,
+	* then writes the body. Supports `Readable` streams, `fetch` `Response` objects, and regular values.
+	*
+	* @throws Error if the response was already sent.
+	*/
+	send() {
+		if (this._responded) {
+			const err = /* @__PURE__ */ new Error("The response was already sent.");
+			this._logger.error(err.message, err);
+			throw err;
+		}
+		this._responded = true;
+		this.finalizeCookies();
+		const body = this._body;
+		const method = this._req.method;
+		if (body instanceof stream.Readable) return this.sendStream(body, method);
+		if (hasFetchResponse && body instanceof Response) return this.sendFetchResponse(body, method);
+		this.sendRegular(method);
+	}
+	finalizeCookies() {
+		if (!this._hasCookies) return;
+		const entries = Object.entries(this._cookies);
+		const rendered = [];
+		for (const [name, data] of entries) if (data) rendered.push(renderCookie(name, data));
+		if (this._rawCookies.length > 0) rendered.push(...this._rawCookies);
+		if (rendered.length > 0) {
+			const existing = this._headers["set-cookie"];
+			if (existing) this._headers["set-cookie"] = [...Array.isArray(existing) ? existing : [existing], ...rendered];
+			else this._headers["set-cookie"] = rendered;
+		}
+	}
+	autoStatus(hasBody) {
+		if (this._status) return;
+		if (!hasBody) {
+			this._status = EHttpStatusCode.NoContent;
+			return;
+		}
+		this._status = defaultStatus[this._req.method] || EHttpStatusCode.OK;
+	}
+	sendStream(stream$1, method) {
+		this.autoStatus(true);
+		this._res.writeHead(this._status, this._headers);
+		this._req.once("close", () => {
+			stream$1.destroy();
+		});
+		if (method === "HEAD") {
+			stream$1.destroy();
+			this._res.end();
+			return Promise.resolve();
+		}
+		return new Promise((resolve, reject) => {
+			stream$1.on("error", (e) => {
+				this._logger.error("Stream error", e);
+				stream$1.destroy();
+				this._res.end();
+				reject(e);
+			});
+			stream$1.on("close", () => {
+				stream$1.destroy();
+				resolve();
+			});
+			stream$1.pipe(this._res);
+		});
+	}
+	async sendFetchResponse(fetchResponse, method) {
+		this._status = this._status || fetchResponse.status;
+		const fetchContentLength = fetchResponse.headers.get("content-length");
+		if (fetchContentLength) this._headers["content-length"] = fetchContentLength;
+		const fetchContentType = fetchResponse.headers.get("content-type");
+		if (fetchContentType) this._headers["content-type"] = fetchContentType;
+		this._res.writeHead(this._status, this._headers);
+		if (method === "HEAD") {
+			this._res.end();
+			return;
+		}
+		const fetchBody = fetchResponse.body;
+		if (fetchBody) try {
+			for await (const chunk of fetchBody) this._res.write(chunk);
+		} catch (error) {
+			this._logger.error("Error streaming fetch response body", error);
+		}
+		if (!this._res.writableEnded) this._res.end();
+	}
+	sendRegular(method) {
+		const renderedBody = this.renderBody();
+		this.autoStatus(!!renderedBody);
+		const contentLength = typeof renderedBody === "string" ? Buffer.byteLength(renderedBody) : renderedBody.byteLength;
+		this._headers["content-length"] = contentLength.toString();
+		this._res.writeHead(this._status, this._headers).end(method === "HEAD" ? "" : renderedBody);
+	}
+};
+
 //#endregion
 //#region packages/event-http/src/response/wooks-http-response.ts
 let framework = {
-	version: "0.7.1",
+	version: "0.7.3",
 	poweredBy: "wooksjs",
 	link: "https://wooks.moost.org/",
 	image: "https://wooks.moost.org/wooks-full-logo.svg"
@@ -1603,7 +1598,7 @@ var WooksHttp = class extends wooks.WooksAdapterBase {
 			const response = new this.ResponseClass(res, req, ctxOptions.logger, defaultHeaders);
 			const method = req.method || "";
 			const url$1 = req.url || "";
-			(0, __wooksjs_event_core.createEventContext)(ctxOptions, httpKind, {
+			createHttpContext(ctxOptions, {
 				req,
 				response,
 				requestLimits: RequestLimits
@@ -1616,10 +1611,12 @@ var WooksHttp = class extends wooks.WooksAdapterBase {
 						this.logger.error("Internal error, please report", error);
 						this.respond(error, response, ctx);
 					});
+					return result;
 				} else {
 					this.logger.debug(`404 Not found (${method})${url$1}`);
 					const error = new HttpError(404);
 					this.respond(error, response, ctx);
+					return error;
 				}
 			});
 		};
@@ -1638,7 +1635,7 @@ var WooksHttp = class extends wooks.WooksAdapterBase {
 				return;
 			}
 			const url$1 = req.url || "";
-			(0, __wooksjs_event_core.createEventContext)(ctxOptions, httpKind, {
+			createHttpContext(ctxOptions, {
 				req,
 				response: void 0,
 				requestLimits
@@ -1648,8 +1645,8 @@ var WooksHttp = class extends wooks.WooksAdapterBase {
 				ctx.set(wsHandler.socketKey, socket);
 				ctx.set(wsHandler.headKey, head);
 				const handlers = this.wooks.lookupHandlers("UPGRADE", url$1, ctx);
-				if (handlers) this.processUpgradeHandlers(handlers, ctx, socket);
-				else wsHandler.handleUpgrade(req, socket, head);
+				if (handlers) return this.processUpgradeHandlers(handlers, ctx, socket);
+				else return wsHandler.handleUpgrade(req, socket, head);
 			});
 		};
 	}