bxo 0.0.5-dev.63 → 0.0.5-dev.65

package/README.md

@@ -406,6 +406,76 @@ await app.stop();
 await app.listen(3000); // Same as app.start(3000)
 ```
 
+### Custom Serve Options
+
+BXO allows you to extend the native Bun serve options, giving you full control over the server configuration while maintaining the framework's functionality:
+
+```typescript
+// Basic serve options
+const app = new BXO({
+  serve: {
+    port: 3000,
+    hostname: "0.0.0.0", // Listen on all interfaces
+  }
+});
+
+// With TLS/HTTPS options
+const app = new BXO({
+  serve: {
+    port: 443,
+    hostname: "localhost",
+    // tls: {
+    //   cert: Bun.file("cert.pem"),
+    //   key: Bun.file("key.pem"),
+    // }
+  }
+});
+
+// With development options
+const app = new BXO({
+  serve: {
+    port: 5000,
+    development: true, // Enable development mode
+  }
+});
+
+// With custom error handling
+const app = new BXO({
+  serve: {
+    port: 6000,
+    error: (error) => {
+      console.error("Custom error handler:", error);
+      return new Response("Something went wrong", { status: 500 });
+    }
+  }
+});
+
+// With custom fetch handler (extends framework functionality)
+const app = new BXO({
+  serve: {
+    port: 4000,
+    // You can override the fetch handler if needed
+    // fetch: (request, server) => {
+    //   // Your custom logic here
+    //   // You can still call the framework's handler
+    //   return app.requestHandler.handleRequest(request, server);
+    // }
+  }
+});
+```
+
+**Available Serve Options:**
+- `port` - Server port (default: 3000)
+- `hostname` - Server hostname (default: 'localhost')
+- `development` - Enable development mode
+- `tls` - TLS/HTTPS configuration
+- `error` - Custom error handler
+- `fetch` - Custom fetch handler (overrides framework's handler)
+- `websocket` - WebSocket configuration
+- And all other [Bun.serve options](https://bun.sh/docs/api/http#bun-serve)
+
+The framework will merge your serve options with its own defaults, ensuring that BXO's routing, middleware, and WebSocket functionality continue to work while allowing you to customize the server behavior.
+
 ### Development vs Production
 
 ```typescript

package/examples/serve-react/README.md

@@ -0,0 +1,15 @@
+# serve-react
+
+To install dependencies:
+
+```bash
+bun install
+```
+
+To run:
+
+```bash
+bun run index.ts
+```
+
+This project was created using `bun init` in bun v1.2.19. [Bun](https://bun.com) is a fast all-in-one JavaScript runtime.

package/examples/serve-react/app.tsx

@@ -0,0 +1,8 @@
+import { createRoot } from 'react-dom/client';
+
+function App() {
+    return <div>Hello World</div>;
+}
+
+const root = createRoot(document.getElementById('root') as any);
+root.render(<App />);

package/examples/serve-react/bun.lock

@@ -0,0 +1,42 @@
+{
+  "lockfileVersion": 1,
+  "workspaces": {
+    "": {
+      "name": "serve-react",
+      "dependencies": {
+        "@types/react-dom": "^19.1.9",
+        "react": "^19.1.1",
+        "react-dom": "^19.1.1",
+      },
+      "devDependencies": {
+        "@types/bun": "latest",
+      },
+      "peerDependencies": {
+        "typescript": "^5",
+      },
+    },
+  },
+  "packages": {
+    "@types/bun": ["@types/bun@1.2.21", "", { "dependencies": { "bun-types": "1.2.21" } }, "sha512-NiDnvEqmbfQ6dmZ3EeUO577s4P5bf4HCTXtI6trMc6f6RzirY5IrF3aIookuSpyslFzrnvv2lmEWv5HyC1X79A=="],
+
+    "@types/node": ["@types/node@24.3.0", "", { "dependencies": { "undici-types": "~7.10.0" } }, "sha512-aPTXCrfwnDLj4VvXrm+UUCQjNEvJgNA8s5F1cvwQU+3KNltTOkBm1j30uNLyqqPNe7gE3KFzImYoZEfLhp4Yow=="],
+
+    "@types/react": ["@types/react@19.1.12", "", { "dependencies": { "csstype": "^3.0.2" } }, "sha512-cMoR+FoAf/Jyq6+Df2/Z41jISvGZZ2eTlnsaJRptmZ76Caldwy1odD4xTr/gNV9VLj0AWgg/nmkevIyUfIIq5w=="],
+
+    "@types/react-dom": ["@types/react-dom@19.1.9", "", { "peerDependencies": { "@types/react": "^19.0.0" } }, "sha512-qXRuZaOsAdXKFyOhRBg6Lqqc0yay13vN7KrIg4L7N4aaHN68ma9OK3NE1BoDFgFOTfM7zg+3/8+2n8rLUH3OKQ=="],
+
+    "bun-types": ["bun-types@1.2.21", "", { "dependencies": { "@types/node": "*" }, "peerDependencies": { "@types/react": "^19" } }, "sha512-sa2Tj77Ijc/NTLS0/Odjq/qngmEPZfbfnOERi0KRUYhT9R8M4VBioWVmMWE5GrYbKMc+5lVybXygLdibHaqVqw=="],
+
+    "csstype": ["csstype@3.1.3", "", {}, "sha512-M1uQkMl8rQK/szD0LNhtqxIPLpimGm8sOBwU7lLnCpSbTyY3yeU1Vc7l4KT5zT4s/yOxHH5O7tIuuLOCnLADRw=="],
+
+    "react": ["react@19.1.1", "", {}, "sha512-w8nqGImo45dmMIfljjMwOGtbmC/mk4CMYhWIicdSflH91J9TyCyczcPFXJzrZ/ZXcgGRFeP6BU0BEJTw6tZdfQ=="],
+
+    "react-dom": ["react-dom@19.1.1", "", { "dependencies": { "scheduler": "^0.26.0" }, "peerDependencies": { "react": "^19.1.1" } }, "sha512-Dlq/5LAZgF0Gaz6yiqZCf6VCcZs1ghAJyrsu84Q/GT0gV+mCxbfmKNoGRKBYMJ8IEdGPqu49YWXD02GCknEDkw=="],
+
+    "scheduler": ["scheduler@0.26.0", "", {}, "sha512-NlHwttCI/l5gCPR3D1nNXtWABUmBwvZpEQiD4IXSbIDq8BzLIK/7Ir5gTFSGZDUu37K5cMNp0hFtzO38sC7gWA=="],
+
+    "typescript": ["typescript@5.9.2", "", { "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" } }, "sha512-CWBzXQrc/qOkhidw1OzBTQuYRbfyxDXJMVJ1XNwUHGROVmuaeiEm3OslpZ1RV96d7SKKjZKrSJu3+t/xlw3R9A=="],
+
+    "undici-types": ["undici-types@7.10.0", "", {}, "sha512-t5Fy/nfn+14LuOc2KNYg75vZqClpAiqscVvMygNnlsHBFpSXdJaYtXMcdNLpl/Qvc3P2cB3s6lOV51nqsFq4ag=="],
+  }
+}

package/examples/serve-react/index.html

@@ -0,0 +1,9 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<body>
+    <div id="root"></div>
+</body>
+<script type="module" src="app.tsx"></script>
+
+</html>

package/examples/serve-react/index.ts

@@ -0,0 +1,27 @@
+import BXO from "../../src";
+import index from "./index.html"
+
+// Create BXO instance with custom serve options
+const app = new BXO({
+  serve: {
+    port: 4000,
+    routes: {
+      "/*": index
+    }
+    // You can add any Bun.serve options here
+    // For example, you can add custom headers, TLS options, etc.
+    // The framework will merge these with its own defaults
+  }
+});
+
+// Add routes
+app.get("/", () => {
+  return index
+});
+
+app.get("/api/status", () => {
+  return { status: "ok", message: "BXO is running with custom serve options" };
+});
+
+// Start the server
+app.start();

package/examples/serve-react/package.json

@@ -0,0 +1,17 @@
+{
+  "name": "serve-react",
+  "module": "index.ts",
+  "type": "module",
+  "private": true,
+  "devDependencies": {
+    "@types/bun": "latest"
+  },
+  "peerDependencies": {
+    "typescript": "^5"
+  },
+  "dependencies": {
+    "@types/react-dom": "^19.1.9",
+    "react": "^19.1.1",
+    "react-dom": "^19.1.1"
+  }
+}

package/examples/serve-react/tsconfig.json

@@ -0,0 +1,29 @@
+{
+  "compilerOptions": {
+    // Environment setup & latest features
+    "lib": ["ESNext", "DOM"],
+    "target": "ESNext",
+    "module": "Preserve",
+    "moduleDetection": "force",
+    "jsx": "react-jsx",
+    "allowJs": true,
+
+    // Bundler mode
+    "moduleResolution": "bundler",
+    "allowImportingTsExtensions": true,
+    "verbatimModuleSyntax": true,
+    "noEmit": true,
+
+    // Best practices
+    "strict": true,
+    "skipLibCheck": true,
+    "noFallthroughCasesInSwitch": true,
+    "noUncheckedIndexedAccess": true,
+    "noImplicitOverride": true,
+
+    // Some stricter flags (disabled by default)
+    "noUnusedLocals": false,
+    "noUnusedParameters": false,
+    "noPropertyAccessFromIndexSignature": false
+  }
+}

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "bxo",
   "module": "index.ts",
-  "version": "0.0.5-dev.63",
+  "version": "0.0.5-dev.65",
   "description": "A simple and lightweight web framework for Bun",
   "type": "module",
   "exports": {

package/src/core/bxo.ts

@@ -1,12 +1,12 @@
-import type { 
-  Route, 
-  WSRoute, 
-  Handler, 
-  WebSocketHandler, 
-  RouteConfig, 
-  LifecycleHooks, 
-  Plugin, 
-  BXOOptions 
+import type {
+  Route,
+  WSRoute,
+  Handler,
+  WebSocketHandler,
+  RouteConfig,
+  LifecycleHooks,
+  Plugin,
+  BXOOptions
 } from '../types';
 import { RequestHandler } from '../handlers/request-handler';
 
@@ -22,9 +22,11 @@ export default class BXO {
   private serverHostname?: string;
   private enableValidation: boolean = true;
   private requestHandler: RequestHandler;
+  private serveOptions?: Partial<Bun.ServeFunctionOptions<any, any>>;
 
   constructor(options?: BXOOptions) {
     this.enableValidation = options?.enableValidation ?? true;
+    this.serveOptions = options?.serve;
     this.requestHandler = new RequestHandler(
       this._routes,
       this._wsRoutes,
@@ -228,11 +230,27 @@ export default class BXO {
         await this.hooks.onBeforeStart(this);
       }
 
-      this.server = Bun.serve({
+      // Merge user's serve options with framework defaults
+      const defaultServeOptions = {
         port,
         hostname,
-        fetch: (request, server) => this.requestHandler.handleRequest(request, server),
-        websocket: {
+        fetch: async (request: Request, server: any): Promise<Response> => {
+          const result = await this.requestHandler.handleRequest(request, server);
+          return result || new Response('Not Found', { status: 404 });
+        },
+      };
+
+      // Merge user options with defaults, allowing user options to override
+      const finalServeOptions = {
+        ...defaultServeOptions,
+        ...this.serveOptions,
+        // Ensure our fetch handler is always used unless user explicitly overrides
+        fetch: this.serveOptions?.fetch || defaultServeOptions.fetch,
+      };
+
+      // Add websocket support if there are WebSocket routes
+      if (this.getAllWSRoutes().length > 0) {
+        (finalServeOptions as any).websocket = {
           message: (ws: any, message: any) => {
             const handler = ws.data?.handler;
             if (handler?.onMessage) {
@@ -251,8 +269,10 @@ export default class BXO {
               handler.onClose(ws, code, reason);
             }
           }
-        }
-      });
+        };
+      }
+
+      this.server = Bun.serve(finalServeOptions as any);
 
       // Verify server was created successfully
       if (!this.server) {

package/src/handlers/request-handler.ts

@@ -76,7 +76,8 @@ export class RequestHandler {
 
       // Process and return response
       const internalCookies = getInternalCookies(ctx);
-      return processResponse(response, ctx, internalCookies, this.enableValidation, route.config);
+      const processedResponse = processResponse(response, ctx, internalCookies, this.enableValidation, route.config);
+      return processedResponse;
 
     } catch (error) {
       // Run error hooks

package/src/types/index.ts

@@ -140,6 +140,7 @@ export interface LifecycleHooks {
 // BXO options interface
 export interface BXOOptions {
   enableValidation?: boolean;
+  serve?: Partial<Bun.ServeFunctionOptions<any, any>>;
 }
 
 // Plugin interface for middleware-style plugins

package/src/utils/index.ts

@@ -271,6 +271,47 @@ export function cookiesToHeaders(cookies: InternalCookie[]): string[] {
   });
 }
 
+// Special cases for HTTP headers that need specific casing
+const HEADER_CASING_SPECIAL_CASES: Record<string, string> = {
+  'www-authenticate': 'WWW-Authenticate',
+  'content-md5': 'Content-MD5',
+  'dnt': 'DNT',
+  'etag': 'ETag',
+  'te': 'TE',
+  'trailer': 'Trailer',
+  'transfer-encoding': 'Transfer-Encoding',
+  'upgrade': 'Upgrade',
+  'x-forwarded-for': 'X-Forwarded-For',
+  'x-forwarded-proto': 'X-Forwarded-Proto',
+  'x-forwarded-host': 'X-Forwarded-Host',
+  'x-real-ip': 'X-Real-IP',
+  'x-requested-with': 'X-Requested-With',
+  'x-csrf-token': 'X-CSRF-Token',
+  'x-frame-options': 'X-Frame-Options',
+  'x-content-type-options': 'X-Content-Type-Options',
+  'x-xss-protection': 'X-XSS-Protection',
+  'strict-transport-security': 'Strict-Transport-Security',
+  'content-security-policy': 'Content-Security-Policy',
+  'referrer-policy': 'Referrer-Policy',
+  'permissions-policy': 'Permissions-Policy'
+};
+
+// Helper function to normalize header casing while preserving special cases
+function normalizeHeaderCase(headerKey: string): string {
+  const lowerKey = headerKey.toLowerCase();
+  return HEADER_CASING_SPECIAL_CASES[lowerKey] || headerKey;
+}
+
+// Helper function to convert Headers object back to plain object while preserving casing
+export function headersToPlainObject(headers: Headers): Record<string, string> {
+  const result: Record<string, string> = {};
+  headers.forEach((value, key) => {
+    // Preserve the original casing from the Headers object
+    result[key] = value;
+  });
+  return result;
+}
+
 // Merge headers with cookies
 export function mergeHeadersWithCookies(
   headers: Record<string, string>, 
@@ -278,9 +319,10 @@ export function mergeHeadersWithCookies(
 ): Headers {
   const newHeaders = new Headers();
   
-  // Add regular headers
+  // Add regular headers with proper casing
   Object.entries(headers).forEach(([key, value]) => {
-    newHeaders.set(key, value);
+    const normalizedKey = normalizeHeaderCase(key);
+    newHeaders.set(normalizedKey, value);
   });
   
   // Add Set-Cookie headers
@@ -292,6 +334,35 @@ export function mergeHeadersWithCookies(
   return newHeaders;
 }
 
+// Alternative function that returns headers with preserved casing
+export function mergeHeadersWithCookiesPreserveCasing(
+  headers: Record<string, string>, 
+  cookies: InternalCookie[]
+): Record<string, string> {
+  const result: Record<string, string> = { ...headers };
+  
+  // Apply special casing rules
+  Object.keys(result).forEach(key => {
+    const normalizedKey = normalizeHeaderCase(key);
+    if (normalizedKey !== key) {
+      result[normalizedKey] = result[key] || '';
+      delete result[key];
+    }
+  });
+  
+  // Add Set-Cookie headers
+  if (cookies.length > 0) {
+    const cookieHeaders = cookiesToHeaders(cookies);
+    // Set-Cookie headers should be separate entries, not joined
+    cookieHeaders.forEach((cookieHeader, index) => {
+      const key = index === 0 ? 'Set-Cookie' : `Set-Cookie-${index + 1}`;
+      result[key] = cookieHeader;
+    });
+  }
+  
+  return result;
+}
+
 // Create a redirect response
 export function createRedirectResponse(
   location: string, 

package/src/utils/response-handler.ts

@@ -1,5 +1,5 @@
 import type { Context, InternalCookie } from '../types';
-import { validateResponse, mergeHeadersWithCookies } from './index';
+import { validateResponse, mergeHeadersWithCookies, mergeHeadersWithCookiesPreserveCasing } from './index';
 
 // Process and format the response from a route handler
 export function processResponse(
@@ -13,7 +13,7 @@ export function processResponse(
   // automatically create a redirect Response so users can call ctx.redirect(...) or set headers without returning.
   const hasImplicitRedirectIntent = !!ctx.set.redirect
     || (typeof ctx.set.status === 'number' && ctx.set.status >= 300 && ctx.set.status < 400);
-  
+
   if ((response === undefined || response === null) && hasImplicitRedirectIntent) {
     const locationFromHeaders = ctx.set.headers && Object.entries(ctx.set.headers).find(([k]) => k.toLowerCase() === 'location')?.[1];
     const location = ctx.set.redirect?.location || locationFromHeaders;
@@ -28,12 +28,7 @@ export function processResponse(
 
       // Handle cookies if any are set
       if (internalCookies.length > 0) {
-        const headers = mergeHeadersWithCookies(responseHeaders, internalCookies);
-        const finalHeaders: Record<string, string> = {};
-        headers.forEach((value, key) => {
-          finalHeaders[key] = value;
-        });
-        responseHeaders = finalHeaders;
+        responseHeaders = mergeHeadersWithCookiesPreserveCasing(responseHeaders, internalCookies);
       }
 
       return new Response(null, {
@@ -77,7 +72,7 @@ export function processResponse(
   if (response instanceof Response) {
     // If there are headers set via ctx.set.headers, merge them with the Response headers
     if (ctx.set.headers && Object.keys(ctx.set.headers).length > 0) {
-      const newHeaders = mergeHeadersWithCookies(ctx.set.headers, internalCookies);
+      const newHeaders = mergeHeadersWithCookiesPreserveCasing(ctx.set.headers, internalCookies);
 
       // Create new Response with merged headers
       return new Response(response.body, {
@@ -124,12 +119,12 @@ export function processResponse(
 
   // Handle cookies if any are set
   if (internalCookies.length > 0) {
-    const headers = mergeHeadersWithCookies(responseHeaders, internalCookies);
+    const headers = mergeHeadersWithCookiesPreserveCasing(responseHeaders, internalCookies);
 
     if (typeof response === 'string') {
       // Only set Content-Type to text/plain if not already set
-      if (!headers.has('Content-Type')) {
-        headers.set('Content-Type', 'text/plain');
+      if (!headers['Content-Type']) {
+        headers['Content-Type'] = 'text/plain';
       }
       return new Response(response, {
         status: ctx.set.status || 200,
@@ -163,15 +158,15 @@ export function processResponse(
         }
         return value;
       }));
-      
-      headers.set('Content-Type', 'application/json');
+
+      headers['Content-Type'] = 'application/json';
       return new Response(JSON.stringify(serializableResponse), {
         status: ctx.set.status || 200,
         headers: headers
       });
     }
 
-    headers.set('Content-Type', 'application/json');
+    headers['Content-Type'] = 'application/json';
     return new Response(JSON.stringify(response), {
       status: ctx.set.status || 200,
       headers: headers
@@ -228,7 +223,7 @@ export function processResponse(
       }
       return value;
     }));
-    
+
     return new Response(JSON.stringify(serializableResponse), {
       ...responseInit,
       headers: {
@@ -258,7 +253,7 @@ export function createErrorResponse(
     error: errorMessage,
     ...(details && { details })
   };
-  
+
   return new Response(JSON.stringify(response), {
     status,
     headers: { 'Content-Type': 'application/json' }
@@ -271,7 +266,7 @@ export function createValidationErrorResponse(
   status: number = 400
 ): Response {
   let validationDetails = undefined;
-  
+
   // Handle Error objects
   if (validationError instanceof Error) {
     if ('errors' in validationError && Array.isArray(validationError.errors)) {
@@ -295,3 +290,4 @@ export function createValidationErrorResponse(
 
   return createErrorResponse(errorMessage, status, validationDetails);
 }
+

package/tests/integration/bxo.test.ts

@@ -426,6 +426,24 @@ describe('BXO Framework Integration', () => {
       expect(text).toBe('Custom response');
       expect(response.headers.get('x-custom')).toBe('value');
     });
+
+    it('should handle HTML responses with custom Content-Type', async () => {
+      app.get('/html', (ctx) => {
+        ctx.set.headers['Content-Type'] = 'text/html';
+        return `
+          <script src="/dist/injected/frontend.js"></script>
+          <html><body>Hello World</body></html>
+        `;
+      });
+
+      const response = await fetch(`${baseUrl}/html`);
+      const text = await response.text();
+
+      expect(response.status).toBe(200);
+      expect(response.headers.get('content-type')).toBe('text/html');
+      expect(text).toContain('<script src="/dist/injected/frontend.js"></script>');
+      expect(text).toContain('<html><body>Hello World</body></html>');
+    });
   });
 
   describe('Status and Headers', () => {

package/tests/unit/response-handler.test.ts

@@ -129,6 +129,32 @@ describe('Response Handler', () => {
       expect(await result.text()).toBe('Hello World');
     });
 
+    it('should preserve custom Content-Type for string responses', async () => {
+      mockContext.set.headers = { 'Content-Type': 'text/html' };
+      const result = processResponse('<html><body>Hello World</body></html>', mockContext, mockInternalCookies, true);
+
+      expect(result.status).toBe(200);
+      expect(result.headers.get('content-type')).toBe('text/html');
+      expect(await result.text()).toBe('<html><body>Hello World</body></html>');
+    });
+
+    it('should preserve custom Content-Type for string responses without cookies', async () => {
+      mockContext.set.headers = { 'Content-Type': 'text/html' };
+      const result = processResponse('<html><body>Hello World</body></html>', mockContext, [], true);
+
+      expect(result.status).toBe(200);
+      expect(result.headers.get('content-type')).toBe('text/html');
+      expect(await result.text()).toBe('<html><body>Hello World</body></html>');
+    });
+
+    it('should default to text/plain when no Content-Type is set for string responses', async () => {
+      const result = processResponse('Hello World', mockContext, [], true);
+
+      expect(result.status).toBe(200);
+      expect(result.headers.get('content-type')).toBe('text/plain');
+      expect(await result.text()).toBe('Hello World');
+    });
+
     it('should handle object responses', async () => {
       const result = processResponse({ message: 'success' }, mockContext, mockInternalCookies, true);
 

package/tests/unit/utils.test.ts

@@ -8,6 +8,7 @@ import {
   parseRequestBody,
   cookiesToHeaders,
   mergeHeadersWithCookies,
+  headersToPlainObject,
   createRedirectResponse,
   isFileUpload,
   getFileFromUpload,
@@ -178,6 +179,47 @@ describe('Utility Functions', () => {
       expect(result.get('content-type')).toBe('application/json');
       expect(result.get('set-cookie')).toBe('session=abc123');
     });
+
+    it('should preserve special header casing', () => {
+      const headers = {
+        'WWW-Authenticate': 'Basic realm="example"',
+        'x-frame-options': 'DENY',
+        'content-type': 'application/json'
+      };
+
+      const result = mergeHeadersWithCookies(headers, []);
+
+      // Check that special headers maintain their casing
+      expect(result.get('WWW-Authenticate')).toBe('Basic realm="example"');
+      expect(result.get('X-Frame-Options')).toBe('DENY');
+      // Regular headers should keep their original casing
+      expect(result.get('content-type')).toBe('application/json');
+    });
+  });
+
+  describe('headersToPlainObject', () => {
+    it('should convert Headers object to plain object', () => {
+      const headers = new Headers();
+      headers.set('www-authenticate', 'Basic realm="example"');
+      headers.set('x-frame-options', 'DENY');
+      headers.set('content-type', 'application/json');
+
+      const result = headersToPlainObject(headers);
+
+      // Note: Headers object normalizes keys to lowercase
+      expect(result).toEqual({
+        'www-authenticate': 'Basic realm="example"',
+        'x-frame-options': 'DENY',
+        'content-type': 'application/json'
+      });
+    });
+
+    it('should handle empty Headers object', () => {
+      const headers = new Headers();
+      const result = headersToPlainObject(headers);
+
+      expect(result).toEqual({});
+    });
   });
 
   describe('createRedirectResponse', () => {