distopia 0.2.1 → 0.4.0

package/dist/index.cjs

@@ -2,8 +2,9 @@
 Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
 let oxfmt = require("oxfmt");
 let oxlint = require("oxlint");
+let node_dns = require("node:dns");
 //#region package.json
-var version = "0.2.1";
+var version = "0.4.0";
 //#endregion
 //#region ../template/src/oxfmt.ts
 const config = (0, oxfmt.defineConfig)({
@@ -30,9 +31,218 @@ const config$1 = (0, oxlint.defineConfig)({
 	ignorePatterns: ["*.auto.ts", "dist/**"]
 });
 //#endregion
+//#region ../../src/infrastructure/http/src/Error/BodySizeError.ts
+var BodySizeError = class extends Error {};
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/HeaderError.ts
+var HeaderError = class extends Error {};
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/InvalidDomainError.ts
+var InvalidDomainError = class extends Error {};
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/LocalAddressError.ts
+var LocalAddressError = class extends Error {};
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/RedirectError.ts
+var RedirectError = class extends Error {};
+//#endregion
+//#region ../../src/infrastructure/http/src/url.ts
+function isLocalIPv4(host) {
+	const parts = host.split(".");
+	if (parts.length !== 4) return false;
+	const [aStr, bStr, cStr, dStr] = parts;
+	const a = Number(aStr);
+	const b = Number(bStr);
+	const c = Number(cStr);
+	const d = Number(dStr);
+	for (const v of [
+		a,
+		b,
+		c,
+		d
+	]) if (!Number.isInteger(v) || v < 0 || v > 255) return false;
+	return a === 0 || a === 127 || a === 10 || a === 172 && b >= 16 && b <= 31 || a === 192 && b === 168 || a === 169 && b === 254;
+}
+function isLocalIPv6(addr) {
+	const h = addr.toLowerCase();
+	if (h === "::1" || h === "::") return true;
+	if (/^fe[89ab]/.test(h)) return true;
+	if (/^f[cd]/.test(h)) return true;
+	const rest = h.match(/^::ffff:(.+)$/)?.[1];
+	if (rest !== void 0) {
+		if (rest.includes(".")) return isLocalIPv4(rest);
+		const segs = rest.split(":");
+		if (segs.length === 2) {
+			const hi = parseInt(segs[0] ?? "", 16);
+			const lo = parseInt(segs[1] ?? "", 16);
+			if (Number.isInteger(hi) && Number.isInteger(lo)) return isLocalIPv4(`${hi >> 8 & 255}.${hi & 255}.${lo >> 8 & 255}.${lo & 255}`);
+		}
+	}
+	return false;
+}
+async function isLocalUrl(url) {
+	let s = url.replace(/\\/g, "/");
+	if (!/^[a-z][a-z0-9+.-]*:\/\//i.test(s)) s = "http://" + s;
+	const hostname = URL.parse(s)?.hostname.toLowerCase();
+	if (hostname === void 0) return false;
+	if (hostname === "localhost" || hostname.endsWith(".localhost")) return true;
+	if (hostname.startsWith("[") && hostname.endsWith("]")) return isLocalIPv6(hostname.slice(1, -1));
+	if (/^\d/.test(hostname)) return isLocalIPv4(hostname);
+	return await isLocalHostname(hostname);
+}
+//#endregion
+//#region ../../src/infrastructure/http/src/dns.ts
+async function isLocalHostname(hostname) {
+	const [v4, v6] = await Promise.all([node_dns.promises.resolve4(hostname).catch(() => []), node_dns.promises.resolve6(hostname).catch(() => [])]);
+	return v4.some((ip) => isLocalIPv4(ip)) || v6.some((ip) => isLocalIPv6(ip));
+}
+//#endregion
+//#region ../../src/infrastructure/http/src/redirect.ts
+const DEFAULT_MAX_REDIRECT = 10;
+//#endregion
+//#region ../../src/infrastructure/http/src/size.ts
+const MAX_BYTES = 1024 * 1024;
+async function isValidSize(response) {
+	const body = response.body;
+	if (body === null) return true;
+	const reader = body.getReader();
+	let received = 0;
+	let isOk = true;
+	while (true) {
+		const { done, value } = await reader.read();
+		if (done) break;
+		received += value.byteLength;
+		if (received > 1048576) {
+			await reader.cancel();
+			isOk = false;
+		}
+	}
+	return isOk;
+}
+//#endregion
+//#region ../../src/infrastructure/http/src/timeout.ts
+const DEFAULT_TIMEOUT = 10 * 1e3;
+const DISCORD_TIMEOUT = 30 * 1e3;
+//#endregion
+//#region ../../src/infrastructure/http/src/safefetch.ts
+const DISCORD_DOMAINS = [
+	"discord.com",
+	"discordapp.com",
+	"discord.gg"
+];
+async function safeFetchForDiscord(input, init) {
+	if (await isLocalUrl(input)) return new LocalAddressError(`${input} is local address.`);
+	const hostname = new URL(input).hostname;
+	if (!DISCORD_DOMAINS.includes(hostname)) return new InvalidDomainError(`${hostname} is not discord domain.`);
+	return await fetch(input, {
+		...init,
+		signal: AbortSignal.timeout(DISCORD_TIMEOUT)
+	});
+}
+async function safeFetch(input, init) {
+	let reqUrl = input;
+	let currentInit = init;
+	let redirectCount = 0;
+	let response;
+	while (true) {
+		if (await isLocalUrl(reqUrl)) return new LocalAddressError(`${reqUrl} is local address.`);
+		response = await fetch(reqUrl, {
+			...currentInit,
+			signal: AbortSignal.timeout(DEFAULT_TIMEOUT),
+			redirect: "manual"
+		});
+		if (!await isValidSize(response.clone())) return new BodySizeError("Body size Error");
+		const isRedirect = response.status >= 300 && response.status < 400 && response.status !== 304;
+		const location = response.headers.get("location");
+		if (isRedirect) {
+			if (location === null) return new HeaderError("location is not found.");
+			let url;
+			try {
+				url = new URL(location, reqUrl);
+			} catch {
+				return new HeaderError(`${location} is invalid.`);
+			}
+			if (url.protocol !== "http:" && url.protocol !== "https:") return new HeaderError(`${url.protocol} is not allowed.`);
+			if (new URL(reqUrl).origin !== url.origin) {
+				const headers = new Headers(currentInit?.headers);
+				headers.delete("authorization");
+				headers.delete("cookie");
+				currentInit = {
+					...currentInit,
+					headers
+				};
+			}
+			reqUrl = url.href;
+			redirectCount += 1;
+		} else return response;
+		if (redirectCount > 10) return new RedirectError(`Redirect count is over 10`);
+	}
+}
+//#endregion
+//#region ../../src/infrastructure/http/src/invite.ts
+const DISCORD_INVITE_LINK_START = [
+	"https://discord.com/invite/",
+	"https://ptb.discord.com/invite/",
+	"https://canary.discord.com/invite/"
+];
+async function isUsedCf(res) {
+	try {
+		const response = res.clone();
+		if (response.status !== 403) return false;
+		const { JSDOM } = await import("jsdom");
+		return new JSDOM(await response.text()).window.document.querySelector("title")?.textContent === "Just a moment...";
+	} catch {
+		return false;
+	}
+}
+async function isInviteLink(url) {
+	const response = await safeFetch(url, {
+		method: "GET",
+		headers: { "User-Agent": "Mozilla/5.0" }
+	});
+	if (response instanceof Error) return response;
+	const resUrl = response.url;
+	return {
+		content: DISCORD_INVITE_LINK_START.some((value) => resUrl.startsWith(value)),
+		isUsedCf: await isUsedCf(response)
+	};
+}
+//#endregion
+//#region ../../src/infrastructure/http/src/safeurl.ts
+function safeUrl(strings, ...values) {
+	let result = "";
+	for (const [index, str] of strings.entries()) {
+		result += str;
+		const value = values[index];
+		if (value !== void 0) result += encodeURIComponent(value);
+	}
+	return result;
+}
+//#endregion
 //#region src/index.ts
 const DISTOPIA_VERSION = version;
 //#endregion
+exports.BodySizeError = BodySizeError;
+exports.DEFAULT_MAX_REDIRECT = DEFAULT_MAX_REDIRECT;
+exports.DEFAULT_TIMEOUT = DEFAULT_TIMEOUT;
+exports.DISCORD_DOMAINS = DISCORD_DOMAINS;
+exports.DISCORD_INVITE_LINK_START = DISCORD_INVITE_LINK_START;
+exports.DISCORD_TIMEOUT = DISCORD_TIMEOUT;
 exports.DISTOPIA_VERSION = DISTOPIA_VERSION;
+exports.HeaderError = HeaderError;
+exports.InvalidDomainError = InvalidDomainError;
+exports.LocalAddressError = LocalAddressError;
+exports.MAX_BYTES = MAX_BYTES;
+exports.RedirectError = RedirectError;
+exports.isInviteLink = isInviteLink;
+exports.isLocalHostname = isLocalHostname;
+exports.isLocalIPv4 = isLocalIPv4;
+exports.isLocalIPv6 = isLocalIPv6;
+exports.isLocalUrl = isLocalUrl;
+exports.isUsedCf = isUsedCf;
+exports.isValidSize = isValidSize;
 exports.oxfmtCfg = config;
 exports.oxlintCfg = config$1;
+exports.safeFetch = safeFetch;
+exports.safeFetchForDiscord = safeFetchForDiscord;
+exports.safeUrl = safeUrl;

package/dist/index.d.cts

@@ -24,7 +24,62 @@ declare const config$1: {
   ignorePatterns: string[];
 };
 //#endregion
+//#region ../../src/infrastructure/http/src/Error/BodySizeError.d.ts
+declare class BodySizeError extends Error {}
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/HeaderError.d.ts
+declare class HeaderError extends Error {}
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/InvalidDomainError.d.ts
+declare class InvalidDomainError extends Error {}
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/LocalAddressError.d.ts
+declare class LocalAddressError extends Error {}
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/RedirectError.d.ts
+declare class RedirectError extends Error {}
+//#endregion
+//#region ../../src/infrastructure/http/src/dns.d.ts
+declare function isLocalHostname(hostname: string): Promise<boolean>;
+//#endregion
+//#region ../../src/infrastructure/http/src/invite.d.ts
+type IsInviteLink = {
+  content: boolean;
+  isUsedCf: boolean;
+};
+declare const DISCORD_INVITE_LINK_START: string[];
+declare function isUsedCf(res: Response): Promise<boolean>;
+declare function isInviteLink(url: string): Promise<IsInviteLink | LocalAddressError | HeaderError | RedirectError | BodySizeError>;
+//#endregion
+//#region ../../src/infrastructure/http/src/redirect.d.ts
+declare const DEFAULT_MAX_REDIRECT = 10;
+//#endregion
+//#region ../../src/infrastructure/http/src/safeurl.d.ts
+type Branded<T, Brand> = T & {
+  readonly __brand: Brand;
+};
+type SafeUrl = Branded<string, "distopiaSafeUrl">;
+declare function safeUrl(strings: TemplateStringsArray, ...values: (string | number)[]): SafeUrl;
+//#endregion
+//#region ../../src/infrastructure/http/src/safefetch.d.ts
+declare const DISCORD_DOMAINS: string[];
+declare function safeFetchForDiscord(input: SafeUrl, init?: RequestInit): Promise<Response | LocalAddressError | InvalidDomainError>;
+declare function safeFetch(input: SafeUrl, init?: RequestInit): Promise<Response | LocalAddressError | HeaderError | RedirectError | BodySizeError>;
+//#endregion
+//#region ../../src/infrastructure/http/src/size.d.ts
+declare const MAX_BYTES: number;
+declare function isValidSize(response: Response): Promise<boolean>;
+//#endregion
+//#region ../../src/infrastructure/http/src/timeout.d.ts
+declare const DEFAULT_TIMEOUT: number;
+declare const DISCORD_TIMEOUT: number;
+//#endregion
+//#region ../../src/infrastructure/http/src/url.d.ts
+declare function isLocalIPv4(host: string): boolean;
+declare function isLocalIPv6(addr: string): boolean;
+declare function isLocalUrl(url: string): Promise<boolean>;
+//#endregion
 //#region src/index.d.ts
 declare const DISTOPIA_VERSION: string;
 //#endregion
-export { DISTOPIA_VERSION, config as oxfmtCfg, config$1 as oxlintCfg };
+export { BodySizeError, Branded, DEFAULT_MAX_REDIRECT, DEFAULT_TIMEOUT, DISCORD_DOMAINS, DISCORD_INVITE_LINK_START, DISCORD_TIMEOUT, DISTOPIA_VERSION, HeaderError, InvalidDomainError, IsInviteLink, LocalAddressError, MAX_BYTES, RedirectError, SafeUrl, isInviteLink, isLocalHostname, isLocalIPv4, isLocalIPv6, isLocalUrl, isUsedCf, isValidSize, config as oxfmtCfg, config$1 as oxlintCfg, safeFetch, safeFetchForDiscord, safeUrl };

package/dist/index.d.mts

@@ -24,7 +24,62 @@ declare const config$1: {
   ignorePatterns: string[];
 };
 //#endregion
+//#region ../../src/infrastructure/http/src/Error/BodySizeError.d.ts
+declare class BodySizeError extends Error {}
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/HeaderError.d.ts
+declare class HeaderError extends Error {}
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/InvalidDomainError.d.ts
+declare class InvalidDomainError extends Error {}
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/LocalAddressError.d.ts
+declare class LocalAddressError extends Error {}
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/RedirectError.d.ts
+declare class RedirectError extends Error {}
+//#endregion
+//#region ../../src/infrastructure/http/src/dns.d.ts
+declare function isLocalHostname(hostname: string): Promise<boolean>;
+//#endregion
+//#region ../../src/infrastructure/http/src/invite.d.ts
+type IsInviteLink = {
+  content: boolean;
+  isUsedCf: boolean;
+};
+declare const DISCORD_INVITE_LINK_START: string[];
+declare function isUsedCf(res: Response): Promise<boolean>;
+declare function isInviteLink(url: string): Promise<IsInviteLink | LocalAddressError | HeaderError | RedirectError | BodySizeError>;
+//#endregion
+//#region ../../src/infrastructure/http/src/redirect.d.ts
+declare const DEFAULT_MAX_REDIRECT = 10;
+//#endregion
+//#region ../../src/infrastructure/http/src/safeurl.d.ts
+type Branded<T, Brand> = T & {
+  readonly __brand: Brand;
+};
+type SafeUrl = Branded<string, "distopiaSafeUrl">;
+declare function safeUrl(strings: TemplateStringsArray, ...values: (string | number)[]): SafeUrl;
+//#endregion
+//#region ../../src/infrastructure/http/src/safefetch.d.ts
+declare const DISCORD_DOMAINS: string[];
+declare function safeFetchForDiscord(input: SafeUrl, init?: RequestInit): Promise<Response | LocalAddressError | InvalidDomainError>;
+declare function safeFetch(input: SafeUrl, init?: RequestInit): Promise<Response | LocalAddressError | HeaderError | RedirectError | BodySizeError>;
+//#endregion
+//#region ../../src/infrastructure/http/src/size.d.ts
+declare const MAX_BYTES: number;
+declare function isValidSize(response: Response): Promise<boolean>;
+//#endregion
+//#region ../../src/infrastructure/http/src/timeout.d.ts
+declare const DEFAULT_TIMEOUT: number;
+declare const DISCORD_TIMEOUT: number;
+//#endregion
+//#region ../../src/infrastructure/http/src/url.d.ts
+declare function isLocalIPv4(host: string): boolean;
+declare function isLocalIPv6(addr: string): boolean;
+declare function isLocalUrl(url: string): Promise<boolean>;
+//#endregion
 //#region src/index.d.ts
 declare const DISTOPIA_VERSION: string;
 //#endregion
-export { DISTOPIA_VERSION, config as oxfmtCfg, config$1 as oxlintCfg };
+export { BodySizeError, Branded, DEFAULT_MAX_REDIRECT, DEFAULT_TIMEOUT, DISCORD_DOMAINS, DISCORD_INVITE_LINK_START, DISCORD_TIMEOUT, DISTOPIA_VERSION, HeaderError, InvalidDomainError, IsInviteLink, LocalAddressError, MAX_BYTES, RedirectError, SafeUrl, isInviteLink, isLocalHostname, isLocalIPv4, isLocalIPv6, isLocalUrl, isUsedCf, isValidSize, config as oxfmtCfg, config$1 as oxlintCfg, safeFetch, safeFetchForDiscord, safeUrl };

package/dist/index.mjs

@@ -1,8 +1,9 @@
 /* @ts-self-types="./index.d.mts" */
 import { defineConfig } from "oxfmt";
 import { defineConfig as defineConfig$1 } from "oxlint";
+import { promises } from "node:dns";
 //#region package.json
-var version = "0.2.1";
+var version = "0.4.0";
 //#endregion
 //#region ../template/src/oxfmt.ts
 const config = defineConfig({
@@ -29,7 +30,195 @@ const config$1 = defineConfig$1({
 	ignorePatterns: ["*.auto.ts", "dist/**"]
 });
 //#endregion
+//#region ../../src/infrastructure/http/src/Error/BodySizeError.ts
+var BodySizeError = class extends Error {};
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/HeaderError.ts
+var HeaderError = class extends Error {};
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/InvalidDomainError.ts
+var InvalidDomainError = class extends Error {};
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/LocalAddressError.ts
+var LocalAddressError = class extends Error {};
+//#endregion
+//#region ../../src/infrastructure/http/src/Error/RedirectError.ts
+var RedirectError = class extends Error {};
+//#endregion
+//#region ../../src/infrastructure/http/src/url.ts
+function isLocalIPv4(host) {
+	const parts = host.split(".");
+	if (parts.length !== 4) return false;
+	const [aStr, bStr, cStr, dStr] = parts;
+	const a = Number(aStr);
+	const b = Number(bStr);
+	const c = Number(cStr);
+	const d = Number(dStr);
+	for (const v of [
+		a,
+		b,
+		c,
+		d
+	]) if (!Number.isInteger(v) || v < 0 || v > 255) return false;
+	return a === 0 || a === 127 || a === 10 || a === 172 && b >= 16 && b <= 31 || a === 192 && b === 168 || a === 169 && b === 254;
+}
+function isLocalIPv6(addr) {
+	const h = addr.toLowerCase();
+	if (h === "::1" || h === "::") return true;
+	if (/^fe[89ab]/.test(h)) return true;
+	if (/^f[cd]/.test(h)) return true;
+	const rest = h.match(/^::ffff:(.+)$/)?.[1];
+	if (rest !== void 0) {
+		if (rest.includes(".")) return isLocalIPv4(rest);
+		const segs = rest.split(":");
+		if (segs.length === 2) {
+			const hi = parseInt(segs[0] ?? "", 16);
+			const lo = parseInt(segs[1] ?? "", 16);
+			if (Number.isInteger(hi) && Number.isInteger(lo)) return isLocalIPv4(`${hi >> 8 & 255}.${hi & 255}.${lo >> 8 & 255}.${lo & 255}`);
+		}
+	}
+	return false;
+}
+async function isLocalUrl(url) {
+	let s = url.replace(/\\/g, "/");
+	if (!/^[a-z][a-z0-9+.-]*:\/\//i.test(s)) s = "http://" + s;
+	const hostname = URL.parse(s)?.hostname.toLowerCase();
+	if (hostname === void 0) return false;
+	if (hostname === "localhost" || hostname.endsWith(".localhost")) return true;
+	if (hostname.startsWith("[") && hostname.endsWith("]")) return isLocalIPv6(hostname.slice(1, -1));
+	if (/^\d/.test(hostname)) return isLocalIPv4(hostname);
+	return await isLocalHostname(hostname);
+}
+//#endregion
+//#region ../../src/infrastructure/http/src/dns.ts
+async function isLocalHostname(hostname) {
+	const [v4, v6] = await Promise.all([promises.resolve4(hostname).catch(() => []), promises.resolve6(hostname).catch(() => [])]);
+	return v4.some((ip) => isLocalIPv4(ip)) || v6.some((ip) => isLocalIPv6(ip));
+}
+//#endregion
+//#region ../../src/infrastructure/http/src/redirect.ts
+const DEFAULT_MAX_REDIRECT = 10;
+//#endregion
+//#region ../../src/infrastructure/http/src/size.ts
+const MAX_BYTES = 1024 * 1024;
+async function isValidSize(response) {
+	const body = response.body;
+	if (body === null) return true;
+	const reader = body.getReader();
+	let received = 0;
+	let isOk = true;
+	while (true) {
+		const { done, value } = await reader.read();
+		if (done) break;
+		received += value.byteLength;
+		if (received > 1048576) {
+			await reader.cancel();
+			isOk = false;
+		}
+	}
+	return isOk;
+}
+//#endregion
+//#region ../../src/infrastructure/http/src/timeout.ts
+const DEFAULT_TIMEOUT = 10 * 1e3;
+const DISCORD_TIMEOUT = 30 * 1e3;
+//#endregion
+//#region ../../src/infrastructure/http/src/safefetch.ts
+const DISCORD_DOMAINS = [
+	"discord.com",
+	"discordapp.com",
+	"discord.gg"
+];
+async function safeFetchForDiscord(input, init) {
+	if (await isLocalUrl(input)) return new LocalAddressError(`${input} is local address.`);
+	const hostname = new URL(input).hostname;
+	if (!DISCORD_DOMAINS.includes(hostname)) return new InvalidDomainError(`${hostname} is not discord domain.`);
+	return await fetch(input, {
+		...init,
+		signal: AbortSignal.timeout(DISCORD_TIMEOUT)
+	});
+}
+async function safeFetch(input, init) {
+	let reqUrl = input;
+	let currentInit = init;
+	let redirectCount = 0;
+	let response;
+	while (true) {
+		if (await isLocalUrl(reqUrl)) return new LocalAddressError(`${reqUrl} is local address.`);
+		response = await fetch(reqUrl, {
+			...currentInit,
+			signal: AbortSignal.timeout(DEFAULT_TIMEOUT),
+			redirect: "manual"
+		});
+		if (!await isValidSize(response.clone())) return new BodySizeError("Body size Error");
+		const isRedirect = response.status >= 300 && response.status < 400 && response.status !== 304;
+		const location = response.headers.get("location");
+		if (isRedirect) {
+			if (location === null) return new HeaderError("location is not found.");
+			let url;
+			try {
+				url = new URL(location, reqUrl);
+			} catch {
+				return new HeaderError(`${location} is invalid.`);
+			}
+			if (url.protocol !== "http:" && url.protocol !== "https:") return new HeaderError(`${url.protocol} is not allowed.`);
+			if (new URL(reqUrl).origin !== url.origin) {
+				const headers = new Headers(currentInit?.headers);
+				headers.delete("authorization");
+				headers.delete("cookie");
+				currentInit = {
+					...currentInit,
+					headers
+				};
+			}
+			reqUrl = url.href;
+			redirectCount += 1;
+		} else return response;
+		if (redirectCount > 10) return new RedirectError(`Redirect count is over 10`);
+	}
+}
+//#endregion
+//#region ../../src/infrastructure/http/src/invite.ts
+const DISCORD_INVITE_LINK_START = [
+	"https://discord.com/invite/",
+	"https://ptb.discord.com/invite/",
+	"https://canary.discord.com/invite/"
+];
+async function isUsedCf(res) {
+	try {
+		const response = res.clone();
+		if (response.status !== 403) return false;
+		const { JSDOM } = await import("jsdom");
+		return new JSDOM(await response.text()).window.document.querySelector("title")?.textContent === "Just a moment...";
+	} catch {
+		return false;
+	}
+}
+async function isInviteLink(url) {
+	const response = await safeFetch(url, {
+		method: "GET",
+		headers: { "User-Agent": "Mozilla/5.0" }
+	});
+	if (response instanceof Error) return response;
+	const resUrl = response.url;
+	return {
+		content: DISCORD_INVITE_LINK_START.some((value) => resUrl.startsWith(value)),
+		isUsedCf: await isUsedCf(response)
+	};
+}
+//#endregion
+//#region ../../src/infrastructure/http/src/safeurl.ts
+function safeUrl(strings, ...values) {
+	let result = "";
+	for (const [index, str] of strings.entries()) {
+		result += str;
+		const value = values[index];
+		if (value !== void 0) result += encodeURIComponent(value);
+	}
+	return result;
+}
+//#endregion
 //#region src/index.ts
 const DISTOPIA_VERSION = version;
 //#endregion
-export { DISTOPIA_VERSION, config as oxfmtCfg, config$1 as oxlintCfg };
+export { BodySizeError, DEFAULT_MAX_REDIRECT, DEFAULT_TIMEOUT, DISCORD_DOMAINS, DISCORD_INVITE_LINK_START, DISCORD_TIMEOUT, DISTOPIA_VERSION, HeaderError, InvalidDomainError, LocalAddressError, MAX_BYTES, RedirectError, isInviteLink, isLocalHostname, isLocalIPv4, isLocalIPv6, isLocalUrl, isUsedCf, isValidSize, config as oxfmtCfg, config$1 as oxlintCfg, safeFetch, safeFetchForDiscord, safeUrl };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "distopia",
-  "version": "0.2.1",
+  "version": "0.4.0",
   "description": "Library for Distopia.",
   "keywords": [
     "distopia",
@@ -38,7 +38,9 @@
     "prepublishOnly": "bun run build"
   },
   "dependencies": {
+    "@types/jsdom": "28.0.3",
     "@types/node": "24.13.2",
+    "jsdom": "29.1.1",
     "jsr": "0.14.3",
     "oxfmt": "0.54.0",
     "oxlint": "1.60.0",