eddev 2.2.7 → 2.2.8

package/dist/app/server/server-context.js

@@ -0,0 +1,480 @@
+import { parseURL, stringifyParsedURL, withQuery, withTrailingSlash } from "ufo";
+import { getCookie, getHeader } from "vinxi/http";
+import { fetchWP } from "../../node/utils/fetch-wp.js";
+import { filterHeader } from "./utils/headers.js";
+import { createUrlReplacer } from "./utils/replace-host.js";
+import { pageCache, queryCache, swr } from "./utils/swr-cache.js";
+import { QueryMonitor } from "../utils/query-monitor.js";
+import chalk from "chalk";
+import { inspect } from "node:util";
+const PROXY_RESPONSE_HEADERS = ["content-type", "set-cookie", /^x-/, "cache-control", /woocommerce/, "location"];
+const PROXY_REQUEST_HEADERS = [
+    "content-type",
+    "accept",
+    "accept-encoding",
+    "accept-language",
+    "origin",
+    "referer",
+    "user-agent",
+    "authorization",
+    "woocommerce-session",
+];
+const VARIES_HEADERS = ["Authorization", "woocommerce-session"];
+let runtime;
+export class ServerContext {
+    dev;
+    origin;
+    _urlReplacer;
+    rpcBases = [];
+    config;
+    cacheConfig;
+    static main;
+    constructor(conf) {
+        this.dev = conf.dev;
+        this.origin = conf.origin;
+        this.rpcBases = conf.rpcBases ?? [];
+        this.config = conf.config;
+        this.cacheConfig = conf.cacheConfig;
+        if (conf.replaceUrls) {
+            this._urlReplacer = createUrlReplacer(conf.replaceUrls);
+        }
+        ServerContext.main = this;
+    }
+    replaceUrls(text, origin) {
+        if (this._urlReplacer) {
+            return this._urlReplacer(text, origin);
+        }
+        return text;
+    }
+    get runtime() {
+        return runtime;
+    }
+    static setRuntime(rt) {
+        runtime = rt;
+    }
+    getOriginUrl(url) {
+        const parsed = parseURL(url);
+        const parsedOrigin = parseURL(this.origin);
+        parsed.host = parsedOrigin.host;
+        parsed.protocol = parsedOrigin.protocol;
+        return stringifyParsedURL(parsed);
+    }
+    async fetchOrigin(url, opts) {
+        url = this.getOriginUrl(url);
+        const fetchOps = { ...opts };
+        delete fetchOps.replaceUrls;
+        delete fetchOps.newOrigin;
+        const response = await fetchWP(url, {
+            ...fetchOps,
+        });
+        if (!response.ok) {
+            return response;
+        }
+        const headers = {};
+        response.headers.forEach((value, key) => {
+            if (filterHeader(key, PROXY_RESPONSE_HEADERS)) {
+                headers[key] = value;
+            }
+        });
+        let text = await response.text();
+        if (opts?.replaceUrls) {
+            text = this.replaceUrls(text, opts.newOrigin);
+        }
+        return new Response(text, {
+            status: response.status,
+            statusText: response.statusText,
+            headers,
+        });
+    }
+    debugLogQueryMonitor(kind, uri, monitor) {
+        if (!QueryMonitor.hasLogEntries(monitor))
+            return;
+        let indentLevel = 2;
+        const finalOutput = [];
+        let label = "";
+        if (kind === "props") {
+            label = "While fetching props for route '" + uri + "'";
+        }
+        else if (kind === "query") {
+            label = "While querying " + uri + " via REST API";
+        }
+        else if (kind === "mutation") {
+            label = "While mutating " + uri + " via REST API";
+        }
+        else if (kind === "app") {
+            label = "While fetching app data";
+        }
+        finalOutput.push(chalk.whiteBright("➜ " + label));
+        function printEntry(entry) {
+            finalOutput.push(indent(indentLevel, chalk.whiteBright("➜ " + entry.file) + " " + chalk.gray(entry.label ? `(${entry.label})` : "")));
+            indentLevel += 2;
+            if (entry.log && entry.log.length) {
+                for (let item of entry.log) {
+                    let output = "";
+                    let prefix = "";
+                    let message = item.message;
+                    let stack = [];
+                    if (item.type === "php_error") {
+                        prefix = chalk.red("PHP Error:");
+                    }
+                    else if (item.type === "php_warning") {
+                        prefix = chalk.yellow("PHP Warning:");
+                    }
+                    else if (item.type === "php_notice") {
+                        prefix = chalk.yellow("PHP Notice:");
+                    }
+                    else if (item.type === "GRAPHQL_DEBUG") {
+                        prefix = chalk.cyan("debug:");
+                    }
+                    else if (item.type === "error" && item.extensions?.category === "user") {
+                        prefix = chalk.red("UserError:");
+                    }
+                    else if (item.type === "error") {
+                        prefix = chalk.red("Error:");
+                    }
+                    else if (item.type === "warn") {
+                        prefix = chalk.yellow("Warning:");
+                    }
+                    else {
+                        prefix = chalk.gray((item.type || "Log") + ":");
+                    }
+                    if (Array.isArray(message)) {
+                        message = message
+                            .map((part) => {
+                            if (typeof part !== "string") {
+                                return inspect(part, { depth: 4, colors: true });
+                            }
+                            return part;
+                        })
+                            .join(" ");
+                    }
+                    else if (typeof message !== "string") {
+                        message = inspect(message, { depth: 4, colors: true });
+                    }
+                    if (item.debugMessage) {
+                        message += "\n" + chalk.gray(item.debugMessage);
+                    }
+                    output += prefix + " " + message;
+                    if (item.path) {
+                        stack.push(chalk.gray(" at path " + item.path.join(".")));
+                    }
+                    if (item.file) {
+                        stack.push(chalk.gray(`at ${chalk.white(item.file)} line ${item.line || "??"}`));
+                    }
+                    if (item.trace?.length) {
+                        stack.push(item.trace
+                            .slice(0, 4)
+                            .map((line) => chalk.gray("  - " + line.call + " line " + line.line + " in " + line.file))
+                            .join("\n"));
+                    }
+                    if (stack.length > 0) {
+                        output += indent(2, "\n" + stack.join("\n"));
+                    }
+                    finalOutput.push(indent(indentLevel, "➜ " + output));
+                }
+            }
+            for (let child of entry.children ?? []) {
+                printEntry(child);
+            }
+            indentLevel -= 2;
+        }
+        for (let entry of monitor) {
+            printEntry(entry);
+        }
+        console.log(finalOutput.join("\n"));
+    }
+    async fetchRouteData(req) {
+        /**
+         * Calculcate the cache key.
+         * For route data, the cache key is the pathname.
+         * TODO: Potential support for Vercel draft mode.
+         */
+        let cacheKey = "fetchRouteData:" + withTrailingSlash(req.pathname.toLowerCase());
+        const result = await swr({
+            key: cacheKey,
+            cache: pageCache,
+            forceFresh: this.dev || req.bypass,
+            staleWhileRevalidate: 10000,
+            getFreshValue: async (ctx) => {
+                const fetchUrl = withQuery(withTrailingSlash(req.pathname), {
+                    _props: "1",
+                    _ssr: "1",
+                    _debug: this.dev ? "1" : undefined,
+                });
+                const result = await this.fetchOrigin(fetchUrl, {
+                    cache: "no-cache",
+                    replaceUrls: true,
+                    newOrigin: req.newOrigin,
+                    headers: {
+                        "Content-Type": "application/json",
+                        Accept: "application/json",
+                    },
+                    redirect: "manual",
+                });
+                const preferredCacheDuration = parseInt(result.headers.get("x-ed-cache-duration") ?? "");
+                if (this.cacheConfig.serverless.isr) {
+                    ctx.metadata.ttl = 5000;
+                }
+                else if (isFinite(preferredCacheDuration)) {
+                    ctx.metadata.ttl = preferredCacheDuration * 1000;
+                }
+                let resultStatus = result.status;
+                let resultHeaders = new Headers(result.headers);
+                let resultData = {};
+                // Special case for redirects
+                if (result.headers.has("location")) {
+                    let location = result.headers.get("location");
+                    let status = result.status;
+                    if (this.replaceUrls) {
+                        location = this.replaceUrls(location);
+                    }
+                    return {
+                        status: 200,
+                        headers: new Headers({
+                            "Content-Type": "application/json",
+                        }),
+                        data: JSON.stringify({ redirect: location, status: status }),
+                    };
+                }
+                try {
+                    resultData = await result.json();
+                }
+                catch (err) {
+                    console.error(`Invalid JSON response from '${fetchUrl}'. An error page will be displayed.`);
+                    ctx.metadata.ttl = 0;
+                    return {
+                        status: 500,
+                        headers: resultHeaders,
+                        data: JSON.stringify({
+                            view: "_error",
+                            viewData: {
+                                data: {
+                                    statusCode: 500,
+                                    title: "Internal Server Error",
+                                    userMessage: "An internal server error occurred.",
+                                    report: {
+                                        details: "A JSON parsing error occurred while fetching route data.",
+                                        message: err.message,
+                                    },
+                                },
+                            },
+                        }),
+                    };
+                }
+                if (resultData && typeof resultData === "object") {
+                    resultData.__generated = new Date().toISOString();
+                }
+                if (resultData.queryMonitor) {
+                    this.debugLogQueryMonitor("props", req.pathname, resultData.queryMonitor);
+                }
+                // if (isFinite(preferredCacheDuration)) {
+                //   const maxAge = isFinite(preferredCacheDuration) ? preferredCacheDuration * 1000 : undefined
+                //   resultHeaders.set("Cache-Control", `max-age=0, s-maxage=${maxAge}, stale-while-revalidate`)
+                // }
+                resultHeaders.set("X-Ed-Fetched-At", new Date().toUTCString());
+                return {
+                    status: resultStatus,
+                    headers: resultHeaders,
+                    data: JSON.stringify(resultData),
+                };
+            },
+        });
+        if (this.cacheConfig.serverless.isr) {
+            result.headers.delete("cache-control");
+        }
+        return new Response(result.data, {
+            status: result.status,
+            headers: result.headers,
+        });
+    }
+    async fetchAppData(args) {
+        const data = await swr({
+            key: "fetchAppData",
+            cache: pageCache,
+            forceFresh: this.dev || args.bypass,
+            staleWhileRevalidate: 10000,
+            getFreshValue: async (ctx) => {
+                const response = await this.fetchOrigin("/_appdata", {
+                    cache: "no-cache",
+                    replaceUrls: true,
+                    newOrigin: args.newOrigin,
+                    headers: {
+                        "Content-Type": "application/json",
+                        Accept: "application/json",
+                    },
+                });
+                const result = await response.json();
+                const preferredCacheDuration = parseInt(response.headers.get("x-ed-cache-duration") ?? "");
+                if (isFinite(preferredCacheDuration)) {
+                    ctx.metadata.ttl = preferredCacheDuration * 1000;
+                }
+                // In ISR mode, set a super short TTL to avoid caching, but preventing constant revalidation
+                if (this.cacheConfig.serverless.isr) {
+                    ctx.metadata.ttl = 5000;
+                }
+                if (result.queryMonitor) {
+                    this.debugLogQueryMonitor("app", "", result.queryMonitor);
+                }
+                result.__generated = new Date().toISOString();
+                return result;
+            },
+        });
+        return data;
+    }
+    extractRequestHeaders(req) {
+        const headers = {};
+        if (req) {
+            for (let key of PROXY_REQUEST_HEADERS) {
+                if (req[key]) {
+                    headers[key] = req[key];
+                }
+            }
+        }
+        return headers;
+    }
+    async fetchNamedQuery(req) {
+        const url = `/wp-json/ed/v1/query/${req.name.replace(/^\//, "")}?params=${encodeURIComponent(JSON.stringify(req.params))}`;
+        const key = `fetchNamedQuery:${req.name}:${JSON.stringify(req.params)}`;
+        const fetch = async () => {
+            const result = await this.fetchOrigin(url, {
+                cache: "no-cache",
+                replaceUrls: true,
+                headers: {
+                    ...this.extractRequestHeaders(req.headers),
+                    "Content-Type": "application/json",
+                    Accept: "application/json",
+                },
+            });
+            const preferredCacheDuration = parseInt(result.headers.get("x-ed-cache-duration") ?? "");
+            let resultStatus = result.status;
+            let resultHeaders = result.headers;
+            let resultData = await result.json();
+            if (resultData && typeof resultData === "object") {
+                resultData.__generated = new Date().toISOString();
+            }
+            resultHeaders.set("X-Ed-Rendered-At", new Date().toUTCString());
+            if (resultData.queryMonitor) {
+                this.debugLogQueryMonitor("query", req.name, resultData.queryMonitor);
+            }
+            return {
+                status: resultStatus,
+                headers: resultHeaders,
+                data: JSON.stringify(resultData),
+                cacheTime: isFinite(preferredCacheDuration) ? preferredCacheDuration * 1000 : undefined,
+            };
+        };
+        // If headers like 'Authorization' are set, then we shouldn't cache.
+        const hasVariedHeaders = VARIES_HEADERS.some((key) => !!req.headers[key]);
+        // Get the result, either from cache or by fetching.
+        const result = hasVariedHeaders
+            ? await fetch()
+            : await swr({
+                key,
+                cache: queryCache,
+                forceFresh: this.dev || req.bypass,
+                staleWhileRevalidate: 10000,
+                getFreshValue: async (ctx) => {
+                    const result = await fetch();
+                    ctx.metadata.ttl = result.cacheTime;
+                    if (this.cacheConfig.serverless.isr) {
+                        ctx.metadata.ttl = 5000;
+                    }
+                    return result;
+                },
+            });
+        if (this.cacheConfig.serverless.isr) {
+            result.headers.delete("cache-control");
+        }
+        return new Response(result.data, {
+            status: result.status,
+            headers: result.headers,
+        });
+    }
+    async fetchMutation(req) {
+        const url = `/wp-json/ed/v1/mutation/${req.name.replace(/^\//, "")}`;
+        const response = await this.fetchOrigin(url, {
+            method: "POST",
+            cache: "no-cache",
+            replaceUrls: true,
+            headers: {
+                ...this.extractRequestHeaders(req.headers),
+                "Content-Type": "application/json",
+                Accept: "application/json",
+            },
+            body: JSON.stringify(req.body),
+        });
+        return new Response(response.body, {
+            status: response.status,
+            statusText: response.statusText,
+            headers: new Headers({
+                "Content-Type": "application/json",
+                // Do not cache mutation responses
+                "Cache-Control": "max-age=0, max-s-age=0",
+                "X-Ed-Rendered-At": new Date().toUTCString(),
+            }),
+        });
+    }
+    get allowedCorsOrigins() {
+        let result = [];
+        if (this.config.serverless.endpoints) {
+            result.push(...Object.keys(this.config.serverless.endpoints));
+            result.push(...Object.values(this.config.serverless.endpoints));
+            result = result.filter((origin) => origin !== "*");
+        }
+        if (this.config.serverless.cors?.origins) {
+            result.push(...this.config.serverless.cors.origins.map((origin) => origin.replace(/(https?:\/\/|\/$)/, "")));
+        }
+        return result;
+    }
+    shouldBypass(event) {
+        const bypassToken = process.env.VERCEL_BYPASS_TOKEN;
+        if (!bypassToken)
+            return false;
+        const cookieName = "__prerender_bypass";
+        if (getCookie(event, cookieName) === bypassToken) {
+            return true;
+        }
+        if (getHeader(event, "x-prerender-revalidate") === bypassToken) {
+            return true;
+        }
+        return false;
+    }
+    getCorsOrigin(originHeader) {
+        const parsed = parseURL(originHeader);
+        if (this.allowedCorsOrigins.includes(parsed.host)) {
+            return originHeader;
+        }
+        if (this.allowedCorsOrigins.includes("*")) {
+            return "*";
+        }
+    }
+    getCorsHeaders(origin) {
+        if (!origin)
+            return {};
+        const allowedOrigin = this.getCorsOrigin(origin);
+        if (allowedOrigin) {
+            return {
+                "Access-Control-Allow-Methods": "OPTIONS,GET,HEAD,PUT,PATCH,POST,DELETE",
+                "Access-Control-Allow-Origin": allowedOrigin,
+                "Access-Control-Allow-Credentials": "true",
+                "Access-Control-Allow-Headers": "*",
+                "Access-Control-Expose-Headers": "*",
+            };
+        }
+        return {};
+    }
+}
+function indent(count, str) {
+    const indent = " ".repeat(count);
+    return str
+        .split("\n")
+        .map((line) => indent + line)
+        .join("\n");
+}
+function indentAllButFirst(count, str) {
+    const indent = " ".repeat(count);
+    return str
+        .split("\n")
+        .map((line, i) => (i === 0 ? line : indent + line))
+        .join("\n");
+}

package/dist/app/server/server-custom-config.d.ts

@@ -0,0 +1,3 @@
+export type ServerConfig = {};
+export declare function defineServerConfig(): void;
+//# sourceMappingURL=server-custom-config.d.ts.map

package/dist/app/server/server-custom-config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"server-custom-config.d.ts","sourceRoot":"","sources":["../../../src/app/server/server-custom-config.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,YAAY,GAAG,EAAE,CAAA;AAE7B,wBAAgB,kBAAkB,SAAK"}

package/dist/app/server/server-custom-config.js

@@ -0,0 +1 @@
+export function defineServerConfig() { }

package/dist/app/server/utils/content-security.d.ts

@@ -0,0 +1,26 @@
+import type { EDConfig } from "../../../node/project/config";
+import { RouteMetaTag, TrackerTags } from "../../lib/routing";
+declare const CSP_KEYS: readonly ["childSrc", "connectSrc", "defaultSrc", "fencedFrameSrc", "fontSrc", "frameSrc", "imgSrc", "manifestSrc", "mediaSrc", "objectSrc", "scriptSrc", "scriptSrcElem", "scriptSrcAttr", "styleSrc", "styleSrcElem", "styleSrcAttr", "workerSrc", "baseUri", "formAction", "frameAncestors", "reportTo", "requireTrustedTypesFor", "trustedTypes", "upgradeInsecureRequests"];
+export type CSPKey = (typeof CSP_KEYS)[number];
+export type CSPParams = Record<CSPKey, Set<string>>;
+export type ContentSecurityPolicyRequestContext = {
+    url: string;
+    type: "page";
+    tags: RouteMetaTag[];
+};
+export declare class SecureHeaderBuilder {
+    protected csp: CSPParams;
+    protected headers: Headers;
+    private cspEnabled;
+    private autodetectCspOrigins;
+    private useNonce;
+    private commonCspOrigins;
+    readonly nonce: string | undefined;
+    constructor(config: EDConfig);
+    addTrackingTags(tags: TrackerTags): TrackerTags;
+    addMetaTags(tags: RouteMetaTag[]): RouteMetaTag[];
+    getHeaders(): Headers;
+    getCSPHeaderValue(): string | undefined;
+}
+export {};
+//# sourceMappingURL=content-security.d.ts.map

package/dist/app/server/utils/content-security.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"content-security.d.ts","sourceRoot":"","sources":["../../../../src/app/server/utils/content-security.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAA;AAC5D,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAG7D,QAAA,MAAM,QAAQ,kXAyBJ,CAAA;AAEV,MAAM,MAAM,MAAM,GAAG,CAAC,OAAO,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAA;AAE9C,MAAM,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAA;AAEnD,MAAM,MAAM,mCAAmC,GAAG;IAChD,GAAG,EAAE,MAAM,CAAA;IACX,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,YAAY,EAAE,CAAA;CACrB,CAAA;AAED,qBAAa,mBAAmB;IAC9B,SAAS,CAAC,GAAG,EAAE,SAAS,CAAA;IACxB,SAAS,CAAC,OAAO,EAAE,OAAO,CAAgB;IAE1C,OAAO,CAAC,UAAU,CAAQ;IAC1B,OAAO,CAAC,oBAAoB,CAAO;IACnC,OAAO,CAAC,QAAQ,CAAQ;IACxB,OAAO,CAAC,gBAAgB,CAAe;IAEvC,QAAQ,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,CAAA;gBAEtB,MAAM,EAAE,QAAQ;IAgC5B,eAAe,CAAC,IAAI,EAAE,WAAW,GAAG,WAAW;IAkB/C,WAAW,CAAC,IAAI,EAAE,YAAY,EAAE;IAkBhC,UAAU,IAAI,OAAO;IAWrB,iBAAiB,IAAI,MAAM,GAAG,SAAS;CAexC"}

package/dist/app/server/utils/content-security.js

@@ -0,0 +1,124 @@
+import buildCsp from "content-security-policy-builder";
+const CSP_KEYS = [
+    "childSrc",
+    "connectSrc",
+    "defaultSrc",
+    "fencedFrameSrc",
+    "fontSrc",
+    "frameSrc",
+    "imgSrc",
+    "manifestSrc",
+    "mediaSrc",
+    "objectSrc",
+    "scriptSrc",
+    "scriptSrcElem",
+    "scriptSrcAttr",
+    "styleSrc",
+    "styleSrcElem",
+    "styleSrcAttr",
+    "workerSrc",
+    "baseUri",
+    "formAction",
+    "frameAncestors",
+    "reportTo",
+    "requireTrustedTypesFor",
+    "trustedTypes",
+    "upgradeInsecureRequests",
+];
+export class SecureHeaderBuilder {
+    csp;
+    headers = new Headers();
+    cspEnabled = false;
+    autodetectCspOrigins = true;
+    useNonce = false;
+    commonCspOrigins = [];
+    nonce;
+    constructor(config) {
+        this.cspEnabled = config.serverless.csp.enabled;
+        this.autodetectCspOrigins = config.serverless.csp.autoDetect;
+        this.useNonce = config.serverless.csp.nonce;
+        this.commonCspOrigins = config.serverless.csp.commonOrigins ?? [];
+        if (this.useNonce) {
+            this.nonce = crypto.randomUUID();
+        }
+        // Default CSP header parameters
+        this.csp = {};
+        for (let key of CSP_KEYS) {
+            const defaults = [];
+            if (key.match(/Src$/i)) {
+                defaults.push("'self'");
+                if (this.commonCspOrigins.length) {
+                    defaults.push(...this.commonCspOrigins);
+                }
+                if (config.serverless.csp.values) {
+                    const value = config.serverless.csp.values[key];
+                    if (value) {
+                        defaults.push(...value);
+                    }
+                }
+                if (this.useNonce && !defaults.includes("'unsafe-inline'")) {
+                    defaults.push(`'nonce-${this.nonce}'`);
+                }
+            }
+            this.csp[key] = new Set(defaults);
+        }
+    }
+    addTrackingTags(tags) {
+        if (!this.autodetectCspOrigins || !this.cspEnabled)
+            return tags;
+        const handle = (value) => {
+            if (value) {
+                return value.replaceAll(/<(script|style)/g, (tag) => {
+                    return tag + ` nonce="${this.nonce}"`;
+                });
+            }
+        };
+        return {
+            head: handle(tags.head),
+            body: handle(tags.body),
+            footer: handle(tags.footer),
+        };
+    }
+    addMetaTags(tags) {
+        if (!this.autodetectCspOrigins || !this.cspEnabled)
+            return tags;
+        return tags.map((tag) => {
+            if (this.nonce) {
+                if (tag.tagName === "script" || tag.tagName === "style") {
+                    return {
+                        ...tag,
+                        attributes: {
+                            ...tag.attributes,
+                            nonce: this.nonce,
+                        },
+                    };
+                }
+            }
+            return tag;
+        });
+    }
+    getHeaders() {
+        const result = new Headers(this.headers);
+        const cspHeaderValue = this.getCSPHeaderValue();
+        if (cspHeaderValue) {
+            result.set("Content-Security-Policy", cspHeaderValue);
+        }
+        return result;
+    }
+    getCSPHeaderValue() {
+        if (!this.cspEnabled)
+            return undefined;
+        const directives = [];
+        for (let key of CSP_KEYS) {
+            if (this.csp[key].size > 0) {
+                directives.push([key, Array.from(this.csp[key])]);
+            }
+        }
+        if (directives.length) {
+            return buildCsp({
+                directives: Object.fromEntries(directives),
+            });
+        }
+        return undefined;
+    }
+}

package/dist/app/server/utils/headers.d.ts

@@ -0,0 +1,6 @@
+export declare function filterHeader(key: string, allowed: (string | RegExp)[]): boolean;
+export declare const BRANDED_HEADERS: {
+    "X-Powered-By": string;
+};
+export declare function extractHeaders(rawHeaders: Headers): Record<string, string>;
+//# sourceMappingURL=headers.d.ts.map

package/dist/app/server/utils/headers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"headers.d.ts","sourceRoot":"","sources":["../../../../src/app/server/utils/headers.ts"],"names":[],"mappings":"AAAA,wBAAgB,YAAY,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,MAAM,GAAG,MAAM,CAAC,EAAE,WAOrE;AAED,eAAO,MAAM,eAAe;;CAE3B,CAAA;AAYD,wBAAgB,cAAc,CAAC,UAAU,EAAE,OAAO,0BAOjD"}

package/dist/app/server/utils/headers.js

@@ -0,0 +1,28 @@
+export function filterHeader(key, allowed) {
+    return allowed.some((allowedKey) => {
+        if (allowedKey instanceof RegExp) {
+            return allowedKey.test(key);
+        }
+        return allowedKey === key;
+    });
+}
+export const BRANDED_HEADERS = {
+    "X-Powered-By": "ed.studio",
+};
+const IGNORE_REQUEST_HEADERS = [
+    "host",
+    "connection",
+    "accept-encoding",
+    "accept-language",
+    "origin",
+    "referer",
+    "user-agent",
+];
+export function extractHeaders(rawHeaders) {
+    const headers = {};
+    rawHeaders.forEach((value, key) => {
+        headers[key] = value;
+    });
+    IGNORE_REQUEST_HEADERS.forEach((key) => delete headers[key]);
+    return headers;
+}