h3 1.6.4 → 1.6.6

package/dist/index.cjs

@@ -8,6 +8,11 @@ const crypto = require('uncrypto');
 const ironWebcrypto = require('iron-webcrypto');
 const defu = require('defu');
 
+function _interopDefaultCompat (e) { return e && typeof e === 'object' && 'default' in e ? e.default : e; }
+
+const destr__default = /*#__PURE__*/_interopDefaultCompat(destr);
+const crypto__default = /*#__PURE__*/_interopDefaultCompat(crypto);
+
 function useBase(base, handler) {
   base = ufo.withoutTrailingSlash(base);
   if (!base) {
@@ -252,23 +257,31 @@ function getRequestHeader(event, name) {
   return value;
 }
 const getHeader = getRequestHeader;
-function getRequestHost(event) {
-  const xForwardedHost = event.node.req.headers["x-forwarded-host"];
-  if (xForwardedHost) {
-    return xForwardedHost;
+function getRequestHost(event, opts = {}) {
+  if (opts.xForwardedHost) {
+    const xForwardedHost = event.node.req.headers["x-forwarded-host"];
+    if (xForwardedHost) {
+      return xForwardedHost;
+    }
   }
   return event.node.req.headers.host || "localhost";
 }
-function getRequestProtocol(event) {
-  if (event.node.req.headers["x-forwarded-proto"] === "https") {
+function getRequestProtocol(event, opts = {}) {
+  if (opts.xForwardedProto !== false && event.node.req.headers["x-forwarded-proto"] === "https") {
     return "https";
   }
   return event.node.req.connection.encrypted ? "https" : "http";
 }
-function getRequestURL(event) {
-  const host = getRequestHost(event);
+const DOUBLE_SLASH_RE = /[/\\]{2,}/g;
+function getRequestPath(event) {
+  const path = (event.node.req.url || "/").replace(DOUBLE_SLASH_RE, "/");
+  return path;
+}
+function getRequestURL(event, opts = {}) {
+  const host = getRequestHost(event, opts);
   const protocol = getRequestProtocol(event);
-  return new URL(event.path || "/", `${protocol}://${host}`);
+  const path = getRequestPath(event);
+  return new URL(path, `${protocol}://${host}`);
 }
 
 const RawBodySymbol = Symbol.for("h3RawBody");
@@ -278,8 +291,8 @@ function readRawBody(event, encoding = "utf8") {
   assertMethod(event, PayloadMethods$1);
   const _rawBody = event.node.req[RawBodySymbol] || event.node.req.body;
   if (_rawBody) {
-    const promise2 = Promise.resolve(
-      Buffer.isBuffer(_rawBody) ? _rawBody : Buffer.from(_rawBody)
+    const promise2 = Promise.resolve(_rawBody).then(
+      (_resolved) => Buffer.isBuffer(_resolved) ? _resolved : Buffer.from(_resolved)
     );
     return encoding ? promise2.then((buff) => buff.toString(encoding)) : promise2;
   }
@@ -321,7 +334,7 @@ async function readBody(event) {
     }
     return parsedForm;
   }
-  const json = destr(body);
+  const json = destr__default(body);
   event.node.req[ParsedBodySymbol] = json;
   return json;
 }
@@ -805,7 +818,7 @@ async function getSession(event, config) {
     Object.assign(session, unsealed);
   }
   if (!session.id) {
-    session.id = (config.crypto || crypto).randomUUID();
+    session.id = (config.crypto || crypto__default).randomUUID();
     session.createdAt = Date.now();
     await updateSession(event, config);
   }
@@ -833,7 +846,7 @@ async function updateSession(event, config, update) {
 async function sealSession(event, config) {
   const sessionName = config.name || DEFAULT_NAME;
   const session = event.context.sessions?.[sessionName] || await getSession(event, config);
-  const sealed = await ironWebcrypto.seal(config.crypto || crypto, session, config.password, {
+  const sealed = await ironWebcrypto.seal(config.crypto || crypto__default, session, config.password, {
     ...ironWebcrypto.defaults,
     ttl: config.maxAge ? config.maxAge * 1e3 : 0,
     ...config.seal
@@ -842,7 +855,7 @@ async function sealSession(event, config) {
 }
 async function unsealSession(_event, config, sealed) {
   const unsealed = await ironWebcrypto.unseal(
-    config.crypto || crypto,
+    config.crypto || crypto__default,
     sealed,
     config.password,
     {
@@ -1080,7 +1093,7 @@ class H3Event {
     this.node = { req, res };
   }
   get path() {
-    return this.req.url;
+    return getRequestPath(this);
   }
   /** @deprecated Please use `event.node.req` instead. **/
   get req() {
@@ -1474,6 +1487,7 @@ exports.getQuery = getQuery;
 exports.getRequestHeader = getRequestHeader;
 exports.getRequestHeaders = getRequestHeaders;
 exports.getRequestHost = getRequestHost;
+exports.getRequestPath = getRequestPath;
 exports.getRequestProtocol = getRequestProtocol;
 exports.getRequestURL = getRequestURL;
 exports.getResponseHeader = getResponseHeader;

package/dist/index.d.ts

@@ -108,7 +108,7 @@ declare class H3Event implements Pick<FetchEvent, "respondWith"> {
     node: NodeEventContext;
     context: H3EventContext;
     constructor(req: IncomingMessage, res: ServerResponse);
-    get path(): string | undefined;
+    get path(): string;
     /** @deprecated Please use `event.node.req` instead. **/
     get req(): IncomingMessage;
     /** @deprecated Please use `event.node.res` instead. **/
@@ -333,9 +333,17 @@ declare function getRequestHeaders(event: H3Event): RequestHeaders;
 declare const getHeaders: typeof getRequestHeaders;
 declare function getRequestHeader(event: H3Event, name: string): RequestHeaders[string];
 declare const getHeader: typeof getRequestHeader;
-declare function getRequestHost(event: H3Event): string;
-declare function getRequestProtocol(event: H3Event): "https" | "http";
-declare function getRequestURL(event: H3Event): URL;
+declare function getRequestHost(event: H3Event, opts?: {
+    xForwardedHost?: boolean;
+}): string;
+declare function getRequestProtocol(event: H3Event, opts?: {
+    xForwardedProto?: boolean;
+}): "https" | "http";
+declare function getRequestPath(event: H3Event): string;
+declare function getRequestURL(event: H3Event, opts?: {
+    xForwardedHost?: boolean;
+    xForwardedProto?: boolean;
+}): URL;
 
 declare function send(event: H3Event, data?: any, type?: string): Promise<void>;
 /**
@@ -402,4 +410,4 @@ interface CreateRouterOptions {
 }
 declare function createRouter(opts?: CreateRouterOptions): Router;
 
-export { AddRouteShortcuts, App, AppOptions, AppUse, CacheConditions, CreateRouterOptions, DynamicEventHandler, Encoding, EventHandler, EventHandlerResponse, H3CorsOptions, H3Error, H3Event, H3EventContext, H3Headers, H3Response, HTTPMethod, InputLayer, InputStack, Layer, LazyEventHandler, MIMES, Matcher, MultiPartData, NodeEventContext, NodeListener, NodeMiddleware, NodePromisifiedHandler, ProxyOptions, RequestHeaders, Router, RouterMethod, RouterUse, Session, SessionConfig, SessionData, Stack, appendCorsHeaders, appendCorsPreflightHeaders, appendHeader, appendHeaders, appendResponseHeader, appendResponseHeaders, assertMethod, callNodeListener, clearSession, createApp, createAppEventHandler, createError, createEvent, createRouter, defaultContentType, defineEventHandler, defineLazyEventHandler, defineNodeListener, defineNodeMiddleware, deleteCookie, dynamicEventHandler, eventHandler, fetchWithEvent, fromNodeMiddleware, getCookie, getHeader, getHeaders, getMethod, getProxyRequestHeaders, getQuery, getRequestHeader, getRequestHeaders, getRequestHost, getRequestProtocol, getRequestURL, getResponseHeader, getResponseHeaders, getResponseStatus, getResponseStatusText, getRouterParam, getRouterParams, getSession, handleCacheHeaders, handleCors, isCorsOriginAllowed, isError, isEvent, isEventHandler, isMethod, isPreflightRequest, isStream, lazyEventHandler, parseCookies, promisifyNodeListener, proxyRequest, readBody, readMultipartFormData, readRawBody, sanitizeStatusCode, sanitizeStatusMessage, sealSession, send, sendError, sendNoContent, sendProxy, sendRedirect, sendStream, setCookie, setHeader, setHeaders, setResponseHeader, setResponseHeaders, setResponseStatus, splitCookiesString, toEventHandler, toNodeListener, unsealSession, updateSession, use, useBase, useSession, writeEarlyHints };
+export { AddRouteShortcuts, App, AppOptions, AppUse, CacheConditions, CreateRouterOptions, DynamicEventHandler, Encoding, EventHandler, EventHandlerResponse, H3CorsOptions, H3Error, H3Event, H3EventContext, H3Headers, H3Response, HTTPMethod, InputLayer, InputStack, Layer, LazyEventHandler, MIMES, Matcher, MultiPartData, NodeEventContext, NodeListener, NodeMiddleware, NodePromisifiedHandler, ProxyOptions, RequestHeaders, Router, RouterMethod, RouterUse, Session, SessionConfig, SessionData, Stack, appendCorsHeaders, appendCorsPreflightHeaders, appendHeader, appendHeaders, appendResponseHeader, appendResponseHeaders, assertMethod, callNodeListener, clearSession, createApp, createAppEventHandler, createError, createEvent, createRouter, defaultContentType, defineEventHandler, defineLazyEventHandler, defineNodeListener, defineNodeMiddleware, deleteCookie, dynamicEventHandler, eventHandler, fetchWithEvent, fromNodeMiddleware, getCookie, getHeader, getHeaders, getMethod, getProxyRequestHeaders, getQuery, getRequestHeader, getRequestHeaders, getRequestHost, getRequestPath, getRequestProtocol, getRequestURL, getResponseHeader, getResponseHeaders, getResponseStatus, getResponseStatusText, getRouterParam, getRouterParams, getSession, handleCacheHeaders, handleCors, isCorsOriginAllowed, isError, isEvent, isEventHandler, isMethod, isPreflightRequest, isStream, lazyEventHandler, parseCookies, promisifyNodeListener, proxyRequest, readBody, readMultipartFormData, readRawBody, sanitizeStatusCode, sanitizeStatusMessage, sealSession, send, sendError, sendNoContent, sendProxy, sendRedirect, sendStream, setCookie, setHeader, setHeaders, setResponseHeader, setResponseHeaders, setResponseStatus, splitCookiesString, toEventHandler, toNodeListener, unsealSession, updateSession, use, useBase, useSession, writeEarlyHints };

package/dist/index.mjs

@@ -250,23 +250,31 @@ function getRequestHeader(event, name) {
   return value;
 }
 const getHeader = getRequestHeader;
-function getRequestHost(event) {
-  const xForwardedHost = event.node.req.headers["x-forwarded-host"];
-  if (xForwardedHost) {
-    return xForwardedHost;
+function getRequestHost(event, opts = {}) {
+  if (opts.xForwardedHost) {
+    const xForwardedHost = event.node.req.headers["x-forwarded-host"];
+    if (xForwardedHost) {
+      return xForwardedHost;
+    }
   }
   return event.node.req.headers.host || "localhost";
 }
-function getRequestProtocol(event) {
-  if (event.node.req.headers["x-forwarded-proto"] === "https") {
+function getRequestProtocol(event, opts = {}) {
+  if (opts.xForwardedProto !== false && event.node.req.headers["x-forwarded-proto"] === "https") {
     return "https";
   }
   return event.node.req.connection.encrypted ? "https" : "http";
 }
-function getRequestURL(event) {
-  const host = getRequestHost(event);
+const DOUBLE_SLASH_RE = /[/\\]{2,}/g;
+function getRequestPath(event) {
+  const path = (event.node.req.url || "/").replace(DOUBLE_SLASH_RE, "/");
+  return path;
+}
+function getRequestURL(event, opts = {}) {
+  const host = getRequestHost(event, opts);
   const protocol = getRequestProtocol(event);
-  return new URL(event.path || "/", `${protocol}://${host}`);
+  const path = getRequestPath(event);
+  return new URL(path, `${protocol}://${host}`);
 }
 
 const RawBodySymbol = Symbol.for("h3RawBody");
@@ -276,8 +284,8 @@ function readRawBody(event, encoding = "utf8") {
   assertMethod(event, PayloadMethods$1);
   const _rawBody = event.node.req[RawBodySymbol] || event.node.req.body;
   if (_rawBody) {
-    const promise2 = Promise.resolve(
-      Buffer.isBuffer(_rawBody) ? _rawBody : Buffer.from(_rawBody)
+    const promise2 = Promise.resolve(_rawBody).then(
+      (_resolved) => Buffer.isBuffer(_resolved) ? _resolved : Buffer.from(_resolved)
     );
     return encoding ? promise2.then((buff) => buff.toString(encoding)) : promise2;
   }
@@ -1078,7 +1086,7 @@ class H3Event {
     this.node = { req, res };
   }
   get path() {
-    return this.req.url;
+    return getRequestPath(this);
   }
   /** @deprecated Please use `event.node.req` instead. **/
   get req() {
@@ -1434,4 +1442,4 @@ function createRouter(opts = {}) {
   return router;
 }
 
-export { H3Error, H3Event, H3Headers, H3Response, MIMES, appendCorsHeaders, appendCorsPreflightHeaders, appendHeader, appendHeaders, appendResponseHeader, appendResponseHeaders, assertMethod, callNodeListener, clearSession, createApp, createAppEventHandler, createError, createEvent, createRouter, defaultContentType, defineEventHandler, defineLazyEventHandler, defineNodeListener, defineNodeMiddleware, deleteCookie, dynamicEventHandler, eventHandler, fetchWithEvent, fromNodeMiddleware, getCookie, getHeader, getHeaders, getMethod, getProxyRequestHeaders, getQuery, getRequestHeader, getRequestHeaders, getRequestHost, getRequestProtocol, getRequestURL, getResponseHeader, getResponseHeaders, getResponseStatus, getResponseStatusText, getRouterParam, getRouterParams, getSession, handleCacheHeaders, handleCors, isCorsOriginAllowed, isError, isEvent, isEventHandler, isMethod, isPreflightRequest, isStream, lazyEventHandler, parseCookies, promisifyNodeListener, proxyRequest, readBody, readMultipartFormData, readRawBody, sanitizeStatusCode, sanitizeStatusMessage, sealSession, send, sendError, sendNoContent, sendProxy, sendRedirect, sendStream, setCookie, setHeader, setHeaders, setResponseHeader, setResponseHeaders, setResponseStatus, splitCookiesString, toEventHandler, toNodeListener, unsealSession, updateSession, use, useBase, useSession, writeEarlyHints };
+export { H3Error, H3Event, H3Headers, H3Response, MIMES, appendCorsHeaders, appendCorsPreflightHeaders, appendHeader, appendHeaders, appendResponseHeader, appendResponseHeaders, assertMethod, callNodeListener, clearSession, createApp, createAppEventHandler, createError, createEvent, createRouter, defaultContentType, defineEventHandler, defineLazyEventHandler, defineNodeListener, defineNodeMiddleware, deleteCookie, dynamicEventHandler, eventHandler, fetchWithEvent, fromNodeMiddleware, getCookie, getHeader, getHeaders, getMethod, getProxyRequestHeaders, getQuery, getRequestHeader, getRequestHeaders, getRequestHost, getRequestPath, getRequestProtocol, getRequestURL, getResponseHeader, getResponseHeaders, getResponseStatus, getResponseStatusText, getRouterParam, getRouterParams, getSession, handleCacheHeaders, handleCors, isCorsOriginAllowed, isError, isEvent, isEventHandler, isMethod, isPreflightRequest, isStream, lazyEventHandler, parseCookies, promisifyNodeListener, proxyRequest, readBody, readMultipartFormData, readRawBody, sanitizeStatusCode, sanitizeStatusMessage, sealSession, send, sendError, sendNoContent, sendProxy, sendRedirect, sendStream, setCookie, setHeader, setHeaders, setResponseHeader, setResponseHeaders, setResponseStatus, splitCookiesString, toEventHandler, toNodeListener, unsealSession, updateSession, use, useBase, useSession, writeEarlyHints };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "h3",
-  "version": "1.6.4",
+  "version": "1.6.6",
   "description": "Tiny JavaScript Server",
   "repository": "unjs/h3",
   "license": "MIT",
@@ -19,46 +19,46 @@
   "files": [
     "dist"
   ],
+  "scripts": {
+    "build": "unbuild",
+    "dev": "vitest",
+    "lint": "eslint --cache --ext .ts,.js,.mjs,.cjs . && prettier -c src test playground",
+    "lint:fix": "eslint --cache --ext .ts,.js,.mjs,.cjs . --fix && prettier -c src test playground -w",
+    "play": "jiti ./playground/index.ts",
+    "profile": "0x -o -D .profile -P 'autocannon -c 100 -p 10 -d 40 http://localhost:$PORT' ./playground/server.cjs",
+    "release": "pnpm test && pnpm build && changelogen --release && pnpm publish && git push --follow-tags",
+    "test": "pnpm lint && vitest run --coverage"
+  },
   "dependencies": {
-    "cookie-es": "^0.5.0",
+    "cookie-es": "^1.0.0",
     "defu": "^6.1.2",
     "destr": "^1.2.2",
-    "iron-webcrypto": "^0.6.0",
+    "iron-webcrypto": "^0.7.0",
     "radix3": "^1.0.1",
-    "ufo": "^1.1.1",
+    "ufo": "^1.1.2",
     "uncrypto": "^0.1.2"
   },
   "devDependencies": {
     "0x": "^5.5.0",
     "@types/express": "^4.17.17",
-    "@types/node": "^18.15.10",
+    "@types/node": "^20.1.4",
     "@types/supertest": "^2.0.12",
-    "@vitest/coverage-c8": "^0.29.7",
-    "autocannon": "^7.10.0",
-    "changelogen": "^0.5.1",
+    "@vitest/coverage-c8": "^0.31.0",
+    "autocannon": "^7.11.0",
+    "changelogen": "^0.5.3",
     "connect": "^3.7.0",
-    "eslint": "^8.36.0",
+    "eslint": "^8.40.0",
     "eslint-config-unjs": "^0.1.0",
     "express": "^4.18.2",
     "get-port": "^6.1.2",
     "jiti": "^1.18.2",
     "listhen": "^1.0.4",
-    "node-fetch-native": "^1.0.2",
-    "prettier": "^2.8.7",
+    "node-fetch-native": "^1.1.1",
+    "prettier": "^2.8.8",
     "supertest": "^6.3.3",
-    "typescript": "^5.0.2",
-    "unbuild": "^1.1.2",
-    "vitest": "^0.29.7"
+    "typescript": "^5.0.4",
+    "unbuild": "^1.2.1",
+    "vitest": "^0.31.0"
   },
-  "packageManager": "pnpm@8.0.0",
-  "scripts": {
-    "build": "unbuild",
-    "dev": "vitest",
-    "lint": "eslint --cache --ext .ts,.js,.mjs,.cjs . && prettier -c src test playground",
-    "lint:fix": "eslint --cache --ext .ts,.js,.mjs,.cjs . --fix && prettier -c src test playground -w",
-    "play": "jiti ./playground/index.ts",
-    "profile": "0x -o -D .profile -P 'autocannon -c 100 -p 10 -d 40 http://localhost:$PORT' ./playground/server.cjs",
-    "release": "pnpm test && pnpm build && changelogen --release && pnpm publish && git push --follow-tags",
-    "test": "pnpm lint && vitest run --coverage"
-  }
+  "packageManager": "pnpm@8.5.1"
 }