hono 4.5.1 → 4.5.3

package/dist/adapter/service-worker/handler.js

@@ -1,6 +1,6 @@
 // src/adapter/service-worker/handler.ts
 var handle = (app, opts = {
-  fetch
+  fetch: globalThis.self !== void 0 ? globalThis.self.fetch : fetch
 }) => {
   return (evt) => {
     evt.respondWith(

package/dist/cjs/adapter/service-worker/handler.js

@@ -22,7 +22,7 @@ __export(handler_exports, {
 });
 module.exports = __toCommonJS(handler_exports);
 const handle = (app, opts = {
-  fetch
+  fetch: globalThis.self !== void 0 ? globalThis.self.fetch : fetch
 }) => {
   return (evt) => {
     evt.respondWith(

package/dist/cjs/jsx/base.js

@@ -28,6 +28,7 @@ __export(base_exports, {
   JSXFragmentNode: () => JSXFragmentNode,
   JSXNode: () => JSXNode,
   cloneElement: () => cloneElement,
+  getNameSpaceContext: () => getNameSpaceContext,
   isValidElement: () => isValidElement,
   jsx: () => jsx,
   jsxFn: () => jsxFn,
@@ -42,6 +43,11 @@ var import_constants = require("./constants");
 var import_utils = require("./utils");
 var intrinsicElementTags = __toESM(require("./intrinsic-element/components"), 1);
 var import_common = require("./intrinsic-element/common");
+let nameSpaceContext = void 0;
+const getNameSpaceContext = () => nameSpaceContext;
+const toSVGAttributeName = (key) => /[A-Z]/.test(key) && key.match(
+  /^(?:al|basel|clip(?:Path|Rule)$|co|do|fill|fl|fo|gl|let|lig|i|marker[EMS]|o|pai|pointe|sh|st[or]|text[^L]|tr|u|ve|w)/
+) ? key.replace(/([A-Z])/g, "-$1").toLowerCase() : key;
 const emptyTags = [
   "area",
   "base",
@@ -143,8 +149,9 @@ class JSXNode {
     const props = this.props;
     let { children } = this;
     buffer[0] += `<${tag}`;
+    const normalizeKey = nameSpaceContext && (0, import_context.useContext)(nameSpaceContext) === "svg" ? (key) => toSVGAttributeName((0, import_utils.normalizeIntrinsicElementKey)(key)) : (key) => (0, import_utils.normalizeIntrinsicElementKey)(key);
     for (let [key, v] of Object.entries(props)) {
-      key = (0, import_utils.normalizeIntrinsicElementKey)(key);
+      key = normalizeKey(key);
       if (key === "children") {
       } else if (key === "style" && typeof v === "object") {
         let styleStr = "";
@@ -262,6 +269,17 @@ const jsxFn = (tag, props, children) => {
       props,
       children
     );
+  } else if (tag === "svg") {
+    nameSpaceContext ||= (0, import_context.createContext)("");
+    return new JSXNode(tag, props, [
+      new JSXFunctionNode(
+        nameSpaceContext,
+        {
+          value: tag
+        },
+        children
+      )
+    ]);
   } else {
     return new JSXNode(tag, props, children);
   }
@@ -323,6 +341,7 @@ const reactAPICompatVersion = "19.0.0-hono-jsx";
   JSXFragmentNode,
   JSXNode,
   cloneElement,
+  getNameSpaceContext,
   isValidElement,
   jsx,
   jsxFn,

package/dist/cjs/jsx/dom/render.js

@@ -187,22 +187,7 @@ const getNextChildren = (node, container, nextChildren, childrenToRemove, callba
   });
 };
 const findInsertBefore = (node) => {
-  if (!node) {
-    return null;
-  } else if (node.tag === HONO_PORTAL_ELEMENT) {
-    return findInsertBefore(node.nN);
-  } else if (node.e) {
-    return node.e;
-  }
-  if (node.vC) {
-    for (let i = 0, len = node.vC.length; i < len; i++) {
-      const e = findInsertBefore(node.vC[i]);
-      if (e) {
-        return e;
-      }
-    }
-  }
-  return findInsertBefore(node.nN);
+  return !node ? null : node.tag === HONO_PORTAL_ELEMENT ? findInsertBefore(node.nN) : node.e || node.vC && node.pP && findInsertBefore(node.vC[0]) || findInsertBefore(node.nN);
 };
 const removeNode = (node) => {
   if (!isNodeString(node)) {

package/dist/cjs/jsx/intrinsic-element/components.js

@@ -29,6 +29,7 @@ __export(components_exports, {
 });
 module.exports = __toCommonJS(components_exports);
 var import_base = require("../base");
+var import_context = require("../context");
 var import_html = require("../../helper/html");
 var import_common = require("./common");
 var import_constants = require("../constants");
@@ -105,6 +106,10 @@ const documentMetadataTag = (tag, children, props, sort) => {
   }
 };
 const title = ({ children, ...props }) => {
+  const nameSpaceContext = (0, import_base.getNameSpaceContext)();
+  if (nameSpaceContext && (0, import_context.useContext)(nameSpaceContext) === "svg") {
+    new import_base.JSXNode("title", props, (0, import_children.toArray)(children ?? []));
+  }
   return documentMetadataTag("title", children, props, false);
 };
 const script = ({

package/dist/cjs/middleware/csrf/index.js

@@ -42,7 +42,7 @@ const csrf = (options) => {
     }
     return handler(origin, c);
   };
-  return async function cors(c, next) {
+  return async function csrf2(c, next) {
     if (!isSafeMethodRe.test(c.req.method) && isRequestedByFormElementRe.test(c.req.header("content-type") || "") && !isAllowedOrigin(c.req.header("origin"), c)) {
       const res = new Response("Forbidden", {
         status: 403

package/dist/cjs/middleware/secure-headers/secure-headers.js

@@ -49,7 +49,8 @@ const DEFAULT_OPTIONS = {
   xDownloadOptions: true,
   xFrameOptions: true,
   xPermittedCrossDomainPolicies: true,
-  xXssProtection: true
+  xXssProtection: true,
+  removePoweredBy: true
 };
 const generateNonce = () => {
   const buffer = new Uint8Array(16);
@@ -85,7 +86,9 @@ const secureHeaders = (customOptions) => {
     const headersToSetForReq = callbacks.length === 0 ? headersToSet : callbacks.reduce((acc, cb) => cb(ctx, acc), headersToSet);
     await next();
     setHeaders(ctx, headersToSetForReq);
-    ctx.res.headers.delete("X-Powered-By");
+    if (options?.removePoweredBy) {
+      ctx.res.headers.delete("X-Powered-By");
+    }
   };
 };
 function getFilteredHeaders(options) {

package/dist/cjs/validator/validator.js

@@ -24,8 +24,8 @@ module.exports = __toCommonJS(validator_exports);
 var import_cookie = require("../helper/cookie");
 var import_http_exception = require("../http-exception");
 var import_buffer = require("../utils/buffer");
-const jsonRegex = /^application\/([a-z-\.]+\+)?json$/;
-const multipartRegex = /^multipart\/form-data(; boundary=[A-Za-z0-9'()+_,\-./:=?]+)?$/;
+const jsonRegex = /^application\/([a-z-\.]+\+)?json(;\s*[a-zA-Z0-9\-]+\=([^;]+))*$/;
+const multipartRegex = /^multipart\/form-data(; boundary=[a-zA-Z0-9'"()+_,\-./:=?]+)?$/;
 const urlencodedRegex = /^application\/x-www-form-urlencoded$/;
 const validator = (target, validationFunc) => {
   return async (c, next) => {

package/dist/jsx/base.js

@@ -1,11 +1,16 @@
 // src/jsx/base.ts
 import { raw } from "../helper/html/index.js";
 import { escapeToBuffer, resolveCallbackSync, stringBufferToString } from "../utils/html.js";
-import { globalContexts } from "./context.js";
+import { createContext, globalContexts, useContext } from "./context.js";
 import { DOM_RENDERER } from "./constants.js";
 import { normalizeIntrinsicElementKey, styleObjectForEach } from "./utils.js";
 import * as intrinsicElementTags from "./intrinsic-element/components.js";
 import { domRenderers } from "./intrinsic-element/common.js";
+var nameSpaceContext = void 0;
+var getNameSpaceContext = () => nameSpaceContext;
+var toSVGAttributeName = (key) => /[A-Z]/.test(key) && key.match(
+  /^(?:al|basel|clip(?:Path|Rule)$|co|do|fill|fl|fo|gl|let|lig|i|marker[EMS]|o|pai|pointe|sh|st[or]|text[^L]|tr|u|ve|w)/
+) ? key.replace(/([A-Z])/g, "-$1").toLowerCase() : key;
 var emptyTags = [
   "area",
   "base",
@@ -107,8 +112,9 @@ var JSXNode = class {
     const props = this.props;
     let { children } = this;
     buffer[0] += `<${tag}`;
+    const normalizeKey = nameSpaceContext && useContext(nameSpaceContext) === "svg" ? (key) => toSVGAttributeName(normalizeIntrinsicElementKey(key)) : (key) => normalizeIntrinsicElementKey(key);
     for (let [key, v] of Object.entries(props)) {
-      key = normalizeIntrinsicElementKey(key);
+      key = normalizeKey(key);
       if (key === "children") {
       } else if (key === "style" && typeof v === "object") {
         let styleStr = "";
@@ -226,6 +232,17 @@ var jsxFn = (tag, props, children) => {
       props,
       children
     );
+  } else if (tag === "svg") {
+    nameSpaceContext ||= createContext("");
+    return new JSXNode(tag, props, [
+      new JSXFunctionNode(
+        nameSpaceContext,
+        {
+          value: tag
+        },
+        children
+      )
+    ]);
   } else {
     return new JSXNode(tag, props, children);
   }
@@ -286,6 +303,7 @@ export {
   JSXFragmentNode,
   JSXNode,
   cloneElement,
+  getNameSpaceContext,
   isValidElement,
   jsx,
   jsxFn,

package/dist/jsx/dom/render.js

@@ -157,22 +157,7 @@ var getNextChildren = (node, container, nextChildren, childrenToRemove, callback
   });
 };
 var findInsertBefore = (node) => {
-  if (!node) {
-    return null;
-  } else if (node.tag === HONO_PORTAL_ELEMENT) {
-    return findInsertBefore(node.nN);
-  } else if (node.e) {
-    return node.e;
-  }
-  if (node.vC) {
-    for (let i = 0, len = node.vC.length; i < len; i++) {
-      const e = findInsertBefore(node.vC[i]);
-      if (e) {
-        return e;
-      }
-    }
-  }
-  return findInsertBefore(node.nN);
+  return !node ? null : node.tag === HONO_PORTAL_ELEMENT ? findInsertBefore(node.nN) : node.e || node.vC && node.pP && findInsertBefore(node.vC[0]) || findInsertBefore(node.nN);
 };
 var removeNode = (node) => {
   if (!isNodeString(node)) {

package/dist/jsx/intrinsic-element/components.js

@@ -1,5 +1,6 @@
 // src/jsx/intrinsic-element/components.ts
-import { JSXNode } from "../base.js";
+import { JSXNode, getNameSpaceContext } from "../base.js";
+import { useContext } from "../context.js";
 import { raw } from "../../helper/html/index.js";
 import { dataPrecedenceAttr, deDupeKeyMap } from "./common.js";
 import { PERMALINK } from "../constants.js";
@@ -76,6 +77,10 @@ var documentMetadataTag = (tag, children, props, sort) => {
   }
 };
 var title = ({ children, ...props }) => {
+  const nameSpaceContext = getNameSpaceContext();
+  if (nameSpaceContext && useContext(nameSpaceContext) === "svg") {
+    new JSXNode("title", props, toArray(children ?? []));
+  }
   return documentMetadataTag("title", children, props, false);
 };
 var script = ({

package/dist/middleware/csrf/index.js

@@ -20,7 +20,7 @@ var csrf = (options) => {
     }
     return handler(origin, c);
   };
-  return async function cors(c, next) {
+  return async function csrf2(c, next) {
     if (!isSafeMethodRe.test(c.req.method) && isRequestedByFormElementRe.test(c.req.header("content-type") || "") && !isAllowedOrigin(c.req.header("origin"), c)) {
       const res = new Response("Forbidden", {
         status: 403

package/dist/middleware/secure-headers/secure-headers.js

@@ -26,7 +26,8 @@ var DEFAULT_OPTIONS = {
   xDownloadOptions: true,
   xFrameOptions: true,
   xPermittedCrossDomainPolicies: true,
-  xXssProtection: true
+  xXssProtection: true,
+  removePoweredBy: true
 };
 var generateNonce = () => {
   const buffer = new Uint8Array(16);
@@ -62,7 +63,9 @@ var secureHeaders = (customOptions) => {
     const headersToSetForReq = callbacks.length === 0 ? headersToSet : callbacks.reduce((acc, cb) => cb(ctx, acc), headersToSet);
     await next();
     setHeaders(ctx, headersToSetForReq);
-    ctx.res.headers.delete("X-Powered-By");
+    if (options?.removePoweredBy) {
+      ctx.res.headers.delete("X-Powered-By");
+    }
   };
 };
 function getFilteredHeaders(options) {

package/dist/types/context.d.ts

@@ -122,7 +122,7 @@ interface JSONRespond {
  *
  * @returns {Response & TypedResponse<SimplifyDeepArray<T> extends JSONValue ? (JSONValue extends SimplifyDeepArray<T> ? never : JSONParsed<T>) : never, U, 'json'>} - The response after rendering the JSON object, typed with the provided object and status code types.
  */
-type JSONRespondReturn<T extends JSONValue | SimplifyDeepArray<unknown> | InvalidJSONValue, U extends StatusCode> = Response & TypedResponse<SimplifyDeepArray<T> extends JSONValue ? JSONValue extends SimplifyDeepArray<T> ? never : JSONParsed<T> : JSONParsed<T>, U, 'json'>;
+type JSONRespondReturn<T extends JSONValue | SimplifyDeepArray<unknown> | InvalidJSONValue, U extends StatusCode> = Response & TypedResponse<SimplifyDeepArray<T> extends JSONValue ? JSONValue extends SimplifyDeepArray<T> ? never : JSONParsed<T> : never, U, 'json'>;
 /**
  * Interface representing a function that responds with HTML content.
  *

package/dist/types/jsx/base.d.ts

@@ -17,6 +17,7 @@ export declare namespace JSX {
         [tagName: string]: Props;
     }
 }
+export declare const getNameSpaceContext: () => Context<string> | undefined;
 type LocalContexts = [Context<unknown>, unknown][];
 export type Child = string | Promise<string> | number | JSXNode | null | undefined | boolean | Child[];
 export declare class JSXNode implements HtmlEscaped {

package/dist/types/middleware/secure-headers/secure-headers.d.ts

@@ -62,6 +62,7 @@ interface SecureHeadersOptions {
     xFrameOptions?: overridableHeader;
     xPermittedCrossDomainPolicies?: overridableHeader;
     xXssProtection?: overridableHeader;
+    removePoweredBy?: boolean;
 }
 export declare const NONCE: ContentSecurityPolicyOptionHandler;
 /**
@@ -85,6 +86,7 @@ export declare const NONCE: ContentSecurityPolicyOptionHandler;
  * @param {overridableHeader} [customOptions.xFrameOptions=true] - Settings for the X-Frame-Options header.
  * @param {overridableHeader} [customOptions.xPermittedCrossDomainPolicies=true] - Settings for the X-Permitted-Cross-Domain-Policies header.
  * @param {overridableHeader} [customOptions.xXssProtection=true] - Settings for the X-XSS-Protection header.
+ * @param {boolean} [customOptions.removePoweredBy=true] - Settings for remove X-Powered-By header.
  * @returns {MiddlewareHandler} The middleware handler function.
  *
  * @example

package/dist/types/utils/types.d.ts

@@ -11,7 +11,7 @@ export type IfAnyThenEmptyObject<T> = 0 extends 1 & T ? {} : T;
 export type JSONPrimitive = string | boolean | number | null;
 export type JSONArray = (JSONPrimitive | JSONObject | JSONArray)[];
 export type JSONObject = {
-    [key: string]: JSONPrimitive | JSONArray | JSONObject | object;
+    [key: string]: JSONPrimitive | JSONArray | JSONObject | object | InvalidJSONValue;
 };
 export type InvalidJSONValue = undefined | symbol | ((...args: unknown[]) => unknown);
 type InvalidToNull<T> = T extends InvalidJSONValue ? null : T;
@@ -27,7 +27,7 @@ export type JSONParsed<T> = T extends {
     toJSON(): infer J;
 } ? (() => J) extends () => JSONPrimitive ? J : (() => J) extends () => {
     toJSON(): unknown;
-} ? {} : JSONParsed<J> : T extends JSONPrimitive ? T : T extends InvalidJSONValue ? never : T extends [] ? [] : T extends readonly [infer R, ...infer U] ? [JSONParsed<InvalidToNull<R>>, ...JSONParsed<U>] : T extends Array<infer U> ? Array<JSONParsed<InvalidToNull<U>>> : T extends Set<unknown> | Map<unknown, unknown> ? {} : T extends object ? {
+} ? {} : JSONParsed<J> : T extends JSONPrimitive ? T : T extends InvalidJSONValue ? never : T extends [] ? [] : T extends readonly [infer R, ...infer U] ? [JSONParsed<InvalidToNull<R>>, ...JSONParsed<U>] : T extends Array<infer U> ? Array<JSONParsed<InvalidToNull<U>>> : T extends ReadonlyArray<infer U> ? ReadonlyArray<JSONParsed<InvalidToNull<U>>> : T extends Set<unknown> | Map<unknown, unknown> ? {} : T extends object ? {
     [K in keyof OmitSymbolKeys<T> as IsInvalid<T[K]> extends true ? never : K]: boolean extends IsInvalid<T[K]> ? JSONParsed<T[K]> | undefined : JSONParsed<T[K]>;
 } : never;
 /**

package/dist/validator/validator.js

@@ -2,8 +2,8 @@
 import { getCookie } from "../helper/cookie/index.js";
 import { HTTPException } from "../http-exception.js";
 import { bufferToFormData } from "../utils/buffer.js";
-var jsonRegex = /^application\/([a-z-\.]+\+)?json$/;
-var multipartRegex = /^multipart\/form-data(; boundary=[A-Za-z0-9'()+_,\-./:=?]+)?$/;
+var jsonRegex = /^application\/([a-z-\.]+\+)?json(;\s*[a-zA-Z0-9\-]+\=([^;]+))*$/;
+var multipartRegex = /^multipart\/form-data(; boundary=[a-zA-Z0-9'"()+_,\-./:=?]+)?$/;
 var urlencodedRegex = /^application\/x-www-form-urlencoded$/;
 var validator = (target, validationFunc) => {
   return async (c, next) => {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "hono",
-  "version": "4.5.1",
+  "version": "4.5.3",
   "description": "Web framework built on Web Standards",
   "main": "dist/cjs/index.js",
   "type": "module",