ipx 0.9.10 → 1.0.0-0

package/LICENSE

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2017-2021
+Copyright (c) Pooya Parsa <pooya@pi0.io>
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

package/dist/cli.cjs

@@ -2,23 +2,19 @@
 
 const consola = require('consola');
 const listhen = require('listhen');
-const middleware = require('./chunks/middleware.cjs');
+const middleware = require('./shared/ipx.dd1c1144.cjs');
 require('defu');
 require('image-meta');
 require('ufo');
-require('fs');
+require('node:fs');
 require('pathe');
-require('http');
-require('https');
+require('node:http');
+require('node:https');
 require('ohmyfetch');
 require('destr');
 require('etag');
 require('xss');
 
-function _interopDefaultLegacy (e) { return e && typeof e === 'object' && 'default' in e ? e["default"] : e; }
-
-const consola__default = /*#__PURE__*/_interopDefaultLegacy(consola);
-
 async function main() {
   const ipx = middleware.createIPX({});
   const middleware$1 = middleware.createIPXMiddleware(ipx);
@@ -26,7 +22,7 @@ async function main() {
     clipboard: false
   });
 }
-main().catch((err) => {
-  consola__default.error(err);
+main().catch((error) => {
+  consola.error(error);
   process.exit(1);
 });

package/dist/cli.mjs

@@ -1,13 +1,13 @@
 import consola from 'consola';
 import { listen } from 'listhen';
-import { c as createIPX, a as createIPXMiddleware } from './chunks/middleware.mjs';
+import { c as createIPX, a as createIPXMiddleware } from './shared/ipx.d659cb77.mjs';
 import 'defu';
 import 'image-meta';
 import 'ufo';
-import 'fs';
+import 'node:fs';
 import 'pathe';
-import 'http';
-import 'https';
+import 'node:http';
+import 'node:https';
 import 'ohmyfetch';
 import 'destr';
 import 'etag';
@@ -20,7 +20,7 @@ async function main() {
     clipboard: false
   });
 }
-main().catch((err) => {
-  consola.error(err);
+main().catch((error) => {
+  consola.error(error);
   process.exit(1);
 });

package/dist/index.cjs

@@ -1,15 +1,13 @@
 'use strict';
 
-Object.defineProperty(exports, '__esModule', { value: true });
-
-const middleware = require('./chunks/middleware.cjs');
+const middleware = require('./shared/ipx.dd1c1144.cjs');
 require('defu');
 require('image-meta');
 require('ufo');
-require('fs');
+require('node:fs');
 require('pathe');
-require('http');
-require('https');
+require('node:http');
+require('node:https');
 require('ohmyfetch');
 require('destr');
 require('etag');

package/dist/index.d.ts

@@ -1,12 +1,12 @@
-import { IncomingMessage, ServerResponse } from 'http';
+import { IncomingMessage, ServerResponse } from 'node:http';
 
 interface SourceData {
     mtime?: Date;
     maxAge?: number;
     getData: () => Promise<Buffer>;
 }
-declare type Source = (src: string, reqOptions?: any) => Promise<SourceData>;
-declare type SourceFactory<T = Record<string, any>> = (options: T) => Source;
+type Source = (source: string, requestOptions?: any) => Promise<SourceData>;
+type SourceFactory<T = Record<string, any>> = (options: T) => Source;
 
 interface ImageMeta {
     width: number;
@@ -17,7 +17,7 @@ interface ImageMeta {
 interface IPXCTX {
     sources: Record<string, Source>;
 }
-declare type IPX = (id: string, modifiers?: Record<string, string>, reqOptions?: any) => {
+type IPX = (id: string, modifiers?: Record<string, string>, requestOptions?: any) => {
     src: () => Promise<SourceData>;
     data: () => Promise<{
         data: Buffer;
@@ -48,7 +48,7 @@ interface IPXHResponse {
     headers: Record<string, string>;
     body: any;
 }
-declare function handleRequest(req: IPXHRequest, ipx: IPX): Promise<IPXHResponse>;
-declare function createIPXMiddleware(ipx: IPX): (req: IncomingMessage, res: ServerResponse) => Promise<void>;
+declare function handleRequest(request: IPXHRequest, ipx: IPX): Promise<IPXHResponse>;
+declare function createIPXMiddleware(ipx: IPX): (request: IncomingMessage, res: ServerResponse) => Promise<void>;
 
 export { IPX, IPXCTX, IPXHRequest, IPXHResponse, IPXOptions, ImageMeta, Source, SourceData, SourceFactory, createIPX, createIPXMiddleware, handleRequest };

package/dist/index.mjs

@@ -1,11 +1,11 @@
-export { c as createIPX, a as createIPXMiddleware, h as handleRequest } from './chunks/middleware.mjs';
+export { c as createIPX, a as createIPXMiddleware, h as handleRequest } from './shared/ipx.d659cb77.mjs';
 import 'defu';
 import 'image-meta';
 import 'ufo';
-import 'fs';
+import 'node:fs';
 import 'pathe';
-import 'http';
-import 'https';
+import 'node:http';
+import 'node:https';
 import 'ohmyfetch';
 import 'destr';
 import 'etag';

package/dist/{chunks/middleware.mjs → shared/ipx.d659cb77.mjs}

@@ -1,10 +1,10 @@
 import defu from 'defu';
 import { imageMeta } from 'image-meta';
 import { withLeadingSlash, hasProtocol, joinURL, decode } from 'ufo';
-import { promises } from 'fs';
+import { promises } from 'node:fs';
 import { resolve, join, parse } from 'pathe';
-import http from 'http';
-import https from 'https';
+import http from 'node:http';
+import https from 'node:https';
 import { fetch } from 'ohmyfetch';
 import destr from 'destr';
 import getEtag from 'etag';
@@ -49,23 +49,23 @@ const Handlers = {
 function getEnv(name, defaultValue) {
   return destr(process.env[name]) ?? defaultValue;
 }
-function cachedPromise(fn) {
+function cachedPromise(function_) {
   let p;
-  return (...args) => {
+  return (...arguments_) => {
     if (p) {
       return p;
     }
-    p = Promise.resolve(fn(...args));
+    p = Promise.resolve(function_(...arguments_));
     return p;
   };
 }
 class IPXError extends Error {
 }
 function createError(statusMessage, statusCode, trace) {
-  const err = new IPXError(statusMessage + (trace ? ` (${trace})` : ""));
-  err.statusMessage = "IPX: " + statusMessage;
-  err.statusCode = statusCode;
-  return err;
+  const error = new IPXError(statusMessage + (trace ? ` (${trace})` : ""));
+  error.statusMessage = "IPX: " + statusMessage;
+  error.statusCode = statusCode;
+  return error;
 }
 
 const createFilesystemSource = (options) => {
@@ -78,12 +78,9 @@ const createFilesystemSource = (options) => {
     let stats;
     try {
       stats = await promises.stat(fsPath);
-    } catch (err) {
-      if (err.code === "ENOENT") {
-        throw createError("File not found", 404, fsPath);
-      } else {
-        throw createError("File access error " + err.code, 403, fsPath);
-      }
+    } catch (error_) {
+      const error = error_.code === "ENOENT" ? createError("File not found", 404, fsPath) : createError("File access error " + error_.code, 403, fsPath);
+      throw error;
     }
     if (!stats.isFile()) {
       throw createError("Path should be a file", 400, fsPath);
@@ -100,12 +97,13 @@ function isValidPath(fp) {
   if (isWindows) {
     fp = fp.slice(parse(fp).root.length);
   }
-  if (/[<>:"|?*]/.test(fp)) {
+  if (/["*:<>?|]/.test(fp)) {
     return false;
   }
   return true;
 }
 
+const HTTP_RE = /^https?:\/\//;
 const createHTTPSource = (options) => {
   const httpsAgent = new https.Agent({ keepAlive: true });
   const httpAgent = new http.Agent({ keepAlive: true });
@@ -113,18 +111,18 @@ const createHTTPSource = (options) => {
   if (typeof _domains === "string") {
     _domains = _domains.split(",").map((s) => s.trim());
   }
-  const domains = _domains.map((d) => {
-    if (!d.startsWith("http")) {
+  const domains = new Set(_domains.map((d) => {
+    if (!HTTP_RE.test(d)) {
       d = "http://" + d;
     }
     return new URL(d).hostname;
-  }).filter(Boolean);
-  return async (id, reqOptions) => {
+  }).filter(Boolean));
+  return async (id, requestOptions) => {
     const hostname = new URL(id).hostname;
     if (!hostname) {
       throw createError("Hostname is missing", 403, id);
     }
-    if (!reqOptions?.bypassDomain && !domains.find((domain) => hostname === domain)) {
+    if (!requestOptions?.bypassDomain && !domains.has(hostname)) {
       throw createError("Forbidden host", 403, hostname);
     }
     const response = await fetch(id, {
@@ -139,7 +137,7 @@ const createHTTPSource = (options) => {
     if (_cacheControl) {
       const m = _cacheControl.match(/max-age=(\d+)/);
       if (m && m[1]) {
-        maxAge = parseInt(m[1]);
+        maxAge = Number.parseInt(m[1]);
       }
     }
     let mtime;
@@ -155,19 +153,19 @@ const createHTTPSource = (options) => {
   };
 };
 
-function VArg(arg) {
-  return destr(arg);
+function VArg(argument) {
+  return destr(argument);
 }
-function parseArgs(args, mappers) {
-  const vargs = args.split("_");
-  return mappers.map((v, i) => v(vargs[i]));
+function parseArgs(arguments_, mappers) {
+  const vargs = arguments_.split("_");
+  return mappers.map((v, index) => v(vargs[index]));
 }
 function getHandler(key) {
   return Handlers[key];
 }
-function applyHandler(ctx, pipe, handler, argsStr) {
-  const args = handler.args ? parseArgs(argsStr, handler.args) : [];
-  return handler.apply(ctx, pipe, ...args);
+function applyHandler(context, pipe, handler, argumentsString) {
+  const arguments_ = handler.args ? parseArgs(argumentsString, handler.args) : [];
+  return handler.apply(context, pipe, ...arguments_);
 }
 function clampDimensionsPreservingAspectRatio(sourceDimensions, desiredDimensions) {
   const desiredAspectRatio = desiredDimensions.width / desiredDimensions.height;
@@ -204,8 +202,8 @@ const position = {
     context.position = position2;
   }
 };
-const HEX_RE = /^([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i;
-const SHORTHEX_RE = /^([a-f\d])([a-f\d])([a-f\d])$/i;
+const HEX_RE = /^([\da-f]{2})([\da-f]{2})([\da-f]{2})$/i;
+const SHORTHEX_RE = /^([\da-f])([\da-f])([\da-f])$/i;
 const background = {
   args: [VArg],
   order: -1,
@@ -226,19 +224,19 @@ const enlarge = {
 const width = {
   args: [VArg],
   apply: (context, pipe, width2) => {
-    return pipe.resize(width2, null, { withoutEnlargement: !context.enlarge });
+    return pipe.resize(width2, void 0, { withoutEnlargement: !context.enlarge });
   }
 };
 const height = {
   args: [VArg],
   apply: (context, pipe, height2) => {
-    return pipe.resize(null, height2, { withoutEnlargement: !context.enlarge });
+    return pipe.resize(void 0, height2, { withoutEnlargement: !context.enlarge });
   }
 };
 const resize = {
   args: [VArg, VArg, VArg],
   apply: (context, pipe, size) => {
-    let [width2, height2] = String(size).split("x").map((v) => Number(v));
+    let [width2, height2] = String(size).split("x").map(Number);
     if (!width2) {
       return;
     }
@@ -387,7 +385,7 @@ const h = height;
 const s = resize;
 const pos = position;
 
-const SUPPORTED_FORMATS = ["jpeg", "png", "webp", "avif", "tiff", "gif"];
+const SUPPORTED_FORMATS = /* @__PURE__ */ new Set(["jpeg", "png", "webp", "avif", "tiff", "gif"]);
 function createIPX(userOptions) {
   const defaults = {
     dir: getEnv("IPX_DIR", "."),
@@ -399,42 +397,42 @@ function createIPX(userOptions) {
   };
   const options = defu(userOptions, defaults);
   options.alias = Object.fromEntries(Object.entries(options.alias).map((e) => [withLeadingSlash(e[0]), e[1]]));
-  const ctx = {
+  const context = {
     sources: {}
   };
   if (options.dir) {
-    ctx.sources.filesystem = createFilesystemSource({
+    context.sources.filesystem = createFilesystemSource({
       dir: options.dir,
       maxAge: options.maxAge
     });
   }
   if (options.domains) {
-    ctx.sources.http = createHTTPSource({
+    context.sources.http = createHTTPSource({
       domains: options.domains,
       fetchOptions: options.fetchOptions,
       maxAge: options.maxAge
     });
   }
-  return function ipx(id, modifiers = {}, reqOptions = {}) {
+  return function ipx(id, modifiers = {}, requestOptions = {}) {
     if (!id) {
       throw createError("resource id is missing", 400);
     }
     id = hasProtocol(id) ? id : withLeadingSlash(id);
     for (const base in options.alias) {
       if (id.startsWith(base)) {
-        id = joinURL(options.alias[base], id.substr(base.length));
+        id = joinURL(options.alias[base], id.slice(base.length));
       }
     }
-    const getSrc = cachedPromise(() => {
+    const getSource = cachedPromise(() => {
       const source = hasProtocol(id) ? "http" : "filesystem";
-      if (!ctx.sources[source]) {
+      if (!context.sources[source]) {
         throw createError("Unknown source", 400, source);
       }
-      return ctx.sources[source](id, reqOptions);
+      return context.sources[source](id, requestOptions);
     });
     const getData = cachedPromise(async () => {
-      const src = await getSrc();
-      const data = await src.getData();
+      const source = await getSource();
+      const data = await source.getData();
       const meta = imageMeta(data);
       const mFormat = modifiers.f || modifiers.format;
       let format = mFormat || meta.type;
@@ -452,18 +450,18 @@ function createIPX(userOptions) {
       const Sharp = await import('sharp').then((r) => r.default || r);
       let sharp = Sharp(data, { animated });
       Object.assign(sharp.options, options.sharp);
-      const handlers = Object.entries(modifiers).map(([name, args]) => ({ handler: getHandler(name), name, args })).filter((h) => h.handler).sort((a, b) => {
+      const handlers = Object.entries(modifiers).map(([name, arguments_]) => ({ handler: getHandler(name), name, args: arguments_ })).filter((h) => h.handler).sort((a, b) => {
         const aKey = (a.handler.order || a.name || "").toString();
         const bKey = (b.handler.order || b.name || "").toString();
         return aKey.localeCompare(bKey);
       });
-      const handlerCtx = { meta };
+      const handlerContext = { meta };
       for (const h of handlers) {
-        sharp = applyHandler(handlerCtx, sharp, h.handler, h.args) || sharp;
+        sharp = applyHandler(handlerContext, sharp, h.handler, h.args) || sharp;
       }
-      if (SUPPORTED_FORMATS.includes(format)) {
+      if (SUPPORTED_FORMATS.has(format)) {
         sharp = sharp.toFormat(format, {
-          quality: handlerCtx.quality,
+          quality: handlerContext.quality,
           progressive: format === "jpeg"
         });
       }
@@ -475,81 +473,80 @@ function createIPX(userOptions) {
       };
     });
     return {
-      src: getSrc,
+      src: getSource,
       data: getData
     };
   };
 }
 
-const MODIFIER_SEP = /[,&]/g;
-const MODIFIER_VAL_SEP = /[_=:]/g;
-async function _handleRequest(req, ipx) {
+const MODIFIER_SEP = /[&,]/g;
+const MODIFIER_VAL_SEP = /[:=_]/g;
+async function _handleRequest(request, ipx) {
   const res = {
     statusCode: 200,
     statusMessage: "",
     headers: {},
     body: ""
   };
-  const [modifiersStr = "", ...idSegments] = req.url.substring(1).split("/");
+  const [modifiersString = "", ...idSegments] = request.url.slice(1).split("/");
   const id = safeString(decode(idSegments.join("/")));
-  if (!modifiersStr) {
-    throw createError("Modifiers are missing", 400, req.url);
+  if (!modifiersString) {
+    throw createError("Modifiers are missing", 400, request.url);
   }
   if (!id || id === "/") {
-    throw createError("Resource id is missing", 400, req.url);
+    throw createError("Resource id is missing", 400, request.url);
   }
   const modifiers = /* @__PURE__ */ Object.create(null);
-  if (modifiersStr !== "_") {
-    for (const p of modifiersStr.split(MODIFIER_SEP)) {
+  if (modifiersString !== "_") {
+    for (const p of modifiersString.split(MODIFIER_SEP)) {
       const [key, value = ""] = p.split(MODIFIER_VAL_SEP);
       modifiers[safeString(key)] = safeString(decode(value));
     }
   }
-  const img = ipx(id, modifiers, req.options);
-  const src = await img.src();
-  if (src.mtime) {
-    if (req.headers["if-modified-since"]) {
-      if (new Date(req.headers["if-modified-since"]) >= src.mtime) {
-        res.statusCode = 304;
-        return res;
-      }
+  const img = ipx(id, modifiers, request.options);
+  const source = await img.src();
+  if (source.mtime) {
+    if (request.headers["if-modified-since"] && new Date(request.headers["if-modified-since"]) >= source.mtime) {
+      res.statusCode = 304;
+      return res;
     }
-    res.headers["Last-Modified"] = +src.mtime + "";
+    res.headers["Last-Modified"] = source.mtime.toUTCString();
   }
-  if (typeof src.maxAge === "number") {
-    res.headers["Cache-Control"] = `max-age=${+src.maxAge}, public, s-maxage=${+src.maxAge}`;
+  if (typeof source.maxAge === "number") {
+    res.headers["Cache-Control"] = `max-age=${+source.maxAge}, public, s-maxage=${+source.maxAge}`;
   }
   const { data, format } = await img.data();
   const etag = getEtag(data);
   res.headers.ETag = etag;
-  if (etag && req.headers["if-none-match"] === etag) {
+  if (etag && request.headers["if-none-match"] === etag) {
     res.statusCode = 304;
     return res;
   }
   if (format) {
     res.headers["Content-Type"] = `image/${format}`;
   }
+  res.headers["Content-Security-Policy"] = "default-src 'none'";
   res.body = data;
   return sanetizeReponse(res);
 }
-function handleRequest(req, ipx) {
-  return _handleRequest(req, ipx).catch((err) => {
-    const statusCode = parseInt(err.statusCode) || 500;
-    const statusMessage = err.statusMessage ? err.statusMessage : `IPX Error (${statusCode})`;
+function handleRequest(request, ipx) {
+  return _handleRequest(request, ipx).catch((error) => {
+    const statusCode = Number.parseInt(error.statusCode) || 500;
+    const statusMessage = error.statusMessage ? error.statusMessage : `IPX Error (${statusCode})`;
     if (process.env.NODE_ENV !== "production" && statusCode === 500) {
-      console.error(err);
+      console.error(error);
     }
     return sanetizeReponse({
       statusCode,
       statusMessage,
-      body: "IPX Error: " + err,
+      body: "IPX Error: " + error,
       headers: {}
     });
   });
 }
 function createIPXMiddleware(ipx) {
-  return function IPXMiddleware(req, res) {
-    return handleRequest({ url: req.url, headers: req.headers }, ipx).then((_res) => {
+  return function IPXMiddleware(request, res) {
+    return handleRequest({ url: request.url, headers: request.headers }, ipx).then((_res) => {
       res.statusCode = _res.statusCode;
       res.statusMessage = _res.statusMessage;
       for (const name in _res.headers) {

package/dist/{chunks/middleware.cjs → shared/ipx.dd1c1144.cjs}

@@ -3,24 +3,15 @@
 const defu = require('defu');
 const imageMeta = require('image-meta');
 const ufo = require('ufo');
-const fs = require('fs');
+const node_fs = require('node:fs');
 const pathe = require('pathe');
-const http = require('http');
-const https = require('https');
+const http = require('node:http');
+const https = require('node:https');
 const ohmyfetch = require('ohmyfetch');
 const destr = require('destr');
 const getEtag = require('etag');
 const xss = require('xss');
 
-function _interopDefaultLegacy (e) { return e && typeof e === 'object' && 'default' in e ? e["default"] : e; }
-
-const defu__default = /*#__PURE__*/_interopDefaultLegacy(defu);
-const http__default = /*#__PURE__*/_interopDefaultLegacy(http);
-const https__default = /*#__PURE__*/_interopDefaultLegacy(https);
-const destr__default = /*#__PURE__*/_interopDefaultLegacy(destr);
-const getEtag__default = /*#__PURE__*/_interopDefaultLegacy(getEtag);
-const xss__default = /*#__PURE__*/_interopDefaultLegacy(xss);
-
 const Handlers = {
   __proto__: null,
   get quality () { return quality; },
@@ -58,25 +49,25 @@ const Handlers = {
 };
 
 function getEnv(name, defaultValue) {
-  return destr__default(process.env[name]) ?? defaultValue;
+  return destr(process.env[name]) ?? defaultValue;
 }
-function cachedPromise(fn) {
+function cachedPromise(function_) {
   let p;
-  return (...args) => {
+  return (...arguments_) => {
     if (p) {
       return p;
     }
-    p = Promise.resolve(fn(...args));
+    p = Promise.resolve(function_(...arguments_));
     return p;
   };
 }
 class IPXError extends Error {
 }
 function createError(statusMessage, statusCode, trace) {
-  const err = new IPXError(statusMessage + (trace ? ` (${trace})` : ""));
-  err.statusMessage = "IPX: " + statusMessage;
-  err.statusCode = statusCode;
-  return err;
+  const error = new IPXError(statusMessage + (trace ? ` (${trace})` : ""));
+  error.statusMessage = "IPX: " + statusMessage;
+  error.statusCode = statusCode;
+  return error;
 }
 
 const createFilesystemSource = (options) => {
@@ -88,13 +79,10 @@ const createFilesystemSource = (options) => {
     }
     let stats;
     try {
-      stats = await fs.promises.stat(fsPath);
-    } catch (err) {
-      if (err.code === "ENOENT") {
-        throw createError("File not found", 404, fsPath);
-      } else {
-        throw createError("File access error " + err.code, 403, fsPath);
-      }
+      stats = await node_fs.promises.stat(fsPath);
+    } catch (error_) {
+      const error = error_.code === "ENOENT" ? createError("File not found", 404, fsPath) : createError("File access error " + error_.code, 403, fsPath);
+      throw error;
     }
     if (!stats.isFile()) {
       throw createError("Path should be a file", 400, fsPath);
@@ -102,7 +90,7 @@ const createFilesystemSource = (options) => {
     return {
       mtime: stats.mtime,
       maxAge: options.maxAge,
-      getData: cachedPromise(() => fs.promises.readFile(fsPath))
+      getData: cachedPromise(() => node_fs.promises.readFile(fsPath))
     };
   };
 };
@@ -111,31 +99,32 @@ function isValidPath(fp) {
   if (isWindows) {
     fp = fp.slice(pathe.parse(fp).root.length);
   }
-  if (/[<>:"|?*]/.test(fp)) {
+  if (/["*:<>?|]/.test(fp)) {
     return false;
   }
   return true;
 }
 
+const HTTP_RE = /^https?:\/\//;
 const createHTTPSource = (options) => {
-  const httpsAgent = new https__default.Agent({ keepAlive: true });
-  const httpAgent = new http__default.Agent({ keepAlive: true });
+  const httpsAgent = new https.Agent({ keepAlive: true });
+  const httpAgent = new http.Agent({ keepAlive: true });
   let _domains = options.domains || [];
   if (typeof _domains === "string") {
     _domains = _domains.split(",").map((s) => s.trim());
   }
-  const domains = _domains.map((d) => {
-    if (!d.startsWith("http")) {
+  const domains = new Set(_domains.map((d) => {
+    if (!HTTP_RE.test(d)) {
       d = "http://" + d;
     }
     return new URL(d).hostname;
-  }).filter(Boolean);
-  return async (id, reqOptions) => {
+  }).filter(Boolean));
+  return async (id, requestOptions) => {
     const hostname = new URL(id).hostname;
     if (!hostname) {
       throw createError("Hostname is missing", 403, id);
     }
-    if (!reqOptions?.bypassDomain && !domains.find((domain) => hostname === domain)) {
+    if (!requestOptions?.bypassDomain && !domains.has(hostname)) {
       throw createError("Forbidden host", 403, hostname);
     }
     const response = await ohmyfetch.fetch(id, {
@@ -150,7 +139,7 @@ const createHTTPSource = (options) => {
     if (_cacheControl) {
       const m = _cacheControl.match(/max-age=(\d+)/);
       if (m && m[1]) {
-        maxAge = parseInt(m[1]);
+        maxAge = Number.parseInt(m[1]);
       }
     }
     let mtime;
@@ -166,19 +155,19 @@ const createHTTPSource = (options) => {
   };
 };
 
-function VArg(arg) {
-  return destr__default(arg);
+function VArg(argument) {
+  return destr(argument);
 }
-function parseArgs(args, mappers) {
-  const vargs = args.split("_");
-  return mappers.map((v, i) => v(vargs[i]));
+function parseArgs(arguments_, mappers) {
+  const vargs = arguments_.split("_");
+  return mappers.map((v, index) => v(vargs[index]));
 }
 function getHandler(key) {
   return Handlers[key];
 }
-function applyHandler(ctx, pipe, handler, argsStr) {
-  const args = handler.args ? parseArgs(argsStr, handler.args) : [];
-  return handler.apply(ctx, pipe, ...args);
+function applyHandler(context, pipe, handler, argumentsString) {
+  const arguments_ = handler.args ? parseArgs(argumentsString, handler.args) : [];
+  return handler.apply(context, pipe, ...arguments_);
 }
 function clampDimensionsPreservingAspectRatio(sourceDimensions, desiredDimensions) {
   const desiredAspectRatio = desiredDimensions.width / desiredDimensions.height;
@@ -215,8 +204,8 @@ const position = {
     context.position = position2;
   }
 };
-const HEX_RE = /^([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i;
-const SHORTHEX_RE = /^([a-f\d])([a-f\d])([a-f\d])$/i;
+const HEX_RE = /^([\da-f]{2})([\da-f]{2})([\da-f]{2})$/i;
+const SHORTHEX_RE = /^([\da-f])([\da-f])([\da-f])$/i;
 const background = {
   args: [VArg],
   order: -1,
@@ -237,19 +226,19 @@ const enlarge = {
 const width = {
   args: [VArg],
   apply: (context, pipe, width2) => {
-    return pipe.resize(width2, null, { withoutEnlargement: !context.enlarge });
+    return pipe.resize(width2, void 0, { withoutEnlargement: !context.enlarge });
   }
 };
 const height = {
   args: [VArg],
   apply: (context, pipe, height2) => {
-    return pipe.resize(null, height2, { withoutEnlargement: !context.enlarge });
+    return pipe.resize(void 0, height2, { withoutEnlargement: !context.enlarge });
   }
 };
 const resize = {
   args: [VArg, VArg, VArg],
   apply: (context, pipe, size) => {
-    let [width2, height2] = String(size).split("x").map((v) => Number(v));
+    let [width2, height2] = String(size).split("x").map(Number);
     if (!width2) {
       return;
     }
@@ -398,7 +387,7 @@ const h = height;
 const s = resize;
 const pos = position;
 
-const SUPPORTED_FORMATS = ["jpeg", "png", "webp", "avif", "tiff", "gif"];
+const SUPPORTED_FORMATS = /* @__PURE__ */ new Set(["jpeg", "png", "webp", "avif", "tiff", "gif"]);
 function createIPX(userOptions) {
   const defaults = {
     dir: getEnv("IPX_DIR", "."),
@@ -408,44 +397,44 @@ function createIPX(userOptions) {
     maxAge: getEnv("IPX_MAX_AGE", 300),
     sharp: {}
   };
-  const options = defu__default(userOptions, defaults);
+  const options = defu(userOptions, defaults);
   options.alias = Object.fromEntries(Object.entries(options.alias).map((e) => [ufo.withLeadingSlash(e[0]), e[1]]));
-  const ctx = {
+  const context = {
     sources: {}
   };
   if (options.dir) {
-    ctx.sources.filesystem = createFilesystemSource({
+    context.sources.filesystem = createFilesystemSource({
       dir: options.dir,
       maxAge: options.maxAge
     });
   }
   if (options.domains) {
-    ctx.sources.http = createHTTPSource({
+    context.sources.http = createHTTPSource({
       domains: options.domains,
       fetchOptions: options.fetchOptions,
       maxAge: options.maxAge
     });
   }
-  return function ipx(id, modifiers = {}, reqOptions = {}) {
+  return function ipx(id, modifiers = {}, requestOptions = {}) {
     if (!id) {
       throw createError("resource id is missing", 400);
     }
     id = ufo.hasProtocol(id) ? id : ufo.withLeadingSlash(id);
     for (const base in options.alias) {
       if (id.startsWith(base)) {
-        id = ufo.joinURL(options.alias[base], id.substr(base.length));
+        id = ufo.joinURL(options.alias[base], id.slice(base.length));
       }
     }
-    const getSrc = cachedPromise(() => {
+    const getSource = cachedPromise(() => {
       const source = ufo.hasProtocol(id) ? "http" : "filesystem";
-      if (!ctx.sources[source]) {
+      if (!context.sources[source]) {
         throw createError("Unknown source", 400, source);
       }
-      return ctx.sources[source](id, reqOptions);
+      return context.sources[source](id, requestOptions);
     });
     const getData = cachedPromise(async () => {
-      const src = await getSrc();
-      const data = await src.getData();
+      const source = await getSource();
+      const data = await source.getData();
       const meta = imageMeta.imageMeta(data);
       const mFormat = modifiers.f || modifiers.format;
       let format = mFormat || meta.type;
@@ -463,18 +452,18 @@ function createIPX(userOptions) {
       const Sharp = await import('sharp').then((r) => r.default || r);
       let sharp = Sharp(data, { animated });
       Object.assign(sharp.options, options.sharp);
-      const handlers = Object.entries(modifiers).map(([name, args]) => ({ handler: getHandler(name), name, args })).filter((h) => h.handler).sort((a, b) => {
+      const handlers = Object.entries(modifiers).map(([name, arguments_]) => ({ handler: getHandler(name), name, args: arguments_ })).filter((h) => h.handler).sort((a, b) => {
         const aKey = (a.handler.order || a.name || "").toString();
         const bKey = (b.handler.order || b.name || "").toString();
         return aKey.localeCompare(bKey);
       });
-      const handlerCtx = { meta };
+      const handlerContext = { meta };
       for (const h of handlers) {
-        sharp = applyHandler(handlerCtx, sharp, h.handler, h.args) || sharp;
+        sharp = applyHandler(handlerContext, sharp, h.handler, h.args) || sharp;
       }
-      if (SUPPORTED_FORMATS.includes(format)) {
+      if (SUPPORTED_FORMATS.has(format)) {
         sharp = sharp.toFormat(format, {
-          quality: handlerCtx.quality,
+          quality: handlerContext.quality,
           progressive: format === "jpeg"
         });
       }
@@ -486,81 +475,80 @@ function createIPX(userOptions) {
       };
     });
     return {
-      src: getSrc,
+      src: getSource,
       data: getData
     };
   };
 }
 
-const MODIFIER_SEP = /[,&]/g;
-const MODIFIER_VAL_SEP = /[_=:]/g;
-async function _handleRequest(req, ipx) {
+const MODIFIER_SEP = /[&,]/g;
+const MODIFIER_VAL_SEP = /[:=_]/g;
+async function _handleRequest(request, ipx) {
   const res = {
     statusCode: 200,
     statusMessage: "",
     headers: {},
     body: ""
   };
-  const [modifiersStr = "", ...idSegments] = req.url.substring(1).split("/");
+  const [modifiersString = "", ...idSegments] = request.url.slice(1).split("/");
   const id = safeString(ufo.decode(idSegments.join("/")));
-  if (!modifiersStr) {
-    throw createError("Modifiers are missing", 400, req.url);
+  if (!modifiersString) {
+    throw createError("Modifiers are missing", 400, request.url);
   }
   if (!id || id === "/") {
-    throw createError("Resource id is missing", 400, req.url);
+    throw createError("Resource id is missing", 400, request.url);
   }
   const modifiers = /* @__PURE__ */ Object.create(null);
-  if (modifiersStr !== "_") {
-    for (const p of modifiersStr.split(MODIFIER_SEP)) {
+  if (modifiersString !== "_") {
+    for (const p of modifiersString.split(MODIFIER_SEP)) {
       const [key, value = ""] = p.split(MODIFIER_VAL_SEP);
       modifiers[safeString(key)] = safeString(ufo.decode(value));
     }
   }
-  const img = ipx(id, modifiers, req.options);
-  const src = await img.src();
-  if (src.mtime) {
-    if (req.headers["if-modified-since"]) {
-      if (new Date(req.headers["if-modified-since"]) >= src.mtime) {
-        res.statusCode = 304;
-        return res;
-      }
+  const img = ipx(id, modifiers, request.options);
+  const source = await img.src();
+  if (source.mtime) {
+    if (request.headers["if-modified-since"] && new Date(request.headers["if-modified-since"]) >= source.mtime) {
+      res.statusCode = 304;
+      return res;
     }
-    res.headers["Last-Modified"] = +src.mtime + "";
+    res.headers["Last-Modified"] = source.mtime.toUTCString();
   }
-  if (typeof src.maxAge === "number") {
-    res.headers["Cache-Control"] = `max-age=${+src.maxAge}, public, s-maxage=${+src.maxAge}`;
+  if (typeof source.maxAge === "number") {
+    res.headers["Cache-Control"] = `max-age=${+source.maxAge}, public, s-maxage=${+source.maxAge}`;
   }
   const { data, format } = await img.data();
-  const etag = getEtag__default(data);
+  const etag = getEtag(data);
   res.headers.ETag = etag;
-  if (etag && req.headers["if-none-match"] === etag) {
+  if (etag && request.headers["if-none-match"] === etag) {
     res.statusCode = 304;
     return res;
   }
   if (format) {
     res.headers["Content-Type"] = `image/${format}`;
   }
+  res.headers["Content-Security-Policy"] = "default-src 'none'";
   res.body = data;
   return sanetizeReponse(res);
 }
-function handleRequest(req, ipx) {
-  return _handleRequest(req, ipx).catch((err) => {
-    const statusCode = parseInt(err.statusCode) || 500;
-    const statusMessage = err.statusMessage ? err.statusMessage : `IPX Error (${statusCode})`;
+function handleRequest(request, ipx) {
+  return _handleRequest(request, ipx).catch((error) => {
+    const statusCode = Number.parseInt(error.statusCode) || 500;
+    const statusMessage = error.statusMessage ? error.statusMessage : `IPX Error (${statusCode})`;
     if (process.env.NODE_ENV !== "production" && statusCode === 500) {
-      console.error(err);
+      console.error(error);
     }
     return sanetizeReponse({
       statusCode,
       statusMessage,
-      body: "IPX Error: " + err,
+      body: "IPX Error: " + error,
       headers: {}
     });
   });
 }
 function createIPXMiddleware(ipx) {
-  return function IPXMiddleware(req, res) {
-    return handleRequest({ url: req.url, headers: req.headers }, ipx).then((_res) => {
+  return function IPXMiddleware(request, res) {
+    return handleRequest({ url: request.url, headers: request.headers }, ipx).then((_res) => {
       res.statusCode = _res.statusCode;
       res.statusMessage = _res.statusMessage;
       for (const name in _res.headers) {
@@ -575,7 +563,7 @@ function sanetizeReponse(res) {
     statusCode: res.statusCode || 200,
     statusMessage: res.statusMessage ? safeString(res.statusMessage) : "OK",
     headers: safeStringObject(res.headers || {}),
-    body: typeof res.body === "string" ? xss__default(safeString(res.body)) : res.body || ""
+    body: typeof res.body === "string" ? xss(safeString(res.body)) : res.body || ""
   };
 }
 function safeString(input) {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "ipx",
-  "version": "0.9.10",
+  "version": "1.0.0-0",
   "repository": "unjs/ipx",
   "license": "MIT",
   "exports": {
@@ -17,42 +17,45 @@
     "dist",
     "bin"
   ],
-  "dependencies": {
-    "consola": "^2.15.3",
-    "defu": "^6.0.0",
-    "destr": "^1.1.1",
-    "etag": "^1.8.1",
-    "image-meta": "^0.1.1",
-    "listhen": "^0.2.13",
-    "ohmyfetch": "^0.4.18",
-    "pathe": "^0.3.2",
-    "sharp": "^0.30.7",
-    "ufo": "^0.8.5",
-    "xss": "^1.0.13"
-  },
-  "devDependencies": {
-    "@nuxtjs/eslint-config-typescript": "latest",
-    "@types/etag": "latest",
-    "@types/is-valid-path": "latest",
-    "@types/node-fetch": "latest",
-    "@types/sharp": "latest",
-    "c8": "latest",
-    "eslint": "latest",
-    "jiti": "latest",
-    "nodemon": "latest",
-    "serve-handler": "^6.1.3",
-    "standard-version": "latest",
-    "typescript": "latest",
-    "unbuild": "latest",
-    "vitest": "latest"
-  },
-  "packageManager": "pnpm@7.5.0",
   "scripts": {
     "build": "unbuild",
     "dev": "nodemon",
     "lint": "eslint --ext .ts .",
+    "prepack": "pnpm build",
     "release": "pnpm test && standard-version && git push --follow-tags && pnpm publish",
     "start": "node bin/ipx.js",
     "test": "pnpm lint && vitest run --coverage"
-  }
-}
+  },
+  "dependencies": {
+    "consola": "^2.15.3",
+    "defu": "^6.1.1",
+    "destr": "^1.2.1",
+    "etag": "^1.8.1",
+    "image-meta": "^0.1.1",
+    "listhen": "^1.0.0",
+    "ohmyfetch": "^0.4.21",
+    "pathe": "^1.0.0",
+    "sharp": "^0.31.2",
+    "ufo": "^1.0.0",
+    "xss": "^1.0.14"
+  },
+  "devDependencies": {
+    "@nuxtjs/eslint-config-typescript": "^12.0.0",
+    "@types/etag": "^1.8.1",
+    "@types/is-valid-path": "^0.1.0",
+    "@types/node-fetch": "^2.6.2",
+    "@types/sharp": "^0.31.0",
+    "@vitest/coverage-c8": "^0.25.3",
+    "changelogen": "^0.4.0",
+    "eslint": "^8.28.0",
+    "eslint-config-unjs": "^0.0.2",
+    "jiti": "^1.16.0",
+    "nodemon": "^2.0.20",
+    "serve-handler": "^6.1.5",
+    "standard-version": "^9.5.0",
+    "typescript": "^4.9.3",
+    "unbuild": "^1.0.1",
+    "vitest": "^0.25.3"
+  },
+  "packageManager": "pnpm@7.17.0"
+}