npm - kempo-server - Versions diffs - 1.4.3 → 1.4.5 - Mend

kempo-server 1.4.3 → 1.4.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (47) hide show

package/.github/copilot-instructions.md +96 -96
package/.github/workflows/publish-npm.yml +41 -0
package/README.md +650 -650
package/builtinMiddleware.js +136 -136
package/defaultConfig.js +129 -129
package/docs/.config.json +5 -5
package/docs/.config.json.example +19 -19
package/docs/api/user/[id]/GET.js +15 -15
package/docs/api/user/[id]/[info]/DELETE.js +12 -12
package/docs/api/user/[id]/[info]/GET.js +17 -17
package/docs/api/user/[id]/[info]/POST.js +18 -18
package/docs/api/user/[id]/[info]/PUT.js +19 -19
package/docs/configuration.html +119 -119
package/docs/examples.html +201 -201
package/docs/getting-started.html +72 -72
package/docs/index.html +81 -81
package/docs/manifest.json +87 -87
package/docs/middleware.html +147 -147
package/docs/request-response.html +95 -95
package/docs/routing.html +77 -77
package/example-middleware.js +23 -23
package/example.config.json +50 -50
package/findFile.js +138 -138
package/getFiles.js +72 -72
package/getFlags.js +34 -34
package/index.js +47 -47
package/middlewareRunner.js +25 -25
package/package.json +10 -6
package/requestWrapper.js +87 -87
package/responseWrapper.js +204 -204
package/router.js +285 -285
package/serveFile.js +71 -71
package/tests/builtinMiddleware-cors.node-test.js +17 -17
package/tests/builtinMiddleware.node-test.js +74 -74
package/tests/defaultConfig.node-test.js +13 -13
package/tests/example-middleware.node-test.js +31 -31
package/tests/findFile.node-test.js +46 -46
package/tests/getFiles.node-test.js +25 -25
package/tests/getFlags.node-test.js +30 -30
package/tests/index.node-test.js +23 -23
package/tests/middlewareRunner.node-test.js +18 -18
package/tests/requestWrapper.node-test.js +51 -51
package/tests/responseWrapper.node-test.js +74 -74
package/tests/router-middleware.node-test.js +46 -46
package/tests/router.node-test.js +88 -88
package/tests/serveFile.node-test.js +52 -52
package/tests/test-utils.js +106 -106

package/docs/api/user/[id]/[info]/POST.js CHANGED Viewed

@@ -1,18 +1,18 @@
-export default async function(request, response) {
-  const { id, info } = request.params;
-  try {
-    const updateData = await request.json();
-    // Example response for updating user info
-    const updatedUser = {
-      id: id,
-      message: 'User info updated successfully',
-      updatedFields: updateData
-    };
-    response.json(updatedUser);
-  } catch (error) {
-    response.status(400).json({ error: 'Invalid JSON' });
-  }
-}
+export default async function(request, response) {
+  const { id, info } = request.params;
+  try {
+    const updateData = await request.json();
+    // Example response for updating user info
+    const updatedUser = {
+      id: id,
+      message: 'User info updated successfully',
+      updatedFields: updateData
+    };
+    response.json(updatedUser);
+  } catch (error) {
+    response.status(400).json({ error: 'Invalid JSON' });
+  }
+}

package/docs/api/user/[id]/[info]/PUT.js CHANGED Viewed

@@ -1,19 +1,19 @@
-export default async function(request, response) {
-  const { id, info } = request.params;
-  try {
-    const updateData = await request.json();
-    // Example response for replacing user info
-    const updatedUser = {
-      id: id,
-      message: 'User info replaced successfully',
-      newData: updateData,
-      updatedAt: new Date().toISOString()
-    };
-    response.json(updatedUser);
-  } catch (error) {
-    response.status(400).json({ error: 'Invalid JSON' });
-  }
-}
+export default async function(request, response) {
+  const { id, info } = request.params;
+  try {
+    const updateData = await request.json();
+    // Example response for replacing user info
+    const updatedUser = {
+      id: id,
+      message: 'User info replaced successfully',
+      newData: updateData,
+      updatedAt: new Date().toISOString()
+    };
+    response.json(updatedUser);
+  } catch (error) {
+    response.status(400).json({ error: 'Invalid JSON' });
+  }
+}

package/docs/configuration.html CHANGED Viewed

@@ -1,119 +1,119 @@
-<html lang="en" theme="auto">
-<head>
-  <meta charset='utf-8'>
-  <meta http-equiv='X-UA-Compatible' content='IE=edge'>
-  <title>Configuration - Kempo Server</title>
-  <meta name='viewport' content='width=device-width, initial-scale=1'>
-  <link rel="icon" type="image/png" sizes="48x48" href="media/icon48.png">
-  <link rel="manifest" href="manifest.json">
-  <link rel="stylesheet" href="essential.css" />
-</head>
-<body>
-  <main>
-    <a href="./" class="btn">Home</a>
-    <h1>Configuration</h1>
-    <p>Customize Kempo Server's behavior with a simple JSON configuration file.</p>
-    <h2>Configuration File</h2>
-    <p>To configure the server create a <code>.config.json</code> within the root directory of your server (<code>public</code> in the start example).</p>
-    <p>This json file can have any of the following properties. Any property not defined will use the default configuration.</p>
-    <h2>Configuration Options</h2>
-    <ul>
-      <li><a href="#allowedMimes">allowedMimes</a> - File types that can be served</li>
-      <li><a href="#disallowedRegex">disallowedRegex</a> - Patterns for paths that should be blocked</li>
-      <li><a href="#customRoutes">customRoutes</a> - Custom route mappings</li>
-      <li><a href="#routeFiles">routeFiles</a> - Files that should be treated as route handlers</li>
-      <li><a href="#noRescanPaths">noRescanPaths</a> - Paths that should not trigger file system rescans</li>
-      <li><a href="#maxRescanAttempts">maxRescanAttempts</a> - Maximum number of rescan attempts</li>
-      <li><a href="#middleware">middleware</a> - Middleware configuration</li>
-    </ul>
-    <h3 id="allowedMimes">allowedMimes</h3>
-    <p>An object mapping file extensions to their MIME types. Files with extensions not in this list will not be served.</p>
-    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"allowedMimes"</span>: {<br />    <span class="hljs-attr">"html"</span>: <span class="hljs-string">"text/html"</span>,<br />    <span class="hljs-attr">"css"</span>: <span class="hljs-string">"text/css"</span>,<br />    <span class="hljs-attr">"js"</span>: <span class="hljs-string">"application/javascript"</span>,<br />    <span class="hljs-attr">"json"</span>: <span class="hljs-string">"application/json"</span>,<br />    <span class="hljs-attr">"png"</span>: <span class="hljs-string">"image/png"</span>,<br />    <span class="hljs-attr">"jpg"</span>: <span class="hljs-string">"image/jpeg"</span>,<br />    <span class="hljs-attr">"jpeg"</span>: <span class="hljs-string">"image/jpeg"</span>,<br />    <span class="hljs-attr">"gif"</span>: <span class="hljs-string">"image/gif"</span>,<br />    <span class="hljs-attr">"svg"</span>: <span class="hljs-string">"image/svg+xml"</span>,<br />    <span class="hljs-attr">"woff"</span>: <span class="hljs-string">"font/woff"</span>,<br />    <span class="hljs-attr">"woff2"</span>: <span class="hljs-string">"font/woff2"</span><br />  }<br />}</code></pre>
-    <h3 id="disallowedRegex">disallowedRegex</h3>
-    <p>An array of regular expressions that match paths that should never be served. This provides security by preventing access to sensitive files.</p>
-    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"disallowedRegex"</span>: [<br />    <span class="hljs-string">"^/\\..*"</span>,        <span class="hljs-comment">// Hidden files (starting with .)</span><br />    <span class="hljs-string">"\\.env$"</span>,        <span class="hljs-comment">// Environment files</span><br />    <span class="hljs-string">"\\.config$"</span>,     <span class="hljs-comment">// Configuration files</span><br />    <span class="hljs-string">"password"</span>,      <span class="hljs-comment">// Files containing "password"</span><br />    <span class="hljs-string">"node_modules"</span>,  <span class="hljs-comment">// Node modules directory</span><br />    <span class="hljs-string">"\\.git"</span>          <span class="hljs-comment">// Git directory</span><br />  ]<br />}</code></pre>
-    <h3 id="routeFiles">routeFiles</h3>
-    <p>An array of filenames that should be treated as route handlers and executed as JavaScript modules.</p>
-    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"routeFiles"</span>: [<br />    <span class="hljs-string">"GET.js"</span>,<br />    <span class="hljs-string">"POST.js"</span>,<br />    <span class="hljs-string">"PUT.js"</span>,<br />    <span class="hljs-string">"DELETE.js"</span>,<br />    <span class="hljs-string">"PATCH.js"</span>,<br />    <span class="hljs-string">"HEAD.js"</span>,<br />    <span class="hljs-string">"OPTIONS.js"</span>,<br />    <span class="hljs-string">"index.js"</span><br />  ]<br />}</code></pre>
-    <h3 id="noRescanPaths">noRescanPaths</h3>
-    <p>An array of regex patterns for paths that should not trigger a file system rescan. This improves performance for common static assets.</p>
-    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"noRescanPaths"</span>: [<br />    <span class="hljs-string">"/favicon\\.ico$"</span>,<br />    <span class="hljs-string">"/robots\\.txt$"</span>,<br />    <span class="hljs-string">"\\.map$"</span>,<br />    <span class="hljs-string">"\\.css$"</span>,<br />    <span class="hljs-string">"\\.js$"</span>,<br />    <span class="hljs-string">"\\.png$"</span>,<br />    <span class="hljs-string">"\\.jpg$"</span>,<br />    <span class="hljs-string">"\\.jpeg$"</span>,<br />    <span class="hljs-string">"\\.gif$"</span><br />  ]<br />}</code></pre>
-    <h3 id="customRoutes">customRoutes</h3>
-    <p>An object mapping custom route paths to file paths. Useful for aliasing or serving files from outside the document root.</p>
-    <h4>Basic Routes</h4>
-    <p>Map specific paths to files:</p>
-    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"customRoutes"</span>: {<br />    <span class="hljs-attr">"/vendor/bootstrap.css"</span>: <span class="hljs-string">"./node_modules/bootstrap/dist/css/bootstrap.min.css"</span>,<br />    <span class="hljs-attr">"/api/status"</span>: <span class="hljs-string">"./status.js"</span>,<br />    <span class="hljs-attr">"/health"</span>: <span class="hljs-string">"./health-check.js"</span><br />  }<br />}</code></pre>
-    <h4>Wildcard Routes</h4>
-    <p>Wildcard routes allow you to map entire directory structures using the <code>*</code> wildcard:</p>
-    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"customRoutes"</span>: {<br />    <span class="hljs-attr">"kempo/*"</span>: <span class="hljs-string">"./node_modules/kempo/dist/*"</span>,<br />    <span class="hljs-attr">"assets/*"</span>: <span class="hljs-string">"./static-files/*"</span>,<br />    <span class="hljs-attr">"docs/*"</span>: <span class="hljs-string">"./documentation/*"</span>,<br />    <span class="hljs-attr">"lib/*"</span>: <span class="hljs-string">"./node_modules/my-library/build/*"</span><br />  }<br />}</code></pre>
-    <p>With wildcard routes:</p>
-    <ul>
-      <li><code>kempo/styles.css</code> would serve <code>./node_modules/kempo/dist/styles.css</code></li>
-      <li><code>assets/logo.png</code> would serve <code>./static-files/logo.png</code></li>
-      <li><code>docs/readme.md</code> would serve <code>./documentation/readme.md</code></li>
-      <li><code>lib/utils.js</code> would serve <code>./node_modules/my-library/build/utils.js</code></li>
-    </ul>
-    <p>The <code>*</code> wildcard matches any single path segment (anything between <code>/</code> characters). Multiple wildcards can be used in a single route pattern.</p>
-    <h3 id="maxRescanAttempts">maxRescanAttempts</h3>
-    <p>The maximum number of times to attempt rescanning the file system when a file is not found. Defaults to 3.</p>
-    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"maxRescanAttempts"</span>: <span class="hljs-number">3</span><br />}</code></pre>
-    <h3 id="middleware">middleware</h3>
-    <p>Configuration for built-in and custom middleware. Middleware runs before your route handlers and can modify requests, responses, or handle requests entirely.</p>
-    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"middleware"</span>: {<br />    <span class="hljs-attr">"cors"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"origin"</span>: <span class="hljs-string">"*"</span><br />    },<br />    <span class="hljs-attr">"compression"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span><br />    },<br />    <span class="hljs-attr">"custom"</span>: [<span class="hljs-string">"./middleware/auth.js"</span>]<br />  }<br />}</code></pre>
-    <h2>Complete Configuration Example</h2>
-    <p>Here's a complete example of a <code>.config.json</code> file:</p>
-    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"allowedMimes"</span>: {<br />    <span class="hljs-attr">"html"</span>: <span class="hljs-string">"text/html"</span>,<br />    <span class="hljs-attr">"css"</span>: <span class="hljs-string">"text/css"</span>,<br />    <span class="hljs-attr">"js"</span>: <span class="hljs-string">"application/javascript"</span>,<br />    <span class="hljs-attr">"json"</span>: <span class="hljs-string">"application/json"</span>,<br />    <span class="hljs-attr">"png"</span>: <span class="hljs-string">"image/png"</span>,<br />    <span class="hljs-attr">"jpg"</span>: <span class="hljs-string">"image/jpeg"</span>,<br />    <span class="hljs-attr">"jpeg"</span>: <span class="hljs-string">"image/jpeg"</span>,<br />    <span class="hljs-attr">"gif"</span>: <span class="hljs-string">"image/gif"</span>,<br />    <span class="hljs-attr">"svg"</span>: <span class="hljs-string">"image/svg+xml"</span>,<br />    <span class="hljs-attr">"woff"</span>: <span class="hljs-string">"font/woff"</span>,<br />    <span class="hljs-attr">"woff2"</span>: <span class="hljs-string">"font/woff2"</span><br />  },<br />  <span class="hljs-attr">"disallowedRegex"</span>: [<br />    <span class="hljs-string">"^/\\..*"</span>,<br />    <span class="hljs-string">"\\.env$"</span>,<br />    <span class="hljs-string">"\\.config$"</span>,<br />    <span class="hljs-string">"password"</span>,<br />    <span class="hljs-string">"node_modules"</span>,<br />    <span class="hljs-string">"\\.git"</span><br />  ],<br />  <span class="hljs-attr">"routeFiles"</span>: [<br />    <span class="hljs-string">"GET.js"</span>,<br />    <span class="hljs-string">"POST.js"</span>,<br />    <span class="hljs-string">"PUT.js"</span>,<br />    <span class="hljs-string">"DELETE.js"</span>,<br />    <span class="hljs-string">"PATCH.js"</span>,<br />    <span class="hljs-string">"HEAD.js"</span>,<br />    <span class="hljs-string">"OPTIONS.js"</span>,<br />    <span class="hljs-string">"index.js"</span><br />  ],<br />  <span class="hljs-attr">"noRescanPaths"</span>: [<br />    <span class="hljs-string">"/favicon\\.ico$"</span>,<br />    <span class="hljs-string">"/robots\\.txt$"</span>,<br />    <span class="hljs-string">"\\.map$"</span>,<br />    <span class="hljs-string">"\\.css$"</span>,<br />    <span class="hljs-string">"\\.js$"</span>,<br />    <span class="hljs-string">"\\.png$"</span>,<br />    <span class="hljs-string">"\\.jpg$"</span>,<br />    <span class="hljs-string">"\\.jpeg$"</span>,<br />    <span class="hljs-string">"\\.gif$"</span><br />  ],<br />  <span class="hljs-attr">"customRoutes"</span>: {<br />    <span class="hljs-attr">"/vendor/bootstrap.css"</span>: <span class="hljs-string">"./node_modules/bootstrap/dist/css/bootstrap.min.css"</span>,<br />    <span class="hljs-attr">"/vendor/jquery.js"</span>: <span class="hljs-string">"./node_modules/jquery/dist/jquery.min.js"</span>,<br />    <span class="hljs-attr">"assets/*"</span>: <span class="hljs-string">"./static-files/*"</span>,<br />    <span class="hljs-attr">"docs/*"</span>: <span class="hljs-string">"./documentation/*"</span><br />  },<br />  <span class="hljs-attr">"maxRescanAttempts"</span>: <span class="hljs-number">3</span>,<br />  <span class="hljs-attr">"middleware"</span>: {<br />    <span class="hljs-attr">"cors"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"origin"</span>: <span class="hljs-string">"*"</span>,<br />      <span class="hljs-attr">"methods"</span>: [<span class="hljs-string">"GET"</span>, <span class="hljs-string">"POST"</span>, <span class="hljs-string">"PUT"</span>, <span class="hljs-string">"DELETE"</span>],<br />      <span class="hljs-attr">"headers"</span>: [<span class="hljs-string">"Content-Type"</span>, <span class="hljs-string">"Authorization"</span>]<br />    },<br />    <span class="hljs-attr">"compression"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"threshold"</span>: <span class="hljs-number">1024</span><br />    },<br />    <span class="hljs-attr">"security"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"headers"</span>: {<br />        <span class="hljs-attr">"X-Content-Type-Options"</span>: <span class="hljs-string">"nosniff"</span>,<br />        <span class="hljs-attr">"X-Frame-Options"</span>: <span class="hljs-string">"DENY"</span>,<br />        <span class="hljs-attr">"X-XSS-Protection"</span>: <span class="hljs-string">"1; mode=block"</span><br />      }<br />    },<br />    <span class="hljs-attr">"custom"</span>: [<br />      <span class="hljs-string">"./middleware/auth.js"</span>,<br />      <span class="hljs-string">"./middleware/logging.js"</span><br />    ]<br />  }<br />}</code></pre>
-    <h2>Environment-Specific Configuration</h2>
-    <p>You can create different configuration files for different environments:</p>
-    <h3>Development Configuration</h3>
-    <p>Create <code>.config.dev.json</code> for development:</p>
-    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"allowedMimes"</span>: {<br />    <span class="hljs-attr">"html"</span>: <span class="hljs-string">"text/html"</span>,<br />    <span class="hljs-attr">"css"</span>: <span class="hljs-string">"text/css"</span>,<br />    <span class="hljs-attr">"js"</span>: <span class="hljs-string">"application/javascript"</span>,<br />    <span class="hljs-attr">"json"</span>: <span class="hljs-string">"application/json"</span>,<br />    <span class="hljs-attr">"map"</span>: <span class="hljs-string">"application/json"</span><br />  },<br />  <span class="hljs-attr">"middleware"</span>: {<br />    <span class="hljs-attr">"cors"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"origin"</span>: <span class="hljs-string">"*"</span><br />    },<br />    <span class="hljs-attr">"compression"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">false</span><br />    }<br />  }<br />}</code></pre>
-    <h3>Production Configuration</h3>
-    <p>Create <code>.config.prod.json</code> for production:</p>
-    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"allowedMimes"</span>: {<br />    <span class="hljs-attr">"html"</span>: <span class="hljs-string">"text/html"</span>,<br />    <span class="hljs-attr">"css"</span>: <span class="hljs-string">"text/css"</span>,<br />    <span class="hljs-attr">"js"</span>: <span class="hljs-string">"application/javascript"</span>,<br />    <span class="hljs-attr">"json"</span>: <span class="hljs-string">"application/json"</span>,<br />    <span class="hljs-attr">"png"</span>: <span class="hljs-string">"image/png"</span>,<br />    <span class="hljs-attr">"jpg"</span>: <span class="hljs-string">"image/jpeg"</span><br />  },<br />  <span class="hljs-attr">"disallowedRegex"</span>: [<br />    <span class="hljs-string">"^/\\..*"</span>,<br />    <span class="hljs-string">"\\.env$"</span>,<br />    <span class="hljs-string">"\\.config$"</span>,<br />    <span class="hljs-string">"password"</span>,<br />    <span class="hljs-string">"node_modules"</span>,<br />    <span class="hljs-string">"\\.git"</span>,<br />    <span class="hljs-string">"\\.map$"</span><br />  ],<br />  <span class="hljs-attr">"middleware"</span>: {<br />    <span class="hljs-attr">"cors"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"origin"</span>: <span class="hljs-string">"https://yourdomain.com"</span><br />    },<br />    <span class="hljs-attr">"compression"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"threshold"</span>: <span class="hljs-number">1024</span><br />    },<br />    <span class="hljs-attr">"security"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"headers"</span>: {<br />        <span class="hljs-attr">"X-Content-Type-Options"</span>: <span class="hljs-string">"nosniff"</span>,<br />        <span class="hljs-attr">"X-Frame-Options"</span>: <span class="hljs-string">"DENY"</span>,<br />        <span class="hljs-attr">"X-XSS-Protection"</span>: <span class="hljs-string">"1; mode=block"</span>,<br />        <span class="hljs-attr">"Strict-Transport-Security"</span>: <span class="hljs-string">"max-age=31536000; includeSubDomains"</span><br />      }<br />    }<br />  }<br />}</code></pre>
-    <h2>Configuration Tips</h2>
-    <h3>Security Best Practices</h3>
-    <ul>
-      <li>Always include patterns to block sensitive files in <code>disallowedRegex</code></li>
-      <li>Use strict CORS settings in production</li>
-      <li>Enable security headers middleware</li>
-      <li>Don't serve source maps in production</li>
-    </ul>
-    <h3>Performance Optimization</h3>
-    <ul>
-      <li>Use <code>noRescanPaths</code> for static assets to improve performance</li>
-      <li>Enable compression for larger files</li>
-      <li>Use custom routes to serve files from CDN or optimized locations</li>
-      <li>Limit <code>maxRescanAttempts</code> to prevent excessive file system scanning</li>
-    </ul>
-    <h3>Development vs Production</h3>
-    <ul>
-      <li>Enable source maps in development, disable in production</li>
-      <li>Use relaxed CORS in development, strict in production</li>
-      <li>Enable compression in production for better performance</li>
-      <li>Add more security headers in production</li>
-    </ul>
-  </main>
-  <div style="height:25vh"></div>
-</body>
-</html>
+<html lang="en" theme="auto">
+<head>
+  <meta charset='utf-8'>
+  <meta http-equiv='X-UA-Compatible' content='IE=edge'>
+  <title>Configuration - Kempo Server</title>
+  <meta name='viewport' content='width=device-width, initial-scale=1'>
+  <link rel="icon" type="image/png" sizes="48x48" href="media/icon48.png">
+  <link rel="manifest" href="manifest.json">
+  <link rel="stylesheet" href="essential.css" />
+</head>
+<body>
+  <main>
+    <a href="./" class="btn">Home</a>
+    <h1>Configuration</h1>
+    <p>Customize Kempo Server's behavior with a simple JSON configuration file.</p>
+    <h2>Configuration File</h2>
+    <p>To configure the server create a <code>.config.json</code> within the root directory of your server (<code>public</code> in the start example).</p>
+    <p>This json file can have any of the following properties. Any property not defined will use the default configuration.</p>
+    <h2>Configuration Options</h2>
+    <ul>
+      <li><a href="#allowedMimes">allowedMimes</a> - File types that can be served</li>
+      <li><a href="#disallowedRegex">disallowedRegex</a> - Patterns for paths that should be blocked</li>
+      <li><a href="#customRoutes">customRoutes</a> - Custom route mappings</li>
+      <li><a href="#routeFiles">routeFiles</a> - Files that should be treated as route handlers</li>
+      <li><a href="#noRescanPaths">noRescanPaths</a> - Paths that should not trigger file system rescans</li>
+      <li><a href="#maxRescanAttempts">maxRescanAttempts</a> - Maximum number of rescan attempts</li>
+      <li><a href="#middleware">middleware</a> - Middleware configuration</li>
+    </ul>
+    <h3 id="allowedMimes">allowedMimes</h3>
+    <p>An object mapping file extensions to their MIME types. Files with extensions not in this list will not be served.</p>
+    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"allowedMimes"</span>: {<br />    <span class="hljs-attr">"html"</span>: <span class="hljs-string">"text/html"</span>,<br />    <span class="hljs-attr">"css"</span>: <span class="hljs-string">"text/css"</span>,<br />    <span class="hljs-attr">"js"</span>: <span class="hljs-string">"application/javascript"</span>,<br />    <span class="hljs-attr">"json"</span>: <span class="hljs-string">"application/json"</span>,<br />    <span class="hljs-attr">"png"</span>: <span class="hljs-string">"image/png"</span>,<br />    <span class="hljs-attr">"jpg"</span>: <span class="hljs-string">"image/jpeg"</span>,<br />    <span class="hljs-attr">"jpeg"</span>: <span class="hljs-string">"image/jpeg"</span>,<br />    <span class="hljs-attr">"gif"</span>: <span class="hljs-string">"image/gif"</span>,<br />    <span class="hljs-attr">"svg"</span>: <span class="hljs-string">"image/svg+xml"</span>,<br />    <span class="hljs-attr">"woff"</span>: <span class="hljs-string">"font/woff"</span>,<br />    <span class="hljs-attr">"woff2"</span>: <span class="hljs-string">"font/woff2"</span><br />  }<br />}</code></pre>
+    <h3 id="disallowedRegex">disallowedRegex</h3>
+    <p>An array of regular expressions that match paths that should never be served. This provides security by preventing access to sensitive files.</p>
+    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"disallowedRegex"</span>: [<br />    <span class="hljs-string">"^/\\..*"</span>,        <span class="hljs-comment">// Hidden files (starting with .)</span><br />    <span class="hljs-string">"\\.env$"</span>,        <span class="hljs-comment">// Environment files</span><br />    <span class="hljs-string">"\\.config$"</span>,     <span class="hljs-comment">// Configuration files</span><br />    <span class="hljs-string">"password"</span>,      <span class="hljs-comment">// Files containing "password"</span><br />    <span class="hljs-string">"node_modules"</span>,  <span class="hljs-comment">// Node modules directory</span><br />    <span class="hljs-string">"\\.git"</span>          <span class="hljs-comment">// Git directory</span><br />  ]<br />}</code></pre>
+    <h3 id="routeFiles">routeFiles</h3>
+    <p>An array of filenames that should be treated as route handlers and executed as JavaScript modules.</p>
+    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"routeFiles"</span>: [<br />    <span class="hljs-string">"GET.js"</span>,<br />    <span class="hljs-string">"POST.js"</span>,<br />    <span class="hljs-string">"PUT.js"</span>,<br />    <span class="hljs-string">"DELETE.js"</span>,<br />    <span class="hljs-string">"PATCH.js"</span>,<br />    <span class="hljs-string">"HEAD.js"</span>,<br />    <span class="hljs-string">"OPTIONS.js"</span>,<br />    <span class="hljs-string">"index.js"</span><br />  ]<br />}</code></pre>
+    <h3 id="noRescanPaths">noRescanPaths</h3>
+    <p>An array of regex patterns for paths that should not trigger a file system rescan. This improves performance for common static assets.</p>
+    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"noRescanPaths"</span>: [<br />    <span class="hljs-string">"/favicon\\.ico$"</span>,<br />    <span class="hljs-string">"/robots\\.txt$"</span>,<br />    <span class="hljs-string">"\\.map$"</span>,<br />    <span class="hljs-string">"\\.css$"</span>,<br />    <span class="hljs-string">"\\.js$"</span>,<br />    <span class="hljs-string">"\\.png$"</span>,<br />    <span class="hljs-string">"\\.jpg$"</span>,<br />    <span class="hljs-string">"\\.jpeg$"</span>,<br />    <span class="hljs-string">"\\.gif$"</span><br />  ]<br />}</code></pre>
+    <h3 id="customRoutes">customRoutes</h3>
+    <p>An object mapping custom route paths to file paths. Useful for aliasing or serving files from outside the document root.</p>
+    <h4>Basic Routes</h4>
+    <p>Map specific paths to files:</p>
+    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"customRoutes"</span>: {<br />    <span class="hljs-attr">"/vendor/bootstrap.css"</span>: <span class="hljs-string">"./node_modules/bootstrap/dist/css/bootstrap.min.css"</span>,<br />    <span class="hljs-attr">"/api/status"</span>: <span class="hljs-string">"./status.js"</span>,<br />    <span class="hljs-attr">"/health"</span>: <span class="hljs-string">"./health-check.js"</span><br />  }<br />}</code></pre>
+    <h4>Wildcard Routes</h4>
+    <p>Wildcard routes allow you to map entire directory structures using the <code>*</code> wildcard:</p>
+    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"customRoutes"</span>: {<br />    <span class="hljs-attr">"kempo/*"</span>: <span class="hljs-string">"./node_modules/kempo/dist/*"</span>,<br />    <span class="hljs-attr">"assets/*"</span>: <span class="hljs-string">"./static-files/*"</span>,<br />    <span class="hljs-attr">"docs/*"</span>: <span class="hljs-string">"./documentation/*"</span>,<br />    <span class="hljs-attr">"lib/*"</span>: <span class="hljs-string">"./node_modules/my-library/build/*"</span><br />  }<br />}</code></pre>
+    <p>With wildcard routes:</p>
+    <ul>
+      <li><code>kempo/styles.css</code> would serve <code>./node_modules/kempo/dist/styles.css</code></li>
+      <li><code>assets/logo.png</code> would serve <code>./static-files/logo.png</code></li>
+      <li><code>docs/readme.md</code> would serve <code>./documentation/readme.md</code></li>
+      <li><code>lib/utils.js</code> would serve <code>./node_modules/my-library/build/utils.js</code></li>
+    </ul>
+    <p>The <code>*</code> wildcard matches any single path segment (anything between <code>/</code> characters). Multiple wildcards can be used in a single route pattern.</p>
+    <h3 id="maxRescanAttempts">maxRescanAttempts</h3>
+    <p>The maximum number of times to attempt rescanning the file system when a file is not found. Defaults to 3.</p>
+    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"maxRescanAttempts"</span>: <span class="hljs-number">3</span><br />}</code></pre>
+    <h3 id="middleware">middleware</h3>
+    <p>Configuration for built-in and custom middleware. Middleware runs before your route handlers and can modify requests, responses, or handle requests entirely.</p>
+    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"middleware"</span>: {<br />    <span class="hljs-attr">"cors"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"origin"</span>: <span class="hljs-string">"*"</span><br />    },<br />    <span class="hljs-attr">"compression"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span><br />    },<br />    <span class="hljs-attr">"custom"</span>: [<span class="hljs-string">"./middleware/auth.js"</span>]<br />  }<br />}</code></pre>
+    <h2>Complete Configuration Example</h2>
+    <p>Here's a complete example of a <code>.config.json</code> file:</p>
+    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"allowedMimes"</span>: {<br />    <span class="hljs-attr">"html"</span>: <span class="hljs-string">"text/html"</span>,<br />    <span class="hljs-attr">"css"</span>: <span class="hljs-string">"text/css"</span>,<br />    <span class="hljs-attr">"js"</span>: <span class="hljs-string">"application/javascript"</span>,<br />    <span class="hljs-attr">"json"</span>: <span class="hljs-string">"application/json"</span>,<br />    <span class="hljs-attr">"png"</span>: <span class="hljs-string">"image/png"</span>,<br />    <span class="hljs-attr">"jpg"</span>: <span class="hljs-string">"image/jpeg"</span>,<br />    <span class="hljs-attr">"jpeg"</span>: <span class="hljs-string">"image/jpeg"</span>,<br />    <span class="hljs-attr">"gif"</span>: <span class="hljs-string">"image/gif"</span>,<br />    <span class="hljs-attr">"svg"</span>: <span class="hljs-string">"image/svg+xml"</span>,<br />    <span class="hljs-attr">"woff"</span>: <span class="hljs-string">"font/woff"</span>,<br />    <span class="hljs-attr">"woff2"</span>: <span class="hljs-string">"font/woff2"</span><br />  },<br />  <span class="hljs-attr">"disallowedRegex"</span>: [<br />    <span class="hljs-string">"^/\\..*"</span>,<br />    <span class="hljs-string">"\\.env$"</span>,<br />    <span class="hljs-string">"\\.config$"</span>,<br />    <span class="hljs-string">"password"</span>,<br />    <span class="hljs-string">"node_modules"</span>,<br />    <span class="hljs-string">"\\.git"</span><br />  ],<br />  <span class="hljs-attr">"routeFiles"</span>: [<br />    <span class="hljs-string">"GET.js"</span>,<br />    <span class="hljs-string">"POST.js"</span>,<br />    <span class="hljs-string">"PUT.js"</span>,<br />    <span class="hljs-string">"DELETE.js"</span>,<br />    <span class="hljs-string">"PATCH.js"</span>,<br />    <span class="hljs-string">"HEAD.js"</span>,<br />    <span class="hljs-string">"OPTIONS.js"</span>,<br />    <span class="hljs-string">"index.js"</span><br />  ],<br />  <span class="hljs-attr">"noRescanPaths"</span>: [<br />    <span class="hljs-string">"/favicon\\.ico$"</span>,<br />    <span class="hljs-string">"/robots\\.txt$"</span>,<br />    <span class="hljs-string">"\\.map$"</span>,<br />    <span class="hljs-string">"\\.css$"</span>,<br />    <span class="hljs-string">"\\.js$"</span>,<br />    <span class="hljs-string">"\\.png$"</span>,<br />    <span class="hljs-string">"\\.jpg$"</span>,<br />    <span class="hljs-string">"\\.jpeg$"</span>,<br />    <span class="hljs-string">"\\.gif$"</span><br />  ],<br />  <span class="hljs-attr">"customRoutes"</span>: {<br />    <span class="hljs-attr">"/vendor/bootstrap.css"</span>: <span class="hljs-string">"./node_modules/bootstrap/dist/css/bootstrap.min.css"</span>,<br />    <span class="hljs-attr">"/vendor/jquery.js"</span>: <span class="hljs-string">"./node_modules/jquery/dist/jquery.min.js"</span>,<br />    <span class="hljs-attr">"assets/*"</span>: <span class="hljs-string">"./static-files/*"</span>,<br />    <span class="hljs-attr">"docs/*"</span>: <span class="hljs-string">"./documentation/*"</span><br />  },<br />  <span class="hljs-attr">"maxRescanAttempts"</span>: <span class="hljs-number">3</span>,<br />  <span class="hljs-attr">"middleware"</span>: {<br />    <span class="hljs-attr">"cors"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"origin"</span>: <span class="hljs-string">"*"</span>,<br />      <span class="hljs-attr">"methods"</span>: [<span class="hljs-string">"GET"</span>, <span class="hljs-string">"POST"</span>, <span class="hljs-string">"PUT"</span>, <span class="hljs-string">"DELETE"</span>],<br />      <span class="hljs-attr">"headers"</span>: [<span class="hljs-string">"Content-Type"</span>, <span class="hljs-string">"Authorization"</span>]<br />    },<br />    <span class="hljs-attr">"compression"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"threshold"</span>: <span class="hljs-number">1024</span><br />    },<br />    <span class="hljs-attr">"security"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"headers"</span>: {<br />        <span class="hljs-attr">"X-Content-Type-Options"</span>: <span class="hljs-string">"nosniff"</span>,<br />        <span class="hljs-attr">"X-Frame-Options"</span>: <span class="hljs-string">"DENY"</span>,<br />        <span class="hljs-attr">"X-XSS-Protection"</span>: <span class="hljs-string">"1; mode=block"</span><br />      }<br />    },<br />    <span class="hljs-attr">"custom"</span>: [<br />      <span class="hljs-string">"./middleware/auth.js"</span>,<br />      <span class="hljs-string">"./middleware/logging.js"</span><br />    ]<br />  }<br />}</code></pre>
+    <h2>Environment-Specific Configuration</h2>
+    <p>You can create different configuration files for different environments:</p>
+    <h3>Development Configuration</h3>
+    <p>Create <code>.config.dev.json</code> for development:</p>
+    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"allowedMimes"</span>: {<br />    <span class="hljs-attr">"html"</span>: <span class="hljs-string">"text/html"</span>,<br />    <span class="hljs-attr">"css"</span>: <span class="hljs-string">"text/css"</span>,<br />    <span class="hljs-attr">"js"</span>: <span class="hljs-string">"application/javascript"</span>,<br />    <span class="hljs-attr">"json"</span>: <span class="hljs-string">"application/json"</span>,<br />    <span class="hljs-attr">"map"</span>: <span class="hljs-string">"application/json"</span><br />  },<br />  <span class="hljs-attr">"middleware"</span>: {<br />    <span class="hljs-attr">"cors"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"origin"</span>: <span class="hljs-string">"*"</span><br />    },<br />    <span class="hljs-attr">"compression"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">false</span><br />    }<br />  }<br />}</code></pre>
+    <h3>Production Configuration</h3>
+    <p>Create <code>.config.prod.json</code> for production:</p>
+    <pre><code class="hljs json">{<br />  <span class="hljs-attr">"allowedMimes"</span>: {<br />    <span class="hljs-attr">"html"</span>: <span class="hljs-string">"text/html"</span>,<br />    <span class="hljs-attr">"css"</span>: <span class="hljs-string">"text/css"</span>,<br />    <span class="hljs-attr">"js"</span>: <span class="hljs-string">"application/javascript"</span>,<br />    <span class="hljs-attr">"json"</span>: <span class="hljs-string">"application/json"</span>,<br />    <span class="hljs-attr">"png"</span>: <span class="hljs-string">"image/png"</span>,<br />    <span class="hljs-attr">"jpg"</span>: <span class="hljs-string">"image/jpeg"</span><br />  },<br />  <span class="hljs-attr">"disallowedRegex"</span>: [<br />    <span class="hljs-string">"^/\\..*"</span>,<br />    <span class="hljs-string">"\\.env$"</span>,<br />    <span class="hljs-string">"\\.config$"</span>,<br />    <span class="hljs-string">"password"</span>,<br />    <span class="hljs-string">"node_modules"</span>,<br />    <span class="hljs-string">"\\.git"</span>,<br />    <span class="hljs-string">"\\.map$"</span><br />  ],<br />  <span class="hljs-attr">"middleware"</span>: {<br />    <span class="hljs-attr">"cors"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"origin"</span>: <span class="hljs-string">"https://yourdomain.com"</span><br />    },<br />    <span class="hljs-attr">"compression"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"threshold"</span>: <span class="hljs-number">1024</span><br />    },<br />    <span class="hljs-attr">"security"</span>: {<br />      <span class="hljs-attr">"enabled"</span>: <span class="hljs-literal">true</span>,<br />      <span class="hljs-attr">"headers"</span>: {<br />        <span class="hljs-attr">"X-Content-Type-Options"</span>: <span class="hljs-string">"nosniff"</span>,<br />        <span class="hljs-attr">"X-Frame-Options"</span>: <span class="hljs-string">"DENY"</span>,<br />        <span class="hljs-attr">"X-XSS-Protection"</span>: <span class="hljs-string">"1; mode=block"</span>,<br />        <span class="hljs-attr">"Strict-Transport-Security"</span>: <span class="hljs-string">"max-age=31536000; includeSubDomains"</span><br />      }<br />    }<br />  }<br />}</code></pre>
+    <h2>Configuration Tips</h2>
+    <h3>Security Best Practices</h3>
+    <ul>
+      <li>Always include patterns to block sensitive files in <code>disallowedRegex</code></li>
+      <li>Use strict CORS settings in production</li>
+      <li>Enable security headers middleware</li>
+      <li>Don't serve source maps in production</li>
+    </ul>
+    <h3>Performance Optimization</h3>
+    <ul>
+      <li>Use <code>noRescanPaths</code> for static assets to improve performance</li>
+      <li>Enable compression for larger files</li>
+      <li>Use custom routes to serve files from CDN or optimized locations</li>
+      <li>Limit <code>maxRescanAttempts</code> to prevent excessive file system scanning</li>
+    </ul>
+    <h3>Development vs Production</h3>
+    <ul>
+      <li>Enable source maps in development, disable in production</li>
+      <li>Use relaxed CORS in development, strict in production</li>
+      <li>Enable compression in production for better performance</li>
+      <li>Add more security headers in production</li>
+    </ul>
+  </main>
+  <div style="height:25vh"></div>
+</body>
+</html>