mockaton 11.3.0 → 11.4.0

package/README.md

@@ -7,7 +7,8 @@
 An HTTP mock server for simulating APIs with minimal setup — ideal
 for testing difficult to reproduce backend states. 
 
-## https://mockaton.com ↗
+## [mockaton.com ↗](https://mockaton.com) 
+## [Changelog ↗](https://mockaton.com/changelog)
 
 ## Overview
 With Mockaton, you don’t need to write code for wiring up your
@@ -49,9 +50,9 @@ curl localhost:2020/api/user
 
 
 <picture>
-  <source media="(prefers-color-scheme: light)" srcset="https://raw.githubusercontent.com/ericfortis/mockaton/refs/heads/main/pixaton-tests/tests/macos/pic-for-readme.vp761x740.light.gold.png">
-  <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/ericfortis/mockaton/refs/heads/main/pixaton-tests/tests/macos/pic-for-readme.vp761x740.dark.gold.png">
-  <img alt="Mockaton Dashboard" src="https://raw.githubusercontent.com/ericfortis/mockaton/refs/heads/main/pixaton-tests/tests/macos/pic-for-readme.vp761x740.dark.gold.png">
+  <source media="(prefers-color-scheme: light)" srcset="https://raw.githubusercontent.com/ericfortis/mockaton/refs/heads/main/pixaton-tests/tests/macos/pic-for-readme.vp822x740.light.gold.png">
+  <source media="(prefers-color-scheme: dark)" srcset="https://raw.githubusercontent.com/ericfortis/mockaton/refs/heads/main/pixaton-tests/tests/macos/pic-for-readme.vp822x740.dark.gold.png">
+  <img alt="Mockaton Dashboard" src="https://raw.githubusercontent.com/ericfortis/mockaton/refs/heads/main/pixaton-tests/tests/macos/pic-for-readme.vp822x740.dark.gold.png">
 </picture>
 
 On the dashboard you can:
@@ -64,7 +65,5 @@ Nonetheless, there’s a programmatic API, which is handy for
 setting up tests (see **Commander&nbsp;API** section below).
 
 
-## [Changelog ↗](https://mockaton.com/changelog)
-
 ## License
 MIT

package/index.d.ts

@@ -14,6 +14,7 @@ export interface Config {
 	staticDir?: string
 	ignore?: RegExp
 	watcherEnabled?: boolean
+	watcherDebounceMs?: number
 
 	host?: string,
 	port?: number
@@ -98,6 +99,7 @@ export interface State {
 	comments: string[]
 
 	delay: number
+	delayJitter: number
 
 	collectProxied: boolean
 	proxyFallback: string

package/package.json

@@ -2,7 +2,7 @@
 	"name": "mockaton",
 	"description": "HTTP Mock Server",
 	"type": "module",
-	"version": "11.3.0",
+	"version": "11.4.0",
 	"exports": {
 		".": {
 			"import": "./index.js",

package/src/client/ApiCommander.js

@@ -23,6 +23,9 @@ export class Commander {
 
 	/** @returns {Promise<Response>} */
 	setGlobalDelay = delay => this.#patch(API.globalDelay, delay)
+	
+	/** @returns {Promise<Response>} */
+	setGlobalDelayJitter = jitterPct => this.#patch(API.globalDelayJitter, jitterPct)
 
 	/** @returns {Promise<Response>} */
 	setCorsAllowed = value => this.#patch(API.cors, value)

package/src/client/ApiConstants.js

@@ -12,6 +12,7 @@ export const API = {
 	delayStatic: MOUNT + '/delay-static',
 	fallback: MOUNT + '/fallback',
 	globalDelay: MOUNT + '/global-delay',
+	globalDelayJitter: MOUNT + '/global-delay-jitter',
 	proxied: MOUNT + '/proxied',
 	reset: MOUNT + '/reset',
 	select: MOUNT + '/select',

package/src/client/app-store.js

@@ -16,6 +16,7 @@ export const store = {
 	cookies: [],
 	comments: [],
 	delay: 0,
+	delayJitter: 0,
 
 	collectProxied: false,
 	proxyFallback: '',
@@ -84,6 +85,15 @@ export const store = {
 		}
 		catch (error) { store.onError(error) }
 	},
+	
+	async setGlobalDelayJitter(value) {
+		try {
+			const response = await api.setGlobalDelayJitter(value)
+			if (!response.ok) throw response
+			store.delayJitter = value
+		}
+		catch (error) { store.onError(error) }
+	},
 
 	async selectCookie(name) {
 		try {

package/src/client/app.js

@@ -17,12 +17,13 @@ const CSS = {
 	FallbackBackend: null,
 	Field: null,
 	GlobalDelayField: null,
+	GlobalDelayJitterField: null,
+	GlobalDelayWrap: null,
 	GroupByMethod: null,
 	InternalServerErrorToggler: null,
 	Logo: null,
 	MenuTrigger: null,
 	Method: null,
-	MockList: null,
 	MockSelector: null,
 	NotFoundToggler: null,
 	PayloadViewer: null,
@@ -110,7 +111,7 @@ function Header() {
 		r('header', null,
 			r('a', {
 					className: CSS.Logo,
-					href: 'https://mockaton.com',
+					href: 'https://mockaton.com'
 				},
 				r('object', {
 					data: 'logo.svg',
@@ -119,14 +120,18 @@ function Header() {
 					height: 22
 				})),
 			r('div', null,
-				GlobalDelayField(),
+				r('div', className(CSS.GlobalDelayWrap),
+					GlobalDelayField(),
+					GlobalDelayJitterField()),
 				BulkSelector(),
 				CookieSelector(),
 				ProxyFallbackField(),
 				ResetButton(),
-				SettingsMenuTrigger())))
+				SettingsMenuTrigger()
+			)))
 }
 
+
 function GlobalDelayField() {
 	function onChange() {
 		store.setGlobalDelay(this.valueAsNumber)
@@ -143,6 +148,7 @@ function GlobalDelayField() {
 		r('label', className(CSS.Field, CSS.GlobalDelayField),
 			r('span', null, t`Delay (ms)`),
 			r('input', {
+				name: 'delay',
 				type: 'number',
 				min: 0,
 				step: 100,
@@ -153,6 +159,38 @@ function GlobalDelayField() {
 			})))
 }
 
+function GlobalDelayJitterField() {
+	function onChange() {
+		this.value = this.valueAsNumber.toFixed(0)
+		this.value = Math.max(0, this.valueAsNumber)
+		this.value = Math.min(300, this.valueAsNumber)
+		store.setGlobalDelayJitter(this.valueAsNumber / 100)
+	}
+	function onWheel(event) {
+		if (event.deltaY > 0)
+			this.stepUp()
+		else
+			this.stepDown()
+		clearTimeout(onWheel.timer)
+		onWheel.timer = setTimeout(onChange.bind(this), 300)
+	}
+	return (
+		r('label', className(CSS.Field, CSS.GlobalDelayJitterField),
+			r('span', null, t`Max Jitter %`),
+			r('input', {
+				name: 'delay-jitter',
+				type: 'number',
+				min: 0,
+				max: 300,
+				step: 10,
+				autocomplete: 'none',
+				value: (store.delayJitter * 100).toFixed(0),
+				onChange,
+				onWheel: [onWheel, { passive: true }]
+			})))
+}
+
+
 function BulkSelector() {
 	const { comments } = store
 	const firstOption = t`Pick Comment…`
@@ -209,6 +247,7 @@ function ProxyFallbackField() {
 			r('label', null,
 				r('span', null, t`Fallback`),
 				r('input', {
+					name: 'fallback',
 					type: 'url',
 					autocomplete: 'none',
 					placeholder: t`Type backend address`,
@@ -222,6 +261,7 @@ function SaveProxiedCheckbox(ref) {
 	return (
 		r('label', className(CSS.SaveProxiedCheckbox),
 			r('input', {
+				name: 'save-proxied',
 				ref,
 				type: 'checkbox',
 				disabled: !store.canProxy,
@@ -269,6 +309,7 @@ function SettingsMenu(id) {
 			r('div', null,
 				r('label', className(CSS.GroupByMethod),
 					r('input', {
+						name: 'group-by-method',
 						ref: firstInputRef,
 						type: 'checkbox',
 						checked: store.groupByMethod,
@@ -281,7 +322,7 @@ function SettingsMenu(id) {
 					target: '_blank',
 					rel: 'noopener noreferrer'
 				}, t`Website`),
-				
+
 				r('a', {
 					href: 'https://github.com/ericfortis/mockaton',
 					target: '_blank',

package/src/client/dom-utils.js

@@ -77,3 +77,4 @@ function selectorFor(elem) {
 	}
 	return path.reverse().join('>')
 }
+

package/src/client/indexHtml.js

@@ -7,6 +7,7 @@ export const CSP = [
 ].join(';')
 
 
+// language=html
 export const IndexHtml = hotReloadEnabled => `
 <!DOCTYPE html>
 <html lang="en-US">

package/src/client/styles.css

@@ -137,7 +137,7 @@ header {
 		align-self: end;
 		margin-right: 22px;
 		margin-bottom: 3px;
-		
+
 		object {
 			pointer-events: none;
 		}
@@ -151,10 +151,10 @@ header {
 		gap: 16px 8px;
 	}
 
-	@media (max-width: 760px) {
-		> img {
-			width: 100px;
-			align-self: center;
+	@media (max-width: 820px) {
+		.Logo {
+			margin-top: 16px;
+			align-self: start;
 		}
 
 		> div {
@@ -170,6 +170,10 @@ header {
 		}
 	}
 
+	.GlobalDelayWrap {
+		display: flex;
+	}
+
 	.Field {
 		width: 116px;
 
@@ -202,10 +206,13 @@ header {
 		}
 
 		&.GlobalDelayField {
+			position: relative;
 			width: 76px;
 
-			input[type=number] {
+			input {
 				padding-right: 6px;
+				border-bottom-right-radius: 0;
+				border-top-right-radius: 0;
 			}
 
 			svg {
@@ -215,6 +222,25 @@ header {
 				stroke-width: 3px;
 				border-radius: 50%;
 			}
+			
+			&:focus-within {
+				z-index: 100;
+			}
+		}
+		
+		&.GlobalDelayJitterField {
+			width: 70px;
+			span {
+				margin-left: 0;
+			}
+			input {
+				border-left: 2px solid transparent;
+				border-bottom-left-radius: 0;
+				border-top-left-radius: 0;
+			}
+			&:focus-within {
+				z-index: 100;
+			}
 		}
 
 		&.CookieSelector {
@@ -223,7 +249,7 @@ header {
 
 		&.FallbackBackend {
 			position: relative;
-			width: 160px;
+			width: 150px;
 
 			.SaveProxiedCheckbox {
 				position: absolute;

package/src/server/Api.js

@@ -39,6 +39,7 @@ export const apiPatchReqs = new Map([
 	[API.reset, reinitialize],
 	[API.cookies, selectCookie],
 	[API.globalDelay, setGlobalDelay],
+	[API.globalDelayJitter, setGlobalDelayJitter],
 	
 	[API.fallback, setProxyFallback],
 	[API.collectProxied, setCollectProxied],
@@ -117,6 +118,17 @@ async function setGlobalDelay(req, response) {
 	}
 }
 
+async function setGlobalDelayJitter(req, response) {
+	const jitter = await req.json()
+
+	if (!ConfigValidator.delayJitter(jitter))
+		response.unprocessable(`Expected 0 to 3 float for "delayJitter"`)
+	else {
+		config.delayJitter = jitter
+		response.ok()
+	}
+}
+
 
 async function selectCookie(req, response) {
 	const cookieKey = await req.json()

package/src/server/ApiConstants.js

@@ -12,6 +12,7 @@ export const API = {
 	delayStatic: MOUNT + '/delay-static',
 	fallback: MOUNT + '/fallback',
 	globalDelay: MOUNT + '/global-delay',
+	globalDelayJitter: MOUNT + '/global-delay-jitter',
 	proxied: MOUNT + '/proxied',
 	reset: MOUNT + '/reset',
 	select: MOUNT + '/select',

package/src/server/Mockaton.test.js

@@ -39,7 +39,7 @@ const CUSTOM_EXT = 'custom_extension'
 const CUSTOM_MIME = 'custom_mime'
 const CUSTOM_HEADER_NAME = 'custom_header_name'
 const CUSTOM_HEADER_VAL = 'custom_header_val'
-const ALLOWED_ORIGIN = 'http://example.com'
+const ALLOWED_ORIGIN = 'https://example.test'
 
 const server = await Mockaton({
 	mocksDir,
@@ -51,7 +51,8 @@ const server = await Mockaton({
 	logLevel: 'verbose',
 	corsOrigins: [ALLOWED_ORIGIN],
 	corsExposedHeaders: ['Content-Encoding'],
-	watcherEnabled: false,
+	watcherEnabled: false, // But we enable it at run-time
+	watcherDebounceMs: 0
 })
 after(() => server?.close())
 
@@ -308,7 +309,7 @@ describe('Cookie', () => {
 
 describe('Delay', () => {
 	describe('Set Global Delay', () => {
-		test('422 for invalid global delay value', async () => {
+		test('422 for invalid value', async () => {
 			const r = await api.setGlobalDelay('not-a-number')
 			equal(r.status, 422)
 			equal(await r.text(), 'Expected non-negative integer for "delay"')
@@ -320,6 +321,19 @@ describe('Delay', () => {
 		})
 	})
 
+	describe('Set Global Delay Jitter', () => {
+		test('422 for invalid value', async () => {
+			const r = await api.setGlobalDelayJitter('not-a-number')
+			equal(r.status, 422)
+			equal(await r.text(), 'Expected 0 to 3 float for "delayJitter"')
+		})
+		test('200 for valid value', async () => {
+			const r = await api.setGlobalDelayJitter(0.1)
+			equal(r.status, 200)
+			equal((await fetchState()).delayJitter, 0.1)
+		})
+	})
+
 	test('updates route delay', async () => {
 		const fx = new Fixture('route-delay.GET.200.json')
 		await fx.sync()
@@ -404,9 +418,9 @@ describe('Proxy Fallback', () => {
 		})
 
 		test('sets fallback', async () => {
-			const r = await api.setProxyFallback('http://example.com')
+			const r = await api.setProxyFallback('https://example.test')
 			equal(r.status, 200)
-			equal((await fetchState()).proxyFallback, 'http://example.com')
+			equal((await fetchState()).proxyFallback, 'https://example.test')
 		})
 
 		test('unsets fallback', async () => {
@@ -461,7 +475,7 @@ describe('Proxy Fallback', () => {
 		})
 
 		test('200 when setting', async () => {
-			await api.setProxyFallback('https://example.com')
+			await api.setProxyFallback('https://example.test')
 			const r0 = await api.setRouteIsProxied(fx.method, fx.urlMask, true)
 			equal(r0.status, 200)
 			equal((await r0.json()).proxied, true)
@@ -480,7 +494,7 @@ describe('Proxy Fallback', () => {
 		test('unsets auto500', async () => {
 			const fx = new Fixture('unset-500-on-proxy.GET.200.txt')
 			await fx.sync()
-			await api.setProxyFallback('https://example.com')
+			await api.setProxyFallback('https://example.test')
 
 			const r0 = await api.toggle500(fx.method, fx.urlMask)
 			const b0 = await r0.json()
@@ -500,7 +514,7 @@ describe('Proxy Fallback', () => {
 	test('updating selected mock resets proxied flag', async () => {
 		const fx = new Fixture('select-resets-proxied.GET.200.txt')
 		await fx.sync()
-		await api.setProxyFallback('http://example.com')
+		await api.setProxyFallback('https://example.test')
 		const r0 = await api.setRouteIsProxied(fx.method, fx.urlMask, true)
 		equal((await r0.json()).proxied, true)
 
@@ -789,7 +803,7 @@ describe('500', () => {
 	test('toggling ON 500 unsets `proxied` flag', async () => {
 		const fx = new Fixture('proxied-to-500.GET.200.txt')
 		await fx.sync()
-		await api.setProxyFallback('http://example.com')
+		await api.setProxyFallback('https://example.test')
 		await api.setRouteIsProxied(fx.method, fx.urlMask, true)
 		await api.toggle500(fx.method, fx.urlMask)
 		equal((await fx.fetchBroker()).proxied, false)

package/src/server/Watcher.js

@@ -21,7 +21,6 @@ import * as mockBrokerCollection from './mockBrokersCollection.js'
  * and also renames, which are two events (delete + add).
  */
 const uiSyncVersion = new class extends EventEmitter {
-	delay = Number(process.env.MOCKATON_WATCHER_DEBOUNCE_MS ?? 80)
 	version = 0
 
 	increment = /** @type {function} */ this.#debounce(() => {
@@ -40,7 +39,7 @@ const uiSyncVersion = new class extends EventEmitter {
 		let timer
 		return () => {
 			clearTimeout(timer)
-			timer = setTimeout(fn, this.delay)
+			timer = setTimeout(fn, config.watcherDebounceMs)
 		}
 	}
 }

package/src/server/WatcherDevClient.js

@@ -1,11 +1,10 @@
 import { join } from 'node:path'
 import { EventEmitter } from 'node:events'
 import { watch, readdirSync } from 'node:fs'
+import { config } from './config.js'
 import { LONG_POLL_SERVER_TIMEOUT } from './ApiConstants.js'
 
 
-const DEV = process.env.NODE_ENV === 'development'
-
 export const CLIENT_DIR = join(import.meta.dirname, '../client')
 export const DASHBOARD_ASSETS = readdirSync(CLIENT_DIR)
 
@@ -28,7 +27,7 @@ export function watchDevSPA() {
 
 /** Realtime notify Dev UI changes */
 export function longPollDevClientHotReload(req, response) {
-	if (!DEV) {
+	if (!config.hotReload) {
 		response.notFound()
 		return
 	}

package/src/server/config.js

@@ -21,6 +21,7 @@ const schema = {
 	staticDir: [resolve('mockaton-static-mocks'), optional(isDirectory)],
 	ignore: [/(\.DS_Store|~)$/, is(RegExp)],
 	watcherEnabled: [true, is(Boolean)],
+	watcherDebounceMs: [80, ms => Number.isInteger(ms) && ms >= 0],
 
 	host: ['127.0.0.1', is(String)],
 	port: [0, port => Number.isInteger(port) && port >= 0 && port < 2 ** 16], // 0 means auto-assigned
@@ -73,9 +74,6 @@ export const ConfigValidator = Object.freeze(validators)
 
 /** @param {Partial<Config>} opts */
 export function setup(opts) {
-	if (process.env.NODE_ENV !== 'development')
-		opts.hotReload = false
-	
 	if (opts.mocksDir)
 		opts.mocksDir = resolve(opts.mocksDir)
 

package/src/server/utils/http-cors.test.js

@@ -9,9 +9,9 @@ function headerIs(response, header, value) {
 	equal(response.headers.get(header), value)
 }
 
-const FooDotCom = 'http://foo.com'
-const AllowedDotCom = 'http://allowed.com'
-const NotAllowedDotCom = 'http://not-allowed.com'
+const FooDotTest = 'https://foo.test'
+const AllowedDotTest = 'https://allowed.test'
+const NotAllowedDotTest = 'https://not-allowed.test'
 
 await describe('CORS', async () => {
 	let corsConfig = {}
@@ -87,7 +87,7 @@ await describe('CORS', async () => {
 				corsMethods: ['GET']
 			}
 			const p = await preflight({
-				[CH.Origin]: FooDotCom,
+				[CH.Origin]: FooDotTest,
 				[CH.AcRequestMethod]: 'GET'
 			})
 			headerIs(p, CH.AcAllowOrigin, null)
@@ -99,11 +99,11 @@ await describe('CORS', async () => {
 
 		await test('not in allowed origins', async () => {
 			corsConfig = {
-				corsOrigins: [AllowedDotCom],
+				corsOrigins: [AllowedDotTest],
 				corsMethods: ['GET']
 			}
 			const p = await preflight({
-				[CH.Origin]: NotAllowedDotCom,
+				[CH.Origin]: NotAllowedDotTest,
 				[CH.AcRequestMethod]: 'GET'
 			})
 			headerIs(p, CH.AcAllowOrigin, null)
@@ -114,14 +114,14 @@ await describe('CORS', async () => {
 
 		await test('origin and method match', async () => {
 			corsConfig = {
-				corsOrigins: [AllowedDotCom],
+				corsOrigins: [AllowedDotTest],
 				corsMethods: ['GET']
 			}
 			const p = await preflight({
-				[CH.Origin]: AllowedDotCom,
+				[CH.Origin]: AllowedDotTest,
 				[CH.AcRequestMethod]: 'GET'
 			})
-			headerIs(p, CH.AcAllowOrigin, AllowedDotCom)
+			headerIs(p, CH.AcAllowOrigin, AllowedDotTest)
 			headerIs(p, CH.AcAllowMethods, 'GET')
 			headerIs(p, CH.AcAllowCredentials, null)
 			headerIs(p, CH.AcAllowHeaders, null)
@@ -129,14 +129,14 @@ await describe('CORS', async () => {
 
 		await test('origin matches from multiple', async () => {
 			corsConfig = {
-				corsOrigins: [AllowedDotCom, FooDotCom],
+				corsOrigins: [AllowedDotTest, FooDotTest],
 				corsMethods: ['GET']
 			}
 			const p = await preflight({
-				[CH.Origin]: AllowedDotCom,
+				[CH.Origin]: AllowedDotTest,
 				[CH.AcRequestMethod]: 'GET'
 			})
-			headerIs(p, CH.AcAllowOrigin, AllowedDotCom)
+			headerIs(p, CH.AcAllowOrigin, AllowedDotTest)
 			headerIs(p, CH.AcAllowMethods, 'GET')
 			headerIs(p, CH.AcAllowCredentials, null)
 			headerIs(p, CH.AcAllowHeaders, null)
@@ -148,10 +148,10 @@ await describe('CORS', async () => {
 				corsMethods: ['GET']
 			}
 			const p = await preflight({
-				[CH.Origin]: FooDotCom,
+				[CH.Origin]: FooDotTest,
 				[CH.AcRequestMethod]: 'GET'
 			})
-			headerIs(p, CH.AcAllowOrigin, FooDotCom)
+			headerIs(p, CH.AcAllowOrigin, FooDotTest)
 			headerIs(p, CH.AcAllowMethods, 'GET')
 			headerIs(p, CH.AcAllowCredentials, null)
 			headerIs(p, CH.AcAllowHeaders, null)
@@ -164,10 +164,10 @@ await describe('CORS', async () => {
 				corsCredentials: true
 			}
 			const p = await preflight({
-				[CH.Origin]: FooDotCom,
+				[CH.Origin]: FooDotTest,
 				[CH.AcRequestMethod]: 'GET'
 			})
-			headerIs(p, CH.AcAllowOrigin, FooDotCom)
+			headerIs(p, CH.AcAllowOrigin, FooDotTest)
 			headerIs(p, CH.AcAllowMethods, 'GET')
 			headerIs(p, CH.AcAllowCredentials, 'true')
 			headerIs(p, CH.AcAllowHeaders, null)
@@ -181,10 +181,10 @@ await describe('CORS', async () => {
 				corsHeaders: ['content-type', 'my-header']
 			}
 			const p = await preflight({
-				[CH.Origin]: FooDotCom,
+				[CH.Origin]: FooDotTest,
 				[CH.AcRequestMethod]: 'GET'
 			})
-			headerIs(p, CH.AcAllowOrigin, FooDotCom)
+			headerIs(p, CH.AcAllowOrigin, FooDotTest)
 			headerIs(p, CH.AcAllowMethods, 'GET')
 			headerIs(p, CH.AcAllowCredentials, 'true')
 			headerIs(p, CH.AcAllowHeaders, 'content-type,my-header')
@@ -198,7 +198,7 @@ await describe('CORS', async () => {
 				corsMethods: ['GET']
 			}
 			const p = await request({
-				[CH.Origin]: NotAllowedDotCom
+				[CH.Origin]: NotAllowedDotTest
 			})
 			equal(p.status, 200)
 			headerIs(p, CH.AcAllowOrigin, null)
@@ -208,16 +208,16 @@ await describe('CORS', async () => {
 
 		await test('origin allowed', async () => {
 			corsConfig = {
-				corsOrigins: [AllowedDotCom],
+				corsOrigins: [AllowedDotTest],
 				corsMethods: ['GET'],
 				corsCredentials: true,
 				corsExposedHeaders: ['x-h1', 'x-h2']
 			}
 			const p = await request({
-				[CH.Origin]: AllowedDotCom
+				[CH.Origin]: AllowedDotTest
 			})
 			equal(p.status, 200)
-			headerIs(p, CH.AcAllowOrigin, AllowedDotCom)
+			headerIs(p, CH.AcAllowOrigin, AllowedDotTest)
 			headerIs(p, CH.AcAllowCredentials, 'true')
 			headerIs(p, CH.AcExposeHeaders, 'x-h1,x-h2')
 		})

package/src/server/utils/jwt.js

@@ -9,13 +9,8 @@ export function jwtCookie(cookieName, payload, path = '/') {
 function jwt(payload) {
 	return [
 		'Header_Not_In_Use',
-		toBase64Url(payload),
+		Buffer.from(JSON.stringify(payload), 'utf8').toString('base64url'),
 		'Signature_Not_In_Use'
 	].join('.')
 }
 
-function toBase64Url(obj) {
-	return btoa(JSON.stringify(obj))
-		.replace('+', '-')
-		.replace('/', '_')
-}

package/src/server/utils/mime.js

@@ -11,9 +11,13 @@ import { UNKNOWN_MIME_EXT } from '../ApiConstants.js'
 const extToMime = {
 	'3g2': 'video/3gpp2',
 	'3gp': 'video/3gpp',
+	'3mf': 'model/3mf',
 	'7z': 'application/x-7z-compressed',
 	aac: 'audio/aac',
 	abw: 'application/x-abiword',
+	aif: 'audio/aiff',
+	aifc: 'audio/aiff',
+	aiff: 'audio/aiff',
 	apng: 'image/apng',
 	arc: 'application/x-freearc',
 	avi: 'video/x-msvideo',
@@ -28,12 +32,22 @@ const extToMime = {
 	csh: 'application/x-csh',
 	css: 'text/css',
 	csv: 'text/csv',
+	dae: 'model/vnd.collada+xml',
 	doc: 'application/msword',
 	docx: 'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
+	drc: 'model/vnd.draco',
+	eml: 'message/rfc822',
 	eot: 'application/vnd.ms-fontobject',
 	epub: 'application/epub+zip',
+	exe: 'application/vnd.microsoft.portable-executable',
+	fbx: 'application/octet-stream',
+	flac: 'audio/flac',
 	gif: 'image/gif',
+	glb: 'model/gltf-binary',
+	gltf: 'model/gltf+json',
 	gz: 'application/gzip',
+	heic: 'image/heic',
+	heif: 'image/heif',
 	htm: 'text/html',
 	html: 'text/html',
 	ico: 'image/vnd.microsoft.icon',
@@ -44,13 +58,21 @@ const extToMime = {
 	js: 'application/javascript',
 	json: 'application/json',
 	jsonld: 'application/ld+json',
+	lz: 'application/x-lzip',
+	m4a: 'audio/mp4',
+	map: 'application/json',
+	md: 'text/markdown',
 	mid: 'audio/midi',
 	midi: 'audio/midi',
 	mjs: 'text/javascript',
+	mkv: 'video/x-matroska',
+	mov: 'video/quicktime',
 	mp3: 'audio/mpeg',
 	mp4: 'video/mp4',
 	mpeg: 'video/mpeg',
 	mpkg: 'application/vnd.apple.installer+xml',
+	mtl: 'text/plain',
+	obj: 'text/plain',
 	odp: 'application/vnd.oasis.opendocument.presentation',
 	ods: 'application/vnd.oasis.opendocument.spreadsheet',
 	odt: 'application/vnd.oasis.opendocument.text',
@@ -61,19 +83,24 @@ const extToMime = {
 	otf: 'font/otf',
 	pdf: 'application/pdf',
 	php: 'application/x-httpd-php',
+	ply: 'application/octet-stream',
 	png: 'image/png',
 	ppt: 'application/vnd.ms-powerpoint',
 	pptx: 'application/vnd.openxmlformats-officedocument.presentationml.presentation',
 	rar: 'application/vnd.rar',
 	rtf: 'application/rtf',
 	sh: 'application/x-sh',
+	stl: 'model/stl',
 	svg: 'image/svg+xml',
 	tar: 'application/x-tar',
 	tif: 'image/tiff',
 	ts: 'video/mp2t',
 	ttf: 'font/ttf',
 	txt: 'text/plain',
+	usd: 'model/vnd.usd',
+	usdz: 'model/vnd.usdz+zip',
 	vsd: 'application/vnd.visio',
+	wasm: 'application/wasm',
 	wav: 'audio/wav',
 	weba: 'audio/webm',
 	webm: 'video/webm',
@@ -85,9 +112,11 @@ const extToMime = {
 	xlsx: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
 	xml: 'application/xml',
 	xul: 'application/vnd.mozilla.xul+xml',
+	xz: 'application/x-xz',
 	yaml: 'application/yaml',
 	yml: 'application/yaml',
-	zip: 'application/zip'
+	zip: 'application/zip',
+	zst: 'application/zstd'
 }
 
 const mimeToExt = mapMimeToExt(extToMime)
@@ -105,8 +134,8 @@ export function mimeFor(filename) {
 }
 function extname(filename) {
 	const i = filename.lastIndexOf('.')
-	return i === -1 
-		? '' 
+	return i === -1
+		? ''
 		: filename.slice(i + 1)
 }