nlcurl 0.6.0 → 0.8.0

package/dist/cookies/parser.js

@@ -1,18 +1,22 @@
 import { isPublicSuffix } from "./public-suffix.js";
-/**
- * Parses a `Set-Cookie` header value into a {@link Cookie} object.
- * Validates the cookie against the request URL to enforce domain and path
- * scoping rules per RFC 6265.
- *
- * @param {string} header     - Raw `Set-Cookie` header value.
- * @param {URL}    requestUrl - URL of the request that received the header.
- * @returns {Cookie | null} Parsed cookie, or `null` if the header is invalid or
- *   the domain attribute fails validation against the request origin.
- */
 const COOKIE_NAME_RE = /^[!#$%&'*+\-.^_`|~\w]+$/;
 const COOKIE_VALUE_CTL_RE = /[\x00-\x1f\x7f]/;
 const MAX_COOKIE_SIZE = 4096;
 const VALID_SAMESITE = new Set(["strict", "lax", "none"]);
+function looksLikeIP(host) {
+    if (host.includes(":"))
+        return true;
+    const parts = host.split(".");
+    return parts.length === 4 && parts.every((p) => /^\d{1,3}$/.test(p));
+}
+/**
+ * Parses a Set-Cookie response header into a Cookie object, enforcing
+ * __Host- / __Secure- prefix rules, public suffix rejection, and SameSite defaults.
+ *
+ * @param {string} header - The raw Set-Cookie header value.
+ * @param {URL} requestUrl - The URL of the originating request.
+ * @returns {Cookie|null} The parsed cookie, or `null` if validation fails.
+ */
 export function parseSetCookie(header, requestUrl) {
     const parts = header.split(";").map((s) => s.trim());
     if (parts.length === 0)
@@ -39,6 +43,7 @@ export function parseSetCookie(header, requestUrl) {
         secure: false,
         httpOnly: false,
         createdAt: Date.now(),
+        lastAccessedAt: Date.now(),
     };
     for (let i = 1; i < parts.length; i++) {
         const attr = parts[i];
@@ -51,6 +56,12 @@ export function parseSetCookie(header, requestUrl) {
                 if (d.startsWith("."))
                     d = d.substring(1);
                 const host = requestUrl.hostname.toLowerCase();
+                if (looksLikeIP(d) || looksLikeIP(host)) {
+                    if (d !== host)
+                        return null;
+                    cookie.domain = d;
+                    break;
+                }
                 if (d !== host && !host.endsWith("." + d)) {
                     return null;
                 }
@@ -90,6 +101,9 @@ export function parseSetCookie(header, requestUrl) {
                 }
                 break;
             }
+            case "partitioned":
+                cookie.partitioned = true;
+                break;
         }
     }
     if (cookie.sameSite === undefined) {
@@ -107,6 +121,9 @@ export function parseSetCookie(header, requestUrl) {
         if (!cookie.secure)
             return null;
     }
+    if (cookie.partitioned && !cookie.secure) {
+        return null;
+    }
     return cookie;
 }
 function defaultPath(path) {
@@ -118,10 +135,10 @@ function defaultPath(path) {
     return path.substring(0, lastSlash);
 }
 /**
- * Serializes an array of cookies into the `Cookie` request header value.
+ * Serializes an array of cookies into a Cookie header value string.
  *
- * @param {Cookie[]} cookies - Cookies to serialize (in desired send order).
- * @returns {string} Semicolon-separated `name=value` string suitable for the `Cookie` header.
+ * @param {Cookie[]} cookies - The cookies to serialize.
+ * @returns {string} The serialized "name=value; name=value" string.
  */
 export function serializeCookies(cookies) {
     return cookies.map((c) => `${c.name}=${c.value}`).join("; ");

package/dist/cookies/parser.js.map

@@ -1 +1 @@
-{"version":3,"file":"parser.js","sourceRoot":"","sources":["../../src/cookies/parser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AA8BpD;;;;;;;;;GASG;AAEH,MAAM,cAAc,GAAG,yBAAyB,CAAC;AACjD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC;AAC9C,MAAM,eAAe,GAAG,IAAI,CAAC;AAE7B,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;AAE1D,MAAM,UAAU,cAAc,CAAC,MAAc,EAAE,UAAe;IAC5D,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IACrD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEpC,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;IAC5B,MAAM,KAAK,GAAG,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,KAAK,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3B,MAAM,IAAI,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;IAClD,MAAM,KAAK,GAAG,SAAS,CAAC,SAAS,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAEpD,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5C,IAAI,mBAAmB,CAAC,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjD,IAAI,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,eAAe;QAAE,OAAO,IAAI,CAAC;IAE9D,MAAM,MAAM,GAAW;QACrB,IAAI;QACJ,KAAK;QACL,MAAM,EAAE,UAAU,CAAC,QAAQ;QAC3B,IAAI,EAAE,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC;QACtC,MAAM,EAAE,KAAK;QACb,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;KACtB,CAAC;IAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACjC,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACvF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAEvE,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,IAAI,CAAC,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;gBAChC,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;gBAC1C,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBAC/C,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC;oBAC1C,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,IAAI,cAAc,CAAC,CAAC,CAAC,EAAE,CAAC;oBACtB,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;gBAClB,MAAM;YACR,CAAC;YACD,KAAK,MAAM;gBACT,MAAM,CAAC,IAAI,GAAG,SAAS,IAAI,GAAG,CAAC;gBAC/B,MAAM;YACR,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC;gBACjC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;oBAClC,MAAM,CAAC,OAAO,GAAG,IAAI,CAAC;gBACxB,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;gBACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;oBACxB,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC;gBACvB,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,QAAQ;gBACX,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC;gBACrB,MAAM;YACR,KAAK,UAAU;gBACb,MAAM,CAAC,QAAQ,GAAG,IAAI,CAAC;gBACvB,MAAM;YACR,KAAK,UAAU,CAAC,CAAC,CAAC;gBAChB,MAAM,EAAE,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;gBACnC,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;oBAC3B,MAAM,CAAC,QAAQ,GAAG,EAAwB,CAAC;gBAC7C,CAAC;gBACD,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QAClC,MAAM,CAAC,QAAQ,GAAG,KAAK,CAAC;IAC1B,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,IAAI,CAAC,MAAM,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QAChC,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,CAAC,QAAQ,CAAC,WAAW,EAAE;YAAE,OAAO,IAAI,CAAC;QACrE,IAAI,MAAM,CAAC,IAAI,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;IACvC,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QACxC,IAAI,CAAC,MAAM,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;IAClC,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,WAAW,CAAC,IAAY;IAC/B,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,GAAG,CAAC;IAC/C,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IACxC,IAAI,SAAS,KAAK,CAAC;QAAE,OAAO,GAAG,CAAC;IAChC,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;AACtC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAiB;IAChD,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC/D,CAAC"}
+{"version":3,"file":"parser.js","sourceRoot":"","sources":["../../src/cookies/parser.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAoBpD,MAAM,cAAc,GAAG,yBAAyB,CAAC;AACjD,MAAM,mBAAmB,GAAG,iBAAiB,CAAC;AAC9C,MAAM,eAAe,GAAG,IAAI,CAAC;AAE7B,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,CAAC;AAE1D,SAAS,WAAW,CAAC,IAAY;IAC/B,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACpC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9B,OAAO,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;AACvE,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,cAAc,CAAC,MAAc,EAAE,UAAe;IAC5D,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IACrD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEpC,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;IAC5B,MAAM,KAAK,GAAG,SAAS,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,KAAK,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3B,MAAM,IAAI,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC;IAClD,MAAM,KAAK,GAAG,SAAS,CAAC,SAAS,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAEpD,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IAE5C,IAAI,mBAAmB,CAAC,IAAI,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjD,IAAI,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,GAAG,eAAe;QAAE,OAAO,IAAI,CAAC;IAE9D,MAAM,MAAM,GAAW;QACrB,IAAI;QACJ,KAAK;QACL,MAAM,EAAE,UAAU,CAAC,QAAQ;QAC3B,IAAI,EAAE,WAAW,CAAC,UAAU,CAAC,QAAQ,CAAC;QACtC,MAAM,EAAE,KAAK;QACb,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;QACrB,cAAc,EAAE,IAAI,CAAC,GAAG,EAAE;KAC3B,CAAC;IAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACjC,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACvF,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAEvE,QAAQ,QAAQ,EAAE,CAAC;YACjB,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,IAAI,CAAC,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;gBAChC,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;gBAC1C,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBAC/C,IAAI,WAAW,CAAC,CAAC,CAAC,IAAI,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;oBACxC,IAAI,CAAC,KAAK,IAAI;wBAAE,OAAO,IAAI,CAAC;oBAC5B,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;oBAClB,MAAM;gBACR,CAAC;gBACD,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,EAAE,CAAC;oBAC1C,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,IAAI,cAAc,CAAC,CAAC,CAAC,EAAE,CAAC;oBACtB,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;gBAClB,MAAM;YACR,CAAC;YACD,KAAK,MAAM;gBACT,MAAM,CAAC,IAAI,GAAG,SAAS,IAAI,GAAG,CAAC;gBAC/B,MAAM;YACR,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,SAAS,CAAC,CAAC;gBACjC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;oBAClC,MAAM,CAAC,OAAO,GAAG,IAAI,CAAC;gBACxB,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;gBACrC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;oBACxB,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC;gBACvB,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,QAAQ;gBACX,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC;gBACrB,MAAM;YACR,KAAK,UAAU;gBACb,MAAM,CAAC,QAAQ,GAAG,IAAI,CAAC;gBACvB,MAAM;YACR,KAAK,UAAU,CAAC,CAAC,CAAC;gBAChB,MAAM,EAAE,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;gBACnC,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;oBAC3B,MAAM,CAAC,QAAQ,GAAG,EAAwB,CAAC;gBAC7C,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,aAAa;gBAChB,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC;gBAC1B,MAAM;QACV,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QAClC,MAAM,CAAC,QAAQ,GAAG,KAAK,CAAC;IAC1B,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,IAAI,CAAC,MAAM,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;QAChC,IAAI,MAAM,CAAC,MAAM,KAAK,UAAU,CAAC,QAAQ,CAAC,WAAW,EAAE;YAAE,OAAO,IAAI,CAAC;QACrE,IAAI,MAAM,CAAC,IAAI,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC;IACvC,CAAC;IAED,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QACxC,IAAI,CAAC,MAAM,CAAC,MAAM;YAAE,OAAO,IAAI,CAAC;IAClC,CAAC;IAED,IAAI,MAAM,CAAC,WAAW,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACzC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,WAAW,CAAC,IAAY;IAC/B,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,GAAG,CAAC;IAC/C,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IACxC,IAAI,SAAS,KAAK,CAAC;QAAE,OAAO,GAAG,CAAC;IAChC,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;AACtC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAiB;IAChD,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC/D,CAAC"}

package/dist/cookies/psl-data.d.ts

@@ -3,7 +3,7 @@
  *
  * Complete Mozilla Public Suffix List rules.
  * Generated from: https://publicsuffix.org/list/public_suffix_list.dat
- * Generated on:   2026-03-07T11:40:55.299Z
+ * Generated on:   2026-03-08T17:47:36.443Z
  * Total rules:    10153
  *
  * To regenerate: npx tsx scripts/update-psl.ts

package/dist/cookies/psl-data.js

@@ -3,7 +3,7 @@
  *
  * Complete Mozilla Public Suffix List rules.
  * Generated from: https://publicsuffix.org/list/public_suffix_list.dat
- * Generated on:   2026-03-07T11:40:55.299Z
+ * Generated on:   2026-03-08T17:47:36.443Z
  * Total rules:    10153
  *
  * To regenerate: npx tsx scripts/update-psl.ts

package/dist/cookies/public-suffix.d.ts

@@ -1,37 +1,15 @@
 /**
- * Public Suffix List (PSL) implementation for cookie domain validation.
- * Uses the complete Mozilla Public Suffix List (10,000+ rules) to prevent
- * supercookie attacks across all registered TLDs, ccSLDs, and hosting platforms.
+ * Determines whether a domain is a public suffix (eTLD) according to the Mozilla Public Suffix List.
  *
- * The data is auto-generated from https://publicsuffix.org/list/public_suffix_list.dat
- * via `npx tsx scripts/update-psl.ts`. Regenerate periodically to stay current.
- *
- * Rules follow the PSL algorithm (https://wiki.mozilla.org/Public_Suffix_List/Algorithm):
- *   - A plain entry (e.g. `com`) means that label is a public suffix.
- *   - A wildcard entry (e.g. `*.uk`) means all two-label domains under `.uk` are suffixes.
- *   - An exception entry (e.g. `!www.ck`) overrides a wildcard and is NOT a suffix.
- */
-/**
- * Determines whether the given domain is a public suffix (effective TLD).
- * A public suffix is a domain under which the general public can register
- * names — e.g. `com`, `co.uk`, `github.io`.
- *
- * Cookies must never be set with a `domain` attribute equal to a public
- * suffix, as that would create a supercookie affecting all sites under
- * that suffix.
- *
- * @param {string} domain - The domain to check (lowercase, no trailing dot).
+ * @param {string} domain - The domain to check.
  * @returns {boolean} `true` if the domain is a public suffix.
  */
 export declare function isPublicSuffix(domain: string): boolean;
 /**
- * Returns the registrable domain (eTLD+1) for the given hostname.
- * For example, `"www.example.co.uk"` → `"example.co.uk"`.
- * Returns `null` if the domain is itself a public suffix or if
- * the input is invalid.
+ * Extracts the registrable domain (eTLD+1) from a hostname using the Public Suffix List.
  *
- * @param {string} hostname - Full hostname (no trailing dot).
- * @returns {string | null} The registrable domain, or `null`.
+ * @param {string} hostname - The full hostname.
+ * @returns {string|null} The registrable domain, or `null` if the hostname is itself a public suffix.
  */
 export declare function getRegistrableDomain(hostname: string): string | null;
 //# sourceMappingURL=public-suffix.d.ts.map

package/dist/cookies/public-suffix.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"public-suffix.d.ts","sourceRoot":"","sources":["../../src/cookies/public-suffix.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAkHH;;;;;;;;;;;GAWG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAItD;AAED;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAapE"}
+{"version":3,"file":"public-suffix.d.ts","sourceRoot":"","sources":["../../src/cookies/public-suffix.ts"],"names":[],"mappings":"AAsGA;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAItD;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAapE"}

package/dist/cookies/public-suffix.js

@@ -1,16 +1,3 @@
-/**
- * Public Suffix List (PSL) implementation for cookie domain validation.
- * Uses the complete Mozilla Public Suffix List (10,000+ rules) to prevent
- * supercookie attacks across all registered TLDs, ccSLDs, and hosting platforms.
- *
- * The data is auto-generated from https://publicsuffix.org/list/public_suffix_list.dat
- * via `npx tsx scripts/update-psl.ts`. Regenerate periodically to stay current.
- *
- * Rules follow the PSL algorithm (https://wiki.mozilla.org/Public_Suffix_List/Algorithm):
- *   - A plain entry (e.g. `com`) means that label is a public suffix.
- *   - A wildcard entry (e.g. `*.uk`) means all two-label domains under `.uk` are suffixes.
- *   - An exception entry (e.g. `!www.ck`) overrides a wildcard and is NOT a suffix.
- */
 import { PSL_RULES } from "./psl-data.js";
 function parseRule(raw) {
     const isException = raw.startsWith("!");
@@ -57,16 +44,6 @@ for (const rule of RULES) {
         node.isPublicSuffix = true;
     }
 }
-/**
- * Finds the number of labels in the effective TLD for a given domain,
- * following the Mozilla PSL algorithm:
- *   1. Walk the trie from right to left, tracking the longest matching rule.
- *   2. Wildcards extend the eTLD by one label; exceptions retract it.
- *   3. Default rule: if no rule matches, treat the rightmost label as the eTLD.
- *
- * @param {string} domain - Lowercase domain with labels separated by '.'.
- * @returns {number} Number of labels (from the right) forming the eTLD.
- */
 function findEffectiveTLDLength(domain) {
     const labels = domain.split(".").reverse();
     let node = ROOT;
@@ -101,15 +78,9 @@ function findEffectiveTLDLength(domain) {
     return etldLabels;
 }
 /**
- * Determines whether the given domain is a public suffix (effective TLD).
- * A public suffix is a domain under which the general public can register
- * names — e.g. `com`, `co.uk`, `github.io`.
- *
- * Cookies must never be set with a `domain` attribute equal to a public
- * suffix, as that would create a supercookie affecting all sites under
- * that suffix.
+ * Determines whether a domain is a public suffix (eTLD) according to the Mozilla Public Suffix List.
  *
- * @param {string} domain - The domain to check (lowercase, no trailing dot).
+ * @param {string} domain - The domain to check.
  * @returns {boolean} `true` if the domain is a public suffix.
  */
 export function isPublicSuffix(domain) {
@@ -118,13 +89,10 @@ export function isPublicSuffix(domain) {
     return labels.length === findEffectiveTLDLength(d);
 }
 /**
- * Returns the registrable domain (eTLD+1) for the given hostname.
- * For example, `"www.example.co.uk"` → `"example.co.uk"`.
- * Returns `null` if the domain is itself a public suffix or if
- * the input is invalid.
+ * Extracts the registrable domain (eTLD+1) from a hostname using the Public Suffix List.
  *
- * @param {string} hostname - Full hostname (no trailing dot).
- * @returns {string | null} The registrable domain, or `null`.
+ * @param {string} hostname - The full hostname.
+ * @returns {string|null} The registrable domain, or `null` if the hostname is itself a public suffix.
  */
 export function getRegistrableDomain(hostname) {
     const domain = hostname.toLowerCase();

package/dist/cookies/public-suffix.js.map

@@ -1 +1 @@
-{"version":3,"file":"public-suffix.js","sourceRoot":"","sources":["../../src/cookies/public-suffix.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAQ1C,SAAS,SAAS,CAAC,GAAW;IAC5B,MAAM,WAAW,GAAG,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACjD,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAC1D,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;IAC9C,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC;AAC7C,CAAC;AAED,MAAM,KAAK,GAAc,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;AASlD,SAAS,UAAU;IACjB,OAAO;QACL,QAAQ,EAAE,IAAI,GAAG,EAAE;QACnB,cAAc,EAAE,KAAK;QACrB,WAAW,EAAE,KAAK;QAClB,UAAU,EAAE,IAAI,GAAG,EAAE;KACtB,CAAC;AACJ,CAAC;AAED,MAAM,IAAI,GAAa,UAAU,EAAE,CAAC;AAEpC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;IACzB,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,IAAI,IAAI,GAAG,IAAI,CAAC;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAChD,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC;YAC9B,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC;YACzC,CAAC;YACD,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC;QACnC,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAE,CAAC,CAAC;QAC1D,SAAS;IACX,CAAC;IAED,IAAI,IAAI,GAAG,IAAI,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC;QACzC,CAAC;QACD,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC;IACnC,CAAC;IACD,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;IAC1B,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;IAC7B,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,sBAAsB,CAAC,MAAc;IAC5C,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;IAC3C,IAAI,IAAI,GAAG,IAAI,CAAC;IAChB,IAAI,UAAU,GAAG,CAAC,CAAC;IAEnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAE,CAAC;QACzB,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAEvC,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,GAAG,KAAK,CAAC;YAEb,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;YACrB,CAAC;YAED,IAAI,IAAI,CAAC,WAAW,IAAI,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC;gBAC9C,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,CAAE,CAAC;gBACjC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;oBACnC,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;gBACrB,CAAC;qBAAM,CAAC;oBACN,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;gBACrB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;oBAChC,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC;YACD,MAAM;QACR,CAAC;IACH,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,cAAc,CAAC,MAAc;IAC3C,MAAM,CAAC,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC5B,OAAO,MAAM,CAAC,MAAM,KAAK,sBAAsB,CAAC,CAAC,CAAC,CAAC;AACrD,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,oBAAoB,CAAC,QAAgB;IACnD,MAAM,MAAM,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACtC,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEjC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEnC,MAAM,UAAU,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;IAElD,IAAI,MAAM,CAAC,MAAM,IAAI,UAAU,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,GAAG,UAAU,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChE,CAAC"}
+{"version":3,"file":"public-suffix.js","sourceRoot":"","sources":["../../src/cookies/public-suffix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAQ1C,SAAS,SAAS,CAAC,GAAW;IAC5B,MAAM,WAAW,GAAG,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;IACxC,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IACjD,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAC1D,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;IAC9C,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,UAAU,EAAE,CAAC;AAC7C,CAAC;AAED,MAAM,KAAK,GAAc,SAAS,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;AASlD,SAAS,UAAU;IACjB,OAAO;QACL,QAAQ,EAAE,IAAI,GAAG,EAAE;QACnB,cAAc,EAAE,KAAK;QACrB,WAAW,EAAE,KAAK;QAClB,UAAU,EAAE,IAAI,GAAG,EAAE;KACtB,CAAC;AACJ,CAAC;AAED,MAAM,IAAI,GAAa,UAAU,EAAE,CAAC;AAEpC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;IACzB,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,IAAI,IAAI,GAAG,IAAI,CAAC;QAChB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAChD,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAE,CAAC;YAC9B,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC;YACzC,CAAC;YACD,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC;QACnC,CAAC;QACD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAE,CAAC,CAAC;QAC1D,SAAS;IACX,CAAC;IAED,IAAI,IAAI,GAAG,IAAI,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC;QACzC,CAAC;QACD,IAAI,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC;IACnC,CAAC;IACD,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;IAC1B,CAAC;SAAM,CAAC;QACN,IAAI,CAAC,cAAc,GAAG,IAAI,CAAC;IAC7B,CAAC;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,MAAc;IAC5C,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC;IAC3C,IAAI,IAAI,GAAG,IAAI,CAAC;IAChB,IAAI,UAAU,GAAG,CAAC,CAAC;IAEnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAE,CAAC;QACzB,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAEvC,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,GAAG,KAAK,CAAC;YAEb,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;gBACxB,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;YACrB,CAAC;YAED,IAAI,IAAI,CAAC,WAAW,IAAI,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC;gBAC9C,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,CAAE,CAAC;gBACjC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;oBACnC,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;gBACrB,CAAC;qBAAM,CAAC;oBACN,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;gBACrB,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;oBAChC,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC;YACD,MAAM;QACR,CAAC;IACH,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,MAAc;IAC3C,MAAM,CAAC,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC5B,OAAO,MAAM,CAAC,MAAM,KAAK,sBAAsB,CAAC,CAAC,CAAC,CAAC;AACrD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,QAAgB;IACnD,MAAM,MAAM,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACtC,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAEjC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEnC,MAAM,UAAU,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;IAElD,IAAI,MAAM,CAAC,MAAM,IAAI,UAAU,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,GAAG,UAAU,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChE,CAAC"}

package/dist/core/auth.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Configuration for HTTP authentication.
+ *
+ * @typedef {Object} AuthConfig
+ * @property {"basic"|"bearer"} type - The authentication scheme to use.
+ * @property {string} [username] - Username for Basic authentication.
+ * @property {string} [password] - Password for Basic authentication.
+ * @property {string} [token] - Bearer token for Bearer authentication.
+ */
+export interface AuthConfig {
+    type: "basic" | "bearer";
+    username?: string;
+    password?: string;
+    token?: string;
+}
+/**
+ * Builds an HTTP Authorization header value from the given auth configuration.
+ *
+ * @param {AuthConfig} auth - The authentication configuration.
+ * @returns {string|undefined} The formatted Authorization header value, or `undefined` if credentials are incomplete.
+ */
+export declare function buildAuthHeader(auth: AuthConfig): string | undefined;
+/**
+ * Extracts the authentication scheme name from a WWW-Authenticate or Proxy-Authenticate header.
+ *
+ * @param {string} header - The raw authenticate header value.
+ * @returns {string|undefined} The lowercase scheme name (e.g. "basic", "bearer"), or `undefined` if not parseable.
+ */
+export declare function parseAuthenticateScheme(header: string): string | undefined;
+//# sourceMappingURL=auth.d.ts.map

package/dist/core/auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../src/core/auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,OAAO,GAAG,QAAQ,CAAC;IACzB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;;;GAKG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,UAAU,GAAG,MAAM,GAAG,SAAS,CAcpE;AAED;;;;;GAKG;AACH,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAG1E"}

package/dist/core/auth.js

@@ -0,0 +1,34 @@
+/**
+ * Builds an HTTP Authorization header value from the given auth configuration.
+ *
+ * @param {AuthConfig} auth - The authentication configuration.
+ * @returns {string|undefined} The formatted Authorization header value, or `undefined` if credentials are incomplete.
+ */
+export function buildAuthHeader(auth) {
+    switch (auth.type) {
+        case "basic": {
+            if (!auth.username)
+                return undefined;
+            const credentials = `${auth.username}:${auth.password ?? ""}`;
+            return `Basic ${Buffer.from(credentials, "utf-8").toString("base64")}`;
+        }
+        case "bearer": {
+            if (!auth.token)
+                return undefined;
+            return `Bearer ${auth.token}`;
+        }
+        default:
+            return undefined;
+    }
+}
+/**
+ * Extracts the authentication scheme name from a WWW-Authenticate or Proxy-Authenticate header.
+ *
+ * @param {string} header - The raw authenticate header value.
+ * @returns {string|undefined} The lowercase scheme name (e.g. "basic", "bearer"), or `undefined` if not parseable.
+ */
+export function parseAuthenticateScheme(header) {
+    const match = /^(\w+)\s/i.exec(header.trim());
+    return match ? match[1].toLowerCase() : undefined;
+}
+//# sourceMappingURL=auth.js.map

package/dist/core/auth.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth.js","sourceRoot":"","sources":["../../src/core/auth.ts"],"names":[],"mappings":"AAgBA;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAAC,IAAgB;IAC9C,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC;QAClB,KAAK,OAAO,CAAC,CAAC,CAAC;YACb,IAAI,CAAC,IAAI,CAAC,QAAQ;gBAAE,OAAO,SAAS,CAAC;YACrC,MAAM,WAAW,GAAG,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC;YAC9D,OAAO,SAAS,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzE,CAAC;QACD,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,IAAI,CAAC,IAAI,CAAC,KAAK;gBAAE,OAAO,SAAS,CAAC;YAClC,OAAO,UAAU,IAAI,CAAC,KAAK,EAAE,CAAC;QAChC,CAAC;QACD;YACE,OAAO,SAAS,CAAC;IACrB,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,uBAAuB,CAAC,MAAc;IACpD,MAAM,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IAC9C,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AACrD,CAAC"}

package/dist/core/client.d.ts

@@ -2,92 +2,80 @@ import type { NLcURLRequest, NLcURLSessionConfig, RequestBody } from "./request.
 import { NLcURLResponse } from "./response.js";
 import { NLcURLSession, type RequestOptions } from "./session.js";
 /**
- * Creates a new {@link NLcURLSession} with the given configuration. Use a
- * session when you need to share cookies, connection pools, or interceptors
- * across multiple requests. Call {@link NLcURLSession.close} when finished.
+ * Creates a new session with optional configuration for connection reuse,
+ * cookie persistence, caching, and other session-level features.
  *
- * @param {NLcURLSessionConfig} [config] - Session-level defaults.
+ * @param {NLcURLSessionConfig} [config] - Session configuration options.
  * @returns {NLcURLSession} A new session instance.
- *
- * @example
- * const session = createSession({ impersonate: 'chrome136' });
- * const r = await session.get('https://example.com');
- * session.close();
  */
 export declare function createSession(config?: NLcURLSessionConfig): NLcURLSession;
 /**
- * Sends a one-shot HTTP request by creating a temporary session internally.
- * The session is closed automatically after the response is received.
- * For repeated requests to the same origin, prefer {@link createSession}.
+ * Sends a one-shot HTTP request using a temporary session. Supports streaming
+ * responses when `input.stream` is `true`.
  *
- * @param {NLcURLRequest} input - Complete request descriptor.
+ * @param {NLcURLRequest} input - The full request descriptor including URL, method, headers, and body.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
- * @throws {AbortError}      If the `signal` in `input` fires before completion.
- * @throws {TimeoutError}    If any configured timeout is exceeded.
- * @throws {ConnectionError} If the TCP connection cannot be established.
- * @throws {TLSError}        If the TLS handshake fails.
- * @throws {ProxyError}      If the proxy tunnel cannot be established.
  */
 export declare function request(input: NLcURLRequest): Promise<NLcURLResponse>;
 /**
- * Issues a one-shot `GET` request.
+ * Sends an HTTP GET request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
+ * @param {string} url - The target URL.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export declare function get(url: string, options?: RequestOptions & {
     impersonate?: string;
 }): Promise<NLcURLResponse>;
 /**
- * Issues a one-shot `POST` request.
+ * Sends an HTTP POST request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestBody}                                         [body]   - Request body payload.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
+ * @param {string} url - The target URL.
+ * @param {RequestBody} [body] - The request body.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export declare function post(url: string, body?: RequestBody, options?: RequestOptions & {
     impersonate?: string;
 }): Promise<NLcURLResponse>;
 /**
- * Issues a one-shot `PUT` request.
+ * Sends an HTTP PUT request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestBody}                                         [body]   - Request body payload.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
+ * @param {string} url - The target URL.
+ * @param {RequestBody} [body] - The request body.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export declare function put(url: string, body?: RequestBody, options?: RequestOptions & {
     impersonate?: string;
 }): Promise<NLcURLResponse>;
 /**
- * Issues a one-shot `PATCH` request.
+ * Sends an HTTP PATCH request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestBody}                                         [body]   - Request body payload.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
+ * @param {string} url - The target URL.
+ * @param {RequestBody} [body] - The request body.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export declare function patch(url: string, body?: RequestBody, options?: RequestOptions & {
     impersonate?: string;
 }): Promise<NLcURLResponse>;
 /**
- * Issues a one-shot `DELETE` request.
+ * Sends an HTTP DELETE request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
+ * @param {string} url - The target URL.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export declare function del(url: string, options?: RequestOptions & {
     impersonate?: string;
 }): Promise<NLcURLResponse>;
 /**
- * Issues a one-shot `HEAD` request. The response body will be empty.
+ * Sends an HTTP HEAD request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
- * @returns {Promise<NLcURLResponse>} Resolves with the response (headers only, no body).
+ * @param {string} url - The target URL.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
+ * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export declare function head(url: string, options?: RequestOptions & {
     impersonate?: string;

package/dist/core/client.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/core/client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AACpF,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,KAAK,cAAc,EAAE,MAAM,cAAc,CAAC;AAElE;;;;;;;;;;;;GAYG;AACH,wBAAgB,aAAa,CAAC,MAAM,CAAC,EAAE,mBAAmB,GAAG,aAAa,CAEzE;AAED;;;;;;;;;;;;GAYG;AACH,wBAAsB,OAAO,CAAC,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC,CAoB3E;AAED;;;;;;GAMG;AACH,wBAAsB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAEnH;AAED;;;;;;;GAOG;AACH,wBAAsB,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAExI;AAED;;;;;;;GAOG;AACH,wBAAsB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAEvI;AAED;;;;;;;GAOG;AACH,wBAAsB,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAEzI;AAED;;;;;;GAMG;AACH,wBAAsB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAEnH;AAED;;;;;;GAMG;AACH,wBAAsB,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAEpH"}
+{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/core/client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,mBAAmB,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AACpF,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,aAAa,EAAE,KAAK,cAAc,EAAE,MAAM,cAAc,CAAC;AAElE;;;;;;GAMG;AACH,wBAAgB,aAAa,CAAC,MAAM,CAAC,EAAE,mBAAmB,GAAG,aAAa,CAEzE;AAED;;;;;;GAMG;AACH,wBAAsB,OAAO,CAAC,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC,CAsB3E;AAED;;;;;;GAMG;AACH,wBAAsB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAEnH;AAED;;;;;;;GAOG;AACH,wBAAsB,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAExI;AAED;;;;;;;GAOG;AACH,wBAAsB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAEvI;AAED;;;;;;;GAOG;AACH,wBAAsB,KAAK,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAEzI;AAED;;;;;;GAMG;AACH,wBAAsB,GAAG,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAEnH;AAED;;;;;;GAMG;AACH,wBAAsB,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,cAAc,GAAG;IAAE,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAEpH"}

package/dist/core/client.js

@@ -1,32 +1,20 @@
 import { NLcURLSession } from "./session.js";
 /**
- * Creates a new {@link NLcURLSession} with the given configuration. Use a
- * session when you need to share cookies, connection pools, or interceptors
- * across multiple requests. Call {@link NLcURLSession.close} when finished.
+ * Creates a new session with optional configuration for connection reuse,
+ * cookie persistence, caching, and other session-level features.
  *
- * @param {NLcURLSessionConfig} [config] - Session-level defaults.
+ * @param {NLcURLSessionConfig} [config] - Session configuration options.
  * @returns {NLcURLSession} A new session instance.
- *
- * @example
- * const session = createSession({ impersonate: 'chrome136' });
- * const r = await session.get('https://example.com');
- * session.close();
  */
 export function createSession(config) {
     return new NLcURLSession(config);
 }
 /**
- * Sends a one-shot HTTP request by creating a temporary session internally.
- * The session is closed automatically after the response is received.
- * For repeated requests to the same origin, prefer {@link createSession}.
+ * Sends a one-shot HTTP request using a temporary session. Supports streaming
+ * responses when `input.stream` is `true`.
  *
- * @param {NLcURLRequest} input - Complete request descriptor.
+ * @param {NLcURLRequest} input - The full request descriptor including URL, method, headers, and body.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
- * @throws {AbortError}      If the `signal` in `input` fires before completion.
- * @throws {TimeoutError}    If any configured timeout is exceeded.
- * @throws {ConnectionError} If the TCP connection cannot be established.
- * @throws {TLSError}        If the TLS handshake fails.
- * @throws {ProxyError}      If the proxy tunnel cannot be established.
  */
 export async function request(input) {
     const session = new NLcURLSession(extractSessionConfig(input));
@@ -39,7 +27,9 @@ export async function request(input) {
             session.close();
             throw err;
         }
-        const cleanup = () => session.close();
+        const cleanup = () => {
+            session.close();
+        };
         response.body?.once("close", cleanup);
         if (response.body === null)
             session.close();
@@ -53,64 +43,64 @@ export async function request(input) {
     }
 }
 /**
- * Issues a one-shot `GET` request.
+ * Sends an HTTP GET request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
+ * @param {string} url - The target URL.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export async function get(url, options) {
     return request({ ...options, url, method: "GET" });
 }
 /**
- * Issues a one-shot `POST` request.
+ * Sends an HTTP POST request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestBody}                                         [body]   - Request body payload.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
+ * @param {string} url - The target URL.
+ * @param {RequestBody} [body] - The request body.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export async function post(url, body, options) {
     return request({ ...options, url, method: "POST", body });
 }
 /**
- * Issues a one-shot `PUT` request.
+ * Sends an HTTP PUT request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestBody}                                         [body]   - Request body payload.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
+ * @param {string} url - The target URL.
+ * @param {RequestBody} [body] - The request body.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export async function put(url, body, options) {
     return request({ ...options, url, method: "PUT", body });
 }
 /**
- * Issues a one-shot `PATCH` request.
+ * Sends an HTTP PATCH request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestBody}                                         [body]   - Request body payload.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
+ * @param {string} url - The target URL.
+ * @param {RequestBody} [body] - The request body.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export async function patch(url, body, options) {
     return request({ ...options, url, method: "PATCH", body });
 }
 /**
- * Issues a one-shot `DELETE` request.
+ * Sends an HTTP DELETE request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
+ * @param {string} url - The target URL.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
  * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export async function del(url, options) {
     return request({ ...options, url, method: "DELETE" });
 }
 /**
- * Issues a one-shot `HEAD` request. The response body will be empty.
+ * Sends an HTTP HEAD request.
  *
- * @param {string}                                              url      - Absolute URL to request.
- * @param {RequestOptions & { impersonate?: string }}          [options] - Optional per-request settings.
- * @returns {Promise<NLcURLResponse>} Resolves with the response (headers only, no body).
+ * @param {string} url - The target URL.
+ * @param {RequestOptions & { impersonate?: string }} [options] - Optional request configuration.
+ * @returns {Promise<NLcURLResponse>} Resolves with the server response.
  */
 export async function head(url, options) {
     return request({ ...options, url, method: "HEAD" });
@@ -130,6 +120,9 @@ function extractSessionConfig(req) {
         cookieJar: req.cookieJar,
         logger: req.logger,
         tls: req.tls,
+        throwOnError: req.throwOnError,
+        cacheConfig: req.cache ? { mode: req.cache } : undefined,
+        hsts: undefined,
     };
 }
 //# sourceMappingURL=client.js.map