remote-components 0.3.4 → 0.3.6

package/dist/remote/html.js

@@ -1,308 +1,10 @@
-var __defProp = Object.defineProperty;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __esm = (fn, res) => function __init() {
-  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
-};
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-
-// src/utils/constants.ts
-var CORS_DOCS_URL;
-var init_constants = __esm({
-  "src/utils/constants.ts"() {
-    "use strict";
-    CORS_DOCS_URL = "https://vercel.com/docs/remote-components/concepts/cors-external-urls#accessing-cross-site-protected-remote-components";
-  }
-});
-
-// src/runtime/url/protected-rc-fallback.ts
-var init_protected_rc_fallback = __esm({
-  "src/runtime/url/protected-rc-fallback.ts"() {
-    "use strict";
-    init_constants();
-  }
-});
-
-// src/utils/abort.ts
-var init_abort = __esm({
-  "src/utils/abort.ts"() {
-    "use strict";
-  }
-});
-
-// src/utils/error.ts
-var RemoteComponentsError;
-var init_error = __esm({
-  "src/utils/error.ts"() {
-    "use strict";
-    init_protected_rc_fallback();
-    init_abort();
-    init_constants();
-    RemoteComponentsError = class extends Error {
-      code = "REMOTE_COMPONENTS_ERROR";
-      constructor(message, options) {
-        super(message, options);
-        this.name = "RemoteComponentsError";
-      }
-    };
-  }
-});
-
-// src/utils/logger.ts
-function logWarn(location2, message) {
-  console.warn(`[${PREFIX}:${location2}]: ${message}`);
-}
-function logError(location2, message, cause) {
-  console.error(
-    new RemoteComponentsError(`[${PREFIX}:${location2}]: ${message}`, {
-      cause
-    })
-  );
-}
-function warnCrossOriginFetchError(logLocation, url) {
-  try {
-    const parsed = typeof url === "string" ? new URL(url) : url;
-    if (typeof location === "undefined" || parsed.origin === location.origin) {
-      return;
-    }
-    logWarn(
-      logLocation,
-      `Failed to fetch cross-origin resource "${parsed.href}". To load assets from a protected deployment, two steps are required: (1) configure withRemoteComponentsHostProxy middleware in your host with the remote URL in allowedProxyUrls, and (2) provide a resolveClientUrl prop that rewrites cross-origin asset URLs to go through the proxy. See: ${CORS_DOCS_URL}`
-    );
-  } catch {
-  }
-}
-var PREFIX, DEBUG;
-var init_logger = __esm({
-  "src/utils/logger.ts"() {
-    "use strict";
-    init_constants();
-    init_error();
-    PREFIX = "remote-components";
-    DEBUG = typeof window !== "undefined" && localStorage.getItem("RC_DEBUG") === "true" || typeof process !== "undefined" && process.env.RC_DEBUG === "true";
-  }
-});
-
-// src/runtime/namespace.ts
-function getNamespace() {
-  const g = globalThis;
-  const existing = g.__remote_components__;
-  if (existing) {
-    return existing;
-  }
-  const ns = {
-    scopes: /* @__PURE__ */ new Map(),
-    chunkCache: {},
-    mountFns: {},
-    unmountFns: {},
-    bundleUrls: {},
-    moduleRegistry: {},
-    dispatcherRuntime: void 0,
-    hostSharedModules: {},
-    cssCache: {},
-    shadowRoots: {}
-  };
-  const nsRecord = ns;
-  for (const { global, prop } of LEGACY_ALIASES) {
-    const legacyValue = g[global];
-    if (legacyValue != null) {
-      nsRecord[prop] = legacyValue;
-    }
-    g[global] = ns[prop];
-  }
-  const gRecord = g;
-  for (const key of Object.keys(gRecord)) {
-    if (key.startsWith(SHADOW_ROOT_PREFIX)) {
-      const suffix = key.slice(SHADOW_ROOT_PREFIX.length);
-      ns.shadowRoots[suffix] = gRecord[key];
-      delete gRecord[key];
-    }
-  }
-  g.__remote_components__ = ns;
-  return ns;
-}
-var SHADOW_ROOT_PREFIX, LEGACY_ALIASES;
-var init_namespace = __esm({
-  "src/runtime/namespace.ts"() {
-    "use strict";
-    SHADOW_ROOT_PREFIX = "__remote_components_shadowroot_";
-    LEGACY_ALIASES = [
-      { global: "__remote_component_scopes__", prop: "scopes" },
-      {
-        global: "__remote_components_turbopack_chunk_loader_promise__",
-        prop: "chunkCache"
-      },
-      { global: "__remote_script_entrypoint_mount__", prop: "mountFns" },
-      { global: "__remote_script_entrypoint_unmount__", prop: "unmountFns" },
-      { global: "__remote_bundle_url__", prop: "bundleUrls" },
-      { global: "__rc_module_registry__", prop: "moduleRegistry" },
-      {
-        global: "__remote_component_host_shared_modules__",
-        prop: "hostSharedModules"
-      },
-      { global: "__remote_next_css__", prop: "cssCache" }
-    ];
-  }
-});
-
-// src/runtime/loaders/static-loader.ts
-var static_loader_exports = {};
-__export(static_loader_exports, {
-  loadStaticRemoteComponent: () => loadStaticRemoteComponent
-});
-async function importViaCallback(absoluteSrc, resolveClientUrl) {
-  const resolvedUrl = resolveClientUrl(absoluteSrc) ?? absoluteSrc;
-  const fetchUrl = new URL(resolvedUrl, location.href).href;
-  const response = await fetch(fetchUrl);
-  if (!response.ok)
-    throw new Error(`Proxied fetch failed: ${response.status}`);
-  const content = (await response.text()).replace(/import\.meta\.url/g, JSON.stringify(absoluteSrc)).replace(
-    /\b(from|import)\s*(["'])(\.\.?\/[^"']+)\2/g,
-    (_, keyword, quote, relativePath) => {
-      const absoluteImportUrl = new URL(relativePath, absoluteSrc).href;
-      const resolvedImportUrl = new URL(
-        resolveClientUrl(absoluteImportUrl) ?? absoluteImportUrl,
-        location.href
-      ).href;
-      return `${keyword} ${quote}${resolvedImportUrl}${quote}`;
-    }
-  );
-  const moduleBlobUrl = URL.createObjectURL(
-    new Blob([content], { type: "text/javascript" })
-  );
-  const wrapperContent = [
-    `import*as m from${JSON.stringify(moduleBlobUrl)};`,
-    `globalThis.__rc_module_registry__=globalThis.__rc_module_registry__||{};`,
-    `globalThis.__rc_module_registry__[${JSON.stringify(absoluteSrc)}]=m;`
-  ].join("");
-  const wrapperBlobUrl = URL.createObjectURL(
-    new Blob([wrapperContent], { type: "text/javascript" })
-  );
-  const scriptEl = document.createElement("script");
-  scriptEl.type = "module";
-  scriptEl.src = wrapperBlobUrl;
-  try {
-    await new Promise((resolve, reject) => {
-      scriptEl.onload = () => resolve();
-      scriptEl.onerror = () => reject(new Error(`Failed to load module for ${absoluteSrc}`));
-      document.head.appendChild(scriptEl);
-    });
-  } finally {
-    scriptEl.remove();
-    URL.revokeObjectURL(moduleBlobUrl);
-    URL.revokeObjectURL(wrapperBlobUrl);
-  }
-  const registry = getNamespace().moduleRegistry;
-  const mod = registry[absoluteSrc] ?? {};
-  delete registry[absoluteSrc];
-  return mod;
-}
-async function importDirectly(absoluteSrc) {
-  try {
-    return await import(
-      /* @vite-ignore */
-      /* webpackIgnore: true */
-      absoluteSrc
-    );
-  } catch (importError) {
-    if (!absoluteSrc.startsWith("blob:")) {
-      warnCrossOriginFetchError("StaticLoader", absoluteSrc);
-    }
-    throw importError;
-  }
-}
-function resolveScriptSrc(script, url) {
-  const rawSrc = typeof script.getAttribute === "function" ? script.getAttribute("src") ?? script.src : script.src;
-  if (!rawSrc && script.textContent) {
-    return URL.createObjectURL(
-      new Blob(
-        [script.textContent.replace(/import\.meta\.url/g, JSON.stringify(url))],
-        { type: "text/javascript" }
-      )
-    );
-  }
-  return rawSrc;
-}
-async function loadStaticRemoteComponent(scripts, url, resolveClientUrl) {
-  const ns = getNamespace();
-  if (ns.mountFns[url.href]) {
-    ns.mountFns[url.href] = /* @__PURE__ */ new Set();
-  }
-  if (ns.unmountFns[url.href]) {
-    ns.unmountFns[url.href] = /* @__PURE__ */ new Set();
-  }
-  const mountUnmountSets = await Promise.all(
-    scripts.map(async (script) => {
-      try {
-        const src = resolveScriptSrc(script, url);
-        const absoluteSrc = new URL(src, url).href;
-        const mod = resolveClientUrl ? await importViaCallback(absoluteSrc, resolveClientUrl) : await importDirectly(absoluteSrc);
-        if (src.startsWith("blob:")) {
-          URL.revokeObjectURL(src);
-        }
-        if (typeof mod.mount === "function" || typeof mod.default?.mount === "function") {
-          if (!ns.mountFns[url.href]) {
-            ns.mountFns[url.href] = /* @__PURE__ */ new Set();
-          }
-          ns.mountFns[url.href]?.add(
-            mod.mount || mod.default?.mount || (() => {
-            })
-          );
-        }
-        if (typeof mod.unmount === "function" || typeof mod.default?.unmount === "function") {
-          if (!ns.unmountFns[url.href]) {
-            ns.unmountFns[url.href] = /* @__PURE__ */ new Set();
-          }
-          ns.unmountFns[url.href]?.add(
-            mod.unmount || mod.default?.unmount || (() => {
-            })
-          );
-        }
-        return {
-          mount: mod.mount || mod.default?.mount,
-          unmount: mod.unmount || mod.default?.unmount
-        };
-      } catch (e) {
-        logError(
-          "StaticLoader",
-          `Error loading remote component script from "${script.src || url.href}".`,
-          e
-        );
-        return {
-          mount: void 0,
-          unmount: void 0
-        };
-      }
-    })
-  );
-  return mountUnmountSets.reduce(
-    (acc, { mount, unmount }) => {
-      if (typeof mount === "function") {
-        acc.mount.add(mount);
-      }
-      if (typeof unmount === "function") {
-        acc.unmount.add(unmount);
-      }
-      return acc;
-    },
-    {
-      mount: /* @__PURE__ */ new Set(),
-      unmount: /* @__PURE__ */ new Set()
-    }
-  );
-}
-var init_static_loader = __esm({
-  "src/runtime/loaders/static-loader.ts"() {
-    "use strict";
-    init_namespace();
-    init_logger();
-  }
-});
+import {
+  logError
+} from "../chunk-S2A4TFLS.js";
+import "../chunk-X6YKUJKH.js";
+import "../chunk-ENYGL5CO.js";
 
 // src/remote/html/index.tsx
-init_logger();
 if (typeof HTMLElement !== "undefined") {
   class RemoteComponent extends HTMLElement {
     name;
@@ -317,8 +19,8 @@ if (typeof HTMLElement !== "undefined") {
       this.root.innerHTML = html;
       this.replaceChildren();
       (async () => {
-        const { loadStaticRemoteComponent: loadStaticRemoteComponent2 } = await Promise.resolve().then(() => (init_static_loader(), static_loader_exports));
-        loadStaticRemoteComponent2(
+        const { loadStaticRemoteComponent } = await import("../static-loader-X4TSF5KW.js");
+        loadStaticRemoteComponent(
           Array.from(this.root?.querySelectorAll("script") ?? []),
           new URL(location.href)
         ).then(({ mount, unmount }) => {

package/dist/remote/html.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/utils/constants.ts","../../src/runtime/url/protected-rc-fallback.ts","../../src/utils/abort.ts","../../src/utils/error.ts","../../src/utils/logger.ts","../../src/runtime/namespace.ts","../../src/runtime/loaders/static-loader.ts","../../src/remote/html/index.tsx"],"sourcesContent":["export const RC_PROTECTED_REMOTE_FETCH_PATHNAME = '/rc-fetch-protected-remote';\n\nexport const MISSING_SHARED_MODULES_MESSAGE =\n  'Remote Components shared modules not found. Did you forget to wrap your config with `withRemoteComponentsConfig` on both host and remote?';\n\nexport const CORS_DOCS_URL =\n  'https://vercel.com/docs/remote-components/concepts/cors-external-urls#accessing-cross-site-protected-remote-components';\n","import { RC_PROTECTED_REMOTE_FETCH_PATHNAME } from '#internal/utils/constants';\n\n/**\n * Generates a fallback URL that proxies the request through the host's protected remote fetch endpoint\n */\nexport function generateProtectedRcFallbackSrc(url: string): string {\n  return `${RC_PROTECTED_REMOTE_FETCH_PATHNAME}?url=${encodeURIComponent(url)}`;\n}\n\nexport function isProxiedUrl(url: string): boolean {\n  try {\n    return (\n      new URL(url, location.href).pathname ===\n      RC_PROTECTED_REMOTE_FETCH_PATHNAME\n    );\n  } catch {\n    return false;\n  }\n}\n","/**\n * Type guard to check if an error is an AbortError.\n * Handles cross-environment differences (Node.js, browsers, JSDOM).\n */\nexport function isAbortError(error: unknown): error is DOMException {\n  if (error instanceof DOMException && error.name === 'AbortError') {\n    return true;\n  }\n\n  // Handle Node.js native AbortError which may not be instanceof global DOMException\n  if (\n    error !== null &&\n    typeof error === 'object' &&\n    'name' in error &&\n    error.name === 'AbortError' &&\n    'message' in error &&\n    typeof (error as { message: unknown }).message === 'string'\n  ) {\n    // Additional check: verify it has DOMException-like structure\n    const e = error as { code?: unknown; constructor?: { name?: string } };\n    return typeof e.code === 'number' || e.constructor?.name === 'DOMException';\n  }\n\n  return false;\n}\n","import { isProxiedUrl } from '#internal/runtime/url/protected-rc-fallback';\nimport { isAbortError } from '#internal/utils/abort';\nimport {\n  CORS_DOCS_URL,\n  RC_PROTECTED_REMOTE_FETCH_PATHNAME,\n} from '#internal/utils/constants';\n\nexport class RemoteComponentsError extends Error {\n  code = 'REMOTE_COMPONENTS_ERROR';\n\n  constructor(message: string, options?: { cause?: unknown }) {\n    super(message, options);\n    this.name = 'RemoteComponentsError';\n  }\n}\n\nexport function multipleRemoteComponentsError(url: string | undefined) {\n  return new RemoteComponentsError(\n    `Multiple Remote Components found at \"${url}\". When a page exposes multiple Remote Components you must specify the \"name\" prop to select which one to load.`,\n  );\n}\n\nexport function failedToFetchRemoteComponentError(\n  url: string,\n  { status, statusText }: { status: number; statusText: string },\n  help: string = 'Is the URL correct and accessible?',\n) {\n  return new RemoteComponentsError(\n    `Failed to fetch Remote Component from \"${url}\". ${help}`,\n    { cause: new Error(`${status} ${statusText}`) },\n  );\n}\n\nexport async function errorFromFailedFetch(\n  originalUrl: string,\n  resolvedUrl: URL,\n  res: Response | null | undefined,\n): Promise<RemoteComponentsError> {\n  const isProxied = isProxiedUrl(resolvedUrl.href);\n\n  if (isProxied && res) {\n    const body = await res.text().catch(() => '');\n    return failedProxyFetchError(\n      originalUrl,\n      resolvedUrl.href,\n      res.status,\n      body,\n    );\n  }\n\n  const fallback = failedToFetchRemoteComponentError(\n    originalUrl,\n    res ?? { status: 0, statusText: 'No Response' },\n  );\n\n  if (!res) return fallback;\n\n  try {\n    const body = await res.text();\n    const parser = new DOMParser();\n    const doc = parser.parseFromString(body, 'text/html');\n    const errorTemplate = doc.querySelector(\n      'template[data-next-error-message]',\n    );\n    const errorMessage = errorTemplate?.getAttribute('data-next-error-message');\n    if (errorMessage) {\n      const error = new RemoteComponentsError(errorMessage);\n      const errorStack = errorTemplate?.getAttribute('data-next-error-stack');\n      if (errorStack) {\n        error.stack = errorStack;\n      }\n      return error;\n    }\n  } catch (parseError) {\n    // Re-throw abort errors, ignore parse errors\n    if (isAbortError(parseError)) throw parseError;\n  }\n\n  return fallback;\n}\n\nexport function failedProxiedAssetError(\n  kind: 'chunk' | 'script',\n  url: string,\n  resolvedUrl: string,\n): RemoteComponentsError {\n  return new RemoteComponentsError(\n    `Failed to load ${kind} \"${url}\" via proxy \"${resolvedUrl}\". ` +\n      `Ensure withRemoteComponentsHostProxy middleware is configured, \"${RC_PROTECTED_REMOTE_FETCH_PATHNAME}\" is in the matcher, ` +\n      `and the remote URL is included in allowedProxyUrls. ` +\n      `See: ${CORS_DOCS_URL}`,\n  );\n}\n\nexport function failedProxyFetchError(\n  originalUrl: string,\n  proxyUrl: string,\n  status: number,\n  responseBody?: string,\n): RemoteComponentsError {\n  if (status === 404) {\n    return new RemoteComponentsError(\n      `Could not proxy the request to \"${originalUrl}\" — the proxy endpoint \"${RC_PROTECTED_REMOTE_FETCH_PATHNAME}\" returned 404.\\n\\n` +\n        `The host server needs middleware or a route that handles \"${RC_PROTECTED_REMOTE_FETCH_PATHNAME}\".\\n\\n` +\n        `Proxying requires two pieces:\\n` +\n        `  1. resolveClientUrl={routeThroughHostProxy} on <RemoteComponent>\\n` +\n        `  2. Middleware or a route for \"${RC_PROTECTED_REMOTE_FETCH_PATHNAME}\" on the host server\\n\\n` +\n        `Docs: ${CORS_DOCS_URL}`,\n    );\n  }\n  if (status === 403) {\n    const detail = responseBody ? ` ${responseBody}` : '';\n    return new RemoteComponentsError(\n      `Proxied request to \"${proxyUrl}\" was forbidden.${detail} ` +\n        `See: ${CORS_DOCS_URL}`,\n    );\n  }\n  return new RemoteComponentsError(\n    `Proxied request for \"${originalUrl}\" via \"${proxyUrl}\" failed with status ${status}. ` +\n      `See: ${CORS_DOCS_URL}`,\n  );\n}\n","import { CORS_DOCS_URL } from '#internal/utils/constants';\nimport { RemoteComponentsError } from '#internal/utils/error';\n\nexport type LogLocation =\n  | 'ChunkLoader'\n  | 'ChunkDispatcher'\n  | 'ComponentLoader'\n  | 'ModuleDispatcher'\n  | 'RemoteScope'\n  | 'SharedModules'\n  | 'WebpackRuntime'\n  | 'TurbopackModule'\n  | 'StaticLoader'\n  | 'ScriptLoader'\n  | 'Polyfill'\n  | 'HtmlRemote'\n  | 'HtmlHost'\n  | 'Config'\n  | 'NextAppRouter'\n  | 'NextAppRouterCompat'\n  | 'FetchRemoteComponent'\n  | 'SharedModuleResolver';\n\nconst PREFIX = 'remote-components';\nconst DEBUG =\n  (typeof window !== 'undefined' &&\n    localStorage.getItem('RC_DEBUG') === 'true') ||\n  (typeof process !== 'undefined' && process.env.RC_DEBUG === 'true');\n\nexport function logDebug(location: LogLocation, message: string) {\n  if (DEBUG) {\n    // eslint-disable-next-line no-console\n    console.debug(`[${PREFIX}:${location}]: ${message}`);\n  }\n}\n\nexport function logInfo(location: LogLocation, message: string) {\n  // eslint-disable-next-line no-console\n  console.info(`[${PREFIX}:${location}]: ${message}`);\n}\n\nexport function logWarn(location: LogLocation, message: string) {\n  // eslint-disable-next-line no-console\n  console.warn(`[${PREFIX}:${location}]: ${message}`);\n}\n\nexport function logError(\n  location: LogLocation,\n  message: string,\n  cause?: unknown,\n) {\n  // eslint-disable-next-line no-console\n  console.error(\n    new RemoteComponentsError(`[${PREFIX}:${location}]: ${message}`, {\n      cause,\n    }),\n  );\n}\n\n/**\n * Logs a warning when a cross-origin asset request fails, guiding users\n * to configure the proxy middleware and resolveClientUrl on their host.\n */\nexport function warnCrossOriginFetchError(\n  logLocation: LogLocation,\n  url: string | URL,\n): void {\n  try {\n    const parsed = typeof url === 'string' ? new URL(url) : url;\n    if (typeof location === 'undefined' || parsed.origin === location.origin) {\n      return;\n    }\n    logWarn(\n      logLocation,\n      `Failed to fetch cross-origin resource \"${parsed.href}\". ` +\n        'To load assets from a protected deployment, two steps are required: ' +\n        '(1) configure withRemoteComponentsHostProxy middleware in your host with the remote URL in allowedProxyUrls, ' +\n        'and (2) provide a resolveClientUrl prop that rewrites cross-origin asset URLs to go through the proxy. ' +\n        `See: ${CORS_DOCS_URL}`,\n    );\n  } catch {\n    // URL parsing failed — skip the warning\n  }\n}\n","import type { RemoteScope } from '#internal/runtime/turbopack/remote-scope';\nimport type {\n  GlobalScope,\n  MountOrUnmountFunction,\n  MountUnmountFunctions,\n} from '#internal/runtime/types';\n\n/**\n * Typed namespace for all remote-components runtime state.\n *\n * Consolidates scattered `globalThis` globals into a single object at\n * `globalThis.__remote_components__`. Each property corresponds to a\n * previously independent global — see inline `@see` tags for the original\n * global name. Code that previously read from those globals still works\n * because each migration writes through to both the namespace and the\n * legacy global (pointing at the same underlying object).\n */\nexport interface RemoteComponentsNamespace {\n  /** @see `__remote_component_scopes__` */\n  scopes: Map<string, RemoteScope>;\n  /** @see `__remote_components_turbopack_chunk_loader_promise__` */\n  chunkCache: Record<string, Promise<unknown>>;\n  /** @see `__remote_script_entrypoint_mount__` */\n  mountFns: Record<string, Set<MountOrUnmountFunction>>;\n  /** @see `__remote_script_entrypoint_unmount__` */\n  unmountFns: Record<string, Set<MountOrUnmountFunction>>;\n  /** @see `__remote_bundle_url__` */\n  bundleUrls: Record<string, string | URL>;\n  /** @see `__rc_module_registry__` */\n  moduleRegistry: Record<string, unknown>;\n  /** @see `__webpack_require_type__` */\n  dispatcherRuntime: string | undefined;\n  /** @see `__remote_component_host_shared_modules__` */\n  hostSharedModules: Record<string, () => Promise<unknown>>;\n  /** @see `__remote_next_css__` */\n  cssCache: Record<string, ChildNode[]>;\n  /** @see `__remote_components_shadowroot_*` */\n  shadowRoots: Record<string, ShadowRoot | null>;\n}\n\n/** Prefix for legacy per-key shadow root globals (`__remote_components_shadowroot_*`). */\nconst SHADOW_ROOT_PREFIX = '__remote_components_shadowroot_';\n\n/**\n * Backward-compat aliases for globals used in <=0.3.3.\n *\n * Only includes object/Map values that can be aliased by reference.\n * Primitives (`dispatcherRuntime`) must use write-through at their call sites.\n * Dynamic-key shadow root globals are adopted separately in `getNamespace()`.\n */\nconst LEGACY_ALIASES: ReadonlyArray<{\n  global: string;\n  prop: keyof RemoteComponentsNamespace;\n}> = [\n  { global: '__remote_component_scopes__', prop: 'scopes' },\n  {\n    global: '__remote_components_turbopack_chunk_loader_promise__',\n    prop: 'chunkCache',\n  },\n  { global: '__remote_script_entrypoint_mount__', prop: 'mountFns' },\n  { global: '__remote_script_entrypoint_unmount__', prop: 'unmountFns' },\n  { global: '__remote_bundle_url__', prop: 'bundleUrls' },\n  { global: '__rc_module_registry__', prop: 'moduleRegistry' },\n  {\n    global: '__remote_component_host_shared_modules__',\n    prop: 'hostSharedModules',\n  },\n  { global: '__remote_next_css__', prop: 'cssCache' },\n];\n\n/**\n * Returns the single shared `RemoteComponentsNamespace` instance, creating\n * it on first access. The namespace lives at `globalThis.__remote_components__`\n * so every module in the page shares the same state regardless of how many\n * copies of the library are loaded.\n *\n * On first initialization this function also handles backward compatibility\n * with legacy globals:\n * 1. **Adopt**: if a legacy global already exists (written by older code before\n *    the namespace was created), its value becomes the initial namespace value.\n * 2. **Alias**: legacy globals are assigned to point at the namespace's objects,\n *    so older code that reads the legacy global sees the same reference.\n */\nexport function getNamespace(): RemoteComponentsNamespace {\n  const g = globalThis as GlobalScope & MountUnmountFunctions;\n  const existing = g.__remote_components__;\n  if (existing) {\n    return existing;\n  }\n\n  const ns: RemoteComponentsNamespace = {\n    scopes: new Map(),\n    chunkCache: {},\n    mountFns: {},\n    unmountFns: {},\n    bundleUrls: {},\n    moduleRegistry: {},\n    dispatcherRuntime: undefined,\n    hostSharedModules: {},\n    cssCache: {},\n    shadowRoots: {},\n  };\n\n  // Adopt any pre-existing legacy globals, then alias them to the namespace.\n  const nsRecord = ns as unknown as Record<string, unknown>;\n  for (const { global, prop } of LEGACY_ALIASES) {\n    const legacyValue = (g as Record<string, unknown>)[global];\n    if (legacyValue != null) {\n      nsRecord[prop] = legacyValue;\n    }\n    (g as Record<string, unknown>)[global] = ns[prop];\n  }\n\n  // Adopt per-key shadow root globals used in <=0.3.3\n  // (e.g. `globalThis.__remote_components_shadowroot_<key> = root`).\n  const gRecord = g as Record<string, unknown>;\n  for (const key of Object.keys(gRecord)) {\n    if (key.startsWith(SHADOW_ROOT_PREFIX)) {\n      const suffix = key.slice(SHADOW_ROOT_PREFIX.length);\n      ns.shadowRoots[suffix] = gRecord[key] as ShadowRoot | null;\n      delete gRecord[key];\n    }\n  }\n\n  g.__remote_components__ = ns;\n  return ns;\n}\n","import type { InternalResolveClientUrl } from '#internal/host/server/types';\nimport { getNamespace } from '#internal/runtime/namespace';\nimport type { MountOrUnmountFunction } from '#internal/runtime/types';\nimport { logError, warnCrossOriginFetchError } from '#internal/utils/logger';\n\ntype ScriptMod = {\n  mount?: MountOrUnmountFunction;\n  unmount?: MountOrUnmountFunction;\n  default?: {\n    mount?: MountOrUnmountFunction;\n    unmount?: MountOrUnmountFunction;\n  };\n};\n\n/**\n * Fetches an ES module via the resolveClientUrl callback, rewrites its\n * relative imports to also go through the callback, then loads it by injecting a\n * wrapper <script type=\"module\"> tag. The module's namespace is captured via\n * a temporary global and returned.\n *\n * This is needed when a direct import() of a cross-origin module fails due to\n * CORS restrictions or Vercel preview-deployment auth. A simple URL rewrite\n * doesn't work for import() because relative imports inside the module would\n * resolve against the rewritten URL instead of the original remote origin.\n */\nasync function importViaCallback<T>(\n  absoluteSrc: string,\n  resolveClientUrl: InternalResolveClientUrl,\n): Promise<T> {\n  const resolvedUrl = resolveClientUrl(absoluteSrc) ?? absoluteSrc;\n  const fetchUrl = new URL(resolvedUrl, location.href).href;\n  const response = await fetch(fetchUrl);\n  if (!response.ok) throw new Error(`Proxied fetch failed: ${response.status}`);\n\n  // Restore import.meta.url to the original module URL so any code that\n  // relies on it (e.g. for asset resolution) gets the right value.\n  // Rewrite relative imports to absolute URLs resolved through the callback so\n  // that transitive dependencies also bypass CORS/auth.\n  const content = (await response.text())\n    .replace(/import\\.meta\\.url/g, JSON.stringify(absoluteSrc))\n    .replace(\n      /\\b(from|import)\\s*([\"'])(\\.\\.?\\/[^\"']+)\\2/g,\n      (_, keyword, quote, relativePath) => {\n        const absoluteImportUrl = new URL(relativePath, absoluteSrc).href;\n        const resolvedImportUrl = new URL(\n          resolveClientUrl(absoluteImportUrl) ?? absoluteImportUrl,\n          location.href,\n        ).href;\n        return `${keyword} ${quote}${resolvedImportUrl}${quote}`;\n      },\n    );\n  const moduleBlobUrl = URL.createObjectURL(\n    new Blob([content], { type: 'text/javascript' }),\n  );\n  const wrapperContent = [\n    `import*as m from${JSON.stringify(moduleBlobUrl)};`,\n    `globalThis.__rc_module_registry__=globalThis.__rc_module_registry__||{};`,\n    `globalThis.__rc_module_registry__[${JSON.stringify(absoluteSrc)}]=m;`,\n  ].join('');\n  const wrapperBlobUrl = URL.createObjectURL(\n    new Blob([wrapperContent], { type: 'text/javascript' }),\n  );\n  const scriptEl = document.createElement('script');\n  scriptEl.type = 'module';\n  scriptEl.src = wrapperBlobUrl;\n  try {\n    await new Promise<void>((resolve, reject) => {\n      scriptEl.onload = () => resolve();\n      scriptEl.onerror = () =>\n        reject(new Error(`Failed to load module for ${absoluteSrc}`));\n      document.head.appendChild(scriptEl);\n    });\n  } finally {\n    scriptEl.remove();\n    URL.revokeObjectURL(moduleBlobUrl);\n    URL.revokeObjectURL(wrapperBlobUrl);\n  }\n  const registry = getNamespace().moduleRegistry as Record<string, T>;\n  const mod = registry[absoluteSrc] ?? ({} as T);\n  delete registry[absoluteSrc];\n  return mod;\n}\n\nasync function importDirectly<T>(absoluteSrc: string): Promise<T> {\n  try {\n    return (await import(\n      /* @vite-ignore */\n      /* webpackIgnore: true */ absoluteSrc\n    )) as T;\n  } catch (importError) {\n    if (!absoluteSrc.startsWith('blob:')) {\n      warnCrossOriginFetchError('StaticLoader', absoluteSrc);\n    }\n    throw importError;\n  }\n}\n\nfunction resolveScriptSrc(script: HTMLScriptElement, url: URL): string {\n  const rawSrc =\n    typeof script.getAttribute === 'function'\n      ? (script.getAttribute('src') ?? script.src)\n      : script.src;\n  if (!rawSrc && script.textContent) {\n    return URL.createObjectURL(\n      new Blob(\n        [script.textContent.replace(/import\\.meta\\.url/g, JSON.stringify(url))],\n        { type: 'text/javascript' },\n      ),\n    );\n  }\n  return rawSrc;\n}\n\nexport async function loadStaticRemoteComponent(\n  scripts: HTMLScriptElement[],\n  url: URL,\n  resolveClientUrl?: InternalResolveClientUrl,\n) {\n  const ns = getNamespace();\n\n  if (ns.mountFns[url.href]) {\n    ns.mountFns[url.href] = new Set();\n  }\n  if (ns.unmountFns[url.href]) {\n    ns.unmountFns[url.href] = new Set();\n  }\n  const mountUnmountSets = await Promise.all(\n    scripts.map(async (script) => {\n      try {\n        const src = resolveScriptSrc(script, url);\n        const absoluteSrc = new URL(src, url).href;\n        const mod: ScriptMod = resolveClientUrl\n          ? await importViaCallback<ScriptMod>(absoluteSrc, resolveClientUrl)\n          : await importDirectly<ScriptMod>(absoluteSrc);\n        // revoke the object URL if we created one for inline script content\n        if (src.startsWith('blob:')) {\n          URL.revokeObjectURL(src);\n        }\n        if (\n          typeof mod.mount === 'function' ||\n          typeof mod.default?.mount === 'function'\n        ) {\n          if (!ns.mountFns[url.href]) {\n            ns.mountFns[url.href] = new Set();\n          }\n          ns.mountFns[url.href]?.add(\n            mod.mount ||\n              mod.default?.mount ||\n              (() => {\n                // noop\n              }),\n          );\n        }\n        if (\n          typeof mod.unmount === 'function' ||\n          typeof mod.default?.unmount === 'function'\n        ) {\n          if (!ns.unmountFns[url.href]) {\n            ns.unmountFns[url.href] = new Set();\n          }\n          ns.unmountFns[url.href]?.add(\n            mod.unmount ||\n              mod.default?.unmount ||\n              (() => {\n                // noop\n              }),\n          );\n        }\n        return {\n          mount: mod.mount || mod.default?.mount,\n          unmount: mod.unmount || mod.default?.unmount,\n        };\n      } catch (e) {\n        logError(\n          'StaticLoader',\n          `Error loading remote component script from \"${script.src || url.href}\".`,\n          e,\n        );\n        return {\n          mount: undefined,\n          unmount: undefined,\n        };\n      }\n    }),\n  );\n  return mountUnmountSets.reduce(\n    (acc, { mount, unmount }) => {\n      if (typeof mount === 'function') {\n        acc.mount.add(mount);\n      }\n      if (typeof unmount === 'function') {\n        acc.unmount.add(unmount);\n      }\n      return acc;\n    },\n    {\n      mount: new Set<MountOrUnmountFunction>(),\n      unmount: new Set<MountOrUnmountFunction>(),\n    },\n  );\n}\n","import type { MountOrUnmountFunction } from '#internal/runtime/types';\nimport { logError } from '#internal/utils/logger';\n\nif (typeof HTMLElement !== 'undefined') {\n  class RemoteComponent extends HTMLElement {\n    name?: string;\n    root?: ShadowRoot | null = null;\n    unmount?: Set<MountOrUnmountFunction> | null = null;\n\n    constructor() {\n      super();\n\n      const html = this.innerHTML;\n      this.root = this.attachShadow({\n        mode: this.getAttribute('mode') === 'closed' ? 'closed' : 'open',\n      });\n      this.root.innerHTML = html;\n      // Clear light DOM — content was copied into the shadow root above.\n      // Without this the original children render twice (once in light DOM,\n      // once in shadow DOM).\n      this.replaceChildren();\n\n      // run the mount functions for any scripts inside the shadow root asynchronously\n      (async () => {\n        const { loadStaticRemoteComponent } = await import(\n          '../../runtime/loaders/static-loader'\n        );\n        loadStaticRemoteComponent(\n          Array.from(this.root?.querySelectorAll('script') ?? []),\n          new URL(location.href),\n        )\n          .then(({ mount, unmount }) => {\n            this.unmount = unmount;\n            return Promise.all(\n              Array.from(mount).map((mountFn) => mountFn(this.root)),\n            );\n          })\n          .catch((e) => {\n            logError('HtmlRemote', 'Error mounting remote component.', e);\n          });\n      })().catch((e) => {\n        logError('HtmlRemote', 'Error mounting remote component.', e);\n      });\n    }\n\n    disconnectedCallback() {\n      // run the unmount functions for any scripts inside the shadow root asynchronously\n      (async () => {\n        if (this.unmount) {\n          await Promise.all(\n            Array.from(this.unmount).map(async (unmount) => {\n              try {\n                await unmount(this.root);\n              } catch (e) {\n                logError('HtmlRemote', 'Error unmounting remote component.', e);\n              }\n            }),\n          );\n        }\n      })().catch((e) => {\n        logError('HtmlRemote', 'Error unmounting remote component.', e);\n      });\n    }\n  }\n\n  // register the custom element\n  customElements.define('remote-component', RemoteComponent);\n}\n"],"mappings":";;;;;;;;;;;AAAA,IAKa;AALb;AAAA;AAAA;AAKO,IAAM,gBACX;AAAA;AAAA;;;ACNF;AAAA;AAAA;AAAA;AAAA;AAAA;;;ACAA;AAAA;AAAA;AAAA;AAAA;;;ACAA,IAOa;AAPb;AAAA;AAAA;AAAA;AACA;AACA;AAKO,IAAM,wBAAN,cAAoC,MAAM;AAAA,MAC/C,OAAO;AAAA,MAEP,YAAY,SAAiB,SAA+B;AAC1D,cAAM,SAAS,OAAO;AACtB,aAAK,OAAO;AAAA,MACd;AAAA,IACF;AAAA;AAAA;;;AC2BO,SAAS,QAAQA,WAAuB,SAAiB;AAE9D,UAAQ,KAAK,IAAI,UAAUA,eAAc,SAAS;AACpD;AAEO,SAAS,SACdA,WACA,SACA,OACA;AAEA,UAAQ;AAAA,IACN,IAAI,sBAAsB,IAAI,UAAUA,eAAc,WAAW;AAAA,MAC/D;AAAA,IACF,CAAC;AAAA,EACH;AACF;AAMO,SAAS,0BACd,aACA,KACM;AACN,MAAI;AACF,UAAM,SAAS,OAAO,QAAQ,WAAW,IAAI,IAAI,GAAG,IAAI;AACxD,QAAI,OAAO,aAAa,eAAe,OAAO,WAAW,SAAS,QAAQ;AACxE;AAAA,IACF;AACA;AAAA,MACE;AAAA,MACA,0CAA0C,OAAO,uSAIvC;AAAA,IACZ;AAAA,EACF,QAAE;AAAA,EAEF;AACF;AAnFA,IAuBM,QACA;AAxBN;AAAA;AAAA;AAAA;AACA;AAsBA,IAAM,SAAS;AACf,IAAM,QACH,OAAO,WAAW,eACjB,aAAa,QAAQ,UAAU,MAAM,UACtC,OAAO,YAAY,eAAe,QAAQ,IAAI,aAAa;AAAA;AAAA;;;ACwDvD,SAAS,eAA0C;AACxD,QAAM,IAAI;AACV,QAAM,WAAW,EAAE;AACnB,MAAI,UAAU;AACZ,WAAO;AAAA,EACT;AAEA,QAAM,KAAgC;AAAA,IACpC,QAAQ,oBAAI,IAAI;AAAA,IAChB,YAAY,CAAC;AAAA,IACb,UAAU,CAAC;AAAA,IACX,YAAY,CAAC;AAAA,IACb,YAAY,CAAC;AAAA,IACb,gBAAgB,CAAC;AAAA,IACjB,mBAAmB;AAAA,IACnB,mBAAmB,CAAC;AAAA,IACpB,UAAU,CAAC;AAAA,IACX,aAAa,CAAC;AAAA,EAChB;AAGA,QAAM,WAAW;AACjB,aAAW,EAAE,QAAQ,KAAK,KAAK,gBAAgB;AAC7C,UAAM,cAAe,EAA8B,MAAM;AACzD,QAAI,eAAe,MAAM;AACvB,eAAS,IAAI,IAAI;AAAA,IACnB;AACA,IAAC,EAA8B,MAAM,IAAI,GAAG,IAAI;AAAA,EAClD;AAIA,QAAM,UAAU;AAChB,aAAW,OAAO,OAAO,KAAK,OAAO,GAAG;AACtC,QAAI,IAAI,WAAW,kBAAkB,GAAG;AACtC,YAAM,SAAS,IAAI,MAAM,mBAAmB,MAAM;AAClD,SAAG,YAAY,MAAM,IAAI,QAAQ,GAAG;AACpC,aAAO,QAAQ,GAAG;AAAA,IACpB;AAAA,EACF;AAEA,IAAE,wBAAwB;AAC1B,SAAO;AACT;AA9HA,IAyCM,oBASA;AAlDN;AAAA;AAAA;AAyCA,IAAM,qBAAqB;AAS3B,IAAM,iBAGD;AAAA,MACH,EAAE,QAAQ,+BAA+B,MAAM,SAAS;AAAA,MACxD;AAAA,QACE,QAAQ;AAAA,QACR,MAAM;AAAA,MACR;AAAA,MACA,EAAE,QAAQ,sCAAsC,MAAM,WAAW;AAAA,MACjE,EAAE,QAAQ,wCAAwC,MAAM,aAAa;AAAA,MACrE,EAAE,QAAQ,yBAAyB,MAAM,aAAa;AAAA,MACtD,EAAE,QAAQ,0BAA0B,MAAM,iBAAiB;AAAA,MAC3D;AAAA,QACE,QAAQ;AAAA,QACR,MAAM;AAAA,MACR;AAAA,MACA,EAAE,QAAQ,uBAAuB,MAAM,WAAW;AAAA,IACpD;AAAA;AAAA;;;ACpEA;AAAA;AAAA;AAAA;AAyBA,eAAe,kBACb,aACA,kBACY;AACZ,QAAM,cAAc,iBAAiB,WAAW,KAAK;AACrD,QAAM,WAAW,IAAI,IAAI,aAAa,SAAS,IAAI,EAAE;AACrD,QAAM,WAAW,MAAM,MAAM,QAAQ;AACrC,MAAI,CAAC,SAAS;AAAI,UAAM,IAAI,MAAM,yBAAyB,SAAS,QAAQ;AAM5E,QAAM,WAAW,MAAM,SAAS,KAAK,GAClC,QAAQ,sBAAsB,KAAK,UAAU,WAAW,CAAC,EACzD;AAAA,IACC;AAAA,IACA,CAAC,GAAG,SAAS,OAAO,iBAAiB;AACnC,YAAM,oBAAoB,IAAI,IAAI,cAAc,WAAW,EAAE;AAC7D,YAAM,oBAAoB,IAAI;AAAA,QAC5B,iBAAiB,iBAAiB,KAAK;AAAA,QACvC,SAAS;AAAA,MACX,EAAE;AACF,aAAO,GAAG,WAAW,QAAQ,oBAAoB;AAAA,IACnD;AAAA,EACF;AACF,QAAM,gBAAgB,IAAI;AAAA,IACxB,IAAI,KAAK,CAAC,OAAO,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAAA,EACjD;AACA,QAAM,iBAAiB;AAAA,IACrB,mBAAmB,KAAK,UAAU,aAAa;AAAA,IAC/C;AAAA,IACA,qCAAqC,KAAK,UAAU,WAAW;AAAA,EACjE,EAAE,KAAK,EAAE;AACT,QAAM,iBAAiB,IAAI;AAAA,IACzB,IAAI,KAAK,CAAC,cAAc,GAAG,EAAE,MAAM,kBAAkB,CAAC;AAAA,EACxD;AACA,QAAM,WAAW,SAAS,cAAc,QAAQ;AAChD,WAAS,OAAO;AAChB,WAAS,MAAM;AACf,MAAI;AACF,UAAM,IAAI,QAAc,CAAC,SAAS,WAAW;AAC3C,eAAS,SAAS,MAAM,QAAQ;AAChC,eAAS,UAAU,MACjB,OAAO,IAAI,MAAM,6BAA6B,aAAa,CAAC;AAC9D,eAAS,KAAK,YAAY,QAAQ;AAAA,IACpC,CAAC;AAAA,EACH,UAAE;AACA,aAAS,OAAO;AAChB,QAAI,gBAAgB,aAAa;AACjC,QAAI,gBAAgB,cAAc;AAAA,EACpC;AACA,QAAM,WAAW,aAAa,EAAE;AAChC,QAAM,MAAM,SAAS,WAAW,KAAM,CAAC;AACvC,SAAO,SAAS,WAAW;AAC3B,SAAO;AACT;AAEA,eAAe,eAAkB,aAAiC;AAChE,MAAI;AACF,WAAQ,MAAM;AAAA;AAAA;AAAA,MAEc;AAAA;AAAA,EAE9B,SAAS,aAAP;AACA,QAAI,CAAC,YAAY,WAAW,OAAO,GAAG;AACpC,gCAA0B,gBAAgB,WAAW;AAAA,IACvD;AACA,UAAM;AAAA,EACR;AACF;AAEA,SAAS,iBAAiB,QAA2B,KAAkB;AACrE,QAAM,SACJ,OAAO,OAAO,iBAAiB,aAC1B,OAAO,aAAa,KAAK,KAAK,OAAO,MACtC,OAAO;AACb,MAAI,CAAC,UAAU,OAAO,aAAa;AACjC,WAAO,IAAI;AAAA,MACT,IAAI;AAAA,QACF,CAAC,OAAO,YAAY,QAAQ,sBAAsB,KAAK,UAAU,GAAG,CAAC,CAAC;AAAA,QACtE,EAAE,MAAM,kBAAkB;AAAA,MAC5B;AAAA,IACF;AAAA,EACF;AACA,SAAO;AACT;AAEA,eAAsB,0BACpB,SACA,KACA,kBACA;AACA,QAAM,KAAK,aAAa;AAExB,MAAI,GAAG,SAAS,IAAI,IAAI,GAAG;AACzB,OAAG,SAAS,IAAI,IAAI,IAAI,oBAAI,IAAI;AAAA,EAClC;AACA,MAAI,GAAG,WAAW,IAAI,IAAI,GAAG;AAC3B,OAAG,WAAW,IAAI,IAAI,IAAI,oBAAI,IAAI;AAAA,EACpC;AACA,QAAM,mBAAmB,MAAM,QAAQ;AAAA,IACrC,QAAQ,IAAI,OAAO,WAAW;AAC5B,UAAI;AACF,cAAM,MAAM,iBAAiB,QAAQ,GAAG;AACxC,cAAM,cAAc,IAAI,IAAI,KAAK,GAAG,EAAE;AACtC,cAAM,MAAiB,mBACnB,MAAM,kBAA6B,aAAa,gBAAgB,IAChE,MAAM,eAA0B,WAAW;AAE/C,YAAI,IAAI,WAAW,OAAO,GAAG;AAC3B,cAAI,gBAAgB,GAAG;AAAA,QACzB;AACA,YACE,OAAO,IAAI,UAAU,cACrB,OAAO,IAAI,SAAS,UAAU,YAC9B;AACA,cAAI,CAAC,GAAG,SAAS,IAAI,IAAI,GAAG;AAC1B,eAAG,SAAS,IAAI,IAAI,IAAI,oBAAI,IAAI;AAAA,UAClC;AACA,aAAG,SAAS,IAAI,IAAI,GAAG;AAAA,YACrB,IAAI,SACF,IAAI,SAAS,UACZ,MAAM;AAAA,YAEP;AAAA,UACJ;AAAA,QACF;AACA,YACE,OAAO,IAAI,YAAY,cACvB,OAAO,IAAI,SAAS,YAAY,YAChC;AACA,cAAI,CAAC,GAAG,WAAW,IAAI,IAAI,GAAG;AAC5B,eAAG,WAAW,IAAI,IAAI,IAAI,oBAAI,IAAI;AAAA,UACpC;AACA,aAAG,WAAW,IAAI,IAAI,GAAG;AAAA,YACvB,IAAI,WACF,IAAI,SAAS,YACZ,MAAM;AAAA,YAEP;AAAA,UACJ;AAAA,QACF;AACA,eAAO;AAAA,UACL,OAAO,IAAI,SAAS,IAAI,SAAS;AAAA,UACjC,SAAS,IAAI,WAAW,IAAI,SAAS;AAAA,QACvC;AAAA,MACF,SAAS,GAAP;AACA;AAAA,UACE;AAAA,UACA,+CAA+C,OAAO,OAAO,IAAI;AAAA,UACjE;AAAA,QACF;AACA,eAAO;AAAA,UACL,OAAO;AAAA,UACP,SAAS;AAAA,QACX;AAAA,MACF;AAAA,IACF,CAAC;AAAA,EACH;AACA,SAAO,iBAAiB;AAAA,IACtB,CAAC,KAAK,EAAE,OAAO,QAAQ,MAAM;AAC3B,UAAI,OAAO,UAAU,YAAY;AAC/B,YAAI,MAAM,IAAI,KAAK;AAAA,MACrB;AACA,UAAI,OAAO,YAAY,YAAY;AACjC,YAAI,QAAQ,IAAI,OAAO;AAAA,MACzB;AACA,aAAO;AAAA,IACT;AAAA,IACA;AAAA,MACE,OAAO,oBAAI,IAA4B;AAAA,MACvC,SAAS,oBAAI,IAA4B;AAAA,IAC3C;AAAA,EACF;AACF;AAxMA;AAAA;AAAA;AACA;AAEA;AAAA;AAAA;;;ACFA;AAEA,IAAI,OAAO,gBAAgB,aAAa;AACtC,QAAM,wBAAwB,YAAY;AAAA,IACxC;AAAA,IACA,OAA2B;AAAA,IAC3B,UAA+C;AAAA,IAE/C,cAAc;AACZ,YAAM;AAEN,YAAM,OAAO,KAAK;AAClB,WAAK,OAAO,KAAK,aAAa;AAAA,QAC5B,MAAM,KAAK,aAAa,MAAM,MAAM,WAAW,WAAW;AAAA,MAC5D,CAAC;AACD,WAAK,KAAK,YAAY;AAItB,WAAK,gBAAgB;AAGrB,OAAC,YAAY;AACX,cAAM,EAAE,2BAAAC,2BAA0B,IAAI,MAAM;AAG5C,QAAAA;AAAA,UACE,MAAM,KAAK,KAAK,MAAM,iBAAiB,QAAQ,KAAK,CAAC,CAAC;AAAA,UACtD,IAAI,IAAI,SAAS,IAAI;AAAA,QACvB,EACG,KAAK,CAAC,EAAE,OAAO,QAAQ,MAAM;AAC5B,eAAK,UAAU;AACf,iBAAO,QAAQ;AAAA,YACb,MAAM,KAAK,KAAK,EAAE,IAAI,CAAC,YAAY,QAAQ,KAAK,IAAI,CAAC;AAAA,UACvD;AAAA,QACF,CAAC,EACA,MAAM,CAAC,MAAM;AACZ,mBAAS,cAAc,oCAAoC,CAAC;AAAA,QAC9D,CAAC;AAAA,MACL,GAAG,EAAE,MAAM,CAAC,MAAM;AAChB,iBAAS,cAAc,oCAAoC,CAAC;AAAA,MAC9D,CAAC;AAAA,IACH;AAAA,IAEA,uBAAuB;AAErB,OAAC,YAAY;AACX,YAAI,KAAK,SAAS;AAChB,gBAAM,QAAQ;AAAA,YACZ,MAAM,KAAK,KAAK,OAAO,EAAE,IAAI,OAAO,YAAY;AAC9C,kBAAI;AACF,sBAAM,QAAQ,KAAK,IAAI;AAAA,cACzB,SAAS,GAAP;AACA,yBAAS,cAAc,sCAAsC,CAAC;AAAA,cAChE;AAAA,YACF,CAAC;AAAA,UACH;AAAA,QACF;AAAA,MACF,GAAG,EAAE,MAAM,CAAC,MAAM;AAChB,iBAAS,cAAc,sCAAsC,CAAC;AAAA,MAChE,CAAC;AAAA,IACH;AAAA,EACF;AAGA,iBAAe,OAAO,oBAAoB,eAAe;AAC3D;","names":["location","loadStaticRemoteComponent"]}
+{"version":3,"sources":["../../src/remote/html/index.tsx"],"sourcesContent":["import type { MountOrUnmountFunction } from '#internal/runtime/types';\nimport { logError } from '#internal/utils/logger';\n\nif (typeof HTMLElement !== 'undefined') {\n  class RemoteComponent extends HTMLElement {\n    name?: string;\n    root?: ShadowRoot | null = null;\n    unmount?: Set<MountOrUnmountFunction> | null = null;\n\n    constructor() {\n      super();\n\n      const html = this.innerHTML;\n      this.root = this.attachShadow({\n        mode: this.getAttribute('mode') === 'closed' ? 'closed' : 'open',\n      });\n      this.root.innerHTML = html;\n      // Clear light DOM — content was copied into the shadow root above.\n      // Without this the original children render twice (once in light DOM,\n      // once in shadow DOM).\n      this.replaceChildren();\n\n      // run the mount functions for any scripts inside the shadow root asynchronously\n      (async () => {\n        const { loadStaticRemoteComponent } = await import(\n          '../../runtime/loaders/static-loader'\n        );\n        loadStaticRemoteComponent(\n          Array.from(this.root?.querySelectorAll('script') ?? []),\n          new URL(location.href),\n        )\n          .then(({ mount, unmount }) => {\n            this.unmount = unmount;\n            return Promise.all(\n              Array.from(mount).map((mountFn) => mountFn(this.root)),\n            );\n          })\n          .catch((e) => {\n            logError('HtmlRemote', 'Error mounting remote component.', e);\n          });\n      })().catch((e) => {\n        logError('HtmlRemote', 'Error mounting remote component.', e);\n      });\n    }\n\n    disconnectedCallback() {\n      // run the unmount functions for any scripts inside the shadow root asynchronously\n      (async () => {\n        if (this.unmount) {\n          await Promise.all(\n            Array.from(this.unmount).map(async (unmount) => {\n              try {\n                await unmount(this.root);\n              } catch (e) {\n                logError('HtmlRemote', 'Error unmounting remote component.', e);\n              }\n            }),\n          );\n        }\n      })().catch((e) => {\n        logError('HtmlRemote', 'Error unmounting remote component.', e);\n      });\n    }\n  }\n\n  // register the custom element\n  customElements.define('remote-component', RemoteComponent);\n}\n"],"mappings":";;;;;;;AAGA,IAAI,OAAO,gBAAgB,aAAa;AACtC,QAAM,wBAAwB,YAAY;AAAA,IACxC;AAAA,IACA,OAA2B;AAAA,IAC3B,UAA+C;AAAA,IAE/C,cAAc;AACZ,YAAM;AAEN,YAAM,OAAO,KAAK;AAClB,WAAK,OAAO,KAAK,aAAa;AAAA,QAC5B,MAAM,KAAK,aAAa,MAAM,MAAM,WAAW,WAAW;AAAA,MAC5D,CAAC;AACD,WAAK,KAAK,YAAY;AAItB,WAAK,gBAAgB;AAGrB,OAAC,YAAY;AACX,cAAM,EAAE,0BAA0B,IAAI,MAAM,OAC1C,8BACF;AACA;AAAA,UACE,MAAM,KAAK,KAAK,MAAM,iBAAiB,QAAQ,KAAK,CAAC,CAAC;AAAA,UACtD,IAAI,IAAI,SAAS,IAAI;AAAA,QACvB,EACG,KAAK,CAAC,EAAE,OAAO,QAAQ,MAAM;AAC5B,eAAK,UAAU;AACf,iBAAO,QAAQ;AAAA,YACb,MAAM,KAAK,KAAK,EAAE,IAAI,CAAC,YAAY,QAAQ,KAAK,IAAI,CAAC;AAAA,UACvD;AAAA,QACF,CAAC,EACA,MAAM,CAAC,MAAM;AACZ,mBAAS,cAAc,oCAAoC,CAAC;AAAA,QAC9D,CAAC;AAAA,MACL,GAAG,EAAE,MAAM,CAAC,MAAM;AAChB,iBAAS,cAAc,oCAAoC,CAAC;AAAA,MAC9D,CAAC;AAAA,IACH;AAAA,IAEA,uBAAuB;AAErB,OAAC,YAAY;AACX,YAAI,KAAK,SAAS;AAChB,gBAAM,QAAQ;AAAA,YACZ,MAAM,KAAK,KAAK,OAAO,EAAE,IAAI,OAAO,YAAY;AAC9C,kBAAI;AACF,sBAAM,QAAQ,KAAK,IAAI;AAAA,cACzB,SAAS,GAAP;AACA,yBAAS,cAAc,sCAAsC,CAAC;AAAA,cAChE;AAAA,YACF,CAAC;AAAA,UACH;AAAA,QACF;AAAA,MACF,GAAG,EAAE,MAAM,CAAC,MAAM;AAChB,iBAAS,cAAc,sCAAsC,CAAC;AAAA,MAChE,CAAC;AAAA,IACH;AAAA,EACF;AAGA,iBAAe,OAAO,oBAAoB,eAAe;AAC3D;","names":[]}

package/dist/remote/middleware.cjs

@@ -1,34 +1,10 @@
-"use strict";
-var __defProp = Object.defineProperty;
-var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
-var __getOwnPropNames = Object.getOwnPropertyNames;
-var __hasOwnProp = Object.prototype.hasOwnProperty;
-var __export = (target, all) => {
-  for (var name in all)
-    __defProp(target, name, { get: all[name], enumerable: true });
-};
-var __copyProps = (to, from, except, desc) => {
-  if (from && typeof from === "object" || typeof from === "function") {
-    for (let key of __getOwnPropNames(from))
-      if (!__hasOwnProp.call(to, key) && key !== except)
-        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
-  }
-  return to;
-};
-var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
-
-// src/remote/middleware/index.ts
-var middleware_exports = {};
-__export(middleware_exports, {
-  withExposeRemoteComponents: () => withExposeRemoteComponents
-});
-module.exports = __toCommonJS(middleware_exports);
-var import_server = require("next/server");
+"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _nullishCoalesce(lhs, rhsFn) { if (lhs != null) { return lhs; } else { return rhsFn(); } } function _optionalChain(ops) { let lastAccessLHS = undefined; let value = ops[0]; let i = 1; while (i < ops.length) { const op = ops[i]; const fn = ops[i + 1]; i += 2; if ((op === 'optionalAccess' || op === 'optionalCall') && value == null) { return undefined; } if (op === 'access' || op === 'optionalAccess') { lastAccessLHS = value; value = fn(value); } else if (op === 'call' || op === 'optionalCall') { value = fn((...args) => value.call(lastAccessLHS, ...args)); lastAccessLHS = undefined; } } return value; }// src/remote/middleware/index.ts
+var _server = require('next/server');
 
 // src/remote/middleware/headers.ts
 function getHeader(headers, name) {
   if (headers instanceof Headers) {
-    return headers.get(name) ?? void 0;
+    return _nullishCoalesce(headers.get(name), () => ( void 0));
   }
   const value = headers[name];
   return Array.isArray(value) ? value[0] : value;
@@ -39,18 +15,18 @@ function getCorsHeaders(options, requestHeaders) {
   }
   const originHeader = getHeader(requestHeaders, "origin");
   const refererHeader = getHeader(requestHeaders, "referer");
-  const origin = originHeader ?? (refererHeader ? new URL(refererHeader).origin : "*");
-  const ALLOWED_ORIGINS = (process.env.REMOTE_COMPONENTS_ALLOWED_ORIGINS || (Array.isArray(options?.origin) ? options.origin.join(",") : options?.origin) || "*").split(",").map((allowedOrigin) => allowedOrigin.trim());
+  const origin = _nullishCoalesce(originHeader, () => ( (refererHeader ? new URL(refererHeader).origin : "*")));
+  const ALLOWED_ORIGINS = (process.env.REMOTE_COMPONENTS_ALLOWED_ORIGINS || (Array.isArray(_optionalChain([options, 'optionalAccess', _ => _.origin])) ? options.origin.join(",") : _optionalChain([options, 'optionalAccess', _2 => _2.origin])) || "*").split(",").map((allowedOrigin) => allowedOrigin.trim());
   const isAllowed = ALLOWED_ORIGINS.includes("*") || ALLOWED_ORIGINS.includes(origin);
-  const allowedHeaders = process.env.REMOTE_COMPONENTS_ALLOW_HEADERS || (Array.isArray(options?.headers) ? options.headers.map((h) => h.trim()).join(",") : options?.headers) || getHeader(requestHeaders, "access-control-request-headers");
+  const allowedHeaders = process.env.REMOTE_COMPONENTS_ALLOW_HEADERS || (Array.isArray(_optionalChain([options, 'optionalAccess', _3 => _3.headers])) ? options.headers.map((h) => h.trim()).join(",") : _optionalChain([options, 'optionalAccess', _4 => _4.headers])) || getHeader(requestHeaders, "access-control-request-headers");
   const CORS_HEADERS = isAllowed ? {
     "Access-Control-Allow-Origin": origin,
-    "Access-Control-Allow-Methods": process.env.REMOTE_COMPONENTS_ALLOW_METHODS || (Array.isArray(options?.method) ? options.method.map((m) => m.trim()).join(",") : options?.method) || "GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS",
+    "Access-Control-Allow-Methods": process.env.REMOTE_COMPONENTS_ALLOW_METHODS || (Array.isArray(_optionalChain([options, 'optionalAccess', _5 => _5.method])) ? options.method.map((m) => m.trim()).join(",") : _optionalChain([options, 'optionalAccess', _6 => _6.method])) || "GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS",
     ...allowedHeaders ? { "Access-Control-Allow-Headers": allowedHeaders } : {},
-    ...process.env.REMOTE_COMPONENTS_ALLOW_CREDENTIALS || options?.credentials ? {
+    ...process.env.REMOTE_COMPONENTS_ALLOW_CREDENTIALS || _optionalChain([options, 'optionalAccess', _7 => _7.credentials]) ? {
       "Access-Control-Allow-Credentials": process.env.REMOTE_COMPONENTS_ALLOW_CREDENTIALS || "true"
     } : {},
-    "Access-Control-Max-Age": options?.maxAge || "600",
+    "Access-Control-Max-Age": _optionalChain([options, 'optionalAccess', _8 => _8.maxAge]) || "600",
     Vary: "Origin"
   } : {};
   return CORS_HEADERS;
@@ -78,14 +54,14 @@ function withExposeRemoteComponents(proxy, options) {
     const preflightResponse = handleCorsPreflightRequest(
       request.method,
       request.headers,
-      options?.cors
+      _optionalChain([options, 'optionalAccess', _9 => _9.cors])
     );
     if (preflightResponse) {
       return preflightResponse;
     }
-    const response = typeof proxy === "function" ? await proxy(request) : import_server.NextResponse.next();
-    if (options?.cors !== false) {
-      const corsHeaders = getCorsHeaders(options?.cors, request.headers);
+    const response = typeof proxy === "function" ? await proxy(request) : _server.NextResponse.next();
+    if (_optionalChain([options, 'optionalAccess', _10 => _10.cors]) !== false) {
+      const corsHeaders = getCorsHeaders(_optionalChain([options, 'optionalAccess', _11 => _11.cors]), request.headers);
       Object.entries(corsHeaders).forEach(
         ([k, v]) => response.headers.set(k, v)
       );
@@ -97,8 +73,7 @@ function withExposeRemoteComponents(proxy, options) {
     return response;
   };
 }
-// Annotate the CommonJS export names for ESM import in node:
-0 && (module.exports = {
-  withExposeRemoteComponents
-});
+
+
+exports.withExposeRemoteComponents = withExposeRemoteComponents;
 //# sourceMappingURL=middleware.cjs.map

package/dist/remote/middleware.cjs.map

@@ -1 +1 @@
-{"version":3,"sources":["../../src/remote/middleware/index.ts","../../src/remote/middleware/headers.ts"],"sourcesContent":["import { type NextRequest, NextResponse } from 'next/server';\nimport {\n  getCorsHeaders,\n  getSecurityHeaders,\n  handleCorsPreflightRequest,\n  type RemoteComponentProxyOptions,\n} from './headers';\n\n/**\n * This proxy is used to handle CORS and other remote component related tasks.\n * It can be used to wrap a Next.js proxy handler function to add CORS headers and handle preflight requests.\n *\n * @param proxy - The Next.js proxy handler function to wrap.\n * @param options - Optional configuration for handling remote components.\n * @returns A Next.js proxy handler function that handles CORS and preflight requests\n */\nexport function withExposeRemoteComponents(\n  proxy?: (request: NextRequest) => NextResponse | Promise<NextResponse>,\n  options?: RemoteComponentProxyOptions,\n) {\n  return async (request: NextRequest) => {\n    // Check if this is a CORS preflight request\n    const preflightResponse = handleCorsPreflightRequest(\n      request.method,\n      request.headers,\n      options?.cors,\n    );\n\n    if (preflightResponse) {\n      return preflightResponse;\n    }\n\n    // For all other requests, continue and attach CORS headers\n    const response =\n      typeof proxy === 'function' ? await proxy(request) : NextResponse.next();\n\n    if (options?.cors !== false) {\n      const corsHeaders = getCorsHeaders(options?.cors, request.headers);\n      Object.entries(corsHeaders).forEach(([k, v]) =>\n        response.headers.set(k, v),\n      );\n    }\n\n    const securityHeaders = getSecurityHeaders();\n    Object.entries(securityHeaders).forEach(([k, v]) =>\n      response.headers.set(k, v),\n    );\n\n    return response;\n  };\n}\n\nexport type { RemoteComponentProxyOptions } from './headers';\n","/**\n * Proxy utilities for remote applications that expose components to hosts.\n */\n\nimport type { IncomingHttpHeaders } from 'node:http';\n\nexport interface RemoteComponentProxyOptions {\n  cors?:\n    | {\n        origin?: string | string[];\n        method?: string | string[];\n        headers?: string | string[];\n        credentials?: boolean;\n        maxAge?: string;\n      }\n    | false;\n}\n\n/**\n * Gets a header value from either a Headers object or a plain object.\n */\nexport function getHeader(\n  headers: Record<string, string> | Headers | IncomingHttpHeaders,\n  name: string,\n): string | undefined {\n  if (headers instanceof Headers) {\n    return headers.get(name) ?? undefined;\n  }\n  const value = headers[name];\n  // IncomingHttpHeaders can have string | string[] | undefined\n  return Array.isArray(value) ? value[0] : value;\n}\n\n/**\n * Computes CORS headers based on the provided options and request headers.\n *\n * @param options - CORS configuration options\n * @param requestHeaders - Headers from the incoming request (can be a Headers object or a plain object)\n * @returns Object containing CORS headers to be added to the response\n */\nexport function getCorsHeaders(\n  options: RemoteComponentProxyOptions['cors'],\n  requestHeaders: Record<string, string> | Headers | IncomingHttpHeaders,\n): Record<string, string> {\n  if (options === false) {\n    return {};\n  }\n\n  const originHeader = getHeader(requestHeaders, 'origin');\n  const refererHeader = getHeader(requestHeaders, 'referer');\n  const origin =\n    originHeader ?? (refererHeader ? new URL(refererHeader).origin : '*');\n\n  const ALLOWED_ORIGINS = (\n    process.env.REMOTE_COMPONENTS_ALLOWED_ORIGINS ||\n    (Array.isArray(options?.origin)\n      ? options.origin.join(',')\n      : options?.origin) ||\n    '*'\n  )\n    .split(',')\n    .map((allowedOrigin) => allowedOrigin.trim());\n\n  const isAllowed =\n    ALLOWED_ORIGINS.includes('*') || ALLOWED_ORIGINS.includes(origin);\n\n  const allowedHeaders =\n    process.env.REMOTE_COMPONENTS_ALLOW_HEADERS ||\n    (Array.isArray(options?.headers)\n      ? options.headers.map((h) => h.trim()).join(',')\n      : options?.headers) ||\n    getHeader(requestHeaders, 'access-control-request-headers');\n\n  const CORS_HEADERS = (\n    isAllowed\n      ? {\n          'Access-Control-Allow-Origin': origin,\n          'Access-Control-Allow-Methods':\n            process.env.REMOTE_COMPONENTS_ALLOW_METHODS ||\n            (Array.isArray(options?.method)\n              ? options.method.map((m) => m.trim()).join(',')\n              : options?.method) ||\n            'GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS',\n          ...(allowedHeaders\n            ? { 'Access-Control-Allow-Headers': allowedHeaders }\n            : {}),\n          ...(process.env.REMOTE_COMPONENTS_ALLOW_CREDENTIALS ||\n          options?.credentials\n            ? {\n                'Access-Control-Allow-Credentials':\n                  process.env.REMOTE_COMPONENTS_ALLOW_CREDENTIALS || 'true',\n              }\n            : {}),\n          'Access-Control-Max-Age': options?.maxAge || '600',\n          Vary: 'Origin',\n        }\n      : {}\n  ) as Record<string, string>;\n\n  return CORS_HEADERS;\n}\n\n/**\n * Returns security headers that prevent the remote component pages from being\n * embedded in frames. Remote components are fetched via HTTP and rendered\n * directly into the host's DOM — they should never be loaded in an iframe.\n */\nexport function getSecurityHeaders(): Record<string, string> {\n  return {\n    'Content-Security-Policy': \"frame-ancestors 'none'\",\n    'X-Frame-Options': 'DENY',\n  };\n}\n\n/**\n * Handles CORS preflight OPTIONS requests.\n *\n * @param method - The HTTP method of the incoming request\n * @param headers - Headers from the incoming request (can be a Headers object or a plain object)\n * @param options - CORS configuration options\n * @returns Response object for the preflight request, or null if not a preflight\n */\nexport function handleCorsPreflightRequest(\n  method: string,\n  headers: Record<string, string> | Headers | IncomingHttpHeaders,\n  options?: RemoteComponentProxyOptions['cors'],\n): Response | null {\n  if (method !== 'OPTIONS' || options === false) {\n    return null;\n  }\n\n  const corsHeaders = getCorsHeaders(options, headers);\n\n  return new Response(undefined, {\n    status: 200,\n    headers: { ...corsHeaders, ...getSecurityHeaders() },\n  });\n}\n"],"mappings":";;;;;;;;;;;;;;;;;;;;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,oBAA+C;;;ACqBxC,SAAS,UACd,SACA,MACoB;AACpB,MAAI,mBAAmB,SAAS;AAC9B,WAAO,QAAQ,IAAI,IAAI,KAAK;AAAA,EAC9B;AACA,QAAM,QAAQ,QAAQ,IAAI;AAE1B,SAAO,MAAM,QAAQ,KAAK,IAAI,MAAM,CAAC,IAAI;AAC3C;AASO,SAAS,eACd,SACA,gBACwB;AACxB,MAAI,YAAY,OAAO;AACrB,WAAO,CAAC;AAAA,EACV;AAEA,QAAM,eAAe,UAAU,gBAAgB,QAAQ;AACvD,QAAM,gBAAgB,UAAU,gBAAgB,SAAS;AACzD,QAAM,SACJ,iBAAiB,gBAAgB,IAAI,IAAI,aAAa,EAAE,SAAS;AAEnE,QAAM,mBACJ,QAAQ,IAAI,sCACX,MAAM,QAAQ,SAAS,MAAM,IAC1B,QAAQ,OAAO,KAAK,GAAG,IACvB,SAAS,WACb,KAEC,MAAM,GAAG,EACT,IAAI,CAAC,kBAAkB,cAAc,KAAK,CAAC;AAE9C,QAAM,YACJ,gBAAgB,SAAS,GAAG,KAAK,gBAAgB,SAAS,MAAM;AAElE,QAAM,iBACJ,QAAQ,IAAI,oCACX,MAAM,QAAQ,SAAS,OAAO,IAC3B,QAAQ,QAAQ,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK,GAAG,IAC7C,SAAS,YACb,UAAU,gBAAgB,gCAAgC;AAE5D,QAAM,eACJ,YACI;AAAA,IACE,+BAA+B;AAAA,IAC/B,gCACE,QAAQ,IAAI,oCACX,MAAM,QAAQ,SAAS,MAAM,IAC1B,QAAQ,OAAO,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK,GAAG,IAC5C,SAAS,WACb;AAAA,IACF,GAAI,iBACA,EAAE,gCAAgC,eAAe,IACjD,CAAC;AAAA,IACL,GAAI,QAAQ,IAAI,uCAChB,SAAS,cACL;AAAA,MACE,oCACE,QAAQ,IAAI,uCAAuC;AAAA,IACvD,IACA,CAAC;AAAA,IACL,0BAA0B,SAAS,UAAU;AAAA,IAC7C,MAAM;AAAA,EACR,IACA,CAAC;AAGP,SAAO;AACT;AAOO,SAAS,qBAA6C;AAC3D,SAAO;AAAA,IACL,2BAA2B;AAAA,IAC3B,mBAAmB;AAAA,EACrB;AACF;AAUO,SAAS,2BACd,QACA,SACA,SACiB;AACjB,MAAI,WAAW,aAAa,YAAY,OAAO;AAC7C,WAAO;AAAA,EACT;AAEA,QAAM,cAAc,eAAe,SAAS,OAAO;AAEnD,SAAO,IAAI,SAAS,QAAW;AAAA,IAC7B,QAAQ;AAAA,IACR,SAAS,EAAE,GAAG,aAAa,GAAG,mBAAmB,EAAE;AAAA,EACrD,CAAC;AACH;;;ADzHO,SAAS,2BACd,OACA,SACA;AACA,SAAO,OAAO,YAAyB;AAErC,UAAM,oBAAoB;AAAA,MACxB,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR,SAAS;AAAA,IACX;AAEA,QAAI,mBAAmB;AACrB,aAAO;AAAA,IACT;AAGA,UAAM,WACJ,OAAO,UAAU,aAAa,MAAM,MAAM,OAAO,IAAI,2BAAa,KAAK;AAEzE,QAAI,SAAS,SAAS,OAAO;AAC3B,YAAM,cAAc,eAAe,SAAS,MAAM,QAAQ,OAAO;AACjE,aAAO,QAAQ,WAAW,EAAE;AAAA,QAAQ,CAAC,CAAC,GAAG,CAAC,MACxC,SAAS,QAAQ,IAAI,GAAG,CAAC;AAAA,MAC3B;AAAA,IACF;AAEA,UAAM,kBAAkB,mBAAmB;AAC3C,WAAO,QAAQ,eAAe,EAAE;AAAA,MAAQ,CAAC,CAAC,GAAG,CAAC,MAC5C,SAAS,QAAQ,IAAI,GAAG,CAAC;AAAA,IAC3B;AAEA,WAAO;AAAA,EACT;AACF;","names":[]}
+{"version":3,"sources":["../../src/remote/middleware/index.ts","../../src/remote/middleware/headers.ts"],"names":[],"mappings":";AAAA,SAA2B,oBAAoB;;;ACqBxC,SAAS,UACd,SACA,MACoB;AACpB,MAAI,mBAAmB,SAAS;AAC9B,WAAO,QAAQ,IAAI,IAAI,KAAK;AAAA,EAC9B;AACA,QAAM,QAAQ,QAAQ,IAAI;AAE1B,SAAO,MAAM,QAAQ,KAAK,IAAI,MAAM,CAAC,IAAI;AAC3C;AASO,SAAS,eACd,SACA,gBACwB;AACxB,MAAI,YAAY,OAAO;AACrB,WAAO,CAAC;AAAA,EACV;AAEA,QAAM,eAAe,UAAU,gBAAgB,QAAQ;AACvD,QAAM,gBAAgB,UAAU,gBAAgB,SAAS;AACzD,QAAM,SACJ,iBAAiB,gBAAgB,IAAI,IAAI,aAAa,EAAE,SAAS;AAEnE,QAAM,mBACJ,QAAQ,IAAI,sCACX,MAAM,QAAQ,SAAS,MAAM,IAC1B,QAAQ,OAAO,KAAK,GAAG,IACvB,SAAS,WACb,KAEC,MAAM,GAAG,EACT,IAAI,CAAC,kBAAkB,cAAc,KAAK,CAAC;AAE9C,QAAM,YACJ,gBAAgB,SAAS,GAAG,KAAK,gBAAgB,SAAS,MAAM;AAElE,QAAM,iBACJ,QAAQ,IAAI,oCACX,MAAM,QAAQ,SAAS,OAAO,IAC3B,QAAQ,QAAQ,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK,GAAG,IAC7C,SAAS,YACb,UAAU,gBAAgB,gCAAgC;AAE5D,QAAM,eACJ,YACI;AAAA,IACE,+BAA+B;AAAA,IAC/B,gCACE,QAAQ,IAAI,oCACX,MAAM,QAAQ,SAAS,MAAM,IAC1B,QAAQ,OAAO,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,KAAK,GAAG,IAC5C,SAAS,WACb;AAAA,IACF,GAAI,iBACA,EAAE,gCAAgC,eAAe,IACjD,CAAC;AAAA,IACL,GAAI,QAAQ,IAAI,uCAChB,SAAS,cACL;AAAA,MACE,oCACE,QAAQ,IAAI,uCAAuC;AAAA,IACvD,IACA,CAAC;AAAA,IACL,0BAA0B,SAAS,UAAU;AAAA,IAC7C,MAAM;AAAA,EACR,IACA,CAAC;AAGP,SAAO;AACT;AAOO,SAAS,qBAA6C;AAC3D,SAAO;AAAA,IACL,2BAA2B;AAAA,IAC3B,mBAAmB;AAAA,EACrB;AACF;AAUO,SAAS,2BACd,QACA,SACA,SACiB;AACjB,MAAI,WAAW,aAAa,YAAY,OAAO;AAC7C,WAAO;AAAA,EACT;AAEA,QAAM,cAAc,eAAe,SAAS,OAAO;AAEnD,SAAO,IAAI,SAAS,QAAW;AAAA,IAC7B,QAAQ;AAAA,IACR,SAAS,EAAE,GAAG,aAAa,GAAG,mBAAmB,EAAE;AAAA,EACrD,CAAC;AACH;;;ADzHO,SAAS,2BACd,OACA,SACA;AACA,SAAO,OAAO,YAAyB;AAErC,UAAM,oBAAoB;AAAA,MACxB,QAAQ;AAAA,MACR,QAAQ;AAAA,MACR,SAAS;AAAA,IACX;AAEA,QAAI,mBAAmB;AACrB,aAAO;AAAA,IACT;AAGA,UAAM,WACJ,OAAO,UAAU,aAAa,MAAM,MAAM,OAAO,IAAI,aAAa,KAAK;AAEzE,QAAI,SAAS,SAAS,OAAO;AAC3B,YAAM,cAAc,eAAe,SAAS,MAAM,QAAQ,OAAO;AACjE,aAAO,QAAQ,WAAW,EAAE;AAAA,QAAQ,CAAC,CAAC,GAAG,CAAC,MACxC,SAAS,QAAQ,IAAI,GAAG,CAAC;AAAA,MAC3B;AAAA,IACF;AAEA,UAAM,kBAAkB,mBAAmB;AAC3C,WAAO,QAAQ,eAAe,EAAE;AAAA,MAAQ,CAAC,CAAC,GAAG,CAAC,MAC5C,SAAS,QAAQ,IAAI,GAAG,CAAC;AAAA,IAC3B;AAEA,WAAO;AAAA,EACT;AACF","sourcesContent":["import { type NextRequest, NextResponse } from 'next/server';\nimport {\n  getCorsHeaders,\n  getSecurityHeaders,\n  handleCorsPreflightRequest,\n  type RemoteComponentProxyOptions,\n} from './headers';\n\n/**\n * This proxy is used to handle CORS and other remote component related tasks.\n * It can be used to wrap a Next.js proxy handler function to add CORS headers and handle preflight requests.\n *\n * @param proxy - The Next.js proxy handler function to wrap.\n * @param options - Optional configuration for handling remote components.\n * @returns A Next.js proxy handler function that handles CORS and preflight requests\n */\nexport function withExposeRemoteComponents(\n  proxy?: (request: NextRequest) => NextResponse | Promise<NextResponse>,\n  options?: RemoteComponentProxyOptions,\n) {\n  return async (request: NextRequest) => {\n    // Check if this is a CORS preflight request\n    const preflightResponse = handleCorsPreflightRequest(\n      request.method,\n      request.headers,\n      options?.cors,\n    );\n\n    if (preflightResponse) {\n      return preflightResponse;\n    }\n\n    // For all other requests, continue and attach CORS headers\n    const response =\n      typeof proxy === 'function' ? await proxy(request) : NextResponse.next();\n\n    if (options?.cors !== false) {\n      const corsHeaders = getCorsHeaders(options?.cors, request.headers);\n      Object.entries(corsHeaders).forEach(([k, v]) =>\n        response.headers.set(k, v),\n      );\n    }\n\n    const securityHeaders = getSecurityHeaders();\n    Object.entries(securityHeaders).forEach(([k, v]) =>\n      response.headers.set(k, v),\n    );\n\n    return response;\n  };\n}\n\nexport type { RemoteComponentProxyOptions } from './headers';\n","/**\n * Proxy utilities for remote applications that expose components to hosts.\n */\n\nimport type { IncomingHttpHeaders } from 'node:http';\n\nexport interface RemoteComponentProxyOptions {\n  cors?:\n    | {\n        origin?: string | string[];\n        method?: string | string[];\n        headers?: string | string[];\n        credentials?: boolean;\n        maxAge?: string;\n      }\n    | false;\n}\n\n/**\n * Gets a header value from either a Headers object or a plain object.\n */\nexport function getHeader(\n  headers: Record<string, string> | Headers | IncomingHttpHeaders,\n  name: string,\n): string | undefined {\n  if (headers instanceof Headers) {\n    return headers.get(name) ?? undefined;\n  }\n  const value = headers[name];\n  // IncomingHttpHeaders can have string | string[] | undefined\n  return Array.isArray(value) ? value[0] : value;\n}\n\n/**\n * Computes CORS headers based on the provided options and request headers.\n *\n * @param options - CORS configuration options\n * @param requestHeaders - Headers from the incoming request (can be a Headers object or a plain object)\n * @returns Object containing CORS headers to be added to the response\n */\nexport function getCorsHeaders(\n  options: RemoteComponentProxyOptions['cors'],\n  requestHeaders: Record<string, string> | Headers | IncomingHttpHeaders,\n): Record<string, string> {\n  if (options === false) {\n    return {};\n  }\n\n  const originHeader = getHeader(requestHeaders, 'origin');\n  const refererHeader = getHeader(requestHeaders, 'referer');\n  const origin =\n    originHeader ?? (refererHeader ? new URL(refererHeader).origin : '*');\n\n  const ALLOWED_ORIGINS = (\n    process.env.REMOTE_COMPONENTS_ALLOWED_ORIGINS ||\n    (Array.isArray(options?.origin)\n      ? options.origin.join(',')\n      : options?.origin) ||\n    '*'\n  )\n    .split(',')\n    .map((allowedOrigin) => allowedOrigin.trim());\n\n  const isAllowed =\n    ALLOWED_ORIGINS.includes('*') || ALLOWED_ORIGINS.includes(origin);\n\n  const allowedHeaders =\n    process.env.REMOTE_COMPONENTS_ALLOW_HEADERS ||\n    (Array.isArray(options?.headers)\n      ? options.headers.map((h) => h.trim()).join(',')\n      : options?.headers) ||\n    getHeader(requestHeaders, 'access-control-request-headers');\n\n  const CORS_HEADERS = (\n    isAllowed\n      ? {\n          'Access-Control-Allow-Origin': origin,\n          'Access-Control-Allow-Methods':\n            process.env.REMOTE_COMPONENTS_ALLOW_METHODS ||\n            (Array.isArray(options?.method)\n              ? options.method.map((m) => m.trim()).join(',')\n              : options?.method) ||\n            'GET,HEAD,POST,PUT,PATCH,DELETE,OPTIONS',\n          ...(allowedHeaders\n            ? { 'Access-Control-Allow-Headers': allowedHeaders }\n            : {}),\n          ...(process.env.REMOTE_COMPONENTS_ALLOW_CREDENTIALS ||\n          options?.credentials\n            ? {\n                'Access-Control-Allow-Credentials':\n                  process.env.REMOTE_COMPONENTS_ALLOW_CREDENTIALS || 'true',\n              }\n            : {}),\n          'Access-Control-Max-Age': options?.maxAge || '600',\n          Vary: 'Origin',\n        }\n      : {}\n  ) as Record<string, string>;\n\n  return CORS_HEADERS;\n}\n\n/**\n * Returns security headers that prevent the remote component pages from being\n * embedded in frames. Remote components are fetched via HTTP and rendered\n * directly into the host's DOM — they should never be loaded in an iframe.\n */\nexport function getSecurityHeaders(): Record<string, string> {\n  return {\n    'Content-Security-Policy': \"frame-ancestors 'none'\",\n    'X-Frame-Options': 'DENY',\n  };\n}\n\n/**\n * Handles CORS preflight OPTIONS requests.\n *\n * @param method - The HTTP method of the incoming request\n * @param headers - Headers from the incoming request (can be a Headers object or a plain object)\n * @param options - CORS configuration options\n * @returns Response object for the preflight request, or null if not a preflight\n */\nexport function handleCorsPreflightRequest(\n  method: string,\n  headers: Record<string, string> | Headers | IncomingHttpHeaders,\n  options?: RemoteComponentProxyOptions['cors'],\n): Response | null {\n  if (method !== 'OPTIONS' || options === false) {\n    return null;\n  }\n\n  const corsHeaders = getCorsHeaders(options, headers);\n\n  return new Response(undefined, {\n    status: 200,\n    headers: { ...corsHeaders, ...getSecurityHeaders() },\n  });\n}\n"]}

package/dist/script-6W5JRBZK.cjs

@@ -0,0 +1,26 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+
+var _chunkCREXMFMFcjs = require('./chunk-CREXMFMF.cjs');
+require('./chunk-7MVFHOIP.cjs');
+require('./chunk-RUWR74XQ.cjs');
+require('./chunk-KE7QPAQ4.cjs');
+require('./chunk-SHFJ5OQA.cjs');
+
+// src/host/html/runtime/script.ts
+function scriptRuntime(resolveClientUrl) {
+  const self = globalThis;
+  return {
+    self,
+    createFromReadableStream: () => Promise.resolve(null),
+    applySharedModules: () => Promise.resolve(),
+    nextClientPagesLoader: () => ({
+      Component: null,
+      App: null
+    }),
+    preloadScripts: (scripts, url) => _chunkCREXMFMFcjs.loadStaticRemoteComponent.call(void 0, scripts, url, resolveClientUrl)
+  };
+}
+
+
+exports.scriptRuntime = scriptRuntime;
+//# sourceMappingURL=script-6W5JRBZK.cjs.map

package/dist/script-6W5JRBZK.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/host/html/runtime/script.ts"],"names":[],"mappings":";;;;;;;;;AAOO,SAAS,cAAc,kBAA6C;AAEzE,QAAM,OAAO;AAMb,SAAO;AAAA,IACL;AAAA,IACA,0BAA0B,MAAM,QAAQ,QAAQ,IAAI;AAAA,IACpD,oBAAoB,MAAM,QAAQ,QAAQ;AAAA,IAC1C,uBAAuB,OAAO;AAAA,MAC5B,WAAW;AAAA,MACX,KAAK;AAAA,IACP;AAAA,IACA,gBAAgB,CAAC,SAA8B,QAC7C,0BAA0B,SAAS,KAAK,gBAAgB;AAAA,EAC5D;AACF","sourcesContent":["// initializer for the script runtime\n\nimport type { InternalResolveClientUrl } from '#internal/host/server/types';\nimport { loadStaticRemoteComponent } from '#internal/runtime/loaders/static-loader';\nimport type { MountUnmountFunctions, RSCKey } from '#internal/runtime/types';\n\n// required to run exposed client components of the remote component\nexport function scriptRuntime(resolveClientUrl?: InternalResolveClientUrl) {\n  // make a typed reference to the global scope\n  const self = globalThis as typeof globalThis & {\n    // webpack runtime globals\n    __webpack_require__: (remoteId: string) => unknown;\n  } & MountUnmountFunctions &\n    Record<RSCKey, string[]>;\n\n  return {\n    self,\n    createFromReadableStream: () => Promise.resolve(null),\n    applySharedModules: () => Promise.resolve(),\n    nextClientPagesLoader: () => ({\n      Component: null,\n      App: null,\n    }),\n    preloadScripts: (scripts: HTMLScriptElement[], url: URL) =>\n      loadStaticRemoteComponent(scripts, url, resolveClientUrl),\n  };\n}\n"]}

package/dist/script-IFEBOLIA.js

@@ -0,0 +1,26 @@
+import {
+  loadStaticRemoteComponent
+} from "./chunk-OO4AMJWO.js";
+import "./chunk-KEPHL25S.js";
+import "./chunk-S2A4TFLS.js";
+import "./chunk-X6YKUJKH.js";
+import "./chunk-ENYGL5CO.js";
+
+// src/host/html/runtime/script.ts
+function scriptRuntime(resolveClientUrl) {
+  const self = globalThis;
+  return {
+    self,
+    createFromReadableStream: () => Promise.resolve(null),
+    applySharedModules: () => Promise.resolve(),
+    nextClientPagesLoader: () => ({
+      Component: null,
+      App: null
+    }),
+    preloadScripts: (scripts, url) => loadStaticRemoteComponent(scripts, url, resolveClientUrl)
+  };
+}
+export {
+  scriptRuntime
+};
+//# sourceMappingURL=script-IFEBOLIA.js.map

package/dist/script-IFEBOLIA.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/host/html/runtime/script.ts"],"sourcesContent":["// initializer for the script runtime\n\nimport type { InternalResolveClientUrl } from '#internal/host/server/types';\nimport { loadStaticRemoteComponent } from '#internal/runtime/loaders/static-loader';\nimport type { MountUnmountFunctions, RSCKey } from '#internal/runtime/types';\n\n// required to run exposed client components of the remote component\nexport function scriptRuntime(resolveClientUrl?: InternalResolveClientUrl) {\n  // make a typed reference to the global scope\n  const self = globalThis as typeof globalThis & {\n    // webpack runtime globals\n    __webpack_require__: (remoteId: string) => unknown;\n  } & MountUnmountFunctions &\n    Record<RSCKey, string[]>;\n\n  return {\n    self,\n    createFromReadableStream: () => Promise.resolve(null),\n    applySharedModules: () => Promise.resolve(),\n    nextClientPagesLoader: () => ({\n      Component: null,\n      App: null,\n    }),\n    preloadScripts: (scripts: HTMLScriptElement[], url: URL) =>\n      loadStaticRemoteComponent(scripts, url, resolveClientUrl),\n  };\n}\n"],"mappings":";;;;;;;;;AAOO,SAAS,cAAc,kBAA6C;AAEzE,QAAM,OAAO;AAMb,SAAO;AAAA,IACL;AAAA,IACA,0BAA0B,MAAM,QAAQ,QAAQ,IAAI;AAAA,IACpD,oBAAoB,MAAM,QAAQ,QAAQ;AAAA,IAC1C,uBAAuB,OAAO;AAAA,MAC5B,WAAW;AAAA,MACX,KAAK;AAAA,IACP;AAAA,IACA,gBAAgB,CAAC,SAA8B,QAC7C,0BAA0B,SAAS,KAAK,gBAAgB;AAAA,EAC5D;AACF;","names":[]}

package/dist/static-loader-X4TSF5KW.js

@@ -0,0 +1,11 @@
+import {
+  loadStaticRemoteComponent
+} from "./chunk-OO4AMJWO.js";
+import "./chunk-KEPHL25S.js";
+import "./chunk-S2A4TFLS.js";
+import "./chunk-X6YKUJKH.js";
+import "./chunk-ENYGL5CO.js";
+export {
+  loadStaticRemoteComponent
+};
+//# sourceMappingURL=static-loader-X4TSF5KW.js.map

package/dist/static-loader-X4TSF5KW.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"sourcesContent":[],"mappings":"","names":[]}

package/dist/static-loader-ZYD5BO4D.cjs

@@ -0,0 +1,11 @@
+"use strict";Object.defineProperty(exports, "__esModule", {value: true});
+
+var _chunkCREXMFMFcjs = require('./chunk-CREXMFMF.cjs');
+require('./chunk-7MVFHOIP.cjs');
+require('./chunk-RUWR74XQ.cjs');
+require('./chunk-KE7QPAQ4.cjs');
+require('./chunk-SHFJ5OQA.cjs');
+
+
+exports.loadStaticRemoteComponent = _chunkCREXMFMFcjs.loadStaticRemoteComponent;
+//# sourceMappingURL=static-loader-ZYD5BO4D.cjs.map

package/dist/static-loader-ZYD5BO4D.cjs.map

@@ -0,0 +1 @@
+{"version":3,"sources":[],"names":[],"mappings":""}