vinext 0.1.3 → 0.1.4

package/dist/server/dev-server.js

@@ -26,6 +26,7 @@ import { detectLocaleFromAcceptLanguage, extractLocaleFromUrl as extractLocaleFr
 import { buildDefaultPagesNotFoundResponse } from "./pages-default-404.js";
 import { buildPagesReadinessNextData } from "./pages-readiness.js";
 import { resolvePagesPageMethodResponse } from "./pages-page-method.js";
+import { createPagesDevModuleUrl } from "./pages-dev-module-url.js";
 import { isSerializableProps } from "./pages-serializable-props.js";
 import { loadUserDocumentInitialProps, runDocumentRenderPage } from "./pages-document-initial-props.js";
 import { callDocumentGetInitialProps } from "./document-initial-head.js";
@@ -100,7 +101,7 @@ const STREAM_BODY_MARKER = "<!--VINEXT_STREAM_BODY-->";
 * shell sooner).
 */
 async function streamPageToResponse(res, element, options) {
-	const { url, server, fontHeadHTML, scripts, DocumentComponent, statusCode = 200, extraHeaders, getHeadHTML, enhancePageElement, scriptNonce, documentContext, setDocumentInitialHead } = options;
+	const { url, server, fontHeadHTML, scripts, DocumentComponent, statusCode = 200, extraHeaders, getHeadHTML, enhancePageElement, scriptNonce, documentContext, setDocumentInitialHead, bufferBodyBeforeHeaders = false } = options;
 	const documentRenderPage = await runDocumentRenderPage({
 		DocumentComponent,
 		enhancePageElement,
@@ -144,6 +145,7 @@ async function streamPageToResponse(res, element, options) {
 	const markerIdx = transformedShell.indexOf(STREAM_BODY_MARKER);
 	const prefix = transformedShell.slice(0, markerIdx);
 	const suffix = transformedShell.slice(markerIdx + 25);
+	const bufferedBody = bufferBodyBeforeHeaders ? await new Response(bodyStream).text() : null;
 	const headers = {
 		"Content-Type": "text/html",
 		"Transfer-Encoding": "chunked"
@@ -152,6 +154,10 @@ async function streamPageToResponse(res, element, options) {
 	else headers[key] = val;
 	res.writeHead(statusCode, headers);
 	res.write(prefix);
+	if (bufferedBody !== null) {
+		res.end(bufferedBody + suffix);
+		return;
+	}
 	const reader = bodyStream.getReader();
 	try {
 		for (;;) {
@@ -622,9 +628,10 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 										}) : React.createElement(pageModule.default, freshPageProps);
 										if (routerShim.wrapWithRouterContext) el = routerShim.wrapWithRouterContext(el);
 										const freshBody = await renderIsrPassToStringAsync(withScriptNonce(el, scriptNonce));
-										const viteRoot = server.config?.root;
-										const regenPageUrl = viteRoot ? "/" + path.relative(viteRoot, route.filePath) : route.filePath;
-										const regenAppUrl = RegenApp ? viteRoot ? "/" + path.relative(viteRoot, path.join(pagesDir, "_app")) : path.join(pagesDir, "_app") : null;
+										const viteRoot = server.config.root;
+										const viteBase = server.config.base;
+										const regenPageUrl = createPagesDevModuleUrl(viteRoot, route.filePath, viteBase);
+										const regenAppUrl = RegenApp ? createPagesDevModuleUrl(viteRoot, path.join(pagesDir, "_app"), viteBase) : null;
 										const freshPagesNextData = {
 											...pagesNextData,
 											__vinext: {
@@ -634,7 +641,7 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 												hasMiddleware
 											}
 										};
-										await isrSet(cacheKey, buildPagesCacheValue(`<!DOCTYPE html><html><head></head><body><div id="__next">${freshBody}</div>${`<script>window.__NEXT_DATA__ = ${safeJsonStringify({
+										await isrSet(cacheKey, buildPagesCacheValue(`<!DOCTYPE html><html><head></head><body><div id="__next">${freshBody}</div>${`<script id="__NEXT_DATA__" type="application/json">${safeJsonStringify({
 											props: freshRenderProps,
 											page: patternToNextFormat(route.pattern),
 											query: params,
@@ -645,7 +652,7 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 											defaultLocale: currentDefaultLocale,
 											domainLocales,
 											...freshPagesNextData
-										})}${i18nConfig ? `;window.__VINEXT_LOCALE__=${safeJsonStringify(locale ?? currentDefaultLocale)};window.__VINEXT_LOCALES__=${safeJsonStringify(i18nConfig.locales)};window.__VINEXT_DEFAULT_LOCALE__=${safeJsonStringify(currentDefaultLocale)}` : ""}<\/script>`}\n  ${cachedHtml.match(/<script type="module">[\s\S]*?<\/script>/)?.[0] ?? ""}</body></html>`, freshRenderProps), revalidate);
+										})}<\/script>`}\n  ${cachedHtml.match(/<script type="module">[\s\S]*?<\/script>/)?.[0] ?? ""}</body></html>`, freshRenderProps), revalidate);
 										setRevalidateDuration(cacheKey, revalidate);
 									}
 								}
@@ -809,8 +816,11 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 				}
 				if (allFontStyles.length > 0) fontHeadHTML += `<style data-vinext-fonts${nonceAttr}>${allFontStyles.join("\n")}</style>\n  `;
 				const viteRoot = server.config.root;
-				const pageModuleUrl = "/" + path.relative(viteRoot, route.filePath);
-				const appModuleUrl = AppComponent ? "/" + path.relative(viteRoot, path.join(pagesDir, "_app")) : null;
+				const viteBase = server.config.base;
+				const pageModuleUrl = createPagesDevModuleUrl(viteRoot, route.filePath, viteBase);
+				const pageModuleSource = createPagesDevModuleUrl(viteRoot, route.filePath, "/");
+				const appModuleUrl = AppComponent ? createPagesDevModuleUrl(viteRoot, path.join(pagesDir, "_app"), viteBase) : null;
+				const appModuleSource = AppComponent ? createPagesDevModuleUrl(viteRoot, path.join(pagesDir, "_app"), "/") : null;
 				const serializedPagesNextData = {
 					...pagesNextData,
 					__vinext: {
@@ -825,14 +835,22 @@ function createSSRHandler(server, runner, routes, pagesDir, i18nConfig, fileMatc
 import "vinext/instrumentation-client";
 import React from "react";
 import { hydrateRoot } from "react-dom/client";
-import Router, { wrapWithRouterContext } from "next/router";
+import Router, { wrapWithRouterContext, _initializePagesRouterReadyFromNextData } from "next/router";
 
+const nextDataElement = document.getElementById("__NEXT_DATA__");
+if (nextDataElement?.textContent) {
+  window.__NEXT_DATA__ = JSON.parse(nextDataElement.textContent);
+  window.__VINEXT_LOCALE__ = window.__NEXT_DATA__.locale;
+  window.__VINEXT_LOCALES__ = window.__NEXT_DATA__.locales;
+  window.__VINEXT_DEFAULT_LOCALE__ = window.__NEXT_DATA__.defaultLocale;
+}
 const nextData = window.__NEXT_DATA__;
+_initializePagesRouterReadyFromNextData(nextData);
 const props = nextData.props && typeof nextData.props === "object" ? nextData.props : {};
 const rawPageProps = props.pageProps;
 const pageProps = rawPageProps && typeof rawPageProps === "object" ? rawPageProps : {};
-window.__VINEXT_PAGE_LOADERS__ = { [nextData.page]: () => import("${pageModuleUrl}") };
-window.__VINEXT_APP_LOADER__ = ${appModuleUrl ? `() => import("${appModuleUrl}")` : "undefined"};
+window.__VINEXT_PAGE_LOADERS__ = { [nextData.page]: () => import("${pageModuleSource}") };
+window.__VINEXT_APP_LOADER__ = ${appModuleSource ? `() => import("${appModuleSource}")` : "undefined"};
 
 async function hydrate() {
   let hydrateRootOptions;
@@ -847,11 +865,11 @@ async function hydrate() {
     };
   }
 
-  const pageModule = await import("${pageModuleUrl}");
+  const pageModule = await import("${pageModuleSource}");
   const PageComponent = pageModule.default;
   let element;
-  ${appModuleUrl ? `
-  const appModule = await import("${appModuleUrl}");
+  ${appModuleSource ? `
+  const appModule = await import("${appModuleSource}");
   const AppComponent = appModule.default;
   window.__VINEXT_APP__ = AppComponent;
   element = React.createElement(AppComponent, {
@@ -880,7 +898,7 @@ async function hydrate() {
 }
 hydrate();
 <\/script>`;
-				const nextDataScript = createInlineScriptTag(`window.__NEXT_DATA__ = ${safeJsonStringify({
+				const nextDataScript = `<script id="__NEXT_DATA__" type="application/json"${nonceAttr}>${safeJsonStringify({
 					props: renderProps,
 					page: patternToNextFormat(route.pattern),
 					query: params,
@@ -891,7 +909,7 @@ hydrate();
 					defaultLocale: currentDefaultLocale,
 					domainLocales,
 					...serializedPagesNextData
-				})}${i18nConfig ? `;window.__VINEXT_LOCALE__=${safeJsonStringify(locale ?? currentDefaultLocale)};window.__VINEXT_LOCALES__=${safeJsonStringify(i18nConfig.locales)};window.__VINEXT_DEFAULT_LOCALE__=${safeJsonStringify(currentDefaultLocale)}` : ""}`, scriptNonce);
+				})}<\/script>`;
 				const docPath = path.join(pagesDir, "_document");
 				let DocumentComponent = null;
 				if (findFileWithExtensions(docPath, matcher)) try {
@@ -939,7 +957,8 @@ hydrate();
 						const traceHTML = getClientTraceMetadataHTML(clientTraceMetadata);
 						return traceHTML ? `${headHTML}\n  ${traceHTML}` : headHTML;
 					},
-					setDocumentInitialHead: typeof headShim.setDocumentInitialHead === "function" ? headShim.setDocumentInitialHead : void 0
+					setDocumentInitialHead: typeof headShim.setDocumentInitialHead === "function" ? headShim.setDocumentInitialHead : void 0,
+					bufferBodyBeforeHeaders: true
 				});
 				_renderEnd = now();
 				if (typeof routerShim.setSSRContext === "function") routerShim.setSSRContext(null);
@@ -1015,41 +1034,67 @@ async function renderErrorPage(server, runner, req, res, url, pagesDir, statusCo
 		if (!wrapFn) try {
 			wrapFn = (await importModule(runner, "next/router")).wrapWithRouterContext;
 		} catch {}
-		let element;
-		if (AppComponent) element = createElement(AppComponent, {
-			Component: ErrorComponent,
-			pageProps: errorProps
-		});
-		else element = createElement(ErrorComponent, errorProps);
-		if (wrapFn) element = wrapFn(element);
-		const bodyHtml = await renderToStringAsync(element);
-		let html;
 		let DocumentComponent = null;
 		const docPathErr = path.join(pagesDir, "_document");
 		if (findFileWithExtensions(docPathErr, matcher)) try {
 			DocumentComponent = (await importModule(runner, docPathErr)).default ?? null;
 		} catch {}
+		const createErrorElement = (FinalApp, FinalComponent) => {
+			let errorElement = FinalApp ? createElement(FinalApp, {
+				Component: FinalComponent,
+				pageProps: errorProps
+			}) : createElement(FinalComponent, errorProps);
+			if (wrapFn) errorElement = wrapFn(errorElement);
+			return errorElement;
+		};
+		const element = createErrorElement(AppComponent, ErrorComponent);
+		const headShim = await importModule(runner, "next/head");
+		if (typeof headShim.resetSSRHead === "function") headShim.resetSSRHead();
 		if (DocumentComponent) {
-			const docProps = await loadUserDocumentInitialProps(DocumentComponent);
-			let docHtml = await renderToStringAsync(docProps ? createElement(DocumentComponent, docProps) : createElement(DocumentComponent));
-			docHtml = docHtml.replace("__NEXT_MAIN__", bodyHtml);
-			docHtml = docHtml.replace("<!-- __NEXT_SCRIPTS__ -->", "");
-			html = docHtml;
-		} else html = `<!DOCTYPE html>
+			const errorPathname = candidate === "_error" ? "/_error" : `/${candidate}`;
+			await streamPageToResponse(res, element, {
+				url,
+				server,
+				fontHeadHTML: "",
+				scripts: "",
+				DocumentComponent,
+				statusCode,
+				documentContext: {
+					err,
+					pathname: errorPathname,
+					query: parseQueryString(url),
+					asPath: url,
+					req,
+					res
+				},
+				enhancePageElement: (renderPageOpts) => {
+					let FinalApp = AppComponent;
+					let FinalComponent = ErrorComponent;
+					if (renderPageOpts.enhanceApp && FinalApp) FinalApp = renderPageOpts.enhanceApp(FinalApp);
+					if (renderPageOpts.enhanceComponent) FinalComponent = renderPageOpts.enhanceComponent(FinalComponent);
+					return createErrorElement(FinalApp, FinalComponent);
+				},
+				getHeadHTML: () => typeof headShim.getSSRHeadHTML === "function" ? headShim.getSSRHeadHTML() : "",
+				setDocumentInitialHead: typeof headShim.setDocumentInitialHead === "function" ? headShim.setDocumentInitialHead : void 0
+			});
+		} else {
+			const html = `<!DOCTYPE html>
 <html>
 <head>
   <meta charset="utf-8" />
   <meta name="viewport" content="width=device-width, initial-scale=1" />
 </head>
 <body>
-  <div id="__next">${bodyHtml}</div>
+  <div id="__next">${await renderToStringAsync(element)}</div>
 </body>
 </html>`;
-		const transformedHtml = await server.transformIndexHtml(url, html);
-		res.writeHead(statusCode, { "Content-Type": "text/html" });
-		res.end(transformedHtml);
+			const transformedHtml = await server.transformIndexHtml(url, html);
+			res.writeHead(statusCode, { "Content-Type": "text/html" });
+			res.end(transformedHtml);
+		}
 		return;
 	} catch {
+		if (res.headersSent || res.writableEnded) return;
 		continue;
 	}
 	if (statusCode === 404) {

package/dist/server/middleware-matcher.js

@@ -1,5 +1,5 @@
 import { removeTrailingSlash } from "../utils/base-path.js";
-import { checkHasConditions, requestContextFromRequest, safeRegExp } from "../config/config-matchers.js";
+import { checkHasConditions, isSafeRegex, requestContextFromRequest, safeRegExp } from "../config/config-matchers.js";
 //#region src/server/middleware-matcher.ts
 const EMPTY_MIDDLEWARE_REQUEST_CONTEXT = {
 	headers: new Headers(),
@@ -7,6 +7,7 @@ const EMPTY_MIDDLEWARE_REQUEST_CONTEXT = {
 	query: new URLSearchParams(),
 	host: ""
 };
+const UNSAFE_MATCHER_PATTERN = Symbol("unsafe matcher pattern");
 const _mwPatternCache = /* @__PURE__ */ new Map();
 function matchesMiddleware(pathname, matcher, request, i18nConfig) {
 	if (!matcher) return true;
@@ -55,6 +56,7 @@ function matchPattern(pathname, pattern) {
 		cached = compileMatcherPattern(pattern);
 		_mwPatternCache.set(pattern, cached);
 	}
+	if (cached === UNSAFE_MATCHER_PATTERN) return true;
 	if (cached === null) return pathname === pattern;
 	return cached.test(pathname);
 }
@@ -74,7 +76,7 @@ function extractConstraint(str, re) {
 }
 function compileMatcherPattern(pattern) {
 	const hasConstraints = /:[\w-]+[*+]?\(/.test(pattern);
-	if (!hasConstraints && (pattern.includes("(") || pattern.includes("\\"))) return safeRegExp("^" + pattern + "$");
+	if (!hasConstraints && (pattern.includes("(") || pattern.includes("\\"))) return compileMatcherRegExp("^" + pattern + "$", pattern);
 	let regexStr = "";
 	const tokenRe = /\/:([\w-]+)\*|\/:([\w-]+)\+|:([\w-]+)|[.]|[^/:.]+|./g;
 	let tok;
@@ -94,7 +96,14 @@ function compileMatcherPattern(pattern) {
 		else regexStr += group;
 	} else if (tok[0] === ".") regexStr += "\\.";
 	else regexStr += tok[0];
-	return safeRegExp("^" + regexStr + "$");
+	return compileMatcherRegExp("^" + regexStr + "$", pattern);
+}
+function compileMatcherRegExp(regexPattern, sourcePattern) {
+	if (!isSafeRegex(regexPattern)) {
+		console.warn(`[vinext] Rejecting potentially unsafe middleware matcher (ReDoS risk): ${sourcePattern}\n  Middleware will run for all paths to avoid bypassing request guards.\n  Simplify the matcher to avoid nested repetition.`);
+		return UNSAFE_MATCHER_PATTERN;
+	}
+	return safeRegExp(regexPattern);
 }
 //#endregion
 export { matchPattern, matchesMiddleware };

package/dist/server/middleware-runtime.d.ts

@@ -35,10 +35,9 @@ type ExecuteMiddlewareOptions = {
   i18nConfig?: NextI18nConfig | null;
   includeErrorDetails?: boolean;
   /**
-   * Whether the incoming request was a Next.js `_next/data` fetch (carried
-   * `x-nextjs-data: 1`). The header itself is stripped by `filterInternalHeaders`
-   * before the middleware request is constructed, so callers must capture this
-   * flag from the raw incoming headers and forward it explicitly.
+   * Whether the incoming request was recognized as a Next.js `_next/data`
+   * fetch. Internal headers are stripped before middleware runs, so adapters
+   * must derive and forward this from trusted URL normalization.
    */
   isDataRequest?: boolean;
   isProxy: boolean;

package/dist/server/middleware-runtime.js

@@ -142,6 +142,8 @@ async function executeMiddleware(options) {
 			response: internalServerErrorResponse(options.includeErrorDetails ? "Middleware Error: " + (e instanceof Error ? e.message : String(e)) : "Internal Server Error"),
 			waitUntilPromises
 		};
+	} finally {
+		if (process.env.NODE_ENV !== "development" && nextRequest.body) nextRequest.body.cancel().catch(() => {});
 	}
 	const waitUntilPromises = drainFetchEvent(fetchEvent);
 	if (!response) return {

package/dist/server/navigation-planner.d.ts

@@ -2,18 +2,9 @@ import { RouteManifest } from "../routing/app-route-graph.js";
 import { CacheEntryReuseDecision, CacheEntryReuseProof } from "./cache-proof.js";
 import { AppElementsSlotBinding } from "./app-elements-wire.js";
 import { NavigationTrace, NavigationTraceFields } from "./navigation-trace.js";
+import { OperationLane, OperationToken } from "./operation-token.js";
 
 //#region src/server/navigation-planner.d.ts
-type OperationLane = "hmr" | "navigation" | "prefetch" | "refresh" | "server-action" | "traverse";
-type OperationToken = {
-  operationId: number;
-  lane: OperationLane;
-  baseVisibleCommitVersion: number;
-  graphVersion: string | null;
-  deploymentVersion: string | null;
-  targetSnapshotFingerprint: string;
-  cacheVariantFingerprint?: string;
-};
 type RouteSnapshot = {
   interception: InterceptionSnapshot | null;
   interceptionContext: string | null;
@@ -85,7 +76,7 @@ type CommitProposal = {
   targetSnapshot: RouteSnapshot;
 };
 type NoCommitReason = "prefetchOnly";
-type HardNavigationReason = "cacheProofRejected" | "interceptionProofRejected" | "rootBoundaryChanged";
+type HardNavigationReason = "cacheProofRejected" | "cacheReuseTokenRejected" | "interceptionProofRejected" | "rootBoundaryChanged";
 type RootBoundaryTransition = "currentRootBoundary" | "rootBoundaryChanged" | "rootBoundaryUnknown";
 type NavigationDecision = {
   kind: "requestWork";
@@ -314,4 +305,4 @@ declare const navigationPlanner: {
   resolveSameLayoutAncestorPersistence: typeof resolveSameLayoutAncestorPersistence;
 };
 //#endregion
-export { EarlyNavigationIntentDecision, EarlyNavigationIntentFacts, FlightResult, InterceptionSnapshot, MountedParallelSlotSnapshot, NavigationDecision, NavigationEvent, NavigationPlannerInput, NavigationPlannerState, NavigationReuseDecision, NavigationReuseFacts, OperationLane, OperationToken, ParallelSlotBindingSnapshot, RefreshScope, RootBoundaryTransition, RouteSnapshot, RscFetchResultDecision, RscFetchResultFacts, RscNavigationErrorDecision, RscNavigationErrorFacts, ServerActionResultDecision, ServerActionResultFacts, TraverseDirection, VisitedResponseCacheCandidateFacts, navigationPlanner, resolveDefaultOrUnmatchedSlotPersistenceForLayouts };
+export { EarlyNavigationIntentDecision, EarlyNavigationIntentFacts, FlightResult, InterceptionSnapshot, MountedParallelSlotSnapshot, NavigationDecision, NavigationEvent, NavigationPlannerInput, NavigationPlannerState, NavigationReuseDecision, NavigationReuseFacts, type OperationLane, type OperationToken, ParallelSlotBindingSnapshot, RefreshScope, RootBoundaryTransition, RouteSnapshot, RscFetchResultDecision, RscFetchResultFacts, RscNavigationErrorDecision, RscNavigationErrorFacts, ServerActionResultDecision, ServerActionResultFacts, TraverseDirection, VisitedResponseCacheCandidateFacts, navigationPlanner, resolveDefaultOrUnmatchedSlotPersistenceForLayouts };

package/dist/server/navigation-planner.js

@@ -6,6 +6,7 @@ import "./app-elements.js";
 import { resolveHardNavigationTargetFromRscResponse, resolveRscCompatibilityNavigationDecision } from "./app-rsc-cache-busting.js";
 import { resolveRscRedirectLifecycleHop, resolveStreamedRscRedirectLifecycleHop } from "./app-browser-rsc-redirect.js";
 import { NavigationTraceReasonCodes, createNavigationLifecycleTraceFields, createNavigationTrace } from "./navigation-trace.js";
+import { verifyOperationTokenForCacheReuse } from "./operation-token.js";
 //#region src/server/navigation-planner.ts
 const ROUTE_INTERCEPTION_CONTEXT_SEPARATOR = "\0";
 const CACHE_ENTRY_PROOF_MISSING_CODE = "CP_CACHE_ENTRY_PROOF_MISSING";
@@ -531,6 +532,18 @@ function createCacheProofRejectedDecision(options) {
 		url: options.event.result.href
 	};
 }
+function createCacheReuseTokenRejectedDecision(options) {
+	return {
+		kind: "hardNavigate",
+		reason: "cacheReuseTokenRejected",
+		token: options.event.token,
+		trace: createNavigationTrace(NavigationTraceReasonCodes.cacheReuseTokenRejected, {
+			...options.traceFields,
+			cacheReuseTokenReason: options.reason
+		}),
+		url: options.event.result.href
+	};
+}
 function createAcceptedCacheProofTraceFields(traceFields, decision) {
 	if (decision === null) return traceFields;
 	return {
@@ -619,6 +632,17 @@ function planFlightResponseArrived(options) {
 		traceFields
 	});
 	const acceptedCacheEntryDecision = cacheEntryProofEvaluation.decision;
+	if (acceptedCacheEntryDecision !== null) {
+		const reuseVerdict = verifyOperationTokenForCacheReuse(options.event.token, {
+			graphVersion: options.routeManifest?.graphVersion ?? null,
+			installedCacheVariantFingerprint: null
+		});
+		if (!reuseVerdict.authorized) return createCacheReuseTokenRejectedDecision({
+			event: options.event,
+			reason: reuseVerdict.reason,
+			traceFields
+		});
+	}
 	const commitTraceFields = createAcceptedCacheProofTraceFields(traceFields, acceptedCacheEntryDecision);
 	const cacheEntryProposalFields = createCacheEntryProposalFields(acceptedCacheEntryDecision);
 	if (targetSnapshot.interception !== null) {

package/dist/server/navigation-trace.d.ts

@@ -3,6 +3,7 @@ declare const NAVIGATION_TRACE_SCHEMA_VERSION = 0;
 type NavigationTraceSchemaVersion = 0;
 declare const NavigationTraceReasonCodes: {
   cacheProofRejected: "NC_CACHE_REJECT";
+  cacheReuseTokenRejected: "NC_CACHE_TOKEN_REJECT";
   commitCurrent: "NC_COMMIT";
   crossDocumentFlight: "NC_CROSS_DOC_FLIGHT";
   fetchFresh: "NC_FETCH_FRESH";
@@ -42,7 +43,7 @@ declare const NavigationTraceTransactionCodes: {
 type NavigationTraceReasonCode = (typeof NavigationTraceReasonCodes)[keyof typeof NavigationTraceReasonCodes];
 type NavigationTraceTransactionCode = (typeof NavigationTraceTransactionCodes)[keyof typeof NavigationTraceTransactionCodes];
 type NavigationTraceCode = NavigationTraceReasonCode | NavigationTraceTransactionCode;
-type NavigationTraceFieldName = "activeNavigationId" | "cacheProofCode" | "cacheProofMode" | "cacheProofReuseClass" | "cacheProofScope" | "currentRootLayoutTreePath" | "currentVisibleCommitVersion" | "nextRootLayoutTreePath" | "eventKind" | "fetchResultSource" | "freshFetchReason" | "operationLane" | "pendingOperationId" | "redirectDepth" | "redirectSignal" | "startedVisibleCommitVersion" | "startedNavigationId" | "targetHref" | "traverseDirection";
+type NavigationTraceFieldName = "activeNavigationId" | "cacheProofCode" | "cacheProofMode" | "cacheProofReuseClass" | "cacheProofScope" | "cacheReuseTokenReason" | "currentRootLayoutTreePath" | "currentVisibleCommitVersion" | "nextRootLayoutTreePath" | "eventKind" | "fetchResultSource" | "freshFetchReason" | "operationLane" | "pendingOperationId" | "redirectDepth" | "redirectSignal" | "startedVisibleCommitVersion" | "startedNavigationId" | "targetHref" | "traverseDirection";
 type NavigationTraceFieldValue = string | number | boolean | null;
 type NavigationTraceFields = Readonly<Partial<Record<NavigationTraceFieldName, NavigationTraceFieldValue>>>;
 type NavigationTraceEntry = Readonly<{

package/dist/server/navigation-trace.js

@@ -2,6 +2,7 @@
 const NAVIGATION_TRACE_SCHEMA_VERSION = 0;
 const NavigationTraceReasonCodes = {
 	cacheProofRejected: "NC_CACHE_REJECT",
+	cacheReuseTokenRejected: "NC_CACHE_TOKEN_REJECT",
 	commitCurrent: "NC_COMMIT",
 	crossDocumentFlight: "NC_CROSS_DOC_FLIGHT",
 	fetchFresh: "NC_FETCH_FRESH",

package/dist/server/operation-token.d.ts

@@ -0,0 +1,40 @@
+//#region src/server/operation-token.d.ts
+type OperationLane = "hmr" | "navigation" | "prefetch" | "refresh" | "server-action" | "traverse";
+type OperationToken = {
+  operationId: number;
+  lane: OperationLane;
+  navigationId: number;
+  baseVisibleCommitVersion: number;
+  graphVersion: string | null;
+  deploymentVersion: string | null;
+  targetSnapshotFingerprint: string;
+  cacheVariantFingerprint?: string;
+};
+declare const verifiedOperationTokenBrand: unique symbol;
+type VerifiedOperationToken = OperationToken & {
+  readonly [verifiedOperationTokenBrand]: true;
+};
+type OperationTokenAuthority = {
+  activeNavigationId: number;
+  visibleCommitVersion: number;
+  graphVersion: string | null;
+  installedCacheVariantFingerprint: string | null;
+};
+type OperationTokenDimension = "navigation" | "visibleCommit" | "graphVersion" | "cacheVariant";
+type OperationTokenRejectionReason = "staleNavigation" | "staleVisibleCommit" | "graphVersionMismatch" | "graphVersionMissing" | "cacheVariantMismatch" | "cacheVariantMissing";
+type OperationTokenVerdict = {
+  readonly authorized: true;
+  readonly token: VerifiedOperationToken;
+} | {
+  readonly authorized: false;
+  readonly reason: OperationTokenRejectionReason;
+};
+type OperationTokenVerificationPolicy = {
+  check: readonly OperationTokenDimension[];
+  require: readonly OperationTokenDimension[];
+};
+declare function verifyOperationToken(token: OperationToken, authority: OperationTokenAuthority, policy: OperationTokenVerificationPolicy): OperationTokenVerdict;
+declare function verifyOperationTokenForCommit(token: OperationToken, authority: Pick<OperationTokenAuthority, "activeNavigationId" | "visibleCommitVersion">): OperationTokenVerdict;
+declare function verifyOperationTokenForCacheReuse(token: OperationToken, authority: Pick<OperationTokenAuthority, "graphVersion" | "installedCacheVariantFingerprint">): OperationTokenVerdict;
+//#endregion
+export { OperationLane, OperationToken, OperationTokenAuthority, OperationTokenRejectionReason, OperationTokenVerdict, OperationTokenVerificationPolicy, VerifiedOperationToken, verifyOperationToken, verifyOperationTokenForCacheReuse, verifyOperationTokenForCommit };

package/dist/server/operation-token.js

@@ -0,0 +1,85 @@
+//#region src/server/operation-token.ts
+const DIMENSION_ORDER = [
+	"navigation",
+	"visibleCommit",
+	"graphVersion",
+	"cacheVariant"
+];
+function evaluateDimension(dimension, token, authority) {
+	switch (dimension) {
+		case "navigation": return token.navigationId === authority.activeNavigationId ? { kind: "satisfied" } : {
+			kind: "mismatch",
+			reason: "staleNavigation"
+		};
+		case "visibleCommit": return token.baseVisibleCommitVersion === authority.visibleCommitVersion ? { kind: "satisfied" } : {
+			kind: "mismatch",
+			reason: "staleVisibleCommit"
+		};
+		case "graphVersion":
+			if (token.graphVersion === null || authority.graphVersion === null) return {
+				kind: "absent",
+				missingReason: "graphVersionMissing"
+			};
+			return token.graphVersion === authority.graphVersion ? { kind: "satisfied" } : {
+				kind: "mismatch",
+				reason: "graphVersionMismatch"
+			};
+		case "cacheVariant": {
+			const tokenVariant = token.cacheVariantFingerprint;
+			const installedVariant = authority.installedCacheVariantFingerprint;
+			if (tokenVariant === void 0 || installedVariant === null) return {
+				kind: "absent",
+				missingReason: "cacheVariantMissing"
+			};
+			return tokenVariant === installedVariant ? { kind: "satisfied" } : {
+				kind: "mismatch",
+				reason: "cacheVariantMismatch"
+			};
+		}
+		default: throw new Error("[vinext] Unknown operation-token dimension: " + String(dimension));
+	}
+}
+function verifyOperationToken(token, authority, policy) {
+	const required = new Set(policy.require);
+	const evaluated = new Set([...policy.check, ...policy.require]);
+	for (const dimension of DIMENSION_ORDER) {
+		if (!evaluated.has(dimension)) continue;
+		const status = evaluateDimension(dimension, token, authority);
+		if (status.kind === "mismatch") return {
+			authorized: false,
+			reason: status.reason
+		};
+		if (status.kind === "absent" && required.has(dimension)) return {
+			authorized: false,
+			reason: status.missingReason
+		};
+	}
+	return {
+		authorized: true,
+		token
+	};
+}
+function verifyOperationTokenForCommit(token, authority) {
+	return verifyOperationToken(token, {
+		activeNavigationId: authority.activeNavigationId,
+		visibleCommitVersion: authority.visibleCommitVersion,
+		graphVersion: token.graphVersion,
+		installedCacheVariantFingerprint: token.cacheVariantFingerprint ?? null
+	}, {
+		check: ["navigation", "visibleCommit"],
+		require: ["navigation", "visibleCommit"]
+	});
+}
+function verifyOperationTokenForCacheReuse(token, authority) {
+	return verifyOperationToken(token, {
+		activeNavigationId: token.navigationId,
+		visibleCommitVersion: token.baseVisibleCommitVersion,
+		graphVersion: authority.graphVersion,
+		installedCacheVariantFingerprint: authority.installedCacheVariantFingerprint
+	}, {
+		check: ["graphVersion", "cacheVariant"],
+		require: []
+	});
+}
+//#endregion
+export { verifyOperationToken, verifyOperationTokenForCacheReuse, verifyOperationTokenForCommit };

package/dist/server/pages-data-route.d.ts

@@ -116,6 +116,6 @@ type NormalizePagesDataRequestResult = {
  * Extracted from `entries/pages-server-entry.ts` so both `renderPage` and
  * `runMiddleware` share a single implementation.
  */
-declare function normalizePagesDataRequest(request: Request, buildId: string | null): NormalizePagesDataRequestResult;
+declare function normalizePagesDataRequest(request: Request, buildId: string | null, basePath?: string): NormalizePagesDataRequestResult;
 //#endregion
 export { buildNextDataJsonResponse, buildNextDataNotFoundResponse, buildNextDataPropsJsonResponse, isNextDataPathname, normalizePagesDataRequest, parseNextDataPathname };

package/dist/server/pages-data-route.js

@@ -1,3 +1,4 @@
+import { addBasePathToPathname, hasBasePath, stripBasePath } from "../utils/base-path.js";
 import { NEXTJS_DEPLOYMENT_ID_HEADER } from "./headers.js";
 //#region src/server/pages-data-route.ts
 /**
@@ -123,16 +124,18 @@ function buildNextDataNotFoundResponse() {
 * Extracted from `entries/pages-server-entry.ts` so both `renderPage` and
 * `runMiddleware` share a single implementation.
 */
-function normalizePagesDataRequest(request, buildId) {
+function normalizePagesDataRequest(request, buildId, basePath = "") {
 	const reqUrl = new URL(request.url);
-	if (!isNextDataPathname(reqUrl.pathname)) return {
+	const hadBasePath = !!basePath && hasBasePath(reqUrl.pathname, basePath);
+	const dataPathname = basePath ? stripBasePath(reqUrl.pathname, basePath) : reqUrl.pathname;
+	if (!isNextDataPathname(dataPathname)) return {
 		isDataReq: false,
 		request,
 		normalizedPathname: null,
 		search: "",
 		notFoundResponse: null
 	};
-	const dataMatch = buildId ? parseNextDataPathname(reqUrl.pathname, buildId) : null;
+	const dataMatch = buildId ? parseNextDataPathname(dataPathname, buildId) : null;
 	if (!dataMatch) return {
 		isDataReq: false,
 		request,
@@ -141,7 +144,7 @@ function normalizePagesDataRequest(request, buildId) {
 		notFoundResponse: buildNextDataNotFoundResponse()
 	};
 	const normalizedUrl = new URL(reqUrl);
-	normalizedUrl.pathname = dataMatch.pagePathname;
+	normalizedUrl.pathname = hadBasePath ? addBasePathToPathname(dataMatch.pagePathname, basePath) : dataMatch.pagePathname;
 	return {
 		isDataReq: true,
 		request: new Request(normalizedUrl, request),

package/dist/server/pages-dev-module-url.d.ts

@@ -0,0 +1,4 @@
+//#region src/server/pages-dev-module-url.d.ts
+declare function createPagesDevModuleUrl(viteRoot: string, moduleFilePath: string, viteBase: string): string;
+//#endregion
+export { createPagesDevModuleUrl };

package/dist/server/pages-dev-module-url.js

@@ -0,0 +1,15 @@
+import path from "node:path";
+//#region src/server/pages-dev-module-url.ts
+function normalizeBase(base) {
+	if (!base || base === "/") return "/";
+	return `/${base.replace(/^\/+|\/+$/g, "")}/`;
+}
+function encodeModulePath(modulePath) {
+	return encodeURI(modulePath).replace(/%5B/gi, "[").replace(/%5D/gi, "]").replace(/\?/g, "%3F").replace(/#/g, "%23");
+}
+function createPagesDevModuleUrl(viteRoot, moduleFilePath, viteBase) {
+	const relativePath = (/^[A-Za-z]:[\\/]/.test(viteRoot) ? path.win32 : path).relative(viteRoot, moduleFilePath).replace(/\\/g, "/");
+	return normalizeBase(viteBase) + encodeModulePath(relativePath);
+}
+//#endregion
+export { createPagesDevModuleUrl };

package/dist/server/pages-document-initial-props.d.ts

@@ -45,12 +45,6 @@ type DocumentRenderPageInput = {
  *                  the head nodes returned by `getInitialProps` (forward them to
  *                  `setDocumentInitialHead()` — do NOT call
  *                  `callDocumentGetInitialProps()` as well).
- *   - `consumed` — `getInitialProps` WAS invoked but no body was produced
- *                  (it never called `renderPage`, returned no `{ html }`, or
- *                  threw). Callers must NOT re-invoke `getInitialProps` (that
- *                  would call it a second time) — render the streaming body,
- *                  spread `docProps` (possibly empty) onto `<Document>`, and
- *                  forward `head` to `setDocumentInitialHead()`.
  */
 type RunDocumentRenderPageResult = {
   status: "skipped";
@@ -60,10 +54,6 @@ type RunDocumentRenderPageResult = {
   stylesHTML: string;
   docProps: Record<string, unknown>;
   head: ReactNode[];
-} | {
-  status: "consumed";
-  docProps: Record<string, unknown>;
-  head: ReactNode[];
 };
 /**
  * Run a user `_document.getInitialProps()` with a `ctx.renderPage()` that
@@ -75,11 +65,10 @@ type RunDocumentRenderPageResult = {
  * prod (`pages-page-response.ts`) and dev (`dev-server.ts`) SSR pipelines so
  * the `getInitialProps` + `renderPage` contract lives in one place.
  *
- * `getInitialProps` is invoked at most once here. When this returns `consumed`
- * or `rendered`, callers MUST treat that as the single invocation and must not
- * call `loadUserDocumentInitialProps` (which would invoke it again — and, for a
- * throwing override, surface the error as a 500 rather than the clean fallback
- * this contract guarantees).
+ * `getInitialProps` is invoked at most once here. When this returns `rendered`,
+ * callers MUST treat that as the single invocation and must not call
+ * `loadUserDocumentInitialProps` again. Errors intentionally propagate to the
+ * Pages Router's normal error-page pipeline, matching Next.js.
  *
  * @see .nextjs-ref/packages/next/src/server/render.tsx (search `renderPage`)
  */