vinext 0.1.3 → 0.1.5

package/dist/server/pages-request-pipeline.js

@@ -5,6 +5,14 @@ import { mergeRewriteQuery } from "../utils/query.js";
 import { normalizeDefaultLocalePathname, stripI18nLocaleForApiRoute } from "./pages-i18n.js";
 import { mergeHeaders } from "./worker-utils.js";
 //#region src/server/pages-request-pipeline.ts
+async function fetchWorkerFilesystemRoute(request, requestPathname, phase, fetchAsset) {
+	if (phase === "direct" || request.method !== "GET" && request.method !== "HEAD" || requestPathname === "/api" || requestPathname.startsWith("/api/")) return false;
+	const assetUrl = new URL(request.url);
+	assetUrl.pathname = requestPathname;
+	assetUrl.search = "";
+	const response = await fetchAsset(new Request(assetUrl, request));
+	return response.status === 404 ? false : response;
+}
 /**
 * Wrap an adapter's `runMiddleware` callback so middleware receives the original
 * (pre-basePath-stripping) URL. Adapters strip the basePath before handing the
@@ -72,6 +80,15 @@ async function runPagesRequest(request, deps) {
 	let resolvedUrl = originalResolvedUrl;
 	const middlewareHeaders = {};
 	let middlewareStatus;
+	const serveFilesystemRoute = async (requestPathname, phase) => {
+		if (!deps.serveFilesystemRoute) return null;
+		const served = await deps.serveFilesystemRoute(requestPathname, middlewareHeaders, phase);
+		if (served instanceof Response) return {
+			type: "response",
+			response: mergeHeaders(served, middlewareHeaders, middlewareStatus)
+		};
+		return served ? { type: "handled" } : null;
+	};
 	if (typeof deps.runMiddleware === "function") {
 		const result = await deps.runMiddleware(request, deps.ctx ?? null, { isDataRequest });
 		if (result.waitUntilPromises && result.waitUntilPromises.length > 0) {
@@ -132,9 +149,8 @@ async function runPagesRequest(request, deps) {
 		type: "response",
 		response: mergeHeaders(await proxyExternal(request, resolvedUrl), middlewareHeaders, void 0)
 	};
-	if (deps.serveStaticFile) {
-		if (await deps.serveStaticFile(pathname, middlewareHeaders)) return { type: "handled" };
-	}
+	const directFilesystemResult = await serveFilesystemRoute(pathname, "direct");
+	if (directFilesystemResult) return directFilesystemResult;
 	let configRewriteFired = false;
 	for (const rewrite of configRewrites.beforeFiles ?? []) {
 		const rewritten = matchRewrite(matchResolvedPathname(resolvedPathname), [rewrite], rewriteRequestContext(), basePathState);
@@ -148,6 +164,10 @@ async function runPagesRequest(request, deps) {
 			configRewriteFired = true;
 		}
 	}
+	if (configRewriteFired) {
+		const beforeFilesResult = await serveFilesystemRoute(resolvedPathname, "beforeFiles");
+		if (beforeFilesResult) return beforeFilesResult;
+	}
 	if (basePath && !hadBasePath && !configRewriteFired) return {
 		type: "response",
 		response: new Response("This page could not be found", {
@@ -155,27 +175,33 @@ async function runPagesRequest(request, deps) {
 			headers: { "Content-Type": "text/html; charset=utf-8" }
 		})
 	};
-	const apiLookupUrl = stripI18nLocaleForApiRoute(resolvedUrl, i18nConfig);
-	const apiLookupPathname = apiLookupUrl.split("?")[0];
-	if (apiLookupPathname.startsWith("/api/") || apiLookupPathname === "/api") if (typeof deps.handleApi === "function") {
-		let apiRequest = request;
-		if (basePath && hadBasePath) {
-			const apiRequestUrl = new URL(request.url);
-			apiRequestUrl.pathname = addBasePathToPathname(apiRequestUrl.pathname, basePath);
-			apiRequest = cloneRequestWithUrl(request, apiRequestUrl.toString());
+	const handleResolvedApiRoute = async () => {
+		const apiLookupUrl = stripI18nLocaleForApiRoute(resolvedUrl, i18nConfig);
+		const apiLookupPathname = apiLookupUrl.split("?")[0];
+		if (!apiLookupPathname.startsWith("/api/") && apiLookupPathname !== "/api") return null;
+		if (typeof deps.handleApi === "function") {
+			let apiRequest = request;
+			if (basePath && hadBasePath) {
+				const apiRequestUrl = new URL(request.url);
+				apiRequestUrl.pathname = addBasePathToPathname(apiRequestUrl.pathname, basePath);
+				apiRequest = cloneRequestWithUrl(request, apiRequestUrl.toString());
+			}
+			return {
+				type: "response",
+				defaultContentType: "application/octet-stream",
+				response: mergeHeaders(await deps.handleApi(apiRequest, apiLookupUrl, deps.ctx ?? null), middlewareHeaders, middlewareStatus)
+			};
 		}
 		return {
-			type: "response",
-			defaultContentType: "application/octet-stream",
-			response: mergeHeaders(await deps.handleApi(apiRequest, apiLookupUrl, deps.ctx ?? null), middlewareHeaders, middlewareStatus)
+			type: "api",
+			apiUrl: apiLookupUrl,
+			stagedHeaders: middlewareHeaders,
+			requestHeaders: request.headers,
+			middlewareStatus
 		};
-	} else return {
-		type: "api",
-		apiUrl: apiLookupUrl,
-		stagedHeaders: middlewareHeaders,
-		requestHeaders: request.headers,
-		middlewareStatus
 	};
+	const apiResult = await handleResolvedApiRoute();
+	if (apiResult) return apiResult;
 	let pageMatch = deps.matchPageRoute ? deps.matchPageRoute(resolvedPathname, request) : null;
 	let resolvedPathnameChanged = false;
 	if (!pageMatch || pageMatch.route.isDynamic) for (const rewrite of configRewrites.afterFiles ?? []) {
@@ -188,6 +214,10 @@ async function runPagesRequest(request, deps) {
 			resolvedUrl = mergeRewriteQuery(resolvedUrl, rewritten);
 			resolvedPathname = pathnameForResolvedUrl(resolvedUrl);
 			resolvedPathnameChanged = true;
+			const afterFilesFilesystemResult = await serveFilesystemRoute(resolvedPathname, "afterFiles");
+			if (afterFilesFilesystemResult) return afterFilesFilesystemResult;
+			const afterFilesApiResult = await handleResolvedApiRoute();
+			if (afterFilesApiResult) return afterFilesApiResult;
 			pageMatch = deps.matchPageRoute ? deps.matchPageRoute(resolvedPathname, request) : null;
 			if (pageMatch) break;
 		}
@@ -208,6 +238,10 @@ async function runPagesRequest(request, deps) {
 			};
 			resolvedUrl = mergeRewriteQuery(resolvedUrl, fallbackRewrite);
 			resolvedPathname = pathnameForResolvedUrl(resolvedUrl);
+			const fallbackFilesystemResult = await serveFilesystemRoute(resolvedPathname, "fallback");
+			if (fallbackFilesystemResult) return fallbackFilesystemResult;
+			const fallbackApiResult = await handleResolvedApiRoute();
+			if (fallbackApiResult) return fallbackApiResult;
 			renderPageMatch = deps.matchPageRoute ? deps.matchPageRoute(resolvedPathname, request) : null;
 			refreshDataRewriteHeader();
 			if (renderPageMatch) break;
@@ -228,6 +262,10 @@ async function runPagesRequest(request, deps) {
 			};
 			resolvedUrl = mergeRewriteQuery(resolvedUrl, fallbackRewrite);
 			resolvedPathname = pathnameForResolvedUrl(resolvedUrl);
+			const fallbackFilesystemResult = await serveFilesystemRoute(resolvedPathname, "fallback");
+			if (fallbackFilesystemResult) return fallbackFilesystemResult;
+			const fallbackApiResult = await handleResolvedApiRoute();
+			if (fallbackApiResult) return fallbackApiResult;
 			response = await deps.renderPage(request, resolvedUrl, void 0, stagedHeaders);
 			matchedFallbackRewrite = true;
 			if (response.status !== 404) break;
@@ -250,6 +288,10 @@ async function runPagesRequest(request, deps) {
 		};
 		resolvedUrl = mergeRewriteQuery(resolvedUrl, fallbackRewrite);
 		resolvedPathname = pathnameForResolvedUrl(resolvedUrl);
+		const fallbackFilesystemResult = await serveFilesystemRoute(resolvedPathname, "fallback");
+		if (fallbackFilesystemResult) return fallbackFilesystemResult;
+		const fallbackApiResult = await handleResolvedApiRoute();
+		if (fallbackApiResult) return fallbackApiResult;
 		if (deps.matchPageRoute?.(resolvedPathname, request)) break;
 	}
 	refreshDataRewriteHeader();
@@ -264,4 +306,4 @@ async function runPagesRequest(request, deps) {
 	};
 }
 //#endregion
-export { runPagesRequest, wrapMiddlewareWithBasePath };
+export { fetchWorkerFilesystemRoute, runPagesRequest, wrapMiddlewareWithBasePath };

package/dist/server/prod-server.d.ts

@@ -41,6 +41,8 @@ import { IncomingMessage, ServerResponse } from "node:http";
  */
 declare function resolveServerEntryImportUrl(entryPath: string): string;
 declare function importServerEntryModule(entryPath: string): Promise<any>;
+/** Convert a Node.js IncomingMessage into a ReadableStream for Web Request body. */
+declare function readNodeStream(req: IncomingMessage): ReadableStream<Uint8Array>;
 type ProdServerOptions = {
   /** Port to listen on */port?: number; /** Host to bind to */
   host?: string; /** Path to the build output directory */
@@ -143,4 +145,4 @@ declare function resolveAppRouterPrerenderSeeder(entryModule: unknown): AppRoute
  */
 declare function resolveAppRouterAssetPath(pathname: string, assetPathPrefix: string, assetPrefix: string): string | null;
 //#endregion
-export { COMPRESSIBLE_TYPES, COMPRESS_THRESHOLD, ProdServerOptions, importServerEntryModule, mergeResponseHeaders, mergeWebResponse, negotiateEncoding, nodeToWebRequest, resolveAppRouterAssetPath, resolveAppRouterPrerenderSeeder, resolveRequestHost as resolveHost, resolveServerEntryImportUrl, sendCompressed, sendWebResponse, startProdServer, trustProxy, trustedHosts, tryServeStatic };
+export { COMPRESSIBLE_TYPES, COMPRESS_THRESHOLD, ProdServerOptions, importServerEntryModule, mergeResponseHeaders, mergeWebResponse, negotiateEncoding, nodeToWebRequest, readNodeStream, resolveAppRouterAssetPath, resolveAppRouterPrerenderSeeder, resolveRequestHost as resolveHost, resolveServerEntryImportUrl, sendCompressed, sendWebResponse, startProdServer, trustProxy, trustedHosts, tryServeStatic };

package/dist/server/prod-server.js

@@ -3,7 +3,8 @@ import { hasBasePath, stripBasePath } from "../utils/base-path.js";
 import { VINEXT_PRERENDER_ROUTE_PARAMS_HEADER, VINEXT_PRERENDER_SECRET_HEADER, VINEXT_STATIC_FILE_HEADER } from "./headers.js";
 import { normalizePath } from "./normalize-path.js";
 import { notFoundResponse } from "./http-error-responses.js";
-import { filterInternalHeaders, isOpenRedirectShaped } from "./request-pipeline.js";
+import { isOpenRedirectShaped } from "./open-redirect.js";
+import { filterInternalHeaders } from "./request-pipeline.js";
 import { isUnknownRecord } from "../utils/record.js";
 import { resolveRequestHost, resolveRequestProtocol, trustProxy, trustedHosts } from "./proxy-trust.js";
 import { DEFAULT_DEVICE_SIZES, DEFAULT_IMAGE_SIZES, isImageOptimizationPath, isSafeImageContentType, parseImageParams } from "./image-optimization.js";
@@ -109,11 +110,42 @@ async function importServerEntryModule(entryPath) {
 }
 /** Convert a Node.js IncomingMessage into a ReadableStream for Web Request body. */
 function readNodeStream(req) {
-	return new ReadableStream({ start(controller) {
-		req.on("data", (chunk) => controller.enqueue(new Uint8Array(chunk)));
-		req.on("end", () => controller.close());
-		req.on("error", (err) => controller.error(err));
-	} });
+	let cancelled = false;
+	let cleanup = () => {};
+	return new ReadableStream({
+		start(controller) {
+			cleanup = () => {
+				req.off("data", onData);
+				req.off("end", onEnd);
+				req.off("error", onError);
+			};
+			const onData = (chunk) => {
+				if (cancelled) return;
+				controller.enqueue(new Uint8Array(chunk));
+				if ((controller.desiredSize ?? 0) <= 0) req.pause();
+			};
+			const onEnd = () => {
+				cleanup();
+				if (!cancelled) controller.close();
+			};
+			const onError = (error) => {
+				cleanup();
+				if (!cancelled) controller.error(error);
+			};
+			req.on("data", onData);
+			req.on("end", onEnd);
+			req.on("error", onError);
+			req.pause();
+		},
+		pull() {
+			if (!cancelled) req.resume();
+		},
+		cancel() {
+			cancelled = true;
+			cleanup();
+			req.resume();
+		}
+	});
 }
 /** Content types that benefit from compression. */
 const COMPRESSIBLE_TYPES = new Set([
@@ -514,7 +546,7 @@ function nodeToWebRequest(req, urlOverride, prerenderSecret) {
 		headers
 	};
 	if (hasBody) {
-		init.body = Readable.toWeb(req);
+		init.body = readNodeStream(req);
 		init.duplex = "half";
 	}
 	return new Request(url, init);
@@ -1008,7 +1040,7 @@ async function startPagesRouterServer(options) {
 			const protocol = resolveRequestProtocol(req);
 			const hostHeader = resolveRequestHost(req, `${host}:${port}`);
 			const rawReqHeaders = nodeHeadersToWebHeaders(req.headers);
-			const isDataRequest = rawReqHeaders.get("x-nextjs-data") === "1";
+			const isDataRequest = isDataReq;
 			const reqHeaders = filterInternalHeaders(rawReqHeaders);
 			const method = req.method ?? "GET";
 			const hasBody = method !== "GET" && method !== "HEAD";
@@ -1036,8 +1068,8 @@ async function startPagesRouterServer(options) {
 					originalUrl: originalRenderUrl
 				}) : null,
 				handleApi: typeof handleApi === "function" ? (request, apiUrl) => handleApi(request, apiUrl, createNodeExecutionContext()) : null,
-				serveStaticFile: async (requestPathname, stagedHeaders) => {
-					if (requestPathname === "/" || requestPathname.startsWith("/api/") || requestPathname.startsWith(`/_next/static/`)) return false;
+				serveFilesystemRoute: async (requestPathname, stagedHeaders, phase) => {
+					if (req.method !== "GET" && req.method !== "HEAD" || requestPathname === "/" || requestPathname === "/api" || requestPathname.startsWith("/api/") || phase === "direct" && requestPathname.startsWith(`/_next/static/`)) return false;
 					return tryServeStatic(req, res, clientDir, requestPathname, compress, staticCache, stagedHeaders);
 				}
 			});
@@ -1088,4 +1120,4 @@ async function startPagesRouterServer(options) {
 	};
 }
 //#endregion
-export { COMPRESSIBLE_TYPES, COMPRESS_THRESHOLD, importServerEntryModule, mergeResponseHeaders, mergeWebResponse, negotiateEncoding, nodeToWebRequest, resolveAppRouterAssetPath, resolveAppRouterPrerenderSeeder, resolveRequestHost as resolveHost, resolveServerEntryImportUrl, sendCompressed, sendWebResponse, startProdServer, trustProxy, trustedHosts, tryServeStatic };
+export { COMPRESSIBLE_TYPES, COMPRESS_THRESHOLD, importServerEntryModule, mergeResponseHeaders, mergeWebResponse, negotiateEncoding, nodeToWebRequest, readNodeStream, resolveAppRouterAssetPath, resolveAppRouterPrerenderSeeder, resolveRequestHost as resolveHost, resolveServerEntryImportUrl, sendCompressed, sendWebResponse, startProdServer, trustProxy, trustedHosts, tryServeStatic };

package/dist/server/request-pipeline.d.ts

@@ -1,6 +1,7 @@
 import { NextHeader } from "../config/next-config.js";
 import { BasePathMatchState, RequestContext } from "../config/config-matchers.js";
 import { INTERNAL_HEADERS, VINEXT_INTERNAL_HEADERS } from "./headers.js";
+import { isOpenRedirectShaped } from "./open-redirect.js";
 import { hasBasePath, stripBasePath } from "../utils/base-path.js";
 
 //#region src/server/request-pipeline.d.ts
@@ -42,30 +43,6 @@ import { hasBasePath, stripBasePath } from "../utils/base-path.js";
  * @returns A 404 Response if the path is protocol-relative, or null to continue
  */
 declare function guardProtocolRelativeUrl(rawPathname: string): Response | null;
-/**
- * Returns true if a request pathname looks like a protocol-relative open
- * redirect, in either literal or percent-encoded form.
- *
- * Exported for call sites that need to replicate the guard inline (Pages
- * Router worker codegen, Node production server) and for defense-in-depth
- * checks inside redirect emitters.
- *
- * A pathname is considered "open redirect shaped" when its first segment,
- * after decoding backslashes and encoded delimiters, would cause a browser
- * to resolve a `Location` containing the pathname as protocol-relative:
- *
- *   - literal   `//evil.com`
- *   - literal   `/\evil.com`             (browsers normalize `\` to `/`)
- *   - encoded   `/%5Cevil.com`           (`%5C` decodes to `\` in Location)
- *   - encoded   `/%2F/evil.com`          (`%2F` decodes to `/` → `//`)
- *   - mixed     `/%5C%2F`, `/%5C%5C`     (and other combinations)
- *
- * We explicitly do not require a valid percent sequence elsewhere in the
- * pathname — we only examine the leading bytes (up to the second real or
- * encoded delimiter) so malformed suffixes can still reach the normal
- * "400 Bad Request" decode path instead of being masked as "404".
- */
-declare function isOpenRedirectShaped(rawPathname: string): boolean;
 type HeaderRecord = Record<string, string | string[]>;
 type ApplyConfigHeadersOptions = {
   configHeaders: NextHeader[];

package/dist/server/request-pipeline.js

@@ -2,6 +2,7 @@ import { hasBasePath, removeTrailingSlash, stripBasePath } from "../utils/base-p
 import { INTERNAL_HEADERS, VINEXT_INTERNAL_HEADERS, VINEXT_STATIC_FILE_HEADER } from "./headers.js";
 import { matchHeaders } from "../config/config-matchers.js";
 import { forbiddenResponse, notFoundResponse } from "./http-error-responses.js";
+import { isOpenRedirectShaped } from "./open-redirect.js";
 //#region src/server/request-pipeline.ts
 /**
 * Shared request pipeline utilities.
@@ -44,39 +45,6 @@ function guardProtocolRelativeUrl(rawPathname) {
 	if (isOpenRedirectShaped(rawPathname)) return notFoundResponse();
 	return null;
 }
-/**
-* Returns true if a request pathname looks like a protocol-relative open
-* redirect, in either literal or percent-encoded form.
-*
-* Exported for call sites that need to replicate the guard inline (Pages
-* Router worker codegen, Node production server) and for defense-in-depth
-* checks inside redirect emitters.
-*
-* A pathname is considered "open redirect shaped" when its first segment,
-* after decoding backslashes and encoded delimiters, would cause a browser
-* to resolve a `Location` containing the pathname as protocol-relative:
-*
-*   - literal   `//evil.com`
-*   - literal   `/\evil.com`             (browsers normalize `\` to `/`)
-*   - encoded   `/%5Cevil.com`           (`%5C` decodes to `\` in Location)
-*   - encoded   `/%2F/evil.com`          (`%2F` decodes to `/` → `//`)
-*   - mixed     `/%5C%2F`, `/%5C%5C`     (and other combinations)
-*
-* We explicitly do not require a valid percent sequence elsewhere in the
-* pathname — we only examine the leading bytes (up to the second real or
-* encoded delimiter) so malformed suffixes can still reach the normal
-* "400 Bad Request" decode path instead of being masked as "404".
-*/
-function isOpenRedirectShaped(rawPathname) {
-	if (!rawPathname.startsWith("/")) return false;
-	const afterSlash = rawPathname.slice(1);
-	if (afterSlash.startsWith("/") || afterSlash.startsWith("\\")) return true;
-	if (afterSlash.length >= 3 && afterSlash[0] === "%") {
-		const encoded = afterSlash.slice(0, 3).toLowerCase();
-		if (encoded === "%5c" || encoded === "%2f") return true;
-	}
-	return false;
-}
 const FILE_LIKE_PATHNAME_RE = /\.[^/]+\/?$/;
 function isWellKnownPathname(pathname) {
 	return pathname === "/.well-known" || pathname.startsWith("/.well-known/");

package/dist/server/seed-cache.d.ts

@@ -1,4 +1,4 @@
-import { CachedAppPageValue } from "../shims/cache.js";
+import { CachedAppPageValue } from "../shims/cache-handler.js";
 
 //#region src/server/seed-cache.d.ts
 type PrerenderCacheSeedMetadata = {

package/dist/server/static-file-cache.js

@@ -1,5 +1,5 @@
 import { normalizePathSeparators } from "../utils/path.js";
-import "../utils/asset-prefix.js";
+import { ASSET_PREFIX_URL_DIR } from "../utils/asset-prefix.js";
 import path from "node:path";
 import fs from "node:fs/promises";
 //#region src/server/static-file-cache.ts
@@ -23,6 +23,7 @@ const CONTENT_TYPES = {
 	".css": "text/css",
 	".html": "text/html",
 	".json": "application/json",
+	".txt": "text/plain; charset=utf-8",
 	".png": "image/png",
 	".jpg": "image/jpeg",
 	".jpeg": "image/jpeg",
@@ -165,9 +166,20 @@ var StaticFileCache = class StaticFileCache {
 function etagFromFilenameHash(relativePath, ext) {
 	const basename = path.basename(relativePath, ext);
 	const lastDash = basename.lastIndexOf("-");
-	if (lastDash === -1 || lastDash === basename.length - 1) return null;
-	const suffix = basename.slice(lastDash + 1);
-	return suffix.length >= 6 && suffix.length <= 12 && /^[A-Za-z0-9_-]+$/.test(suffix) ? `W/"${suffix}"` : null;
+	if (lastDash !== -1 && lastDash !== basename.length - 1) {
+		const suffix = basename.slice(lastDash + 1);
+		if (suffix.length >= 6 && suffix.length <= 12 && /^[A-Za-z0-9_-]+$/.test(suffix)) return `W/"${suffix}"`;
+	}
+	const normalizedPath = normalizePathSeparators(relativePath);
+	const managedMediaSegment = `${ASSET_PREFIX_URL_DIR}/media/`;
+	if (normalizedPath.startsWith(managedMediaSegment) || normalizedPath.includes(`/${managedMediaSegment}`)) {
+		const lastDot = basename.lastIndexOf(".");
+		if (lastDot !== -1) {
+			const suffix = basename.slice(lastDot + 1);
+			if (/^[0-9a-f]{8}$/.test(suffix)) return `W/"${suffix}"`;
+		}
+	}
+	return null;
 }
 function buildVariant(info, baseHeaders, encoding) {
 	return {

package/dist/shims/before-interactive-context.d.ts

@@ -2,17 +2,28 @@ import React from "react";
 
 //#region src/shims/before-interactive-context.d.ts
 /**
- * Inline `<Script strategy="beforeInteractive">` content captured during SSR.
+ * A `<Script strategy="beforeInteractive">` captured during SSR.
  *
  * The Script shim hands these records to the SSR pipeline through
  * `BeforeInteractiveContext` instead of rendering the `<script>` tag inline.
  * The pipeline then emits the captured tag immediately after `<head>` opens,
  * so the script runs before any React-hoisted stylesheets or modulepreload
  * links. Matches the standard no-flash dark-mode pattern.
+ *
+ * Both inline (`children`/`dangerouslySetInnerHTML`) and external (`src`)
+ * beforeInteractive scripts flow through here, mirroring Next.js which registers
+ * inline and src beforeInteractive scripts equally in the App Router runtime
+ * (`(self.__next_s=...).push(...)`). An entry has `src` set for external
+ * scripts and `innerHTML` set for inline scripts (never both).
  */
 type BeforeInteractiveInlineScript = {
-  /** Optional id attribute. */id?: string; /** Pre-escaped inline content (already passed through `escapeInlineContent`). */
-  innerHTML: string; /** Nonce to emit on the `<script>` tag, when CSP is enabled. */
+  /** Optional id attribute. */id?: string; /** External script URL. Set for src beforeInteractive scripts. */
+  src?: string;
+  /**
+   * Pre-escaped inline content (already passed through `escapeInlineContent`).
+   * Set for inline beforeInteractive scripts; omitted for src scripts.
+   */
+  innerHTML?: string; /** Nonce to emit on the `<script>` tag, when CSP is enabled. */
   nonce?: string;
   /**
    * Additional HTML attributes to emit on the tag. Booleans render as the

package/dist/shims/cache-handler.d.ts

@@ -0,0 +1,106 @@
+import { RenderObservation } from "../server/cache-proof.js";
+
+//#region src/shims/cache-handler.d.ts
+type CacheHandlerValue = {
+  lastModified: number;
+  age?: number;
+  cacheState?: string;
+  cacheControl?: CacheControlMetadata;
+  value: IncrementalCacheValue | null;
+};
+type CacheControlMetadata = {
+  revalidate: number;
+  expire?: number;
+};
+type IncrementalCacheValue = CachedFetchValue | CachedAppPageValue | CachedPagesValue | CachedRouteValue | CachedRedirectValue | CachedImageValue;
+type CachedFetchValue = {
+  kind: "FETCH";
+  data: {
+    headers: Record<string, string>;
+    body: string;
+    url: string;
+    status?: number;
+  };
+  tags?: string[];
+  revalidate: number | false;
+};
+type CachedAppPageValue = {
+  kind: "APP_PAGE";
+  html: string;
+  rscData: ArrayBuffer | undefined;
+  headers: Record<string, string | string[]> | undefined;
+  postponed: string | undefined;
+  renderObservation?: RenderObservation;
+  status: number | undefined;
+};
+type CachedPagesValue = {
+  kind: "PAGES";
+  html: string;
+  pageData: object;
+  generatedFromDataRequest?: boolean;
+  headers: Record<string, string | string[]> | undefined;
+  status: number | undefined;
+};
+type CachedRouteValue = {
+  kind: "APP_ROUTE";
+  body: ArrayBuffer;
+  status: number;
+  headers: Record<string, string | string[]>;
+};
+type CachedRedirectValue = {
+  kind: "REDIRECT";
+  props: object;
+};
+type CachedImageValue = {
+  kind: "IMAGE";
+  etag: string;
+  buffer: ArrayBuffer;
+  extension: string;
+  revalidate?: number;
+};
+type CacheHandlerContext = {
+  dev?: boolean;
+  maxMemoryCacheSize?: number;
+  revalidatedTags?: string[];
+  [key: string]: unknown;
+};
+type CacheHandler = {
+  get(key: string, ctx?: Record<string, unknown>): Promise<CacheHandlerValue | null>;
+  set(key: string, data: IncrementalCacheValue | null, ctx?: Record<string, unknown>): Promise<void>;
+  revalidateTag(tags: string | string[], durations?: {
+    expire?: number;
+  }): Promise<void>;
+  resetRequestCache?(): void;
+};
+declare class NoOpCacheHandler implements CacheHandler {
+  get(_key: string, _ctx?: Record<string, unknown>): Promise<CacheHandlerValue | null>;
+  set(_key: string, _data: IncrementalCacheValue | null, _ctx?: Record<string, unknown>): Promise<void>;
+  revalidateTag(_tags: string | string[], _durations?: {
+    expire?: number;
+  }): Promise<void>;
+}
+type MemoryCacheHandlerOptions = Pick<CacheHandlerContext, "maxMemoryCacheSize"> & {
+  cacheMaxMemorySize?: number;
+};
+declare class MemoryCacheHandler implements CacheHandler {
+  private store;
+  private tagRevalidatedAt;
+  private readonly maxMemoryCacheSize;
+  private currentMemoryCacheSize;
+  constructor(options?: number | MemoryCacheHandlerOptions);
+  private estimateEntrySize;
+  private deleteEntry;
+  private touchEntry;
+  private evictLeastRecentlyUsed;
+  get(key: string, ctx?: Record<string, unknown>): Promise<CacheHandlerValue | null>;
+  set(key: string, data: IncrementalCacheValue | null, ctx?: Record<string, unknown>): Promise<void>;
+  revalidateTag(tags: string | string[]): Promise<void>;
+  resetRequestCache(): void;
+}
+declare function configureMemoryCacheHandler(options?: MemoryCacheHandlerOptions): void;
+declare function setDataCacheHandler(handler: CacheHandler): void;
+declare function getDataCacheHandler(): CacheHandler;
+declare function setCacheHandler(handler: CacheHandler): void;
+declare function getCacheHandler(): CacheHandler;
+//#endregion
+export { CacheControlMetadata, CacheHandler, CacheHandlerContext, CacheHandlerValue, CachedAppPageValue, CachedFetchValue, CachedImageValue, CachedPagesValue, CachedRedirectValue, CachedRouteValue, IncrementalCacheValue, MemoryCacheHandler, NoOpCacheHandler, configureMemoryCacheHandler, getCacheHandler, getDataCacheHandler, setCacheHandler, setDataCacheHandler };