xypriss 2.3.3 → 2.3.5

package/dist/cjs/src/server/utils/trustProxy.js

@@ -0,0 +1,446 @@
+'use strict';
+
+var net = require('net');
+
+/**
+ * Advanced Trust Proxy Implementation for XyPriss
+ *
+ * Supports Express-like trust proxy configurations including:
+ * - Boolean values (true/false)
+ * - String values ('loopback', 'linklocal', 'uniquelocal')
+ * - CIDR notation ('192.168.0.0/16')
+ * - IP addresses ('127.0.0.1')
+ * - Arrays of the above
+ * - Custom functions
+ */
+/**
+ * Predefined network ranges
+ */
+const PREDEFINED_RANGES = {
+    loopback: ["127.0.0.0/8", "::1/128"],
+    linklocal: ["169.254.0.0/16", "fe80::/10"],
+    uniquelocal: ["10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "fc00::/7"],
+};
+class TrustProxy {
+    constructor(config) {
+        this.trustProxyFn = this.createTrustProxyFunction(config);
+    }
+    /**
+     * Validate and normalize IP address string
+     */
+    normalizeIP(ip) {
+        if (!ip || typeof ip !== "string")
+            return null;
+        const trimmed = ip.trim();
+        if (!trimmed)
+            return null;
+        // Handle IPv4-mapped IPv6 addresses (::ffff:192.168.1.1)
+        if (trimmed.startsWith("::ffff:") && trimmed.includes(".")) {
+            const ipv4Part = trimmed.substring(7);
+            if (net.isIP(ipv4Part) === 4) {
+                return ipv4Part;
+            }
+        }
+        // Validate it's a proper IP
+        const ipVersion = net.isIP(trimmed);
+        if (ipVersion === 0)
+            return null;
+        return trimmed;
+    }
+    /**
+     * Convert IPv4 address to number for comparison
+     */
+    ipv4ToNumber(ip) {
+        try {
+            const parts = ip.split(".");
+            if (parts.length !== 4)
+                return null;
+            const nums = parts.map((p) => {
+                const num = parseInt(p, 10);
+                if (isNaN(num) || num < 0 || num > 255)
+                    throw new Error("Invalid octet");
+                return num;
+            });
+            return (nums[0] << 24) + (nums[1] << 16) + (nums[2] << 8) + nums[3];
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Check if IPv4 address is in CIDR range
+     */
+    isIPv4InCIDR(ip, cidr) {
+        try {
+            const parts = cidr.split("/");
+            if (parts.length !== 2)
+                return false;
+            const [network, prefixLength] = parts;
+            const prefixLen = parseInt(prefixLength, 10);
+            if (isNaN(prefixLen) || prefixLen < 0 || prefixLen > 32)
+                return false;
+            const ipNum = this.ipv4ToNumber(ip);
+            const networkNum = this.ipv4ToNumber(network);
+            if (ipNum === null || networkNum === null)
+                return false;
+            // Handle edge cases
+            if (prefixLen === 0)
+                return true; // 0.0.0.0/0 matches everything
+            if (prefixLen === 32)
+                return ipNum === networkNum; // Exact match
+            const mask = (0xffffffff << (32 - prefixLen)) >>> 0;
+            return (ipNum & mask) === (networkNum & mask);
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Expand IPv6 address to full form
+     */
+    expandIPv6(ip) {
+        try {
+            if (!ip.includes(":"))
+                return null;
+            // Handle :: compression
+            if (ip.includes("::")) {
+                const parts = ip.split("::");
+                if (parts.length > 2)
+                    return null; // Invalid: multiple ::
+                const left = parts[0] ? parts[0].split(":") : [];
+                const right = parts[1] ? parts[1].split(":") : [];
+                const missing = 8 - left.length - right.length;
+                if (missing < 0)
+                    return null; // Too many parts
+                const middle = Array(missing).fill("0000");
+                const allParts = [...left, ...middle, ...right];
+                // Pad each part to 4 hex digits
+                return allParts.map((p) => p.padStart(4, "0")).join(":");
+            }
+            // No compression
+            const parts = ip.split(":");
+            if (parts.length !== 8)
+                return null;
+            return parts.map((p) => p.padStart(4, "0")).join(":");
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Convert IPv6 address to BigInt for comparison
+     */
+    ipv6ToBigInt(ip) {
+        try {
+            const expanded = this.expandIPv6(ip);
+            if (!expanded)
+                return null;
+            const parts = expanded.split(":");
+            if (parts.length !== 8)
+                return null;
+            let result = 0n;
+            for (let i = 0; i < 8; i++) {
+                const val = parseInt(parts[i], 16);
+                if (isNaN(val) || val < 0 || val > 0xffff)
+                    return null;
+                result = (result << 16n) + BigInt(val);
+            }
+            return result;
+        }
+        catch {
+            return null;
+        }
+    }
+    /**
+     * Check if IPv6 address is in CIDR range
+     */
+    isIPv6InCIDR(ip, cidr) {
+        try {
+            const parts = cidr.split("/");
+            if (parts.length !== 2)
+                return false;
+            const [network, prefixLength] = parts;
+            const prefixLen = parseInt(prefixLength, 10);
+            if (isNaN(prefixLen) || prefixLen < 0 || prefixLen > 128)
+                return false;
+            const ipNum = this.ipv6ToBigInt(ip);
+            const networkNum = this.ipv6ToBigInt(network);
+            if (ipNum === null || networkNum === null)
+                return false;
+            // Handle edge cases
+            if (prefixLen === 0)
+                return true; // ::/0 matches everything
+            if (prefixLen === 128)
+                return ipNum === networkNum; // Exact match
+            const mask = (BigInt(2) ** BigInt(128) - BigInt(1)) <<
+                BigInt(128 - prefixLen);
+            return (ipNum & mask) === (networkNum & mask);
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Check if IP address is in CIDR range
+     */
+    isIPInCIDR(ip, cidr) {
+        if (!ip || !cidr)
+            return false;
+        const ipVersion = net.isIP(ip);
+        if (ipVersion === 0)
+            return false;
+        // Determine CIDR type
+        const isCIDRv4 = cidr.includes(".") && cidr.includes("/");
+        const isCIDRv6 = cidr.includes(":") && cidr.includes("/");
+        if (ipVersion === 4 && isCIDRv4) {
+            return this.isIPv4InCIDR(ip, cidr);
+        }
+        else if (ipVersion === 6 && isCIDRv6) {
+            return this.isIPv6InCIDR(ip, cidr);
+        }
+        return false;
+    }
+    /**
+     * Check if IP matches a single trust proxy rule
+     */
+    matchesTrustRule(ip, rule) {
+        if (!ip || !rule)
+            return false;
+        try {
+            // Handle predefined ranges
+            if (rule in PREDEFINED_RANGES) {
+                const ranges = PREDEFINED_RANGES[rule];
+                return ranges.some((range) => this.isIPInCIDR(ip, range));
+            }
+            // Handle CIDR notation
+            if (rule.includes("/")) {
+                return this.isIPInCIDR(ip, rule);
+            }
+            // Handle exact IP match (normalize both for comparison)
+            const normalizedIP = this.normalizeIP(ip);
+            const normalizedRule = this.normalizeIP(rule);
+            if (!normalizedIP || !normalizedRule)
+                return false;
+            return normalizedIP === normalizedRule;
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Create a trust proxy function from configuration
+     */
+    createTrustProxyFunction(config) {
+        // Handle boolean values
+        if (typeof config === "boolean") {
+            return () => config;
+        }
+        // Handle number values (trust first N hops)
+        if (typeof config === "number") {
+            if (!Number.isInteger(config) || config < 0) {
+                throw new Error("Trust proxy number must be a non-negative integer");
+            }
+            return (_ip, hopIndex) => hopIndex < config;
+        }
+        // Handle function values
+        if (typeof config === "function") {
+            return (ip, hopIndex) => {
+                try {
+                    return Boolean(config(ip, hopIndex));
+                }
+                catch {
+                    return false; // Safe default on function error
+                }
+            };
+        }
+        // Handle string values
+        if (typeof config === "string") {
+            const trimmed = config.trim();
+            if (!trimmed)
+                return () => false;
+            return (ip) => this.matchesTrustRule(ip, trimmed);
+        }
+        // Handle array values
+        if (Array.isArray(config)) {
+            const validRules = config.filter((rule) => typeof rule === "string" && rule.trim());
+            if (validRules.length === 0)
+                return () => false;
+            return (ip) => validRules.some((rule) => this.matchesTrustRule(ip, rule));
+        }
+        // Default: don't trust
+        return () => false;
+    }
+    /**
+     * Safely parse X-Forwarded-For header
+     */
+    parseForwardedFor(header) {
+        if (!header)
+            return [];
+        // Handle array form (shouldn't happen but be defensive)
+        const headerStr = Array.isArray(header) ? header.join(",") : header;
+        if (typeof headerStr !== "string")
+            return [];
+        return headerStr
+            .split(",")
+            .map((ip) => this.normalizeIP(ip))
+            .filter((ip) => ip !== null);
+    }
+    /**
+     * Get remote address with fallback
+     */
+    getRemoteAddress(req) {
+        const remoteAddr = req.socket?.remoteAddress;
+        if (!remoteAddr)
+            return "127.0.0.1";
+        const normalized = this.normalizeIP(remoteAddr);
+        return normalized || "127.0.0.1";
+    }
+    /**
+     * Extract client IP considering trust proxy configuration
+     */
+    extractClientIP(req) {
+        try {
+            const forwardedFor = req.headers["x-forwarded-for"];
+            const ips = this.parseForwardedFor(forwardedFor);
+            if (ips.length === 0) {
+                // No forwarded headers, return direct connection IP
+                return this.getRemoteAddress(req);
+            }
+            // Start from the rightmost IP (closest to server) and work backwards
+            const directIP = this.getRemoteAddress(req);
+            let trustedIP = directIP;
+            // Process IPs from right to left (closest to server first)
+            for (let i = ips.length - 1; i >= 0; i--) {
+                const hopIndex = ips.length - 1 - i;
+                const currentIP = ips[i];
+                // Check if we trust this hop
+                if (this.trustProxyFn(trustedIP, hopIndex)) {
+                    trustedIP = currentIP;
+                }
+                else {
+                    // Stop at first untrusted hop
+                    break;
+                }
+            }
+            return trustedIP;
+        }
+        catch {
+            // On any error, return the direct connection IP as safe default
+            return this.getRemoteAddress(req);
+        }
+    }
+    /**
+     * Extract all IPs in the proxy chain
+     */
+    extractProxyChain(req) {
+        try {
+            const forwardedFor = req.headers["x-forwarded-for"];
+            const ips = this.parseForwardedFor(forwardedFor);
+            const directIP = this.getRemoteAddress(req);
+            if (ips.length === 0) {
+                return [directIP];
+            }
+            const trustedIPs = [directIP];
+            // Process IPs from right to left
+            for (let i = ips.length - 1; i >= 0; i--) {
+                const hopIndex = ips.length - 1 - i;
+                const currentIP = ips[i];
+                const previousIP = trustedIPs[trustedIPs.length - 1];
+                if (this.trustProxyFn(previousIP, hopIndex)) {
+                    trustedIPs.push(currentIP);
+                }
+                else {
+                    break;
+                }
+            }
+            return trustedIPs.reverse(); // Return in client -> server order
+        }
+        catch {
+            return [this.getRemoteAddress(req)];
+        }
+    }
+    /**
+     * Determine if connection is secure based on trust proxy
+     */
+    isSecureConnection(req) {
+        try {
+            // Check if we have a direct TLS connection
+            const socket = req.socket;
+            if (socket?.encrypted === true) {
+                return true;
+            }
+            // Check X-Forwarded-Proto header if we trust the proxy
+            const forwardedProto = req.headers["x-forwarded-proto"];
+            if (!forwardedProto)
+                return false;
+            const directIP = this.getRemoteAddress(req);
+            if (!this.trustProxyFn(directIP, 0))
+                return false;
+            // Handle both string and array forms
+            const protoStr = Array.isArray(forwardedProto)
+                ? forwardedProto[0]
+                : forwardedProto;
+            if (typeof protoStr !== "string")
+                return false;
+            // Take first value if comma-separated
+            const proto = protoStr.split(",")[0].trim().toLowerCase();
+            return proto === "https";
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Get protocol considering trust proxy
+     */
+    getProtocol(req) {
+        return this.isSecureConnection(req) ? "https" : "http";
+    }
+    /**
+     * Get hostname considering trust proxy
+     */
+    getHostname(req) {
+        try {
+            const directIP = this.getRemoteAddress(req);
+            // Check X-Forwarded-Host if we trust the proxy
+            const forwardedHost = req.headers["x-forwarded-host"];
+            if (forwardedHost && this.trustProxyFn(directIP, 0)) {
+                const hostStr = Array.isArray(forwardedHost)
+                    ? forwardedHost[0]
+                    : forwardedHost;
+                if (typeof hostStr === "string" && hostStr.trim()) {
+                    // Take first host if comma-separated, remove port
+                    const hostname = hostStr.split(",")[0].trim().split(":")[0];
+                    if (hostname)
+                        return hostname;
+                }
+            }
+            // Fallback to Host header
+            const host = req.headers.host;
+            if (host && typeof host === "string") {
+                const hostname = host.split(":")[0];
+                if (hostname)
+                    return hostname;
+            }
+            return "localhost";
+        }
+        catch {
+            return "localhost";
+        }
+    }
+    /**
+     * Validate trust proxy configuration
+     */
+    static validate(config) {
+        try {
+            new TrustProxy(config);
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+}
+
+exports.TrustProxy = TrustProxy;
+//# sourceMappingURL=trustProxy.js.map

package/dist/cjs/src/server/utils/trustProxy.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"trustProxy.js","sources":["../../../../../src/server/utils/trustProxy.ts"],"sourcesContent":[null],"names":["isIP"],"mappings":";;;;AAAA;;;;;;;;;;AAUG;AAYH;;AAEG;AACH,MAAM,iBAAiB,GAAG;AACtB,IAAA,QAAQ,EAAE,CAAC,aAAa,EAAE,SAAS,CAAC;AACpC,IAAA,SAAS,EAAE,CAAC,gBAAgB,EAAE,WAAW,CAAC;IAC1C,WAAW,EAAE,CAAC,YAAY,EAAE,eAAe,EAAE,gBAAgB,EAAE,UAAU,CAAC;CACpE,CAAC;MAEE,UAAU,CAAA;AAGnB,IAAA,WAAA,CAAY,MAAuB,EAAA;QAC/B,IAAI,CAAC,YAAY,GAAG,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC;KAC7D;AAED;;AAEG;AACK,IAAA,WAAW,CAAC,EAAU,EAAA;AAC1B,QAAA,IAAI,CAAC,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ;AAAE,YAAA,OAAO,IAAI,CAAC;AAE/C,QAAA,MAAM,OAAO,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC;AAC1B,QAAA,IAAI,CAAC,OAAO;AAAE,YAAA,OAAO,IAAI,CAAC;;AAG1B,QAAA,IAAI,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;YACxD,MAAM,QAAQ,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;AACtC,YAAA,IAAIA,QAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE;AACtB,gBAAA,OAAO,QAAQ,CAAC;aACnB;SACJ;;AAGD,QAAA,MAAM,SAAS,GAAGA,QAAI,CAAC,OAAO,CAAC,CAAC;QAChC,IAAI,SAAS,KAAK,CAAC;AAAE,YAAA,OAAO,IAAI,CAAC;AAEjC,QAAA,OAAO,OAAO,CAAC;KAClB;AAED;;AAEG;AACK,IAAA,YAAY,CAAC,EAAU,EAAA;AAC3B,QAAA,IAAI;YACA,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC5B,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,IAAI,CAAC;YAEpC,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,KAAI;gBACzB,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC5B,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,GAAG,GAAG,GAAG;AAClC,oBAAA,MAAM,IAAI,KAAK,CAAC,eAAe,CAAC,CAAC;AACrC,gBAAA,OAAO,GAAG,CAAC;AACf,aAAC,CAAC,CAAC;AAEH,YAAA,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;SACvE;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,IAAI,CAAC;SACf;KACJ;AAED;;AAEG;IACK,YAAY,CAAC,EAAU,EAAE,IAAY,EAAA;AACzC,QAAA,IAAI;YACA,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC9B,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,KAAK,CAAC;AAErC,YAAA,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,KAAK,CAAC;YACtC,MAAM,SAAS,GAAG,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;YAE7C,IAAI,KAAK,CAAC,SAAS,CAAC,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,EAAE;AACnD,gBAAA,OAAO,KAAK,CAAC;YAEjB,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;YACpC,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;AAE9C,YAAA,IAAI,KAAK,KAAK,IAAI,IAAI,UAAU,KAAK,IAAI;AAAE,gBAAA,OAAO,KAAK,CAAC;;YAGxD,IAAI,SAAS,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;YACjC,IAAI,SAAS,KAAK,EAAE;AAAE,gBAAA,OAAO,KAAK,KAAK,UAAU,CAAC;AAElD,YAAA,MAAM,IAAI,GAAG,CAAC,UAAU,KAAK,EAAE,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;YAEpD,OAAO,CAAC,KAAK,GAAG,IAAI,OAAO,UAAU,GAAG,IAAI,CAAC,CAAC;SACjD;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,KAAK,CAAC;SAChB;KACJ;AAED;;AAEG;AACK,IAAA,UAAU,CAAC,EAAU,EAAA;AACzB,QAAA,IAAI;AACA,YAAA,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC;AAAE,gBAAA,OAAO,IAAI,CAAC;;AAGnC,YAAA,IAAI,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE;gBACnB,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AAC7B,gBAAA,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;oBAAE,OAAO,IAAI,CAAC;gBAElC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;gBACjD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;gBAClD,MAAM,OAAO,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;gBAE/C,IAAI,OAAO,GAAG,CAAC;oBAAE,OAAO,IAAI,CAAC;gBAE7B,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;AAC3C,gBAAA,MAAM,QAAQ,GAAG,CAAC,GAAG,IAAI,EAAE,GAAG,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC;;gBAGhD,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;aAC5D;;YAGD,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC5B,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,IAAI,CAAC;YAEpC,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;SACzD;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,IAAI,CAAC;SACf;KACJ;AAED;;AAEG;AACK,IAAA,YAAY,CAAC,EAAU,EAAA;AAC3B,QAAA,IAAI;YACA,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;AACrC,YAAA,IAAI,CAAC,QAAQ;AAAE,gBAAA,OAAO,IAAI,CAAC;YAE3B,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAClC,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,IAAI,CAAC;YAEpC,IAAI,MAAM,GAAG,EAAE,CAAC;AAEhB,YAAA,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE;gBACxB,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACnC,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,GAAG,GAAG,MAAM;AAAE,oBAAA,OAAO,IAAI,CAAC;gBACvD,MAAM,GAAG,CAAC,MAAM,IAAI,GAAG,IAAI,MAAM,CAAC,GAAG,CAAC,CAAC;aAC1C;AAED,YAAA,OAAO,MAAM,CAAC;SACjB;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,IAAI,CAAC;SACf;KACJ;AAED;;AAEG;IACK,YAAY,CAAC,EAAU,EAAE,IAAY,EAAA;AACzC,QAAA,IAAI;YACA,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AAC9B,YAAA,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,KAAK,CAAC;AAErC,YAAA,MAAM,CAAC,OAAO,EAAE,YAAY,CAAC,GAAG,KAAK,CAAC;YACtC,MAAM,SAAS,GAAG,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;YAE7C,IAAI,KAAK,CAAC,SAAS,CAAC,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,GAAG;AACpD,gBAAA,OAAO,KAAK,CAAC;YAEjB,MAAM,KAAK,GAAG,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;YACpC,MAAM,UAAU,GAAG,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;AAE9C,YAAA,IAAI,KAAK,KAAK,IAAI,IAAI,UAAU,KAAK,IAAI;AAAE,gBAAA,OAAO,KAAK,CAAC;;YAGxD,IAAI,SAAS,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;YACjC,IAAI,SAAS,KAAK,GAAG;AAAE,gBAAA,OAAO,KAAK,KAAK,UAAU,CAAC;AAEnD,YAAA,MAAM,IAAI,GACN,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;AACrC,gBAAA,MAAM,CAAC,GAAG,GAAG,SAAS,CAAC,CAAC;YAE5B,OAAO,CAAC,KAAK,GAAG,IAAI,OAAO,UAAU,GAAG,IAAI,CAAC,CAAC;SACjD;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,KAAK,CAAC;SAChB;KACJ;AAED;;AAEG;IACK,UAAU,CAAC,EAAU,EAAE,IAAY,EAAA;AACvC,QAAA,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI;AAAE,YAAA,OAAO,KAAK,CAAC;AAE/B,QAAA,MAAM,SAAS,GAAGA,QAAI,CAAC,EAAE,CAAC,CAAC;QAC3B,IAAI,SAAS,KAAK,CAAC;AAAE,YAAA,OAAO,KAAK,CAAC;;AAGlC,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AAC1D,QAAA,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AAE1D,QAAA,IAAI,SAAS,KAAK,CAAC,IAAI,QAAQ,EAAE;YAC7B,OAAO,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;SACtC;AAAM,aAAA,IAAI,SAAS,KAAK,CAAC,IAAI,QAAQ,EAAE;YACpC,OAAO,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;SACtC;AAED,QAAA,OAAO,KAAK,CAAC;KAChB;AAED;;AAEG;IACK,gBAAgB,CAAC,EAAU,EAAE,IAAY,EAAA;AAC7C,QAAA,IAAI,CAAC,EAAE,IAAI,CAAC,IAAI;AAAE,YAAA,OAAO,KAAK,CAAC;AAE/B,QAAA,IAAI;;AAEA,YAAA,IAAI,IAAI,IAAI,iBAAiB,EAAE;AAC3B,gBAAA,MAAM,MAAM,GACR,iBAAiB,CAAC,IAAsC,CAAC,CAAC;AAC9D,gBAAA,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC;aAC7D;;AAGD,YAAA,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;gBACpB,OAAO,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;aACpC;;YAGD,MAAM,YAAY,GAAG,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;YAC1C,MAAM,cAAc,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;AAE9C,YAAA,IAAI,CAAC,YAAY,IAAI,CAAC,cAAc;AAAE,gBAAA,OAAO,KAAK,CAAC;YAEnD,OAAO,YAAY,KAAK,cAAc,CAAC;SAC1C;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,KAAK,CAAC;SAChB;KACJ;AAED;;AAEG;AACK,IAAA,wBAAwB,CAC5B,MAAuB,EAAA;;AAGvB,QAAA,IAAI,OAAO,MAAM,KAAK,SAAS,EAAE;AAC7B,YAAA,OAAO,MAAM,MAAM,CAAC;SACvB;;AAGD,QAAA,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE;AAC5B,YAAA,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC,EAAE;AACzC,gBAAA,MAAM,IAAI,KAAK,CACX,mDAAmD,CACtD,CAAC;aACL;YACD,OAAO,CAAC,GAAW,EAAE,QAAgB,KAAK,QAAQ,GAAG,MAAM,CAAC;SAC/D;;AAGD,QAAA,IAAI,OAAO,MAAM,KAAK,UAAU,EAAE;AAC9B,YAAA,OAAO,CAAC,EAAU,EAAE,QAAgB,KAAI;AACpC,gBAAA,IAAI;oBACA,OAAO,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC,CAAC;iBACxC;AAAC,gBAAA,MAAM;oBACJ,OAAO,KAAK,CAAC;iBAChB;AACL,aAAC,CAAC;SACL;;AAGD,QAAA,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE;AAC5B,YAAA,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC;AAC9B,YAAA,IAAI,CAAC,OAAO;AAAE,gBAAA,OAAO,MAAM,KAAK,CAAC;AACjC,YAAA,OAAO,CAAC,EAAU,KAAK,IAAI,CAAC,gBAAgB,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;SAC7D;;AAGD,QAAA,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE;YACvB,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAC5B,CAAC,IAAI,KAAK,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,IAAI,EAAE,CACpD,CAAC;AACF,YAAA,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC;AAAE,gBAAA,OAAO,MAAM,KAAK,CAAC;YAEhD,OAAO,CAAC,EAAU,KACd,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,gBAAgB,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC,CAAC;SAClE;;AAGD,QAAA,OAAO,MAAM,KAAK,CAAC;KACtB;AAED;;AAEG;AACK,IAAA,iBAAiB,CAAC,MAAqC,EAAA;AAC3D,QAAA,IAAI,CAAC,MAAM;AAAE,YAAA,OAAO,EAAE,CAAC;;QAGvB,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;QAEpE,IAAI,OAAO,SAAS,KAAK,QAAQ;AAAE,YAAA,OAAO,EAAE,CAAC;AAE7C,QAAA,OAAO,SAAS;aACX,KAAK,CAAC,GAAG,CAAC;AACV,aAAA,GAAG,CAAC,CAAC,EAAE,KAAK,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;aACjC,MAAM,CAAC,CAAC,EAAE,KAAmB,EAAE,KAAK,IAAI,CAAC,CAAC;KAClD;AAED;;AAEG;AACK,IAAA,gBAAgB,CAAC,GAAoB,EAAA;AACzC,QAAA,MAAM,UAAU,GAAG,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC;AAC7C,QAAA,IAAI,CAAC,UAAU;AAAE,YAAA,OAAO,WAAW,CAAC;QAEpC,MAAM,UAAU,GAAG,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;QAChD,OAAO,UAAU,IAAI,WAAW,CAAC;KACpC;AAED;;AAEG;AACI,IAAA,eAAe,CAAC,GAAoB,EAAA;AACvC,QAAA,IAAI;YACA,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;YACpD,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,CAAC;AAEjD,YAAA,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;;AAElB,gBAAA,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;aACrC;;YAGD,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,SAAS,GAAG,QAAQ,CAAC;;AAGzB,YAAA,KAAK,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;gBACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,gBAAA,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;;gBAGzB,IAAI,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE;oBACxC,SAAS,GAAG,SAAS,CAAC;iBACzB;qBAAM;;oBAEH,MAAM;iBACT;aACJ;AAED,YAAA,OAAO,SAAS,CAAC;SACpB;AAAC,QAAA,MAAM;;AAEJ,YAAA,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;SACrC;KACJ;AAED;;AAEG;AACI,IAAA,iBAAiB,CAAC,GAAoB,EAAA;AACzC,QAAA,IAAI;YACA,MAAM,YAAY,GAAG,GAAG,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;YACpD,MAAM,GAAG,GAAG,IAAI,CAAC,iBAAiB,CAAC,YAAY,CAAC,CAAC;YACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;AAE5C,YAAA,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE;gBAClB,OAAO,CAAC,QAAQ,CAAC,CAAC;aACrB;AAED,YAAA,MAAM,UAAU,GAAa,CAAC,QAAQ,CAAC,CAAC;;AAGxC,YAAA,KAAK,IAAI,CAAC,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE;gBACtC,MAAM,QAAQ,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;AACpC,gBAAA,MAAM,SAAS,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;gBACzB,MAAM,UAAU,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;gBAErD,IAAI,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,QAAQ,CAAC,EAAE;AACzC,oBAAA,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;iBAC9B;qBAAM;oBACH,MAAM;iBACT;aACJ;AAED,YAAA,OAAO,UAAU,CAAC,OAAO,EAAE,CAAC;SAC/B;AAAC,QAAA,MAAM;YACJ,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC;SACvC;KACJ;AAED;;AAEG;AACI,IAAA,kBAAkB,CAAC,GAAoB,EAAA;AAC1C,QAAA,IAAI;;AAEA,YAAA,MAAM,MAAM,GAAG,GAAG,CAAC,MAAa,CAAC;AACjC,YAAA,IAAI,MAAM,EAAE,SAAS,KAAK,IAAI,EAAE;AAC5B,gBAAA,OAAO,IAAI,CAAC;aACf;;YAGD,MAAM,cAAc,GAAG,GAAG,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;AACxD,YAAA,IAAI,CAAC,cAAc;AAAE,gBAAA,OAAO,KAAK,CAAC;YAElC,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC;AAAE,gBAAA,OAAO,KAAK,CAAC;;AAGlD,YAAA,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC;AAC1C,kBAAE,cAAc,CAAC,CAAC,CAAC;kBACjB,cAAc,CAAC;YACrB,IAAI,OAAO,QAAQ,KAAK,QAAQ;AAAE,gBAAA,OAAO,KAAK,CAAC;;AAG/C,YAAA,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAC1D,OAAO,KAAK,KAAK,OAAO,CAAC;SAC5B;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,KAAK,CAAC;SAChB;KACJ;AAED;;AAEG;AACI,IAAA,WAAW,CAAC,GAAoB,EAAA;AACnC,QAAA,OAAO,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,GAAG,OAAO,GAAG,MAAM,CAAC;KAC1D;AAED;;AAEG;AACI,IAAA,WAAW,CAAC,GAAoB,EAAA;AACnC,QAAA,IAAI;YACA,MAAM,QAAQ,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;;YAG5C,MAAM,aAAa,GAAG,GAAG,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC;YACtD,IAAI,aAAa,IAAI,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,CAAC,EAAE;AACjD,gBAAA,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC;AACxC,sBAAE,aAAa,CAAC,CAAC,CAAC;sBAChB,aAAa,CAAC;gBACpB,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,OAAO,CAAC,IAAI,EAAE,EAAE;;oBAE/C,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AAC5D,oBAAA,IAAI,QAAQ;AAAE,wBAAA,OAAO,QAAQ,CAAC;iBACjC;aACJ;;AAGD,YAAA,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC;AAC9B,YAAA,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE;gBAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;AACpC,gBAAA,IAAI,QAAQ;AAAE,oBAAA,OAAO,QAAQ,CAAC;aACjC;AAED,YAAA,OAAO,WAAW,CAAC;SACtB;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,WAAW,CAAC;SACtB;KACJ;AAED;;AAEG;IACI,OAAO,QAAQ,CAAC,MAAuB,EAAA;AAC1C,QAAA,IAAI;AACA,YAAA,IAAI,UAAU,CAAC,MAAM,CAAC,CAAC;AACvB,YAAA,OAAO,IAAI,CAAC;SACf;AAAC,QAAA,MAAM;AACJ,YAAA,OAAO,KAAK,CAAC;SAChB;KACJ;AACJ;;;;"}

package/dist/cjs/src/server/utils/wildcardMatcher.js

@@ -0,0 +1,92 @@
+'use strict';
+
+/**
+ * Wildcard pattern matching utility for CORS origins
+ *
+ * Supports patterns like:
+ * - "localhost:*" matches "localhost:3000", "localhost:8080", etc.
+ * - "*.example.com" matches "api.example.com", "app.example.com", etc.
+ * - "127.0.0.1:*" matches "127.0.0.1:3000", "127.0.0.1:8080", etc.
+ * - "::1:*" matches "::1:3000", "::1:8080", etc.
+ */
+/**
+ * Converts a wildcard pattern to a regular expression
+ * @param pattern - The wildcard pattern (e.g., "localhost:*", "*.example.com")
+ * @returns RegExp object for matching
+ */
+function patternToRegex(pattern) {
+    // Escape special regex characters except for *
+    const escaped = pattern
+        .replace(/[.+?^${}()|[\]\\]/g, '\\$&') // Escape special chars
+        .replace(/\*/g, '.*'); // Replace * with .*
+    // Ensure exact match with ^ and $
+    return new RegExp(`^${escaped}$`, 'i'); // Case insensitive
+}
+/**
+ * Checks if an origin matches a wildcard pattern
+ * @param origin - The origin to check (e.g., "http://localhost:3000")
+ * @param pattern - The wildcard pattern (e.g., "localhost:*")
+ * @returns true if the origin matches the pattern
+ */
+function matchesWildcardPattern(origin, pattern) {
+    // Handle exact matches first (no wildcards)
+    if (!pattern.includes('*')) {
+        return origin === pattern || origin.includes(pattern);
+    }
+    // Extract the host:port part from the origin URL
+    let originHost;
+    try {
+        const url = new URL(origin);
+        originHost = url.host; // This includes both hostname and port
+        // Special handling for default ports
+        if (url.protocol === 'https:' && url.port === '' && url.hostname === 'localhost') {
+            originHost = 'localhost:443';
+        }
+        else if (url.protocol === 'http:' && url.port === '' && url.hostname === 'localhost') {
+            originHost = 'localhost:80';
+        }
+        // Handle IPv6 addresses - remove brackets for pattern matching
+        if (url.hostname.startsWith('[') && url.hostname.endsWith(']')) {
+            const ipv6Host = url.hostname.slice(1, -1); // Remove brackets
+            originHost = url.port ? `${ipv6Host}:${url.port}` : ipv6Host;
+        }
+    }
+    catch {
+        // If it's not a valid URL, treat it as a host:port string
+        originHost = origin;
+    }
+    const regex = patternToRegex(pattern);
+    return regex.test(originHost);
+}
+/**
+ * Checks if an origin is allowed based on an array of patterns
+ * @param origin - The origin to check
+ * @param allowedOrigins - Array of allowed origins (can include wildcards)
+ * @returns true if the origin is allowed
+ */
+function isOriginAllowed(origin, allowedOrigins) {
+    if (!origin || !allowedOrigins || allowedOrigins.length === 0) {
+        return false;
+    }
+    return allowedOrigins.some(pattern => matchesWildcardPattern(origin, pattern));
+}
+/**
+ * Creates a CORS origin function that supports wildcard patterns
+ * @param allowedOrigins - Array of allowed origins (can include wildcards)
+ * @returns Function compatible with cors middleware
+ */
+function createWildcardOriginFunction(allowedOrigins) {
+    return (origin, callback) => {
+        // Allow requests with no origin (like mobile apps or curl requests)
+        if (!origin) {
+            return callback(null, true);
+        }
+        const allowed = isOriginAllowed(origin, allowedOrigins);
+        callback(null, allowed);
+    };
+}
+
+exports.createWildcardOriginFunction = createWildcardOriginFunction;
+exports.isOriginAllowed = isOriginAllowed;
+exports.matchesWildcardPattern = matchesWildcardPattern;
+//# sourceMappingURL=wildcardMatcher.js.map

package/dist/cjs/src/server/utils/wildcardMatcher.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"wildcardMatcher.js","sources":["../../../../../src/server/utils/wildcardMatcher.ts"],"sourcesContent":[null],"names":[],"mappings":";;AAAA;;;;;;;;AAQG;AAEH;;;;AAIG;AACH,SAAS,cAAc,CAAC,OAAe,EAAA;;IAEnC,MAAM,OAAO,GAAG,OAAO;AAClB,SAAA,OAAO,CAAC,oBAAoB,EAAE,MAAM,CAAC;AACrC,SAAA,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;;IAG1B,OAAO,IAAI,MAAM,CAAC,CAAI,CAAA,EAAA,OAAO,CAAG,CAAA,CAAA,EAAE,GAAG,CAAC,CAAC;AAC3C,CAAC;AAED;;;;;AAKG;AACa,SAAA,sBAAsB,CAAC,MAAc,EAAE,OAAe,EAAA;;IAElE,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;QACxB,OAAO,MAAM,KAAK,OAAO,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;KACzD;;AAGD,IAAA,IAAI,UAAkB,CAAC;AACvB,IAAA,IAAI;AACA,QAAA,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC;AAC5B,QAAA,UAAU,GAAG,GAAG,CAAC,IAAI,CAAC;;AAGtB,QAAA,IAAI,GAAG,CAAC,QAAQ,KAAK,QAAQ,IAAI,GAAG,CAAC,IAAI,KAAK,EAAE,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE;YAC9E,UAAU,GAAG,eAAe,CAAC;SAChC;AAAM,aAAA,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,IAAI,GAAG,CAAC,IAAI,KAAK,EAAE,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE;YACpF,UAAU,GAAG,cAAc,CAAC;SAC/B;;AAGD,QAAA,IAAI,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE;AAC5D,YAAA,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAC3C,YAAA,UAAU,GAAG,GAAG,CAAC,IAAI,GAAG,CAAG,EAAA,QAAQ,CAAI,CAAA,EAAA,GAAG,CAAC,IAAI,CAAA,CAAE,GAAG,QAAQ,CAAC;SAChE;KACJ;AAAC,IAAA,MAAM;;QAEJ,UAAU,GAAG,MAAM,CAAC;KACvB;AAED,IAAA,MAAM,KAAK,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;AACtC,IAAA,OAAO,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;AAClC,CAAC;AAED;;;;;AAKG;AACa,SAAA,eAAe,CAAC,MAAc,EAAE,cAAwB,EAAA;AACpE,IAAA,IAAI,CAAC,MAAM,IAAI,CAAC,cAAc,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE;AAC3D,QAAA,OAAO,KAAK,CAAC;KAChB;AAED,IAAA,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,IAAI,sBAAsB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;AACnF,CAAC;AAED;;;;AAIG;AACG,SAAU,4BAA4B,CAAC,cAAwB,EAAA;AACjE,IAAA,OAAO,CAAC,MAA0B,EAAE,QAAsD,KAAI;;QAE1F,IAAI,CAAC,MAAM,EAAE;AACT,YAAA,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;SAC/B;QAED,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;AACxD,QAAA,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AAC5B,KAAC,CAAC;AACN;;;;;;"}

package/dist/esm/mods/security/src/algorithms/hash-algorithms.js

@@ -12,7 +12,7 @@ import '../core/keys/algorithms/mods/PBKDF2Algo.js';
 import { SecureRandom } from '../core/random/random-core.js';
 import '../core/random/random-types.js';
 import '../core/random/random-sources.js';
-import 'nehonix-uri-processor';
+import 'strulink';
 import '../utils/memory/index.js';
 import '../types.js';
 import '../core/password/index.js';

package/dist/esm/mods/security/src/components/attestation.js

@@ -2,7 +2,7 @@ import { SecureRandom } from '../core/random/random-core.js';
 import '../core/random/random-types.js';
 import 'crypto';
 import '../core/random/random-sources.js';
-import 'nehonix-uri-processor';
+import 'strulink';
 import { bufferToHex, bufferToBase64, base64ToBuffer, hexToBuffer } from '../utils/encoding.js';
 import '../utils/memory/index.js';
 import '../types.js';

package/dist/esm/mods/security/src/components/cache/UFSIMC.js

@@ -5,7 +5,7 @@ import { EventEmitter } from 'events';
 import { SecureRandom } from '../../core/random/random-core.js';
 import '../../core/random/random-types.js';
 import '../../core/random/random-sources.js';
-import 'nehonix-uri-processor';
+import 'strulink';
 import '../../utils/memory/index.js';
 import '../../types.js';
 import { CONFIG } from './config/cache.config.js';

package/dist/esm/mods/security/src/components/cache/cacheSys.utils.js

@@ -16,7 +16,7 @@ import '../../core/keys/algorithms/mods/PBKDF2Algo.js';
 import { SecureRandom } from '../../core/random/random-core.js';
 import '../../core/random/random-types.js';
 import '../../core/random/random-sources.js';
-import 'nehonix-uri-processor';
+import 'strulink';
 import '../../utils/memory/index.js';
 import '../../types.js';
 import '../../core/password/index.js';

package/dist/esm/mods/security/src/components/cache/index.js

@@ -12,7 +12,7 @@ import '../../core/keys/keys-utils.js';
 import '../../core/keys/algorithms/mods/PBKDF2Algo.js';
 import '../../core/random/random-types.js';
 import '../../core/random/random-sources.js';
-import 'nehonix-uri-processor';
+import 'strulink';
 import '../../utils/memory/index.js';
 import '../../types.js';
 import '../../core/password/index.js';

package/dist/esm/mods/security/src/components/canary-tokens.js

@@ -2,7 +2,7 @@ import { SecureRandom } from '../core/random/random-core.js';
 import '../core/random/random-types.js';
 import 'crypto';
 import '../core/random/random-sources.js';
-import 'nehonix-uri-processor';
+import 'strulink';
 import { bufferToHex, hexToBuffer } from '../utils/encoding.js';
 import '../utils/memory/index.js';
 import '../types.js';

package/dist/esm/mods/security/src/components/fortified-function/index.js

@@ -17,7 +17,7 @@ import '../../core/hash/hash-advanced.js';
 import '../../algorithms/hash-algorithms.js';
 import '../../core/random/random-types.js';
 import '../../core/random/random-sources.js';
-import 'nehonix-uri-processor';
+import 'strulink';
 import '../../types.js';
 import '../secure-array/utils/id-generator.js';
 import '../../index.js';

package/dist/esm/mods/security/src/components/fortified-function/security/security-handler.js

@@ -2,7 +2,7 @@ import { SecureRandom } from '../../../core/random/random-core.js';
 import '../../../core/random/random-types.js';
 import 'crypto';
 import '../../../core/random/random-sources.js';
-import 'nehonix-uri-processor';
+import 'strulink';
 import '../../../utils/memory/index.js';
 import '../../../types.js';
 import { Hash } from '../../../core/hash/hash-core.js';

package/dist/esm/mods/security/src/components/memory-hard.js

@@ -2,7 +2,7 @@ import { SecureRandom } from '../core/random/random-core.js';
 import '../core/random/random-types.js';
 import 'crypto';
 import '../core/random/random-sources.js';
-import 'nehonix-uri-processor';
+import 'strulink';
 import { bufferToHex } from '../utils/encoding.js';
 import { StatsTracker } from '../utils/stats.js';
 import '../utils/memory/index.js';

package/dist/esm/mods/security/src/components/post-quantum.js

@@ -2,7 +2,7 @@ import { SecureRandom } from '../core/random/random-core.js';
 import '../core/random/random-types.js';
 import 'crypto';
 import '../core/random/random-sources.js';
-import 'nehonix-uri-processor';
+import 'strulink';
 import { hexToBuffer, bufferToHex } from '../utils/encoding.js';
 import '../utils/memory/index.js';
 import '../types.js';