xypriss 2.3.3 → 2.3.5

package/dist/index.d.ts

@@ -94,6 +94,56 @@ type NextFunction = (error?: any) => void;
  */
 type RouteHandler$1 = (req: XyPrisRequest, res: XyPrisResponse, next?: NextFunction) => void | Promise<void>;
 
+/**
+ * Trust Proxy Type Definitions for XyPriss
+ *
+ * Comprehensive type definitions for the advanced trust proxy functionality
+ */
+/**
+ * Predefined network range identifiers
+ */
+type PredefinedRange = 'loopback' | 'linklocal' | 'uniquelocal';
+/**
+ * Trust proxy configuration value
+ *
+ * Supports all Express.js trust proxy configurations plus XyPriss enhancements:
+ *
+ * @example
+ * ```typescript
+ * // Boolean - trust all proxies or none
+ * trustProxy: true
+ * trustProxy: false
+ *
+ * // Predefined ranges
+ * trustProxy: 'loopback'     // Trust localhost/127.0.0.1 and ::1
+ * trustProxy: 'linklocal'    // Trust link-local addresses (169.254.0.0/16, fe80::/10)
+ * trustProxy: 'uniquelocal'  // Trust private networks (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, fc00::/7)
+ *
+ * // CIDR notation
+ * trustProxy: '192.168.0.0/16'
+ * trustProxy: '10.0.0.0/8'
+ * trustProxy: 'fc00::/7'  // IPv6 CIDR
+ *
+ * // Exact IP addresses
+ * trustProxy: '127.0.0.1'
+ * trustProxy: '::1'
+ *
+ * // Array of rules (mixed types supported)
+ * trustProxy: ['loopback', 'linklocal', '10.0.0.0/8']
+ * trustProxy: ['127.0.0.1', '192.168.1.100', 'uniquelocal']
+ *
+ * // Number - trust first N hops
+ * trustProxy: 1  // Trust first proxy
+ * trustProxy: 2  // Trust first 2 proxies in chain
+ *
+ * // Custom function
+ * trustProxy: (ip, hopIndex) => {
+ *   return ip.startsWith('192.168.') || ip === '127.0.0.1';
+ * }
+ * ```
+ */
+type TrustProxyValue$1 = boolean | PredefinedRange | string | (PredefinedRange | string)[] | number | ((ip: string, hopIndex: number) => boolean);
+
 interface CacheStats {
     hits: number;
     misses: number;
@@ -4489,6 +4539,10 @@ declare class XyPrissServer {
      * Add safe JSON middleware to handle circular references
      */
     private addSafeJsonMiddleware;
+    /**
+     * Configure trust proxy settings based on server options
+     */
+    private configureTrustProxy;
     /**
      * Initialize request management middleware for timeouts, network quality, and concurrency control
      */
@@ -5218,7 +5272,7 @@ interface MultiServerConfig {
     /** Server-specific overrides */
     server?: {
         host?: string;
-        trustProxy?: boolean;
+        trustProxy?: TrustProxyValue$1;
         jsonLimit?: string;
         urlEncodedLimit?: string;
         enableMiddleware?: boolean;
@@ -5458,7 +5512,7 @@ interface ServerOptions {
     server?: {
         port?: number;
         host?: string;
-        trustProxy?: boolean;
+        trustProxy?: TrustProxyValue$1;
         jsonLimit?: string;
         urlEncodedLimit?: string;
         enableMiddleware?: boolean;
@@ -11831,6 +11885,92 @@ declare class PluginDevelopmentHelpers {
  */
 declare function quickServer(port?: number): UltraFastApp;
 
+/**
+ * Advanced Trust Proxy Implementation for XyPriss
+ *
+ * Supports Express-like trust proxy configurations including:
+ * - Boolean values (true/false)
+ * - String values ('loopback', 'linklocal', 'uniquelocal')
+ * - CIDR notation ('192.168.0.0/16')
+ * - IP addresses ('127.0.0.1')
+ * - Arrays of the above
+ * - Custom functions
+ */
+
+type TrustProxyValue = boolean | string | string[] | number | ((ip: string, hopIndex: number) => boolean);
+declare class TrustProxy {
+    private trustProxyFn;
+    constructor(config: TrustProxyValue);
+    /**
+     * Validate and normalize IP address string
+     */
+    private normalizeIP;
+    /**
+     * Convert IPv4 address to number for comparison
+     */
+    private ipv4ToNumber;
+    /**
+     * Check if IPv4 address is in CIDR range
+     */
+    private isIPv4InCIDR;
+    /**
+     * Expand IPv6 address to full form
+     */
+    private expandIPv6;
+    /**
+     * Convert IPv6 address to BigInt for comparison
+     */
+    private ipv6ToBigInt;
+    /**
+     * Check if IPv6 address is in CIDR range
+     */
+    private isIPv6InCIDR;
+    /**
+     * Check if IP address is in CIDR range
+     */
+    private isIPInCIDR;
+    /**
+     * Check if IP matches a single trust proxy rule
+     */
+    private matchesTrustRule;
+    /**
+     * Create a trust proxy function from configuration
+     */
+    private createTrustProxyFunction;
+    /**
+     * Safely parse X-Forwarded-For header
+     */
+    private parseForwardedFor;
+    /**
+     * Get remote address with fallback
+     */
+    private getRemoteAddress;
+    /**
+     * Extract client IP considering trust proxy configuration
+     */
+    extractClientIP(req: IncomingMessage): string;
+    /**
+     * Extract all IPs in the proxy chain
+     */
+    extractProxyChain(req: IncomingMessage): string[];
+    /**
+     * Determine if connection is secure based on trust proxy
+     */
+    isSecureConnection(req: IncomingMessage): boolean;
+    /**
+     * Get protocol considering trust proxy
+     */
+    getProtocol(req: IncomingMessage): string;
+    /**
+     * Get hostname considering trust proxy
+     */
+    getHostname(req: IncomingMessage): string;
+    /**
+     * Validate trust proxy configuration
+     */
+    static validate(config: TrustProxyValue): boolean;
+}
+
 /***************************************************************************
  * XyPrissJS - Advanced JavaScript Security Library
  *
@@ -11863,5 +12003,5 @@ declare function quickServer(port?: number): UltraFastApp;
  */
 declare function Router(): XyPrissRouter;
 
-export { CachePlugin as CachePluginBase, CompressionPlugin, ConnectionPlugin, DEFAULT_PLUGIN_CONFIG, FileUploadAPI as FLA, FileUploadAPI, JWTAuthPlugin, NetworkCategory, NetworkPlugin, NetworkPluginFactory, NetworkPluginUtils, PERFORMANCE_TARGETS, PLUGIN_SYSTEM_NAME, PLUGIN_SYSTEM_VERSION, PerformanceMonitor, PerformancePlugin as PerformancePluginBase, PluginDevelopmentHelpers, PluginEngine, PluginEventType, PluginPriority, PluginRegistry, PluginSystemFactory, PluginSystemUtils, PluginType, ProxyPlugin, RateLimitPlugin, ResponseTimePlugin, Route, Router, SecurityMiddleware, SecurityPlugin as SecurityPluginBase, SmartCachePlugin, XyPrissRouter, createCacheMiddleware, createCircularRefDebugger, createOptimalCache, createSafeJsonMiddleware, createServer, createServerInstance, expressStringify, fastStringify, initializeFileUpload, quickServer, safeJsonStringify, safeStringify, sendSafeJson, setupSafeJson, uploadAny, uploadArray, uploadFields, uploadSingle };
-export type { BasePlugin, CacheConfig, CachePlugin$1 as CachePlugin, CompressionAlgorithm, CompressionConfig, ConnectionConfig, FailoverConfig, HTTPCacheConfig, HealthCheckConfig, CachePlugin$1 as ICachePlugin, PerformancePlugin$1 as IPerformancePlugin, SecurityPlugin$1 as ISecurityPlugin, LoadBalancingStrategy, MultiServerApp, MultiServerConfig, NativePlugin, NetworkExecutionContext, NetworkExecutionResult, NetworkHealthStatus, NetworkPluginConfig, NetworkSecurityConfig, NextFunction, PerformanceConfig, PerformanceMetrics, PerformancePlugin$1 as PerformancePlugin, PluginConfiguration, PluginEvent, PluginExecutionContext, PluginExecutionResult, PluginExecutionStats, PluginInitializationContext, PluginRegistryConfig, ProxyConfig, RateLimitConfig, RateLimitRule, RateLimitStrategy, RedisConfig, XyPrisRequest as Request, RequestHandler, XyPrisResponse as Response, RouteConfig, RouteOptions, SecurityConfig, SecurityPlugin$1 as SecurityPlugin, ServerOptions, SmartRouteConfig, UltraFastApp, UpstreamServer, WebSocketConfig, MultiServerApp as XyPMS, XyPrisRequest as XyPrissRequest, XyPrisResponse as XyPrissResponse };
+export { CachePlugin as CachePluginBase, CompressionPlugin, ConnectionPlugin, DEFAULT_PLUGIN_CONFIG, FileUploadAPI as FLA, FileUploadAPI, JWTAuthPlugin, NetworkCategory, NetworkPlugin, NetworkPluginFactory, NetworkPluginUtils, PERFORMANCE_TARGETS, PLUGIN_SYSTEM_NAME, PLUGIN_SYSTEM_VERSION, PerformanceMonitor, PerformancePlugin as PerformancePluginBase, PluginDevelopmentHelpers, PluginEngine, PluginEventType, PluginPriority, PluginRegistry, PluginSystemFactory, PluginSystemUtils, PluginType, ProxyPlugin, RateLimitPlugin, ResponseTimePlugin, Route, Router, SecurityMiddleware, SecurityPlugin as SecurityPluginBase, SmartCachePlugin, TrustProxy, XyPrissRouter, createCacheMiddleware, createCircularRefDebugger, createOptimalCache, createSafeJsonMiddleware, createServer, createServerInstance, expressStringify, fastStringify, initializeFileUpload, quickServer, safeJsonStringify, safeStringify, sendSafeJson, setupSafeJson, uploadAny, uploadArray, uploadFields, uploadSingle };
+export type { BasePlugin, CacheConfig, CachePlugin$1 as CachePlugin, CompressionAlgorithm, CompressionConfig, ConnectionConfig, FailoverConfig, HTTPCacheConfig, HealthCheckConfig, CachePlugin$1 as ICachePlugin, PerformancePlugin$1 as IPerformancePlugin, SecurityPlugin$1 as ISecurityPlugin, LoadBalancingStrategy, MultiServerApp, MultiServerConfig, NativePlugin, NetworkExecutionContext, NetworkExecutionResult, NetworkHealthStatus, NetworkPluginConfig, NetworkSecurityConfig, NextFunction, PerformanceConfig, PerformanceMetrics, PerformancePlugin$1 as PerformancePlugin, PluginConfiguration, PluginEvent, PluginExecutionContext, PluginExecutionResult, PluginExecutionStats, PluginInitializationContext, PluginRegistryConfig, ProxyConfig, RateLimitConfig, RateLimitRule, RateLimitStrategy, RedisConfig, XyPrisRequest as Request, RequestHandler, XyPrisResponse as Response, RouteConfig, RouteOptions, SecurityConfig, SecurityPlugin$1 as SecurityPlugin, ServerOptions, SmartRouteConfig, TrustProxyValue$1 as TrustProxyValue, UltraFastApp, UpstreamServer, WebSocketConfig, MultiServerApp as XyPMS, XyPrisRequest as XyPrissRequest, XyPrisResponse as XyPrissResponse };

package/package.json

@@ -1,6 +1,6 @@
 {
     "name": "xypriss",
-    "version": "2.3.3",
+    "version": "2.3.5",
     "description": "XyPriss is a lightweight, TypeScript-first, open-source Node.js web framework crafted for developers seeking a familiar Express-like API without Express dependencies. It features built-in security middleware, a robust routing system, and performance optimizations to build scalable, secure web applications effortlessly. Join our community and contribute on GitHub!",
     "main": "dist/cjs/index.js",
     "module": "dist/esm/index.js",
@@ -174,7 +174,6 @@
         "axios": "^1.13.1",
         "eslint": "^8.37.0",
         "jest": "^29.5.0",
-        "nehonix-uri-processor": "^2.3.19",
         "rimraf": "^4.4.0",
         "rollup": "^3.29.4",
         "rollup-plugin-dts": "^6.2.1",
@@ -267,6 +266,7 @@
         "tweetnacl": "^1.0.3",
         "ws": "^8.18.2",
         "xss": "^1.0.15",
-        "xypriss-security": "^1.1.3"
+        "xypriss": "^2.3.3",
+        "xypriss-security": "^1.1.10"
     }
 }