xypriss 9.10.19 → 9.10.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/src/server/core/XyServerCreator.js +0 -9
- package/dist/cjs/src/server/core/XyServerCreator.js.map +1 -1
- package/dist/cjs/src/xhsc.js +23 -1
- package/dist/cjs/src/xhsc.js.map +1 -1
- package/dist/esm/src/server/core/XyServerCreator.js +0 -9
- package/dist/esm/src/server/core/XyServerCreator.js.map +1 -1
- package/dist/esm/src/xhsc.js +23 -1
- package/dist/esm/src/xhsc.js.map +1 -1
- package/dist/index.d.ts +0 -54
- package/package.json +1 -1
- package/dist/cjs/src/server/components/fastapi/MonitoringManager.js +0 -191
- package/dist/cjs/src/server/components/fastapi/MonitoringManager.js.map +0 -1
- package/dist/diag_config.d.ts +0 -2
- package/dist/diag_config.d.ts.map +0 -1
- package/dist/diag_config.js +0 -13
- package/dist/diag_config.js.map +0 -1
- package/dist/esm/src/server/components/fastapi/MonitoringManager.js +0 -189
- package/dist/esm/src/server/components/fastapi/MonitoringManager.js.map +0 -1
- package/dist/fix_docs.d.ts +0 -2
- package/dist/fix_docs.d.ts.map +0 -1
- package/dist/fix_docs.js +0 -152
- package/dist/fix_docs.js.map +0 -1
- package/dist/lib.d.ts +0 -3
- package/dist/lib.d.ts.map +0 -1
- package/dist/lib.js +0 -10
- package/dist/lib.js.map +0 -1
- package/dist/main.d.ts +0 -2
- package/dist/main.d.ts.map +0 -1
- package/dist/main.js +0 -3
- package/dist/main.js.map +0 -1
- package/dist/plugin.d.ts +0 -2
- package/dist/plugin.d.ts.map +0 -1
- package/dist/plugin.js +0 -5
- package/dist/plugin.js.map +0 -1
- package/dist/refactor_docs.d.ts +0 -2
- package/dist/refactor_docs.d.ts.map +0 -1
- package/dist/refactor_docs.js +0 -48
- package/dist/refactor_docs.js.map +0 -1
- package/dist/src/ConfigurationManager.d.ts +0 -150
- package/dist/src/ConfigurationManager.d.ts.map +0 -1
- package/dist/src/ConfigurationManager.js +0 -366
- package/dist/src/ConfigurationManager.js.map +0 -1
- package/dist/src/FiUp.d.ts +0 -31
- package/dist/src/FiUp.d.ts.map +0 -1
- package/dist/src/FiUp.js +0 -79
- package/dist/src/FiUp.js.map +0 -1
- package/dist/src/cache/CacheFactory.d.ts +0 -163
- package/dist/src/cache/CacheFactory.d.ts.map +0 -1
- package/dist/src/cache/CacheFactory.js +0 -707
- package/dist/src/cache/CacheFactory.js.map +0 -1
- package/dist/src/cache/index.d.ts +0 -14
- package/dist/src/cache/index.d.ts.map +0 -1
- package/dist/src/cache/index.js +0 -13
- package/dist/src/cache/index.js.map +0 -1
- package/dist/src/cache/type.d.ts +0 -127
- package/dist/src/cache/type.d.ts.map +0 -1
- package/dist/src/cache/type.js +0 -2
- package/dist/src/cache/type.js.map +0 -1
- package/dist/src/const.d.ts +0 -138
- package/dist/src/const.d.ts.map +0 -1
- package/dist/src/const.js +0 -572
- package/dist/src/const.js.map +0 -1
- package/dist/src/index.d.ts +0 -66
- package/dist/src/index.d.ts.map +0 -1
- package/dist/src/index.js +0 -84
- package/dist/src/index.js.map +0 -1
- package/dist/src/middleware/XJsonResponseHandler.d.ts +0 -69
- package/dist/src/middleware/XJsonResponseHandler.d.ts.map +0 -1
- package/dist/src/middleware/XJsonResponseHandler.js +0 -175
- package/dist/src/middleware/XJsonResponseHandler.js.map +0 -1
- package/dist/src/middleware/XemsSessionMiddleware.d.ts +0 -8
- package/dist/src/middleware/XemsSessionMiddleware.d.ts.map +0 -1
- package/dist/src/middleware/XemsSessionMiddleware.js +0 -110
- package/dist/src/middleware/XemsSessionMiddleware.js.map +0 -1
- package/dist/src/middleware/XyPrissMiddlewareAPI.d.ts +0 -75
- package/dist/src/middleware/XyPrissMiddlewareAPI.d.ts.map +0 -1
- package/dist/src/middleware/XyPrissMiddlewareAPI.js +0 -284
- package/dist/src/middleware/XyPrissMiddlewareAPI.js.map +0 -1
- package/dist/src/middleware/built-in/BuiltInMiddleware.d.ts +0 -99
- package/dist/src/middleware/built-in/BuiltInMiddleware.d.ts.map +0 -1
- package/dist/src/middleware/built-in/BuiltInMiddleware.js +0 -404
- package/dist/src/middleware/built-in/BuiltInMiddleware.js.map +0 -1
- package/dist/src/middleware/built-in/ResponseManipulationMiddleware.d.ts +0 -11
- package/dist/src/middleware/built-in/ResponseManipulationMiddleware.d.ts.map +0 -1
- package/dist/src/middleware/built-in/ResponseManipulationMiddleware.js +0 -164
- package/dist/src/middleware/built-in/ResponseManipulationMiddleware.js.map +0 -1
- package/dist/src/middleware/built-in/security/BrowserOnlyProtector.d.ts +0 -106
- package/dist/src/middleware/built-in/security/BrowserOnlyProtector.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/BrowserOnlyProtector.js +0 -547
- package/dist/src/middleware/built-in/security/BrowserOnlyProtector.js.map +0 -1
- package/dist/src/middleware/built-in/security/CommandInjectionDetector.d.ts +0 -40
- package/dist/src/middleware/built-in/security/CommandInjectionDetector.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/CommandInjectionDetector.js +0 -212
- package/dist/src/middleware/built-in/security/CommandInjectionDetector.js.map +0 -1
- package/dist/src/middleware/built-in/security/HoneypotTarpit.d.ts +0 -204
- package/dist/src/middleware/built-in/security/HoneypotTarpit.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/HoneypotTarpit.js +0 -505
- package/dist/src/middleware/built-in/security/HoneypotTarpit.js.map +0 -1
- package/dist/src/middleware/built-in/security/LDAPInjectionDetector.d.ts +0 -17
- package/dist/src/middleware/built-in/security/LDAPInjectionDetector.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/LDAPInjectionDetector.js +0 -93
- package/dist/src/middleware/built-in/security/LDAPInjectionDetector.js.map +0 -1
- package/dist/src/middleware/built-in/security/MobileOnlyProtector.d.ts +0 -122
- package/dist/src/middleware/built-in/security/MobileOnlyProtector.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/MobileOnlyProtector.js +0 -499
- package/dist/src/middleware/built-in/security/MobileOnlyProtector.js.map +0 -1
- package/dist/src/middleware/built-in/security/PathTraversalDetector.d.ts +0 -44
- package/dist/src/middleware/built-in/security/PathTraversalDetector.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/PathTraversalDetector.js +0 -209
- package/dist/src/middleware/built-in/security/PathTraversalDetector.js.map +0 -1
- package/dist/src/middleware/built-in/security/RequestSignatureProtector.d.ts +0 -128
- package/dist/src/middleware/built-in/security/RequestSignatureProtector.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/RequestSignatureProtector.js +0 -463
- package/dist/src/middleware/built-in/security/RequestSignatureProtector.js.map +0 -1
- package/dist/src/middleware/built-in/security/SQLInjectionDetector.d.ts +0 -66
- package/dist/src/middleware/built-in/security/SQLInjectionDetector.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/SQLInjectionDetector.js +0 -414
- package/dist/src/middleware/built-in/security/SQLInjectionDetector.js.map +0 -1
- package/dist/src/middleware/built-in/security/TerminalOnlyProtector.d.ts +0 -131
- package/dist/src/middleware/built-in/security/TerminalOnlyProtector.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/TerminalOnlyProtector.js +0 -473
- package/dist/src/middleware/built-in/security/TerminalOnlyProtector.js.map +0 -1
- package/dist/src/middleware/built-in/security/UriNormalizer.d.ts +0 -277
- package/dist/src/middleware/built-in/security/UriNormalizer.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/UriNormalizer.js +0 -388
- package/dist/src/middleware/built-in/security/UriNormalizer.js.map +0 -1
- package/dist/src/middleware/built-in/security/XXEProtector.d.ts +0 -36
- package/dist/src/middleware/built-in/security/XXEProtector.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/XXEProtector.js +0 -172
- package/dist/src/middleware/built-in/security/XXEProtector.js.map +0 -1
- package/dist/src/middleware/built-in/security/XyPrissCors.d.ts +0 -12
- package/dist/src/middleware/built-in/security/XyPrissCors.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/XyPrissCors.js +0 -94
- package/dist/src/middleware/built-in/security/XyPrissCors.js.map +0 -1
- package/dist/src/middleware/built-in/security/XyPrissHPP.d.ts +0 -7
- package/dist/src/middleware/built-in/security/XyPrissHPP.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/XyPrissHPP.js +0 -48
- package/dist/src/middleware/built-in/security/XyPrissHPP.js.map +0 -1
- package/dist/src/middleware/built-in/security/index.d.ts +0 -20
- package/dist/src/middleware/built-in/security/index.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/index.js +0 -20
- package/dist/src/middleware/built-in/security/index.js.map +0 -1
- package/dist/src/middleware/built-in/security/types.d.ts +0 -147
- package/dist/src/middleware/built-in/security/types.d.ts.map +0 -1
- package/dist/src/middleware/built-in/security/types.js +0 -5
- package/dist/src/middleware/built-in/security/types.js.map +0 -1
- package/dist/src/middleware/safe-json-middleware.d.ts +0 -57
- package/dist/src/middleware/safe-json-middleware.d.ts.map +0 -1
- package/dist/src/middleware/safe-json-middleware.js +0 -150
- package/dist/src/middleware/safe-json-middleware.js.map +0 -1
- package/dist/src/middleware/security-middleware.d.ts +0 -147
- package/dist/src/middleware/security-middleware.d.ts.map +0 -1
- package/dist/src/middleware/security-middleware.js +0 -1026
- package/dist/src/middleware/security-middleware.js.map +0 -1
- package/dist/src/plugins/ServerPluginManager.d.ts +0 -43
- package/dist/src/plugins/ServerPluginManager.d.ts.map +0 -1
- package/dist/src/plugins/ServerPluginManager.js +0 -148
- package/dist/src/plugins/ServerPluginManager.js.map +0 -1
- package/dist/src/plugins/api/PluginAPI.d.ts +0 -108
- package/dist/src/plugins/api/PluginAPI.d.ts.map +0 -1
- package/dist/src/plugins/api/PluginAPI.js +0 -253
- package/dist/src/plugins/api/PluginAPI.js.map +0 -1
- package/dist/src/plugins/builtin/RouteOptimizationPlugin.d.ts +0 -111
- package/dist/src/plugins/builtin/RouteOptimizationPlugin.d.ts.map +0 -1
- package/dist/src/plugins/builtin/RouteOptimizationPlugin.js +0 -416
- package/dist/src/plugins/builtin/RouteOptimizationPlugin.js.map +0 -1
- package/dist/src/plugins/builtin/server-maintenance/ServerMaintenancePlugin.d.ts +0 -136
- package/dist/src/plugins/builtin/server-maintenance/ServerMaintenancePlugin.d.ts.map +0 -1
- package/dist/src/plugins/builtin/server-maintenance/ServerMaintenancePlugin.js +0 -566
- package/dist/src/plugins/builtin/server-maintenance/ServerMaintenancePlugin.js.map +0 -1
- package/dist/src/plugins/builtin/xems/XemsBuiltinPlugin.d.ts +0 -33
- package/dist/src/plugins/builtin/xems/XemsBuiltinPlugin.d.ts.map +0 -1
- package/dist/src/plugins/builtin/xems/XemsBuiltinPlugin.js +0 -246
- package/dist/src/plugins/builtin/xems/XemsBuiltinPlugin.js.map +0 -1
- package/dist/src/plugins/builtin/xems/XemsPlugin.d.ts +0 -169
- package/dist/src/plugins/builtin/xems/XemsPlugin.d.ts.map +0 -1
- package/dist/src/plugins/builtin/xems/XemsPlugin.js +0 -402
- package/dist/src/plugins/builtin/xems/XemsPlugin.js.map +0 -1
- package/dist/src/plugins/builtin/xems/index.d.ts +0 -2
- package/dist/src/plugins/builtin/xems/index.d.ts.map +0 -1
- package/dist/src/plugins/builtin/xems/index.js +0 -2
- package/dist/src/plugins/builtin/xems/index.js.map +0 -1
- package/dist/src/plugins/const/OFFICIAL_PLUGINS.d.ts +0 -2
- package/dist/src/plugins/const/OFFICIAL_PLUGINS.d.ts.map +0 -1
- package/dist/src/plugins/const/OFFICIAL_PLUGINS.js +0 -6
- package/dist/src/plugins/const/OFFICIAL_PLUGINS.js.map +0 -1
- package/dist/src/plugins/const/PluginHookIds.d.ts +0 -44
- package/dist/src/plugins/const/PluginHookIds.d.ts.map +0 -1
- package/dist/src/plugins/const/PluginHookIds.js +0 -185
- package/dist/src/plugins/const/PluginHookIds.js.map +0 -1
- package/dist/src/plugins/const/PluginHookMetadataJson.d.ts +0 -2
- package/dist/src/plugins/const/PluginHookMetadataJson.d.ts.map +0 -1
- package/dist/src/plugins/const/PluginHookMetadataJson.js +0 -6
- package/dist/src/plugins/const/PluginHookMetadataJson.js.map +0 -1
- package/dist/src/plugins/const/XyprissTempDir.d.ts +0 -30
- package/dist/src/plugins/const/XyprissTempDir.d.ts.map +0 -1
- package/dist/src/plugins/const/XyprissTempDir.js +0 -73
- package/dist/src/plugins/const/XyprissTempDir.js.map +0 -1
- package/dist/src/plugins/core/PermissionManager.d.ts +0 -46
- package/dist/src/plugins/core/PermissionManager.d.ts.map +0 -1
- package/dist/src/plugins/core/PermissionManager.js +0 -232
- package/dist/src/plugins/core/PermissionManager.js.map +0 -1
- package/dist/src/plugins/core/XPluginManager.d.ts +0 -110
- package/dist/src/plugins/core/XPluginManager.d.ts.map +0 -1
- package/dist/src/plugins/core/XPluginManager.js +0 -212
- package/dist/src/plugins/core/XPluginManager.js.map +0 -1
- package/dist/src/plugins/core/manager/PluginHookRunner.d.ts +0 -50
- package/dist/src/plugins/core/manager/PluginHookRunner.d.ts.map +0 -1
- package/dist/src/plugins/core/manager/PluginHookRunner.js +0 -104
- package/dist/src/plugins/core/manager/PluginHookRunner.js.map +0 -1
- package/dist/src/plugins/core/manager/PluginInterceptor.d.ts +0 -48
- package/dist/src/plugins/core/manager/PluginInterceptor.d.ts.map +0 -1
- package/dist/src/plugins/core/manager/PluginInterceptor.js +0 -196
- package/dist/src/plugins/core/manager/PluginInterceptor.js.map +0 -1
- package/dist/src/plugins/core/manager/PluginLoader.d.ts +0 -59
- package/dist/src/plugins/core/manager/PluginLoader.d.ts.map +0 -1
- package/dist/src/plugins/core/manager/PluginLoader.js +0 -207
- package/dist/src/plugins/core/manager/PluginLoader.js.map +0 -1
- package/dist/src/plugins/core/manager/PluginManagement.d.ts +0 -36
- package/dist/src/plugins/core/manager/PluginManagement.d.ts.map +0 -1
- package/dist/src/plugins/core/manager/PluginManagement.js +0 -132
- package/dist/src/plugins/core/manager/PluginManagement.js.map +0 -1
- package/dist/src/plugins/core/manager/PluginRegistry.d.ts +0 -47
- package/dist/src/plugins/core/manager/PluginRegistry.d.ts.map +0 -1
- package/dist/src/plugins/core/manager/PluginRegistry.js +0 -96
- package/dist/src/plugins/core/manager/PluginRegistry.js.map +0 -1
- package/dist/src/plugins/core/manager/PluginSecurity.d.ts +0 -63
- package/dist/src/plugins/core/manager/PluginSecurity.d.ts.map +0 -1
- package/dist/src/plugins/core/manager/PluginSecurity.js +0 -417
- package/dist/src/plugins/core/manager/PluginSecurity.js.map +0 -1
- package/dist/src/plugins/route-optimization-plugin.d.ts +0 -111
- package/dist/src/plugins/route-optimization-plugin.d.ts.map +0 -1
- package/dist/src/plugins/route-optimization-plugin.js +0 -416
- package/dist/src/plugins/route-optimization-plugin.js.map +0 -1
- package/dist/src/plugins/types/PluginPermissions.d.ts +0 -26
- package/dist/src/plugins/types/PluginPermissions.d.ts.map +0 -1
- package/dist/src/plugins/types/PluginPermissions.js +0 -10
- package/dist/src/plugins/types/PluginPermissions.js.map +0 -1
- package/dist/src/plugins/types/PluginTypes.d.ts +0 -205
- package/dist/src/plugins/types/PluginTypes.d.ts.map +0 -1
- package/dist/src/plugins/types/PluginTypes.js +0 -30
- package/dist/src/plugins/types/PluginTypes.js.map +0 -1
- package/dist/src/plugins/types/index.d.ts +0 -79
- package/dist/src/plugins/types/index.d.ts.map +0 -1
- package/dist/src/plugins/types/index.js +0 -2
- package/dist/src/plugins/types/index.js.map +0 -1
- package/dist/src/quick-start.d.ts +0 -9
- package/dist/src/quick-start.d.ts.map +0 -1
- package/dist/src/quick-start.js +0 -26
- package/dist/src/quick-start.js.map +0 -1
- package/dist/src/schemas/plugingSchema.d.ts +0 -18
- package/dist/src/schemas/plugingSchema.d.ts.map +0 -1
- package/dist/src/schemas/plugingSchema.js +0 -40
- package/dist/src/schemas/plugingSchema.js.map +0 -1
- package/dist/src/server/FastServer/ComponentManager.d.ts +0 -32
- package/dist/src/server/FastServer/ComponentManager.d.ts.map +0 -1
- package/dist/src/server/FastServer/ComponentManager.js +0 -89
- package/dist/src/server/FastServer/ComponentManager.js.map +0 -1
- package/dist/src/server/FastServer/LogTracingMethods.d.ts +0 -9
- package/dist/src/server/FastServer/LogTracingMethods.d.ts.map +0 -1
- package/dist/src/server/FastServer/LogTracingMethods.js +0 -31
- package/dist/src/server/FastServer/LogTracingMethods.js.map +0 -1
- package/dist/src/server/FastServer/MiddlewareManager.d.ts +0 -17
- package/dist/src/server/FastServer/MiddlewareManager.d.ts.map +0 -1
- package/dist/src/server/FastServer/MiddlewareManager.js +0 -57
- package/dist/src/server/FastServer/MiddlewareManager.js.map +0 -1
- package/dist/src/server/FastServer/ShutdownManager.d.ts +0 -16
- package/dist/src/server/FastServer/ShutdownManager.d.ts.map +0 -1
- package/dist/src/server/FastServer/ShutdownManager.js +0 -70
- package/dist/src/server/FastServer/ShutdownManager.js.map +0 -1
- package/dist/src/server/FastServer/UploadManager.d.ts +0 -13
- package/dist/src/server/FastServer/UploadManager.d.ts.map +0 -1
- package/dist/src/server/FastServer/UploadManager.js +0 -67
- package/dist/src/server/FastServer/UploadManager.js.map +0 -1
- package/dist/src/server/FastServer/index.d.ts +0 -51
- package/dist/src/server/FastServer/index.d.ts.map +0 -1
- package/dist/src/server/FastServer/index.js +0 -222
- package/dist/src/server/FastServer/index.js.map +0 -1
- package/dist/src/server/ServerFactory.d.ts +0 -94
- package/dist/src/server/ServerFactory.d.ts.map +0 -1
- package/dist/src/server/ServerFactory.js +0 -129
- package/dist/src/server/ServerFactory.js.map +0 -1
- package/dist/src/server/components/fastapi/CacheManager.d.ts +0 -64
- package/dist/src/server/components/fastapi/CacheManager.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/CacheManager.js +0 -212
- package/dist/src/server/components/fastapi/CacheManager.js.map +0 -1
- package/dist/src/server/components/fastapi/MonitoringManager.d.ts +0 -43
- package/dist/src/server/components/fastapi/MonitoringManager.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/MonitoringManager.js +0 -186
- package/dist/src/server/components/fastapi/MonitoringManager.js.map +0 -1
- package/dist/src/server/components/fastapi/RedirectManager.d.ts +0 -112
- package/dist/src/server/components/fastapi/RedirectManager.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/RedirectManager.js +0 -432
- package/dist/src/server/components/fastapi/RedirectManager.js.map +0 -1
- package/dist/src/server/components/fastapi/RequestProcessor.d.ts +0 -34
- package/dist/src/server/components/fastapi/RequestProcessor.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/RequestProcessor.js +0 -177
- package/dist/src/server/components/fastapi/RequestProcessor.js.map +0 -1
- package/dist/src/server/components/fastapi/RouteManager.d.ts +0 -43
- package/dist/src/server/components/fastapi/RouteManager.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/RouteManager.js +0 -118
- package/dist/src/server/components/fastapi/RouteManager.js.map +0 -1
- package/dist/src/server/components/fastapi/WorkerPoolComponent.d.ts +0 -29
- package/dist/src/server/components/fastapi/WorkerPoolComponent.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/WorkerPoolComponent.js +0 -77
- package/dist/src/server/components/fastapi/WorkerPoolComponent.js.map +0 -1
- package/dist/src/server/components/fastapi/console/ConsoleInterceptor.d.ts +0 -54
- package/dist/src/server/components/fastapi/console/ConsoleInterceptor.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/console/ConsoleInterceptor.js +0 -464
- package/dist/src/server/components/fastapi/console/ConsoleInterceptor.js.map +0 -1
- package/dist/src/server/components/fastapi/console/encryption/ConsoleEncryption.d.ts +0 -19
- package/dist/src/server/components/fastapi/console/encryption/ConsoleEncryption.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/console/encryption/ConsoleEncryption.js +0 -22
- package/dist/src/server/components/fastapi/console/encryption/ConsoleEncryption.js.map +0 -1
- package/dist/src/server/components/fastapi/console/types.d.ts +0 -115
- package/dist/src/server/components/fastapi/console/types.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/console/types.js +0 -31
- package/dist/src/server/components/fastapi/console/types.js.map +0 -1
- package/dist/src/server/components/fastapi/templates/redirectTemp.d.ts +0 -6
- package/dist/src/server/components/fastapi/templates/redirectTemp.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/templates/redirectTemp.js +0 -98
- package/dist/src/server/components/fastapi/templates/redirectTemp.js.map +0 -1
- package/dist/src/server/components/fastapi/typescript/TypeScriptChecker.d.ts +0 -96
- package/dist/src/server/components/fastapi/typescript/TypeScriptChecker.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/typescript/TypeScriptChecker.js +0 -348
- package/dist/src/server/components/fastapi/typescript/TypeScriptChecker.js.map +0 -1
- package/dist/src/server/components/fastapi/upload/FileUploadManager.d.ts +0 -45
- package/dist/src/server/components/fastapi/upload/FileUploadManager.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/upload/FileUploadManager.js +0 -234
- package/dist/src/server/components/fastapi/upload/FileUploadManager.js.map +0 -1
- package/dist/src/server/components/fastapi/upload/file-upload.d.ts +0 -80
- package/dist/src/server/components/fastapi/upload/file-upload.d.ts.map +0 -1
- package/dist/src/server/components/fastapi/upload/file-upload.js +0 -246
- package/dist/src/server/components/fastapi/upload/file-upload.js.map +0 -1
- package/dist/src/server/components/lifecycle/slcm.type.d.ts +0 -38
- package/dist/src/server/components/lifecycle/slcm.type.d.ts.map +0 -1
- package/dist/src/server/components/lifecycle/slcm.type.js +0 -5
- package/dist/src/server/components/lifecycle/slcm.type.js.map +0 -1
- package/dist/src/server/components/multi-server/MultiServerApp.d.ts +0 -137
- package/dist/src/server/components/multi-server/MultiServerApp.d.ts.map +0 -1
- package/dist/src/server/components/multi-server/MultiServerApp.js +0 -573
- package/dist/src/server/components/multi-server/MultiServerApp.js.map +0 -1
- package/dist/src/server/components/multi-server/MultiServerManager.d.ts +0 -58
- package/dist/src/server/components/multi-server/MultiServerManager.d.ts.map +0 -1
- package/dist/src/server/components/multi-server/MultiServerManager.js +0 -365
- package/dist/src/server/components/multi-server/MultiServerManager.js.map +0 -1
- package/dist/src/server/components/static/XStatic.d.ts +0 -42
- package/dist/src/server/components/static/XStatic.d.ts.map +0 -1
- package/dist/src/server/components/static/XStatic.js +0 -125
- package/dist/src/server/components/static/XStatic.js.map +0 -1
- package/dist/src/server/conf/networkConnectionConf.d.ts +0 -20
- package/dist/src/server/conf/networkConnectionConf.d.ts.map +0 -1
- package/dist/src/server/conf/networkConnectionConf.js +0 -21
- package/dist/src/server/conf/networkConnectionConf.js.map +0 -1
- package/dist/src/server/conf/proxyConfig.d.ts +0 -24
- package/dist/src/server/conf/proxyConfig.d.ts.map +0 -1
- package/dist/src/server/conf/proxyConfig.js +0 -19
- package/dist/src/server/conf/proxyConfig.js.map +0 -1
- package/dist/src/server/conf/rateLimitConfig.d.ts +0 -29
- package/dist/src/server/conf/rateLimitConfig.d.ts.map +0 -1
- package/dist/src/server/conf/rateLimitConfig.js +0 -46
- package/dist/src/server/conf/rateLimitConfig.js.map +0 -1
- package/dist/src/server/const/ExecutionPredictor_EP.const.d.ts +0 -48
- package/dist/src/server/const/ExecutionPredictor_EP.const.d.ts.map +0 -1
- package/dist/src/server/const/ExecutionPredictor_EP.const.js +0 -68
- package/dist/src/server/const/ExecutionPredictor_EP.const.js.map +0 -1
- package/dist/src/server/const/MIME_MAP.d.ts +0 -2
- package/dist/src/server/const/MIME_MAP.d.ts.map +0 -1
- package/dist/src/server/const/MIME_MAP.js +0 -419
- package/dist/src/server/const/MIME_MAP.js.map +0 -1
- package/dist/src/server/const/XHSC_SIGNATURE.d.ts +0 -2
- package/dist/src/server/const/XHSC_SIGNATURE.d.ts.map +0 -1
- package/dist/src/server/const/XHSC_SIGNATURE.js +0 -3
- package/dist/src/server/const/XHSC_SIGNATURE.js.map +0 -1
- package/dist/src/server/const/XRUNTIME-HEADER.d.ts +0 -2
- package/dist/src/server/const/XRUNTIME-HEADER.d.ts.map +0 -1
- package/dist/src/server/const/XRUNTIME-HEADER.js +0 -2
- package/dist/src/server/const/XRUNTIME-HEADER.js.map +0 -1
- package/dist/src/server/const/default.d.ts +0 -10
- package/dist/src/server/const/default.d.ts.map +0 -1
- package/dist/src/server/const/default.js +0 -335
- package/dist/src/server/const/default.js.map +0 -1
- package/dist/src/server/const/http.d.ts +0 -13
- package/dist/src/server/const/http.d.ts.map +0 -1
- package/dist/src/server/const/http.js +0 -25
- package/dist/src/server/const/http.js.map +0 -1
- package/dist/src/server/const/internalFlags.d.ts +0 -7
- package/dist/src/server/const/internalFlags.d.ts.map +0 -1
- package/dist/src/server/const/internalFlags.js +0 -7
- package/dist/src/server/const/internalFlags.js.map +0 -1
- package/dist/src/server/core/HttpServer.d.ts +0 -62
- package/dist/src/server/core/HttpServer.d.ts.map +0 -1
- package/dist/src/server/core/HttpServer.js +0 -251
- package/dist/src/server/core/HttpServer.js.map +0 -1
- package/dist/src/server/core/RequestApp.d.ts +0 -42
- package/dist/src/server/core/RequestApp.d.ts.map +0 -1
- package/dist/src/server/core/RequestApp.js +0 -91
- package/dist/src/server/core/RequestApp.js.map +0 -1
- package/dist/src/server/core/RequestEnhancer.d.ts +0 -174
- package/dist/src/server/core/RequestEnhancer.d.ts.map +0 -1
- package/dist/src/server/core/RequestEnhancer.js +0 -330
- package/dist/src/server/core/RequestEnhancer.js.map +0 -1
- package/dist/src/server/core/ResponseEnhancer.d.ts +0 -323
- package/dist/src/server/core/ResponseEnhancer.d.ts.map +0 -1
- package/dist/src/server/core/ResponseEnhancer.js +0 -578
- package/dist/src/server/core/ResponseEnhancer.js.map +0 -1
- package/dist/src/server/core/SendFileHandler.d.ts +0 -12
- package/dist/src/server/core/SendFileHandler.d.ts.map +0 -1
- package/dist/src/server/core/SendFileHandler.js +0 -179
- package/dist/src/server/core/SendFileHandler.js.map +0 -1
- package/dist/src/server/core/StartupProcessor.d.ts +0 -35
- package/dist/src/server/core/StartupProcessor.d.ts.map +0 -1
- package/dist/src/server/core/StartupProcessor.js +0 -114
- package/dist/src/server/core/StartupProcessor.js.map +0 -1
- package/dist/src/server/core/VirtualServer.d.ts +0 -18
- package/dist/src/server/core/VirtualServer.d.ts.map +0 -1
- package/dist/src/server/core/VirtualServer.js +0 -28
- package/dist/src/server/core/VirtualServer.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/EngineManager.d.ts +0 -17
- package/dist/src/server/core/XHSCBridge/EngineManager.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/EngineManager.js +0 -165
- package/dist/src/server/core/XHSCBridge/EngineManager.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/LogProcessor.d.ts +0 -20
- package/dist/src/server/core/XHSCBridge/LogProcessor.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/LogProcessor.js +0 -116
- package/dist/src/server/core/XHSCBridge/LogProcessor.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/SocketManager.d.ts +0 -20
- package/dist/src/server/core/XHSCBridge/SocketManager.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/SocketManager.js +0 -83
- package/dist/src/server/core/XHSCBridge/SocketManager.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildClusterArgs.d.ts +0 -2
- package/dist/src/server/core/XHSCBridge/cmd/buildClusterArgs.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildClusterArgs.js +0 -66
- package/dist/src/server/core/XHSCBridge/cmd/buildClusterArgs.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildCoreArgs.d.ts +0 -2
- package/dist/src/server/core/XHSCBridge/cmd/buildCoreArgs.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildCoreArgs.js +0 -33
- package/dist/src/server/core/XHSCBridge/cmd/buildCoreArgs.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildNetworkArgs.d.ts +0 -2
- package/dist/src/server/core/XHSCBridge/cmd/buildNetworkArgs.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildNetworkArgs.js +0 -49
- package/dist/src/server/core/XHSCBridge/cmd/buildNetworkArgs.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildPerformanceArgs.d.ts +0 -2
- package/dist/src/server/core/XHSCBridge/cmd/buildPerformanceArgs.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildPerformanceArgs.js +0 -41
- package/dist/src/server/core/XHSCBridge/cmd/buildPerformanceArgs.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildRequestArgs.d.ts +0 -2
- package/dist/src/server/core/XHSCBridge/cmd/buildRequestArgs.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildRequestArgs.js +0 -31
- package/dist/src/server/core/XHSCBridge/cmd/buildRequestArgs.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildSecurityArgs.d.ts +0 -2
- package/dist/src/server/core/XHSCBridge/cmd/buildSecurityArgs.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildSecurityArgs.js +0 -46
- package/dist/src/server/core/XHSCBridge/cmd/buildSecurityArgs.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildStaticArgs.d.ts +0 -5
- package/dist/src/server/core/XHSCBridge/cmd/buildStaticArgs.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildStaticArgs.js +0 -37
- package/dist/src/server/core/XHSCBridge/cmd/buildStaticArgs.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildUploadArgs.d.ts +0 -2
- package/dist/src/server/core/XHSCBridge/cmd/buildUploadArgs.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildUploadArgs.js +0 -24
- package/dist/src/server/core/XHSCBridge/cmd/buildUploadArgs.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildWorkerPoolArgs.d.ts +0 -2
- package/dist/src/server/core/XHSCBridge/cmd/buildWorkerPoolArgs.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/cmd/buildWorkerPoolArgs.js +0 -18
- package/dist/src/server/core/XHSCBridge/cmd/buildWorkerPoolArgs.js.map +0 -1
- package/dist/src/server/core/XHSCBridge/index.d.ts +0 -28
- package/dist/src/server/core/XHSCBridge/index.d.ts.map +0 -1
- package/dist/src/server/core/XHSCBridge/index.js +0 -94
- package/dist/src/server/core/XHSCBridge/index.js.map +0 -1
- package/dist/src/server/core/XHSCProtocol.d.ts +0 -100
- package/dist/src/server/core/XHSCProtocol.d.ts.map +0 -1
- package/dist/src/server/core/XHSCProtocol.js +0 -423
- package/dist/src/server/core/XHSCProtocol.js.map +0 -1
- package/dist/src/server/core/XyDiagnosticsManager.d.ts +0 -28
- package/dist/src/server/core/XyDiagnosticsManager.d.ts.map +0 -1
- package/dist/src/server/core/XyDiagnosticsManager.js +0 -74
- package/dist/src/server/core/XyDiagnosticsManager.js.map +0 -1
- package/dist/src/server/core/XyLifecycleManager.d.ts +0 -51
- package/dist/src/server/core/XyLifecycleManager.d.ts.map +0 -1
- package/dist/src/server/core/XyLifecycleManager.js +0 -235
- package/dist/src/server/core/XyLifecycleManager.js.map +0 -1
- package/dist/src/server/core/XyModuleManager.d.ts +0 -40
- package/dist/src/server/core/XyModuleManager.d.ts.map +0 -1
- package/dist/src/server/core/XyModuleManager.js +0 -124
- package/dist/src/server/core/XyModuleManager.js.map +0 -1
- package/dist/src/server/core/XyRoutingManager.d.ts +0 -42
- package/dist/src/server/core/XyRoutingManager.d.ts.map +0 -1
- package/dist/src/server/core/XyRoutingManager.js +0 -198
- package/dist/src/server/core/XyRoutingManager.js.map +0 -1
- package/dist/src/server/core/XyServerCreator.d.ts +0 -22
- package/dist/src/server/core/XyServerCreator.d.ts.map +0 -1
- package/dist/src/server/core/XyServerCreator.js +0 -117
- package/dist/src/server/core/XyServerCreator.js.map +0 -1
- package/dist/src/server/core/XyprissApp.d.ts +0 -208
- package/dist/src/server/core/XyprissApp.d.ts.map +0 -1
- package/dist/src/server/core/XyprissApp.js +0 -575
- package/dist/src/server/core/XyprissApp.js.map +0 -1
- package/dist/src/server/core/http/BodyParser.d.ts +0 -8
- package/dist/src/server/core/http/BodyParser.d.ts.map +0 -1
- package/dist/src/server/core/http/BodyParser.js +0 -43
- package/dist/src/server/core/http/BodyParser.js.map +0 -1
- package/dist/src/server/core/http/HttpErrorHandler.d.ts +0 -17
- package/dist/src/server/core/http/HttpErrorHandler.d.ts.map +0 -1
- package/dist/src/server/core/http/HttpErrorHandler.js +0 -65
- package/dist/src/server/core/http/HttpErrorHandler.js.map +0 -1
- package/dist/src/server/core/http/RequestForwarder.d.ts +0 -11
- package/dist/src/server/core/http/RequestForwarder.d.ts.map +0 -1
- package/dist/src/server/core/http/RequestForwarder.js +0 -41
- package/dist/src/server/core/http/RequestForwarder.js.map +0 -1
- package/dist/src/server/core/http/RouteManager.d.ts +0 -17
- package/dist/src/server/core/http/RouteManager.d.ts.map +0 -1
- package/dist/src/server/core/http/RouteManager.js +0 -113
- package/dist/src/server/core/http/RouteManager.js.map +0 -1
- package/dist/src/server/core/request/XyRequestManager.d.ts +0 -57
- package/dist/src/server/core/request/XyRequestManager.d.ts.map +0 -1
- package/dist/src/server/core/request/XyRequestManager.js +0 -226
- package/dist/src/server/core/request/XyRequestManager.js.map +0 -1
- package/dist/src/server/handlers/NotFoundHandler.d.ts +0 -25
- package/dist/src/server/handlers/NotFoundHandler.d.ts.map +0 -1
- package/dist/src/server/handlers/NotFoundHandler.js +0 -81
- package/dist/src/server/handlers/NotFoundHandler.js.map +0 -1
- package/dist/src/server/handlers/templates/notFoundTemplate.d.ts +0 -3
- package/dist/src/server/handlers/templates/notFoundTemplate.d.ts.map +0 -1
- package/dist/src/server/handlers/templates/notFoundTemplate.js +0 -651
- package/dist/src/server/handlers/templates/notFoundTemplate.js.map +0 -1
- package/dist/src/server/middleware/MiddlewareManager.d.ts +0 -64
- package/dist/src/server/middleware/MiddlewareManager.d.ts.map +0 -1
- package/dist/src/server/middleware/MiddlewareManager.js +0 -200
- package/dist/src/server/middleware/MiddlewareManager.js.map +0 -1
- package/dist/src/server/routing/Router.d.ts +0 -57
- package/dist/src/server/routing/Router.d.ts.map +0 -1
- package/dist/src/server/routing/Router.js +0 -173
- package/dist/src/server/routing/Router.js.map +0 -1
- package/dist/src/server/routing/index.d.ts +0 -16
- package/dist/src/server/routing/index.d.ts.map +0 -1
- package/dist/src/server/routing/index.js +0 -7
- package/dist/src/server/routing/index.js.map +0 -1
- package/dist/src/server/routing/modules/XyGuard.d.ts +0 -34
- package/dist/src/server/routing/modules/XyGuard.d.ts.map +0 -1
- package/dist/src/server/routing/modules/XyGuard.js +0 -30
- package/dist/src/server/routing/modules/XyGuard.js.map +0 -1
- package/dist/src/server/routing/modules/constants.d.ts +0 -5
- package/dist/src/server/routing/modules/constants.d.ts.map +0 -1
- package/dist/src/server/routing/modules/constants.js +0 -13
- package/dist/src/server/routing/modules/constants.js.map +0 -1
- package/dist/src/server/routing/modules/groups.d.ts +0 -14
- package/dist/src/server/routing/modules/groups.d.ts.map +0 -1
- package/dist/src/server/routing/modules/groups.js +0 -55
- package/dist/src/server/routing/modules/groups.js.map +0 -1
- package/dist/src/server/routing/modules/helpers.d.ts +0 -19
- package/dist/src/server/routing/modules/helpers.d.ts.map +0 -1
- package/dist/src/server/routing/modules/helpers.js +0 -164
- package/dist/src/server/routing/modules/helpers.js.map +0 -1
- package/dist/src/server/routing/modules/middleware.d.ts +0 -20
- package/dist/src/server/routing/modules/middleware.d.ts.map +0 -1
- package/dist/src/server/routing/modules/middleware.js +0 -185
- package/dist/src/server/routing/modules/middleware.js.map +0 -1
- package/dist/src/server/routing/modules/path.d.ts +0 -33
- package/dist/src/server/routing/modules/path.d.ts.map +0 -1
- package/dist/src/server/routing/modules/path.js +0 -125
- package/dist/src/server/routing/modules/path.js.map +0 -1
- package/dist/src/server/routing/modules/registry.d.ts +0 -29
- package/dist/src/server/routing/modules/registry.d.ts.map +0 -1
- package/dist/src/server/routing/modules/registry.js +0 -159
- package/dist/src/server/routing/modules/registry.js.map +0 -1
- package/dist/src/server/routing/modules/types.d.ts +0 -143
- package/dist/src/server/routing/modules/types.d.ts.map +0 -1
- package/dist/src/server/routing/modules/types.js +0 -2
- package/dist/src/server/routing/modules/types.js.map +0 -1
- package/dist/src/server/service/Reload/exec/ExecutableBuilder.d.ts +0 -67
- package/dist/src/server/service/Reload/exec/ExecutableBuilder.d.ts.map +0 -1
- package/dist/src/server/service/Reload/exec/ExecutableBuilder.js +0 -337
- package/dist/src/server/service/Reload/exec/ExecutableBuilder.js.map +0 -1
- package/dist/src/server/service/Reload/exec/TypeScriptExecutor.d.ts +0 -69
- package/dist/src/server/service/Reload/exec/TypeScriptExecutor.d.ts.map +0 -1
- package/dist/src/server/service/Reload/exec/TypeScriptExecutor.js +0 -337
- package/dist/src/server/service/Reload/exec/TypeScriptExecutor.js.map +0 -1
- package/dist/src/server/service/Reload/exec/build-executable.d.ts +0 -9
- package/dist/src/server/service/Reload/exec/build-executable.d.ts.map +0 -1
- package/dist/src/server/service/Reload/exec/build-executable.js +0 -44
- package/dist/src/server/service/Reload/exec/build-executable.js.map +0 -1
- package/dist/src/server/service/Reload/types/TSExecutor.type.d.ts +0 -18
- package/dist/src/server/service/Reload/types/TSExecutor.type.d.ts.map +0 -1
- package/dist/src/server/service/Reload/types/TSExecutor.type.js +0 -2
- package/dist/src/server/service/Reload/types/TSExecutor.type.js.map +0 -1
- package/dist/src/server/service/Reload/types/hotreloader.d.ts +0 -21
- package/dist/src/server/service/Reload/types/hotreloader.d.ts.map +0 -1
- package/dist/src/server/service/Reload/types/hotreloader.js +0 -2
- package/dist/src/server/service/Reload/types/hotreloader.js.map +0 -1
- package/dist/src/server/service/Reload/types/quickdev.type.d.ts +0 -30
- package/dist/src/server/service/Reload/types/quickdev.type.d.ts.map +0 -1
- package/dist/src/server/service/Reload/types/quickdev.type.js +0 -2
- package/dist/src/server/service/Reload/types/quickdev.type.js.map +0 -1
- package/dist/src/server/static/XStatic.d.ts +0 -60
- package/dist/src/server/static/XStatic.d.ts.map +0 -1
- package/dist/src/server/static/XStatic.js +0 -126
- package/dist/src/server/static/XStatic.js.map +0 -1
- package/dist/src/server/utils/ConfigLoader.d.ts +0 -41
- package/dist/src/server/utils/ConfigLoader.d.ts.map +0 -1
- package/dist/src/server/utils/ConfigLoader.js +0 -244
- package/dist/src/server/utils/ConfigLoader.js.map +0 -1
- package/dist/src/server/utils/PortManager.d.ts +0 -61
- package/dist/src/server/utils/PortManager.d.ts.map +0 -1
- package/dist/src/server/utils/PortManager.js +0 -245
- package/dist/src/server/utils/PortManager.js.map +0 -1
- package/dist/src/server/utils/WorkerModeHandler.d.ts +0 -7
- package/dist/src/server/utils/WorkerModeHandler.d.ts.map +0 -1
- package/dist/src/server/utils/WorkerModeHandler.js +0 -60
- package/dist/src/server/utils/WorkerModeHandler.js.map +0 -1
- package/dist/src/server/utils/es_modules.d.ts +0 -3
- package/dist/src/server/utils/es_modules.d.ts.map +0 -1
- package/dist/src/server/utils/es_modules.js +0 -5
- package/dist/src/server/utils/es_modules.js.map +0 -1
- package/dist/src/server/utils/forceClosePort.d.ts +0 -100
- package/dist/src/server/utils/forceClosePort.d.ts.map +0 -1
- package/dist/src/server/utils/forceClosePort.js +0 -328
- package/dist/src/server/utils/forceClosePort.js.map +0 -1
- package/dist/src/server/utils/internalFlagsFunctions.d.ts +0 -71
- package/dist/src/server/utils/internalFlagsFunctions.d.ts.map +0 -1
- package/dist/src/server/utils/internalFlagsFunctions.js +0 -150
- package/dist/src/server/utils/internalFlagsFunctions.js.map +0 -1
- package/dist/src/server/utils/shouldRegisterRouteOnServer.d.ts +0 -6
- package/dist/src/server/utils/shouldRegisterRouteOnServer.d.ts.map +0 -1
- package/dist/src/server/utils/shouldRegisterRouteOnServer.js +0 -30
- package/dist/src/server/utils/shouldRegisterRouteOnServer.js.map +0 -1
- package/dist/src/server/utils/wildcardMatcher.d.ts +0 -30
- package/dist/src/server/utils/wildcardMatcher.d.ts.map +0 -1
- package/dist/src/server/utils/wildcardMatcher.js +0 -220
- package/dist/src/server/utils/wildcardMatcher.js.map +0 -1
- package/dist/src/shared/logger/DEFAULT_LOGGER_CONFIG.d.ts +0 -3
- package/dist/src/shared/logger/DEFAULT_LOGGER_CONFIG.d.ts.map +0 -1
- package/dist/src/shared/logger/DEFAULT_LOGGER_CONFIG.js +0 -64
- package/dist/src/shared/logger/DEFAULT_LOGGER_CONFIG.js.map +0 -1
- package/dist/src/shared/logger/DEFAULT_PALETTE.d.ts +0 -16
- package/dist/src/shared/logger/DEFAULT_PALETTE.d.ts.map +0 -1
- package/dist/src/shared/logger/DEFAULT_PALETTE.js +0 -16
- package/dist/src/shared/logger/DEFAULT_PALETTE.js.map +0 -1
- package/dist/src/shared/logger/Logger.d.ts +0 -95
- package/dist/src/shared/logger/Logger.d.ts.map +0 -1
- package/dist/src/shared/logger/Logger.js +0 -576
- package/dist/src/shared/logger/Logger.js.map +0 -1
- package/dist/src/shared/logger/index.d.ts +0 -2
- package/dist/src/shared/logger/index.d.ts.map +0 -1
- package/dist/src/shared/logger/index.js +0 -2
- package/dist/src/shared/logger/index.js.map +0 -1
- package/dist/src/shared/logger/quickLogger.d.ts +0 -19
- package/dist/src/shared/logger/quickLogger.d.ts.map +0 -1
- package/dist/src/shared/logger/quickLogger.js +0 -162
- package/dist/src/shared/logger/quickLogger.js.map +0 -1
- package/dist/src/shared/types/index.d.ts +0 -2
- package/dist/src/shared/types/index.d.ts.map +0 -1
- package/dist/src/shared/types/index.js +0 -2
- package/dist/src/shared/types/index.js.map +0 -1
- package/dist/src/shared/types/logger.type.d.ts +0 -46
- package/dist/src/shared/types/logger.type.d.ts.map +0 -1
- package/dist/src/shared/types/logger.type.js +0 -42
- package/dist/src/shared/types/logger.type.js.map +0 -1
- package/dist/src/types/CpuMon.t.d.ts +0 -43
- package/dist/src/types/CpuMon.t.d.ts.map +0 -1
- package/dist/src/types/CpuMon.t.js +0 -2
- package/dist/src/types/CpuMon.t.js.map +0 -1
- package/dist/src/types/ExecutionPredictor.type.d.ts +0 -25
- package/dist/src/types/ExecutionPredictor.type.d.ts.map +0 -1
- package/dist/src/types/ExecutionPredictor.type.js +0 -2
- package/dist/src/types/ExecutionPredictor.type.js.map +0 -1
- package/dist/src/types/FiUp.type.d.ts +0 -50
- package/dist/src/types/FiUp.type.d.ts.map +0 -1
- package/dist/src/types/FiUp.type.js +0 -2
- package/dist/src/types/FiUp.type.js.map +0 -1
- package/dist/src/types/NotFoundConfig.d.ts +0 -39
- package/dist/src/types/NotFoundConfig.d.ts.map +0 -1
- package/dist/src/types/NotFoundConfig.js +0 -81
- package/dist/src/types/NotFoundConfig.js.map +0 -1
- package/dist/src/types/ReqPreCompiler.type.d.ts +0 -49
- package/dist/src/types/ReqPreCompiler.type.d.ts.map +0 -1
- package/dist/src/types/ReqPreCompiler.type.js +0 -2
- package/dist/src/types/ReqPreCompiler.type.js.map +0 -1
- package/dist/src/types/ServerOptions.d.ts +0 -861
- package/dist/src/types/ServerOptions.d.ts.map +0 -1
- package/dist/src/types/ServerOptions.js +0 -4
- package/dist/src/types/ServerOptions.js.map +0 -1
- package/dist/src/types/XyApp.type.d.ts +0 -610
- package/dist/src/types/XyApp.type.d.ts.map +0 -1
- package/dist/src/types/XyApp.type.js +0 -2
- package/dist/src/types/XyApp.type.js.map +0 -1
- package/dist/src/types/XyPrissRouter.types.d.ts +0 -23
- package/dist/src/types/XyPrissRouter.types.d.ts.map +0 -1
- package/dist/src/types/XyPrissRouter.types.js +0 -2
- package/dist/src/types/XyPrissRouter.types.js.map +0 -1
- package/dist/src/types/bun_cluster.t.d.ts +0 -41
- package/dist/src/types/bun_cluster.t.d.ts.map +0 -1
- package/dist/src/types/bun_cluster.t.js +0 -2
- package/dist/src/types/bun_cluster.t.js.map +0 -1
- package/dist/src/types/cluster.ipc.t.d.ts +0 -141
- package/dist/src/types/cluster.ipc.t.d.ts.map +0 -1
- package/dist/src/types/cluster.ipc.t.js +0 -88
- package/dist/src/types/cluster.ipc.t.js.map +0 -1
- package/dist/src/types/components/CacheManager.type.d.ts +0 -8
- package/dist/src/types/components/CacheManager.type.d.ts.map +0 -1
- package/dist/src/types/components/CacheManager.type.js +0 -2
- package/dist/src/types/components/CacheManager.type.js.map +0 -1
- package/dist/src/types/components/MonitoringM.type.d.ts +0 -10
- package/dist/src/types/components/MonitoringM.type.d.ts.map +0 -1
- package/dist/src/types/components/MonitoringM.type.js +0 -2
- package/dist/src/types/components/MonitoringM.type.js.map +0 -1
- package/dist/src/types/components/PlugingM.type.d.ts +0 -8
- package/dist/src/types/components/PlugingM.type.d.ts.map +0 -1
- package/dist/src/types/components/PlugingM.type.js +0 -2
- package/dist/src/types/components/PlugingM.type.js.map +0 -1
- package/dist/src/types/components/ReqProcessor.type.d.ts +0 -7
- package/dist/src/types/components/ReqProcessor.type.d.ts.map +0 -1
- package/dist/src/types/components/ReqProcessor.type.js +0 -2
- package/dist/src/types/components/ReqProcessor.type.js.map +0 -1
- package/dist/src/types/components/RouteM.type.d.ts +0 -9
- package/dist/src/types/components/RouteM.type.d.ts.map +0 -1
- package/dist/src/types/components/RouteM.type.js +0 -2
- package/dist/src/types/components/RouteM.type.js.map +0 -1
- package/dist/src/types/httpServer.type.d.ts +0 -260
- package/dist/src/types/httpServer.type.d.ts.map +0 -1
- package/dist/src/types/httpServer.type.js +0 -25
- package/dist/src/types/httpServer.type.js.map +0 -1
- package/dist/src/types/index.d.ts +0 -228
- package/dist/src/types/index.d.ts.map +0 -1
- package/dist/src/types/index.js +0 -37
- package/dist/src/types/index.js.map +0 -1
- package/dist/src/types/middleware-api.types.d.ts +0 -180
- package/dist/src/types/middleware-api.types.d.ts.map +0 -1
- package/dist/src/types/middleware-api.types.js +0 -6
- package/dist/src/types/middleware-api.types.js.map +0 -1
- package/dist/src/types/middlewareManager.types.d.ts +0 -18
- package/dist/src/types/middlewareManager.types.d.ts.map +0 -1
- package/dist/src/types/middlewareManager.types.js +0 -2
- package/dist/src/types/middlewareManager.types.js.map +0 -1
- package/dist/src/types/mod/cache.d.ts +0 -417
- package/dist/src/types/mod/cache.d.ts.map +0 -1
- package/dist/src/types/mod/cache.js +0 -12
- package/dist/src/types/mod/cache.js.map +0 -1
- package/dist/src/types/mod/core.d.ts +0 -390
- package/dist/src/types/mod/core.d.ts.map +0 -1
- package/dist/src/types/mod/core.js +0 -2
- package/dist/src/types/mod/core.js.map +0 -1
- package/dist/src/types/mod/monitoring.d.ts +0 -473
- package/dist/src/types/mod/monitoring.d.ts.map +0 -1
- package/dist/src/types/mod/monitoring.js +0 -12
- package/dist/src/types/mod/monitoring.js.map +0 -1
- package/dist/src/types/mod/performance.d.ts +0 -370
- package/dist/src/types/mod/performance.d.ts.map +0 -1
- package/dist/src/types/mod/performance.js +0 -12
- package/dist/src/types/mod/performance.js.map +0 -1
- package/dist/src/types/mod/routing.d.ts +0 -385
- package/dist/src/types/mod/routing.d.ts.map +0 -1
- package/dist/src/types/mod/routing.js +0 -12
- package/dist/src/types/mod/routing.js.map +0 -1
- package/dist/src/types/mod/security.d.ts +0 -1478
- package/dist/src/types/mod/security.d.ts.map +0 -1
- package/dist/src/types/mod/security.js +0 -2
- package/dist/src/types/mod/security.js.map +0 -1
- package/dist/src/types/perfomance.d.ts +0 -37
- package/dist/src/types/perfomance.d.ts.map +0 -1
- package/dist/src/types/perfomance.js +0 -2
- package/dist/src/types/perfomance.js.map +0 -1
- package/dist/src/types/types.d.ts +0 -210
- package/dist/src/types/types.d.ts.map +0 -1
- package/dist/src/types/types.js +0 -21
- package/dist/src/types/types.js.map +0 -1
- package/dist/src/types/xems.type.d.ts +0 -84
- package/dist/src/types/xems.type.d.ts.map +0 -1
- package/dist/src/types/xems.type.js +0 -2
- package/dist/src/types/xems.type.js.map +0 -1
- package/dist/src/utils/ConfigSyntaxParser.d.ts +0 -28
- package/dist/src/utils/ConfigSyntaxParser.d.ts.map +0 -1
- package/dist/src/utils/ConfigSyntaxParser.js +0 -76
- package/dist/src/utils/ConfigSyntaxParser.js.map +0 -1
- package/dist/src/utils/DotEnvLoader.d.ts +0 -27
- package/dist/src/utils/DotEnvLoader.d.ts.map +0 -1
- package/dist/src/utils/DotEnvLoader.js +0 -69
- package/dist/src/utils/DotEnvLoader.js.map +0 -1
- package/dist/src/utils/ProjectDiscovery.d.ts +0 -61
- package/dist/src/utils/ProjectDiscovery.d.ts.map +0 -1
- package/dist/src/utils/ProjectDiscovery.js +0 -295
- package/dist/src/utils/ProjectDiscovery.js.map +0 -1
- package/dist/src/utils/getIp.d.ts +0 -53
- package/dist/src/utils/getIp.d.ts.map +0 -1
- package/dist/src/utils/getIp.js +0 -160
- package/dist/src/utils/getIp.js.map +0 -1
- package/dist/src/utils/getMime.d.ts +0 -52
- package/dist/src/utils/getMime.d.ts.map +0 -1
- package/dist/src/utils/getMime.js +0 -90
- package/dist/src/utils/getMime.js.map +0 -1
- package/dist/src/utils/mergeWithDefaults.d.ts +0 -92
- package/dist/src/utils/mergeWithDefaults.d.ts.map +0 -1
- package/dist/src/utils/mergeWithDefaults.js +0 -172
- package/dist/src/utils/mergeWithDefaults.js.map +0 -1
- package/dist/src/utils/mimeUtils.d.ts +0 -10
- package/dist/src/utils/mimeUtils.d.ts.map +0 -1
- package/dist/src/utils/mimeUtils.js +0 -14
- package/dist/src/utils/mimeUtils.js.map +0 -1
- package/dist/src/xhsc/EnvApi.d.ts +0 -296
- package/dist/src/xhsc/EnvApi.d.ts.map +0 -1
- package/dist/src/xhsc/EnvApi.js +0 -525
- package/dist/src/xhsc/EnvApi.js.map +0 -1
- package/dist/src/xhsc/FSApi.d.ts +0 -21
- package/dist/src/xhsc/FSApi.d.ts.map +0 -1
- package/dist/src/xhsc/FSApi.js +0 -49
- package/dist/src/xhsc/FSApi.js.map +0 -1
- package/dist/src/xhsc/OSApi.d.ts +0 -195
- package/dist/src/xhsc/OSApi.d.ts.map +0 -1
- package/dist/src/xhsc/OSApi.js +0 -220
- package/dist/src/xhsc/OSApi.js.map +0 -1
- package/dist/src/xhsc/PathApi.d.ts +0 -300
- package/dist/src/xhsc/PathApi.d.ts.map +0 -1
- package/dist/src/xhsc/PathApi.js +0 -383
- package/dist/src/xhsc/PathApi.js.map +0 -1
- package/dist/src/xhsc/System.d.ts +0 -126
- package/dist/src/xhsc/System.d.ts.map +0 -1
- package/dist/src/xhsc/System.js +0 -58
- package/dist/src/xhsc/System.js.map +0 -1
- package/dist/src/xhsc/UtilsApi.d.ts +0 -45
- package/dist/src/xhsc/UtilsApi.d.ts.map +0 -1
- package/dist/src/xhsc/UtilsApi.js +0 -47
- package/dist/src/xhsc/UtilsApi.js.map +0 -1
- package/dist/src/xhsc/VarsApi.d.ts +0 -81
- package/dist/src/xhsc/VarsApi.d.ts.map +0 -1
- package/dist/src/xhsc/VarsApi.js +0 -175
- package/dist/src/xhsc/VarsApi.js.map +0 -1
- package/dist/src/xhsc/XyPrissCache.d.ts +0 -36
- package/dist/src/xhsc/XyPrissCache.d.ts.map +0 -1
- package/dist/src/xhsc/XyPrissCache.js +0 -66
- package/dist/src/xhsc/XyPrissCache.js.map +0 -1
- package/dist/src/xhsc/XyPrissRunner.d.ts +0 -49
- package/dist/src/xhsc/XyPrissRunner.d.ts.map +0 -1
- package/dist/src/xhsc/XyPrissRunner.js +0 -440
- package/dist/src/xhsc/XyPrissRunner.js.map +0 -1
- package/dist/src/xhsc/api/env/env.d.ts +0 -218
- package/dist/src/xhsc/api/env/env.d.ts.map +0 -1
- package/dist/src/xhsc/api/env/env.js +0 -84
- package/dist/src/xhsc/api/env/env.js.map +0 -1
- package/dist/src/xhsc/cluster/XHSCWorker.d.ts +0 -28
- package/dist/src/xhsc/cluster/XHSCWorker.d.ts.map +0 -1
- package/dist/src/xhsc/cluster/XHSCWorker.js +0 -192
- package/dist/src/xhsc/cluster/XHSCWorker.js.map +0 -1
- package/dist/src/xhsc/cmdr.d.ts +0 -9
- package/dist/src/xhsc/cmdr.d.ts.map +0 -1
- package/dist/src/xhsc/cmdr.js +0 -2
- package/dist/src/xhsc/cmdr.js.map +0 -1
- package/dist/src/xhsc/fs/FSArchive.d.ts +0 -55
- package/dist/src/xhsc/fs/FSArchive.d.ts.map +0 -1
- package/dist/src/xhsc/fs/FSArchive.js +0 -66
- package/dist/src/xhsc/fs/FSArchive.js.map +0 -1
- package/dist/src/xhsc/fs/FSBase.d.ts +0 -14
- package/dist/src/xhsc/fs/FSBase.d.ts.map +0 -1
- package/dist/src/xhsc/fs/FSBase.js +0 -15
- package/dist/src/xhsc/fs/FSBase.js.map +0 -1
- package/dist/src/xhsc/fs/FSCore.d.ts +0 -417
- package/dist/src/xhsc/fs/FSCore.d.ts.map +0 -1
- package/dist/src/xhsc/fs/FSCore.js +0 -522
- package/dist/src/xhsc/fs/FSCore.js.map +0 -1
- package/dist/src/xhsc/fs/FSExtended.d.ts +0 -212
- package/dist/src/xhsc/fs/FSExtended.d.ts.map +0 -1
- package/dist/src/xhsc/fs/FSExtended.js +0 -303
- package/dist/src/xhsc/fs/FSExtended.js.map +0 -1
- package/dist/src/xhsc/fs/FSHelpers.d.ts +0 -383
- package/dist/src/xhsc/fs/FSHelpers.d.ts.map +0 -1
- package/dist/src/xhsc/fs/FSHelpers.js +0 -501
- package/dist/src/xhsc/fs/FSHelpers.js.map +0 -1
- package/dist/src/xhsc/fs/FSSearch.d.ts +0 -77
- package/dist/src/xhsc/fs/FSSearch.d.ts.map +0 -1
- package/dist/src/xhsc/fs/FSSearch.js +0 -95
- package/dist/src/xhsc/fs/FSSearch.js.map +0 -1
- package/dist/src/xhsc/fs/FSWatch.d.ts +0 -107
- package/dist/src/xhsc/fs/FSWatch.d.ts.map +0 -1
- package/dist/src/xhsc/fs/FSWatch.js +0 -136
- package/dist/src/xhsc/fs/FSWatch.js.map +0 -1
- package/dist/src/xhsc/fs/FileHandle.d.ts +0 -42
- package/dist/src/xhsc/fs/FileHandle.d.ts.map +0 -1
- package/dist/src/xhsc/fs/FileHandle.js +0 -107
- package/dist/src/xhsc/fs/FileHandle.js.map +0 -1
- package/dist/src/xhsc/ipc/XHSCDirectIPC.d.ts +0 -24
- package/dist/src/xhsc/ipc/XHSCDirectIPC.d.ts.map +0 -1
- package/dist/src/xhsc/ipc/XHSCDirectIPC.js +0 -110
- package/dist/src/xhsc/ipc/XHSCDirectIPC.js.map +0 -1
- package/dist/src/xhsc/types.d.ts +0 -268
- package/dist/src/xhsc/types.d.ts.map +0 -1
- package/dist/src/xhsc/types.js +0 -8
- package/dist/src/xhsc/types.js.map +0 -1
- package/dist/src/xhsc/utils/ArrayUtils.d.ts +0 -38
- package/dist/src/xhsc/utils/ArrayUtils.d.ts.map +0 -1
- package/dist/src/xhsc/utils/ArrayUtils.js +0 -63
- package/dist/src/xhsc/utils/ArrayUtils.js.map +0 -1
- package/dist/src/xhsc/utils/AsyncUtils.d.ts +0 -437
- package/dist/src/xhsc/utils/AsyncUtils.d.ts.map +0 -1
- package/dist/src/xhsc/utils/AsyncUtils.js +0 -578
- package/dist/src/xhsc/utils/AsyncUtils.js.map +0 -1
- package/dist/src/xhsc/utils/DateUtils.d.ts +0 -649
- package/dist/src/xhsc/utils/DateUtils.d.ts.map +0 -1
- package/dist/src/xhsc/utils/DateUtils.js +0 -956
- package/dist/src/xhsc/utils/DateUtils.js.map +0 -1
- package/dist/src/xhsc/utils/FunctionUtils.d.ts +0 -15
- package/dist/src/xhsc/utils/FunctionUtils.d.ts.map +0 -1
- package/dist/src/xhsc/utils/FunctionUtils.js +0 -25
- package/dist/src/xhsc/utils/FunctionUtils.js.map +0 -1
- package/dist/src/xhsc/utils/IdUtils.d.ts +0 -14
- package/dist/src/xhsc/utils/IdUtils.d.ts.map +0 -1
- package/dist/src/xhsc/utils/IdUtils.js +0 -17
- package/dist/src/xhsc/utils/IdUtils.js.map +0 -1
- package/dist/src/xhsc/utils/NumberUtils.d.ts +0 -59
- package/dist/src/xhsc/utils/NumberUtils.d.ts.map +0 -1
- package/dist/src/xhsc/utils/NumberUtils.js +0 -75
- package/dist/src/xhsc/utils/NumberUtils.js.map +0 -1
- package/dist/src/xhsc/utils/ObjectUtils.d.ts +0 -96
- package/dist/src/xhsc/utils/ObjectUtils.d.ts.map +0 -1
- package/dist/src/xhsc/utils/ObjectUtils.js +0 -136
- package/dist/src/xhsc/utils/ObjectUtils.js.map +0 -1
- package/dist/src/xhsc/utils/StringUtils.d.ts +0 -105
- package/dist/src/xhsc/utils/StringUtils.d.ts.map +0 -1
- package/dist/src/xhsc/utils/StringUtils.js +0 -141
- package/dist/src/xhsc/utils/StringUtils.js.map +0 -1
- package/dist/src/xhsc/utils/ValidationUtils.d.ts +0 -33
- package/dist/src/xhsc/utils/ValidationUtils.d.ts.map +0 -1
- package/dist/src/xhsc/utils/ValidationUtils.js +0 -45
- package/dist/src/xhsc/utils/ValidationUtils.js.map +0 -1
- package/dist/src/xhsc/utils/deepReadonlyProxy.d.ts +0 -48
- package/dist/src/xhsc/utils/deepReadonlyProxy.d.ts.map +0 -1
- package/dist/src/xhsc/utils/deepReadonlyProxy.js +0 -108
- package/dist/src/xhsc/utils/deepReadonlyProxy.js.map +0 -1
- package/dist/src/xhsc.d.ts +0 -41
- package/dist/src/xhsc.d.ts.map +0 -1
- package/dist/src/xhsc.js +0 -231
- package/dist/src/xhsc.js.map +0 -1
- package/dist/test-toolbox.d.ts +0 -2
- package/dist/test-toolbox.d.ts.map +0 -1
- package/dist/test-toolbox.js +0 -37
- package/dist/test-toolbox.js.map +0 -1
- package/dist/test_finish.d.ts +0 -2
- package/dist/test_finish.d.ts.map +0 -1
- package/dist/test_finish.js +0 -10
- package/dist/test_finish.js.map +0 -1
- package/dist/test_regex.d.ts +0 -2
- package/dist/test_regex.d.ts.map +0 -1
- package/dist/test_regex.js +0 -20
- package/dist/test_regex.js.map +0 -1
- package/dist/test_server.d.ts +0 -2
- package/dist/test_server.d.ts.map +0 -1
- package/dist/test_server.js +0 -23
- package/dist/test_server.js.map +0 -1
|
@@ -1,1478 +0,0 @@
|
|
|
1
|
-
import { BrowserOnlyConfig, TerminalOnlyConfig } from "../../middleware/built-in/security";
|
|
2
|
-
/**
|
|
3
|
-
* @fileoverview Security-related type definitions for XyPriss integration
|
|
4
|
-
*
|
|
5
|
-
* This module contains all security-related types including authentication,
|
|
6
|
-
* authorization, encryption, and security policies.
|
|
7
|
-
*
|
|
8
|
-
* @version 4.5.11
|
|
9
|
-
* @author XyPrissJS Team
|
|
10
|
-
* @since 2025-01-06
|
|
11
|
-
*/
|
|
12
|
-
/**
|
|
13
|
-
* Security configuration levels.
|
|
14
|
-
*
|
|
15
|
-
* Predefined security levels that automatically configure
|
|
16
|
-
* appropriate security measures:
|
|
17
|
-
* - basic: Essential security features
|
|
18
|
-
* - enhanced: Additional security layers
|
|
19
|
-
* - maximum: All security features enabled
|
|
20
|
-
*/
|
|
21
|
-
export type SecurityLevel = "basic" | "enhanced" | "maximum";
|
|
22
|
-
/**
|
|
23
|
-
* CSRF Protection Configuration
|
|
24
|
-
*
|
|
25
|
-
* Protects against Cross-Site Request Forgery attacks by requiring tokens.
|
|
26
|
-
* Can be enabled/disabled or configured with custom options.
|
|
27
|
-
*
|
|
28
|
-
* @example Enable with defaults:
|
|
29
|
-
* ```typescript
|
|
30
|
-
* csrf: true
|
|
31
|
-
* ```
|
|
32
|
-
*
|
|
33
|
-
* @example Disable:
|
|
34
|
-
* ```typescript
|
|
35
|
-
* csrf: false
|
|
36
|
-
* ```
|
|
37
|
-
*
|
|
38
|
-
* @example Custom configuration:
|
|
39
|
-
* ```typescript
|
|
40
|
-
* csrf: {
|
|
41
|
-
* cookieName: '__Host-csrf-token',
|
|
42
|
-
* cookieOptions: {
|
|
43
|
-
* httpOnly: true,
|
|
44
|
-
* sameSite: 'strict',
|
|
45
|
-
* secure: process.env.NODE_ENV === 'production'
|
|
46
|
-
* }
|
|
47
|
-
* }
|
|
48
|
-
* ```
|
|
49
|
-
*/
|
|
50
|
-
export interface CSRFConfig {
|
|
51
|
-
/** CSRF token cookie name */
|
|
52
|
-
cookieName?: string;
|
|
53
|
-
/** CSRF token cookie options */
|
|
54
|
-
cookieOptions?: {
|
|
55
|
-
httpOnly?: boolean;
|
|
56
|
-
sameSite?: boolean | "lax" | "strict" | "none";
|
|
57
|
-
secure?: boolean;
|
|
58
|
-
};
|
|
59
|
-
}
|
|
60
|
-
/**
|
|
61
|
-
* XyRS - XyPriss Request Signature Configuration
|
|
62
|
-
*
|
|
63
|
-
* Validates request signatures using the XP-Request-Sig header.
|
|
64
|
-
* Provides API authentication by requiring a secret signature on all requests.
|
|
65
|
-
*
|
|
66
|
-
* @example Enable with secret:
|
|
67
|
-
* ```typescript
|
|
68
|
-
* requestSignature: {
|
|
69
|
-
* secret: "my-secret-api-key"
|
|
70
|
-
* }
|
|
71
|
-
* ```
|
|
72
|
-
*
|
|
73
|
-
* @example Custom configuration:
|
|
74
|
-
* ```typescript
|
|
75
|
-
* requestSignature: {
|
|
76
|
-
* secret: "my-secret-api-key",
|
|
77
|
-
* errorMessage: "API key required",
|
|
78
|
-
* statusCode: 403,
|
|
79
|
-
* caseSensitive: false
|
|
80
|
-
* }
|
|
81
|
-
* ```
|
|
82
|
-
*/
|
|
83
|
-
export interface RequestSignatureConfig {
|
|
84
|
-
/** Custom header name for the signature (default: "XP-Request-Sig") */
|
|
85
|
-
headerName?: string;
|
|
86
|
-
/** The secret value that must match the header */
|
|
87
|
-
secret: string;
|
|
88
|
-
/** Custom error message for blocked requests */
|
|
89
|
-
errorMessage?: string;
|
|
90
|
-
/** HTTP status code for blocked requests */
|
|
91
|
-
statusCode?: number;
|
|
92
|
-
/** Enable debug logging */
|
|
93
|
-
debug?: boolean;
|
|
94
|
-
/** Case-sensitive comparison */
|
|
95
|
-
caseSensitive?: boolean;
|
|
96
|
-
/** Trim whitespace from header value */
|
|
97
|
-
trimValue?: boolean;
|
|
98
|
-
/** Maximum allowed header length to prevent DoS (default: 512) */
|
|
99
|
-
maxHeaderLength?: number;
|
|
100
|
-
/** Rate limiting: max failed attempts before temporary block (default: 5) */
|
|
101
|
-
maxFailedAttempts?: number;
|
|
102
|
-
/** Rate limiting: block duration in milliseconds (default: 15 minutes) */
|
|
103
|
-
blockDuration?: number;
|
|
104
|
-
/** Disable rate limiting entirely (default: false) */
|
|
105
|
-
disableRateLimiting?: boolean;
|
|
106
|
-
/** Scale factor for rate limiting thresholds (default: 1.0) */
|
|
107
|
-
rateLimitScaleFactor?: number;
|
|
108
|
-
/** Minimum secret length requirement (default: 32) */
|
|
109
|
-
minSecretLength?: number;
|
|
110
|
-
/** Enable timing attack protection (default: true) */
|
|
111
|
-
timingSafeComparison?: boolean;
|
|
112
|
-
/** Reject requests with suspicious patterns (default: true) */
|
|
113
|
-
rejectSuspiciousPatterns?: boolean;
|
|
114
|
-
}
|
|
115
|
-
/**
|
|
116
|
-
* Helmet Security Headers Configuration
|
|
117
|
-
*
|
|
118
|
-
* Sets various HTTP headers to help protect against common attacks.
|
|
119
|
-
* Can be enabled/disabled or configured with custom header options.
|
|
120
|
-
*
|
|
121
|
-
* @example Enable with defaults:
|
|
122
|
-
* ```typescript
|
|
123
|
-
* helmet: true
|
|
124
|
-
* ```
|
|
125
|
-
*
|
|
126
|
-
* @example Custom CSP:
|
|
127
|
-
* ```typescript
|
|
128
|
-
* helmet: {
|
|
129
|
-
* contentSecurityPolicy: {
|
|
130
|
-
* directives: {
|
|
131
|
-
* defaultSrc: ["'self'"],
|
|
132
|
-
* scriptSrc: ["'self'", "'unsafe-inline'"]
|
|
133
|
-
* }
|
|
134
|
-
* },
|
|
135
|
-
* hsts: { maxAge: 31536000 }
|
|
136
|
-
* }
|
|
137
|
-
* ```
|
|
138
|
-
*/
|
|
139
|
-
export interface HelmetConfig {
|
|
140
|
-
/** Content Security Policy configuration */
|
|
141
|
-
contentSecurityPolicy?: {
|
|
142
|
-
/** CSP directives - flexible configuration allowing any CSP directive */
|
|
143
|
-
directives?: Record<string, string | string[]>;
|
|
144
|
-
} | boolean;
|
|
145
|
-
/** HTTP Strict Transport Security configuration */
|
|
146
|
-
hsts?: {
|
|
147
|
-
maxAge: number;
|
|
148
|
-
includeSubDomains?: boolean;
|
|
149
|
-
preload?: boolean;
|
|
150
|
-
};
|
|
151
|
-
/** Cross-Origin Embedder Policy */
|
|
152
|
-
crossOriginEmbedderPolicy?: boolean | {
|
|
153
|
-
policy: "require-corp" | "credentialless";
|
|
154
|
-
};
|
|
155
|
-
/** Cross-Origin Opener Policy */
|
|
156
|
-
crossOriginOpenerPolicy?: boolean | {
|
|
157
|
-
policy: "same-origin" | "same-origin-allow-popups" | "unsafe-none";
|
|
158
|
-
};
|
|
159
|
-
/** Cross-Origin Resource Policy */
|
|
160
|
-
crossOriginResourcePolicy?: boolean | {
|
|
161
|
-
policy: "same-origin" | "same-site" | "cross-origin";
|
|
162
|
-
};
|
|
163
|
-
/** DNS Prefetch Control */
|
|
164
|
-
dnsPrefetchControl?: boolean | {
|
|
165
|
-
allow: boolean;
|
|
166
|
-
};
|
|
167
|
-
/** Frameguard (X-Frame-Options) */
|
|
168
|
-
frameguard?: boolean | {
|
|
169
|
-
action: "deny" | "sameorigin" | "allow-from";
|
|
170
|
-
domain?: string;
|
|
171
|
-
};
|
|
172
|
-
/** Hide Powered By header */
|
|
173
|
-
hidePoweredBy?: boolean | {
|
|
174
|
-
setTo?: string;
|
|
175
|
-
};
|
|
176
|
-
/** IE No Open */
|
|
177
|
-
ieNoOpen?: boolean;
|
|
178
|
-
/** No Sniff */
|
|
179
|
-
noSniff?: boolean;
|
|
180
|
-
/** Origin Agent Cluster */
|
|
181
|
-
originAgentCluster?: boolean;
|
|
182
|
-
/** Permitted Cross Domain Policies */
|
|
183
|
-
permittedCrossDomainPolicies?: boolean | {
|
|
184
|
-
permittedPolicies: "none" | "master-only" | "by-content-type" | "all";
|
|
185
|
-
};
|
|
186
|
-
/** Referrer Policy */
|
|
187
|
-
referrerPolicy?: boolean | {
|
|
188
|
-
policy: string | string[];
|
|
189
|
-
};
|
|
190
|
-
/** XSS Filter */
|
|
191
|
-
xssFilter?: boolean;
|
|
192
|
-
}
|
|
193
|
-
/**
|
|
194
|
-
* XSS Protection Configuration
|
|
195
|
-
*
|
|
196
|
-
* Protects against Cross-Site Scripting attacks by sanitizing input.
|
|
197
|
-
* Can be enabled/disabled or configured with custom sanitization rules.
|
|
198
|
-
*
|
|
199
|
-
* @example Enable with defaults:
|
|
200
|
-
* ```typescript
|
|
201
|
-
* xss: true
|
|
202
|
-
* ```
|
|
203
|
-
*
|
|
204
|
-
* @example Custom configuration:
|
|
205
|
-
* ```typescript
|
|
206
|
-
* xss: {
|
|
207
|
-
* blockOnDetection: true,
|
|
208
|
-
* customPatterns: [/custom-pattern/g],
|
|
209
|
-
* whitelist: { a: ['href', 'title'] }
|
|
210
|
-
* }
|
|
211
|
-
* ```
|
|
212
|
-
*/
|
|
213
|
-
export interface XSSConfig {
|
|
214
|
-
/** Block requests on XSS detection */
|
|
215
|
-
blockOnDetection?: boolean;
|
|
216
|
-
/** Custom XSS patterns to detect */
|
|
217
|
-
customPatterns?: RegExp[];
|
|
218
|
-
/** Whitelist of allowed tags and attributes */
|
|
219
|
-
whitelist?: {
|
|
220
|
-
[tag: string]: string[];
|
|
221
|
-
};
|
|
222
|
-
}
|
|
223
|
-
/**
|
|
224
|
-
* SQL Injection Protection Configuration
|
|
225
|
-
*
|
|
226
|
-
* Detects and prevents SQL injection attacks in request data.
|
|
227
|
-
* Can be enabled/disabled or configured with custom detection rules.
|
|
228
|
-
*
|
|
229
|
-
* @example Enable with defaults:
|
|
230
|
-
* ```typescript
|
|
231
|
-
* sqlInjection: true
|
|
232
|
-
* ```
|
|
233
|
-
*
|
|
234
|
-
* @example Custom configuration:
|
|
235
|
-
* ```typescript
|
|
236
|
-
* sqlInjection: {
|
|
237
|
-
* blockOnDetection: true,
|
|
238
|
-
* riskThreshold: 'medium',
|
|
239
|
-
* customPatterns: [/custom-sql-pattern/g]
|
|
240
|
-
* }
|
|
241
|
-
* ```
|
|
242
|
-
*/
|
|
243
|
-
export interface SQLInjectionConfig {
|
|
244
|
-
/** Block requests on SQL injection detection */
|
|
245
|
-
blockOnDetection?: boolean;
|
|
246
|
-
/** Risk threshold for SQL injection detection */
|
|
247
|
-
riskThreshold?: "low" | "medium" | "high";
|
|
248
|
-
/** Custom SQL injection patterns to detect */
|
|
249
|
-
customPatterns?: RegExp[];
|
|
250
|
-
/** Enable contextual analysis to reduce false positives */
|
|
251
|
-
contextualAnalysis?: boolean;
|
|
252
|
-
/** Strict mode - more aggressive detection */
|
|
253
|
-
strictMode?: boolean;
|
|
254
|
-
/** Log detected attempts */
|
|
255
|
-
logAttempts?: boolean;
|
|
256
|
-
/** False positive threshold (0-1) */
|
|
257
|
-
falsePositiveThreshold?: number;
|
|
258
|
-
/** Maximum allowed length for input strings before triggering 'Excessive length' detection */
|
|
259
|
-
maxLength?: number;
|
|
260
|
-
}
|
|
261
|
-
/**
|
|
262
|
-
* Path Traversal Protection Configuration
|
|
263
|
-
*
|
|
264
|
-
* Detects and prevents directory traversal attacks while allowing legitimate file paths.
|
|
265
|
-
*
|
|
266
|
-
* @example Enable with defaults:
|
|
267
|
-
* ```typescript
|
|
268
|
-
* pathTraversal: true
|
|
269
|
-
* ```
|
|
270
|
-
*
|
|
271
|
-
* @example Custom configuration:
|
|
272
|
-
* ```typescript
|
|
273
|
-
* pathTraversal: {
|
|
274
|
-
* blockOnDetection: true,
|
|
275
|
-
* allowedPaths: ['/uploads/', '/public/'],
|
|
276
|
-
* allowedExtensions: ['.jpg', '.png', '.pdf'],
|
|
277
|
-
* maxDepth: 3
|
|
278
|
-
* }
|
|
279
|
-
* ```
|
|
280
|
-
*/
|
|
281
|
-
export interface PathTraversalConfig {
|
|
282
|
-
/** Block requests on path traversal detection */
|
|
283
|
-
blockOnDetection?: boolean;
|
|
284
|
-
/** Allowed base paths */
|
|
285
|
-
allowedPaths?: string[];
|
|
286
|
-
/** Allowed file extensions */
|
|
287
|
-
allowedExtensions?: string[];
|
|
288
|
-
/** Maximum allowed path depth */
|
|
289
|
-
maxDepth?: number;
|
|
290
|
-
/** Strict mode */
|
|
291
|
-
strictMode?: boolean;
|
|
292
|
-
/** Log detected attempts */
|
|
293
|
-
logAttempts?: boolean;
|
|
294
|
-
/** False positive threshold (0-1) */
|
|
295
|
-
falsePositiveThreshold?: number;
|
|
296
|
-
}
|
|
297
|
-
/**
|
|
298
|
-
* Command Injection Protection Configuration
|
|
299
|
-
*
|
|
300
|
-
* Detects and prevents OS command injection attacks with context awareness.
|
|
301
|
-
*
|
|
302
|
-
* @example Enable with defaults:
|
|
303
|
-
* ```typescript
|
|
304
|
-
* commandInjection: true
|
|
305
|
-
* ```
|
|
306
|
-
*
|
|
307
|
-
* @example Custom configuration:
|
|
308
|
-
* ```typescript
|
|
309
|
-
* commandInjection: {
|
|
310
|
-
* blockOnDetection: true,
|
|
311
|
-
* contextualAnalysis: true,
|
|
312
|
-
* allowedCommands: ['git', 'npm']
|
|
313
|
-
* }
|
|
314
|
-
* ```
|
|
315
|
-
*/
|
|
316
|
-
export interface CommandInjectionConfig {
|
|
317
|
-
/** Block requests on command injection detection */
|
|
318
|
-
blockOnDetection?: boolean;
|
|
319
|
-
/** Enable contextual analysis */
|
|
320
|
-
contextualAnalysis?: boolean;
|
|
321
|
-
/** Allowed commands (whitelist) */
|
|
322
|
-
allowedCommands?: string[];
|
|
323
|
-
/** Strict mode */
|
|
324
|
-
strictMode?: boolean;
|
|
325
|
-
/** Log detected attempts */
|
|
326
|
-
logAttempts?: boolean;
|
|
327
|
-
/** False positive threshold (0-1) */
|
|
328
|
-
falsePositiveThreshold?: number;
|
|
329
|
-
}
|
|
330
|
-
/**
|
|
331
|
-
* XXE (XML External Entity) Protection Configuration
|
|
332
|
-
*
|
|
333
|
-
* Prevents XXE attacks in XML parsing.
|
|
334
|
-
*
|
|
335
|
-
* @example Enable with defaults:
|
|
336
|
-
* ```typescript
|
|
337
|
-
* xxe: true
|
|
338
|
-
* ```
|
|
339
|
-
*
|
|
340
|
-
* @example Custom configuration:
|
|
341
|
-
* ```typescript
|
|
342
|
-
* xxe: {
|
|
343
|
-
* blockOnDetection: true,
|
|
344
|
-
* allowDTD: false,
|
|
345
|
-
* allowExternalEntities: false
|
|
346
|
-
* }
|
|
347
|
-
* ```
|
|
348
|
-
*/
|
|
349
|
-
export interface XXEConfig {
|
|
350
|
-
/** Block requests on XXE detection */
|
|
351
|
-
blockOnDetection?: boolean;
|
|
352
|
-
/** Allow DTD declarations */
|
|
353
|
-
allowDTD?: boolean;
|
|
354
|
-
/** Allow external entities */
|
|
355
|
-
allowExternalEntities?: boolean;
|
|
356
|
-
/** Maximum entity expansions */
|
|
357
|
-
maxEntityExpansions?: number;
|
|
358
|
-
/** Strict mode */
|
|
359
|
-
strictMode?: boolean;
|
|
360
|
-
/** Log detected attempts */
|
|
361
|
-
logAttempts?: boolean;
|
|
362
|
-
}
|
|
363
|
-
/**
|
|
364
|
-
* LDAP Injection Protection Configuration
|
|
365
|
-
*
|
|
366
|
-
* Detects and prevents LDAP injection attacks.
|
|
367
|
-
*
|
|
368
|
-
* @example Enable with defaults:
|
|
369
|
-
* ```typescript
|
|
370
|
-
* ldapInjection: true
|
|
371
|
-
* ```
|
|
372
|
-
*
|
|
373
|
-
* @example Custom configuration:
|
|
374
|
-
* ```typescript
|
|
375
|
-
* ldapInjection: {
|
|
376
|
-
* blockOnDetection: true,
|
|
377
|
-
* strictMode: true
|
|
378
|
-
* }
|
|
379
|
-
* ```
|
|
380
|
-
*/
|
|
381
|
-
export interface LDAPInjectionConfig {
|
|
382
|
-
/** Block requests on LDAP injection detection */
|
|
383
|
-
blockOnDetection?: boolean;
|
|
384
|
-
/** Strict mode */
|
|
385
|
-
strictMode?: boolean;
|
|
386
|
-
/** Log detected attempts */
|
|
387
|
-
logAttempts?: boolean;
|
|
388
|
-
/** False positive threshold (0-1) */
|
|
389
|
-
falsePositiveThreshold?: number;
|
|
390
|
-
}
|
|
391
|
-
/**
|
|
392
|
-
* Compression Configuration
|
|
393
|
-
*
|
|
394
|
-
* Response compression to reduce bandwidth and improve performance.
|
|
395
|
-
* Can be enabled/disabled or configured with custom compression settings.
|
|
396
|
-
*
|
|
397
|
-
* @example Enable with defaults:
|
|
398
|
-
* ```typescript
|
|
399
|
-
* compression: true
|
|
400
|
-
* ```
|
|
401
|
-
*
|
|
402
|
-
* @example Custom compression:
|
|
403
|
-
* ```typescript
|
|
404
|
-
* compression: {
|
|
405
|
-
* level: 6, // compression level (1-9)
|
|
406
|
-
* threshold: 1024, // minimum response size to compress
|
|
407
|
-
* filter: (req, res) => {
|
|
408
|
-
* // custom filter logic
|
|
409
|
-
* return /json|text|javascript|css/.test(res.get('Content-Type'));
|
|
410
|
-
* }
|
|
411
|
-
* }
|
|
412
|
-
* ```
|
|
413
|
-
*/
|
|
414
|
-
export interface CompressionConfig {
|
|
415
|
-
/** Compression level (1-9) */
|
|
416
|
-
level?: number;
|
|
417
|
-
/** Minimum response size to compress (in bytes) */
|
|
418
|
-
threshold?: number;
|
|
419
|
-
/** Custom filter function for compression */
|
|
420
|
-
filter?: (req: any, res: any) => boolean;
|
|
421
|
-
}
|
|
422
|
-
/**
|
|
423
|
-
* HTTP Parameter Pollution Protection Configuration
|
|
424
|
-
*
|
|
425
|
-
* Prevents HTTP Parameter Pollution attacks by handling duplicate parameters.
|
|
426
|
-
* Can be enabled/disabled or configured with custom parameter handling.
|
|
427
|
-
*
|
|
428
|
-
* @example Enable with defaults:
|
|
429
|
-
* ```typescript
|
|
430
|
-
* hpp: true
|
|
431
|
-
* ```
|
|
432
|
-
*
|
|
433
|
-
* @example Custom configuration:
|
|
434
|
-
* ```typescript
|
|
435
|
-
* hpp: {
|
|
436
|
-
* whitelist: ['tags', 'categories'], // allow arrays for these params
|
|
437
|
-
* checkQuery: true,
|
|
438
|
-
* checkBody: true
|
|
439
|
-
* }
|
|
440
|
-
* ```
|
|
441
|
-
*/
|
|
442
|
-
export interface HPPConfig {
|
|
443
|
-
/** Whitelist of allowed parameters for arrays */
|
|
444
|
-
whitelist?: string[];
|
|
445
|
-
/** Check query parameters for duplicates */
|
|
446
|
-
checkQuery?: boolean;
|
|
447
|
-
/** Check body parameters for duplicates */
|
|
448
|
-
checkBody?: boolean;
|
|
449
|
-
}
|
|
450
|
-
/**
|
|
451
|
-
* MongoDB Injection Protection Configuration
|
|
452
|
-
*
|
|
453
|
-
* Sanitizes MongoDB queries to prevent NoSQL injection attacks.
|
|
454
|
-
* Can be enabled/disabled or configured with custom sanitization rules.
|
|
455
|
-
*
|
|
456
|
-
* @example Enable with defaults:
|
|
457
|
-
* ```typescript
|
|
458
|
-
* mongoSanitize: true
|
|
459
|
-
* ```
|
|
460
|
-
*
|
|
461
|
-
* @example Custom configuration:
|
|
462
|
-
* ```typescript
|
|
463
|
-
* mongoSanitize: {
|
|
464
|
-
* replaceWith: '_',
|
|
465
|
-
* onSanitize: ({ req, key }) => {
|
|
466
|
-
* console.warn(`Sanitized MongoDB key: ${key} from ${req.ip}`);
|
|
467
|
-
* }
|
|
468
|
-
* }
|
|
469
|
-
* ```
|
|
470
|
-
*/
|
|
471
|
-
export interface MongoSanitizeConfig {
|
|
472
|
-
/** Replacement character for sanitized keys */
|
|
473
|
-
replaceWith?: string;
|
|
474
|
-
/** Custom callback function for sanitization */
|
|
475
|
-
onSanitize?: (options: {
|
|
476
|
-
req: any;
|
|
477
|
-
key: string;
|
|
478
|
-
}) => void;
|
|
479
|
-
}
|
|
480
|
-
/**
|
|
481
|
-
* @deprecated Morgan is not supported in XyPriss.
|
|
482
|
-
* Using morgan may expose your application to undocumented behaviors and integration
|
|
483
|
-
* failures with the XHSC engine. This type is kept only to surface a compile-time
|
|
484
|
-
* error when used; it will always fail at runtime.
|
|
485
|
-
*
|
|
486
|
-
* Use the Xyphra plugin for secure, native request logging:
|
|
487
|
-
* @see https://github.com/Nehonix-Team/xyphra
|
|
488
|
-
*/
|
|
489
|
-
export interface MorganConfig {
|
|
490
|
-
/** @deprecated See MorganConfig */
|
|
491
|
-
[key: string]: never;
|
|
492
|
-
}
|
|
493
|
-
/**
|
|
494
|
-
* Slow Down Configuration
|
|
495
|
-
*
|
|
496
|
-
* Progressive delays for rate limiting to prevent abuse.
|
|
497
|
-
* Can be enabled/disabled or configured with custom delay patterns.
|
|
498
|
-
*
|
|
499
|
-
* @example Enable with defaults:
|
|
500
|
-
* ```typescript
|
|
501
|
-
* slowDown: true
|
|
502
|
-
* ```
|
|
503
|
-
*
|
|
504
|
-
* @example Custom slow down:
|
|
505
|
-
* ```typescript
|
|
506
|
-
* slowDown: {
|
|
507
|
-
* windowMs: 15 * 60 * 1000, // 15 minutes
|
|
508
|
-
* delayAfter: 100, // delay after 100 requests
|
|
509
|
-
* delayMs: (used, req) => {
|
|
510
|
-
* const delayAfter = req.slowDown?.limit || 100;
|
|
511
|
-
* return (used - delayAfter) * 500; // 500ms per request over limit
|
|
512
|
-
* }
|
|
513
|
-
* }
|
|
514
|
-
* ```
|
|
515
|
-
*/
|
|
516
|
-
export interface SlowDownConfig {
|
|
517
|
-
/** Time window for slow down (in milliseconds) */
|
|
518
|
-
windowMs?: number;
|
|
519
|
-
/** Number of requests before delay starts */
|
|
520
|
-
delayAfter?: number;
|
|
521
|
-
/** Custom delay function */
|
|
522
|
-
delayMs?: (used: number, req: any) => number;
|
|
523
|
-
}
|
|
524
|
-
/**
|
|
525
|
-
* Route pattern matching configuration for security rules
|
|
526
|
-
*/
|
|
527
|
-
export interface RoutePattern {
|
|
528
|
-
/** Route path pattern (supports wildcards like /api/*, exact paths like /login, or regex) */
|
|
529
|
-
path: string | RegExp;
|
|
530
|
-
/** HTTP methods to apply this rule to (if not specified, applies to all methods) */
|
|
531
|
-
methods?: string[];
|
|
532
|
-
}
|
|
533
|
-
/**
|
|
534
|
-
* Security module route configuration
|
|
535
|
-
* Allows selective application of security modules to specific routes
|
|
536
|
-
*/
|
|
537
|
-
export interface SecurityModuleRouteConfig {
|
|
538
|
-
/** Routes to exclude from this security module */
|
|
539
|
-
excludeRoutes?: (string | RegExp | RoutePattern)[];
|
|
540
|
-
/** Routes to include for this security module (if specified, only these routes will be protected) */
|
|
541
|
-
includeRoutes?: (string | RegExp | RoutePattern)[];
|
|
542
|
-
}
|
|
543
|
-
/**
|
|
544
|
-
* Security Configuration Interface
|
|
545
|
-
*
|
|
546
|
-
* Defines comprehensive security settings for XyPriss applications.
|
|
547
|
-
* Each security feature can be enabled/disabled or configured with detailed options.
|
|
548
|
-
*
|
|
549
|
-
* @example
|
|
550
|
-
* ```typescript
|
|
551
|
-
* const securityConfig: SecurityConfig = {
|
|
552
|
-
* level: 'enhanced',
|
|
553
|
-
* helmet: {
|
|
554
|
-
* contentSecurityPolicy: {
|
|
555
|
-
* directives: { defaultSrc: ["'self'"] }
|
|
556
|
-
* }
|
|
557
|
-
* },
|
|
558
|
-
* cors: {
|
|
559
|
-
* origin: 'https://myapp.com',
|
|
560
|
-
* credentials: true
|
|
561
|
-
* },
|
|
562
|
-
* bruteForce: {
|
|
563
|
-
* windowMs: 15 * 60 * 1000,
|
|
564
|
-
* max: 100
|
|
565
|
-
* },
|
|
566
|
-
* routeConfig: {
|
|
567
|
-
* pathTraversal: {
|
|
568
|
-
* excludeRoutes: ['/api/templates/*', '/api/content/*']
|
|
569
|
-
* }
|
|
570
|
-
* }
|
|
571
|
-
* };
|
|
572
|
-
* ```
|
|
573
|
-
*/
|
|
574
|
-
export interface SecurityConfig {
|
|
575
|
-
/**
|
|
576
|
-
* Strategic route bypass configuration.
|
|
577
|
-
* Routes defined here will bypass content-based security detectors (XSS, SQLi, Path Traversal, etc.).
|
|
578
|
-
* This is recommended for routes handling rich text or complex payloads where false positives are likely.
|
|
579
|
-
* Access control policies (CORS, Device restrictions, Signatures) remain active.
|
|
580
|
-
*/
|
|
581
|
-
_ignore?: (string | RegExp)[];
|
|
582
|
-
/**
|
|
583
|
-
* Absolute route bypass configuration.
|
|
584
|
-
* Routes defined here will bypass the ENTIRE security middleware stack, including device restrictions,
|
|
585
|
-
* request signatures, and content detectors. Use with extreme caution.
|
|
586
|
-
*/
|
|
587
|
-
_ignoreAll?: (string | RegExp)[];
|
|
588
|
-
/** Security level preset */
|
|
589
|
-
level?: SecurityLevel;
|
|
590
|
-
/**
|
|
591
|
-
* Route-based security configuration
|
|
592
|
-
* Allows you to selectively apply security modules to specific routes
|
|
593
|
-
*
|
|
594
|
-
* @example
|
|
595
|
-
* ```typescript
|
|
596
|
-
* routeConfig: {
|
|
597
|
-
* xss: {
|
|
598
|
-
* excludeRoutes: ['/api/safe-content/*']
|
|
599
|
-
* },
|
|
600
|
-
* pathTraversal: {
|
|
601
|
-
* excludeRoutes: ['/api/templates/*', { path: '/api/content/*', methods: ['POST'] }]
|
|
602
|
-
* },
|
|
603
|
-
* sqlInjection: {
|
|
604
|
-
* includeRoutes: ['/api/db/*', '/api/query/*']
|
|
605
|
-
* }
|
|
606
|
-
* }
|
|
607
|
-
* ```
|
|
608
|
-
*/
|
|
609
|
-
routeConfig?: {
|
|
610
|
-
xss?: SecurityModuleRouteConfig;
|
|
611
|
-
sqlInjection?: SecurityModuleRouteConfig;
|
|
612
|
-
pathTraversal?: SecurityModuleRouteConfig;
|
|
613
|
-
commandInjection?: SecurityModuleRouteConfig;
|
|
614
|
-
xxe?: SecurityModuleRouteConfig;
|
|
615
|
-
ldapInjection?: SecurityModuleRouteConfig;
|
|
616
|
-
};
|
|
617
|
-
/**
|
|
618
|
-
* CSRF Protection Configuration
|
|
619
|
-
*
|
|
620
|
-
* Protects against Cross-Site Request Forgery attacks by requiring tokens.
|
|
621
|
-
* Can be enabled/disabled or configured with custom options.
|
|
622
|
-
*
|
|
623
|
-
* @example Enable with defaults:
|
|
624
|
-
* ```typescript
|
|
625
|
-
* csrf: true
|
|
626
|
-
* ```
|
|
627
|
-
*
|
|
628
|
-
* @example Disable:
|
|
629
|
-
* ```typescript
|
|
630
|
-
* csrf: false
|
|
631
|
-
* ```
|
|
632
|
-
*
|
|
633
|
-
* @example Custom configuration:
|
|
634
|
-
* ```typescript
|
|
635
|
-
* csrf: {
|
|
636
|
-
* cookieName: '__Host-csrf-token',
|
|
637
|
-
* cookieOptions: {
|
|
638
|
-
* httpOnly: true,
|
|
639
|
-
* sameSite: 'strict',
|
|
640
|
-
* secure: process.env.NODE_ENV === 'production'
|
|
641
|
-
* }
|
|
642
|
-
* }
|
|
643
|
-
* ```
|
|
644
|
-
*/
|
|
645
|
-
csrf?: boolean | CSRFConfig;
|
|
646
|
-
/**
|
|
647
|
-
* Helmet Security Headers Configuration
|
|
648
|
-
*
|
|
649
|
-
* Sets various HTTP headers to help protect against common attacks.
|
|
650
|
-
* Can be enabled/disabled or configured with custom header options.
|
|
651
|
-
*
|
|
652
|
-
* @example Enable with defaults:
|
|
653
|
-
* ```typescript
|
|
654
|
-
* helmet: true
|
|
655
|
-
* ```
|
|
656
|
-
*
|
|
657
|
-
* @example Custom CSP:
|
|
658
|
-
* ```typescript
|
|
659
|
-
* helmet: {
|
|
660
|
-
* contentSecurityPolicy: {
|
|
661
|
-
* directives: {
|
|
662
|
-
* defaultSrc: ["'self'"],
|
|
663
|
-
* scriptSrc: ["'self'", "'unsafe-inline'"]
|
|
664
|
-
* }
|
|
665
|
-
* },
|
|
666
|
-
* hsts: { maxAge: 31536000 }
|
|
667
|
-
* }
|
|
668
|
-
* ```
|
|
669
|
-
*/
|
|
670
|
-
helmet?: boolean | HelmetConfig;
|
|
671
|
-
/**
|
|
672
|
-
* XSS Protection Configuration
|
|
673
|
-
*
|
|
674
|
-
* Protects against Cross-Site Scripting attacks by sanitizing input.
|
|
675
|
-
* Can be enabled/disabled or configured with custom sanitization rules.
|
|
676
|
-
*
|
|
677
|
-
* @example Enable with defaults:
|
|
678
|
-
* ```typescript
|
|
679
|
-
* xss: true
|
|
680
|
-
* ```
|
|
681
|
-
*
|
|
682
|
-
* @example Custom configuration:
|
|
683
|
-
* ```typescript
|
|
684
|
-
* xss: {
|
|
685
|
-
* blockOnDetection: true,
|
|
686
|
-
* customPatterns: [/custom-pattern/g],
|
|
687
|
-
* whitelist: { a: ['href', 'title'] }
|
|
688
|
-
* }
|
|
689
|
-
* ```
|
|
690
|
-
*/
|
|
691
|
-
xss?: boolean | XSSConfig;
|
|
692
|
-
/**
|
|
693
|
-
* SQL Injection Protection Configuration
|
|
694
|
-
*
|
|
695
|
-
* Detects and prevents SQL injection attacks in request data.
|
|
696
|
-
* Can be enabled/disabled or configured with custom detection rules.
|
|
697
|
-
*
|
|
698
|
-
* @example Enable with defaults:
|
|
699
|
-
* ```typescript
|
|
700
|
-
* sqlInjection: true
|
|
701
|
-
* ```
|
|
702
|
-
*
|
|
703
|
-
* @example Custom configuration:
|
|
704
|
-
* ```typescript
|
|
705
|
-
* sqlInjection: {
|
|
706
|
-
* blockOnDetection: true,
|
|
707
|
-
* riskThreshold: 'medium',
|
|
708
|
-
* customPatterns: [/custom-sql-pattern/g]
|
|
709
|
-
* }
|
|
710
|
-
* ```
|
|
711
|
-
*/
|
|
712
|
-
sqlInjection?: boolean | SQLInjectionConfig;
|
|
713
|
-
/**
|
|
714
|
-
* Path Traversal Protection Configuration
|
|
715
|
-
*
|
|
716
|
-
* Detects and prevents directory traversal attacks while allowing legitimate file paths.
|
|
717
|
-
* Can be enabled/disabled or configured with custom detection rules.
|
|
718
|
-
*
|
|
719
|
-
* @example Enable with defaults:
|
|
720
|
-
* ```typescript
|
|
721
|
-
* pathTraversal: true
|
|
722
|
-
* ```
|
|
723
|
-
*
|
|
724
|
-
* @example Custom configuration:
|
|
725
|
-
* ```typescript
|
|
726
|
-
* pathTraversal: {
|
|
727
|
-
* blockOnDetection: true,
|
|
728
|
-
* allowedPaths: ['/uploads/', '/public/'],
|
|
729
|
-
* allowedExtensions: ['.jpg', '.png', '.pdf'],
|
|
730
|
-
* maxDepth: 3
|
|
731
|
-
* }
|
|
732
|
-
* ```
|
|
733
|
-
*/
|
|
734
|
-
pathTraversal?: boolean | PathTraversalConfig;
|
|
735
|
-
/**
|
|
736
|
-
* Command Injection Protection Configuration
|
|
737
|
-
*
|
|
738
|
-
* Detects and prevents OS command injection attacks with context awareness.
|
|
739
|
-
* Can be enabled/disabled or configured with custom detection rules.
|
|
740
|
-
*
|
|
741
|
-
* @example Enable with defaults:
|
|
742
|
-
* ```typescript
|
|
743
|
-
* commandInjection: true
|
|
744
|
-
* ```
|
|
745
|
-
*
|
|
746
|
-
* @example Custom configuration:
|
|
747
|
-
* ```typescript
|
|
748
|
-
* commandInjection: {
|
|
749
|
-
* blockOnDetection: true,
|
|
750
|
-
* contextualAnalysis: true,
|
|
751
|
-
* allowedCommands: ['git', 'npm']
|
|
752
|
-
* }
|
|
753
|
-
* ```
|
|
754
|
-
*/
|
|
755
|
-
commandInjection?: boolean | CommandInjectionConfig;
|
|
756
|
-
/**
|
|
757
|
-
* XXE (XML External Entity) Protection Configuration
|
|
758
|
-
*
|
|
759
|
-
* Prevents XXE attacks in XML parsing.
|
|
760
|
-
* Can be enabled/disabled or configured with custom detection rules.
|
|
761
|
-
*
|
|
762
|
-
* @example Enable with defaults:
|
|
763
|
-
* ```typescript
|
|
764
|
-
* xxe: true
|
|
765
|
-
* ```
|
|
766
|
-
*
|
|
767
|
-
* @example Custom configuration:
|
|
768
|
-
* ```typescript
|
|
769
|
-
* xxe: {
|
|
770
|
-
* blockOnDetection: true,
|
|
771
|
-
* allowDTD: false,
|
|
772
|
-
* allowExternalEntities: false
|
|
773
|
-
* }
|
|
774
|
-
* ```
|
|
775
|
-
*/
|
|
776
|
-
xxe?: boolean | XXEConfig;
|
|
777
|
-
/**
|
|
778
|
-
* LDAP Injection Protection Configuration
|
|
779
|
-
*
|
|
780
|
-
* Detects and prevents LDAP injection attacks.
|
|
781
|
-
* Can be enabled/disabled or configured with custom detection rules.
|
|
782
|
-
*
|
|
783
|
-
* @example Enable with defaults:
|
|
784
|
-
* ```typescript
|
|
785
|
-
* ldapInjection: true
|
|
786
|
-
* ```
|
|
787
|
-
*
|
|
788
|
-
* @example Custom configuration:
|
|
789
|
-
* ```typescript
|
|
790
|
-
* ldapInjection: {
|
|
791
|
-
* blockOnDetection: true,
|
|
792
|
-
* strictMode: true
|
|
793
|
-
* }
|
|
794
|
-
* ```
|
|
795
|
-
*/
|
|
796
|
-
ldapInjection?: boolean | LDAPInjectionConfig;
|
|
797
|
-
/**
|
|
798
|
-
* Brute Force Protection Configuration
|
|
799
|
-
*
|
|
800
|
-
* Specialized protection against brute force attacks on authentication endpoints.
|
|
801
|
-
* More aggressive than general rate limiting, designed for login/password attempts.
|
|
802
|
-
* Can be enabled/disabled or configured with custom protection rules.
|
|
803
|
-
*
|
|
804
|
-
* @example Enable with defaults:
|
|
805
|
-
* ```typescript
|
|
806
|
-
* bruteForce: true
|
|
807
|
-
* ```
|
|
808
|
-
*
|
|
809
|
-
* @example Custom brute force protection:
|
|
810
|
-
* ```typescript
|
|
811
|
-
* bruteForce: {
|
|
812
|
-
* windowMs: 15 * 60 * 1000, // 15 minutes
|
|
813
|
-
* max: 5, // only 5 attempts per window (stricter than rateLimit)
|
|
814
|
-
* message: 'Too many login attempts, account temporarily locked.',
|
|
815
|
-
* standardHeaders: true
|
|
816
|
-
* }
|
|
817
|
-
* ```
|
|
818
|
-
*/
|
|
819
|
-
bruteForce?: boolean | RateLimitConfig;
|
|
820
|
-
/**
|
|
821
|
-
* Honeypot Tarpit Configuration (Bot & Scanner Neutralization)
|
|
822
|
-
*
|
|
823
|
-
* Instantly blocks vulnerability scanners by performing an ultra-fast O(1)
|
|
824
|
-
* lookup on common malicious payload signatures (e.g., `/.env`, `/.git`).
|
|
825
|
-
* Prevents wasted CPU cycles from regex ReDoS and framework routing.
|
|
826
|
-
* By default, this is implicitly **TRUE**.
|
|
827
|
-
*
|
|
828
|
-
* @example Disable honeypot tarpit (Not recommended)
|
|
829
|
-
* ```typescript
|
|
830
|
-
* honeypotTarpit: false
|
|
831
|
-
* ```
|
|
832
|
-
*/
|
|
833
|
-
honeypotTarpit?: boolean;
|
|
834
|
-
/**
|
|
835
|
-
* Rate Limiting Configuration
|
|
836
|
-
*
|
|
837
|
-
* General rate limiting to prevent abuse and control request frequency.
|
|
838
|
-
* Can be enabled/disabled or configured with custom rate limiting rules.
|
|
839
|
-
*
|
|
840
|
-
* @example Enable with defaults:
|
|
841
|
-
* ```typescript
|
|
842
|
-
* rateLimit: true
|
|
843
|
-
* ```
|
|
844
|
-
*
|
|
845
|
-
* @example Custom rate limiting:
|
|
846
|
-
* ```typescript
|
|
847
|
-
* rateLimit: {
|
|
848
|
-
* windowMs: 15 * 60 * 1000, // 15 minutes
|
|
849
|
-
* max: 100, // limit each IP to 100 requests per windowMs
|
|
850
|
-
* message: 'Too many requests, please try again later.',
|
|
851
|
-
* standardHeaders: true
|
|
852
|
-
* }
|
|
853
|
-
* ```
|
|
854
|
-
*/
|
|
855
|
-
rateLimit?: boolean | RateLimitConfig;
|
|
856
|
-
/**
|
|
857
|
-
* CORS Configuration
|
|
858
|
-
*
|
|
859
|
-
* Cross-Origin Resource Sharing settings for API access control.
|
|
860
|
-
* Can be enabled/disabled or configured with custom CORS policies.
|
|
861
|
-
*
|
|
862
|
-
* @example Enable with defaults:
|
|
863
|
-
* ```typescript
|
|
864
|
-
* cors: true
|
|
865
|
-
* ```
|
|
866
|
-
*
|
|
867
|
-
* @example Custom CORS policy:
|
|
868
|
-
* ```typescript
|
|
869
|
-
* cors: {
|
|
870
|
-
* origin: ['https://myapp.com', 'https://admin.myapp.com'],
|
|
871
|
-
* methods: ['GET', 'POST', 'PUT', 'DELETE'],
|
|
872
|
-
* allowedHeaders: ['Content-Type', 'Authorization'],
|
|
873
|
-
* credentials: true,
|
|
874
|
-
* maxAge: 86400
|
|
875
|
-
* }
|
|
876
|
-
* ```
|
|
877
|
-
*/
|
|
878
|
-
cors?: boolean | CORSConfig;
|
|
879
|
-
/**
|
|
880
|
-
* Compression Configuration
|
|
881
|
-
*
|
|
882
|
-
* Response compression to reduce bandwidth and improve performance.
|
|
883
|
-
* Can be enabled/disabled or configured with custom compression settings.
|
|
884
|
-
*
|
|
885
|
-
* @example Enable with defaults:
|
|
886
|
-
* ```typescript
|
|
887
|
-
* compression: true
|
|
888
|
-
* ```
|
|
889
|
-
*
|
|
890
|
-
* @example Custom compression:
|
|
891
|
-
* ```typescript
|
|
892
|
-
* compression: {
|
|
893
|
-
* level: 6, // compression level (1-9)
|
|
894
|
-
* threshold: 1024, // minimum response size to compress
|
|
895
|
-
* filter: (req, res) => {
|
|
896
|
-
* // custom filter logic
|
|
897
|
-
* return /json|text|javascript|css/.test(res.get('Content-Type'));
|
|
898
|
-
* }
|
|
899
|
-
* }
|
|
900
|
-
* ```
|
|
901
|
-
*/
|
|
902
|
-
compression?: boolean | CompressionConfig;
|
|
903
|
-
/**
|
|
904
|
-
* HTTP Parameter Pollution Protection Configuration
|
|
905
|
-
*
|
|
906
|
-
* Prevents HTTP Parameter Pollution attacks by handling duplicate parameters.
|
|
907
|
-
* Can be enabled/disabled or configured with custom parameter handling.
|
|
908
|
-
*
|
|
909
|
-
* @example Enable with defaults:
|
|
910
|
-
* ```typescript
|
|
911
|
-
* hpp: true
|
|
912
|
-
* ```
|
|
913
|
-
*
|
|
914
|
-
* @example Custom configuration:
|
|
915
|
-
* ```typescript
|
|
916
|
-
* hpp: {
|
|
917
|
-
* whitelist: ['tags', 'categories'], // allow arrays for these params
|
|
918
|
-
* checkQuery: true,
|
|
919
|
-
* checkBody: true
|
|
920
|
-
* }
|
|
921
|
-
* ```
|
|
922
|
-
*/
|
|
923
|
-
hpp?: boolean | HPPConfig;
|
|
924
|
-
/**
|
|
925
|
-
* MongoDB Injection Protection Configuration
|
|
926
|
-
*
|
|
927
|
-
* Sanitizes MongoDB queries to prevent NoSQL injection attacks.
|
|
928
|
-
* Can be enabled/disabled or configured with custom sanitization rules.
|
|
929
|
-
*
|
|
930
|
-
* @example Enable with defaults:
|
|
931
|
-
* ```typescript
|
|
932
|
-
* mongoSanitize: true
|
|
933
|
-
* ```
|
|
934
|
-
*
|
|
935
|
-
* @example Custom configuration:
|
|
936
|
-
* ```typescript
|
|
937
|
-
* mongoSanitize: {
|
|
938
|
-
* replaceWith: '_',
|
|
939
|
-
* onSanitize: ({ req, key }) => {
|
|
940
|
-
* console.warn(`Sanitized MongoDB key: ${key} from ${req.ip}`);
|
|
941
|
-
* }
|
|
942
|
-
* }
|
|
943
|
-
* ```
|
|
944
|
-
*/
|
|
945
|
-
mongoSanitize?: boolean | MongoSanitizeConfig;
|
|
946
|
-
/**
|
|
947
|
-
* @deprecated Morgan is not supported in XyPriss. This field has no effect and
|
|
948
|
-
* will be removed in a future version.
|
|
949
|
-
*
|
|
950
|
-
* Using morgan in a XyPriss application may expose your application to undocumented
|
|
951
|
-
* internal behaviors, telemetry risks, and integration failures with the XHSC engine.
|
|
952
|
-
*
|
|
953
|
-
* Use the Xyphra plugin for secure, native request logging:
|
|
954
|
-
* @see https://github.com/Nehonix-Team/xyphra
|
|
955
|
-
*
|
|
956
|
-
* @example Correct approach:
|
|
957
|
-
* ```typescript
|
|
958
|
-
* plugins: {
|
|
959
|
-
* register: [
|
|
960
|
-
* XyphraPlugin({ anonymizeIp: true })
|
|
961
|
-
* ]
|
|
962
|
-
* }
|
|
963
|
-
* ```
|
|
964
|
-
*/
|
|
965
|
-
morgan?: never;
|
|
966
|
-
/**
|
|
967
|
-
* Slow Down Configuration
|
|
968
|
-
*
|
|
969
|
-
* Progressive delays for rate limiting to prevent abuse.
|
|
970
|
-
* Can be enabled/disabled or configured with custom delay patterns.
|
|
971
|
-
*
|
|
972
|
-
* @example Enable with defaults:
|
|
973
|
-
* ```typescript
|
|
974
|
-
* slowDown: true
|
|
975
|
-
* ```
|
|
976
|
-
*
|
|
977
|
-
* @example Custom slow down:
|
|
978
|
-
* ```typescript
|
|
979
|
-
* slowDown: {
|
|
980
|
-
* windowMs: 15 * 60 * 1000, // 15 minutes
|
|
981
|
-
* delayAfter: 100, // delay after 100 requests
|
|
982
|
-
* delayMs: (used, req) => {
|
|
983
|
-
* const delayAfter = req.slowDown?.limit || 100;
|
|
984
|
-
* return (used - delayAfter) * 500; // 500ms per request over limit
|
|
985
|
-
* }
|
|
986
|
-
* }
|
|
987
|
-
* ```
|
|
988
|
-
*/
|
|
989
|
-
slowDown?: boolean | SlowDownConfig;
|
|
990
|
-
/** Encryption configuration */
|
|
991
|
-
encryption?: EncryptionConfig;
|
|
992
|
-
/** Authentication configuration */
|
|
993
|
-
authentication?: AuthenticationConfig;
|
|
994
|
-
/**
|
|
995
|
-
* Browser-Only Protection Configuration
|
|
996
|
-
*
|
|
997
|
-
* Blocks non-browser requests (cURL, Postman, scripts) while allowing legitimate browser access.
|
|
998
|
-
* Useful for APIs that should only be accessed through web browsers.
|
|
999
|
-
*
|
|
1000
|
-
* @example Enable with defaults:
|
|
1001
|
-
* ```typescript
|
|
1002
|
-
* browserOnly: true
|
|
1003
|
-
* ```
|
|
1004
|
-
*
|
|
1005
|
-
* @example Custom configuration:
|
|
1006
|
-
* ```typescript
|
|
1007
|
-
* browserOnly: {
|
|
1008
|
-
* requireSecFetch: true,
|
|
1009
|
-
* blockAutomationTools: true,
|
|
1010
|
-
* allowOriginRequests: true,
|
|
1011
|
-
* errorMessage: "Browser access required"
|
|
1012
|
-
* }
|
|
1013
|
-
* ```
|
|
1014
|
-
*/
|
|
1015
|
-
browserOnly?: boolean | BrowserOnlyConfig;
|
|
1016
|
-
/**
|
|
1017
|
-
* Terminal-Only Protection Configuration
|
|
1018
|
-
*
|
|
1019
|
-
* Blocks browser requests while allowing terminal/API tools.
|
|
1020
|
-
* Perfect for API-only endpoints or development tools.
|
|
1021
|
-
*
|
|
1022
|
-
* @example Enable with defaults:
|
|
1023
|
-
* ```typescript
|
|
1024
|
-
* terminalOnly: true
|
|
1025
|
-
* ```
|
|
1026
|
-
*
|
|
1027
|
-
* @example Custom configuration:
|
|
1028
|
-
* ```typescript
|
|
1029
|
-
* terminalOnly: {
|
|
1030
|
-
* blockSecFetch: true,
|
|
1031
|
-
* allowedTools: ["curl", "wget"],
|
|
1032
|
-
* blockBrowserIndicators: true,
|
|
1033
|
-
* debug: true
|
|
1034
|
-
* }
|
|
1035
|
-
* ```
|
|
1036
|
-
*/
|
|
1037
|
-
terminalOnly?: boolean | TerminalOnlyConfig;
|
|
1038
|
-
/**
|
|
1039
|
-
* Mobile-Only Protection Configuration
|
|
1040
|
-
*
|
|
1041
|
-
* Blocks browser requests while allowing mobile app access.
|
|
1042
|
-
* Perfect for APIs that should only be accessed through mobile applications.
|
|
1043
|
-
*
|
|
1044
|
-
* @example Enable with defaults:
|
|
1045
|
-
* ```typescript
|
|
1046
|
-
* mobileOnly: true
|
|
1047
|
-
* ```
|
|
1048
|
-
*
|
|
1049
|
-
* @example Custom configuration:
|
|
1050
|
-
* ```typescript
|
|
1051
|
-
* mobileOnly: {
|
|
1052
|
-
* blockBrowserIndicators: true,
|
|
1053
|
-
* allowedPlatforms: ['ios', 'android'],
|
|
1054
|
-
* requireMobileHeaders: true,
|
|
1055
|
-
* customUserAgentPatterns: [/MyApp/i],
|
|
1056
|
-
* errorMessage: "Mobile app access required"
|
|
1057
|
-
* }
|
|
1058
|
-
* ```
|
|
1059
|
-
*/
|
|
1060
|
-
mobileOnly?: boolean | import("../../middleware/built-in/security/MobileOnlyProtector").MobileOnlyConfig;
|
|
1061
|
-
/**
|
|
1062
|
-
* Device Access Control Configuration
|
|
1063
|
-
*
|
|
1064
|
-
* Comprehensive device-based access control allowing multiple device types.
|
|
1065
|
-
* Enables fine-grained control over which devices can access your API.
|
|
1066
|
-
*
|
|
1067
|
-
* @example Allow only mobile apps:
|
|
1068
|
-
* ```typescript
|
|
1069
|
-
* deviceAccess: {
|
|
1070
|
-
* mobileOnly: true
|
|
1071
|
-
* }
|
|
1072
|
-
* ```
|
|
1073
|
-
*
|
|
1074
|
-
* @example Allow mobile apps and browsers:
|
|
1075
|
-
* ```typescript
|
|
1076
|
-
* deviceAccess: {
|
|
1077
|
-
* mobileOnly: true,
|
|
1078
|
-
* browserOnly: true
|
|
1079
|
-
* }
|
|
1080
|
-
* ```
|
|
1081
|
-
*
|
|
1082
|
-
* @example Allow all except browsers:
|
|
1083
|
-
* ```typescript
|
|
1084
|
-
* deviceAccess: {
|
|
1085
|
-
* mobileOnly: true,
|
|
1086
|
-
* terminalOnly: true,
|
|
1087
|
-
* browserOnly: false
|
|
1088
|
-
* }
|
|
1089
|
-
* ```
|
|
1090
|
-
*/
|
|
1091
|
-
deviceAccess?: {
|
|
1092
|
-
/** Allow only browser requests */
|
|
1093
|
-
browserOnly?: boolean | BrowserOnlyConfig;
|
|
1094
|
-
/** Allow only terminal/API tool requests */
|
|
1095
|
-
terminalOnly?: boolean | TerminalOnlyConfig;
|
|
1096
|
-
/** Allow only mobile app requests */
|
|
1097
|
-
mobileOnly?: boolean | import("../../middleware/built-in/security/MobileOnlyProtector").MobileOnlyConfig;
|
|
1098
|
-
};
|
|
1099
|
-
/**
|
|
1100
|
-
* XyRS - XyPriss Request Signature Configuration
|
|
1101
|
-
*
|
|
1102
|
-
* Validates request signatures using the XP-Request-Sig header.
|
|
1103
|
-
* Provides API authentication by requiring a secret signature on all requests.
|
|
1104
|
-
*
|
|
1105
|
-
* @example Enable with secret:
|
|
1106
|
-
* ```typescript
|
|
1107
|
-
* requestSignature: {
|
|
1108
|
-
* secret: "my-secret-api-key"
|
|
1109
|
-
* }
|
|
1110
|
-
* ```
|
|
1111
|
-
*
|
|
1112
|
-
* @example Custom configuration:
|
|
1113
|
-
* ```typescript
|
|
1114
|
-
* requestSignature: {
|
|
1115
|
-
* secret: "my-secret-api-key",
|
|
1116
|
-
* errorMessage: "API key required",
|
|
1117
|
-
* statusCode: 403,
|
|
1118
|
-
* caseSensitive: false
|
|
1119
|
-
* }
|
|
1120
|
-
* ```
|
|
1121
|
-
*/
|
|
1122
|
-
requestSignature?: boolean | RequestSignatureConfig;
|
|
1123
|
-
}
|
|
1124
|
-
/**
|
|
1125
|
-
* Encryption configuration interface.
|
|
1126
|
-
*
|
|
1127
|
-
* Settings for data encryption including algorithm
|
|
1128
|
-
* selection and key management.
|
|
1129
|
-
*
|
|
1130
|
-
* @interface EncryptionConfig
|
|
1131
|
-
*
|
|
1132
|
-
* @example
|
|
1133
|
-
* ```typescript
|
|
1134
|
-
* const encryptionConfig: EncryptionConfig = {
|
|
1135
|
-
* algorithm: 'aes-256-gcm',
|
|
1136
|
-
* keySize: 256
|
|
1137
|
-
* };
|
|
1138
|
-
* ```
|
|
1139
|
-
*/
|
|
1140
|
-
export interface EncryptionConfig {
|
|
1141
|
-
/** Encryption algorithm to use */
|
|
1142
|
-
algorithm?: string;
|
|
1143
|
-
/** Key size in bits */
|
|
1144
|
-
keySize?: number;
|
|
1145
|
-
}
|
|
1146
|
-
/**
|
|
1147
|
-
* Authentication configuration interface.
|
|
1148
|
-
*
|
|
1149
|
-
* Configuration for various authentication methods
|
|
1150
|
-
* including JWT and session-based authentication.
|
|
1151
|
-
*
|
|
1152
|
-
* @interface AuthenticationConfig
|
|
1153
|
-
*
|
|
1154
|
-
* @example
|
|
1155
|
-
* ```typescript
|
|
1156
|
-
* const authConfig: AuthenticationConfig = {
|
|
1157
|
-
* jwt: {
|
|
1158
|
-
* secret: 'your-jwt-secret',
|
|
1159
|
-
* expiresIn: '24h',
|
|
1160
|
-
* algorithm: 'HS256',
|
|
1161
|
-
* issuer: 'your-app',
|
|
1162
|
-
* audience: 'your-users'
|
|
1163
|
-
* },
|
|
1164
|
-
* session: {
|
|
1165
|
-
* secret: 'your-session-secret',
|
|
1166
|
-
* name: 'sessionId',
|
|
1167
|
-
* cookie: {
|
|
1168
|
-
* maxAge: 86400000, // 24 hours
|
|
1169
|
-
* secure: true,
|
|
1170
|
-
* httpOnly: true,
|
|
1171
|
-
* sameSite: 'strict'
|
|
1172
|
-
* }
|
|
1173
|
-
* }
|
|
1174
|
-
* };
|
|
1175
|
-
* ```
|
|
1176
|
-
*/
|
|
1177
|
-
export interface AuthenticationConfig {
|
|
1178
|
-
/** JWT authentication configuration */
|
|
1179
|
-
jwt?: JWTConfig;
|
|
1180
|
-
/** Session authentication configuration */
|
|
1181
|
-
session?: SessionConfig;
|
|
1182
|
-
}
|
|
1183
|
-
/**
|
|
1184
|
-
* JWT (JSON Web Token) configuration interface.
|
|
1185
|
-
*
|
|
1186
|
-
* Configuration for JWT-based authentication including
|
|
1187
|
-
* signing algorithms and token validation.
|
|
1188
|
-
*
|
|
1189
|
-
* @interface JWTConfig
|
|
1190
|
-
*
|
|
1191
|
-
* @example
|
|
1192
|
-
* ```typescript
|
|
1193
|
-
* const jwtConfig: JWTConfig = {
|
|
1194
|
-
* secret: 'your-256-bit-secret',
|
|
1195
|
-
* expiresIn: '24h',
|
|
1196
|
-
* algorithm: 'HS256',
|
|
1197
|
-
* issuer: 'your-application',
|
|
1198
|
-
* audience: 'your-users'
|
|
1199
|
-
* };
|
|
1200
|
-
* ```
|
|
1201
|
-
*/
|
|
1202
|
-
export interface JWTConfig {
|
|
1203
|
-
/** Secret key for signing tokens */
|
|
1204
|
-
secret: string;
|
|
1205
|
-
/** Token expiration time (e.g., '24h', '7d', '30m') */
|
|
1206
|
-
expiresIn?: string;
|
|
1207
|
-
/** Signing algorithm */
|
|
1208
|
-
algorithm?: string;
|
|
1209
|
-
/** Token issuer */
|
|
1210
|
-
issuer?: string;
|
|
1211
|
-
/** Token audience */
|
|
1212
|
-
audience?: string;
|
|
1213
|
-
}
|
|
1214
|
-
/**
|
|
1215
|
-
* Session configuration interface.
|
|
1216
|
-
*
|
|
1217
|
-
* Configuration for session-based authentication including
|
|
1218
|
-
* cookie settings and storage options.
|
|
1219
|
-
*
|
|
1220
|
-
* @interface SessionConfig
|
|
1221
|
-
*
|
|
1222
|
-
* @example
|
|
1223
|
-
* ```typescript
|
|
1224
|
-
* const sessionConfig: SessionConfig = {
|
|
1225
|
-
* secret: 'your-session-secret',
|
|
1226
|
-
* name: 'connect.sid',
|
|
1227
|
-
* cookie: {
|
|
1228
|
-
* maxAge: 86400000, // 24 hours
|
|
1229
|
-
* secure: true,
|
|
1230
|
-
* httpOnly: true,
|
|
1231
|
-
* sameSite: 'strict'
|
|
1232
|
-
* },
|
|
1233
|
-
* store: 'redis'
|
|
1234
|
-
* };
|
|
1235
|
-
* ```
|
|
1236
|
-
*/
|
|
1237
|
-
export interface SessionConfig {
|
|
1238
|
-
/** Secret for signing session cookies */
|
|
1239
|
-
secret: string;
|
|
1240
|
-
/** Session cookie name */
|
|
1241
|
-
name?: string;
|
|
1242
|
-
/** Cookie configuration */
|
|
1243
|
-
cookie?: SessionCookieConfig;
|
|
1244
|
-
/** Session store type */
|
|
1245
|
-
store?: "memory" | "redis" | "custom";
|
|
1246
|
-
}
|
|
1247
|
-
/**
|
|
1248
|
-
* Session cookie configuration interface.
|
|
1249
|
-
*
|
|
1250
|
-
* Detailed configuration for session cookies including
|
|
1251
|
-
* security and expiration settings.
|
|
1252
|
-
*
|
|
1253
|
-
* @interface SessionCookieConfig
|
|
1254
|
-
*
|
|
1255
|
-
* @example
|
|
1256
|
-
* ```typescript
|
|
1257
|
-
* const cookieConfig: SessionCookieConfig = {
|
|
1258
|
-
* maxAge: 86400000, // 24 hours
|
|
1259
|
-
* secure: true,
|
|
1260
|
-
* httpOnly: true,
|
|
1261
|
-
* sameSite: 'strict'
|
|
1262
|
-
* };
|
|
1263
|
-
* ```
|
|
1264
|
-
*/
|
|
1265
|
-
export interface SessionCookieConfig {
|
|
1266
|
-
/** Cookie expiration time in milliseconds */
|
|
1267
|
-
maxAge?: number;
|
|
1268
|
-
/** Require HTTPS for cookie transmission */
|
|
1269
|
-
secure?: boolean;
|
|
1270
|
-
/** Prevent client-side JavaScript access */
|
|
1271
|
-
httpOnly?: boolean;
|
|
1272
|
-
/** SameSite cookie attribute */
|
|
1273
|
-
sameSite?: boolean | "lax" | "strict" | "none";
|
|
1274
|
-
}
|
|
1275
|
-
/**
|
|
1276
|
-
* SSL/TLS configuration interface.
|
|
1277
|
-
*
|
|
1278
|
-
* Configuration for SSL/TLS encryption including
|
|
1279
|
-
* certificates and security options.
|
|
1280
|
-
*
|
|
1281
|
-
* @interface SSLConfig
|
|
1282
|
-
*
|
|
1283
|
-
* @example
|
|
1284
|
-
* ```typescript
|
|
1285
|
-
* const sslConfig: SSLConfig = {
|
|
1286
|
-
* key: fs.readFileSync('path/to/private-key.pem', 'utf8'),
|
|
1287
|
-
* cert: fs.readFileSync('path/to/certificate.pem', 'utf8'),
|
|
1288
|
-
* ca: fs.readFileSync('path/to/ca-certificate.pem', 'utf8'),
|
|
1289
|
-
* passphrase: 'your-passphrase'
|
|
1290
|
-
* };
|
|
1291
|
-
* ```
|
|
1292
|
-
*/
|
|
1293
|
-
export interface SSLConfig {
|
|
1294
|
-
/** Private key for SSL certificate */
|
|
1295
|
-
key: string;
|
|
1296
|
-
/** SSL certificate */
|
|
1297
|
-
cert: string;
|
|
1298
|
-
/** Certificate Authority certificate */
|
|
1299
|
-
ca?: string;
|
|
1300
|
-
/** Passphrase for private key */
|
|
1301
|
-
passphrase?: string;
|
|
1302
|
-
}
|
|
1303
|
-
/**
|
|
1304
|
-
* CORS (Cross-Origin Resource Sharing) configuration interface.
|
|
1305
|
-
*
|
|
1306
|
-
* Configuration for CORS policies including allowed origins,
|
|
1307
|
-
* methods, and headers.
|
|
1308
|
-
*
|
|
1309
|
-
* By default, all headers are allowed to be developer-friendly.
|
|
1310
|
-
* You can restrict headers by specifying the allowedHeaders array.
|
|
1311
|
-
*
|
|
1312
|
-
* @interface CORSConfig
|
|
1313
|
-
*
|
|
1314
|
-
* @example
|
|
1315
|
-
* ```typescript
|
|
1316
|
-
* // Allow all origins (default - developer-friendly)
|
|
1317
|
-
* const corsConfig: CORSConfig = {
|
|
1318
|
-
* origin: '*',
|
|
1319
|
-
* methods: ['GET', 'POST', 'PUT', 'DELETE'],
|
|
1320
|
-
* credentials: true
|
|
1321
|
-
* };
|
|
1322
|
-
*
|
|
1323
|
-
* // Restrict specific origins (production)
|
|
1324
|
-
* const restrictiveCorsConfig: CORSConfig = {
|
|
1325
|
-
* origin: ['https://example.com', 'https://app.example.com'],
|
|
1326
|
-
* methods: ['GET', 'POST', 'PUT', 'DELETE'],
|
|
1327
|
-
* allowedHeaders: ['Content-Type', 'Authorization'],
|
|
1328
|
-
* credentials: true
|
|
1329
|
-
* };
|
|
1330
|
-
*
|
|
1331
|
-
* // Advanced patterns with RegExp (powerful and flexible)
|
|
1332
|
-
* const advancedCorsConfig: CORSConfig = {
|
|
1333
|
-
* origin: [
|
|
1334
|
-
* /^localhost:\d+$/, // localhost:3000, localhost:8080, etc.
|
|
1335
|
-
* /^127\.0\.0\.1:\d+$/, // 127.0.0.1:3000, etc.
|
|
1336
|
-
* /^::1:\d+$/, // IPv6 localhost
|
|
1337
|
-
* /\.test\.com$/, // *.test.com
|
|
1338
|
-
* 'https://production.com' // Exact match
|
|
1339
|
-
* ],
|
|
1340
|
-
* methods: ['GET', 'POST'],
|
|
1341
|
-
* credentials: true
|
|
1342
|
-
* };
|
|
1343
|
-
* ```
|
|
1344
|
-
*/
|
|
1345
|
-
export interface CORSConfig {
|
|
1346
|
-
/** Allowed origins - can be string, RegExp, array of mixed types, or boolean */
|
|
1347
|
-
origin?: string | RegExp | (string | RegExp)[] | boolean;
|
|
1348
|
-
/** Allowed HTTP methods */
|
|
1349
|
-
methods?: string[];
|
|
1350
|
-
/**
|
|
1351
|
-
* Allowed headers - if not specified, all headers are allowed by default.
|
|
1352
|
-
* Specify this array to restrict which headers are allowed.
|
|
1353
|
-
*/
|
|
1354
|
-
allowedHeaders?: string[];
|
|
1355
|
-
/** Allow credentials in CORS requests */
|
|
1356
|
-
credentials?: boolean;
|
|
1357
|
-
}
|
|
1358
|
-
/**
|
|
1359
|
-
* Rate limiting configuration interface.
|
|
1360
|
-
*
|
|
1361
|
-
* Configuration for rate limiting including time windows,
|
|
1362
|
-
* request limits, and custom messages.
|
|
1363
|
-
*
|
|
1364
|
-
* @interface RateLimitConfig
|
|
1365
|
-
*
|
|
1366
|
-
* @example
|
|
1367
|
-
* ```typescript
|
|
1368
|
-
* // String message
|
|
1369
|
-
* const rateLimitConfig: RateLimitConfig = {
|
|
1370
|
-
* windowMs: 900000, // 15 minutes
|
|
1371
|
-
* max: 100, // 100 requests per window
|
|
1372
|
-
* message: 'Too many requests, please try again later',
|
|
1373
|
-
* standardHeaders: true,
|
|
1374
|
-
* legacyHeaders: false
|
|
1375
|
-
* };
|
|
1376
|
-
*
|
|
1377
|
-
* // Object message (more flexible)
|
|
1378
|
-
* const rateLimitConfig: RateLimitConfig = {
|
|
1379
|
-
* windowMs: 900000,
|
|
1380
|
-
* max: 100,
|
|
1381
|
-
* message: {
|
|
1382
|
-
* error: 'Rate limit exceeded',
|
|
1383
|
-
* message: 'Too many requests, please try again later',
|
|
1384
|
-
* retryAfter: 900
|
|
1385
|
-
* },
|
|
1386
|
-
* standardHeaders: true,
|
|
1387
|
-
* legacyHeaders: false
|
|
1388
|
-
* };
|
|
1389
|
-
* ```
|
|
1390
|
-
*/
|
|
1391
|
-
export interface RateLimitConfig {
|
|
1392
|
-
/** Time window in milliseconds */
|
|
1393
|
-
windowMs?: number;
|
|
1394
|
-
/** Maximum requests per window */
|
|
1395
|
-
max?: number;
|
|
1396
|
-
/** Message to send when limit is exceeded (string or object) */
|
|
1397
|
-
message?: string | {
|
|
1398
|
-
error?: string;
|
|
1399
|
-
message?: string;
|
|
1400
|
-
retryAfter?: number;
|
|
1401
|
-
[key: string]: any;
|
|
1402
|
-
};
|
|
1403
|
-
/** Include standard rate limit headers */
|
|
1404
|
-
standardHeaders?: boolean;
|
|
1405
|
-
/** Include legacy rate limit headers */
|
|
1406
|
-
legacyHeaders?: boolean;
|
|
1407
|
-
/**
|
|
1408
|
-
* Custom function to determine if a request should be skipped by the rate limiter.
|
|
1409
|
-
*
|
|
1410
|
-
* @param req The incoming request object
|
|
1411
|
-
* @param res The server response object
|
|
1412
|
-
* @returns {boolean} True if the request should bypass rate limiting, false otherwise.
|
|
1413
|
-
*
|
|
1414
|
-
* @note IMPORTANT: If this function is provided, the `excludePaths` setting is
|
|
1415
|
-
* ignored by default (it behaves as if `excludePaths` was empty) to prevent
|
|
1416
|
-
* conflicting exclusion rules.
|
|
1417
|
-
*
|
|
1418
|
-
* @example
|
|
1419
|
-
* ```typescript
|
|
1420
|
-
* skip: (req) => req.path.startsWith('/public/') || req.ip === '127.0.0.1'
|
|
1421
|
-
* ```
|
|
1422
|
-
*/
|
|
1423
|
-
skip?: (req: any, res: any) => boolean;
|
|
1424
|
-
/**
|
|
1425
|
-
* List of paths or patterns to exclude from rate limiting.
|
|
1426
|
-
*
|
|
1427
|
-
* @type {(string | RegExp)[]}
|
|
1428
|
-
*
|
|
1429
|
-
* - Strings starting with '/' are matched exactly or as a prefix.
|
|
1430
|
-
* - Regular expressions are tested against the `req.path`.
|
|
1431
|
-
*
|
|
1432
|
-
* @note By default, XyPriss excludes common endpoints like `/health`, `/ping`,
|
|
1433
|
-
* and static asset folders (`/static/`, `/assets/`).
|
|
1434
|
-
*
|
|
1435
|
-
* @warning This property is ignored if a `skip` function is defined.
|
|
1436
|
-
*
|
|
1437
|
-
* @example
|
|
1438
|
-
* ```typescript
|
|
1439
|
-
* excludePaths: ['/api/v1/status', /^\/internal\//]
|
|
1440
|
-
* ```
|
|
1441
|
-
*/
|
|
1442
|
-
excludePaths?: (string | RegExp)[];
|
|
1443
|
-
}
|
|
1444
|
-
/**
|
|
1445
|
-
* Route-specific security configuration interface.
|
|
1446
|
-
*
|
|
1447
|
-
* Security settings that can be applied to individual
|
|
1448
|
-
* routes or route groups.
|
|
1449
|
-
*
|
|
1450
|
-
* @interface RouteSecurityConfig
|
|
1451
|
-
*
|
|
1452
|
-
* @example
|
|
1453
|
-
* ```typescript
|
|
1454
|
-
* const routeSecurityConfig: RouteSecurityConfig = {
|
|
1455
|
-
* auth: true,
|
|
1456
|
-
* roles: ['admin', 'moderator'],
|
|
1457
|
-
* permissions: ['read:users', 'write:posts'],
|
|
1458
|
-
* encryption: true,
|
|
1459
|
-
* sanitization: true,
|
|
1460
|
-
* validation: true
|
|
1461
|
-
* };
|
|
1462
|
-
* ```
|
|
1463
|
-
*/
|
|
1464
|
-
export interface RouteSecurityConfig {
|
|
1465
|
-
/** Require authentication */
|
|
1466
|
-
auth?: boolean;
|
|
1467
|
-
/** Required user roles */
|
|
1468
|
-
roles?: string[];
|
|
1469
|
-
/** Required permissions */
|
|
1470
|
-
permissions?: string[];
|
|
1471
|
-
/** Enable response encryption */
|
|
1472
|
-
encryption?: boolean;
|
|
1473
|
-
/** Enable input sanitization */
|
|
1474
|
-
sanitization?: boolean;
|
|
1475
|
-
/** Enable input validation */
|
|
1476
|
-
validation?: boolean;
|
|
1477
|
-
}
|
|
1478
|
-
//# sourceMappingURL=security.d.ts.map
|