Big News: Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development.Announcement →
@angular/ssr
Advanced tools
@angular/ssr - npm Package Compare versions
@@ -1,1 +0,1 @@ | ||
| {"version":3,"file":"_validation-chunk.mjs","sources":["../../../../../../darwin_arm64-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/src/utils/validation.ts"],"sourcesContent":["/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\n/**\n * Internal sentinel string representing a wildcard rule to trust all proxy headers.\n */\nconst TRUST_ALL_PROXY_HEADERS = '*';\n\n/**\n * The set of headers that should be validated for host header injection attacks.\n */\nconst HOST_HEADERS_TO_VALIDATE: ReadonlyArray<string> = ['host', 'x-forwarded-host'];\n\n/**\n * Regular expression to validate that the port is a numeric value.\n */\nconst VALID_PORT_REGEX = /^\\d+$/;\n\n/**\n * Regular expression to validate that the protocol is either http or https (case-insensitive).\n */\nconst VALID_PROTO_REGEX = /^https?$/i;\n\n/**\n * Regular expression to validate that the prefix is valid. Validates that the prefix is a valid path prefix and nothing else.\n * It validates that the prefix starts with a forward slash and contains only letters, numbers, hyphens, underscores and forward slashes.\n */\nconst VALID_PREFIX_REGEX = /^\\/([a-z0-9_-]+\\/)*[a-z0-9_-]*$/i;\n\n/**\n * Extracts the first value from a multi-value header string.\n *\n * @param value - A string or an array of strings representing the header values.\n * If it's a string, values are expected to be comma-separated.\n * @returns The first trimmed value from the multi-value header, or `undefined` if the input is invalid or empty.\n *\n * @example\n * ```typescript\n * getFirstHeaderValue(\"value1, value2, value3\"); // \"value1\"\n * getFirstHeaderValue([\"value1\", \"value2\"]); // \"value1\"\n * getFirstHeaderValue(undefined); // undefined\n * ```\n */\nexport function getFirstHeaderValue(\n value: string | string[] | undefined | null,\n): string | undefined {\n return value?.toString().split(',', 1)[0]?.trim();\n}\n\n/**\n * Validates a request.\n *\n * @param request - The incoming `Request` object to validate.\n * @param allowedHosts - A set of allowed hostnames.\n * @param disableHostCheck - Whether to disable the host check.\n * @throws Error if any of the validated headers contain invalid values.\n */\nexport function validateRequest(\n request: Request,\n allowedHosts: ReadonlySet<string>,\n disableHostCheck: boolean,\n): void {\n validateHeaders(request, allowedHosts, disableHostCheck);\n\n if (!disableHostCheck) {\n validateUrl(new URL(request.url), allowedHosts);\n }\n}\n\n/**\n * Validates that the hostname of a given URL is allowed.\n *\n * @param url - The URL object to validate.\n * @param allowedHosts - A set of allowed hostnames.\n * @throws Error if the hostname is not in the allowlist.\n */\nexport function validateUrl(url: URL, allowedHosts: ReadonlySet<string>): void {\n const { hostname } = url;\n if (!isHostAllowed(hostname, allowedHosts)) {\n throw new Error(`URL with hostname \"${hostname}\" is not allowed.`);\n }\n}\n\n/**\n * Sanitizes the proxy headers of a request by removing unallowed `X-Forwarded-*` headers.\n * If no headers need to be removed, the original request is returned without cloning.\n *\n * @param request - The incoming `Request` object to sanitize.\n * @param trustProxyHeaders - A set of allowed proxy headers.\n * @returns The sanitized request, or the original request if no changes were needed.\n */\nexport function sanitizeRequestHeaders(\n request: Request,\n trustProxyHeaders: ReadonlySet<string>,\n): Request {\n let headersDeleted = false;\n const headers = new Headers();\n\n for (const [key, value] of request.headers) {\n const lowerKey = key.toLowerCase();\n if (lowerKey.startsWith('x-forwarded-') && !isProxyHeaderAllowed(lowerKey, trustProxyHeaders)) {\n // eslint-disable-next-line no-console\n console.warn(\n `Received \"${key}\" header but \"trustProxyHeaders\" was not set up to allow it.\\n` +\n `For more information, see https://angular.dev/best-practices/security#configuring-trusted-proxy-headers`,\n );\n headersDeleted = true;\n } else {\n headers.set(key, value);\n }\n }\n\n return headersDeleted\n ? new Request(request.clone(), {\n signal: request.signal,\n headers,\n })\n : request;\n}\n\n/**\n * Validates a specific host header value against the allowed hosts.\n *\n * @param headerName - The name of the header to validate (e.g., 'host', 'x-forwarded-host').\n * @param headerValue - The value of the header to validate.\n * @param allowedHosts - A set of allowed hostnames.\n * @throws Error if the header value is invalid or the hostname is not in the allowlist.\n */\nfunction verifyHostAllowed(\n headerName: string,\n headerValue: string,\n allowedHosts: ReadonlySet<string>,\n): void {\n const url = `http://${headerValue}`;\n if (!URL.canParse(url)) {\n throw new Error(`Header \"${headerName}\" contains an invalid value and cannot be parsed.`);\n }\n\n const { hostname, pathname, search, hash, username, password } = new URL(url);\n if (pathname !== '/' || search || hash || username || password) {\n throw new Error(\n `Header \"${headerName}\" with value \"${headerValue}\" contains characters that are not allowed.`,\n );\n }\n\n if (!isHostAllowed(hostname, allowedHosts)) {\n throw new Error(`Header \"${headerName}\" with value \"${headerValue}\" is not allowed.`);\n }\n}\n\n/**\n * Checks if the hostname is allowed.\n * @param hostname - The hostname to check.\n * @param allowedHosts - A set of allowed hostnames.\n * @returns `true` if the hostname is allowed, `false` otherwise.\n */\nfunction isHostAllowed(hostname: string, allowedHosts: ReadonlySet<string>): boolean {\n if (allowedHosts.has('*') || allowedHosts.has(hostname)) {\n return true;\n }\n\n for (const allowedHost of allowedHosts) {\n if (!allowedHost.startsWith('*.')) {\n continue;\n }\n\n const domain = allowedHost.slice(1);\n if (hostname.endsWith(domain)) {\n return true;\n }\n }\n\n return false;\n}\n\n/**\n * Validates the headers of an incoming request.\n *\n * @param request - The incoming `Request` object containing the headers to validate.\n * @param allowedHosts - A set of allowed hostnames.\n * @param disableHostCheck - Whether to disable the host check.\n * @throws Error if any of the validated headers contain invalid values.\n */\nfunction validateHeaders(\n request: Request,\n allowedHosts: ReadonlySet<string>,\n disableHostCheck: boolean,\n): void {\n const headers = request.headers;\n for (const headerName of HOST_HEADERS_TO_VALIDATE) {\n const headerValue = getFirstHeaderValue(headers.get(headerName));\n if (headerValue && !disableHostCheck) {\n verifyHostAllowed(headerName, headerValue, allowedHosts);\n }\n }\n\n const xForwardedPort = getFirstHeaderValue(headers.get('x-forwarded-port'));\n if (xForwardedPort && !VALID_PORT_REGEX.test(xForwardedPort)) {\n throw new Error('Header \"x-forwarded-port\" must be a numeric value.');\n }\n\n const xForwardedProto = getFirstHeaderValue(headers.get('x-forwarded-proto'));\n if (xForwardedProto && !VALID_PROTO_REGEX.test(xForwardedProto)) {\n throw new Error('Header \"x-forwarded-proto\" must be either \"http\" or \"https\".');\n }\n\n const xForwardedPrefix = getFirstHeaderValue(headers.get('x-forwarded-prefix'));\n if (xForwardedPrefix && !VALID_PREFIX_REGEX.test(xForwardedPrefix)) {\n throw new Error(\n 'Header \"x-forwarded-prefix\" is invalid. It must start with a \"/\" and contain ' +\n 'only alphanumeric characters, hyphens, and underscores, separated by single slashes.',\n );\n }\n}\n\n/**\n * Checks if a specific proxy header is allowed.\n *\n * @param headerName - The name of the proxy header to check.\n * @param trustProxyHeaders - A set of allowed proxy headers.\n * @returns `true` if the header is allowed, `false` otherwise.\n */\nexport function isProxyHeaderAllowed(\n headerName: string,\n trustProxyHeaders: ReadonlySet<string>,\n): boolean {\n return (\n trustProxyHeaders.has(TRUST_ALL_PROXY_HEADERS) ||\n trustProxyHeaders.has(headerName.toLowerCase())\n );\n}\n\n/**\n * Normalizes the `trustProxyHeaders` option to a consistent representation.\n * @param trustProxyHeaders The input `trustProxyHeaders` value.\n * @returns A `Set<string>` of normalized header names.\n */\nexport function normalizeTrustProxyHeaders(\n trustProxyHeaders: boolean | readonly string[] | undefined,\n): ReadonlySet<string> {\n if (!trustProxyHeaders) {\n return new Set();\n }\n\n if (trustProxyHeaders === true) {\n return new Set([TRUST_ALL_PROXY_HEADERS]);\n }\n\n const normalizedTrustedProxyHeaders = new Set(trustProxyHeaders.map((h) => h.toLowerCase()));\n if (normalizedTrustedProxyHeaders.has(TRUST_ALL_PROXY_HEADERS)) {\n throw new Error(\n `\"${TRUST_ALL_PROXY_HEADERS}\" is not allowed as a value for the \"trustProxyHeaders\" option.`,\n );\n }\n\n return normalizedTrustedProxyHeaders;\n}\n"],"names":["TRUST_ALL_PROXY_HEADERS","HOST_HEADERS_TO_VALIDATE","VALID_PORT_REGEX","VALID_PROTO_REGEX","VALID_PREFIX_REGEX","getFirstHeaderValue","value","toString","split","trim","validateRequest","request","allowedHosts","disableHostCheck","validateHeaders","validateUrl","URL","url","hostname","isHostAllowed","Error","sanitizeRequestHeaders","trustProxyHeaders","headersDeleted","headers","Headers","key","lowerKey","toLowerCase","startsWith","isProxyHeaderAllowed","console","warn","set","Request","clone","signal","verifyHostAllowed","headerName","headerValue","canParse","pathname","search","hash","username","password","has","allowedHost","domain","slice","endsWith","get","xForwardedPort","test","xForwardedProto","xForwardedPrefix","normalizeTrustProxyHeaders","Set","normalizedTrustedProxyHeaders","map","h"],"mappings":"AAWA,MAAMA,uBAAuB,GAAG,GAAG;AAKnC,MAAMC,wBAAwB,GAA0B,CAAC,MAAM,EAAE,kBAAkB,CAAC;AAKpF,MAAMC,gBAAgB,GAAG,OAAO;AAKhC,MAAMC,iBAAiB,GAAG,WAAW;AAMrC,MAAMC,kBAAkB,GAAG,kCAAkC;AAgBvD,SAAUC,mBAAmBA,CACjCC,KAA2C,EAAA;AAE3C,EAAA,OAAOA,KAAK,EAAEC,QAAQ,EAAE,CAACC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAEC,IAAI,EAAE;AACnD;SAUgBC,eAAeA,CAC7BC,OAAgB,EAChBC,YAAiC,EACjCC,gBAAyB,EAAA;AAEzBC,EAAAA,eAAe,CAACH,OAAO,EAAEC,YAAY,EAAEC,gBAAgB,CAAC;EAExD,IAAI,CAACA,gBAAgB,EAAE;IACrBE,WAAW,CAAC,IAAIC,GAAG,CAACL,OAAO,CAACM,GAAG,CAAC,EAAEL,YAAY,CAAC;AACjD,EAAA;AACF;AASM,SAAUG,WAAWA,CAACE,GAAQ,EAAEL,YAAiC,EAAA;EACrE,MAAM;AAAEM,IAAAA;AAAQ,GAAE,GAAGD,GAAG;AACxB,EAAA,IAAI,CAACE,aAAa,CAACD,QAAQ,EAAEN,YAAY,CAAC,EAAE;AAC1C,IAAA,MAAM,IAAIQ,KAAK,CAAC,CAAA,mBAAA,EAAsBF,QAAQ,mBAAmB,CAAC;AACpE,EAAA;AACF;AAUM,SAAUG,sBAAsBA,CACpCV,OAAgB,EAChBW,iBAAsC,EAAA;EAEtC,IAAIC,cAAc,GAAG,KAAK;AAC1B,EAAA,MAAMC,OAAO,GAAG,IAAIC,OAAO,EAAE;EAE7B,KAAK,MAAM,CAACC,GAAG,EAAEpB,KAAK,CAAC,IAAIK,OAAO,CAACa,OAAO,EAAE;AAC1C,IAAA,MAAMG,QAAQ,GAAGD,GAAG,CAACE,WAAW,EAAE;AAClC,IAAA,IAAID,QAAQ,CAACE,UAAU,CAAC,cAAc,CAAC,IAAI,CAACC,oBAAoB,CAACH,QAAQ,EAAEL,iBAAiB,CAAC,EAAE;MAE7FS,OAAO,CAACC,IAAI,CACV,CAAA,UAAA,EAAaN,GAAG,CAAA,8DAAA,CAAgE,GAC9E,yGAAyG,CAC5G;AACDH,MAAAA,cAAc,GAAG,IAAI;AACvB,IAAA,CAAA,MAAO;AACLC,MAAAA,OAAO,CAACS,GAAG,CAACP,GAAG,EAAEpB,KAAK,CAAC;AACzB,IAAA;AACF,EAAA;EAEA,OAAOiB,cAAA,GACH,IAAIW,OAAO,CAACvB,OAAO,CAACwB,KAAK,EAAE,EAAE;IAC3BC,MAAM,EAAEzB,OAAO,CAACyB,MAAM;AACtBZ,IAAAA;GACD,CAAA,GACDb,OAAO;AACb;AAUA,SAAS0B,iBAAiBA,CACxBC,UAAkB,EAClBC,WAAmB,EACnB3B,YAAiC,EAAA;AAEjC,EAAA,MAAMK,GAAG,GAAG,CAAA,OAAA,EAAUsB,WAAW,CAAA,CAAE;AACnC,EAAA,IAAI,CAACvB,GAAG,CAACwB,QAAQ,CAACvB,GAAG,CAAC,EAAE;AACtB,IAAA,MAAM,IAAIG,KAAK,CAAC,CAAA,QAAA,EAAWkB,UAAU,mDAAmD,CAAC;AAC3F,EAAA;EAEA,MAAM;IAAEpB,QAAQ;IAAEuB,QAAQ;IAAEC,MAAM;IAAEC,IAAI;IAAEC,QAAQ;AAAEC,IAAAA;GAAU,GAAG,IAAI7B,GAAG,CAACC,GAAG,CAAC;EAC7E,IAAIwB,QAAQ,KAAK,GAAG,IAAIC,MAAM,IAAIC,IAAI,IAAIC,QAAQ,IAAIC,QAAQ,EAAE;IAC9D,MAAM,IAAIzB,KAAK,CACb,CAAA,QAAA,EAAWkB,UAAU,CAAA,cAAA,EAAiBC,WAAW,6CAA6C,CAC/F;AACH,EAAA;AAEA,EAAA,IAAI,CAACpB,aAAa,CAACD,QAAQ,EAAEN,YAAY,CAAC,EAAE;IAC1C,MAAM,IAAIQ,KAAK,CAAC,CAAA,QAAA,EAAWkB,UAAU,CAAA,cAAA,EAAiBC,WAAW,mBAAmB,CAAC;AACvF,EAAA;AACF;AAQA,SAASpB,aAAaA,CAACD,QAAgB,EAAEN,YAAiC,EAAA;AACxE,EAAA,IAAIA,YAAY,CAACkC,GAAG,CAAC,GAAG,CAAC,IAAIlC,YAAY,CAACkC,GAAG,CAAC5B,QAAQ,CAAC,EAAE;AACvD,IAAA,OAAO,IAAI;AACb,EAAA;AAEA,EAAA,KAAK,MAAM6B,WAAW,IAAInC,YAAY,EAAE;AACtC,IAAA,IAAI,CAACmC,WAAW,CAAClB,UAAU,CAAC,IAAI,CAAC,EAAE;AACjC,MAAA;AACF,IAAA;AAEA,IAAA,MAAMmB,MAAM,GAAGD,WAAW,CAACE,KAAK,CAAC,CAAC,CAAC;AACnC,IAAA,IAAI/B,QAAQ,CAACgC,QAAQ,CAACF,MAAM,CAAC,EAAE;AAC7B,MAAA,OAAO,IAAI;AACb,IAAA;AACF,EAAA;AAEA,EAAA,OAAO,KAAK;AACd;AAUA,SAASlC,eAAeA,CACtBH,OAAgB,EAChBC,YAAiC,EACjCC,gBAAyB,EAAA;AAEzB,EAAA,MAAMW,OAAO,GAAGb,OAAO,CAACa,OAAO;AAC/B,EAAA,KAAK,MAAMc,UAAU,IAAIrC,wBAAwB,EAAE;IACjD,MAAMsC,WAAW,GAAGlC,mBAAmB,CAACmB,OAAO,CAAC2B,GAAG,CAACb,UAAU,CAAC,CAAC;AAChE,IAAA,IAAIC,WAAW,IAAI,CAAC1B,gBAAgB,EAAE;AACpCwB,MAAAA,iBAAiB,CAACC,UAAU,EAAEC,WAAW,EAAE3B,YAAY,CAAC;AAC1D,IAAA;AACF,EAAA;EAEA,MAAMwC,cAAc,GAAG/C,mBAAmB,CAACmB,OAAO,CAAC2B,GAAG,CAAC,kBAAkB,CAAC,CAAC;EAC3E,IAAIC,cAAc,IAAI,CAAClD,gBAAgB,CAACmD,IAAI,CAACD,cAAc,CAAC,EAAE;AAC5D,IAAA,MAAM,IAAIhC,KAAK,CAAC,oDAAoD,CAAC;AACvE,EAAA;EAEA,MAAMkC,eAAe,GAAGjD,mBAAmB,CAACmB,OAAO,CAAC2B,GAAG,CAAC,mBAAmB,CAAC,CAAC;EAC7E,IAAIG,eAAe,IAAI,CAACnD,iBAAiB,CAACkD,IAAI,CAACC,eAAe,CAAC,EAAE;AAC/D,IAAA,MAAM,IAAIlC,KAAK,CAAC,8DAA8D,CAAC;AACjF,EAAA;EAEA,MAAMmC,gBAAgB,GAAGlD,mBAAmB,CAACmB,OAAO,CAAC2B,GAAG,CAAC,oBAAoB,CAAC,CAAC;EAC/E,IAAII,gBAAgB,IAAI,CAACnD,kBAAkB,CAACiD,IAAI,CAACE,gBAAgB,CAAC,EAAE;AAClE,IAAA,MAAM,IAAInC,KAAK,CACb,+EAA+E,GAC7E,sFAAsF,CACzF;AACH,EAAA;AACF;AASM,SAAUU,oBAAoBA,CAClCQ,UAAkB,EAClBhB,iBAAsC,EAAA;AAEtC,EAAA,OACEA,iBAAiB,CAACwB,GAAG,CAAC9C,uBAAuB,CAAC,IAC9CsB,iBAAiB,CAACwB,GAAG,CAACR,UAAU,CAACV,WAAW,EAAE,CAAC;AAEnD;AAOM,SAAU4B,0BAA0BA,CACxClC,iBAA0D,EAAA;EAE1D,IAAI,CAACA,iBAAiB,EAAE;IACtB,OAAO,IAAImC,GAAG,EAAE;AAClB,EAAA;EAEA,IAAInC,iBAAiB,KAAK,IAAI,EAAE;AAC9B,IAAA,OAAO,IAAImC,GAAG,CAAC,CAACzD,uBAAuB,CAAC,CAAC;AAC3C,EAAA;AAEA,EAAA,MAAM0D,6BAA6B,GAAG,IAAID,GAAG,CAACnC,iBAAiB,CAACqC,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAAChC,WAAW,EAAE,CAAC,CAAC;AAC5F,EAAA,IAAI8B,6BAA6B,CAACZ,GAAG,CAAC9C,uBAAuB,CAAC,EAAE;AAC9D,IAAA,MAAM,IAAIoB,KAAK,CACb,CAAA,CAAA,EAAIpB,uBAAuB,iEAAiE,CAC7F;AACH,EAAA;AAEA,EAAA,OAAO0D,6BAA6B;AACtC;;;;"} | ||
| {"version":3,"file":"_validation-chunk.mjs","sources":["../../../../../../k8-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/src/utils/validation.ts"],"sourcesContent":["/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\n/**\n * Internal sentinel string representing a wildcard rule to trust all proxy headers.\n */\nconst TRUST_ALL_PROXY_HEADERS = '*';\n\n/**\n * The set of headers that should be validated for host header injection attacks.\n */\nconst HOST_HEADERS_TO_VALIDATE: ReadonlyArray<string> = ['host', 'x-forwarded-host'];\n\n/**\n * Regular expression to validate that the port is a numeric value.\n */\nconst VALID_PORT_REGEX = /^\\d+$/;\n\n/**\n * Regular expression to validate that the protocol is either http or https (case-insensitive).\n */\nconst VALID_PROTO_REGEX = /^https?$/i;\n\n/**\n * Regular expression to validate that the prefix is valid. Validates that the prefix is a valid path prefix and nothing else.\n * It validates that the prefix starts with a forward slash and contains only letters, numbers, hyphens, underscores and forward slashes.\n */\nconst VALID_PREFIX_REGEX = /^\\/([a-z0-9_-]+\\/)*[a-z0-9_-]*$/i;\n\n/**\n * Extracts the first value from a multi-value header string.\n *\n * @param value - A string or an array of strings representing the header values.\n * If it's a string, values are expected to be comma-separated.\n * @returns The first trimmed value from the multi-value header, or `undefined` if the input is invalid or empty.\n *\n * @example\n * ```typescript\n * getFirstHeaderValue(\"value1, value2, value3\"); // \"value1\"\n * getFirstHeaderValue([\"value1\", \"value2\"]); // \"value1\"\n * getFirstHeaderValue(undefined); // undefined\n * ```\n */\nexport function getFirstHeaderValue(\n value: string | string[] | undefined | null,\n): string | undefined {\n return value?.toString().split(',', 1)[0]?.trim();\n}\n\n/**\n * Validates a request.\n *\n * @param request - The incoming `Request` object to validate.\n * @param allowedHosts - A set of allowed hostnames.\n * @param disableHostCheck - Whether to disable the host check.\n * @throws Error if any of the validated headers contain invalid values.\n */\nexport function validateRequest(\n request: Request,\n allowedHosts: ReadonlySet<string>,\n disableHostCheck: boolean,\n): void {\n validateHeaders(request, allowedHosts, disableHostCheck);\n\n if (!disableHostCheck) {\n validateUrl(new URL(request.url), allowedHosts);\n }\n}\n\n/**\n * Validates that the hostname of a given URL is allowed.\n *\n * @param url - The URL object to validate.\n * @param allowedHosts - A set of allowed hostnames.\n * @throws Error if the hostname is not in the allowlist.\n */\nexport function validateUrl(url: URL, allowedHosts: ReadonlySet<string>): void {\n const { hostname } = url;\n if (!isHostAllowed(hostname, allowedHosts)) {\n throw new Error(`URL with hostname \"${hostname}\" is not allowed.`);\n }\n}\n\n/**\n * Sanitizes the proxy headers of a request by removing unallowed `X-Forwarded-*` headers.\n * If no headers need to be removed, the original request is returned without cloning.\n *\n * @param request - The incoming `Request` object to sanitize.\n * @param trustProxyHeaders - A set of allowed proxy headers.\n * @returns The sanitized request, or the original request if no changes were needed.\n */\nexport function sanitizeRequestHeaders(\n request: Request,\n trustProxyHeaders: ReadonlySet<string>,\n): Request {\n let headersDeleted = false;\n const headers = new Headers();\n\n for (const [key, value] of request.headers) {\n const lowerKey = key.toLowerCase();\n if (lowerKey.startsWith('x-forwarded-') && !isProxyHeaderAllowed(lowerKey, trustProxyHeaders)) {\n // eslint-disable-next-line no-console\n console.warn(\n `Received \"${key}\" header but \"trustProxyHeaders\" was not set up to allow it.\\n` +\n `For more information, see https://angular.dev/best-practices/security#configuring-trusted-proxy-headers`,\n );\n headersDeleted = true;\n } else {\n headers.set(key, value);\n }\n }\n\n return headersDeleted\n ? new Request(request.clone(), {\n signal: request.signal,\n headers,\n })\n : request;\n}\n\n/**\n * Validates a specific host header value against the allowed hosts.\n *\n * @param headerName - The name of the header to validate (e.g., 'host', 'x-forwarded-host').\n * @param headerValue - The value of the header to validate.\n * @param allowedHosts - A set of allowed hostnames.\n * @throws Error if the header value is invalid or the hostname is not in the allowlist.\n */\nfunction verifyHostAllowed(\n headerName: string,\n headerValue: string,\n allowedHosts: ReadonlySet<string>,\n): void {\n const url = `http://${headerValue}`;\n if (!URL.canParse(url)) {\n throw new Error(`Header \"${headerName}\" contains an invalid value and cannot be parsed.`);\n }\n\n const { hostname, pathname, search, hash, username, password } = new URL(url);\n if (pathname !== '/' || search || hash || username || password) {\n throw new Error(\n `Header \"${headerName}\" with value \"${headerValue}\" contains characters that are not allowed.`,\n );\n }\n\n if (!isHostAllowed(hostname, allowedHosts)) {\n throw new Error(`Header \"${headerName}\" with value \"${headerValue}\" is not allowed.`);\n }\n}\n\n/**\n * Checks if the hostname is allowed.\n * @param hostname - The hostname to check.\n * @param allowedHosts - A set of allowed hostnames.\n * @returns `true` if the hostname is allowed, `false` otherwise.\n */\nfunction isHostAllowed(hostname: string, allowedHosts: ReadonlySet<string>): boolean {\n if (allowedHosts.has('*') || allowedHosts.has(hostname)) {\n return true;\n }\n\n for (const allowedHost of allowedHosts) {\n if (!allowedHost.startsWith('*.')) {\n continue;\n }\n\n const domain = allowedHost.slice(1);\n if (hostname.endsWith(domain)) {\n return true;\n }\n }\n\n return false;\n}\n\n/**\n * Validates the headers of an incoming request.\n *\n * @param request - The incoming `Request` object containing the headers to validate.\n * @param allowedHosts - A set of allowed hostnames.\n * @param disableHostCheck - Whether to disable the host check.\n * @throws Error if any of the validated headers contain invalid values.\n */\nfunction validateHeaders(\n request: Request,\n allowedHosts: ReadonlySet<string>,\n disableHostCheck: boolean,\n): void {\n const headers = request.headers;\n for (const headerName of HOST_HEADERS_TO_VALIDATE) {\n const headerValue = getFirstHeaderValue(headers.get(headerName));\n if (headerValue && !disableHostCheck) {\n verifyHostAllowed(headerName, headerValue, allowedHosts);\n }\n }\n\n const xForwardedPort = getFirstHeaderValue(headers.get('x-forwarded-port'));\n if (xForwardedPort && !VALID_PORT_REGEX.test(xForwardedPort)) {\n throw new Error('Header \"x-forwarded-port\" must be a numeric value.');\n }\n\n const xForwardedProto = getFirstHeaderValue(headers.get('x-forwarded-proto'));\n if (xForwardedProto && !VALID_PROTO_REGEX.test(xForwardedProto)) {\n throw new Error('Header \"x-forwarded-proto\" must be either \"http\" or \"https\".');\n }\n\n const xForwardedPrefix = getFirstHeaderValue(headers.get('x-forwarded-prefix'));\n if (xForwardedPrefix && !VALID_PREFIX_REGEX.test(xForwardedPrefix)) {\n throw new Error(\n 'Header \"x-forwarded-prefix\" is invalid. It must start with a \"/\" and contain ' +\n 'only alphanumeric characters, hyphens, and underscores, separated by single slashes.',\n );\n }\n}\n\n/**\n * Checks if a specific proxy header is allowed.\n *\n * @param headerName - The name of the proxy header to check.\n * @param trustProxyHeaders - A set of allowed proxy headers.\n * @returns `true` if the header is allowed, `false` otherwise.\n */\nexport function isProxyHeaderAllowed(\n headerName: string,\n trustProxyHeaders: ReadonlySet<string>,\n): boolean {\n return (\n trustProxyHeaders.has(TRUST_ALL_PROXY_HEADERS) ||\n trustProxyHeaders.has(headerName.toLowerCase())\n );\n}\n\n/**\n * Normalizes the `trustProxyHeaders` option to a consistent representation.\n * @param trustProxyHeaders The input `trustProxyHeaders` value.\n * @returns A `Set<string>` of normalized header names.\n */\nexport function normalizeTrustProxyHeaders(\n trustProxyHeaders: boolean | readonly string[] | undefined,\n): ReadonlySet<string> {\n if (!trustProxyHeaders) {\n return new Set();\n }\n\n if (trustProxyHeaders === true) {\n return new Set([TRUST_ALL_PROXY_HEADERS]);\n }\n\n const normalizedTrustedProxyHeaders = new Set(trustProxyHeaders.map((h) => h.toLowerCase()));\n if (normalizedTrustedProxyHeaders.has(TRUST_ALL_PROXY_HEADERS)) {\n throw new Error(\n `\"${TRUST_ALL_PROXY_HEADERS}\" is not allowed as a value for the \"trustProxyHeaders\" option.`,\n );\n }\n\n return normalizedTrustedProxyHeaders;\n}\n"],"names":["TRUST_ALL_PROXY_HEADERS","HOST_HEADERS_TO_VALIDATE","VALID_PORT_REGEX","VALID_PROTO_REGEX","VALID_PREFIX_REGEX","getFirstHeaderValue","value","toString","split","trim","validateRequest","request","allowedHosts","disableHostCheck","validateHeaders","validateUrl","URL","url","hostname","isHostAllowed","Error","sanitizeRequestHeaders","trustProxyHeaders","headersDeleted","headers","Headers","key","lowerKey","toLowerCase","startsWith","isProxyHeaderAllowed","console","warn","set","Request","clone","signal","verifyHostAllowed","headerName","headerValue","canParse","pathname","search","hash","username","password","has","allowedHost","domain","slice","endsWith","get","xForwardedPort","test","xForwardedProto","xForwardedPrefix","normalizeTrustProxyHeaders","Set","normalizedTrustedProxyHeaders","map","h"],"mappings":"AAWA,MAAMA,uBAAuB,GAAG,GAAG;AAKnC,MAAMC,wBAAwB,GAA0B,CAAC,MAAM,EAAE,kBAAkB,CAAC;AAKpF,MAAMC,gBAAgB,GAAG,OAAO;AAKhC,MAAMC,iBAAiB,GAAG,WAAW;AAMrC,MAAMC,kBAAkB,GAAG,kCAAkC;AAgBvD,SAAUC,mBAAmBA,CACjCC,KAA2C,EAAA;AAE3C,EAAA,OAAOA,KAAK,EAAEC,QAAQ,EAAE,CAACC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,EAAEC,IAAI,EAAE;AACnD;SAUgBC,eAAeA,CAC7BC,OAAgB,EAChBC,YAAiC,EACjCC,gBAAyB,EAAA;AAEzBC,EAAAA,eAAe,CAACH,OAAO,EAAEC,YAAY,EAAEC,gBAAgB,CAAC;EAExD,IAAI,CAACA,gBAAgB,EAAE;IACrBE,WAAW,CAAC,IAAIC,GAAG,CAACL,OAAO,CAACM,GAAG,CAAC,EAAEL,YAAY,CAAC;AACjD,EAAA;AACF;AASM,SAAUG,WAAWA,CAACE,GAAQ,EAAEL,YAAiC,EAAA;EACrE,MAAM;AAAEM,IAAAA;AAAQ,GAAE,GAAGD,GAAG;AACxB,EAAA,IAAI,CAACE,aAAa,CAACD,QAAQ,EAAEN,YAAY,CAAC,EAAE;AAC1C,IAAA,MAAM,IAAIQ,KAAK,CAAC,CAAA,mBAAA,EAAsBF,QAAQ,mBAAmB,CAAC;AACpE,EAAA;AACF;AAUM,SAAUG,sBAAsBA,CACpCV,OAAgB,EAChBW,iBAAsC,EAAA;EAEtC,IAAIC,cAAc,GAAG,KAAK;AAC1B,EAAA,MAAMC,OAAO,GAAG,IAAIC,OAAO,EAAE;EAE7B,KAAK,MAAM,CAACC,GAAG,EAAEpB,KAAK,CAAC,IAAIK,OAAO,CAACa,OAAO,EAAE;AAC1C,IAAA,MAAMG,QAAQ,GAAGD,GAAG,CAACE,WAAW,EAAE;AAClC,IAAA,IAAID,QAAQ,CAACE,UAAU,CAAC,cAAc,CAAC,IAAI,CAACC,oBAAoB,CAACH,QAAQ,EAAEL,iBAAiB,CAAC,EAAE;MAE7FS,OAAO,CAACC,IAAI,CACV,CAAA,UAAA,EAAaN,GAAG,CAAA,8DAAA,CAAgE,GAC9E,yGAAyG,CAC5G;AACDH,MAAAA,cAAc,GAAG,IAAI;AACvB,IAAA,CAAA,MAAO;AACLC,MAAAA,OAAO,CAACS,GAAG,CAACP,GAAG,EAAEpB,KAAK,CAAC;AACzB,IAAA;AACF,EAAA;EAEA,OAAOiB,cAAA,GACH,IAAIW,OAAO,CAACvB,OAAO,CAACwB,KAAK,EAAE,EAAE;IAC3BC,MAAM,EAAEzB,OAAO,CAACyB,MAAM;AACtBZ,IAAAA;GACD,CAAA,GACDb,OAAO;AACb;AAUA,SAAS0B,iBAAiBA,CACxBC,UAAkB,EAClBC,WAAmB,EACnB3B,YAAiC,EAAA;AAEjC,EAAA,MAAMK,GAAG,GAAG,CAAA,OAAA,EAAUsB,WAAW,CAAA,CAAE;AACnC,EAAA,IAAI,CAACvB,GAAG,CAACwB,QAAQ,CAACvB,GAAG,CAAC,EAAE;AACtB,IAAA,MAAM,IAAIG,KAAK,CAAC,CAAA,QAAA,EAAWkB,UAAU,mDAAmD,CAAC;AAC3F,EAAA;EAEA,MAAM;IAAEpB,QAAQ;IAAEuB,QAAQ;IAAEC,MAAM;IAAEC,IAAI;IAAEC,QAAQ;AAAEC,IAAAA;GAAU,GAAG,IAAI7B,GAAG,CAACC,GAAG,CAAC;EAC7E,IAAIwB,QAAQ,KAAK,GAAG,IAAIC,MAAM,IAAIC,IAAI,IAAIC,QAAQ,IAAIC,QAAQ,EAAE;IAC9D,MAAM,IAAIzB,KAAK,CACb,CAAA,QAAA,EAAWkB,UAAU,CAAA,cAAA,EAAiBC,WAAW,6CAA6C,CAC/F;AACH,EAAA;AAEA,EAAA,IAAI,CAACpB,aAAa,CAACD,QAAQ,EAAEN,YAAY,CAAC,EAAE;IAC1C,MAAM,IAAIQ,KAAK,CAAC,CAAA,QAAA,EAAWkB,UAAU,CAAA,cAAA,EAAiBC,WAAW,mBAAmB,CAAC;AACvF,EAAA;AACF;AAQA,SAASpB,aAAaA,CAACD,QAAgB,EAAEN,YAAiC,EAAA;AACxE,EAAA,IAAIA,YAAY,CAACkC,GAAG,CAAC,GAAG,CAAC,IAAIlC,YAAY,CAACkC,GAAG,CAAC5B,QAAQ,CAAC,EAAE;AACvD,IAAA,OAAO,IAAI;AACb,EAAA;AAEA,EAAA,KAAK,MAAM6B,WAAW,IAAInC,YAAY,EAAE;AACtC,IAAA,IAAI,CAACmC,WAAW,CAAClB,UAAU,CAAC,IAAI,CAAC,EAAE;AACjC,MAAA;AACF,IAAA;AAEA,IAAA,MAAMmB,MAAM,GAAGD,WAAW,CAACE,KAAK,CAAC,CAAC,CAAC;AACnC,IAAA,IAAI/B,QAAQ,CAACgC,QAAQ,CAACF,MAAM,CAAC,EAAE;AAC7B,MAAA,OAAO,IAAI;AACb,IAAA;AACF,EAAA;AAEA,EAAA,OAAO,KAAK;AACd;AAUA,SAASlC,eAAeA,CACtBH,OAAgB,EAChBC,YAAiC,EACjCC,gBAAyB,EAAA;AAEzB,EAAA,MAAMW,OAAO,GAAGb,OAAO,CAACa,OAAO;AAC/B,EAAA,KAAK,MAAMc,UAAU,IAAIrC,wBAAwB,EAAE;IACjD,MAAMsC,WAAW,GAAGlC,mBAAmB,CAACmB,OAAO,CAAC2B,GAAG,CAACb,UAAU,CAAC,CAAC;AAChE,IAAA,IAAIC,WAAW,IAAI,CAAC1B,gBAAgB,EAAE;AACpCwB,MAAAA,iBAAiB,CAACC,UAAU,EAAEC,WAAW,EAAE3B,YAAY,CAAC;AAC1D,IAAA;AACF,EAAA;EAEA,MAAMwC,cAAc,GAAG/C,mBAAmB,CAACmB,OAAO,CAAC2B,GAAG,CAAC,kBAAkB,CAAC,CAAC;EAC3E,IAAIC,cAAc,IAAI,CAAClD,gBAAgB,CAACmD,IAAI,CAACD,cAAc,CAAC,EAAE;AAC5D,IAAA,MAAM,IAAIhC,KAAK,CAAC,oDAAoD,CAAC;AACvE,EAAA;EAEA,MAAMkC,eAAe,GAAGjD,mBAAmB,CAACmB,OAAO,CAAC2B,GAAG,CAAC,mBAAmB,CAAC,CAAC;EAC7E,IAAIG,eAAe,IAAI,CAACnD,iBAAiB,CAACkD,IAAI,CAACC,eAAe,CAAC,EAAE;AAC/D,IAAA,MAAM,IAAIlC,KAAK,CAAC,8DAA8D,CAAC;AACjF,EAAA;EAEA,MAAMmC,gBAAgB,GAAGlD,mBAAmB,CAACmB,OAAO,CAAC2B,GAAG,CAAC,oBAAoB,CAAC,CAAC;EAC/E,IAAII,gBAAgB,IAAI,CAACnD,kBAAkB,CAACiD,IAAI,CAACE,gBAAgB,CAAC,EAAE;AAClE,IAAA,MAAM,IAAInC,KAAK,CACb,+EAA+E,GAC7E,sFAAsF,CACzF;AACH,EAAA;AACF;AASM,SAAUU,oBAAoBA,CAClCQ,UAAkB,EAClBhB,iBAAsC,EAAA;AAEtC,EAAA,OACEA,iBAAiB,CAACwB,GAAG,CAAC9C,uBAAuB,CAAC,IAC9CsB,iBAAiB,CAACwB,GAAG,CAACR,UAAU,CAACV,WAAW,EAAE,CAAC;AAEnD;AAOM,SAAU4B,0BAA0BA,CACxClC,iBAA0D,EAAA;EAE1D,IAAI,CAACA,iBAAiB,EAAE;IACtB,OAAO,IAAImC,GAAG,EAAE;AAClB,EAAA;EAEA,IAAInC,iBAAiB,KAAK,IAAI,EAAE;AAC9B,IAAA,OAAO,IAAImC,GAAG,CAAC,CAACzD,uBAAuB,CAAC,CAAC;AAC3C,EAAA;AAEA,EAAA,MAAM0D,6BAA6B,GAAG,IAAID,GAAG,CAACnC,iBAAiB,CAACqC,GAAG,CAAEC,CAAC,IAAKA,CAAC,CAAChC,WAAW,EAAE,CAAC,CAAC;AAC5F,EAAA,IAAI8B,6BAA6B,CAACZ,GAAG,CAAC9C,uBAAuB,CAAC,EAAE;AAC9D,IAAA,MAAM,IAAIoB,KAAK,CACb,CAAA,CAAA,EAAIpB,uBAAuB,iEAAiE,CAC7F;AACH,EAAA;AAEA,EAAA,OAAO0D,6BAA6B;AACtC;;;;"} |
@@ -1,1 +0,1 @@ | ||
| {"version":3,"file":"node.mjs","sources":["../../../../../../darwin_arm64-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/environment-options.ts","../../../../../../darwin_arm64-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/errors.ts","../../../../../../darwin_arm64-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/common-engine/inline-css-processor.ts","../../../../../../darwin_arm64-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/common-engine/peformance-profiler.ts","../../../../../../darwin_arm64-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/common-engine/common-engine.ts","../../../../../../darwin_arm64-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/request.ts","../../../../../../darwin_arm64-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/app-engine.ts","../../../../../../darwin_arm64-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/handler.ts","../../../../../../darwin_arm64-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/response.ts","../../../../../../darwin_arm64-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/module.ts"],"sourcesContent":["/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\n/**\n * Retrieves the list of allowed hosts from the environment variable `NG_ALLOWED_HOSTS`.\n * @returns An array of allowed hosts.\n */\nexport function getAllowedHostsFromEnv(): ReadonlyArray<string> | undefined {\n return getArrayFromEnv('NG_ALLOWED_HOSTS');\n}\n\n/**\n * Retrieves the list of trusted proxy headers from the environment variable `NG_TRUST_PROXY_HEADERS`.\n * @returns An array of trusted proxy headers.\n */\nexport function getTrustProxyHeadersFromEnv(): ReadonlyArray<string> | undefined {\n return getArrayFromEnv('NG_TRUST_PROXY_HEADERS');\n}\n\nfunction getArrayFromEnv(envName: string): ReadonlyArray<string> | undefined {\n const envValue = process.env[envName];\n if (!envValue) {\n return undefined;\n }\n\n const values: string[] = [];\n for (const value of envValue.split(',')) {\n const trimmed = value.trim();\n if (trimmed.length > 0) {\n values.push(trimmed);\n }\n }\n\n return values;\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\n/**\n * Attaches listeners to the Node.js process to capture and handle unhandled rejections and uncaught exceptions.\n * Captured errors are logged to the console. This function logs errors to the console, preventing unhandled errors\n * from crashing the server. It is particularly useful for Zoneless apps, ensuring error handling without relying on Zone.js.\n *\n * @remarks\n * This function is a no-op if zone.js is available.\n * For Zone-based apps, similar functionality is provided by Zone.js itself. See the Zone.js implementation here:\n * https://github.com/angular/angular/blob/4a8d0b79001ec09bcd6f2d6b15117aa6aac1932c/packages/zone.js/lib/node/node.ts#L94%7C\n *\n * @internal\n */\nexport function attachNodeGlobalErrorHandlers(): void {\n if (typeof Zone !== 'undefined') {\n return;\n }\n\n // Ensure that the listeners are registered only once.\n // Otherwise, multiple instances may be registered during edit/refresh.\n const gThis: typeof globalThis & { ngAttachNodeGlobalErrorHandlersCalled?: boolean } = globalThis;\n if (gThis.ngAttachNodeGlobalErrorHandlersCalled) {\n return;\n }\n\n gThis.ngAttachNodeGlobalErrorHandlersCalled = true;\n\n process\n // eslint-disable-next-line no-console\n .on('unhandledRejection', (error) => console.error('unhandledRejection', error))\n // eslint-disable-next-line no-console\n .on('uncaughtException', (error) => console.error('uncaughtException', error));\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport { ɵInlineCriticalCssProcessor as InlineCriticalCssProcessor } from '@angular/ssr';\nimport { readFile } from 'node:fs/promises';\n\nexport class CommonEngineInlineCriticalCssProcessor {\n private readonly resourceCache = new Map<string, string>();\n\n async process(html: string, outputPath: string | undefined): Promise<string> {\n const beasties = new InlineCriticalCssProcessor(async (path) => {\n let resourceContent = this.resourceCache.get(path);\n if (resourceContent === undefined) {\n resourceContent = await readFile(path, 'utf-8');\n this.resourceCache.set(path, resourceContent);\n }\n\n return resourceContent;\n }, outputPath);\n\n return beasties.process(html);\n }\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nconst PERFORMANCE_MARK_PREFIX = '🅰️';\n\nexport function printPerformanceLogs(): void {\n let maxWordLength = 0;\n const benchmarks: [step: string, value: string][] = [];\n\n for (const { name, duration } of performance.getEntriesByType('measure')) {\n if (!name.startsWith(PERFORMANCE_MARK_PREFIX)) {\n continue;\n }\n\n // `🅰️:Retrieve SSG Page` -> `Retrieve SSG Page:`\n const step = name.slice(PERFORMANCE_MARK_PREFIX.length + 1) + ':';\n if (step.length > maxWordLength) {\n maxWordLength = step.length;\n }\n\n benchmarks.push([step, `${duration.toFixed(1)}ms`]);\n performance.clearMeasures(name);\n }\n\n /* eslint-disable no-console */\n console.log('********** Performance results **********');\n for (const [step, value] of benchmarks) {\n const spaces = maxWordLength - step.length + 5;\n console.log(step + ' '.repeat(spaces) + value);\n }\n console.log('*****************************************');\n /* eslint-enable no-console */\n}\n\nexport async function runMethodAndMeasurePerf<T>(\n label: string,\n asyncMethod: () => Promise<T>,\n): Promise<T> {\n const labelName = `${PERFORMANCE_MARK_PREFIX}:${label}`;\n const startLabel = `start:${labelName}`;\n const endLabel = `end:${labelName}`;\n\n try {\n performance.mark(startLabel);\n\n return await asyncMethod();\n } finally {\n performance.mark(endLabel);\n performance.measure(labelName, startLabel, endLabel);\n performance.clearMarks(startLabel);\n performance.clearMarks(endLabel);\n }\n}\n\nexport function noopRunMethodAndMeasurePerf<T>(\n label: string,\n asyncMethod: () => Promise<T>,\n): Promise<T> {\n return asyncMethod();\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport { ApplicationRef, StaticProvider, Type } from '@angular/core';\nimport { BootstrapContext } from '@angular/platform-browser';\nimport { renderApplication, renderModule, ɵSERVER_CONTEXT } from '@angular/platform-server';\nimport * as fs from 'node:fs';\nimport { dirname, join, normalize, resolve } from 'node:path';\nimport { URL } from 'node:url';\nimport { validateUrl } from '../../../src/utils/validation';\nimport { getAllowedHostsFromEnv } from '../environment-options';\nimport { attachNodeGlobalErrorHandlers } from '../errors';\nimport { CommonEngineInlineCriticalCssProcessor } from './inline-css-processor';\nimport {\n noopRunMethodAndMeasurePerf,\n printPerformanceLogs,\n runMethodAndMeasurePerf,\n} from './peformance-profiler';\n\nconst SSG_MARKER_REGEXP = /ng-server-context=[\"']\\w*\\|?ssg\\|?\\w*[\"']/;\n\n/**\n * @deprecated Use `AngularNodeAppEngine` or `AngularAppEngine` instead.\n * Deprecated since v22.\n */\nexport interface CommonEngineOptions {\n /** A method that when invoked returns a promise that returns an `ApplicationRef` instance once resolved or an NgModule. */\n bootstrap?: Type<{}> | ((context: BootstrapContext) => Promise<ApplicationRef>);\n\n /** A set of platform level providers for all requests. */\n providers?: StaticProvider[];\n\n /** Enable request performance profiling data collection and printing the results in the server console. */\n enablePerformanceProfiler?: boolean;\n\n /** A set of hostnames that are allowed to access the server. */\n allowedHosts?: readonly string[];\n}\n\n/**\n * @deprecated Use `AngularNodeAppEngine` or `AngularAppEngine` instead.\n * Deprecated since v22.\n */\nexport interface CommonEngineRenderOptions {\n /** A method that when invoked returns a promise that returns an `ApplicationRef` instance once resolved or an NgModule. */\n bootstrap?: Type<{}> | ((context: BootstrapContext) => Promise<ApplicationRef>);\n\n /** A set of platform level providers for the current request. */\n providers?: StaticProvider[];\n url?: string;\n document?: string;\n documentFilePath?: string;\n\n /**\n * Reduce render blocking requests by inlining critical CSS.\n * Defaults to true.\n */\n inlineCriticalCss?: boolean;\n\n /**\n * Base path location of index file.\n * Defaults to the 'documentFilePath' dirname when not provided.\n */\n publicPath?: string;\n}\n\n/**\n * A common engine to use to server render an application.\n *\n * @deprecated Use `AngularNodeAppEngine` or `AngularAppEngine` instead.\n * Deprecated since v22.\n */\nexport class CommonEngine {\n private readonly templateCache = new Map<string, string>();\n private readonly inlineCriticalCssProcessor = new CommonEngineInlineCriticalCssProcessor();\n private readonly pageIsSSG = new Map<string, boolean>();\n private readonly allowedHosts: ReadonlySet<string>;\n\n constructor(private options?: CommonEngineOptions) {\n this.allowedHosts = new Set(getAllowedHostsFromEnv() ?? this.options?.allowedHosts ?? []);\n\n attachNodeGlobalErrorHandlers();\n }\n\n /**\n * Render an HTML document for a specific URL with specified\n * render options\n */\n async render(opts: CommonEngineRenderOptions): Promise<string> {\n const { url } = opts;\n\n if (url && URL.canParse(url)) {\n const urlObj = new URL(url);\n try {\n validateUrl(urlObj, this.allowedHosts);\n } catch (error) {\n // eslint-disable-next-line no-console\n console.error(\n `ERROR: ${(error as Error).message}` +\n 'Please provide a list of allowed hosts in the \"allowedHosts\" option in the \"CommonEngine\" constructor.',\n );\n\n throw error;\n }\n }\n\n const enablePerformanceProfiler = this.options?.enablePerformanceProfiler;\n\n const runMethod = enablePerformanceProfiler\n ? runMethodAndMeasurePerf\n : noopRunMethodAndMeasurePerf;\n\n let html = await runMethod('Retrieve SSG Page', () => this.retrieveSSGPage(opts));\n\n if (html === undefined) {\n html = await runMethod('Render Page', () => this.renderApplication(opts));\n\n if (opts.inlineCriticalCss !== false) {\n const content = await runMethod('Inline Critical CSS', () =>\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.inlineCriticalCss(html!, opts),\n );\n\n html = content;\n }\n }\n\n if (enablePerformanceProfiler) {\n printPerformanceLogs();\n }\n\n return html;\n }\n\n private inlineCriticalCss(html: string, opts: CommonEngineRenderOptions): Promise<string> {\n const outputPath =\n opts.publicPath ?? (opts.documentFilePath ? dirname(opts.documentFilePath) : '');\n\n return this.inlineCriticalCssProcessor.process(html, outputPath);\n }\n\n private async retrieveSSGPage(opts: CommonEngineRenderOptions): Promise<string | undefined> {\n const { publicPath, documentFilePath, url } = opts;\n if (!publicPath || !documentFilePath || url === undefined) {\n return undefined;\n }\n\n const { pathname } = new URL(url, 'resolve://');\n // Do not use `resolve` here as otherwise it can lead to path traversal vulnerability.\n // See: https://portswigger.net/web-security/file-path-traversal\n const pagePath = join(publicPath, pathname, 'index.html');\n\n if (this.pageIsSSG.get(pagePath)) {\n // Serve pre-rendered page.\n return fs.promises.readFile(pagePath, 'utf-8');\n }\n\n if (!pagePath.startsWith(normalize(publicPath))) {\n // Potential path traversal detected.\n return undefined;\n }\n\n if (pagePath === resolve(documentFilePath) || !(await exists(pagePath))) {\n // View matches with prerender path or file does not exist.\n this.pageIsSSG.set(pagePath, false);\n\n return undefined;\n }\n\n // Static file exists.\n const content = await fs.promises.readFile(pagePath, 'utf-8');\n const isSSG = SSG_MARKER_REGEXP.test(content);\n this.pageIsSSG.set(pagePath, isSSG);\n\n return isSSG ? content : undefined;\n }\n\n private async renderApplication(opts: CommonEngineRenderOptions): Promise<string> {\n const moduleOrFactory = this.options?.bootstrap ?? opts.bootstrap;\n if (!moduleOrFactory) {\n throw new Error('A module or bootstrap option must be provided.');\n }\n\n const extraProviders: StaticProvider[] = [\n { provide: ɵSERVER_CONTEXT, useValue: 'ssr' },\n ...(opts.providers ?? []),\n ...(this.options?.providers ?? []),\n ];\n\n let document = opts.document;\n if (!document && opts.documentFilePath) {\n document = await this.getDocument(opts.documentFilePath);\n }\n\n const commonRenderingOptions = {\n url: opts.url,\n document,\n // Validation is already happened in the render method.\n allowedHosts: ['*'],\n };\n\n return isBootstrapFn(moduleOrFactory)\n ? renderApplication(moduleOrFactory, {\n platformProviders: extraProviders,\n ...commonRenderingOptions,\n })\n : renderModule(moduleOrFactory, { extraProviders, ...commonRenderingOptions });\n }\n\n /** Retrieve the document from the cache or the filesystem */\n private async getDocument(filePath: string): Promise<string> {\n let doc = this.templateCache.get(filePath);\n\n if (!doc) {\n doc = await fs.promises.readFile(filePath, 'utf-8');\n this.templateCache.set(filePath, doc);\n }\n\n return doc;\n }\n}\n\nasync function exists(path: fs.PathLike): Promise<boolean> {\n try {\n await fs.promises.access(path, fs.constants.F_OK);\n\n return true;\n } catch {\n return false;\n }\n}\n\nfunction isBootstrapFn(\n value: unknown,\n): value is (context: BootstrapContext) => Promise<ApplicationRef> {\n // We can differentiate between a module and a bootstrap function by reading compiler-generated `ɵmod` static property:\n return typeof value === 'function' && !('ɵmod' in value);\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport type { IncomingHttpHeaders, IncomingMessage } from 'node:http';\nimport type { Http2ServerRequest } from 'node:http2';\nimport {\n getFirstHeaderValue,\n isProxyHeaderAllowed,\n normalizeTrustProxyHeaders,\n} from '../../src/utils/validation';\n\n/**\n * A set containing all the pseudo-headers defined in the HTTP/2 specification.\n *\n * This set can be used to filter out pseudo-headers from a list of headers,\n * as they are not allowed to be set directly using the `Node.js` Undici API or\n * the web `Headers` API.\n */\nconst HTTP2_PSEUDO_HEADERS: ReadonlySet<string> = new Set([\n ':method',\n ':scheme',\n ':authority',\n ':path',\n ':status',\n]);\n\n/**\n * Converts a Node.js `IncomingMessage` or `Http2ServerRequest` into a\n * Web Standard `Request` object.\n *\n * This function adapts the Node.js request objects to a format that can\n * be used by web platform APIs.\n *\n * @param nodeRequest - The Node.js request object (`IncomingMessage` or `Http2ServerRequest`) to convert.\n * @param trustProxyHeaders - A boolean or an array of proxy headers to trust when constructing the request URL.\n *\n * @remarks\n * When `trustProxyHeaders` is enabled, headers such as `X-Forwarded-Host` and\n * `X-Forwarded-Prefix` should ideally be strictly validated at a higher infrastructure\n * level (e.g., at the reverse proxy or API gateway) before reaching the application.\n *\n * @returns A Web Standard `Request` object.\n */\nexport function createWebRequestFromNodeRequest(\n nodeRequest: IncomingMessage | Http2ServerRequest,\n trustProxyHeaders?: boolean | readonly string[],\n): Request {\n const trustProxyHeadersNormalized = normalizeTrustProxyHeaders(trustProxyHeaders);\n const { headers, method = 'GET' } = nodeRequest;\n const withBody = method !== 'GET' && method !== 'HEAD';\n const referrer = headers.referer && URL.canParse(headers.referer) ? headers.referer : undefined;\n\n return new Request(createRequestUrl(nodeRequest, trustProxyHeadersNormalized), {\n method,\n headers: createRequestHeaders(headers),\n body: withBody ? nodeRequest : undefined,\n duplex: withBody ? 'half' : undefined,\n referrer,\n });\n}\n\n/**\n * Creates a `Headers` object from Node.js `IncomingHttpHeaders`.\n *\n * @param nodeHeaders - The Node.js `IncomingHttpHeaders` object to convert.\n * @returns A `Headers` object containing the converted headers.\n */\nfunction createRequestHeaders(nodeHeaders: IncomingHttpHeaders): Headers {\n const headers = new Headers();\n\n for (const [name, value] of Object.entries(nodeHeaders)) {\n if (HTTP2_PSEUDO_HEADERS.has(name)) {\n continue;\n }\n\n if (typeof value === 'string') {\n headers.append(name, value);\n } else if (Array.isArray(value)) {\n for (const item of value) {\n headers.append(name, item);\n }\n }\n }\n\n return headers;\n}\n\n/**\n * Creates a `URL` object from a Node.js `IncomingMessage`, taking into account the protocol, host, and port.\n *\n * @param nodeRequest - The Node.js `IncomingMessage` or `Http2ServerRequest` object to extract URL information from.\n * @param trustProxyHeaders - A set of allowed proxy headers.\n *\n * @remarks\n * When `trustProxyHeaders` is enabled, headers such as `X-Forwarded-Host` and\n * `X-Forwarded-Prefix` should ideally be strictly validated at a higher infrastructure\n * level (e.g., at the reverse proxy or API gateway) before reaching the application.\n *\n * @returns A `URL` object representing the request URL.\n */\nexport function createRequestUrl(\n nodeRequest: IncomingMessage | Http2ServerRequest,\n trustProxyHeaders: ReadonlySet<string>,\n): URL {\n const {\n headers,\n socket,\n url = '',\n originalUrl,\n } = nodeRequest as IncomingMessage & { originalUrl?: string };\n\n const protocol =\n getAllowedProxyHeaderValue(headers, 'x-forwarded-proto', trustProxyHeaders) ??\n ('encrypted' in socket && socket.encrypted ? 'https' : 'http');\n\n const hostname =\n getAllowedProxyHeaderValue(headers, 'x-forwarded-host', trustProxyHeaders) ??\n headers.host ??\n headers[':authority'];\n\n if (Array.isArray(hostname)) {\n throw new Error('host value cannot be an array.');\n }\n\n let hostnameWithPort = hostname;\n if (!hostname?.includes(':')) {\n const port = getAllowedProxyHeaderValue(headers, 'x-forwarded-port', trustProxyHeaders);\n if (port) {\n hostnameWithPort += `:${port}`;\n }\n }\n\n return new URL(`${protocol}://${hostnameWithPort}${originalUrl ?? url}`);\n}\n\n/**\n * Gets the first value of an allowed proxy header.\n *\n * @param headers - The Node.js incoming HTTP headers.\n * @param headerName - The name of the proxy header to retrieve.\n * @param trustProxyHeaders - A set of allowed proxy headers.\n * @returns The value of the allowed proxy header, or `undefined` if not allowed or not present.\n */\nfunction getAllowedProxyHeaderValue(\n headers: IncomingHttpHeaders,\n headerName: string,\n trustProxyHeaders: ReadonlySet<string>,\n): string | undefined {\n return isProxyHeaderAllowed(headerName, trustProxyHeaders)\n ? getFirstHeaderValue(headers[headerName])\n : undefined;\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport { AngularAppEngine } from '@angular/ssr';\nimport type { IncomingMessage } from 'node:http';\nimport type { Http2ServerRequest } from 'node:http2';\nimport { AngularAppEngineOptions } from '../../src/app-engine';\nimport { getAllowedHostsFromEnv, getTrustProxyHeadersFromEnv } from './environment-options';\nimport { attachNodeGlobalErrorHandlers } from './errors';\nimport { createWebRequestFromNodeRequest } from './request';\n\n/**\n * Options for the Angular Node.js server application engine.\n */\nexport interface AngularNodeAppEngineOptions extends AngularAppEngineOptions {}\n\n/**\n * Angular server application engine.\n * Manages Angular server applications (including localized ones), handles rendering requests,\n * and optionally transforms index HTML before rendering.\n *\n * @remarks This class should be instantiated once and used as a singleton across the server-side\n * application to ensure consistent handling of rendering requests and resource management.\n */\nexport class AngularNodeAppEngine {\n private readonly angularAppEngine: AngularAppEngine;\n private readonly trustProxyHeaders?: boolean | readonly string[];\n\n /**\n * Creates a new instance of the Angular Node.js server application engine.\n * @param options Options for the Angular Node.js server application engine.\n */\n constructor(options?: AngularNodeAppEngineOptions) {\n const appEngineOptions: AngularAppEngineOptions = {\n ...options,\n allowedHosts: getAllowedHostsFromEnv() ?? options?.allowedHosts,\n trustProxyHeaders: getTrustProxyHeadersFromEnv() ?? options?.trustProxyHeaders,\n };\n\n this.angularAppEngine = new AngularAppEngine(appEngineOptions);\n this.trustProxyHeaders = appEngineOptions.trustProxyHeaders;\n\n attachNodeGlobalErrorHandlers();\n }\n\n /**\n * Handles an incoming HTTP request by serving prerendered content, performing server-side rendering,\n * or delivering a static file for client-side rendered routes based on the `RenderMode` setting.\n *\n * This method adapts Node.js's `IncomingMessage`, `Http2ServerRequest` or `Request`\n * to a format compatible with the `AngularAppEngine` and delegates the handling logic to it.\n *\n * @param request - The incoming HTTP request (`IncomingMessage`, `Http2ServerRequest` or `Request`).\n * @param requestContext - Optional context for rendering, such as metadata associated with the request.\n * @returns A promise that resolves to the resulting HTTP response object, or `null` if no matching Angular route is found.\n *\n * @remarks A request to `https://www.example.com/page/index.html` will serve or render the Angular route\n * corresponding to `https://www.example.com/page`.\n *\n * @remarks\n * To prevent potential Server-Side Request Forgery (SSRF), this function verifies the hostname\n * of the `request.url` against a list of authorized hosts.\n * If the hostname is not recognized a 400 Bad Request is returned.\n *\n * Resolution:\n * Authorize your hostname by configuring `allowedHosts` in `angular.json` in:\n * `projects.[project-name].architect.build.options.security.allowedHosts`.\n * Alternatively, you can define the allowed hostname via the environment variable `process.env['NG_ALLOWED_HOSTS']`\n * or pass it directly through the configuration options of `AngularNodeAppEngine`.\n *\n * For more information see: https://angular.dev/best-practices/security#preventing-server-side-request-forgery-ssrf\n */\n async handle(\n request: IncomingMessage | Http2ServerRequest | Request,\n requestContext?: unknown,\n ): Promise<Response | null> {\n const webRequest =\n request instanceof Request\n ? request\n : createWebRequestFromNodeRequest(request, this.trustProxyHeaders);\n\n return this.angularAppEngine.handle(webRequest, requestContext);\n }\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport type { IncomingMessage, ServerResponse } from 'node:http';\n\n/**\n * Represents a middleware function for handling HTTP requests in a Node.js environment.\n *\n * @param req - The incoming HTTP request object.\n * @param res - The outgoing HTTP response object.\n * @param next - A callback function that signals the completion of the middleware or forwards the error if provided.\n *\n * @returns A Promise that resolves to void or simply void. The handler can be asynchronous.\n */\nexport type NodeRequestHandlerFunction = (\n req: IncomingMessage,\n res: ServerResponse,\n next: (err?: unknown) => void,\n) => Promise<void> | void;\n\n/**\n * Attaches metadata to the handler function to mark it as a special handler for Node.js environments.\n *\n * @typeParam T - The type of the handler function.\n * @param handler - The handler function to be defined and annotated.\n * @returns The same handler function passed as an argument, with metadata attached.\n *\n * @example\n * Usage in an Express application:\n * ```ts\n * const app = express();\n * export default createNodeRequestHandler(app);\n * ```\n *\n * @example\n * Usage in a Hono application:\n * ```ts\n * const app = new Hono();\n * export default createNodeRequestHandler(async (req, res, next) => {\n * try {\n * const webRes = await app.fetch(createWebRequestFromNodeRequest(req));\n * if (webRes) {\n * await writeResponseToNodeResponse(webRes, res);\n * } else {\n * next();\n * }\n * } catch (error) {\n * next(error);\n * }\n * });\n * ```\n *\n * @example\n * Usage in a Fastify application:\n * ```ts\n * const app = Fastify();\n * export default createNodeRequestHandler(async (req, res) => {\n * await app.ready();\n * app.server.emit('request', req, res);\n * });\n * ```\n */\nexport function createNodeRequestHandler<T extends NodeRequestHandlerFunction>(handler: T): T {\n (handler as T & { __ng_node_request_handler__?: boolean })['__ng_node_request_handler__'] = true;\n\n return handler;\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport type { ServerResponse } from 'node:http';\nimport type { Http2ServerResponse } from 'node:http2';\n\n/**\n * Streams a web-standard `Response` into a Node.js `ServerResponse`\n * or `Http2ServerResponse`.\n *\n * This function adapts the web `Response` object to write its content\n * to a Node.js response object, handling both HTTP/1.1 and HTTP/2.\n *\n * @param source - The web-standard `Response` object to stream from.\n * @param destination - The Node.js response object (`ServerResponse` or `Http2ServerResponse`) to stream into.\n * @returns A promise that resolves once the streaming operation is complete.\n */\nexport async function writeResponseToNodeResponse(\n source: Response,\n destination: ServerResponse | Http2ServerResponse,\n): Promise<void> {\n const { status, headers, body } = source;\n destination.statusCode = status;\n\n let cookieHeaderSet = false;\n for (const [name, value] of headers.entries()) {\n if (name === 'set-cookie') {\n if (cookieHeaderSet) {\n continue;\n }\n\n // Sets the 'set-cookie' header only once to ensure it is correctly applied.\n // Concatenating 'set-cookie' values can lead to incorrect behavior, so we use a single value from `headers.getSetCookie()`.\n destination.setHeader(name, headers.getSetCookie());\n cookieHeaderSet = true;\n } else {\n destination.setHeader(name, value);\n }\n }\n\n if ('flushHeaders' in destination) {\n destination.flushHeaders();\n }\n\n if (!body) {\n destination.end();\n\n return;\n }\n\n try {\n const reader = body.getReader();\n\n destination.on('close', () => {\n reader.cancel().catch((error) => {\n // eslint-disable-next-line no-console\n console.error(\n `An error occurred while writing the response body for: ${destination.req.url}.`,\n error,\n );\n });\n });\n\n // eslint-disable-next-line no-constant-condition\n while (true) {\n const { done, value } = await reader.read();\n if (done) {\n destination.end();\n break;\n }\n\n const canContinue = (destination as ServerResponse).write(value);\n if (canContinue === false) {\n // Explicitly check for `false`, as AWS may return `undefined` even though this is not valid.\n // See: https://github.com/CodeGenieApp/serverless-express/issues/683\n await new Promise<void>((resolve) => destination.once('drain', resolve));\n }\n }\n } catch {\n destination.end('Internal server error.');\n }\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport { argv } from 'node:process';\nimport { fileURLToPath } from 'node:url';\n\n/**\n * Determines whether the provided URL represents the main entry point module.\n *\n * This function checks if the provided URL corresponds to the main ESM module being executed directly.\n * It's useful for conditionally executing code that should only run when a module is the entry point,\n * such as starting a server or initializing an application.\n *\n * It performs two key checks:\n * 1. Verifies if the URL starts with 'file:', ensuring it is a local file.\n * 2. Compares the URL's resolved file path with the first command-line argument (`process.argv[1]`),\n * which points to the file being executed.\n *\n * @param url The URL of the module to check. This should typically be `import.meta.url`.\n * @returns `true` if the provided URL represents the main entry point, otherwise `false`.\n */\nexport function isMainModule(url: string): boolean {\n return url.startsWith('file:') && argv[1] === fileURLToPath(url);\n}\n"],"names":["getAllowedHostsFromEnv","getArrayFromEnv","getTrustProxyHeadersFromEnv","envName","envValue","process","env","undefined","values","value","split","trimmed","trim","length","push","attachNodeGlobalErrorHandlers","Zone","gThis","globalThis","ngAttachNodeGlobalErrorHandlersCalled","on","error","console","CommonEngineInlineCriticalCssProcessor","resourceCache","Map","html","outputPath","beasties","InlineCriticalCssProcessor","path","resourceContent","get","readFile","set","PERFORMANCE_MARK_PREFIX","printPerformanceLogs","maxWordLength","benchmarks","name","duration","performance","getEntriesByType","startsWith","step","slice","toFixed","clearMeasures","log","spaces","repeat","runMethodAndMeasurePerf","label","asyncMethod","labelName","startLabel","endLabel","mark","measure","clearMarks","noopRunMethodAndMeasurePerf","SSG_MARKER_REGEXP","CommonEngine","options","templateCache","inlineCriticalCssProcessor","pageIsSSG","allowedHosts","constructor","Set","render","opts","url","URL","canParse","urlObj","validateUrl","message","enablePerformanceProfiler","runMethod","retrieveSSGPage","renderApplication","inlineCriticalCss","content","publicPath","documentFilePath","dirname","pathname","pagePath","join","fs","promises","normalize","resolve","exists","isSSG","test","moduleOrFactory","bootstrap","Error","extraProviders","provide","ɵSERVER_CONTEXT","useValue","providers","document","getDocument","commonRenderingOptions","isBootstrapFn","platformProviders","renderModule","filePath","doc","access","constants","F_OK","HTTP2_PSEUDO_HEADERS","createWebRequestFromNodeRequest","nodeRequest","trustProxyHeaders","trustProxyHeadersNormalized","normalizeTrustProxyHeaders","headers","method","withBody","referrer","referer","Request","createRequestUrl","createRequestHeaders","body","duplex","nodeHeaders","Headers","Object","entries","has","append","Array","isArray","item","socket","originalUrl","protocol","getAllowedProxyHeaderValue","encrypted","hostname","host","hostnameWithPort","includes","port","headerName","isProxyHeaderAllowed","getFirstHeaderValue","AngularNodeAppEngine","angularAppEngine","appEngineOptions","AngularAppEngine","handle","request","requestContext","webRequest","createNodeRequestHandler","handler","writeResponseToNodeResponse","source","destination","status","statusCode","cookieHeaderSet","setHeader","getSetCookie","flushHeaders","end","reader","getReader","cancel","catch","req","done","read","canContinue","write","Promise","once","isMainModule","argv","fileURLToPath"],"mappings":";;;;;;;;;SAYgBA,sBAAsBA,GAAA;EACpC,OAAOC,eAAe,CAAC,kBAAkB,CAAC;AAC5C;SAMgBC,2BAA2BA,GAAA;EACzC,OAAOD,eAAe,CAAC,wBAAwB,CAAC;AAClD;AAEA,SAASA,eAAeA,CAACE,OAAe,EAAA;AACtC,EAAA,MAAMC,QAAQ,GAAGC,OAAO,CAACC,GAAG,CAACH,OAAO,CAAC;EACrC,IAAI,CAACC,QAAQ,EAAE;AACb,IAAA,OAAOG,SAAS;AAClB,EAAA;EAEA,MAAMC,MAAM,GAAa,EAAE;EAC3B,KAAK,MAAMC,KAAK,IAAIL,QAAQ,CAACM,KAAK,CAAC,GAAG,CAAC,EAAE;AACvC,IAAA,MAAMC,OAAO,GAAGF,KAAK,CAACG,IAAI,EAAE;AAC5B,IAAA,IAAID,OAAO,CAACE,MAAM,GAAG,CAAC,EAAE;AACtBL,MAAAA,MAAM,CAACM,IAAI,CAACH,OAAO,CAAC;AACtB,IAAA;AACF,EAAA;AAEA,EAAA,OAAOH,MAAM;AACf;;SCnBgBO,6BAA6BA,GAAA;AAC3C,EAAA,IAAI,OAAOC,IAAI,KAAK,WAAW,EAAE;AAC/B,IAAA;AACF,EAAA;EAIA,MAAMC,KAAK,GAA4EC,UAAU;EACjG,IAAID,KAAK,CAACE,qCAAqC,EAAE;AAC/C,IAAA;AACF,EAAA;EAEAF,KAAK,CAACE,qCAAqC,GAAG,IAAI;AAElDd,EAAAA,OAAA,CAEGe,EAAE,CAAC,oBAAoB,EAAGC,KAAK,IAAKC,OAAO,CAACD,KAAK,CAAC,oBAAoB,EAAEA,KAAK,CAAC,CAAA,CAE9ED,EAAE,CAAC,mBAAmB,EAAGC,KAAK,IAAKC,OAAO,CAACD,KAAK,CAAC,mBAAmB,EAAEA,KAAK,CAAC,CAAC;AAClF;;MC5BaE,sCAAsC,CAAA;AAChCC,EAAAA,aAAa,GAAG,IAAIC,GAAG,EAAkB;AAE1D,EAAA,MAAMpB,OAAOA,CAACqB,IAAY,EAAEC,UAA8B,EAAA;AACxD,IAAA,MAAMC,QAAQ,GAAG,IAAIC,2BAA0B,CAAC,MAAOC,IAAI,IAAI;MAC7D,IAAIC,eAAe,GAAG,IAAI,CAACP,aAAa,CAACQ,GAAG,CAACF,IAAI,CAAC;MAClD,IAAIC,eAAe,KAAKxB,SAAS,EAAE;AACjCwB,QAAAA,eAAe,GAAG,MAAME,QAAQ,CAACH,IAAI,EAAE,OAAO,CAAC;QAC/C,IAAI,CAACN,aAAa,CAACU,GAAG,CAACJ,IAAI,EAAEC,eAAe,CAAC;AAC/C,MAAA;AAEA,MAAA,OAAOA,eAAe;IACxB,CAAC,EAAEJ,UAAU,CAAC;AAEd,IAAA,OAAOC,QAAQ,CAACvB,OAAO,CAACqB,IAAI,CAAC;AAC/B,EAAA;AACD;;ACnBD,MAAMS,uBAAuB,GAAG,KAAK;SAErBC,oBAAoBA,GAAA;EAClC,IAAIC,aAAa,GAAG,CAAC;EACrB,MAAMC,UAAU,GAAoC,EAAE;AAEtD,EAAA,KAAK,MAAM;IAAEC,IAAI;AAAEC,IAAAA;AAAQ,GAAE,IAAIC,WAAW,CAACC,gBAAgB,CAAC,SAAS,CAAC,EAAE;AACxE,IAAA,IAAI,CAACH,IAAI,CAACI,UAAU,CAACR,uBAAuB,CAAC,EAAE;AAC7C,MAAA;AACF,IAAA;AAGA,IAAA,MAAMS,IAAI,GAAGL,IAAI,CAACM,KAAK,CAACV,uBAAuB,CAACtB,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG;AACjE,IAAA,IAAI+B,IAAI,CAAC/B,MAAM,GAAGwB,aAAa,EAAE;MAC/BA,aAAa,GAAGO,IAAI,CAAC/B,MAAM;AAC7B,IAAA;AAEAyB,IAAAA,UAAU,CAACxB,IAAI,CAAC,CAAC8B,IAAI,EAAE,CAAA,EAAGJ,QAAQ,CAACM,OAAO,CAAC,CAAC,CAAC,CAAA,EAAA,CAAI,CAAC,CAAC;AACnDL,IAAAA,WAAW,CAACM,aAAa,CAACR,IAAI,CAAC;AACjC,EAAA;AAGAjB,EAAAA,OAAO,CAAC0B,GAAG,CAAC,2CAA2C,CAAC;EACxD,KAAK,MAAM,CAACJ,IAAI,EAAEnC,KAAK,CAAC,IAAI6B,UAAU,EAAE;IACtC,MAAMW,MAAM,GAAGZ,aAAa,GAAGO,IAAI,CAAC/B,MAAM,GAAG,CAAC;AAC9CS,IAAAA,OAAO,CAAC0B,GAAG,CAACJ,IAAI,GAAG,GAAG,CAACM,MAAM,CAACD,MAAM,CAAC,GAAGxC,KAAK,CAAC;AAChD,EAAA;AACAa,EAAAA,OAAO,CAAC0B,GAAG,CAAC,2CAA2C,CAAC;AAE1D;AAEO,eAAeG,uBAAuBA,CAC3CC,KAAa,EACbC,WAA6B,EAAA;AAE7B,EAAA,MAAMC,SAAS,GAAG,CAAA,EAAGnB,uBAAuB,CAAA,CAAA,EAAIiB,KAAK,CAAA,CAAE;AACvD,EAAA,MAAMG,UAAU,GAAG,CAAA,MAAA,EAASD,SAAS,CAAA,CAAE;AACvC,EAAA,MAAME,QAAQ,GAAG,CAAA,IAAA,EAAOF,SAAS,CAAA,CAAE;EAEnC,IAAI;AACFb,IAAAA,WAAW,CAACgB,IAAI,CAACF,UAAU,CAAC;IAE5B,OAAO,MAAMF,WAAW,EAAE;AAC5B,EAAA,CAAA,SAAU;AACRZ,IAAAA,WAAW,CAACgB,IAAI,CAACD,QAAQ,CAAC;IAC1Bf,WAAW,CAACiB,OAAO,CAACJ,SAAS,EAAEC,UAAU,EAAEC,QAAQ,CAAC;AACpDf,IAAAA,WAAW,CAACkB,UAAU,CAACJ,UAAU,CAAC;AAClCd,IAAAA,WAAW,CAACkB,UAAU,CAACH,QAAQ,CAAC;AAClC,EAAA;AACF;AAEM,SAAUI,2BAA2BA,CACzCR,KAAa,EACbC,WAA6B,EAAA;EAE7B,OAAOA,WAAW,EAAE;AACtB;;ACxCA,MAAMQ,iBAAiB,GAAG,2CAA2C;MAqDxDC,YAAY,CAAA;EAMHC,OAAA;AALHC,EAAAA,aAAa,GAAG,IAAIvC,GAAG,EAAkB;AACzCwC,EAAAA,0BAA0B,GAAG,IAAI1C,sCAAsC,EAAE;AACzE2C,EAAAA,SAAS,GAAG,IAAIzC,GAAG,EAAmB;EACtC0C,YAAY;EAE7BC,WAAAA,CAAoBL,OAA6B,EAAA;IAA7B,IAAA,CAAAA,OAAO,GAAPA,OAAO;AACzB,IAAA,IAAI,CAACI,YAAY,GAAG,IAAIE,GAAG,CAACrE,sBAAsB,EAAE,IAAI,IAAI,CAAC+D,OAAO,EAAEI,YAAY,IAAI,EAAE,CAAC;AAEzFpD,IAAAA,6BAA6B,EAAE;AACjC,EAAA;EAMA,MAAMuD,MAAMA,CAACC,IAA+B,EAAA;IAC1C,MAAM;AAAEC,MAAAA;AAAG,KAAE,GAAGD,IAAI;IAEpB,IAAIC,GAAG,IAAIC,KAAG,CAACC,QAAQ,CAACF,GAAG,CAAC,EAAE;AAC5B,MAAA,MAAMG,MAAM,GAAG,IAAIF,KAAG,CAACD,GAAG,CAAC;MAC3B,IAAI;AACFI,QAAAA,WAAW,CAACD,MAAM,EAAE,IAAI,CAACR,YAAY,CAAC;MACxC,CAAA,CAAE,OAAO9C,KAAK,EAAE;QAEdC,OAAO,CAACD,KAAK,CACX,CAAA,OAAA,EAAWA,KAAe,CAACwD,OAAO,CAAA,CAAE,GAClC,wGAAwG,CAC3G;AAED,QAAA,MAAMxD,KAAK;AACb,MAAA;AACF,IAAA;AAEA,IAAA,MAAMyD,yBAAyB,GAAG,IAAI,CAACf,OAAO,EAAEe,yBAAyB;AAEzE,IAAA,MAAMC,SAAS,GAAGD,yBAAA,GACd3B,uBAAA,GACAS,2BAA2B;AAE/B,IAAA,IAAIlC,IAAI,GAAG,MAAMqD,SAAS,CAAC,mBAAmB,EAAE,MAAM,IAAI,CAACC,eAAe,CAACT,IAAI,CAAC,CAAC;IAEjF,IAAI7C,IAAI,KAAKnB,SAAS,EAAE;AACtBmB,MAAAA,IAAI,GAAG,MAAMqD,SAAS,CAAC,aAAa,EAAE,MAAM,IAAI,CAACE,iBAAiB,CAACV,IAAI,CAAC,CAAC;AAEzE,MAAA,IAAIA,IAAI,CAACW,iBAAiB,KAAK,KAAK,EAAE;AACpC,QAAA,MAAMC,OAAO,GAAG,MAAMJ,SAAS,CAAC,qBAAqB,EAAE,MAErD,IAAI,CAACG,iBAAiB,CAACxD,IAAK,EAAE6C,IAAI,CAAC,CACpC;AAED7C,QAAAA,IAAI,GAAGyD,OAAO;AAChB,MAAA;AACF,IAAA;AAEA,IAAA,IAAIL,yBAAyB,EAAE;AAC7B1C,MAAAA,oBAAoB,EAAE;AACxB,IAAA;AAEA,IAAA,OAAOV,IAAI;AACb,EAAA;AAEQwD,EAAAA,iBAAiBA,CAACxD,IAAY,EAAE6C,IAA+B,EAAA;AACrE,IAAA,MAAM5C,UAAU,GACd4C,IAAI,CAACa,UAAU,KAAKb,IAAI,CAACc,gBAAgB,GAAGC,OAAO,CAACf,IAAI,CAACc,gBAAgB,CAAC,GAAG,EAAE,CAAC;IAElF,OAAO,IAAI,CAACpB,0BAA0B,CAAC5D,OAAO,CAACqB,IAAI,EAAEC,UAAU,CAAC;AAClE,EAAA;EAEQ,MAAMqD,eAAeA,CAACT,IAA+B,EAAA;IAC3D,MAAM;MAAEa,UAAU;MAAEC,gBAAgB;AAAEb,MAAAA;AAAG,KAAE,GAAGD,IAAI;IAClD,IAAI,CAACa,UAAU,IAAI,CAACC,gBAAgB,IAAIb,GAAG,KAAKjE,SAAS,EAAE;AACzD,MAAA,OAAOA,SAAS;AAClB,IAAA;IAEA,MAAM;AAAEgF,MAAAA;AAAQ,KAAE,GAAG,IAAId,KAAG,CAACD,GAAG,EAAE,YAAY,CAAC;IAG/C,MAAMgB,QAAQ,GAAGC,IAAI,CAACL,UAAU,EAAEG,QAAQ,EAAE,YAAY,CAAC;IAEzD,IAAI,IAAI,CAACrB,SAAS,CAAClC,GAAG,CAACwD,QAAQ,CAAC,EAAE;MAEhC,OAAOE,EAAE,CAACC,QAAQ,CAAC1D,QAAQ,CAACuD,QAAQ,EAAE,OAAO,CAAC;AAChD,IAAA;IAEA,IAAI,CAACA,QAAQ,CAAC7C,UAAU,CAACiD,SAAS,CAACR,UAAU,CAAC,CAAC,EAAE;AAE/C,MAAA,OAAO7E,SAAS;AAClB,IAAA;AAEA,IAAA,IAAIiF,QAAQ,KAAKK,OAAO,CAACR,gBAAgB,CAAC,IAAI,EAAE,MAAMS,MAAM,CAACN,QAAQ,CAAC,CAAC,EAAE;MAEvE,IAAI,CAACtB,SAAS,CAAChC,GAAG,CAACsD,QAAQ,EAAE,KAAK,CAAC;AAEnC,MAAA,OAAOjF,SAAS;AAClB,IAAA;AAGA,IAAA,MAAM4E,OAAO,GAAG,MAAMO,EAAE,CAACC,QAAQ,CAAC1D,QAAQ,CAACuD,QAAQ,EAAE,OAAO,CAAC;AAC7D,IAAA,MAAMO,KAAK,GAAGlC,iBAAiB,CAACmC,IAAI,CAACb,OAAO,CAAC;IAC7C,IAAI,CAACjB,SAAS,CAAChC,GAAG,CAACsD,QAAQ,EAAEO,KAAK,CAAC;AAEnC,IAAA,OAAOA,KAAK,GAAGZ,OAAO,GAAG5E,SAAS;AACpC,EAAA;EAEQ,MAAM0E,iBAAiBA,CAACV,IAA+B,EAAA;IAC7D,MAAM0B,eAAe,GAAG,IAAI,CAAClC,OAAO,EAAEmC,SAAS,IAAI3B,IAAI,CAAC2B,SAAS;IACjE,IAAI,CAACD,eAAe,EAAE;AACpB,MAAA,MAAM,IAAIE,KAAK,CAAC,gDAAgD,CAAC;AACnE,IAAA;IAEA,MAAMC,cAAc,GAAqB,CACvC;AAAEC,MAAAA,OAAO,EAAEC,eAAe;AAAEC,MAAAA,QAAQ,EAAE;AAAK,KAAE,EAC7C,IAAIhC,IAAI,CAACiC,SAAS,IAAI,EAAE,CAAC,EACzB,IAAI,IAAI,CAACzC,OAAO,EAAEyC,SAAS,IAAI,EAAE,CAAC,CACnC;AAED,IAAA,IAAIC,QAAQ,GAAGlC,IAAI,CAACkC,QAAQ;AAC5B,IAAA,IAAI,CAACA,QAAQ,IAAIlC,IAAI,CAACc,gBAAgB,EAAE;MACtCoB,QAAQ,GAAG,MAAM,IAAI,CAACC,WAAW,CAACnC,IAAI,CAACc,gBAAgB,CAAC;AAC1D,IAAA;AAEA,IAAA,MAAMsB,sBAAsB,GAAG;MAC7BnC,GAAG,EAAED,IAAI,CAACC,GAAG;MACbiC,QAAQ;MAERtC,YAAY,EAAE,CAAC,GAAG;KACnB;IAED,OAAOyC,aAAa,CAACX,eAAe,CAAA,GAChChB,iBAAiB,CAACgB,eAAe,EAAE;AACjCY,MAAAA,iBAAiB,EAAET,cAAc;MACjC,GAAGO;KACJ,CAAA,GACDG,YAAY,CAACb,eAAe,EAAE;MAAEG,cAAc;MAAE,GAAGO;AAAsB,KAAE,CAAC;AAClF,EAAA;EAGQ,MAAMD,WAAWA,CAACK,QAAgB,EAAA;IACxC,IAAIC,GAAG,GAAG,IAAI,CAAChD,aAAa,CAAChC,GAAG,CAAC+E,QAAQ,CAAC;IAE1C,IAAI,CAACC,GAAG,EAAE;MACRA,GAAG,GAAG,MAAMtB,EAAE,CAACC,QAAQ,CAAC1D,QAAQ,CAAC8E,QAAQ,EAAE,OAAO,CAAC;MACnD,IAAI,CAAC/C,aAAa,CAAC9B,GAAG,CAAC6E,QAAQ,EAAEC,GAAG,CAAC;AACvC,IAAA;AAEA,IAAA,OAAOA,GAAG;AACZ,EAAA;AACD;AAED,eAAelB,MAAMA,CAAChE,IAAiB,EAAA;EACrC,IAAI;AACF,IAAA,MAAM4D,EAAE,CAACC,QAAQ,CAACsB,MAAM,CAACnF,IAAI,EAAE4D,EAAE,CAACwB,SAAS,CAACC,IAAI,CAAC;AAEjD,IAAA,OAAO,IAAI;AACb,EAAA,CAAA,CAAE,MAAM;AACN,IAAA,OAAO,KAAK;AACd,EAAA;AACF;AAEA,SAASP,aAAaA,CACpBnG,KAAc,EAAA;EAGd,OAAO,OAAOA,KAAK,KAAK,UAAU,IAAI,EAAE,MAAM,IAAIA,KAAK,CAAC;AAC1D;;AC3NA,MAAM2G,oBAAoB,GAAwB,IAAI/C,GAAG,CAAC,CACxD,SAAS,EACT,SAAS,EACT,YAAY,EACZ,OAAO,EACP,SAAS,CACV,CAAC;AAmBI,SAAUgD,+BAA+BA,CAC7CC,WAAiD,EACjDC,iBAA+C,EAAA;AAE/C,EAAA,MAAMC,2BAA2B,GAAGC,0BAA0B,CAACF,iBAAiB,CAAC;EACjF,MAAM;IAAEG,OAAO;AAAEC,IAAAA,MAAM,GAAG;AAAK,GAAE,GAAGL,WAAW;EAC/C,MAAMM,QAAQ,GAAGD,MAAM,KAAK,KAAK,IAAIA,MAAM,KAAK,MAAM;AACtD,EAAA,MAAME,QAAQ,GAAGH,OAAO,CAACI,OAAO,IAAIrD,GAAG,CAACC,QAAQ,CAACgD,OAAO,CAACI,OAAO,CAAC,GAAGJ,OAAO,CAACI,OAAO,GAAGvH,SAAS;EAE/F,OAAO,IAAIwH,OAAO,CAACC,gBAAgB,CAACV,WAAW,EAAEE,2BAA2B,CAAC,EAAE;IAC7EG,MAAM;AACND,IAAAA,OAAO,EAAEO,oBAAoB,CAACP,OAAO,CAAC;AACtCQ,IAAAA,IAAI,EAAEN,QAAQ,GAAGN,WAAW,GAAG/G,SAAS;AACxC4H,IAAAA,MAAM,EAAEP,QAAQ,GAAG,MAAM,GAAGrH,SAAS;AACrCsH,IAAAA;AACD,GAAA,CAAC;AACJ;AAQA,SAASI,oBAAoBA,CAACG,WAAgC,EAAA;AAC5D,EAAA,MAAMV,OAAO,GAAG,IAAIW,OAAO,EAAE;AAE7B,EAAA,KAAK,MAAM,CAAC9F,IAAI,EAAE9B,KAAK,CAAC,IAAI6H,MAAM,CAACC,OAAO,CAACH,WAAW,CAAC,EAAE;AACvD,IAAA,IAAIhB,oBAAoB,CAACoB,GAAG,CAACjG,IAAI,CAAC,EAAE;AAClC,MAAA;AACF,IAAA;AAEA,IAAA,IAAI,OAAO9B,KAAK,KAAK,QAAQ,EAAE;AAC7BiH,MAAAA,OAAO,CAACe,MAAM,CAAClG,IAAI,EAAE9B,KAAK,CAAC;IAC7B,CAAA,MAAO,IAAIiI,KAAK,CAACC,OAAO,CAAClI,KAAK,CAAC,EAAE;AAC/B,MAAA,KAAK,MAAMmI,IAAI,IAAInI,KAAK,EAAE;AACxBiH,QAAAA,OAAO,CAACe,MAAM,CAAClG,IAAI,EAAEqG,IAAI,CAAC;AAC5B,MAAA;AACF,IAAA;AACF,EAAA;AAEA,EAAA,OAAOlB,OAAO;AAChB;AAeM,SAAUM,gBAAgBA,CAC9BV,WAAiD,EACjDC,iBAAsC,EAAA;EAEtC,MAAM;IACJG,OAAO;IACPmB,MAAM;AACNrE,IAAAA,GAAG,GAAG,EAAE;AACRsE,IAAAA;AAAW,GACZ,GAAGxB,WAAyD;EAE7D,MAAMyB,QAAQ,GACZC,0BAA0B,CAACtB,OAAO,EAAE,mBAAmB,EAAEH,iBAAiB,CAAC,KAC1E,WAAW,IAAIsB,MAAM,IAAIA,MAAM,CAACI,SAAS,GAAG,OAAO,GAAG,MAAM,CAAC;AAEhE,EAAA,MAAMC,QAAQ,GACZF,0BAA0B,CAACtB,OAAO,EAAE,kBAAkB,EAAEH,iBAAiB,CAAC,IAC1EG,OAAO,CAACyB,IAAI,IACZzB,OAAO,CAAC,YAAY,CAAC;AAEvB,EAAA,IAAIgB,KAAK,CAACC,OAAO,CAACO,QAAQ,CAAC,EAAE;AAC3B,IAAA,MAAM,IAAI/C,KAAK,CAAC,gCAAgC,CAAC;AACnD,EAAA;EAEA,IAAIiD,gBAAgB,GAAGF,QAAQ;AAC/B,EAAA,IAAI,CAACA,QAAQ,EAAEG,QAAQ,CAAC,GAAG,CAAC,EAAE;IAC5B,MAAMC,IAAI,GAAGN,0BAA0B,CAACtB,OAAO,EAAE,kBAAkB,EAAEH,iBAAiB,CAAC;AACvF,IAAA,IAAI+B,IAAI,EAAE;MACRF,gBAAgB,IAAI,CAAA,CAAA,EAAIE,IAAI,CAAA,CAAE;AAChC,IAAA;AACF,EAAA;AAEA,EAAA,OAAO,IAAI7E,GAAG,CAAC,CAAA,EAAGsE,QAAQ,CAAA,GAAA,EAAMK,gBAAgB,CAAA,EAAGN,WAAW,IAAItE,GAAG,CAAA,CAAE,CAAC;AAC1E;AAUA,SAASwE,0BAA0BA,CACjCtB,OAA4B,EAC5B6B,UAAkB,EAClBhC,iBAAsC,EAAA;AAEtC,EAAA,OAAOiC,oBAAoB,CAACD,UAAU,EAAEhC,iBAAiB,CAAA,GACrDkC,mBAAmB,CAAC/B,OAAO,CAAC6B,UAAU,CAAC,CAAA,GACvChJ,SAAS;AACf;;MC/HamJ,oBAAoB,CAAA;EACdC,gBAAgB;EAChBpC,iBAAiB;EAMlCnD,WAAAA,CAAYL,OAAqC,EAAA;AAC/C,IAAA,MAAM6F,gBAAgB,GAA4B;AAChD,MAAA,GAAG7F,OAAO;AACVI,MAAAA,YAAY,EAAEnE,sBAAsB,EAAE,IAAI+D,OAAO,EAAEI,YAAY;AAC/DoD,MAAAA,iBAAiB,EAAErH,2BAA2B,EAAE,IAAI6D,OAAO,EAAEwD;KAC9D;AAED,IAAA,IAAI,CAACoC,gBAAgB,GAAG,IAAIE,gBAAgB,CAACD,gBAAgB,CAAC;AAC9D,IAAA,IAAI,CAACrC,iBAAiB,GAAGqC,gBAAgB,CAACrC,iBAAiB;AAE3DxG,IAAAA,6BAA6B,EAAE;AACjC,EAAA;AA6BA,EAAA,MAAM+I,MAAMA,CACVC,OAAuD,EACvDC,cAAwB,EAAA;AAExB,IAAA,MAAMC,UAAU,GACdF,OAAO,YAAYhC,OAAA,GACfgC,OAAA,GACA1C,+BAA+B,CAAC0C,OAAO,EAAE,IAAI,CAACxC,iBAAiB,CAAC;IAEtE,OAAO,IAAI,CAACoC,gBAAgB,CAACG,MAAM,CAACG,UAAU,EAAED,cAAc,CAAC;AACjE,EAAA;AACD;;ACrBK,SAAUE,wBAAwBA,CAAuCC,OAAU,EAAA;AACtFA,EAAAA,OAAyD,CAAC,6BAA6B,CAAC,GAAG,IAAI;AAEhG,EAAA,OAAOA,OAAO;AAChB;;ACjDO,eAAeC,2BAA2BA,CAC/CC,MAAgB,EAChBC,WAAiD,EAAA;EAEjD,MAAM;IAAEC,MAAM;IAAE7C,OAAO;AAAEQ,IAAAA;AAAI,GAAE,GAAGmC,MAAM;EACxCC,WAAW,CAACE,UAAU,GAAGD,MAAM;EAE/B,IAAIE,eAAe,GAAG,KAAK;AAC3B,EAAA,KAAK,MAAM,CAAClI,IAAI,EAAE9B,KAAK,CAAC,IAAIiH,OAAO,CAACa,OAAO,EAAE,EAAE;IAC7C,IAAIhG,IAAI,KAAK,YAAY,EAAE;AACzB,MAAA,IAAIkI,eAAe,EAAE;AACnB,QAAA;AACF,MAAA;MAIAH,WAAW,CAACI,SAAS,CAACnI,IAAI,EAAEmF,OAAO,CAACiD,YAAY,EAAE,CAAC;AACnDF,MAAAA,eAAe,GAAG,IAAI;AACxB,IAAA,CAAA,MAAO;AACLH,MAAAA,WAAW,CAACI,SAAS,CAACnI,IAAI,EAAE9B,KAAK,CAAC;AACpC,IAAA;AACF,EAAA;EAEA,IAAI,cAAc,IAAI6J,WAAW,EAAE;IACjCA,WAAW,CAACM,YAAY,EAAE;AAC5B,EAAA;EAEA,IAAI,CAAC1C,IAAI,EAAE;IACToC,WAAW,CAACO,GAAG,EAAE;AAEjB,IAAA;AACF,EAAA;EAEA,IAAI;AACF,IAAA,MAAMC,MAAM,GAAG5C,IAAI,CAAC6C,SAAS,EAAE;AAE/BT,IAAAA,WAAW,CAAClJ,EAAE,CAAC,OAAO,EAAE,MAAK;MAC3B0J,MAAM,CAACE,MAAM,EAAE,CAACC,KAAK,CAAE5J,KAAK,IAAI;AAE9BC,QAAAA,OAAO,CAACD,KAAK,CACX,CAAA,uDAAA,EAA0DiJ,WAAW,CAACY,GAAG,CAAC1G,GAAG,CAAA,CAAA,CAAG,EAChFnD,KAAK,CACN;AACH,MAAA,CAAC,CAAC;AACJ,IAAA,CAAC,CAAC;AAGF,IAAA,OAAO,IAAI,EAAE;MACX,MAAM;QAAE8J,IAAI;AAAE1K,QAAAA;AAAK,OAAE,GAAG,MAAMqK,MAAM,CAACM,IAAI,EAAE;AAC3C,MAAA,IAAID,IAAI,EAAE;QACRb,WAAW,CAACO,GAAG,EAAE;AACjB,QAAA;AACF,MAAA;AAEA,MAAA,MAAMQ,WAAW,GAAIf,WAA8B,CAACgB,KAAK,CAAC7K,KAAK,CAAC;MAChE,IAAI4K,WAAW,KAAK,KAAK,EAAE;AAGzB,QAAA,MAAM,IAAIE,OAAO,CAAQ1F,OAAO,IAAKyE,WAAW,CAACkB,IAAI,CAAC,OAAO,EAAE3F,OAAO,CAAC,CAAC;AAC1E,MAAA;AACF,IAAA;AACF,EAAA,CAAA,CAAE,MAAM;AACNyE,IAAAA,WAAW,CAACO,GAAG,CAAC,wBAAwB,CAAC;AAC3C,EAAA;AACF;;AC5DM,SAAUY,YAAYA,CAACjH,GAAW,EAAA;AACtC,EAAA,OAAOA,GAAG,CAAC7B,UAAU,CAAC,OAAO,CAAC,IAAI+I,IAAI,CAAC,CAAC,CAAC,KAAKC,aAAa,CAACnH,GAAG,CAAC;AAClE;;;;"} | ||
| {"version":3,"file":"node.mjs","sources":["../../../../../../k8-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/environment-options.ts","../../../../../../k8-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/errors.ts","../../../../../../k8-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/common-engine/inline-css-processor.ts","../../../../../../k8-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/common-engine/peformance-profiler.ts","../../../../../../k8-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/common-engine/common-engine.ts","../../../../../../k8-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/request.ts","../../../../../../k8-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/app-engine.ts","../../../../../../k8-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/handler.ts","../../../../../../k8-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/response.ts","../../../../../../k8-fastbuild-ST-fdfa778d11ba/bin/packages/angular/ssr/node/src/module.ts"],"sourcesContent":["/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\n/**\n * Retrieves the list of allowed hosts from the environment variable `NG_ALLOWED_HOSTS`.\n * @returns An array of allowed hosts.\n */\nexport function getAllowedHostsFromEnv(): ReadonlyArray<string> | undefined {\n return getArrayFromEnv('NG_ALLOWED_HOSTS');\n}\n\n/**\n * Retrieves the list of trusted proxy headers from the environment variable `NG_TRUST_PROXY_HEADERS`.\n * @returns An array of trusted proxy headers.\n */\nexport function getTrustProxyHeadersFromEnv(): ReadonlyArray<string> | undefined {\n return getArrayFromEnv('NG_TRUST_PROXY_HEADERS');\n}\n\nfunction getArrayFromEnv(envName: string): ReadonlyArray<string> | undefined {\n const envValue = process.env[envName];\n if (!envValue) {\n return undefined;\n }\n\n const values: string[] = [];\n for (const value of envValue.split(',')) {\n const trimmed = value.trim();\n if (trimmed.length > 0) {\n values.push(trimmed);\n }\n }\n\n return values;\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\n/**\n * Attaches listeners to the Node.js process to capture and handle unhandled rejections and uncaught exceptions.\n * Captured errors are logged to the console. This function logs errors to the console, preventing unhandled errors\n * from crashing the server. It is particularly useful for Zoneless apps, ensuring error handling without relying on Zone.js.\n *\n * @remarks\n * This function is a no-op if zone.js is available.\n * For Zone-based apps, similar functionality is provided by Zone.js itself. See the Zone.js implementation here:\n * https://github.com/angular/angular/blob/4a8d0b79001ec09bcd6f2d6b15117aa6aac1932c/packages/zone.js/lib/node/node.ts#L94%7C\n *\n * @internal\n */\nexport function attachNodeGlobalErrorHandlers(): void {\n if (typeof Zone !== 'undefined') {\n return;\n }\n\n // Ensure that the listeners are registered only once.\n // Otherwise, multiple instances may be registered during edit/refresh.\n const gThis: typeof globalThis & { ngAttachNodeGlobalErrorHandlersCalled?: boolean } = globalThis;\n if (gThis.ngAttachNodeGlobalErrorHandlersCalled) {\n return;\n }\n\n gThis.ngAttachNodeGlobalErrorHandlersCalled = true;\n\n process\n // eslint-disable-next-line no-console\n .on('unhandledRejection', (error) => console.error('unhandledRejection', error))\n // eslint-disable-next-line no-console\n .on('uncaughtException', (error) => console.error('uncaughtException', error));\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport { ɵInlineCriticalCssProcessor as InlineCriticalCssProcessor } from '@angular/ssr';\nimport { readFile } from 'node:fs/promises';\n\nexport class CommonEngineInlineCriticalCssProcessor {\n private readonly resourceCache = new Map<string, string>();\n\n async process(html: string, outputPath: string | undefined): Promise<string> {\n const beasties = new InlineCriticalCssProcessor(async (path) => {\n let resourceContent = this.resourceCache.get(path);\n if (resourceContent === undefined) {\n resourceContent = await readFile(path, 'utf-8');\n this.resourceCache.set(path, resourceContent);\n }\n\n return resourceContent;\n }, outputPath);\n\n return beasties.process(html);\n }\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nconst PERFORMANCE_MARK_PREFIX = '🅰️';\n\nexport function printPerformanceLogs(): void {\n let maxWordLength = 0;\n const benchmarks: [step: string, value: string][] = [];\n\n for (const { name, duration } of performance.getEntriesByType('measure')) {\n if (!name.startsWith(PERFORMANCE_MARK_PREFIX)) {\n continue;\n }\n\n // `🅰️:Retrieve SSG Page` -> `Retrieve SSG Page:`\n const step = name.slice(PERFORMANCE_MARK_PREFIX.length + 1) + ':';\n if (step.length > maxWordLength) {\n maxWordLength = step.length;\n }\n\n benchmarks.push([step, `${duration.toFixed(1)}ms`]);\n performance.clearMeasures(name);\n }\n\n /* eslint-disable no-console */\n console.log('********** Performance results **********');\n for (const [step, value] of benchmarks) {\n const spaces = maxWordLength - step.length + 5;\n console.log(step + ' '.repeat(spaces) + value);\n }\n console.log('*****************************************');\n /* eslint-enable no-console */\n}\n\nexport async function runMethodAndMeasurePerf<T>(\n label: string,\n asyncMethod: () => Promise<T>,\n): Promise<T> {\n const labelName = `${PERFORMANCE_MARK_PREFIX}:${label}`;\n const startLabel = `start:${labelName}`;\n const endLabel = `end:${labelName}`;\n\n try {\n performance.mark(startLabel);\n\n return await asyncMethod();\n } finally {\n performance.mark(endLabel);\n performance.measure(labelName, startLabel, endLabel);\n performance.clearMarks(startLabel);\n performance.clearMarks(endLabel);\n }\n}\n\nexport function noopRunMethodAndMeasurePerf<T>(\n label: string,\n asyncMethod: () => Promise<T>,\n): Promise<T> {\n return asyncMethod();\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport { ApplicationRef, StaticProvider, Type } from '@angular/core';\nimport { BootstrapContext } from '@angular/platform-browser';\nimport { renderApplication, renderModule, ɵSERVER_CONTEXT } from '@angular/platform-server';\nimport * as fs from 'node:fs';\nimport { dirname, join, normalize, resolve } from 'node:path';\nimport { URL } from 'node:url';\nimport { validateUrl } from '../../../src/utils/validation';\nimport { getAllowedHostsFromEnv } from '../environment-options';\nimport { attachNodeGlobalErrorHandlers } from '../errors';\nimport { CommonEngineInlineCriticalCssProcessor } from './inline-css-processor';\nimport {\n noopRunMethodAndMeasurePerf,\n printPerformanceLogs,\n runMethodAndMeasurePerf,\n} from './peformance-profiler';\n\nconst SSG_MARKER_REGEXP = /ng-server-context=[\"']\\w*\\|?ssg\\|?\\w*[\"']/;\n\n/**\n * @deprecated Use `AngularNodeAppEngine` or `AngularAppEngine` instead.\n * Deprecated since v22.\n */\nexport interface CommonEngineOptions {\n /** A method that when invoked returns a promise that returns an `ApplicationRef` instance once resolved or an NgModule. */\n bootstrap?: Type<{}> | ((context: BootstrapContext) => Promise<ApplicationRef>);\n\n /** A set of platform level providers for all requests. */\n providers?: StaticProvider[];\n\n /** Enable request performance profiling data collection and printing the results in the server console. */\n enablePerformanceProfiler?: boolean;\n\n /** A set of hostnames that are allowed to access the server. */\n allowedHosts?: readonly string[];\n}\n\n/**\n * @deprecated Use `AngularNodeAppEngine` or `AngularAppEngine` instead.\n * Deprecated since v22.\n */\nexport interface CommonEngineRenderOptions {\n /** A method that when invoked returns a promise that returns an `ApplicationRef` instance once resolved or an NgModule. */\n bootstrap?: Type<{}> | ((context: BootstrapContext) => Promise<ApplicationRef>);\n\n /** A set of platform level providers for the current request. */\n providers?: StaticProvider[];\n url?: string;\n document?: string;\n documentFilePath?: string;\n\n /**\n * Reduce render blocking requests by inlining critical CSS.\n * Defaults to true.\n */\n inlineCriticalCss?: boolean;\n\n /**\n * Base path location of index file.\n * Defaults to the 'documentFilePath' dirname when not provided.\n */\n publicPath?: string;\n}\n\n/**\n * A common engine to use to server render an application.\n *\n * @deprecated Use `AngularNodeAppEngine` or `AngularAppEngine` instead.\n * Deprecated since v22.\n */\nexport class CommonEngine {\n private readonly templateCache = new Map<string, string>();\n private readonly inlineCriticalCssProcessor = new CommonEngineInlineCriticalCssProcessor();\n private readonly pageIsSSG = new Map<string, boolean>();\n private readonly allowedHosts: ReadonlySet<string>;\n\n constructor(private options?: CommonEngineOptions) {\n this.allowedHosts = new Set(getAllowedHostsFromEnv() ?? this.options?.allowedHosts ?? []);\n\n attachNodeGlobalErrorHandlers();\n }\n\n /**\n * Render an HTML document for a specific URL with specified\n * render options\n */\n async render(opts: CommonEngineRenderOptions): Promise<string> {\n const { url } = opts;\n\n if (url && URL.canParse(url)) {\n const urlObj = new URL(url);\n try {\n validateUrl(urlObj, this.allowedHosts);\n } catch (error) {\n // eslint-disable-next-line no-console\n console.error(\n `ERROR: ${(error as Error).message}` +\n 'Please provide a list of allowed hosts in the \"allowedHosts\" option in the \"CommonEngine\" constructor.',\n );\n\n throw error;\n }\n }\n\n const enablePerformanceProfiler = this.options?.enablePerformanceProfiler;\n\n const runMethod = enablePerformanceProfiler\n ? runMethodAndMeasurePerf\n : noopRunMethodAndMeasurePerf;\n\n let html = await runMethod('Retrieve SSG Page', () => this.retrieveSSGPage(opts));\n\n if (html === undefined) {\n html = await runMethod('Render Page', () => this.renderApplication(opts));\n\n if (opts.inlineCriticalCss !== false) {\n const content = await runMethod('Inline Critical CSS', () =>\n // eslint-disable-next-line @typescript-eslint/no-non-null-assertion\n this.inlineCriticalCss(html!, opts),\n );\n\n html = content;\n }\n }\n\n if (enablePerformanceProfiler) {\n printPerformanceLogs();\n }\n\n return html;\n }\n\n private inlineCriticalCss(html: string, opts: CommonEngineRenderOptions): Promise<string> {\n const outputPath =\n opts.publicPath ?? (opts.documentFilePath ? dirname(opts.documentFilePath) : '');\n\n return this.inlineCriticalCssProcessor.process(html, outputPath);\n }\n\n private async retrieveSSGPage(opts: CommonEngineRenderOptions): Promise<string | undefined> {\n const { publicPath, documentFilePath, url } = opts;\n if (!publicPath || !documentFilePath || url === undefined) {\n return undefined;\n }\n\n const { pathname } = new URL(url, 'resolve://');\n // Do not use `resolve` here as otherwise it can lead to path traversal vulnerability.\n // See: https://portswigger.net/web-security/file-path-traversal\n const pagePath = join(publicPath, pathname, 'index.html');\n\n if (this.pageIsSSG.get(pagePath)) {\n // Serve pre-rendered page.\n return fs.promises.readFile(pagePath, 'utf-8');\n }\n\n if (!pagePath.startsWith(normalize(publicPath))) {\n // Potential path traversal detected.\n return undefined;\n }\n\n if (pagePath === resolve(documentFilePath) || !(await exists(pagePath))) {\n // View matches with prerender path or file does not exist.\n this.pageIsSSG.set(pagePath, false);\n\n return undefined;\n }\n\n // Static file exists.\n const content = await fs.promises.readFile(pagePath, 'utf-8');\n const isSSG = SSG_MARKER_REGEXP.test(content);\n this.pageIsSSG.set(pagePath, isSSG);\n\n return isSSG ? content : undefined;\n }\n\n private async renderApplication(opts: CommonEngineRenderOptions): Promise<string> {\n const moduleOrFactory = this.options?.bootstrap ?? opts.bootstrap;\n if (!moduleOrFactory) {\n throw new Error('A module or bootstrap option must be provided.');\n }\n\n const extraProviders: StaticProvider[] = [\n { provide: ɵSERVER_CONTEXT, useValue: 'ssr' },\n ...(opts.providers ?? []),\n ...(this.options?.providers ?? []),\n ];\n\n let document = opts.document;\n if (!document && opts.documentFilePath) {\n document = await this.getDocument(opts.documentFilePath);\n }\n\n const commonRenderingOptions = {\n url: opts.url,\n document,\n // Validation is already happened in the render method.\n allowedHosts: ['*'],\n };\n\n return isBootstrapFn(moduleOrFactory)\n ? renderApplication(moduleOrFactory, {\n platformProviders: extraProviders,\n ...commonRenderingOptions,\n })\n : renderModule(moduleOrFactory, { extraProviders, ...commonRenderingOptions });\n }\n\n /** Retrieve the document from the cache or the filesystem */\n private async getDocument(filePath: string): Promise<string> {\n let doc = this.templateCache.get(filePath);\n\n if (!doc) {\n doc = await fs.promises.readFile(filePath, 'utf-8');\n this.templateCache.set(filePath, doc);\n }\n\n return doc;\n }\n}\n\nasync function exists(path: fs.PathLike): Promise<boolean> {\n try {\n await fs.promises.access(path, fs.constants.F_OK);\n\n return true;\n } catch {\n return false;\n }\n}\n\nfunction isBootstrapFn(\n value: unknown,\n): value is (context: BootstrapContext) => Promise<ApplicationRef> {\n // We can differentiate between a module and a bootstrap function by reading compiler-generated `ɵmod` static property:\n return typeof value === 'function' && !('ɵmod' in value);\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport type { IncomingHttpHeaders, IncomingMessage } from 'node:http';\nimport type { Http2ServerRequest } from 'node:http2';\nimport {\n getFirstHeaderValue,\n isProxyHeaderAllowed,\n normalizeTrustProxyHeaders,\n} from '../../src/utils/validation';\n\n/**\n * A set containing all the pseudo-headers defined in the HTTP/2 specification.\n *\n * This set can be used to filter out pseudo-headers from a list of headers,\n * as they are not allowed to be set directly using the `Node.js` Undici API or\n * the web `Headers` API.\n */\nconst HTTP2_PSEUDO_HEADERS: ReadonlySet<string> = new Set([\n ':method',\n ':scheme',\n ':authority',\n ':path',\n ':status',\n]);\n\n/**\n * Converts a Node.js `IncomingMessage` or `Http2ServerRequest` into a\n * Web Standard `Request` object.\n *\n * This function adapts the Node.js request objects to a format that can\n * be used by web platform APIs.\n *\n * @param nodeRequest - The Node.js request object (`IncomingMessage` or `Http2ServerRequest`) to convert.\n * @param trustProxyHeaders - A boolean or an array of proxy headers to trust when constructing the request URL.\n *\n * @remarks\n * When `trustProxyHeaders` is enabled, headers such as `X-Forwarded-Host` and\n * `X-Forwarded-Prefix` should ideally be strictly validated at a higher infrastructure\n * level (e.g., at the reverse proxy or API gateway) before reaching the application.\n *\n * @returns A Web Standard `Request` object.\n */\nexport function createWebRequestFromNodeRequest(\n nodeRequest: IncomingMessage | Http2ServerRequest,\n trustProxyHeaders?: boolean | readonly string[],\n): Request {\n const trustProxyHeadersNormalized = normalizeTrustProxyHeaders(trustProxyHeaders);\n const { headers, method = 'GET' } = nodeRequest;\n const withBody = method !== 'GET' && method !== 'HEAD';\n const referrer = headers.referer && URL.canParse(headers.referer) ? headers.referer : undefined;\n\n return new Request(createRequestUrl(nodeRequest, trustProxyHeadersNormalized), {\n method,\n headers: createRequestHeaders(headers),\n body: withBody ? nodeRequest : undefined,\n duplex: withBody ? 'half' : undefined,\n referrer,\n });\n}\n\n/**\n * Creates a `Headers` object from Node.js `IncomingHttpHeaders`.\n *\n * @param nodeHeaders - The Node.js `IncomingHttpHeaders` object to convert.\n * @returns A `Headers` object containing the converted headers.\n */\nfunction createRequestHeaders(nodeHeaders: IncomingHttpHeaders): Headers {\n const headers = new Headers();\n\n for (const [name, value] of Object.entries(nodeHeaders)) {\n if (HTTP2_PSEUDO_HEADERS.has(name)) {\n continue;\n }\n\n if (typeof value === 'string') {\n headers.append(name, value);\n } else if (Array.isArray(value)) {\n for (const item of value) {\n headers.append(name, item);\n }\n }\n }\n\n return headers;\n}\n\n/**\n * Creates a `URL` object from a Node.js `IncomingMessage`, taking into account the protocol, host, and port.\n *\n * @param nodeRequest - The Node.js `IncomingMessage` or `Http2ServerRequest` object to extract URL information from.\n * @param trustProxyHeaders - A set of allowed proxy headers.\n *\n * @remarks\n * When `trustProxyHeaders` is enabled, headers such as `X-Forwarded-Host` and\n * `X-Forwarded-Prefix` should ideally be strictly validated at a higher infrastructure\n * level (e.g., at the reverse proxy or API gateway) before reaching the application.\n *\n * @returns A `URL` object representing the request URL.\n */\nexport function createRequestUrl(\n nodeRequest: IncomingMessage | Http2ServerRequest,\n trustProxyHeaders: ReadonlySet<string>,\n): URL {\n const {\n headers,\n socket,\n url = '',\n originalUrl,\n } = nodeRequest as IncomingMessage & { originalUrl?: string };\n\n const protocol =\n getAllowedProxyHeaderValue(headers, 'x-forwarded-proto', trustProxyHeaders) ??\n ('encrypted' in socket && socket.encrypted ? 'https' : 'http');\n\n const hostname =\n getAllowedProxyHeaderValue(headers, 'x-forwarded-host', trustProxyHeaders) ??\n headers.host ??\n headers[':authority'];\n\n if (Array.isArray(hostname)) {\n throw new Error('host value cannot be an array.');\n }\n\n let hostnameWithPort = hostname;\n if (!hostname?.includes(':')) {\n const port = getAllowedProxyHeaderValue(headers, 'x-forwarded-port', trustProxyHeaders);\n if (port) {\n hostnameWithPort += `:${port}`;\n }\n }\n\n return new URL(`${protocol}://${hostnameWithPort}${originalUrl ?? url}`);\n}\n\n/**\n * Gets the first value of an allowed proxy header.\n *\n * @param headers - The Node.js incoming HTTP headers.\n * @param headerName - The name of the proxy header to retrieve.\n * @param trustProxyHeaders - A set of allowed proxy headers.\n * @returns The value of the allowed proxy header, or `undefined` if not allowed or not present.\n */\nfunction getAllowedProxyHeaderValue(\n headers: IncomingHttpHeaders,\n headerName: string,\n trustProxyHeaders: ReadonlySet<string>,\n): string | undefined {\n return isProxyHeaderAllowed(headerName, trustProxyHeaders)\n ? getFirstHeaderValue(headers[headerName])\n : undefined;\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport { AngularAppEngine } from '@angular/ssr';\nimport type { IncomingMessage } from 'node:http';\nimport type { Http2ServerRequest } from 'node:http2';\nimport { AngularAppEngineOptions } from '../../src/app-engine';\nimport { getAllowedHostsFromEnv, getTrustProxyHeadersFromEnv } from './environment-options';\nimport { attachNodeGlobalErrorHandlers } from './errors';\nimport { createWebRequestFromNodeRequest } from './request';\n\n/**\n * Options for the Angular Node.js server application engine.\n */\nexport interface AngularNodeAppEngineOptions extends AngularAppEngineOptions {}\n\n/**\n * Angular server application engine.\n * Manages Angular server applications (including localized ones), handles rendering requests,\n * and optionally transforms index HTML before rendering.\n *\n * @remarks This class should be instantiated once and used as a singleton across the server-side\n * application to ensure consistent handling of rendering requests and resource management.\n */\nexport class AngularNodeAppEngine {\n private readonly angularAppEngine: AngularAppEngine;\n private readonly trustProxyHeaders?: boolean | readonly string[];\n\n /**\n * Creates a new instance of the Angular Node.js server application engine.\n * @param options Options for the Angular Node.js server application engine.\n */\n constructor(options?: AngularNodeAppEngineOptions) {\n const appEngineOptions: AngularAppEngineOptions = {\n ...options,\n allowedHosts: getAllowedHostsFromEnv() ?? options?.allowedHosts,\n trustProxyHeaders: getTrustProxyHeadersFromEnv() ?? options?.trustProxyHeaders,\n };\n\n this.angularAppEngine = new AngularAppEngine(appEngineOptions);\n this.trustProxyHeaders = appEngineOptions.trustProxyHeaders;\n\n attachNodeGlobalErrorHandlers();\n }\n\n /**\n * Handles an incoming HTTP request by serving prerendered content, performing server-side rendering,\n * or delivering a static file for client-side rendered routes based on the `RenderMode` setting.\n *\n * This method adapts Node.js's `IncomingMessage`, `Http2ServerRequest` or `Request`\n * to a format compatible with the `AngularAppEngine` and delegates the handling logic to it.\n *\n * @param request - The incoming HTTP request (`IncomingMessage`, `Http2ServerRequest` or `Request`).\n * @param requestContext - Optional context for rendering, such as metadata associated with the request.\n * @returns A promise that resolves to the resulting HTTP response object, or `null` if no matching Angular route is found.\n *\n * @remarks A request to `https://www.example.com/page/index.html` will serve or render the Angular route\n * corresponding to `https://www.example.com/page`.\n *\n * @remarks\n * To prevent potential Server-Side Request Forgery (SSRF), this function verifies the hostname\n * of the `request.url` against a list of authorized hosts.\n * If the hostname is not recognized a 400 Bad Request is returned.\n *\n * Resolution:\n * Authorize your hostname by configuring `allowedHosts` in `angular.json` in:\n * `projects.[project-name].architect.build.options.security.allowedHosts`.\n * Alternatively, you can define the allowed hostname via the environment variable `process.env['NG_ALLOWED_HOSTS']`\n * or pass it directly through the configuration options of `AngularNodeAppEngine`.\n *\n * For more information see: https://angular.dev/best-practices/security#preventing-server-side-request-forgery-ssrf\n */\n async handle(\n request: IncomingMessage | Http2ServerRequest | Request,\n requestContext?: unknown,\n ): Promise<Response | null> {\n const webRequest =\n request instanceof Request\n ? request\n : createWebRequestFromNodeRequest(request, this.trustProxyHeaders);\n\n return this.angularAppEngine.handle(webRequest, requestContext);\n }\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport type { IncomingMessage, ServerResponse } from 'node:http';\n\n/**\n * Represents a middleware function for handling HTTP requests in a Node.js environment.\n *\n * @param req - The incoming HTTP request object.\n * @param res - The outgoing HTTP response object.\n * @param next - A callback function that signals the completion of the middleware or forwards the error if provided.\n *\n * @returns A Promise that resolves to void or simply void. The handler can be asynchronous.\n */\nexport type NodeRequestHandlerFunction = (\n req: IncomingMessage,\n res: ServerResponse,\n next: (err?: unknown) => void,\n) => Promise<void> | void;\n\n/**\n * Attaches metadata to the handler function to mark it as a special handler for Node.js environments.\n *\n * @typeParam T - The type of the handler function.\n * @param handler - The handler function to be defined and annotated.\n * @returns The same handler function passed as an argument, with metadata attached.\n *\n * @example\n * Usage in an Express application:\n * ```ts\n * const app = express();\n * export default createNodeRequestHandler(app);\n * ```\n *\n * @example\n * Usage in a Hono application:\n * ```ts\n * const app = new Hono();\n * export default createNodeRequestHandler(async (req, res, next) => {\n * try {\n * const webRes = await app.fetch(createWebRequestFromNodeRequest(req));\n * if (webRes) {\n * await writeResponseToNodeResponse(webRes, res);\n * } else {\n * next();\n * }\n * } catch (error) {\n * next(error);\n * }\n * });\n * ```\n *\n * @example\n * Usage in a Fastify application:\n * ```ts\n * const app = Fastify();\n * export default createNodeRequestHandler(async (req, res) => {\n * await app.ready();\n * app.server.emit('request', req, res);\n * });\n * ```\n */\nexport function createNodeRequestHandler<T extends NodeRequestHandlerFunction>(handler: T): T {\n (handler as T & { __ng_node_request_handler__?: boolean })['__ng_node_request_handler__'] = true;\n\n return handler;\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport type { ServerResponse } from 'node:http';\nimport type { Http2ServerResponse } from 'node:http2';\n\n/**\n * Streams a web-standard `Response` into a Node.js `ServerResponse`\n * or `Http2ServerResponse`.\n *\n * This function adapts the web `Response` object to write its content\n * to a Node.js response object, handling both HTTP/1.1 and HTTP/2.\n *\n * @param source - The web-standard `Response` object to stream from.\n * @param destination - The Node.js response object (`ServerResponse` or `Http2ServerResponse`) to stream into.\n * @returns A promise that resolves once the streaming operation is complete.\n */\nexport async function writeResponseToNodeResponse(\n source: Response,\n destination: ServerResponse | Http2ServerResponse,\n): Promise<void> {\n const { status, headers, body } = source;\n destination.statusCode = status;\n\n let cookieHeaderSet = false;\n for (const [name, value] of headers.entries()) {\n if (name === 'set-cookie') {\n if (cookieHeaderSet) {\n continue;\n }\n\n // Sets the 'set-cookie' header only once to ensure it is correctly applied.\n // Concatenating 'set-cookie' values can lead to incorrect behavior, so we use a single value from `headers.getSetCookie()`.\n destination.setHeader(name, headers.getSetCookie());\n cookieHeaderSet = true;\n } else {\n destination.setHeader(name, value);\n }\n }\n\n if ('flushHeaders' in destination) {\n destination.flushHeaders();\n }\n\n if (!body) {\n destination.end();\n\n return;\n }\n\n try {\n const reader = body.getReader();\n\n destination.on('close', () => {\n reader.cancel().catch((error) => {\n // eslint-disable-next-line no-console\n console.error(\n `An error occurred while writing the response body for: ${destination.req.url}.`,\n error,\n );\n });\n });\n\n // eslint-disable-next-line no-constant-condition\n while (true) {\n const { done, value } = await reader.read();\n if (done) {\n destination.end();\n break;\n }\n\n const canContinue = (destination as ServerResponse).write(value);\n if (canContinue === false) {\n // Explicitly check for `false`, as AWS may return `undefined` even though this is not valid.\n // See: https://github.com/CodeGenieApp/serverless-express/issues/683\n await new Promise<void>((resolve) => destination.once('drain', resolve));\n }\n }\n } catch {\n destination.end('Internal server error.');\n }\n}\n","/**\n * @license\n * Copyright Google LLC All Rights Reserved.\n *\n * Use of this source code is governed by an MIT-style license that can be\n * found in the LICENSE file at https://angular.dev/license\n */\n\nimport { argv } from 'node:process';\nimport { fileURLToPath } from 'node:url';\n\n/**\n * Determines whether the provided URL represents the main entry point module.\n *\n * This function checks if the provided URL corresponds to the main ESM module being executed directly.\n * It's useful for conditionally executing code that should only run when a module is the entry point,\n * such as starting a server or initializing an application.\n *\n * It performs two key checks:\n * 1. Verifies if the URL starts with 'file:', ensuring it is a local file.\n * 2. Compares the URL's resolved file path with the first command-line argument (`process.argv[1]`),\n * which points to the file being executed.\n *\n * @param url The URL of the module to check. This should typically be `import.meta.url`.\n * @returns `true` if the provided URL represents the main entry point, otherwise `false`.\n */\nexport function isMainModule(url: string): boolean {\n return url.startsWith('file:') && argv[1] === fileURLToPath(url);\n}\n"],"names":["getAllowedHostsFromEnv","getArrayFromEnv","getTrustProxyHeadersFromEnv","envName","envValue","process","env","undefined","values","value","split","trimmed","trim","length","push","attachNodeGlobalErrorHandlers","Zone","gThis","globalThis","ngAttachNodeGlobalErrorHandlersCalled","on","error","console","CommonEngineInlineCriticalCssProcessor","resourceCache","Map","html","outputPath","beasties","InlineCriticalCssProcessor","path","resourceContent","get","readFile","set","PERFORMANCE_MARK_PREFIX","printPerformanceLogs","maxWordLength","benchmarks","name","duration","performance","getEntriesByType","startsWith","step","slice","toFixed","clearMeasures","log","spaces","repeat","runMethodAndMeasurePerf","label","asyncMethod","labelName","startLabel","endLabel","mark","measure","clearMarks","noopRunMethodAndMeasurePerf","SSG_MARKER_REGEXP","CommonEngine","options","templateCache","inlineCriticalCssProcessor","pageIsSSG","allowedHosts","constructor","Set","render","opts","url","URL","canParse","urlObj","validateUrl","message","enablePerformanceProfiler","runMethod","retrieveSSGPage","renderApplication","inlineCriticalCss","content","publicPath","documentFilePath","dirname","pathname","pagePath","join","fs","promises","normalize","resolve","exists","isSSG","test","moduleOrFactory","bootstrap","Error","extraProviders","provide","ɵSERVER_CONTEXT","useValue","providers","document","getDocument","commonRenderingOptions","isBootstrapFn","platformProviders","renderModule","filePath","doc","access","constants","F_OK","HTTP2_PSEUDO_HEADERS","createWebRequestFromNodeRequest","nodeRequest","trustProxyHeaders","trustProxyHeadersNormalized","normalizeTrustProxyHeaders","headers","method","withBody","referrer","referer","Request","createRequestUrl","createRequestHeaders","body","duplex","nodeHeaders","Headers","Object","entries","has","append","Array","isArray","item","socket","originalUrl","protocol","getAllowedProxyHeaderValue","encrypted","hostname","host","hostnameWithPort","includes","port","headerName","isProxyHeaderAllowed","getFirstHeaderValue","AngularNodeAppEngine","angularAppEngine","appEngineOptions","AngularAppEngine","handle","request","requestContext","webRequest","createNodeRequestHandler","handler","writeResponseToNodeResponse","source","destination","status","statusCode","cookieHeaderSet","setHeader","getSetCookie","flushHeaders","end","reader","getReader","cancel","catch","req","done","read","canContinue","write","Promise","once","isMainModule","argv","fileURLToPath"],"mappings":";;;;;;;;;SAYgBA,sBAAsBA,GAAA;EACpC,OAAOC,eAAe,CAAC,kBAAkB,CAAC;AAC5C;SAMgBC,2BAA2BA,GAAA;EACzC,OAAOD,eAAe,CAAC,wBAAwB,CAAC;AAClD;AAEA,SAASA,eAAeA,CAACE,OAAe,EAAA;AACtC,EAAA,MAAMC,QAAQ,GAAGC,OAAO,CAACC,GAAG,CAACH,OAAO,CAAC;EACrC,IAAI,CAACC,QAAQ,EAAE;AACb,IAAA,OAAOG,SAAS;AAClB,EAAA;EAEA,MAAMC,MAAM,GAAa,EAAE;EAC3B,KAAK,MAAMC,KAAK,IAAIL,QAAQ,CAACM,KAAK,CAAC,GAAG,CAAC,EAAE;AACvC,IAAA,MAAMC,OAAO,GAAGF,KAAK,CAACG,IAAI,EAAE;AAC5B,IAAA,IAAID,OAAO,CAACE,MAAM,GAAG,CAAC,EAAE;AACtBL,MAAAA,MAAM,CAACM,IAAI,CAACH,OAAO,CAAC;AACtB,IAAA;AACF,EAAA;AAEA,EAAA,OAAOH,MAAM;AACf;;SCnBgBO,6BAA6BA,GAAA;AAC3C,EAAA,IAAI,OAAOC,IAAI,KAAK,WAAW,EAAE;AAC/B,IAAA;AACF,EAAA;EAIA,MAAMC,KAAK,GAA4EC,UAAU;EACjG,IAAID,KAAK,CAACE,qCAAqC,EAAE;AAC/C,IAAA;AACF,EAAA;EAEAF,KAAK,CAACE,qCAAqC,GAAG,IAAI;AAElDd,EAAAA,OAAA,CAEGe,EAAE,CAAC,oBAAoB,EAAGC,KAAK,IAAKC,OAAO,CAACD,KAAK,CAAC,oBAAoB,EAAEA,KAAK,CAAC,CAAA,CAE9ED,EAAE,CAAC,mBAAmB,EAAGC,KAAK,IAAKC,OAAO,CAACD,KAAK,CAAC,mBAAmB,EAAEA,KAAK,CAAC,CAAC;AAClF;;MC5BaE,sCAAsC,CAAA;AAChCC,EAAAA,aAAa,GAAG,IAAIC,GAAG,EAAkB;AAE1D,EAAA,MAAMpB,OAAOA,CAACqB,IAAY,EAAEC,UAA8B,EAAA;AACxD,IAAA,MAAMC,QAAQ,GAAG,IAAIC,2BAA0B,CAAC,MAAOC,IAAI,IAAI;MAC7D,IAAIC,eAAe,GAAG,IAAI,CAACP,aAAa,CAACQ,GAAG,CAACF,IAAI,CAAC;MAClD,IAAIC,eAAe,KAAKxB,SAAS,EAAE;AACjCwB,QAAAA,eAAe,GAAG,MAAME,QAAQ,CAACH,IAAI,EAAE,OAAO,CAAC;QAC/C,IAAI,CAACN,aAAa,CAACU,GAAG,CAACJ,IAAI,EAAEC,eAAe,CAAC;AAC/C,MAAA;AAEA,MAAA,OAAOA,eAAe;IACxB,CAAC,EAAEJ,UAAU,CAAC;AAEd,IAAA,OAAOC,QAAQ,CAACvB,OAAO,CAACqB,IAAI,CAAC;AAC/B,EAAA;AACD;;ACnBD,MAAMS,uBAAuB,GAAG,KAAK;SAErBC,oBAAoBA,GAAA;EAClC,IAAIC,aAAa,GAAG,CAAC;EACrB,MAAMC,UAAU,GAAoC,EAAE;AAEtD,EAAA,KAAK,MAAM;IAAEC,IAAI;AAAEC,IAAAA;AAAQ,GAAE,IAAIC,WAAW,CAACC,gBAAgB,CAAC,SAAS,CAAC,EAAE;AACxE,IAAA,IAAI,CAACH,IAAI,CAACI,UAAU,CAACR,uBAAuB,CAAC,EAAE;AAC7C,MAAA;AACF,IAAA;AAGA,IAAA,MAAMS,IAAI,GAAGL,IAAI,CAACM,KAAK,CAACV,uBAAuB,CAACtB,MAAM,GAAG,CAAC,CAAC,GAAG,GAAG;AACjE,IAAA,IAAI+B,IAAI,CAAC/B,MAAM,GAAGwB,aAAa,EAAE;MAC/BA,aAAa,GAAGO,IAAI,CAAC/B,MAAM;AAC7B,IAAA;AAEAyB,IAAAA,UAAU,CAACxB,IAAI,CAAC,CAAC8B,IAAI,EAAE,CAAA,EAAGJ,QAAQ,CAACM,OAAO,CAAC,CAAC,CAAC,CAAA,EAAA,CAAI,CAAC,CAAC;AACnDL,IAAAA,WAAW,CAACM,aAAa,CAACR,IAAI,CAAC;AACjC,EAAA;AAGAjB,EAAAA,OAAO,CAAC0B,GAAG,CAAC,2CAA2C,CAAC;EACxD,KAAK,MAAM,CAACJ,IAAI,EAAEnC,KAAK,CAAC,IAAI6B,UAAU,EAAE;IACtC,MAAMW,MAAM,GAAGZ,aAAa,GAAGO,IAAI,CAAC/B,MAAM,GAAG,CAAC;AAC9CS,IAAAA,OAAO,CAAC0B,GAAG,CAACJ,IAAI,GAAG,GAAG,CAACM,MAAM,CAACD,MAAM,CAAC,GAAGxC,KAAK,CAAC;AAChD,EAAA;AACAa,EAAAA,OAAO,CAAC0B,GAAG,CAAC,2CAA2C,CAAC;AAE1D;AAEO,eAAeG,uBAAuBA,CAC3CC,KAAa,EACbC,WAA6B,EAAA;AAE7B,EAAA,MAAMC,SAAS,GAAG,CAAA,EAAGnB,uBAAuB,CAAA,CAAA,EAAIiB,KAAK,CAAA,CAAE;AACvD,EAAA,MAAMG,UAAU,GAAG,CAAA,MAAA,EAASD,SAAS,CAAA,CAAE;AACvC,EAAA,MAAME,QAAQ,GAAG,CAAA,IAAA,EAAOF,SAAS,CAAA,CAAE;EAEnC,IAAI;AACFb,IAAAA,WAAW,CAACgB,IAAI,CAACF,UAAU,CAAC;IAE5B,OAAO,MAAMF,WAAW,EAAE;AAC5B,EAAA,CAAA,SAAU;AACRZ,IAAAA,WAAW,CAACgB,IAAI,CAACD,QAAQ,CAAC;IAC1Bf,WAAW,CAACiB,OAAO,CAACJ,SAAS,EAAEC,UAAU,EAAEC,QAAQ,CAAC;AACpDf,IAAAA,WAAW,CAACkB,UAAU,CAACJ,UAAU,CAAC;AAClCd,IAAAA,WAAW,CAACkB,UAAU,CAACH,QAAQ,CAAC;AAClC,EAAA;AACF;AAEM,SAAUI,2BAA2BA,CACzCR,KAAa,EACbC,WAA6B,EAAA;EAE7B,OAAOA,WAAW,EAAE;AACtB;;ACxCA,MAAMQ,iBAAiB,GAAG,2CAA2C;MAqDxDC,YAAY,CAAA;EAMHC,OAAA;AALHC,EAAAA,aAAa,GAAG,IAAIvC,GAAG,EAAkB;AACzCwC,EAAAA,0BAA0B,GAAG,IAAI1C,sCAAsC,EAAE;AACzE2C,EAAAA,SAAS,GAAG,IAAIzC,GAAG,EAAmB;EACtC0C,YAAY;EAE7BC,WAAAA,CAAoBL,OAA6B,EAAA;IAA7B,IAAA,CAAAA,OAAO,GAAPA,OAAO;AACzB,IAAA,IAAI,CAACI,YAAY,GAAG,IAAIE,GAAG,CAACrE,sBAAsB,EAAE,IAAI,IAAI,CAAC+D,OAAO,EAAEI,YAAY,IAAI,EAAE,CAAC;AAEzFpD,IAAAA,6BAA6B,EAAE;AACjC,EAAA;EAMA,MAAMuD,MAAMA,CAACC,IAA+B,EAAA;IAC1C,MAAM;AAAEC,MAAAA;AAAG,KAAE,GAAGD,IAAI;IAEpB,IAAIC,GAAG,IAAIC,KAAG,CAACC,QAAQ,CAACF,GAAG,CAAC,EAAE;AAC5B,MAAA,MAAMG,MAAM,GAAG,IAAIF,KAAG,CAACD,GAAG,CAAC;MAC3B,IAAI;AACFI,QAAAA,WAAW,CAACD,MAAM,EAAE,IAAI,CAACR,YAAY,CAAC;MACxC,CAAA,CAAE,OAAO9C,KAAK,EAAE;QAEdC,OAAO,CAACD,KAAK,CACX,CAAA,OAAA,EAAWA,KAAe,CAACwD,OAAO,CAAA,CAAE,GAClC,wGAAwG,CAC3G;AAED,QAAA,MAAMxD,KAAK;AACb,MAAA;AACF,IAAA;AAEA,IAAA,MAAMyD,yBAAyB,GAAG,IAAI,CAACf,OAAO,EAAEe,yBAAyB;AAEzE,IAAA,MAAMC,SAAS,GAAGD,yBAAA,GACd3B,uBAAA,GACAS,2BAA2B;AAE/B,IAAA,IAAIlC,IAAI,GAAG,MAAMqD,SAAS,CAAC,mBAAmB,EAAE,MAAM,IAAI,CAACC,eAAe,CAACT,IAAI,CAAC,CAAC;IAEjF,IAAI7C,IAAI,KAAKnB,SAAS,EAAE;AACtBmB,MAAAA,IAAI,GAAG,MAAMqD,SAAS,CAAC,aAAa,EAAE,MAAM,IAAI,CAACE,iBAAiB,CAACV,IAAI,CAAC,CAAC;AAEzE,MAAA,IAAIA,IAAI,CAACW,iBAAiB,KAAK,KAAK,EAAE;AACpC,QAAA,MAAMC,OAAO,GAAG,MAAMJ,SAAS,CAAC,qBAAqB,EAAE,MAErD,IAAI,CAACG,iBAAiB,CAACxD,IAAK,EAAE6C,IAAI,CAAC,CACpC;AAED7C,QAAAA,IAAI,GAAGyD,OAAO;AAChB,MAAA;AACF,IAAA;AAEA,IAAA,IAAIL,yBAAyB,EAAE;AAC7B1C,MAAAA,oBAAoB,EAAE;AACxB,IAAA;AAEA,IAAA,OAAOV,IAAI;AACb,EAAA;AAEQwD,EAAAA,iBAAiBA,CAACxD,IAAY,EAAE6C,IAA+B,EAAA;AACrE,IAAA,MAAM5C,UAAU,GACd4C,IAAI,CAACa,UAAU,KAAKb,IAAI,CAACc,gBAAgB,GAAGC,OAAO,CAACf,IAAI,CAACc,gBAAgB,CAAC,GAAG,EAAE,CAAC;IAElF,OAAO,IAAI,CAACpB,0BAA0B,CAAC5D,OAAO,CAACqB,IAAI,EAAEC,UAAU,CAAC;AAClE,EAAA;EAEQ,MAAMqD,eAAeA,CAACT,IAA+B,EAAA;IAC3D,MAAM;MAAEa,UAAU;MAAEC,gBAAgB;AAAEb,MAAAA;AAAG,KAAE,GAAGD,IAAI;IAClD,IAAI,CAACa,UAAU,IAAI,CAACC,gBAAgB,IAAIb,GAAG,KAAKjE,SAAS,EAAE;AACzD,MAAA,OAAOA,SAAS;AAClB,IAAA;IAEA,MAAM;AAAEgF,MAAAA;AAAQ,KAAE,GAAG,IAAId,KAAG,CAACD,GAAG,EAAE,YAAY,CAAC;IAG/C,MAAMgB,QAAQ,GAAGC,IAAI,CAACL,UAAU,EAAEG,QAAQ,EAAE,YAAY,CAAC;IAEzD,IAAI,IAAI,CAACrB,SAAS,CAAClC,GAAG,CAACwD,QAAQ,CAAC,EAAE;MAEhC,OAAOE,EAAE,CAACC,QAAQ,CAAC1D,QAAQ,CAACuD,QAAQ,EAAE,OAAO,CAAC;AAChD,IAAA;IAEA,IAAI,CAACA,QAAQ,CAAC7C,UAAU,CAACiD,SAAS,CAACR,UAAU,CAAC,CAAC,EAAE;AAE/C,MAAA,OAAO7E,SAAS;AAClB,IAAA;AAEA,IAAA,IAAIiF,QAAQ,KAAKK,OAAO,CAACR,gBAAgB,CAAC,IAAI,EAAE,MAAMS,MAAM,CAACN,QAAQ,CAAC,CAAC,EAAE;MAEvE,IAAI,CAACtB,SAAS,CAAChC,GAAG,CAACsD,QAAQ,EAAE,KAAK,CAAC;AAEnC,MAAA,OAAOjF,SAAS;AAClB,IAAA;AAGA,IAAA,MAAM4E,OAAO,GAAG,MAAMO,EAAE,CAACC,QAAQ,CAAC1D,QAAQ,CAACuD,QAAQ,EAAE,OAAO,CAAC;AAC7D,IAAA,MAAMO,KAAK,GAAGlC,iBAAiB,CAACmC,IAAI,CAACb,OAAO,CAAC;IAC7C,IAAI,CAACjB,SAAS,CAAChC,GAAG,CAACsD,QAAQ,EAAEO,KAAK,CAAC;AAEnC,IAAA,OAAOA,KAAK,GAAGZ,OAAO,GAAG5E,SAAS;AACpC,EAAA;EAEQ,MAAM0E,iBAAiBA,CAACV,IAA+B,EAAA;IAC7D,MAAM0B,eAAe,GAAG,IAAI,CAAClC,OAAO,EAAEmC,SAAS,IAAI3B,IAAI,CAAC2B,SAAS;IACjE,IAAI,CAACD,eAAe,EAAE;AACpB,MAAA,MAAM,IAAIE,KAAK,CAAC,gDAAgD,CAAC;AACnE,IAAA;IAEA,MAAMC,cAAc,GAAqB,CACvC;AAAEC,MAAAA,OAAO,EAAEC,eAAe;AAAEC,MAAAA,QAAQ,EAAE;AAAK,KAAE,EAC7C,IAAIhC,IAAI,CAACiC,SAAS,IAAI,EAAE,CAAC,EACzB,IAAI,IAAI,CAACzC,OAAO,EAAEyC,SAAS,IAAI,EAAE,CAAC,CACnC;AAED,IAAA,IAAIC,QAAQ,GAAGlC,IAAI,CAACkC,QAAQ;AAC5B,IAAA,IAAI,CAACA,QAAQ,IAAIlC,IAAI,CAACc,gBAAgB,EAAE;MACtCoB,QAAQ,GAAG,MAAM,IAAI,CAACC,WAAW,CAACnC,IAAI,CAACc,gBAAgB,CAAC;AAC1D,IAAA;AAEA,IAAA,MAAMsB,sBAAsB,GAAG;MAC7BnC,GAAG,EAAED,IAAI,CAACC,GAAG;MACbiC,QAAQ;MAERtC,YAAY,EAAE,CAAC,GAAG;KACnB;IAED,OAAOyC,aAAa,CAACX,eAAe,CAAA,GAChChB,iBAAiB,CAACgB,eAAe,EAAE;AACjCY,MAAAA,iBAAiB,EAAET,cAAc;MACjC,GAAGO;KACJ,CAAA,GACDG,YAAY,CAACb,eAAe,EAAE;MAAEG,cAAc;MAAE,GAAGO;AAAsB,KAAE,CAAC;AAClF,EAAA;EAGQ,MAAMD,WAAWA,CAACK,QAAgB,EAAA;IACxC,IAAIC,GAAG,GAAG,IAAI,CAAChD,aAAa,CAAChC,GAAG,CAAC+E,QAAQ,CAAC;IAE1C,IAAI,CAACC,GAAG,EAAE;MACRA,GAAG,GAAG,MAAMtB,EAAE,CAACC,QAAQ,CAAC1D,QAAQ,CAAC8E,QAAQ,EAAE,OAAO,CAAC;MACnD,IAAI,CAAC/C,aAAa,CAAC9B,GAAG,CAAC6E,QAAQ,EAAEC,GAAG,CAAC;AACvC,IAAA;AAEA,IAAA,OAAOA,GAAG;AACZ,EAAA;AACD;AAED,eAAelB,MAAMA,CAAChE,IAAiB,EAAA;EACrC,IAAI;AACF,IAAA,MAAM4D,EAAE,CAACC,QAAQ,CAACsB,MAAM,CAACnF,IAAI,EAAE4D,EAAE,CAACwB,SAAS,CAACC,IAAI,CAAC;AAEjD,IAAA,OAAO,IAAI;AACb,EAAA,CAAA,CAAE,MAAM;AACN,IAAA,OAAO,KAAK;AACd,EAAA;AACF;AAEA,SAASP,aAAaA,CACpBnG,KAAc,EAAA;EAGd,OAAO,OAAOA,KAAK,KAAK,UAAU,IAAI,EAAE,MAAM,IAAIA,KAAK,CAAC;AAC1D;;AC3NA,MAAM2G,oBAAoB,GAAwB,IAAI/C,GAAG,CAAC,CACxD,SAAS,EACT,SAAS,EACT,YAAY,EACZ,OAAO,EACP,SAAS,CACV,CAAC;AAmBI,SAAUgD,+BAA+BA,CAC7CC,WAAiD,EACjDC,iBAA+C,EAAA;AAE/C,EAAA,MAAMC,2BAA2B,GAAGC,0BAA0B,CAACF,iBAAiB,CAAC;EACjF,MAAM;IAAEG,OAAO;AAAEC,IAAAA,MAAM,GAAG;AAAK,GAAE,GAAGL,WAAW;EAC/C,MAAMM,QAAQ,GAAGD,MAAM,KAAK,KAAK,IAAIA,MAAM,KAAK,MAAM;AACtD,EAAA,MAAME,QAAQ,GAAGH,OAAO,CAACI,OAAO,IAAIrD,GAAG,CAACC,QAAQ,CAACgD,OAAO,CAACI,OAAO,CAAC,GAAGJ,OAAO,CAACI,OAAO,GAAGvH,SAAS;EAE/F,OAAO,IAAIwH,OAAO,CAACC,gBAAgB,CAACV,WAAW,EAAEE,2BAA2B,CAAC,EAAE;IAC7EG,MAAM;AACND,IAAAA,OAAO,EAAEO,oBAAoB,CAACP,OAAO,CAAC;AACtCQ,IAAAA,IAAI,EAAEN,QAAQ,GAAGN,WAAW,GAAG/G,SAAS;AACxC4H,IAAAA,MAAM,EAAEP,QAAQ,GAAG,MAAM,GAAGrH,SAAS;AACrCsH,IAAAA;AACD,GAAA,CAAC;AACJ;AAQA,SAASI,oBAAoBA,CAACG,WAAgC,EAAA;AAC5D,EAAA,MAAMV,OAAO,GAAG,IAAIW,OAAO,EAAE;AAE7B,EAAA,KAAK,MAAM,CAAC9F,IAAI,EAAE9B,KAAK,CAAC,IAAI6H,MAAM,CAACC,OAAO,CAACH,WAAW,CAAC,EAAE;AACvD,IAAA,IAAIhB,oBAAoB,CAACoB,GAAG,CAACjG,IAAI,CAAC,EAAE;AAClC,MAAA;AACF,IAAA;AAEA,IAAA,IAAI,OAAO9B,KAAK,KAAK,QAAQ,EAAE;AAC7BiH,MAAAA,OAAO,CAACe,MAAM,CAAClG,IAAI,EAAE9B,KAAK,CAAC;IAC7B,CAAA,MAAO,IAAIiI,KAAK,CAACC,OAAO,CAAClI,KAAK,CAAC,EAAE;AAC/B,MAAA,KAAK,MAAMmI,IAAI,IAAInI,KAAK,EAAE;AACxBiH,QAAAA,OAAO,CAACe,MAAM,CAAClG,IAAI,EAAEqG,IAAI,CAAC;AAC5B,MAAA;AACF,IAAA;AACF,EAAA;AAEA,EAAA,OAAOlB,OAAO;AAChB;AAeM,SAAUM,gBAAgBA,CAC9BV,WAAiD,EACjDC,iBAAsC,EAAA;EAEtC,MAAM;IACJG,OAAO;IACPmB,MAAM;AACNrE,IAAAA,GAAG,GAAG,EAAE;AACRsE,IAAAA;AAAW,GACZ,GAAGxB,WAAyD;EAE7D,MAAMyB,QAAQ,GACZC,0BAA0B,CAACtB,OAAO,EAAE,mBAAmB,EAAEH,iBAAiB,CAAC,KAC1E,WAAW,IAAIsB,MAAM,IAAIA,MAAM,CAACI,SAAS,GAAG,OAAO,GAAG,MAAM,CAAC;AAEhE,EAAA,MAAMC,QAAQ,GACZF,0BAA0B,CAACtB,OAAO,EAAE,kBAAkB,EAAEH,iBAAiB,CAAC,IAC1EG,OAAO,CAACyB,IAAI,IACZzB,OAAO,CAAC,YAAY,CAAC;AAEvB,EAAA,IAAIgB,KAAK,CAACC,OAAO,CAACO,QAAQ,CAAC,EAAE;AAC3B,IAAA,MAAM,IAAI/C,KAAK,CAAC,gCAAgC,CAAC;AACnD,EAAA;EAEA,IAAIiD,gBAAgB,GAAGF,QAAQ;AAC/B,EAAA,IAAI,CAACA,QAAQ,EAAEG,QAAQ,CAAC,GAAG,CAAC,EAAE;IAC5B,MAAMC,IAAI,GAAGN,0BAA0B,CAACtB,OAAO,EAAE,kBAAkB,EAAEH,iBAAiB,CAAC;AACvF,IAAA,IAAI+B,IAAI,EAAE;MACRF,gBAAgB,IAAI,CAAA,CAAA,EAAIE,IAAI,CAAA,CAAE;AAChC,IAAA;AACF,EAAA;AAEA,EAAA,OAAO,IAAI7E,GAAG,CAAC,CAAA,EAAGsE,QAAQ,CAAA,GAAA,EAAMK,gBAAgB,CAAA,EAAGN,WAAW,IAAItE,GAAG,CAAA,CAAE,CAAC;AAC1E;AAUA,SAASwE,0BAA0BA,CACjCtB,OAA4B,EAC5B6B,UAAkB,EAClBhC,iBAAsC,EAAA;AAEtC,EAAA,OAAOiC,oBAAoB,CAACD,UAAU,EAAEhC,iBAAiB,CAAA,GACrDkC,mBAAmB,CAAC/B,OAAO,CAAC6B,UAAU,CAAC,CAAA,GACvChJ,SAAS;AACf;;MC/HamJ,oBAAoB,CAAA;EACdC,gBAAgB;EAChBpC,iBAAiB;EAMlCnD,WAAAA,CAAYL,OAAqC,EAAA;AAC/C,IAAA,MAAM6F,gBAAgB,GAA4B;AAChD,MAAA,GAAG7F,OAAO;AACVI,MAAAA,YAAY,EAAEnE,sBAAsB,EAAE,IAAI+D,OAAO,EAAEI,YAAY;AAC/DoD,MAAAA,iBAAiB,EAAErH,2BAA2B,EAAE,IAAI6D,OAAO,EAAEwD;KAC9D;AAED,IAAA,IAAI,CAACoC,gBAAgB,GAAG,IAAIE,gBAAgB,CAACD,gBAAgB,CAAC;AAC9D,IAAA,IAAI,CAACrC,iBAAiB,GAAGqC,gBAAgB,CAACrC,iBAAiB;AAE3DxG,IAAAA,6BAA6B,EAAE;AACjC,EAAA;AA6BA,EAAA,MAAM+I,MAAMA,CACVC,OAAuD,EACvDC,cAAwB,EAAA;AAExB,IAAA,MAAMC,UAAU,GACdF,OAAO,YAAYhC,OAAA,GACfgC,OAAA,GACA1C,+BAA+B,CAAC0C,OAAO,EAAE,IAAI,CAACxC,iBAAiB,CAAC;IAEtE,OAAO,IAAI,CAACoC,gBAAgB,CAACG,MAAM,CAACG,UAAU,EAAED,cAAc,CAAC;AACjE,EAAA;AACD;;ACrBK,SAAUE,wBAAwBA,CAAuCC,OAAU,EAAA;AACtFA,EAAAA,OAAyD,CAAC,6BAA6B,CAAC,GAAG,IAAI;AAEhG,EAAA,OAAOA,OAAO;AAChB;;ACjDO,eAAeC,2BAA2BA,CAC/CC,MAAgB,EAChBC,WAAiD,EAAA;EAEjD,MAAM;IAAEC,MAAM;IAAE7C,OAAO;AAAEQ,IAAAA;AAAI,GAAE,GAAGmC,MAAM;EACxCC,WAAW,CAACE,UAAU,GAAGD,MAAM;EAE/B,IAAIE,eAAe,GAAG,KAAK;AAC3B,EAAA,KAAK,MAAM,CAAClI,IAAI,EAAE9B,KAAK,CAAC,IAAIiH,OAAO,CAACa,OAAO,EAAE,EAAE;IAC7C,IAAIhG,IAAI,KAAK,YAAY,EAAE;AACzB,MAAA,IAAIkI,eAAe,EAAE;AACnB,QAAA;AACF,MAAA;MAIAH,WAAW,CAACI,SAAS,CAACnI,IAAI,EAAEmF,OAAO,CAACiD,YAAY,EAAE,CAAC;AACnDF,MAAAA,eAAe,GAAG,IAAI;AACxB,IAAA,CAAA,MAAO;AACLH,MAAAA,WAAW,CAACI,SAAS,CAACnI,IAAI,EAAE9B,KAAK,CAAC;AACpC,IAAA;AACF,EAAA;EAEA,IAAI,cAAc,IAAI6J,WAAW,EAAE;IACjCA,WAAW,CAACM,YAAY,EAAE;AAC5B,EAAA;EAEA,IAAI,CAAC1C,IAAI,EAAE;IACToC,WAAW,CAACO,GAAG,EAAE;AAEjB,IAAA;AACF,EAAA;EAEA,IAAI;AACF,IAAA,MAAMC,MAAM,GAAG5C,IAAI,CAAC6C,SAAS,EAAE;AAE/BT,IAAAA,WAAW,CAAClJ,EAAE,CAAC,OAAO,EAAE,MAAK;MAC3B0J,MAAM,CAACE,MAAM,EAAE,CAACC,KAAK,CAAE5J,KAAK,IAAI;AAE9BC,QAAAA,OAAO,CAACD,KAAK,CACX,CAAA,uDAAA,EAA0DiJ,WAAW,CAACY,GAAG,CAAC1G,GAAG,CAAA,CAAA,CAAG,EAChFnD,KAAK,CACN;AACH,MAAA,CAAC,CAAC;AACJ,IAAA,CAAC,CAAC;AAGF,IAAA,OAAO,IAAI,EAAE;MACX,MAAM;QAAE8J,IAAI;AAAE1K,QAAAA;AAAK,OAAE,GAAG,MAAMqK,MAAM,CAACM,IAAI,EAAE;AAC3C,MAAA,IAAID,IAAI,EAAE;QACRb,WAAW,CAACO,GAAG,EAAE;AACjB,QAAA;AACF,MAAA;AAEA,MAAA,MAAMQ,WAAW,GAAIf,WAA8B,CAACgB,KAAK,CAAC7K,KAAK,CAAC;MAChE,IAAI4K,WAAW,KAAK,KAAK,EAAE;AAGzB,QAAA,MAAM,IAAIE,OAAO,CAAQ1F,OAAO,IAAKyE,WAAW,CAACkB,IAAI,CAAC,OAAO,EAAE3F,OAAO,CAAC,CAAC;AAC1E,MAAA;AACF,IAAA;AACF,EAAA,CAAA,CAAE,MAAM;AACNyE,IAAAA,WAAW,CAACO,GAAG,CAAC,wBAAwB,CAAC;AAC3C,EAAA;AACF;;AC5DM,SAAUY,YAAYA,CAACjH,GAAW,EAAA;AACtC,EAAA,OAAOA,GAAG,CAAC7B,UAAU,CAAC,OAAO,CAAC,IAAI+I,IAAI,CAAC,CAAC,CAAC,KAAKC,aAAa,CAACnH,GAAG,CAAC;AAClE;;;;"} |
+15
-2
@@ -325,6 +325,15 @@ import { normalizeTrustProxyHeaders, sanitizeRequestHeaders, validateRequest } from './_validation-chunk.mjs'; | ||
| } | ||
| function provideServerRendering(...features) { | ||
| function provideServerRendering(...args) { | ||
| let options; | ||
| let features; | ||
| if (hasOptions(args)) { | ||
| const [first, ...rest] = args; | ||
| options = first; | ||
| features = rest; | ||
| } else { | ||
| features = args; | ||
| } | ||
| const providers = [provideServerRendering$1(options)]; | ||
| let hasAppShell = false; | ||
| let hasServerRoutes = false; | ||
| const providers = [provideServerRendering$1()]; | ||
| for (const { | ||
@@ -343,2 +352,6 @@ ɵkind, | ||
| } | ||
| function hasOptions(args) { | ||
| const value = args[0]; | ||
| return !!value && typeof value === 'object' && !('ɵkind' in value); | ||
| } | ||
@@ -345,0 +358,0 @@ class RouteTree { |
+7
-7
| { | ||
| "name": "@angular/ssr", | ||
| "version": "22.0.0-rc.2", | ||
| "version": "22.0.0-rc.3", | ||
| "description": "Angular server side rendering utilities", | ||
@@ -40,8 +40,8 @@ "type": "module", | ||
| "@angular-devkit/schematics": "workspace:*", | ||
| "@angular/common": "22.0.0-rc.1", | ||
| "@angular/compiler": "22.0.0-rc.1", | ||
| "@angular/core": "22.0.0-rc.1", | ||
| "@angular/platform-browser": "22.0.0-rc.1", | ||
| "@angular/platform-server": "22.0.0-rc.1", | ||
| "@angular/router": "22.0.0-rc.1", | ||
| "@angular/common": "22.0.0-rc.2", | ||
| "@angular/compiler": "22.0.0-rc.2", | ||
| "@angular/core": "22.0.0-rc.2", | ||
| "@angular/platform-browser": "22.0.0-rc.2", | ||
| "@angular/platform-server": "22.0.0-rc.2", | ||
| "@angular/router": "22.0.0-rc.2", | ||
| "@schematics/angular": "workspace:*", | ||
@@ -48,0 +48,0 @@ "beasties": "0.4.2" |
+50
-1
@@ -241,2 +241,12 @@ import { Provider, EnvironmentProviders, Type, ApplicationRef, InjectionToken } from '@angular/core'; | ||
| /** | ||
| * Options for configuring server-side rendering. | ||
| */ | ||
| interface ServerRenderingOptions { | ||
| /** | ||
| * The maximum allowed response body size when using the Fetch API. | ||
| * @default 1MB | ||
| */ | ||
| maxResponseBodySize: number; | ||
| } | ||
| /** | ||
| * Configures server-side rendering for an Angular application. | ||
@@ -278,2 +288,41 @@ * | ||
| declare function provideServerRendering(...features: ServerRenderingFeature<ServerRenderingFeatureKind>[]): EnvironmentProviders; | ||
| /** | ||
| * Configures server-side rendering for an Angular application with additional options. | ||
| * | ||
| * This function sets up the necessary providers for server-side rendering, including | ||
| * support for server routes and app shell. It combines features configured using | ||
| * `withRoutes` and `withAppShell` to provide a comprehensive server-side rendering setup. | ||
| * | ||
| * @param options - Configuration options for server-side rendering. | ||
| * @param features - Optional features to configure additional server rendering behaviors. | ||
| * @returns An `EnvironmentProviders` instance with the server-side rendering configuration. | ||
| * | ||
| * @example | ||
| * Basic example of how you can enable server-side rendering with options in your application | ||
| * when using the `bootstrapApplication` function: | ||
| * | ||
| * ```ts | ||
| * import { bootstrapApplication, BootstrapContext } from '@angular/platform-browser'; | ||
| * import { provideServerRendering, withRoutes, withAppShell } from '@angular/ssr'; | ||
| * import { AppComponent } from './app/app.component'; | ||
| * import { SERVER_ROUTES } from './app/app.server.routes'; | ||
| * import { AppShellComponent } from './app/app-shell.component'; | ||
| * | ||
| * const bootstrap = (context: BootstrapContext) => | ||
| * bootstrapApplication(AppComponent, { | ||
| * providers: [ | ||
| * provideServerRendering( | ||
| * { maxResponseBodySize: 1024 * 1024 }, // 1MB limit | ||
| * withRoutes(SERVER_ROUTES), | ||
| * withAppShell(AppShellComponent), | ||
| * ), | ||
| * ], | ||
| * }, context); | ||
| * | ||
| * export default bootstrap; | ||
| * ``` | ||
| * @see {@link withRoutes} configures server-side routing | ||
| * @see {@link withAppShell} configures the application shell | ||
| */ | ||
| declare function provideServerRendering(options: ServerRenderingOptions, ...features: ServerRenderingFeature<ServerRenderingFeatureKind>[]): EnvironmentProviders; | ||
@@ -923,2 +972,2 @@ /** | ||
| export { IS_DISCOVERING_ROUTES, PrerenderFallback, RenderMode, createRequestHandler, provideServerRendering, withAppShell, withRoutes, InlineCriticalCssProcessor as ɵInlineCriticalCssProcessor, destroyAngularServerApp as ɵdestroyAngularServerApp, extractRoutesAndCreateRouteTree as ɵextractRoutesAndCreateRouteTree, getOrCreateAngularServerApp as ɵgetOrCreateAngularServerApp, getRoutesFromAngularRouterConfig as ɵgetRoutesFromAngularRouterConfig, setAngularAppEngineManifest as ɵsetAngularAppEngineManifest, setAngularAppManifest as ɵsetAngularAppManifest }; | ||
| export type { RequestHandlerFunction, ServerRoute, ServerRouteClient, ServerRouteCommon, ServerRoutePrerender, ServerRoutePrerenderWithParams, ServerRouteServer }; | ||
| export type { RequestHandlerFunction, ServerRenderingOptions, ServerRoute, ServerRouteClient, ServerRouteCommon, ServerRoutePrerender, ServerRoutePrerenderWithParams, ServerRouteServer }; |
Sorry, the diff of this file is too big to display
No alert changes
Improved metrics
- Total package byte prevSize
1659802
0.34%- Lines of code
15389
0.4%No dependency changes