@adonisjs/shield/build/chunk-IGRWBR6H.js

A middleware for AdonisJS to keep web applications secure from common web attacks

import {
  __export
} from "./chunk-MLKGABMK.js";

// src/errors.ts
var errors_exports = {};
__export(errors_exports, {
  E_BAD_CSRF_TOKEN: () => E_BAD_CSRF_TOKEN
});
import { Exception } from "@poppinss/utils";
var E_BAD_CSRF_TOKEN = class InvalidCSRFToken extends Exception {
  code = "E_BAD_CSRF_TOKEN";
  status = 403;
  message = "Invalid or expired CSRF token";
  identifier = "errors.E_BAD_CSRF_TOKEN";
  /**
   * Returns the message to be sent in the HTTP response.
   * Feel free to override this method and return a custom
   * response.
   */
  getResponseMessage(error, ctx) {
    if ("i18n" in ctx) {
      return ctx.i18n.t(error.identifier, {}, error.message);
    }
    return error.message;
  }
  async handle(error, ctx) {
    ctx.session.flashExcept(["_csrf", "_method", "password", "password_confirmation"]);
    ctx.session.flashErrors({
      [error.code]: this.getResponseMessage(error, ctx)
    });
    ctx.response.redirect().back();
  }
};

// src/guards/csp/keywords.ts
var CSPKeywords = class {
  #keywordsResolvers = {};
  /**
   * Register a custom CSP directive keyword and resolve
   * it to a value during an HTTP request.
   */
  register(keyword, resolver) {
    this.#keywordsResolvers[keyword] = resolver;
    return this;
  }
  /**
   * Resolves keywords
   */
  resolve(directiveValues) {
    if (Array.isArray(directiveValues)) {
      const keywords = Object.keys(this.#keywordsResolvers);
      keywords.forEach((keyword) => {
        const keywordIndex = directiveValues.indexOf(keyword);
        if (keywordIndex > -1) {
          directiveValues[keywordIndex] = this.#keywordsResolvers[keyword];
        }
      });
    }
    return directiveValues;
  }
};
var cspKeywords = new CSPKeywords();

export {
  E_BAD_CSRF_TOKEN,
  errors_exports,
  cspKeywords
};