@adonisjs/shield/build/src/guards/csp/keywords.d.ts

A middleware for AdonisJS to keep web applications secure from common web attacks

import type { ServerResponse, IncomingMessage } from 'node:http';
import type { ValueOf } from '../../types.ts';
import type { ContentSecurityPolicyOptions } from '../../helmet_csp.ts';
/**
 * A collection of CSP keywords that are resolved to actual values
 * during an HTTP request. Allows registration of dynamic CSP directive values.
 *
 * @example
 * cspKeywords.register('@nonce', (req, res) => `'nonce-${res.nonce}'`)
 */
declare class CSPKeywords {
    #private;
    /**
     * Registers a custom CSP directive keyword and its resolver function.
     * The resolver function transforms the keyword to an actual CSP value during requests.
     *
     * @param keyword - The keyword to register (e.g., '@nonce')
     * @param resolver - Function that resolves the keyword to a CSP value
     */
    register(keyword: string, resolver: (_: IncomingMessage, response: ServerResponse) => string): this;
    /**
     * Resolves registered keywords in CSP directive values to their actual values.
     *
     * @param directiveValues - The directive values that may contain keywords
     */
    resolve(directiveValues: ValueOf<Exclude<ContentSecurityPolicyOptions['directives'], undefined>>): ValueOf<Exclude<ContentSecurityPolicyOptions['directives'], undefined>>;
}
/**
 * Global instance of CSPKeywords for registering and resolving CSP directive keywords.
 *
 * @example
 * cspKeywords.register('@nonce', (req, res) => `'nonce-${res.nonce}'`)
 */
declare const cspKeywords: CSPKeywords;
export { cspKeywords };