@poppanator/http-constants

Version:

This package contains various HTTP constants: http status codes and texts, HTTP header names and HTTP methods, and a few related utility function.

github.com/poppa/http-helpers-ts

poppa/http-helpers-ts

1 lines • 50.8 kB

Source Map (JSON)

View Raw

{"version":3,"file":"index-a1ec87b2.cjs","sources":["../src/headers/cors-request.ts","../src/headers/cors-response.ts","../src/headers/fetch-metadata-request.ts","../src/headers/general.ts","../src/headers/request.ts","../src/headers/response.ts"],"sourcesContent":["/**\n * The `Access-Control-Request-Headers` request header is used by browsers when\n * issuing a [preflight request](https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request),\n * to let the server know which HTTP headers the client might send when the\n * actual request is made (such as with `setRequestHeader()`).\n *\n * The complementary server-side header of `Access-Control-Allow-Headers` will\n * answer this browser-side header.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Headers)\n */\nexport const AccessControlRequestHeaders = 'Access-Control-Request-Headers'\n\n/**\n * The `Access-Control-Request-Method` request header is used by browsers when\n * issuing a [preflight request](https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request),\n * to let the server know which [HTTP method](https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods)\n * will be used when the actual request is made.\n *\n * This header is necessary as the preflight request is always an\n * [`OPTIONS`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/OPTIONS)\n * and doesn't use the same method as the actual request.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Request-Method)\n */\nexport const AccessControlRequestMethod = 'Access-Control-Request-Method'\n\n/**\n * The `Origin` request header indicates the\n * [origin](https://developer.mozilla.org/en-US/docs/Glossary/Origin)\n * (scheme, hostname, and port) that caused the request. For example, if a user\n * agent needs to request resources included in a page, or fetched by scripts\n * that it executes, then the origin of the page may be included in the request.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin)\n */\nexport const Origin = 'Origin'\n","/* eslint-disable @typescript-eslint/no-unused-vars */\n// Only imported for doc purposes\nimport type { Origin, AccessControlRequestHeaders } from './cors-request'\n\n/**\n * The `Access-Control-Allow-Credentials` response header tells browsers\n * whether to expose the response to the frontend JavaScript code when the\n * request's credentials mode ([Request.credentials](https://developer.mozilla.org/en-US/docs/Web/API/Request/credentials))\n * is include.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials)\n */\nexport const AccessControlAllowCredentials = 'Access-Control-Allow-Credentials'\n\n/**\n * The `Access-Control-Allow-Headers` response header is used in response to a\n * [preflight request](https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request)\n * which includes the\n * {@link AccessControlRequestHeaders Access-Control-Request-Headers} to\n * indicate which HTTP headers can be used during the actual request.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers)\n */\nexport const AccessControlAllowHeaders = 'Access-Control-Allow-Headers'\n\n/**\n * The `Access-Control-Allow-Methods` response header specifies one or more\n * methods allowed when accessing a resource in response to a\n * [preflight request](https://developer.mozilla.org/en-US/docs/Glossary/Preflight_request).\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods)\n */\nexport const AccessControlAllowMethods = 'Access-Control-Allow-Methods'\n\n/**\n * The `Access-Control-Allow-Origin` response header indicates whether the\n * response can be shared with requesting code from the given\n * {@link Origin origin}.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin)\n */\nexport const AccessControlAllowOrigin = 'Access-Control-Allow-Origin'\n\n/**\n * The `Access-Control-Expose-Headers` response header allows a server to\n * indicate which response headers should be made available to scripts running\n * in the browser, in response to a cross-origin request.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers)\n */\nexport const AccessControlExposeHeaders = 'Access-Control-Expose-Headers'\n\n/**\n * The `Access-Control-Max-Age` response header indicates how long the results\n * of a preflight request (that is the information contained in the\n * {@link AccessControlAllowMethods Access-Control-Allow-Methods} and\n * {@link AccessControlAllowHeaders Access-Control-Allow-Headers} headers)\n * can be cached.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age)\n */\nexport const AccessControlMaxAge = 'Access-Control-Max-Age'\n\n/**\n * The HTTP `Cross-Origin-Embedder-Policy` (COEP) response header prevents a\n * document from loading any cross-origin resources that don't explicitly grant\n * the document permission (using\n * [CORP](https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP)) or\n * [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)).\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Embedder-Policy)\n */\nexport const CrossOriginEmbedderPolicy = 'Cross-Origin-Embedder-Policy'\n\n/**\n * The HTTP `Cross-Origin-Opener-Policy` (COOP) response header allows you to\n * ensure a top-level document does not share a browsing context group with\n * cross-origin documents.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Opener-Policy)\n */\nexport const CrossOriginOpenerPolicy = 'Cross-Origin-Opener-Policy'\n\n/**\n * The HTTP `Cross-Origin-Resource-Policy` response header conveys a desire\n * that the browser blocks no-cors cross-origin/cross-site requests to the\n * given resource.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cross-Origin-Resource-Policy)\n */\nexport const CrossOriginResourcePolicy = 'Cross-Origin-Resource-Policy'\n","/**\n * The `Sec-Fetch-Dest` [fetch metadata request header](https://developer.mozilla.org/en-US/docs/Glossary/Fetch_metadata_request_header)\n * indicates the request's destination. That is the initiator of the original\n * fetch request, which is where (and how) the fetched data will be used.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Dest)\n */\nexport const SecFetchDest = 'Sec-Fetch-Dest'\n\n/**\n * The `Sec-Fetch-Mode` [fetch metadata request header](https://developer.mozilla.org/en-US/docs/Glossary/Fetch_metadata_request_header)\n * indicates the mode of the request.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Mode)\n */\nexport const SecFetchMode = 'Sec-Fetch-Mode'\n\n/**\n * The `Sec-Fetch-Site` [fetch metadata request header](https://developer.mozilla.org/en-US/docs/Glossary/Fetch_metadata_request_header)\n * indicates the relationship between a request initiator's origin and the\n * origin of the requested resource.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-Site)\n */\nexport const SecFetchSite = 'Sec-Fetch-Site'\n\n/**\n * The `Sec-Fetch-User` [fetch metadata request header](https://developer.mozilla.org/en-US/docs/Glossary/Fetch_metadata_request_header)\n * is only sent for requests initiated by user activation, and its value will\n * always be `?1`.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-Fetch-User)\n */\nexport const SecFetchUser = 'Sec-Fetch-User'\n","/**\n * These are headers that can occur as both request and response headers\n */\n\n/* eslint-disable @typescript-eslint/no-unused-vars */\n// Imported only for doc purposes\nimport type { Digest } from './response'\n\n/**\n * The `Connection` general header controls whether the network connection stays\n * open after the current transaction finishes. If the value sent is\n * `keep-alive`, the connection is persistent and not closed, allowing for\n * subsequent requests to the same server to be done.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Connection)\n */\nexport const Connection = 'Connection'\n\n/**\n * The `Cache-Control` HTTP header field holds directives (instructions) — in\n * both requests and responses — that control [caching](https://developer.mozilla.org/en-US/docs/Web/HTTP/Caching)\n * in browsers and shared caches (e.g. Proxies, CDNs).\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control)\n */\nexport const CacheControl = 'Cache-Control'\n\n/**\n * The `Content-Length` header indicates the size of the message body, in bytes,\n * sent to the recipient.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Length)\n */\nexport const ContentLength = 'Content-Length'\n\n/**\n * The `Content-Type` representation header is used to indicate the original\n * media type of the resource (prior to any content encoding applied for\n * sending).\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Type)\n */\nexport const ContentType = 'Content-Type'\n\n/**\n * The `Date` general HTTP header contains the date and time at which the\n * message was originated.\n *\n * > Warning: Date is listed in the forbidden header names in the fetch spec,\n * so this code will not send the Date header:\n *\n * > ```js\n * fetch('https://httpbin.org/get', {\n * 'headers': {\n * 'Date': (new Date()).toUTCString()\n * }\n * })\n * > ```\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Date)\n */\nexport const Date = 'Date'\n\n/**\n * The `Pragma` HTTP/1.0 general header is an implementation-specific header\n * that may have various effects along the request-response chain. This header\n * serves for backwards compatibility with the HTTP/1.0 caches that do not have\n * a [Cache-Control](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cache-Control)\n * HTTP/1.1 header.\n *\n * > **Note:** `Pragma` is not specified for HTTP responses and is therefore not\n * > a reliable replacement for the general HTTP/1.1 `Cache-Control` header,\n * > although its behavior is the same as `Cache-Control: no-cache` if the\n * > `Cache-Control` header field is omitted in a request.\n * >\n * > Use `Pragma` only for backwards compatibility with HTTP/1.0 clients.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Pragma)\n */\nexport const Pragma = 'Pragma'\n\n/**\n * The HTTP 1.1 (only) `Upgrade` header can be used to upgrade an already\n * established client/server connection to a different protocol (over the same\n * transport protocol).\n *\n * For example, it can be used by a client to upgrade a connection from\n * HTTP 1.1 to HTTP 2.0, or an HTTP or HTTPS connection into a WebSocket.\n *\n * > **Warning:** HTTP/2 explicitly disallows the use of this mechanism/header;\n * > it is specific to HTTP/1.1.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Upgrade)\n */\nexport const Upgrade = 'Upgrade'\n\n/**\n * Informs the server of proxies through which the request was sent\n */\nexport const Via = 'Via'\n\n/**\n * The `Want-Digest` HTTP header is primarily used in a request, to ask the\n * server to provide a [digest](https://developer.mozilla.org/en-US/docs/Glossary/Digest)\n * of the requested resource using the\n * {@link Digest} response header.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Want-Digest)\n */\nexport const WantDigest = 'Want-Digest'\n\n/**\n * The `Warning` HTTP header contains information about possible problems with\n * the status of the message. More than one `Warning` header may appear in a\n * response.\n *\n *\n * > @deprecated This feature is no longer recommended.\n * > Though some browsers might still support it, it may have already been\n * > removed from the relevant web standards, may be in the process of being\n * > dropped, or may only be kept for compatibility purposes. Avoid using it,\n * > and update existing code if possible; see the compatibility table at the\n * > bottom of this page to guide your decision. Be aware that this feature may\n * > cease to work at any time.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Warning)\n */\nexport const Warning = 'Warning'\n","/**\n * These are request-only headers\n */\n\n/**\n * Acceptable instance-manipulations for the request.\n */\nexport const Aim = 'A-IM'\n\n/**\n * The `Accept` request HTTP header indicates which content types, expressed as\n * [MIME types](https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types),\n * the client is able to understand.\n *\n * The server uses [content negotiation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Content_negotiation)\n * to select one of the proposals and informs the client of the choice with the\n * Content-Type response header.\n *\n * Browsers set required values for this header based on the context of the\n * request. For example, a browser uses different values in a request when\n * fetches a CSS stylesheet, image, video, or a script.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept)\n */\nexport const Accept = 'Accept'\n\n/**\n * The `Accept-Charset` request HTTP header was a header that advertised a\n * client's supported character encodings. It is no longer widely used.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Charset)\n */\nexport const AcceptCharset = 'Accept-Charset'\n\n/**\n * The `Accept-Encoding` request HTTP header indicates the content encoding\n * (usually a compression algorithm) that the client can understand. The server\n * uses [content negotiation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Content_negotiation)\n * to select one of the proposal and informs the client of that choice with the\n * `Content-Encoding` response header.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Encoding)\n */\nexport const AcceptEncoding = 'Accept-Encoding'\n\n/**\n * The `Accept-Language` request HTTP header indicates the natural language and\n * locale that the client prefers. The server uses\n * [content negotiation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Content_negotiation)\n * to select one of the proposals and informs the client of the choice with the\n * `Content-Language` response header.\n *\n * Browsers set required values for this header according to their active user\n * interface language. Users rarely change it, and such changes are not\n * recommended because they may lead to fingerprinting.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Language)\n */\nexport const AcceptLanguage = 'Accept-Language'\n\n/**\n * Request a past version of the resource prior to the datetime passed\n */\nexport const AcceptDatetime = 'Accept-Datetime'\n\n/**\n * The HTTP `Authorization` request header can be used to provide credentials\n * that authenticate a user agent with a server, allowing access to a protected\n * resource.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization)\n */\nexport const Authorization = 'Authorization'\n\n/**\n * The `Cookie` HTTP request header contains stored HTTP cookies associated with\n * the server (i.e. previously sent by the server with the\n * [`Set-Cookie`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie)\n * header or set in Javascript using\n * [Document.cookie](https://developer.mozilla.org/en-US/docs/Web/API/Document/cookie)).\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Cookie)\n */\nexport const Cookie = 'Cookie'\n\n/**\n * The `Expect` HTTP request header indicates expectations that need to be met\n * by the server to handle the request successfully.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect)\n */\nexport const Expect = 'Expect'\n\n/**\n * The `Forwarded` request header contains information that may be added by\n * [reverse proxy servers](https://developer.mozilla.org/en-US/docs/Web/HTTP/Proxy_servers_and_tunneling)\n * (load balancers, CDNs, and so on) that would otherwise be altered or lost\n * when proxy servers are involved in the path of the request.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Forwarded)\n */\nexport const Forwarded = 'Forwarded'\n\n/**\n * The `From` request header contains an Internet email address for a human user\n * who controls the requesting user agent.\n *\n * > Warning: You must not use the From header for access control or\n * > authentication.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/From)\n */\nexport const From = 'From'\n\n/**\n * The `Host` request header specifies the host and port number of the server\n * to which the request is being sent.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Host)\n */\nexport const Host = 'Host'\n\n/**\n * The `If-Match` HTTP request header makes the request conditional. For\n * [GET](https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/GET) and\n * [HEAD](https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/HEAD)\n * methods, the server will return the requested resource only if it matches\n * one of the listed `ETags`. For [PUT](https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/PUT)\n * and other non-safe methods, it will only upload the resource in this case.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Match)\n */\nexport const IfMatch = 'If-Match'\n\n/**\n * The `If-Modified-Since` request HTTP header makes the request conditional:\n * the server sends back the requested resource, with a\n * [`200`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/200)\n * status, only if it has been last modified after the given date.\n *\n * If the resource has not been modified since, the response is a\n * [`304`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/304) without\n * any body; the `Last-Modified` response header of a previous request contains\n * the date of last modification. Unlike\n * {@link IfUnmodifiedSince `If-Unmodified-Since`}, `If-Modified-Since` can\n * only be used with a `GET` or `HEAD`.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Modified-Since)\n */\nexport const IfModifiedSince = 'If-Modified-Since'\n\n/**\n * The `If-None-Match` HTTP request header makes the request conditional.\n * For [GET](https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/GET) and\n * [HEAD](https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/HEAD)\n * methods, the server will return the requested resource, with a\n * [`200`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/200) status,\n * only if it doesn't have an [`ETag`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag)\n * matching the given ones.\n *\n * For other methods, the request will be processed only if the eventually\n * existing resource's [`ETag`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag)\n * doesn't match any of the values listed.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match)\n */\nexport const IfNoneMatch = 'If-None-Match'\n\n/**\n * The `If-Range` HTTP request header makes a range request conditional: if the\n * condition is fulfilled, the range request is issued, and the server sends\n * back a [`206`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/206)\n * `Partial Content` answer with the appropriate body.\n *\n * If the condition is not fulfilled, the full resource is sent back with a\n * [`200`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/200) `OK`\n * status.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Range)\n */\nexport const IfRange = 'If-Range'\n\n/**\n * The HTTP `If-Unmodified-Since` request header makes the request for the\n * resource conditional: the server will send the requested resource or accept\n * it in the case of a [`POST`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods/POST)\n * or another non-[safe](https://developer.mozilla.org/en-US/docs/Glossary/Safe/HTTP)\n * method only if the resource has not been modified after the date specified by\n * this HTTP header.\n *\n * If the resource has been modified after the specified date, the response\n * will be a [`412`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/412)\n * `Precondition Failed` error.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Unmodified-Since)\n */\nexport const IfUnmodifiedSince = 'If-Unmodified-Since'\n\n/**\n * Limit the number of times the message can be forwarded through proxies or\n * gateways\n */\nexport const MaxForwards = 'Max-Forwards'\n\n/**\n * The HTTP `Proxy-Authorization` request header contains the credentials to\n * authenticate a user agent to a proxy server, usually after the server has\n * responded with a [407](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/407)\n * `Proxy Authentication Required` status and the\n * [`Proxy-Authenticate`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Proxy-Authenticate)\n * header.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Proxy-Authorization)\n */\nexport const ProxyAuthorization = 'Proxy-Authorization'\n\n/**\n * The `Range` HTTP request header indicates the part of a document that the\n * server should return. Several parts can be requested with one Range header\n * at once, and the server may send back these ranges in a multipart document.\n *\n * If the server sends back ranges, it uses the\n * [`206 Partial Content`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/206)\n * for the response.\n *\n * If the ranges are invalid, the server returns the\n * [`416 Range Not Satisfiable`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/416)\n * error.\n *\n * The server can also ignore the `Range` header and return the whole document\n * with a [`200`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/200)\n * status code.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Range)\n */\nexport const Range = 'Range'\n\n/**\n * The `Referer` HTTP request header contains an absolute or partial address of\n * the page that makes the request. The `Referer` header allows a server to\n * identify a page where people are visiting it from.\n *\n * This data can be used for analytics, logging, optimized caching, and more.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referer)\n */\nexport const Referer = 'Referer'\n\n/**\n * The `Save-Data` [network client hint](https://developer.mozilla.org/en-US/docs/Web/HTTP/Client_hints#network_client_hints)\n * request header field is a boolean which indicates the client's preference for\n * reduced data usage. This could be for reasons such as high transfer costs,\n * slow connection speeds, etc.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Save-Data)\n */\nexport const SaveData = 'Save-Data'\n\n/**\n * Specify the encodings the client can accept. Accepted values:\n *\n * - `compress`\n * - `deflate`\n * - `gzip`\n * - `trailers`\n *\n * Only `trailers` is supported in HTTP/2\n */\nexport const Te = 'TE'\n\n/**\n * The HTTP `Upgrade-Insecure-Requests` request header sends a signal to the\n * server expressing the client's preference for an encrypted and authenticated\n * response, and that it can successfully handle the\n * [upgrade-insecure-requests](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/upgrade-insecure-requests)\n * [CSP](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP) directive.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Upgrade-Insecure-Requests)\n */\nexport const UpgradeInsecureRequests = 'Upgrade-Insecure-Requests'\n\n/**\n * The `User-Agent` [request header](https://developer.mozilla.org/en-US/docs/Glossary/Request_header)\n * is a characteristic string that lets servers and network peers identify the\n * application, operating system, vendor, and/or version of the requesting\n * user agent.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent)\n */\nexport const UserAgent = 'User-Agent'\n\n// -------------------------------------------------------------------------- //\n// //\n// Non-Standard //\n// //\n// -------------------------------------------------------------------------- //\n\n/**\n * The `DNT` (Do Not Track) request header indicates the user's tracking\n * preference. It lets users indicate whether they would prefer privacy rather\n * than personalized content.\n *\n * > @deprecated This feature is no longer recommended. Though some browsers\n * > might still support it, it may have already been removed from the relevant\n * > web standards, may be in the process of being dropped, or may only be kept\n * > for compatibility purposes. Avoid using it, and update existing code if\n * > possible; see the [compatibility table](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/DNT#browser_compatibility)\n * > to guide your decision. Be aware that this feature may cease to work at any\n * > time.\n *\n * @note Non-standard\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/DNT)\n */\nexport const Dnt = 'DNT'\n\n/**\n * The `X-Forwarded-For` (XFF) header is a de-facto standard header for\n * identifying the originating IP address of a client connecting to a web server\n * through an HTTP proxy or a load balancer.\n *\n * When traffic is intercepted between clients and servers, server access logs\n * contain the IP address of the proxy or load balancer only. To see the\n * original IP address of the client, the `X-Forwarded-For` request header is\n * used.\n *\n * @note Non-standard\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For)\n */\nexport const XForwardedFor = 'X-Forwarded-For'\n\n/**\n * The `X-Forwarded-Host` (XFH) header is a de-facto standard header for\n * identifying the original host requested by the client in the\n * {@link Host} HTTP request header.\n *\n * @note Non-standard\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Host)\n */\nexport const XForwardedHost = 'X-Forwarded-Host'\n\n/**\n * The `X-Forwarded-Proto` (XFP) header is a de-facto standard header for\n * identifying the protocol (HTTP or HTTPS) that a client used to connect to\n * your proxy or load balancer.\n *\n * Your server access logs contain the protocol used between the server and the\n * load balancer, but not the protocol used between the client and the load\n * balancer.\n *\n * To determine the protocol used between the client and the load balancer,\n * the `X-Forwarded-Proto` request header can be used.\n *\n * @note Non-standard, but defacto-standard\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-Proto)\n */\nexport const XForwardedProto = 'X-Forwarded-Proto'\n\n/**\n * Identifies XHR requests\n * @note Non-standard\n */\nexport const XRequestedWith = 'X-Requested-With'\n\n/**\n * Used to prevent CSRF\n * @note Non-standard\n */\nexport const XCSRFToken = 'X-CSRF-Token'\n","/**\n * These are response-only headers\n */\n\n/* eslint-disable @typescript-eslint/no-unused-vars */\n// Imported for doc purposes only\nimport type { Referer } from './request.js'\nimport type { ContentType } from './general.js'\n\n/**\n * The `Accept-Patch` response HTTP header advertises which media-type the\n * server is able to understand in a PATCH request.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Patch)\n */\nexport const AcceptPatch = 'Accept-Patch'\n\n/**\n * The `Accept-Post` response HTTP header advertises which\n * [media types](https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types)\n * are accepted by the server for HTTP post requests.\n */\nexport const AcceptPost = 'Accept-Post'\n\n/**\n * The `Accept-Ranges` HTTP response header is a marker used by the server to\n * advertise its support for partial requests from the client for file\n * downloads. The value of this field indicates the unit that can be used to\n * define a range.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Ranges)\n */\nexport const AcceptRanges = 'Accept-Ranges'\n\n/**\n * The `Age` header contains the time in seconds the object was in a proxy\n * cache.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Age)\n */\nexport const Age = 'Age'\n\n/**\n * The `Allow` header lists the set of methods supported by a resource.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Allow)\n */\nexport const Allow = 'Allow'\n\n/**\n * The `Alt-Svc` HTTP header allows a server to indicate that another network\n * location (the \"alternative service\") can be treated as authoritative for\n * that origin when making future requests.\n *\n * [Read more]https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Alt-Svc()\n */\nexport const AltSvc = 'Alt-Svc'\n\n/**\n * The `Clear-Site-Data` header clears browsing data (cookies, storage, cache)\n * associated with the requesting website. It allows web developers to have\n * more control over the data stored by a client browser for their origins.\n *\n * @note This feature is available only in secure contexts (HTTPS)\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data)\n */\nexport const ClearSiteData = 'Clear-Site-Data'\n\n/**\n * In a regular HTTP response, the `Content-Disposition` response header is a\n * header indicating if the content is expected to be displayed inline in the\n * browser, that is, as a Web page or as part of a Web page, or as an\n * attachment, that is downloaded and saved locally.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition)\n */\nexport const ContentDisposition = 'Content-Disposition'\n\n/**\n * The `Content-Encoding` [representation header](https://developer.mozilla.org/en-US/docs/Glossary/Representation_header)\n * lists any encodings that have been applied to the representation (message\n * payload), and in what order. This lets the recipient know how to decode the\n * representation in order to obtain the original payload format.\n *\n * Content encoding is mainly used to compress the message data without losing\n * information about the origin media type.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Encoding)\n */\nexport const ContentEncoding = 'Content-Encoding'\n\n/**\n * The `Content-Language` [representation header](https://developer.mozilla.org/en-US/docs/Glossary/Representation_header)\n * is used to describe the language(s) intended for the audience, so users can\n * differentiate it according to their own preferred language.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Language)\n */\nexport const ContentLanguage = 'Content-Language'\n\n/**\n * The `Content-Location` header indicates an alternate location for the\n * returned data. The principal use is to indicate the URL of a resource\n * transmitted as the result of\n * [content negotiation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Content_negotiation).\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Location)\n */\nexport const ContentLocation = 'Content-Location'\n\n/**\n * The `Content-Range` response HTTP header indicates where in a full body\n * message a partial message belongs.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Range)\n */\nexport const ContentRange = 'Content-Range'\n\n/**\n * The HTTP `Content-Security-Policy-Report-Only` response header allows web\n * developers to experiment with policies by monitoring (but not enforcing)\n * their effects.\n *\n * These violation reports consist of JSON documents sent via an HTTP `POST`\n * request to the specified URI.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only)\n */\nexport const ContentSecurityPolicyReportOnly =\n 'Content-Security-Policy-Report-Only'\n\n/**\n * Specifies the delta-encoding entity tag of the response\n */\nexport const DeltaBase = 'Delta-Base'\n\n/**\n * The `Digest` response HTTP header provides a digest of the selected\n * representation of the requested resource.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Digest)\n */\nexport const Digest = 'Digest'\n\n/**\n * The `ETag` (or entity tag) HTTP response header is an identifier for a\n * specific version of a resource. It lets caches be more efficient and save\n * bandwidth, as a web server does not need to resend a full response if the\n * content was not changed. Additionally, etags help to prevent simultaneous\n * updates of a resource from overwriting each other\n * ([\"mid-air collisions\"](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag#avoiding_mid-air_collisions)).\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag)\n */\nexport const ETag = 'ETag'\n\n/**\n * The `Expect-CT` header lets sites opt in to reporting and/or enforcement of\n * [Certificate Transparency](https://developer.mozilla.org/en-US/docs/Web/Security/Certificate_Transparency)\n * requirements, to prevent the use of misissued certificates for that site\n * from going unnoticed.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT)\n */\nexport const ExpectCT = 'Expect-CT'\n\n/**\n * The `Expires` HTTP header contains the date/time after which the response is\n * considered expired.\n *\n * Invalid expiration dates with value `0` represent a date in the past and mean\n * that the resource is already expired.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expires)\n */\nexport const Expires = 'Expires'\n\n/**\n * Instance-manipulations applied to the response\n */\nexport const IM = 'IM'\n\n/**\n * The `Last-Modified` response HTTP header contains a date and time when the\n * origin server believes the resource was last modified. It is used as a\n * validator to determine if the resource is the same as the previously stored\n * one.\n *\n * Less accurate than an {@link ETag} header, it is a fallback mechanism.\n * Conditional requests containing\n * [`If-Modified-Since`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Modified-Since)\n * or [`If-Unmodified-Since`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-Unmodified-Since)\n * headers make use of this field.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Last-Modified)\n */\nexport const LastModified = 'Last-Modified'\n\n/**\n * The HTTP `Link` entity-header field provides a means for serializing one or\n * more links in HTTP headers. It is semantically equivalent to the HTML\n * [`<link>`](https://developer.mozilla.org/en-US/docs/Web/HTML/Element/link)\n * element.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Link)\n */\nexport const Link = 'Link'\n\n/**\n * The `Location` response header indicates the URL to redirect a page to. It\n * only provides a meaning when served with a `3xx` (redirection) or `201`\n * (created) status response.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Location)\n */\nexport const Location = 'Location'\n\n/**\n * The HTTP `NEL` response header is used to configure network request logging.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/NEL)\n */\nexport const Nel = 'NEL'\n\n/**\n * The HTTP `Proxy-Authenticate` response header defines the authentication\n * method that should be used to gain access to a resource behind a\n * [proxy server](https://developer.mozilla.org/en-US/docs/Glossary/Proxy_server).\n * It authenticates the request to the proxy server, allowing it to transmit\n * the request further.\n *\n * The `Proxy-Authenticate` header is sent along with a\n * [`407 Proxy Authentication Required`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/407).\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Proxy-Authenticate)\n */\nexport const ProxyAuthenticate = 'Proxy-Authenticate'\n\n/**\n * @deprecated Use [Certificate Transparency](https://developer.mozilla.org/en-US/docs/Web/Security/Certificate_Transparency)\n * and [Expect-CT](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT)\n * header instead.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Public-Key-Pins)\n */\nexport const PublicKeyPins = 'Public-Key-Pins'\n\n/**\n * The `Referrer-Policy` HTTP header controls how much referrer information\n * (sent with the {@link Referer `Referer`} header) should be included with\n * requests.\n *\n * Aside from the HTTP header, you can set this policy in HTML.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy)\n */\nexport const ReferrerPolicy = 'Referrer-Policy'\n\n/**\n * The `Retry-After` response HTTP header indicates how long the user agent\n * should wait before making a follow-up request.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Retry-After)\n */\nexport const RetryAfter = 'Retry-After'\n\n/**\n * The `Sec-WebSocket-Accept` header is used in the websocket opening handshake.\n * It would appear in the response headers. That is, this is header is sent from\n * server to client to inform that server is willing to initiate a websocket\n * connection.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Sec-WebSocket-Accept)\n */\nexport const SecWebSocketAccept = 'Sec-WebSocket-Accept'\n\n/**\n * The `Server` header describes the software used by the origin server that\n * handled the request — that is, the server that generated the response.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Server)\n */\nexport const Server = 'Server'\n\n/**\n * The `Server-Timing` header communicates one or more metrics and descriptions\n * for a given request-response cycle. It is used to surface any backend server\n * timing metrics (e.g. database read/write, CPU time, file system access, etc.)\n * in the developer tools in the user's browser or in the\n * [PerformanceServerTiming](https://developer.mozilla.org/en-US/docs/Web/API/PerformanceServerTiming)\n * interface.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Server-Timing)\n */\nexport const ServerTiming = 'Server-Timing'\n\n/**\n * The `Set-Cookie` HTTP response header is used to send a cookie from the\n * server to the user agent, so that the user agent can send it back to the\n * server later.\n *\n * To send multiple cookies, multiple `Set-Cookie` headers should be sent in\n * the same response.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie)\n */\nexport const SetCookie = 'Set-Cookie'\n\n/**\n * The `SourceMap` HTTP response header links generated code to a source map,\n * enabling the browser to reconstruct the original source and present the\n * reconstructed original in the debugger.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/SourceMap)\n */\nexport const SourceMap = 'SourceMap'\n\n/**\n * The HTTP `Strict-Transport-Security` response header (often abbreviated as\n * [HSTS](https://developer.mozilla.org/en-US/docs/Glossary/HSTS)) informs\n * browsers that the site should only be accessed using HTTPS, and that any\n * future attempts to access it using HTTP should automatically be converted to\n * HTTPS.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security)\n */\nexport const StrictTransportSecurity = 'Strict-Transport-Security'\n\n/**\n * The `Timing-Allow-Origin` response header specifies origins that are allowed\n * to see values of attributes retrieved via features of the\n * [Resource Timing API](https://developer.mozilla.org/en-US/docs/Web/API/Resource_Timing_API),\n * which would otherwise be reported as zero due to cross-origin restrictions.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Timing-Allow-Origin)\n */\nexport const TimingAllowOrigin = 'Timing-Allow-Origin'\n\n/**\n * The `Trailer` response header allows the sender to include additional fields\n * at the end of chunked messages in order to supply metadata that might be\n * dynamically generated while the message body is sent, such as a message\n * integrity check, digital signature, or post-processing status.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Trailer)\n */\nexport const Trailer = 'Trailer'\n\n/**\n * The `Transfer-Encoding` header specifies the form of encoding used to safely\n * transfer the [payload body](https://developer.mozilla.org/en-US/docs/Glossary/Payload_body)\n * to the user.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Transfer-Encoding)\n */\nexport const TransferEncoding = 'Transfer-Encoding'\n\n/**\n * The `Tk` response header indicates the tracking status that applied to the\n * corresponding request.\n *\n * > @derecated This feature is no longer recommended.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Tk)\n */\nexport const Tk = 'Tk'\n\n/**\n * The `Vary` HTTP response header describes the parts of the request message\n * aside from the method and URL that influenced the content of the response it\n * occurs in. Most often, this is used to create a cache key when\n * [content negotiation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Content_negotiation)\n * is in use.\n *\n * [Read mote](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Vary)\n */\nexport const Vary = 'Vary'\n\n/**\n * The HTTP `WWW-Authenticate` response header defines the\n * [HTTP authentication](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication)\n * methods (\"challenges\") that might be used to gain access to a specific\n * resource.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/WWW-Authenticate)\n */\nexport const WWWAuthenticate = 'WWW-Authenticate'\n\n/**\n * The `X-Content-Type-Options` response HTTP header is a marker used by the\n * server to indicate that the\n * [MIME types](https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types)\n * advertised in the {@link ContentType `Content-Type`} headers should be\n * followed and not be changed.\n *\n * The header allows you to avoid\n * [MIME type sniffing](https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types#mime_sniffing)\n * by saying that the MIME types are deliberately configured.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options)\n */\nexport const XContentTypeOptions = 'X-Content-Type-Options'\n\n/**\n * The `X-DNS-Prefetch-Control` HTTP response header controls DNS prefetching,\n * a feature by which browsers proactively perform domain name resolution on\n * both links that the user may choose to follow as well as URLs for items\n * referenced by the document, including images, CSS, JavaScript, and so forth.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control)\n */\nexport const XDNSPrefetchControl = 'X-DNS-Prefetch-Control'\n\n/**\n * The `X-Frame-Options` HTTP response header can be used to indicate whether\n * or not a browser should be allowed to render a page in a `<frame>`,\n * `<iframe>`, `<embed>` or `<object>`.\n *\n * Sites can use this to avoid\n * [click-jacking](https://developer.mozilla.org/en-US/docs/Web/Security/Types_of_attacks#click-jacking)\n * attacks, by ensuring that their content is not embedded into other sites.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options)\n */\nexport const XFrameOptions = 'X-Frame-Options'\n\n// -------------------------------------------------------------------------- //\n// //\n// Non-Standard //\n// //\n// -------------------------------------------------------------------------- //\n\n/**\n * The HTTP `Content-Security-Policy` response header allows web site\n * administrators to control resources the user agent is allowed to load for a\n * given page. With a few exceptions, policies mostly involve specifying server\n * origins and script endpoints. This helps guard against\n * [cross-site scripting](https://developer.mozilla.org/en-US/docs/Glossary/Cross-site_scripting)\n * attacks.\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy)\n */\nexport const ContentSecurityPolicy = 'Content-Security-Policy'\n\n/**\n * The non-standard `Large-Allocation` response header tells the browser that\n * the page being loaded is going to want to perform a large allocation. It is\n * currently only implemented in Firefox, but is harmless to send to every\n * browser.\n *\n * @note Non-standard\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Large-Allocation)\n */\nexport const LargeAllocation = 'Large-Allocation'\n\n/**\n * Redirect to a URL after an arbitrary delay expressed in seconds\n *\n * @note Non-standard\n */\nexport const Refresh = 'Refresh'\n\n/**\n * Can be used by servers to send their name and version\n *\n * @note Non-standard\n * @see {@link Server}\n */\nexport const XPoweredBy = 'X-Powered-By'\n\n/**\n * Allows the server to pass a request ID that clients can send back to let the\n * server correlate the request\n *\n * @note Non-standard\n */\nexport const XRequestID = 'X-Request-ID'\n\n/**\n * Sets which version of Internet Explorer compatibility layer should be used.\n * Only used if you need to support IE8 or IE9.\n *\n * @note Non-standard\n *\n * [See StackOverflow](https://stackoverflow.com/a/6771584/205039)\n */\nexport const XUACompatible = 'X-UA-Compatible'\n\n/**\n * The HTTP `X-XSS-Protection` response header is a feature of Internet\n * Explorer, Chrome and Safari that stops pages from loading when they detect\n * reflected cross-site scripting (XSS) attacks.\n *\n * @note Non-standard\n *\n * [Read more](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection)\n */\nexport const XXSSProtection = 'X-XSS-Protection'\n"],"names":["AccessControlRequestHeaders","AccessControlRequestMethod","Origin","AccessControlAllowCredentials","AccessControlAllowHeaders","AccessControlAllowMethods","AccessControlAllowOrigin","AccessControlExposeHeaders","AccessControlMaxAge","CrossOriginEmbedderPolicy","CrossOriginOpenerPolicy","CrossOriginResourcePolicy","SecFetchDest","SecFetchMode","SecFetchSite","SecFetchUser","Connection","CacheControl","ContentLength","ContentType","Date","Pragma","Upgrade","WantDigest","Warning","Aim","Accept","AcceptCharset","AcceptEncoding","AcceptLanguage","AcceptDatetime","Authorization","Cookie","Expect","Forwarded","From","Host","IfMatch","IfModifiedSince","IfNoneMatch","IfRange","IfUnmodifiedSince","MaxForwards","ProxyAuthorization","Range","Referer","SaveData","UpgradeInsecureRequests","UserAgent","XForwardedFor","XForwardedHost","XForwardedProto","XRequestedWith","XCSRFToken","AcceptPatch","AcceptPost","AcceptRanges","Allow","AltSvc","ClearSiteData","ContentDisposition","ContentEncoding","ContentLanguage","ContentLocation","ContentRange","ContentSecurityPolicyReportOnly","DeltaBase","Digest","ETag","ExpectCT","Expires","LastModified","Link","Location","ProxyAuthenticate","PublicKeyPins","ReferrerPolicy","RetryAfter","SecWebSocketAccept","Server","ServerTiming","SetCookie","SourceMap","StrictTransportSecurity","TimingAllowOrigin","Trailer","TransferEncoding","Vary","WWWAuthenticate","XContentTypeOptions","XDNSPrefetchControl","XFrameOptions","ContentSecurityPolicy","LargeAllocation","Refresh","XPoweredBy","XRequestID","XUACompatible","XXSSProtection"],"mappings":"aAWO,MAAMA,EAA8B,iCAc9BC,EAA6B,gCAW7BC,EAAS,SCxBTC,EAAgC,mCAWhCC,EAA4B,+BAS5BC,EAA4B,+BAS5BC,EAA2B,8BAS3BC,EAA6B,gCAW7BC,EAAsB,yBAWtBC,EAA4B,+BAS5BC,EAA0B,6BAS1BC,EAA4B,+BCnF5BC,EAAe,iBAQfC,EAAe,iBASfC,EAAe,iBASfC,EAAe,iBCjBfC,EAAa,aASbC,EAAe,gBAQfC,EAAgB,iBAShBC,EAAc,eAmBdC,EAAO,OAkBPC,EAAS,SAeTC,EAAU,UAeVC,EAAa,cAkBbC,EAAU,UCxHVC,EAAM,OAiBNC,EAAS,SAQTC,EAAgB,iBAWhBC,EAAiB,kBAejBC,EAAiB,kBAKjBC,EAAiB,kBASjBC,EAAgB,gBAWhBC,EAAS,SAQTC,EAAS,SAUTC,EAAY,YAWZC,EAAO,OAQPC,EAAO,OAYPC,EAAU,WAiBVC,EAAkB,oBAiBlBC,EAAc,gBAcdC,EAAU