codecrucible-synth/dist/core/security/https-enforcer.d.ts

Production-Ready AI Development Platform with Multi-Voice Synthesis, Smithery MCP Integration, Enterprise Security, and Zero-Timeout Reliability

/**
 * HTTPS Enforcement and Security Headers Middleware
 * Implements comprehensive security headers and HTTPS redirection
 */
export interface SecurityHeadersConfig {
    contentSecurityPolicy?: {
        enabled: boolean;
        directives: Record<string, string[]>;
        reportOnly?: boolean;
        reportUri?: string;
    };
    hsts?: {
        enabled: boolean;
        maxAge: number;
        includeSubDomains: boolean;
        preload: boolean;
    };
    frameOptions?: {
        enabled: boolean;
        policy: 'DENY' | 'SAMEORIGIN' | 'ALLOW-FROM';
        uri?: string;
    };
    contentTypeOptions?: {
        enabled: boolean;
    };
    referrerPolicy?: {
        enabled: boolean;
        policy: 'no-referrer' | 'no-referrer-when-downgrade' | 'origin' | 'origin-when-cross-origin' | 'same-origin' | 'strict-origin' | 'strict-origin-when-cross-origin' | 'unsafe-url';
    };
    permissionsPolicy?: {
        enabled: boolean;
        directives: Record<string, string[]>;
    };
    crossOriginEmbedderPolicy?: {
        enabled: boolean;
        policy: 'unsafe-none' | 'require-corp';
    };
    crossOriginOpenerPolicy?: {
        enabled: boolean;
        policy: 'unsafe-none' | 'same-origin-allow-popups' | 'same-origin';
    };
    crossOriginResourcePolicy?: {
        enabled: boolean;
        policy: 'same-site' | 'same-origin' | 'cross-origin';
    };
}
export interface HttpsConfig {
    enforceHttps: boolean;
    redirectHttps: boolean;
    httpsPort: number;
    trustProxy: boolean;
    excludePaths: string[];
    headers: SecurityHeadersConfig;
}
export declare class HttpsEnforcer {
    private config;
    constructor(config?: Partial<HttpsConfig>);
    /**
     * Create HTTPS enforcement middleware
     */
    httpsMiddleware(): (req: any, res: any, next: any) => any;
    /**
     * Create security headers middleware
     */
    securityHeadersMiddleware(): (req: any, res: any, next: any) => void;
    /**
     * Set security headers on response
     */
    private setSecurityHeaders;
    /**
     * Check if request is secure
     */
    private isSecureRequest;
    /**
     * Check if path is excluded from HTTPS enforcement
     */
    private isExcludedPath;
    /**
     * Build HTTPS URL for redirect
     */
    private buildHttpsUrl;
    /**
     * Build Content Security Policy header
     */
    private buildCSPHeader;
    /**
     * Build HSTS header
     */
    private buildHSTSHeader;
    /**
     * Build Frame Options header
     */
    private buildFrameOptionsHeader;
    /**
     * Build Permissions Policy header
     */
    private buildPermissionsPolicyHeader;
    /**
     * Create CSP violation reporting endpoint
     */
    cspReportingMiddleware(): (req: any, res: any) => void;
    /**
     * Store CSP violation for analysis
     */
    private storeCSPViolation;
    /**
     * Create comprehensive security middleware stack
     */
    createSecurityMiddleware(): ((req: any, res: any, next: any) => any)[];
    /**
     * Validate security configuration
     */
    validateConfig(): {
        isValid: boolean;
        errors: string[];
    };
    /**
     * Get security headers for testing
     */
    getSecurityHeaders(): Record<string, string>;
    /**
     * Update configuration
     */
    updateConfig(config: Partial<HttpsConfig>): void;
    /**
     * Create development-friendly configuration
     */
    static createDevelopmentConfig(): Partial<HttpsConfig>;
    /**
     * Create production configuration
     */
    static createProductionConfig(): Partial<HttpsConfig>;
}
//# sourceMappingURL=https-enforcer.d.ts.map