import { Elysia } from "elysia";
/**
 * Configuration interface for Report-To header
 */
export interface ReportToConfig {
    /** Group name for the endpoint */
    group: string;
    /** Maximum age of the endpoint configuration (in seconds) */
    maxAge: number;
    /** Endpoints to send reports to */
    endpoints: Array<{
        url: string;
        priority?: number;
        weight?: number;
    }>;
    /** Include subdomains in reporting */
    includeSubdomains?: boolean;
}
/**
 * Configuration interface for Content Security Policy
 */
export interface CSPConfig {
    /** Default source directive */
    defaultSrc?: string[];
    /** Script source directive */
    scriptSrc?: string[];
    /** Style source directive */
    styleSrc?: string[];
    /** Image source directive */
    imgSrc?: string[];
    /** Font source directive */
    fontSrc?: string[];
    /** Connect source directive */
    connectSrc?: string[];
    /** Frame source directive */
    frameSrc?: string[];
    /** Object source directive */
    objectSrc?: string[];
    /** Base URI directive */
    baseUri?: string[];
    /** Report URI directive */
    reportUri?: string;
    /** Use nonce for script and style tags */
    useNonce?: boolean;
    /** Report-only mode */
    reportOnly?: boolean;
}
/**
 * Configuration inerface for HTTP Strict Transport Security
 */
export interface HSTSConfig {
    /** Maximum age */
    maxAge?: number;
    /** Include sub-domains */
    includeSubDomains?: boolean;
    /** Preload */
    preload?: boolean;
}
/**
 * Configuration interface for Security Headers
 */
export interface SecurityConfig {
    /** Content Security Policy configuration */
    csp?: CSPConfig;
    /** Enable or disable X-Frame-Options (DENY, SAMEORIGIN, ALLOW-FROM) */
    frameOptions?: "DENY" | "SAMEORIGIN" | "ALLOW-FROM";
    /** Enable or disable XSS Protection */
    xssProtection?: boolean;
    /** Enable or disable DNS Prefetch Control */
    dnsPrefetch?: boolean;
    /** Configure Referrer Policy */
    referrerPolicy?: "no-referrer" | "no-referrer-when-downgrade" | "origin" | "origin-when-cross-origin" | "same-origin" | "strict-origin" | "strict-origin-when-cross-origin" | "unsafe-url";
    /** Configure Permissions Policy */
    permissionsPolicy?: Record<string, string[]>;
    /** Configure HSTS (HTTP Strict Transport Security) */
    hsts?: HSTSConfig;
    /** Enable or disable Cross-Origin Resource Policy */
    corp?: "same-origin" | "same-site" | "cross-origin";
    /** Enable or disable Cross-Origin Opener Policy */
    coop?: "unsafe-none" | "same-origin-allow-popups" | "same-origin";
    /** Configure Report-To header */
    reportTo?: ReportToConfig[];
    /** Custom headers to add */
    customHeaders?: Record<string, string>;
}
/**
 * An object containing permission related constants for some security configurations
 */
export declare const permission: {
    /** Source: Self allowed */
    readonly SELF: "'self'";
    /** Source: Unsafe Inline allowed */
    readonly UNSAFE_INLINE: "'unsafe-inline'";
    /** Source: HTTPS allowed */
    readonly HTTPS: "https:";
    /** Source: Data allowed */
    readonly DATA: "data:";
    /** Source: None is allowed */
    readonly NONE: "'none'";
    /** Source: Blob allowed */
    readonly BLOB: "blob:";
};
/**
 * Creates an Elysia middleware that adds security headers to all responses
 * Optimized for performance with minimal object spread operations
 */
export declare const elysiaHelmet: (config?: Partial<SecurityConfig>) => Elysia<"", {
    decorator: {};
    store: {};
    derive: {};
    resolve: {};
}, {
    typebox: import("@sinclair/typebox").TModule<{}>;
    error: {};
}, {
    schema: {};
    macro: {};
    macroFn: {};
    parser: {};
}, {}, {
    derive: {};
    resolve: {};
    schema: {};
}, {
    derive: {};
    resolve: {};
    schema: {};
}>;
//# sourceMappingURL=index.d.ts.map