HTTP Server

XStatic: High-Performance Delegation

Zero-copy architecture that offloads static file delivery to the native Go engine for maximum throughput and minimal overhead.

Overview

In traditional Node.js web frameworks, serving static files involves reading data from the disk into memory buffers, processing them through the JavaScript event loop, and writing them to the network socket. This approach introduces critical bottlenecks:

Memory Overhead

Every file read creates temporary buffers that increase garbage collection (GC) pressure.

Event Loop Blocking

Large transfers or high concurrency can saturate the event loop, delaying business logic.

Context Switching

Movement between kernel space and user space incurs significant CPU overhead.

XStatic solves these issues by implementing a Zero-Copy IPC Delegation architecture. Instead of serving files through Node.js, XyPriss validates the request in TypeScript and then "delegates" the actual data transfer to the native XHSC (Go) engine.

Basic Usage

To enable XStatic, instantiate the component and define your routes:

typescript

import { XStatic, createServer } from "xypriss";

const app = createServer();
const xs = new XStatic(app, __sys__);

// Define a static route (URI path -> physical directory)
xs.define("/static", "public");

app.start();

Configuration Examples

Case 1: Secure Sandbox (Default)

Ensures that even crafted URLs like /static/../../.env are blocked. Any path outside the root results in a 403 Forbidden.

typescript

xs.define("/assets", "./public", {
    allowOutsideRoot: false, // Default security boundary
    maxAge: "1d"             // Caching for 24 hours
});

Case 2: Shared Assets (Cross-Root)

Allows serving files from shared mounts or global folders outside the project root while maintaining normalization.

typescript

xs.define("/global", "/mnt/shared/images", {
    allowOutsideRoot: true,
    maxAge: 3600 // 1 hour
});

Global Configuration

Settings in createServer define the default security and performance policy for all static instances.

lruCacheSizeSets the Meta-Cache size for negative lookups

Stores the state of non-existent files. Subsequent requests for unknown files are served directly from RAM, saving disk I/O.

typescript

static: { lruCacheSize: 10000 }

dotfilesControls access to hidden files (.env, .git)

typescript

static: {
    dotfiles: {
        mode: "deny",
        custom: ["config.json", "private.key"] // Block specific sensitive files
    }
}

zeroCopyNative sendfile(2) optimization

Data is transferred directly from disk to network without intermediate memory copies. Node.js memory stays flat even for multi-gigabyte transfers.

typescript

static: { zeroCopy: true }

concurrencyPool

Limits concurrent I/O goroutines in the native engine to prevent resource exhaustion (default: 2048).

defaultMaxAge

Sets a default Cache-Control policy for all served assets.

Performance Benchmarks

Metric	Traditional Node.js	XyPriss XStatic
Throughput	~5,000 req/s	~45,000+ req/s
Memory Usage	Grows with load	Constant (Zero-Copy)
CPU Overhead	High (GC + Buffer Copy)	Minimal (Kernel Handover)

File Delegation vs Streaming

XStatic represents a shift from "File Streaming" to File Delegation. By offloading data transfer to a compiled native engine, XyPriss provides an enterprise-grade solution for serving assets at scale.

File Uploads

Configure the native XHSC-powered file upload system for production.