diff --git a/tests/__snapshots__/entry-templates.test.ts.snap b/tests/__snapshots__/entry-templates.test.ts.snap
new file mode 100644
index 00000000..ec9c517f
--- /dev/null
+++ b/tests/__snapshots__/entry-templates.test.ts.snap
@@ -0,0 +1,17146 @@
+// Vitest Snapshot v1, https://vitest.dev/guide/snapshot.html
+
+exports[`App Router entry templates > generateBrowserEntry snapshot 1`] = `
+"
+import {
+ createFromReadableStream,
+ createFromFetch,
+ setServerCallback,
+ encodeReply,
+ createTemporaryReferenceSet,
+} from "@vitejs/plugin-rsc/browser";
+import { hydrateRoot } from "react-dom/client";
+import { flushSync } from "react-dom";
+import { setClientParams, setNavigationContext, toRscUrl, getPrefetchCache, getPrefetchedUrls, PREFETCH_CACHE_TTL } from "next/navigation";
+
+let reactRoot;
+
+/**
+ * Convert the embedded RSC chunks back to a ReadableStream.
+ * Each chunk is a text string that needs to be encoded back to Uint8Array.
+ */
+function chunksToReadableStream(chunks) {
+ const encoder = new TextEncoder();
+ return new ReadableStream({
+ start(controller) {
+ for (const chunk of chunks) {
+ controller.enqueue(encoder.encode(chunk));
+ }
+ controller.close();
+ }
+ });
+}
+
+/**
+ * Create a ReadableStream from progressively-embedded RSC chunks.
+ * The server injects RSC data as
+ *
+ * Chunks are embedded as text strings (not byte arrays) since the RSC flight
+ * protocol is text-based. The browser entry encodes them back to Uint8Array.
+ * This is ~3x more compact than the previous byte-array format.
+ */
+function createRscEmbedTransform(embedStream) {
+ const reader = embedStream.getReader();
+ const _decoder = new TextDecoder();
+ let done = false;
+ let pendingChunks = [];
+ let reading = false;
+
+ // Fix invalid preload "as" values in RSC Flight hint lines before
+ // they reach the client. React Flight emits HL hints with
+ // as="stylesheet" for CSS, but the HTML spec requires as="style"
+ // for . The fixPreloadAs() below only fixes the
+ // server-rendered HTML stream; this fixes the raw Flight data that
+ // gets embedded as __VINEXT_RSC_CHUNKS__ and processed client-side.
+ function fixFlightHints(text) {
+ // Flight hint format: :HL["url","stylesheet"] or with options
+ return text.replace(/(\\d+:HL\\[.*?),"stylesheet"(\\]|,)/g, '$1,"style"$2');
+ }
+
+ // Start reading RSC chunks in the background, accumulating them as text strings.
+ // The RSC flight protocol is text-based, so decoding to strings and embedding
+ // as JSON strings is ~3x more compact than the byte-array format.
+ async function pumpReader() {
+ if (reading) return;
+ reading = true;
+ try {
+ while (true) {
+ const result = await reader.read();
+ if (result.done) {
+ done = true;
+ break;
+ }
+ const text = _decoder.decode(result.value, { stream: true });
+ pendingChunks.push(fixFlightHints(text));
+ }
+ } catch (err) {
+ if (process.env.NODE_ENV !== "production") {
+ console.warn("[vinext] RSC embed stream read error:", err);
+ }
+ done = true;
+ }
+ reading = false;
+ }
+
+ // Fire off the background reader immediately
+ const pumpPromise = pumpReader();
+
+ return {
+ /**
+ * Flush any accumulated RSC chunks as ";
+ }
+ return scripts;
+ },
+
+ /**
+ * Wait for the RSC stream to fully complete and return any final
+ * script tags plus the closing signal.
+ */
+ async finalize() {
+ await pumpPromise;
+ let scripts = this.flush();
+ // Signal that all RSC chunks have been sent.
+ // Params are already embedded in — no need to include here.
+ scripts += "";
+ return scripts;
+ },
+ };
+}
+
+/**
+ * Render the RSC stream to HTML.
+ *
+ * @param rscStream - The RSC payload stream from the RSC environment
+ * @param navContext - Navigation context for client component SSR hooks.
+ * "use client" components like those using usePathname() need the current
+ * request URL during SSR, and they run in this SSR environment (separate
+ * from the RSC environment where the context was originally set).
+ * @param fontData - Font links and styles collected from the RSC environment.
+ * Fonts are loaded during RSC rendering (when layout calls Geist() etc.),
+ * and the data needs to be passed to SSR since they're separate module instances.
+ */
+export async function handleSsr(rscStream, navContext, fontData) {
+ // Wrap in a navigation ALS scope for per-request isolation in the SSR
+ // environment. The SSR environment has separate module instances from RSC,
+ // so it needs its own ALS scope.
+ return _runWithNavCtx(async () => {
+ // Set navigation context so hooks like usePathname() work during SSR
+ // of "use client" components
+ if (navContext) {
+ setNavigationContext(navContext);
+ }
+
+ // Clear any stale callbacks from previous requests
+ const { clearServerInsertedHTML, flushServerInsertedHTML, useServerInsertedHTML: _addInsertedHTML } = await import("next/navigation");
+ clearServerInsertedHTML();
+
+ try {
+ // Tee the RSC stream - one for SSR rendering, one for embedding in HTML.
+ // This ensures the browser uses the SAME RSC payload for hydration that
+ // was used to generate the HTML, avoiding hydration mismatches (React #418).
+ const [ssrStream, embedStream] = rscStream.tee();
+
+ // Create the progressive RSC embed helper — it reads the embed stream
+ // in the background and provides script tags to inject into the HTML stream.
+ const rscEmbed = createRscEmbedTransform(embedStream);
+
+ // Deserialize RSC stream back to React VDOM.
+ // IMPORTANT: Do NOT await this — createFromReadableStream returns a thenable
+ // that React's renderToReadableStream can consume progressively. By passing
+ // the unresolved thenable, React will render Suspense fallbacks (loading.tsx)
+ // immediately in the HTML shell, then stream in resolved content as RSC
+ // chunks arrive. Awaiting here would block until all async server components
+ // complete, collapsing the streaming behavior.
+ // Lazily create the Flight root inside render so React's hook dispatcher is set
+ // (avoids React 19 dev-mode resolveErrorDev() crash). VinextFlightRoot returns
+ // a thenable (not a ReactNode), which React 19 consumes via its internal
+ // thenable-as-child suspend/resume behavior. This matches Next.js's approach.
+ let flightRoot;
+ function VinextFlightRoot() {
+ if (!flightRoot) {
+ flightRoot = createFromReadableStream(ssrStream);
+ }
+ return flightRoot;
+ }
+ const root = _ssrCE(VinextFlightRoot);
+
+ // Wrap with ServerInsertedHTMLContext.Provider so libraries that use
+ // useContext(ServerInsertedHTMLContext) (Apollo Client, styled-components,
+ // etc.) get a working callback registration function during SSR.
+ // The provider value is useServerInsertedHTML — same function that direct
+ // callers use — so both paths push to the same ALS-backed callback array.
+ const ssrRoot = ServerInsertedHTMLContext
+ ? _ssrCE(ServerInsertedHTMLContext.Provider, { value: _addInsertedHTML }, root)
+ : root;
+
+ // Get the bootstrap script content for the browser entry
+ const bootstrapScriptContent =
+ await import.meta.viteRsc.loadBootstrapScriptContent("index");
+
+ // djb2 hash for digest generation in the SSR environment.
+ // Matches the RSC environment's __errorDigest function.
+ function ssrErrorDigest(str) {
+ let hash = 5381;
+ for (let i = str.length - 1; i >= 0; i--) {
+ hash = (hash * 33) ^ str.charCodeAt(i);
+ }
+ return (hash >>> 0).toString();
+ }
+
+ // Render HTML (streaming SSR)
+ // useServerInsertedHTML callbacks are registered during this render.
+ // The onError callback preserves the digest for Next.js navigation errors
+ // (redirect, notFound, forbidden, unauthorized) thrown inside Suspense
+ // boundaries during RSC streaming. Without this, React's default onError
+ // returns undefined and the digest is lost in the $RX() call, preventing
+ // client-side error boundaries from identifying the error type.
+ // In production, non-navigation errors also get a digest hash so they
+ // can be correlated with server logs without leaking details to clients.
+ const htmlStream = await renderToReadableStream(ssrRoot, {
+ bootstrapScriptContent,
+ onError(error) {
+ if (error && typeof error === "object" && "digest" in error) {
+ return String(error.digest);
+ }
+ // In production, generate a digest hash for non-navigation errors
+ if (process.env.NODE_ENV === "production" && error) {
+ const msg = error instanceof Error ? error.message : String(error);
+ const stack = error instanceof Error ? (error.stack || "") : "";
+ return ssrErrorDigest(msg + stack);
+ }
+ return undefined;
+ },
+ });
+
+
+ // Flush useServerInsertedHTML callbacks (CSS-in-JS style injection)
+ const insertedElements = flushServerInsertedHTML();
+
+ // Render the inserted elements to HTML strings
+ const { Fragment } = await import("react");
+ let insertedHTML = "";
+ for (const el of insertedElements) {
+ try {
+ insertedHTML += renderToStaticMarkup(_ssrCE(Fragment, null, el));
+ } catch {
+ // Skip elements that can't be rendered
+ }
+ }
+
+ // Escape HTML attribute values (defense-in-depth for font URLs/types).
+ function _escAttr(s) { return s.replace(/&/g, "&").replace(/"/g, """); }
+
+ // Build font HTML from data passed from RSC environment
+ // (Fonts are loaded during RSC rendering, and RSC/SSR are separate module instances)
+ let fontHTML = "";
+ if (fontData) {
+ if (fontData.links && fontData.links.length > 0) {
+ for (const url of fontData.links) {
+ fontHTML += '\\n';
+ }
+ }
+ // Emit for local font files
+ if (fontData.preloads && fontData.preloads.length > 0) {
+ for (const preload of fontData.preloads) {
+ fontHTML += '\\n';
+ }
+ }
+ if (fontData.styles && fontData.styles.length > 0) {
+ fontHTML += '\\n';
+ }
+ }
+
+ // Extract client entry module URL from bootstrapScriptContent to emit
+ // a hint. The RSC plugin formats bootstrap
+ // content as: import("URL") — we extract the URL so the browser can
+ // speculatively fetch and parse the JS module while still processing
+ // the HTML body, instead of waiting until it reaches the inline script.
+ let modulePreloadHTML = "";
+ if (bootstrapScriptContent) {
+ const m = bootstrapScriptContent.match(/import\\("([^"]+)"\\)/);
+ if (m && m[1]) {
+ modulePreloadHTML = '\\n';
+ }
+ }
+
+ // Head-injected HTML: server-inserted HTML, font HTML, route params,
+ // and modulepreload hints.
+ // RSC payload is now embedded progressively via script tags in the body stream.
+ // Params are embedded eagerly in so they're available before client
+ // hydration starts, avoiding the need for polling on the client.
+ const paramsScript = '';
+ // Embed the initial navigation context (pathname + searchParams) so the
+ // browser useSyncExternalStore getServerSnapshot can return the correct
+ // value during hydration. Without this, getServerSnapshot returns "/" and
+ // React detects a mismatch against the SSR-rendered HTML.
+ // Serialise searchParams as an array of [key, value] pairs to preserve
+ // duplicate keys (e.g. ?tag=a&tag=b). Object.fromEntries() would keep
+ // only the last value, causing a hydration mismatch for multi-value params.
+ const __navPayload = { pathname: navContext?.pathname ?? '/', searchParams: navContext?.searchParams ? [...navContext.searchParams.entries()] : [] };
+ const navScript = '';
+ const injectHTML = paramsScript + navScript + modulePreloadHTML + insertedHTML + fontHTML;
+
+ // Inject the collected HTML before and progressively embed RSC
+ // chunks as script tags throughout the HTML body stream.
+ const decoder = new TextDecoder();
+ const encoder = new TextEncoder();
+ let injected = false;
+
+ // Fix invalid preload "as" values in server-rendered HTML.
+ // React Fizz emits for CSS,
+ // but the HTML spec requires as="style" for .
+ // Note: fixFlightHints() in createRscEmbedTransform handles the
+ // complementary case — fixing the raw Flight stream data before
+ // it's embedded as __VINEXT_RSC_CHUNKS__ for client-side processing.
+ // See: https://html.spec.whatwg.org/multipage/links.html#link-type-preload
+ function fixPreloadAs(html) {
+ // Match in any attribute order
+ return html.replace(/]*\\srel="preload")[^>]*>/g, function(tag) {
+ return tag.replace(' as="stylesheet"', ' as="style"');
+ });
+ }
+
+ // Tick-buffered RSC script injection.
+ //
+ // React's renderToReadableStream (Fizz) flushes chunks synchronously
+ // within one microtask — all chunks from a single flushCompletedQueues
+ // call arrive in the same macrotask. We buffer HTML chunks as they
+ // arrive, then use setTimeout(0) to defer emitting them plus any
+ // accumulated RSC scripts to the next macrotask. This guarantees we
+ // never inject ');
+ }
+ if (m) {
+ // Always inject shared chunks (framework, vinext runtime, entry) and
+ // page-specific chunks. The manifest maps module file paths to their
+ // associated JS/CSS assets.
+ //
+ // For page-specific injection, the module IDs may be absolute paths
+ // while the manifest uses relative paths. Try both the original ID
+ // and a suffix match to find the correct manifest entry.
+ var allFiles = [];
+
+ if (moduleIds && moduleIds.length > 0) {
+ // Collect assets for the requested page modules
+ for (var mi = 0; mi < moduleIds.length; mi++) {
+ var id = moduleIds[mi];
+ var files = m[id];
+ if (!files) {
+ // Absolute path didn't match — try matching by suffix.
+ // Manifest keys are relative (e.g. "pages/about.tsx") while
+ // moduleIds may be absolute (e.g. "/home/.../pages/about.tsx").
+ for (var mk in m) {
+ if (id.endsWith("/" + mk) || id === mk) {
+ files = m[mk];
+ break;
+ }
+ }
+ }
+ if (files) {
+ for (var fi = 0; fi < files.length; fi++) allFiles.push(files[fi]);
+ }
+ }
+
+ // Also inject shared chunks that every page needs: framework,
+ // vinext runtime, and the entry bootstrap. These are identified
+ // by scanning all manifest values for chunk filenames containing
+ // known prefixes.
+ for (var key in m) {
+ var vals = m[key];
+ if (!vals) continue;
+ for (var vi = 0; vi < vals.length; vi++) {
+ var file = vals[vi];
+ var basename = file.split("/").pop() || "";
+ if (
+ basename.startsWith("framework-") ||
+ basename.startsWith("vinext-") ||
+ basename.includes("vinext-client-entry") ||
+ basename.includes("vinext-app-browser-entry")
+ ) {
+ allFiles.push(file);
+ }
+ }
+ }
+ } else {
+ // No specific modules — include all assets from manifest
+ for (var akey in m) {
+ var avals = m[akey];
+ if (avals) {
+ for (var ai = 0; ai < avals.length; ai++) allFiles.push(avals[ai]);
+ }
+ }
+ }
+
+ for (var ti = 0; ti < allFiles.length; ti++) {
+ var tf = allFiles[ti];
+ // Normalize: Vite's SSR manifest values include a leading '/'
+ // (from base path), but we prepend '/' ourselves when building
+ // href/src attributes. Strip any existing leading slash to avoid
+ // producing protocol-relative URLs like "//assets/chunk.js".
+ // This also ensures consistent keys for the seen-set dedup and
+ // lazySet.has() checks (which use values without leading slash).
+ if (tf.charAt(0) === '/') tf = tf.slice(1);
+ if (seen.has(tf)) continue;
+ seen.add(tf);
+ if (tf.endsWith(".css")) {
+ tags.push('');
+ } else if (tf.endsWith(".js")) {
+ // Skip lazy chunks — they are behind dynamic import() boundaries
+ // (React.lazy, next/dynamic) and should only be fetched on demand.
+ if (lazySet && lazySet.has(tf)) continue;
+ tags.push('');
+ tags.push('');
+ }
+ }
+ }
+ return tags.join("\\n ");
+}
+
+// i18n helpers
+function extractLocale(url) {
+ if (!i18nConfig) return { locale: undefined, url, hadPrefix: false };
+ const pathname = url.split("?")[0];
+ const parts = pathname.split("/").filter(Boolean);
+ const query = url.includes("?") ? url.slice(url.indexOf("?")) : "";
+ if (parts.length > 0 && i18nConfig.locales.includes(parts[0])) {
+ const locale = parts[0];
+ const rest = "/" + parts.slice(1).join("/");
+ return { locale, url: (rest || "/") + query, hadPrefix: true };
+ }
+ return { locale: i18nConfig.defaultLocale, url, hadPrefix: false };
+}
+
+function detectLocaleFromHeaders(headers) {
+ if (!i18nConfig) return null;
+ const acceptLang = headers.get("accept-language");
+ if (!acceptLang) return null;
+ const langs = acceptLang.split(",").map(function(part) {
+ const pieces = part.trim().split(";");
+ const q = pieces[1] ? parseFloat(pieces[1].replace("q=", "")) : 1;
+ return { lang: pieces[0].trim().toLowerCase(), q: q };
+ }).sort(function(a, b) { return b.q - a.q; });
+ for (let k = 0; k < langs.length; k++) {
+ const lang = langs[k].lang;
+ for (let j = 0; j < i18nConfig.locales.length; j++) {
+ if (i18nConfig.locales[j].toLowerCase() === lang) return i18nConfig.locales[j];
+ }
+ const prefix = lang.split("-")[0];
+ for (let j = 0; j < i18nConfig.locales.length; j++) {
+ const loc = i18nConfig.locales[j].toLowerCase();
+ if (loc === prefix || loc.startsWith(prefix + "-")) return i18nConfig.locales[j];
+ }
+ }
+ return null;
+}
+
+function parseCookieLocaleFromHeader(cookieHeader) {
+ if (!i18nConfig || !cookieHeader) return null;
+ const match = cookieHeader.match(/(?:^|;\\s*)NEXT_LOCALE=([^;]*)/);
+ if (!match) return null;
+ var value;
+ try { value = decodeURIComponent(match[1].trim()); } catch (e) { return null; }
+ if (i18nConfig.locales.indexOf(value) !== -1) return value;
+ return null;
+}
+
+function parseCookies(cookieHeader) {
+ const cookies = {};
+ if (!cookieHeader) return cookies;
+ for (const part of cookieHeader.split(";")) {
+ const [key, ...rest] = part.split("=");
+ if (key) cookies[key.trim()] = rest.join("=").trim();
+ }
+ return cookies;
+}
+
+// Lightweight req/res facade for getServerSideProps and API routes.
+// Next.js pages expect ctx.req/ctx.res with Node-like shapes.
+function createReqRes(request, url, query, body) {
+ const headersObj = {};
+ for (const [k, v] of request.headers) headersObj[k.toLowerCase()] = v;
+
+ const req = {
+ method: request.method,
+ url: url,
+ headers: headersObj,
+ query: query,
+ body: body,
+ cookies: parseCookies(request.headers.get("cookie")),
+ };
+
+ let resStatusCode = 200;
+ const resHeaders = {};
+ // set-cookie needs array support (multiple Set-Cookie headers are common)
+ const setCookieHeaders = [];
+ let resBody = null;
+ let ended = false;
+ let resolveResponse;
+ const responsePromise = new Promise(function(r) { resolveResponse = r; });
+
+ const res = {
+ get statusCode() { return resStatusCode; },
+ set statusCode(code) { resStatusCode = code; },
+ writeHead: function(code, headers) {
+ resStatusCode = code;
+ if (headers) {
+ for (const [k, v] of Object.entries(headers)) {
+ if (k.toLowerCase() === "set-cookie") {
+ if (Array.isArray(v)) { for (const c of v) setCookieHeaders.push(c); }
+ else { setCookieHeaders.push(v); }
+ } else {
+ resHeaders[k] = v;
+ }
+ }
+ }
+ return res;
+ },
+ setHeader: function(name, value) {
+ if (name.toLowerCase() === "set-cookie") {
+ if (Array.isArray(value)) { for (const c of value) setCookieHeaders.push(c); }
+ else { setCookieHeaders.push(value); }
+ } else {
+ resHeaders[name.toLowerCase()] = value;
+ }
+ return res;
+ },
+ getHeader: function(name) {
+ if (name.toLowerCase() === "set-cookie") return setCookieHeaders.length > 0 ? setCookieHeaders : undefined;
+ return resHeaders[name.toLowerCase()];
+ },
+ end: function(data) {
+ if (ended) return;
+ ended = true;
+ if (data !== undefined && data !== null) resBody = data;
+ const h = new Headers(resHeaders);
+ for (const c of setCookieHeaders) h.append("set-cookie", c);
+ resolveResponse(new Response(resBody, { status: resStatusCode, headers: h }));
+ },
+ status: function(code) { resStatusCode = code; return res; },
+ json: function(data) {
+ resHeaders["content-type"] = "application/json";
+ res.end(JSON.stringify(data));
+ },
+ send: function(data) {
+ if (typeof data === "object" && data !== null) { res.json(data); }
+ else { if (!resHeaders["content-type"]) resHeaders["content-type"] = "text/plain"; res.end(String(data)); }
+ },
+ redirect: function(statusOrUrl, url2) {
+ if (typeof statusOrUrl === "string") { res.writeHead(307, { Location: statusOrUrl }); }
+ else { res.writeHead(statusOrUrl, { Location: url2 }); }
+ res.end();
+ },
+ getHeaders: function() {
+ var h = Object.assign({}, resHeaders);
+ if (setCookieHeaders.length > 0) h["set-cookie"] = setCookieHeaders;
+ return h;
+ },
+ get headersSent() { return ended; },
+ };
+
+ return { req, res, responsePromise };
+}
+
+/**
+ * Read request body as text with a size limit.
+ * Throws if the body exceeds maxBytes. This prevents DoS via chunked
+ * transfer encoding where Content-Length is absent or spoofed.
+ */
+async function readBodyWithLimit(request, maxBytes) {
+ if (!request.body) return "";
+ var reader = request.body.getReader();
+ var decoder = new TextDecoder();
+ var chunks = [];
+ var totalSize = 0;
+ for (;;) {
+ var result = await reader.read();
+ if (result.done) break;
+ totalSize += result.value.byteLength;
+ if (totalSize > maxBytes) {
+ reader.cancel();
+ throw new Error("Request body too large");
+ }
+ chunks.push(decoder.decode(result.value, { stream: true }));
+ }
+ chunks.push(decoder.decode());
+ return chunks.join("");
+}
+
+export async function renderPage(request, url, manifest) {
+ const localeInfo = extractLocale(url);
+ const locale = localeInfo.locale;
+ const routeUrl = localeInfo.url;
+ const cookieHeader = request.headers.get("cookie") || "";
+
+ // i18n redirect: check NEXT_LOCALE cookie first, then Accept-Language
+ if (i18nConfig && !localeInfo.hadPrefix) {
+ const cookieLocale = parseCookieLocaleFromHeader(cookieHeader);
+ if (cookieLocale && cookieLocale !== i18nConfig.defaultLocale) {
+ return new Response(null, { status: 307, headers: { Location: "/" + cookieLocale + routeUrl } });
+ }
+ if (!cookieLocale && i18nConfig.localeDetection !== false) {
+ const detected = detectLocaleFromHeaders(request.headers);
+ if (detected && detected !== i18nConfig.defaultLocale) {
+ return new Response(null, { status: 307, headers: { Location: "/" + detected + routeUrl } });
+ }
+ }
+ }
+
+ const match = matchRoute(routeUrl, pageRoutes);
+ if (!match) {
+ return new Response("