Fix CSP issues in production
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
parent
c596d7e478
commit
e933004daf
|
@ -37,5 +37,6 @@ new Vue({
|
||||||
el: "#app",
|
el: "#app",
|
||||||
template: "<App/>",
|
template: "<App/>",
|
||||||
components: { App },
|
components: { App },
|
||||||
|
render: (h) => h(App),
|
||||||
i18n,
|
i18n,
|
||||||
});
|
});
|
||||||
|
|
|
@ -1,10 +1,8 @@
|
||||||
const path = require("path");
|
const path = require("path");
|
||||||
const ForkTsCheckerWebpackPlugin = require("fork-ts-checker-webpack-plugin");
|
const ForkTsCheckerWebpackPlugin = require("fork-ts-checker-webpack-plugin");
|
||||||
|
const webpack = require("webpack");
|
||||||
|
|
||||||
module.exports = {
|
module.exports = {
|
||||||
runtimeCompiler: true,
|
|
||||||
filenameHashing: true,
|
|
||||||
productionSourceMap: false,
|
|
||||||
outputDir: path.resolve(__dirname, "../priv/static"),
|
outputDir: path.resolve(__dirname, "../priv/static"),
|
||||||
configureWebpack: (config) => {
|
configureWebpack: (config) => {
|
||||||
// Limit the used memory when building
|
// Limit the used memory when building
|
||||||
|
@ -26,6 +24,12 @@ module.exports = {
|
||||||
forkTsCheckerOptions.memoryLimit = process.env.NODE_BUILD_MEMORY || 2048;
|
forkTsCheckerOptions.memoryLimit = process.env.NODE_BUILD_MEMORY || 2048;
|
||||||
|
|
||||||
config.plugins.push(new ForkTsCheckerWebpackPlugin(forkTsCheckerOptions));
|
config.plugins.push(new ForkTsCheckerWebpackPlugin(forkTsCheckerOptions));
|
||||||
|
config.plugins.push(
|
||||||
|
new webpack.DefinePlugin({
|
||||||
|
global: "window", // Placeholder for global used in any node_modules
|
||||||
|
})
|
||||||
|
);
|
||||||
|
config.node.global = false;
|
||||||
},
|
},
|
||||||
chainWebpack: (config) => {
|
chainWebpack: (config) => {
|
||||||
// remove the prefetch plugin
|
// remove the prefetch plugin
|
||||||
|
|
|
@ -12399,9 +12399,9 @@ vue-resize@^1.0.0:
|
||||||
integrity sha512-SkIi19neeJClapYavfmHiewFZkkTfITVWskg/dIL8b1Eb+RlvnCb8fjGUwLjQJmsw2qsRiiAo4o7BAJVM4pcOA==
|
integrity sha512-SkIi19neeJClapYavfmHiewFZkkTfITVWskg/dIL8b1Eb+RlvnCb8fjGUwLjQJmsw2qsRiiAo4o7BAJVM4pcOA==
|
||||||
|
|
||||||
vue-router@^3.1.6:
|
vue-router@^3.1.6:
|
||||||
version "3.5.0"
|
version "3.5.1"
|
||||||
resolved "https://registry.yarnpkg.com/vue-router/-/vue-router-3.5.0.tgz#ae49da16a2939f8d28d66d5784b14167d661192f"
|
resolved "https://registry.yarnpkg.com/vue-router/-/vue-router-3.5.1.tgz#edf3cf4907952d1e0583e079237220c5ff6eb6c9"
|
||||||
integrity sha512-QYrPzHMJiJCq20ezhlGok+NbrmjzhQDG6pnpJaD14Eg3NvT07s3acYz2ktxJ7vGHd/Ts4TgG9Tt8a2PA+Js5fw==
|
integrity sha512-RRQNLT8Mzr8z7eL4p7BtKvRaTSGdCbTy2+Mm5HTJvLGYSSeG9gDzNasJPP/yOYKLy+/cLG/ftrqq5fvkFwBJEw==
|
||||||
|
|
||||||
vue-scrollto@^2.17.1:
|
vue-scrollto@^2.17.1:
|
||||||
version "2.20.0"
|
version "2.20.0"
|
||||||
|
|
|
@ -60,19 +60,14 @@ defmodule Mobilizon.Web.Plugs.HTTPSecurityPlug do
|
||||||
if Config.get(:env) == :dev do
|
if Config.get(:env) == :dev do
|
||||||
"script-src 'self' 'unsafe-eval' 'unsafe-inline' "
|
"script-src 'self' 'unsafe-eval' 'unsafe-inline' "
|
||||||
else
|
else
|
||||||
"script-src 'self' "
|
"script-src 'self' 'unsafe-eval' 'sha256-4RS22DYeB7U14dra4KcQYxmwt5HkOInieXK1NUMBmQI=' "
|
||||||
end
|
end
|
||||||
|
|
||||||
script_src = [script_src] ++ Config.get([:http_security, :csp_policy, :script_src])
|
script_src = [script_src] ++ Config.get([:http_security, :csp_policy, :script_src])
|
||||||
|
|
||||||
style_src =
|
style_src =
|
||||||
if Config.get(:env) == :dev do
|
["style-src 'self' 'unsafe-inline' "] ++
|
||||||
"style-src 'self' 'unsafe-inline' "
|
Config.get([:http_security, :csp_policy, :style_src])
|
||||||
else
|
|
||||||
"style-src 'self' "
|
|
||||||
end
|
|
||||||
|
|
||||||
style_src = [style_src] ++ Config.get([:http_security, :csp_policy, :style_src])
|
|
||||||
|
|
||||||
font_src = ["font-src 'self' "] ++ Config.get([:http_security, :csp_policy, :font_src])
|
font_src = ["font-src 'self' "] ++ Config.get([:http_security, :csp_policy, :font_src])
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue