mirror of
https://github.com/StanGirard/quivr.git
synced 2024-12-24 20:03:41 +03:00
✨ add cors security headers (#533)
This commit is contained in:
parent
4261ddae51
commit
9e942ba959
@ -3,6 +3,7 @@ from fastapi.middleware.cors import CORSMiddleware
|
|||||||
origins = [
|
origins = [
|
||||||
"http://localhost",
|
"http://localhost",
|
||||||
"http://localhost:3000",
|
"http://localhost:3000",
|
||||||
|
"http://localhost:3001",
|
||||||
"https://quivr.app",
|
"https://quivr.app",
|
||||||
"https://www.quivr.app",
|
"https://www.quivr.app",
|
||||||
"http://quivr.app",
|
"http://quivr.app",
|
||||||
|
@ -1,4 +1,56 @@
|
|||||||
const nextConfig = {};
|
const nextConfig = {
|
||||||
|
// eslint-disable-next-line prefer-arrow/prefer-arrow-functions
|
||||||
|
async headers() {
|
||||||
|
return [
|
||||||
|
{
|
||||||
|
source: "/(.*)",
|
||||||
|
headers: securityHeaders,
|
||||||
|
},
|
||||||
|
];
|
||||||
|
},
|
||||||
|
};
|
||||||
|
//add check of if localhsot of not
|
||||||
|
const ContentSecurityPolicy = `
|
||||||
|
default-src 'self' https://fonts.googleapis.com ${process.env.NEXT_PUBLIC_SUPABASE_URL} https://api.june.so http://localhost:3001/;
|
||||||
|
connect-src 'self' ${process.env.NEXT_PUBLIC_SUPABASE_URL} ${process.env.NEXT_PUBLIC_BACKEND_URL} https://api.june.so;
|
||||||
|
img-src 'self' data:;
|
||||||
|
script-src 'unsafe-inline' 'unsafe-eval' https://va.vercel-scripts.com/ http://localhost:3001/;
|
||||||
|
frame-ancestors 'none';
|
||||||
|
style-src 'unsafe-inline' http://localhost:3001/;
|
||||||
|
`;
|
||||||
|
|
||||||
|
// Define headers
|
||||||
|
const securityHeaders = [
|
||||||
|
{
|
||||||
|
key: "Content-Security-Policy",
|
||||||
|
value: ContentSecurityPolicy.replace(/\n/g, ""),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
key: "Referrer-Policy",
|
||||||
|
value: "origin-when-cross-origin",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
key: "X-Frame-Options",
|
||||||
|
value: "SAMEORIGIN",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
key: "X-Content-Type-Options",
|
||||||
|
value: "nosniff",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
key: "X-DNS-Prefetch-Control",
|
||||||
|
value: "on",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
key: "Permissions-Policy",
|
||||||
|
value: "camera=(), microphone=(), geolocation=(), interest-cohort=()",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
key: "Strict-Transport-Security",
|
||||||
|
value: "max-age=31536000",
|
||||||
|
},
|
||||||
|
];
|
||||||
|
//AJouter le content security policy uniquement en pre-vew et en prod
|
||||||
|
|
||||||
// Check if the SENTRY_DSN environment variable is defined
|
// Check if the SENTRY_DSN environment variable is defined
|
||||||
if (process.env.SENTRY_DSN) {
|
if (process.env.SENTRY_DSN) {
|
||||||
@ -6,38 +58,38 @@ if (process.env.SENTRY_DSN) {
|
|||||||
const { withSentryConfig } = require("@sentry/nextjs");
|
const { withSentryConfig } = require("@sentry/nextjs");
|
||||||
|
|
||||||
module.exports = withSentryConfig(
|
module.exports = withSentryConfig(
|
||||||
nextConfig,
|
nextConfig,
|
||||||
{
|
{
|
||||||
// For all available options, see:
|
// For all available options, see:
|
||||||
// https://github.com/getsentry/sentry-webpack-plugin#options
|
// https://github.com/getsentry/sentry-webpack-plugin#options
|
||||||
|
|
||||||
// Suppresses source map uploading logs during build
|
// Suppresses source map uploading logs during build
|
||||||
silent: true,
|
silent: true,
|
||||||
|
|
||||||
org: "quivr-0f",
|
org: "quivr-0f",
|
||||||
project: "javascript-nextjs",
|
project: "javascript-nextjs",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
// For all available options, see:
|
// For all available options, see:
|
||||||
// https://docs.sentry.io/platforms/javascript/guides/nextjs/manual-setup/
|
// https://docs.sentry.io/platforms/javascript/guides/nextjs/manual-setup/
|
||||||
|
|
||||||
// Upload a larger set of source maps for prettier stack traces (increases build time)
|
// Upload a larger set of source maps for prettier stack traces (increases build time)
|
||||||
widenClientFileUpload: true,
|
widenClientFileUpload: true,
|
||||||
|
|
||||||
// Transpiles SDK to be compatible with IE11 (increases bundle size)
|
// Transpiles SDK to be compatible with IE11 (increases bundle size)
|
||||||
transpileClientSDK: true,
|
transpileClientSDK: true,
|
||||||
|
|
||||||
// Routes browser requests to Sentry through a Next.js rewrite to circumvent ad-blockers (increases server load)
|
// Routes browser requests to Sentry through a Next.js rewrite to circumvent ad-blockers (increases server load)
|
||||||
tunnelRoute: "/monitoring",
|
tunnelRoute: "/monitoring",
|
||||||
|
|
||||||
// Hides source maps from generated client bundles
|
// Hides source maps from generated client bundles
|
||||||
hideSourceMaps: true,
|
hideSourceMaps: true,
|
||||||
|
|
||||||
// Automatically tree-shake Sentry logger statements to reduce bundle size
|
// Automatically tree-shake Sentry logger statements to reduce bundle size
|
||||||
disableLogger: true,
|
disableLogger: true,
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
} else {
|
} else {
|
||||||
// SENTRY_DSN does not exist, export nextConfig without Sentry
|
// SENTRY_DSN does not exist, export nextConfig without Sentry
|
||||||
module.exports = nextConfig;
|
module.exports = nextConfig;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user