Skip to content

F
frontend
Commit ef6d12de authored by tom's avatar tom
Browse files
Options

csp improvements

parent 50e40510
Hide whitespace changes
Inline Side-by-side
Showing with 19 additions and 2 deletions
lib/csp/getCspPolicy.ts
View file @ ef6d12de
...@@ -12,7 +12,11 @@ const KEY_WORDS = { ...@@ -12,7 +12,11 @@ const KEY_WORDS = {
UNSAFE_EVAL: '\'unsafe-eval\'', UNSAFE_EVAL: '\'unsafe-eval\'',
}; };
const MAIN_DOMAINS = [ `*.${ appConfig.host }`, appConfig.host ]; const MAIN_DOMAINS = [
`*.${ appConfig.host }`,
appConfig.host,
appConfig.visualizeApi.endpoint,
].filter(Boolean);
// eslint-disable-next-line no-restricted-properties // eslint-disable-next-line no-restricted-properties
const REPORT_URI = process.env.SENTRY_CSP_REPORT_URI; const REPORT_URI = process.env.SENTRY_CSP_REPORT_URI;
...@@ -49,7 +53,9 @@ function makePolicyMap() { ...@@ -49,7 +53,9 @@ function makePolicyMap() {
return { return {
'default-src': [ 'default-src': [
KEY_WORDS.NONE, // KEY_WORDS.NONE,
// temporarily, see if warnings for "/_next/static/chunks/8861-ad3efb7f624b7bc1.js" go away
...MAIN_DOMAINS,
], ],
'connect-src': [ 'connect-src': [
...@@ -78,6 +84,9 @@ function makePolicyMap() { ...@@ -78,6 +84,9 @@ function makePolicyMap() {
'wss://*.bridge.walletconnect.org', 'wss://*.bridge.walletconnect.org',
'wss://www.walletlink.org', 'wss://www.walletlink.org',
// RPC providers
'https://infragrid.v.network',
// github (spec for api-docs page) // github (spec for api-docs page)
'raw.githubusercontent.com', 'raw.githubusercontent.com',
], ],
...@@ -103,6 +112,7 @@ function makePolicyMap() { ...@@ -103,6 +112,7 @@ function makePolicyMap() {
// reCAPTCHA from google // reCAPTCHA from google
'https://www.google.com/recaptcha/api.js', 'https://www.google.com/recaptcha/api.js',
'https://www.gstatic.com', 'https://www.gstatic.com',
'https://translate.google.com',
'\'sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM=\'', '\'sha256-FDyPg8CqqIpPAfGVKx1YeKduyLs0ghNYWII21wL+7HM=\'',
], ],
...@@ -113,6 +123,9 @@ function makePolicyMap() { ...@@ -113,6 +123,9 @@ function makePolicyMap() {
// google fonts // google fonts
'fonts.googleapis.com', 'fonts.googleapis.com',
// reCAPTCHA from google
'https://www.gstatic.com',
// yes, it is unsafe as it stands, but // yes, it is unsafe as it stands, but
// - we cannot use hashes because all styles are generated dynamically // - we cannot use hashes because all styles are generated dynamically
// - we cannot use nonces since we are not following along SSR path // - we cannot use nonces since we are not following along SSR path
...@@ -151,6 +164,10 @@ function makePolicyMap() { ...@@ -151,6 +164,10 @@ function makePolicyMap() {
// token's media // token's media
'ipfs.io', 'ipfs.io',
// reCAPTCHA from google
'https://translate.google.com',
'https://www.gstatic.com',
], ],
'font-src': [ 'font-src': [
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment