@commercetools-frontend/mc-html-template 22.30.3 → 22.32.0

package/dist/commercetools-frontend-mc-html-template.cjs.dev.js

@@ -55,7 +55,7 @@ function createAssetHash(content) {
    *   CSP headers sent.
    *   For more information head to: developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src#Sources
    */
-  return "sha256-".concat(sha256Hash);
+  return `sha256-${sha256Hash}`;
 }
 
 const sanitizeAppEnvironment = env => serialize__default["default"](env, {
@@ -63,7 +63,7 @@ const sanitizeAppEnvironment = env => serialize__default["default"](env, {
 });
 
 function ownKeys(e, r) { var t = _Object$keys__default["default"](e); if (_Object$getOwnPropertySymbols__default["default"]) { var o = _Object$getOwnPropertySymbols__default["default"](e); r && (o = _filterInstanceProperty__default["default"](o).call(o, function (r) { return _Object$getOwnPropertyDescriptor__default["default"](e, r).enumerable; })), t.push.apply(t, o); } return t; }
-function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var _context9, _context10; var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? _forEachInstanceProperty__default["default"](_context9 = ownKeys(Object(t), !0)).call(_context9, function (r) { _defineProperty(e, r, t[r]); }) : _Object$getOwnPropertyDescriptors__default["default"] ? _Object$defineProperties__default["default"](e, _Object$getOwnPropertyDescriptors__default["default"](t)) : _forEachInstanceProperty__default["default"](_context10 = ownKeys(Object(t))).call(_context10, function (r) { _Object$defineProperty__default["default"](e, r, _Object$getOwnPropertyDescriptor__default["default"](t, r)); }); } return e; }
+function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var _context7, _context8; var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? _forEachInstanceProperty__default["default"](_context7 = ownKeys(Object(t), !0)).call(_context7, function (r) { _defineProperty(e, r, t[r]); }) : _Object$getOwnPropertyDescriptors__default["default"] ? _Object$defineProperties__default["default"](e, _Object$getOwnPropertyDescriptors__default["default"](t)) : _forEachInstanceProperty__default["default"](_context8 = ownKeys(Object(t))).call(_context8, function (r) { _Object$defineProperty__default["default"](e, r, _Object$getOwnPropertyDescriptor__default["default"](t, r)); }); } return e; }
 // https://babeljs.io/blog/2017/09/11/zero-config-with-babel-macros
 const htmlScripts$1 = {
   "loadingScreen": "window.onAppLoaded=function(){var e=document.querySelector(\"#app-loader\");e&&e.parentNode.removeChild(e)},setTimeout(function(){var e=document.querySelector(\".loading-screen\");e&&e.classList.remove(\"loading-screen--hidden\")},250),setTimeout(function(){var e=document.querySelector(\".long-loading-notice\");e&&e.classList.remove(\"long-loading-notice--hidden\")},2e3);",
@@ -85,31 +85,29 @@ const toHeaderString = function () {
   var _context2;
   let directives = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
   return _mapInstanceProperty__default["default"](_context2 = _Object$entries__default["default"](directives)).call(_context2, _ref => {
-    var _context3;
     let _ref2 = _slicedToArray(_ref, 2),
       directive = _ref2[0],
       value = _ref2[1];
-    return _concatInstanceProperty__default["default"](_context3 = "".concat(directive, " ")).call(_context3, _Array$isArray__default["default"](value) ? value.join(' ') : value);
+    return `${directive} ${_Array$isArray__default["default"](value) ? value.join(' ') : value}`;
   }).join('; ');
 };
 const toStructuredHeaderString = function () {
-  var _context4;
+  var _context3;
   let directives = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-  return _mapInstanceProperty__default["default"](_context4 = _Object$entries__default["default"](directives)).call(_context4, _ref3 => {
-    var _context5;
+  return _mapInstanceProperty__default["default"](_context3 = _Object$entries__default["default"](directives)).call(_context3, _ref3 => {
     let _ref4 = _slicedToArray(_ref3, 2),
       directive = _ref4[0],
       value = _ref4[1];
-    return _concatInstanceProperty__default["default"](_context5 = "".concat(directive, "=")).call(_context5, _Array$isArray__default["default"](value) ? value.join(' ') : value);
+    return `${directive}=${_Array$isArray__default["default"](value) ? value.join(' ') : value}`;
   }).join(', ');
 };
 const processHeaders = applicationConfig => {
-  var _context6, _context7, _context8, _applicationConfig$he, _applicationConfig$he2, _applicationConfig$he3, _applicationConfig$he4;
+  var _context4, _context5, _context6;
   const isMcDevEnv = applicationConfig.env.env === 'development';
 
   // List hashes for injected inline scripts.
   // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src
-  const htmlScriptsHashes = [createAssetHash(htmlScripts$1.loadingScreen), createAssetHash("window.app = ".concat(sanitizeAppEnvironment(applicationConfig.env), ";")), createAssetHash(htmlScripts$1.publicPath)];
+  const htmlScriptsHashes = [createAssetHash(htmlScripts$1.loadingScreen), createAssetHash(`window.app = ${sanitizeAppEnvironment(applicationConfig.env)};`), createAssetHash(htmlScripts$1.publicPath)];
 
   // // List hashes for injected inline styles.
   // // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src
@@ -121,15 +119,15 @@ const processHeaders = applicationConfig => {
    */
   const cspDirectives = _Object$assign__default["default"]({
     'default-src': "'none'",
-    'script-src': _concatInstanceProperty__default["default"](_context6 = ["'self'"]).call(_context6, isMcDevEnv ?
+    'script-src': _concatInstanceProperty__default["default"](_context4 = ["'self'"]).call(_context4, isMcDevEnv ?
     // Allow webpack to load source maps on runtime when errors occur
     // using script tags
-    ['localhost:*', "'unsafe-inline'"] : _mapInstanceProperty__default["default"](htmlScriptsHashes).call(htmlScriptsHashes, assetHash => "'".concat(assetHash, "'"))),
-    'connect-src': _concatInstanceProperty__default["default"](_context7 = ["'self'", 'app.launchdarkly.com', 'clientstream.launchdarkly.com', 'events.launchdarkly.com', 'app.getsentry.com',
+    ['localhost:*', "'unsafe-inline'"] : _mapInstanceProperty__default["default"](htmlScriptsHashes).call(htmlScriptsHashes, assetHash => `'${assetHash}'`)),
+    'connect-src': _concatInstanceProperty__default["default"](_context5 = ["'self'", 'app.launchdarkly.com', 'clientstream.launchdarkly.com', 'events.launchdarkly.com', 'app.getsentry.com',
     // Match all attempts to load from any subdomain of `sentry.io`
-    '*.sentry.io']).call(_context7, isMcDevEnv ? ['ws:', 'localhost:8080', 'webpack-internal:'] : []),
+    '*.sentry.io']).call(_context5, isMcDevEnv ? ['ws:', 'localhost:8080', 'webpack-internal:'] : []),
     'img-src': ['*', 'data:'],
-    'style-src': _concatInstanceProperty__default["default"](_context8 = ["'self'", 'fonts.googleapis.com', 'data:']).call(_context8,
+    'style-src': _concatInstanceProperty__default["default"](_context6 = ["'self'", 'fonts.googleapis.com', 'data:']).call(_context6,
     // TODO: investigate what needs to be done to avoid unsafe-inline styles
     // https://github.com/commercetools/merchant-center-frontend/pull/5223#discussion_r210367636
     ["'unsafe-inline'"]
@@ -155,14 +153,14 @@ const processHeaders = applicationConfig => {
   );
 
   // Recursively merge the directives
-  const mergedCsp = mergeCspDirectives(cspDirectives, (_applicationConfig$he = (_applicationConfig$he2 = applicationConfig.headers) === null || _applicationConfig$he2 === void 0 ? void 0 : _applicationConfig$he2.csp) !== null && _applicationConfig$he !== void 0 ? _applicationConfig$he : {});
+  const mergedCsp = mergeCspDirectives(cspDirectives, applicationConfig.headers?.csp ?? {});
   return _objectSpread(_objectSpread(_objectSpread({}, constants.HTTP_SECURITY_HEADERS), {}, {
     // The `Content-Security-Policy` header is always generated
     // based on the Merchant Center customization config.
     'Content-Security-Policy': toHeaderString(mergedCsp)
-  }, ((_applicationConfig$he3 = applicationConfig.headers) === null || _applicationConfig$he3 === void 0 ? void 0 : _applicationConfig$he3.strictTransportSecurity) && {
+  }, applicationConfig.headers?.strictTransportSecurity && {
     'Strict-Transport-Security': [constants.HTTP_SECURITY_HEADERS['Strict-Transport-Security'], ...applicationConfig.headers.strictTransportSecurity].join('; ')
-  }), ((_applicationConfig$he4 = applicationConfig.headers) === null || _applicationConfig$he4 === void 0 ? void 0 : _applicationConfig$he4.permissionsPolicies) && {
+  }), applicationConfig.headers?.permissionsPolicies && {
     'Permissions-Policy': toStructuredHeaderString(applicationConfig.headers.permissionsPolicies)
   });
 };
@@ -176,11 +174,9 @@ const htmlStyles = {
   "loadingScreen": ".loading-screen{display:flex;flex-direction:column;align-items:center;justify-content:center;height:100vh;width:100vw}.loading-screen--hidden{display:none}.loading-screen>*+*{margin:24px 0 0}.loading-spinner{width:32px;height:32px}.long-loading-notice{color:#999;font-family:'Open Sans',sans-serif;font-size:12px}.long-loading-notice--hidden{visibility:hidden}.loading-spinner-circle{fill:#213c45;opacity:.2}@keyframes loading-spinner-animation{0%{transform:rotate(0)}100%{transform:rotate(360deg)}}.loading-spinner-pointer{transform-origin:20px 20px 0;animation:loading-spinner-animation .5s infinite linear}"
 };
 const trimTrailingSlash = value => value.replace(/\/$/, '');
-const replaceHtmlPlaceholders = (indexHtmlContent, options) => {
-  var _options$headers$Cont, _options$headers;
-  return indexHtmlContent.replace(new RegExp('__CSP__', 'g'), (_options$headers$Cont = (_options$headers = options.headers) === null || _options$headers === void 0 ? void 0 : _options$headers['Content-Security-Policy']) !== null && _options$headers$Cont !== void 0 ? _options$headers$Cont : '').replace(new RegExp('__CDN_URL__', 'g'), options.env.cdnUrl ? // Ensure there is a trailing slash
-  "".concat(trimTrailingSlash(options.env.cdnUrl), "/") : '').replace(new RegExp('__MC_API_URL__', 'g'), trimTrailingSlash(options.env.mcApiUrl)).replace(new RegExp('__APPLICATION_ENVIRONMENT__', 'g'), "<script>window.app = ".concat(sanitizeAppEnvironment(options.env), ";</script>")).replace(new RegExp('__LOADING_SCREEN_JS__', 'g'), "<script>".concat(htmlScripts.loadingScreen, "</script>")).replace(new RegExp('__LOADING_SCREEN_CSS__', 'g'), "<style>".concat(htmlStyles.loadingScreen, "</style>"));
-};
+const replaceHtmlPlaceholders = (indexHtmlContent, options) => indexHtmlContent.replace(new RegExp('__CSP__', 'g'), options.headers?.['Content-Security-Policy'] ?? '').replace(new RegExp('__CDN_URL__', 'g'), options.env.cdnUrl ?
+// Ensure there is a trailing slash
+`${trimTrailingSlash(options.env.cdnUrl)}/` : '').replace(new RegExp('__MC_API_URL__', 'g'), trimTrailingSlash(options.env.mcApiUrl)).replace(new RegExp('__APPLICATION_ENVIRONMENT__', 'g'), `<script>window.app = ${sanitizeAppEnvironment(options.env)};</script>`).replace(new RegExp('__LOADING_SCREEN_JS__', 'g'), `<script>${htmlScripts.loadingScreen}</script>`).replace(new RegExp('__LOADING_SCREEN_CSS__', 'g'), `<style>${htmlStyles.loadingScreen}</style>`);
 
 async function compileHtml(indexHtmlTemplatePath) {
   const applicationConfig$1 = applicationConfig.processConfig();

package/dist/commercetools-frontend-mc-html-template.cjs.prod.js

@@ -55,7 +55,7 @@ function createAssetHash(content) {
    *   CSP headers sent.
    *   For more information head to: developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src#Sources
    */
-  return "sha256-".concat(sha256Hash);
+  return `sha256-${sha256Hash}`;
 }
 
 const sanitizeAppEnvironment = env => serialize__default["default"](env, {
@@ -63,7 +63,7 @@ const sanitizeAppEnvironment = env => serialize__default["default"](env, {
 });
 
 function ownKeys(e, r) { var t = _Object$keys__default["default"](e); if (_Object$getOwnPropertySymbols__default["default"]) { var o = _Object$getOwnPropertySymbols__default["default"](e); r && (o = _filterInstanceProperty__default["default"](o).call(o, function (r) { return _Object$getOwnPropertyDescriptor__default["default"](e, r).enumerable; })), t.push.apply(t, o); } return t; }
-function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var _context9, _context10; var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? _forEachInstanceProperty__default["default"](_context9 = ownKeys(Object(t), !0)).call(_context9, function (r) { _defineProperty(e, r, t[r]); }) : _Object$getOwnPropertyDescriptors__default["default"] ? _Object$defineProperties__default["default"](e, _Object$getOwnPropertyDescriptors__default["default"](t)) : _forEachInstanceProperty__default["default"](_context10 = ownKeys(Object(t))).call(_context10, function (r) { _Object$defineProperty__default["default"](e, r, _Object$getOwnPropertyDescriptor__default["default"](t, r)); }); } return e; }
+function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var _context7, _context8; var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? _forEachInstanceProperty__default["default"](_context7 = ownKeys(Object(t), !0)).call(_context7, function (r) { _defineProperty(e, r, t[r]); }) : _Object$getOwnPropertyDescriptors__default["default"] ? _Object$defineProperties__default["default"](e, _Object$getOwnPropertyDescriptors__default["default"](t)) : _forEachInstanceProperty__default["default"](_context8 = ownKeys(Object(t))).call(_context8, function (r) { _Object$defineProperty__default["default"](e, r, _Object$getOwnPropertyDescriptor__default["default"](t, r)); }); } return e; }
 // https://babeljs.io/blog/2017/09/11/zero-config-with-babel-macros
 const htmlScripts$1 = {
   "loadingScreen": "window.onAppLoaded=function(){var e=document.querySelector(\"#app-loader\");e&&e.parentNode.removeChild(e)},setTimeout(function(){var e=document.querySelector(\".loading-screen\");e&&e.classList.remove(\"loading-screen--hidden\")},250),setTimeout(function(){var e=document.querySelector(\".long-loading-notice\");e&&e.classList.remove(\"long-loading-notice--hidden\")},2e3);",
@@ -85,31 +85,29 @@ const toHeaderString = function () {
   var _context2;
   let directives = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
   return _mapInstanceProperty__default["default"](_context2 = _Object$entries__default["default"](directives)).call(_context2, _ref => {
-    var _context3;
     let _ref2 = _slicedToArray(_ref, 2),
       directive = _ref2[0],
       value = _ref2[1];
-    return _concatInstanceProperty__default["default"](_context3 = "".concat(directive, " ")).call(_context3, _Array$isArray__default["default"](value) ? value.join(' ') : value);
+    return `${directive} ${_Array$isArray__default["default"](value) ? value.join(' ') : value}`;
   }).join('; ');
 };
 const toStructuredHeaderString = function () {
-  var _context4;
+  var _context3;
   let directives = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-  return _mapInstanceProperty__default["default"](_context4 = _Object$entries__default["default"](directives)).call(_context4, _ref3 => {
-    var _context5;
+  return _mapInstanceProperty__default["default"](_context3 = _Object$entries__default["default"](directives)).call(_context3, _ref3 => {
     let _ref4 = _slicedToArray(_ref3, 2),
       directive = _ref4[0],
       value = _ref4[1];
-    return _concatInstanceProperty__default["default"](_context5 = "".concat(directive, "=")).call(_context5, _Array$isArray__default["default"](value) ? value.join(' ') : value);
+    return `${directive}=${_Array$isArray__default["default"](value) ? value.join(' ') : value}`;
   }).join(', ');
 };
 const processHeaders = applicationConfig => {
-  var _context6, _context7, _context8, _applicationConfig$he, _applicationConfig$he2, _applicationConfig$he3, _applicationConfig$he4;
+  var _context4, _context5, _context6;
   const isMcDevEnv = applicationConfig.env.env === 'development';
 
   // List hashes for injected inline scripts.
   // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src
-  const htmlScriptsHashes = [createAssetHash(htmlScripts$1.loadingScreen), createAssetHash("window.app = ".concat(sanitizeAppEnvironment(applicationConfig.env), ";")), createAssetHash(htmlScripts$1.publicPath)];
+  const htmlScriptsHashes = [createAssetHash(htmlScripts$1.loadingScreen), createAssetHash(`window.app = ${sanitizeAppEnvironment(applicationConfig.env)};`), createAssetHash(htmlScripts$1.publicPath)];
 
   // // List hashes for injected inline styles.
   // // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src
@@ -121,15 +119,15 @@ const processHeaders = applicationConfig => {
    */
   const cspDirectives = _Object$assign__default["default"]({
     'default-src': "'none'",
-    'script-src': _concatInstanceProperty__default["default"](_context6 = ["'self'"]).call(_context6, isMcDevEnv ?
+    'script-src': _concatInstanceProperty__default["default"](_context4 = ["'self'"]).call(_context4, isMcDevEnv ?
     // Allow webpack to load source maps on runtime when errors occur
     // using script tags
-    ['localhost:*', "'unsafe-inline'"] : _mapInstanceProperty__default["default"](htmlScriptsHashes).call(htmlScriptsHashes, assetHash => "'".concat(assetHash, "'"))),
-    'connect-src': _concatInstanceProperty__default["default"](_context7 = ["'self'", 'app.launchdarkly.com', 'clientstream.launchdarkly.com', 'events.launchdarkly.com', 'app.getsentry.com',
+    ['localhost:*', "'unsafe-inline'"] : _mapInstanceProperty__default["default"](htmlScriptsHashes).call(htmlScriptsHashes, assetHash => `'${assetHash}'`)),
+    'connect-src': _concatInstanceProperty__default["default"](_context5 = ["'self'", 'app.launchdarkly.com', 'clientstream.launchdarkly.com', 'events.launchdarkly.com', 'app.getsentry.com',
     // Match all attempts to load from any subdomain of `sentry.io`
-    '*.sentry.io']).call(_context7, isMcDevEnv ? ['ws:', 'localhost:8080', 'webpack-internal:'] : []),
+    '*.sentry.io']).call(_context5, isMcDevEnv ? ['ws:', 'localhost:8080', 'webpack-internal:'] : []),
     'img-src': ['*', 'data:'],
-    'style-src': _concatInstanceProperty__default["default"](_context8 = ["'self'", 'fonts.googleapis.com', 'data:']).call(_context8,
+    'style-src': _concatInstanceProperty__default["default"](_context6 = ["'self'", 'fonts.googleapis.com', 'data:']).call(_context6,
     // TODO: investigate what needs to be done to avoid unsafe-inline styles
     // https://github.com/commercetools/merchant-center-frontend/pull/5223#discussion_r210367636
     ["'unsafe-inline'"]
@@ -155,14 +153,14 @@ const processHeaders = applicationConfig => {
   );
 
   // Recursively merge the directives
-  const mergedCsp = mergeCspDirectives(cspDirectives, (_applicationConfig$he = (_applicationConfig$he2 = applicationConfig.headers) === null || _applicationConfig$he2 === void 0 ? void 0 : _applicationConfig$he2.csp) !== null && _applicationConfig$he !== void 0 ? _applicationConfig$he : {});
+  const mergedCsp = mergeCspDirectives(cspDirectives, applicationConfig.headers?.csp ?? {});
   return _objectSpread(_objectSpread(_objectSpread({}, constants.HTTP_SECURITY_HEADERS), {}, {
     // The `Content-Security-Policy` header is always generated
     // based on the Merchant Center customization config.
     'Content-Security-Policy': toHeaderString(mergedCsp)
-  }, ((_applicationConfig$he3 = applicationConfig.headers) === null || _applicationConfig$he3 === void 0 ? void 0 : _applicationConfig$he3.strictTransportSecurity) && {
+  }, applicationConfig.headers?.strictTransportSecurity && {
     'Strict-Transport-Security': [constants.HTTP_SECURITY_HEADERS['Strict-Transport-Security'], ...applicationConfig.headers.strictTransportSecurity].join('; ')
-  }), ((_applicationConfig$he4 = applicationConfig.headers) === null || _applicationConfig$he4 === void 0 ? void 0 : _applicationConfig$he4.permissionsPolicies) && {
+  }), applicationConfig.headers?.permissionsPolicies && {
     'Permissions-Policy': toStructuredHeaderString(applicationConfig.headers.permissionsPolicies)
   });
 };
@@ -176,11 +174,9 @@ const htmlStyles = {
   "loadingScreen": ".loading-screen{display:flex;flex-direction:column;align-items:center;justify-content:center;height:100vh;width:100vw}.loading-screen--hidden{display:none}.loading-screen>*+*{margin:24px 0 0}.loading-spinner{width:32px;height:32px}.long-loading-notice{color:#999;font-family:'Open Sans',sans-serif;font-size:12px}.long-loading-notice--hidden{visibility:hidden}.loading-spinner-circle{fill:#213c45;opacity:.2}@keyframes loading-spinner-animation{0%{transform:rotate(0)}100%{transform:rotate(360deg)}}.loading-spinner-pointer{transform-origin:20px 20px 0;animation:loading-spinner-animation .5s infinite linear}"
 };
 const trimTrailingSlash = value => value.replace(/\/$/, '');
-const replaceHtmlPlaceholders = (indexHtmlContent, options) => {
-  var _options$headers$Cont, _options$headers;
-  return indexHtmlContent.replace(new RegExp('__CSP__', 'g'), (_options$headers$Cont = (_options$headers = options.headers) === null || _options$headers === void 0 ? void 0 : _options$headers['Content-Security-Policy']) !== null && _options$headers$Cont !== void 0 ? _options$headers$Cont : '').replace(new RegExp('__CDN_URL__', 'g'), options.env.cdnUrl ? // Ensure there is a trailing slash
-  "".concat(trimTrailingSlash(options.env.cdnUrl), "/") : '').replace(new RegExp('__MC_API_URL__', 'g'), trimTrailingSlash(options.env.mcApiUrl)).replace(new RegExp('__APPLICATION_ENVIRONMENT__', 'g'), "<script>window.app = ".concat(sanitizeAppEnvironment(options.env), ";</script>")).replace(new RegExp('__LOADING_SCREEN_JS__', 'g'), "<script>".concat(htmlScripts.loadingScreen, "</script>")).replace(new RegExp('__LOADING_SCREEN_CSS__', 'g'), "<style>".concat(htmlStyles.loadingScreen, "</style>"));
-};
+const replaceHtmlPlaceholders = (indexHtmlContent, options) => indexHtmlContent.replace(new RegExp('__CSP__', 'g'), options.headers?.['Content-Security-Policy'] ?? '').replace(new RegExp('__CDN_URL__', 'g'), options.env.cdnUrl ?
+// Ensure there is a trailing slash
+`${trimTrailingSlash(options.env.cdnUrl)}/` : '').replace(new RegExp('__MC_API_URL__', 'g'), trimTrailingSlash(options.env.mcApiUrl)).replace(new RegExp('__APPLICATION_ENVIRONMENT__', 'g'), `<script>window.app = ${sanitizeAppEnvironment(options.env)};</script>`).replace(new RegExp('__LOADING_SCREEN_JS__', 'g'), `<script>${htmlScripts.loadingScreen}</script>`).replace(new RegExp('__LOADING_SCREEN_CSS__', 'g'), `<style>${htmlStyles.loadingScreen}</style>`);
 
 async function compileHtml(indexHtmlTemplatePath) {
   const applicationConfig$1 = applicationConfig.processConfig();

package/dist/commercetools-frontend-mc-html-template.esm.js

@@ -31,7 +31,7 @@ function createAssetHash(content) {
    *   CSP headers sent.
    *   For more information head to: developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src#Sources
    */
-  return "sha256-".concat(sha256Hash);
+  return `sha256-${sha256Hash}`;
 }
 
 const sanitizeAppEnvironment = env => serialize(env, {
@@ -39,7 +39,7 @@ const sanitizeAppEnvironment = env => serialize(env, {
 });
 
 function ownKeys(e, r) { var t = _Object$keys(e); if (_Object$getOwnPropertySymbols) { var o = _Object$getOwnPropertySymbols(e); r && (o = _filterInstanceProperty(o).call(o, function (r) { return _Object$getOwnPropertyDescriptor(e, r).enumerable; })), t.push.apply(t, o); } return t; }
-function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var _context9, _context10; var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? _forEachInstanceProperty(_context9 = ownKeys(Object(t), !0)).call(_context9, function (r) { _defineProperty(e, r, t[r]); }) : _Object$getOwnPropertyDescriptors ? _Object$defineProperties(e, _Object$getOwnPropertyDescriptors(t)) : _forEachInstanceProperty(_context10 = ownKeys(Object(t))).call(_context10, function (r) { _Object$defineProperty(e, r, _Object$getOwnPropertyDescriptor(t, r)); }); } return e; }
+function _objectSpread(e) { for (var r = 1; r < arguments.length; r++) { var _context7, _context8; var t = null != arguments[r] ? arguments[r] : {}; r % 2 ? _forEachInstanceProperty(_context7 = ownKeys(Object(t), !0)).call(_context7, function (r) { _defineProperty(e, r, t[r]); }) : _Object$getOwnPropertyDescriptors ? _Object$defineProperties(e, _Object$getOwnPropertyDescriptors(t)) : _forEachInstanceProperty(_context8 = ownKeys(Object(t))).call(_context8, function (r) { _Object$defineProperty(e, r, _Object$getOwnPropertyDescriptor(t, r)); }); } return e; }
 // https://babeljs.io/blog/2017/09/11/zero-config-with-babel-macros
 const htmlScripts$1 = {
   "loadingScreen": "window.onAppLoaded=function(){var e=document.querySelector(\"#app-loader\");e&&e.parentNode.removeChild(e)},setTimeout(function(){var e=document.querySelector(\".loading-screen\");e&&e.classList.remove(\"loading-screen--hidden\")},250),setTimeout(function(){var e=document.querySelector(\".long-loading-notice\");e&&e.classList.remove(\"long-loading-notice--hidden\")},2e3);",
@@ -61,31 +61,29 @@ const toHeaderString = function () {
   var _context2;
   let directives = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
   return _mapInstanceProperty(_context2 = _Object$entries(directives)).call(_context2, _ref => {
-    var _context3;
     let _ref2 = _slicedToArray(_ref, 2),
       directive = _ref2[0],
       value = _ref2[1];
-    return _concatInstanceProperty(_context3 = "".concat(directive, " ")).call(_context3, _Array$isArray(value) ? value.join(' ') : value);
+    return `${directive} ${_Array$isArray(value) ? value.join(' ') : value}`;
   }).join('; ');
 };
 const toStructuredHeaderString = function () {
-  var _context4;
+  var _context3;
   let directives = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-  return _mapInstanceProperty(_context4 = _Object$entries(directives)).call(_context4, _ref3 => {
-    var _context5;
+  return _mapInstanceProperty(_context3 = _Object$entries(directives)).call(_context3, _ref3 => {
     let _ref4 = _slicedToArray(_ref3, 2),
       directive = _ref4[0],
       value = _ref4[1];
-    return _concatInstanceProperty(_context5 = "".concat(directive, "=")).call(_context5, _Array$isArray(value) ? value.join(' ') : value);
+    return `${directive}=${_Array$isArray(value) ? value.join(' ') : value}`;
   }).join(', ');
 };
 const processHeaders = applicationConfig => {
-  var _context6, _context7, _context8, _applicationConfig$he, _applicationConfig$he2, _applicationConfig$he3, _applicationConfig$he4;
+  var _context4, _context5, _context6;
   const isMcDevEnv = applicationConfig.env.env === 'development';
 
   // List hashes for injected inline scripts.
   // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src
-  const htmlScriptsHashes = [createAssetHash(htmlScripts$1.loadingScreen), createAssetHash("window.app = ".concat(sanitizeAppEnvironment(applicationConfig.env), ";")), createAssetHash(htmlScripts$1.publicPath)];
+  const htmlScriptsHashes = [createAssetHash(htmlScripts$1.loadingScreen), createAssetHash(`window.app = ${sanitizeAppEnvironment(applicationConfig.env)};`), createAssetHash(htmlScripts$1.publicPath)];
 
   // // List hashes for injected inline styles.
   // // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/style-src
@@ -97,15 +95,15 @@ const processHeaders = applicationConfig => {
    */
   const cspDirectives = _Object$assign({
     'default-src': "'none'",
-    'script-src': _concatInstanceProperty(_context6 = ["'self'"]).call(_context6, isMcDevEnv ?
+    'script-src': _concatInstanceProperty(_context4 = ["'self'"]).call(_context4, isMcDevEnv ?
     // Allow webpack to load source maps on runtime when errors occur
     // using script tags
-    ['localhost:*', "'unsafe-inline'"] : _mapInstanceProperty(htmlScriptsHashes).call(htmlScriptsHashes, assetHash => "'".concat(assetHash, "'"))),
-    'connect-src': _concatInstanceProperty(_context7 = ["'self'", 'app.launchdarkly.com', 'clientstream.launchdarkly.com', 'events.launchdarkly.com', 'app.getsentry.com',
+    ['localhost:*', "'unsafe-inline'"] : _mapInstanceProperty(htmlScriptsHashes).call(htmlScriptsHashes, assetHash => `'${assetHash}'`)),
+    'connect-src': _concatInstanceProperty(_context5 = ["'self'", 'app.launchdarkly.com', 'clientstream.launchdarkly.com', 'events.launchdarkly.com', 'app.getsentry.com',
     // Match all attempts to load from any subdomain of `sentry.io`
-    '*.sentry.io']).call(_context7, isMcDevEnv ? ['ws:', 'localhost:8080', 'webpack-internal:'] : []),
+    '*.sentry.io']).call(_context5, isMcDevEnv ? ['ws:', 'localhost:8080', 'webpack-internal:'] : []),
     'img-src': ['*', 'data:'],
-    'style-src': _concatInstanceProperty(_context8 = ["'self'", 'fonts.googleapis.com', 'data:']).call(_context8,
+    'style-src': _concatInstanceProperty(_context6 = ["'self'", 'fonts.googleapis.com', 'data:']).call(_context6,
     // TODO: investigate what needs to be done to avoid unsafe-inline styles
     // https://github.com/commercetools/merchant-center-frontend/pull/5223#discussion_r210367636
     ["'unsafe-inline'"]
@@ -131,14 +129,14 @@ const processHeaders = applicationConfig => {
   );
 
   // Recursively merge the directives
-  const mergedCsp = mergeCspDirectives(cspDirectives, (_applicationConfig$he = (_applicationConfig$he2 = applicationConfig.headers) === null || _applicationConfig$he2 === void 0 ? void 0 : _applicationConfig$he2.csp) !== null && _applicationConfig$he !== void 0 ? _applicationConfig$he : {});
+  const mergedCsp = mergeCspDirectives(cspDirectives, applicationConfig.headers?.csp ?? {});
   return _objectSpread(_objectSpread(_objectSpread({}, HTTP_SECURITY_HEADERS), {}, {
     // The `Content-Security-Policy` header is always generated
     // based on the Merchant Center customization config.
     'Content-Security-Policy': toHeaderString(mergedCsp)
-  }, ((_applicationConfig$he3 = applicationConfig.headers) === null || _applicationConfig$he3 === void 0 ? void 0 : _applicationConfig$he3.strictTransportSecurity) && {
+  }, applicationConfig.headers?.strictTransportSecurity && {
     'Strict-Transport-Security': [HTTP_SECURITY_HEADERS['Strict-Transport-Security'], ...applicationConfig.headers.strictTransportSecurity].join('; ')
-  }), ((_applicationConfig$he4 = applicationConfig.headers) === null || _applicationConfig$he4 === void 0 ? void 0 : _applicationConfig$he4.permissionsPolicies) && {
+  }), applicationConfig.headers?.permissionsPolicies && {
     'Permissions-Policy': toStructuredHeaderString(applicationConfig.headers.permissionsPolicies)
   });
 };
@@ -152,11 +150,9 @@ const htmlStyles = {
   "loadingScreen": ".loading-screen{display:flex;flex-direction:column;align-items:center;justify-content:center;height:100vh;width:100vw}.loading-screen--hidden{display:none}.loading-screen>*+*{margin:24px 0 0}.loading-spinner{width:32px;height:32px}.long-loading-notice{color:#999;font-family:'Open Sans',sans-serif;font-size:12px}.long-loading-notice--hidden{visibility:hidden}.loading-spinner-circle{fill:#213c45;opacity:.2}@keyframes loading-spinner-animation{0%{transform:rotate(0)}100%{transform:rotate(360deg)}}.loading-spinner-pointer{transform-origin:20px 20px 0;animation:loading-spinner-animation .5s infinite linear}"
 };
 const trimTrailingSlash = value => value.replace(/\/$/, '');
-const replaceHtmlPlaceholders = (indexHtmlContent, options) => {
-  var _options$headers$Cont, _options$headers;
-  return indexHtmlContent.replace(new RegExp('__CSP__', 'g'), (_options$headers$Cont = (_options$headers = options.headers) === null || _options$headers === void 0 ? void 0 : _options$headers['Content-Security-Policy']) !== null && _options$headers$Cont !== void 0 ? _options$headers$Cont : '').replace(new RegExp('__CDN_URL__', 'g'), options.env.cdnUrl ? // Ensure there is a trailing slash
-  "".concat(trimTrailingSlash(options.env.cdnUrl), "/") : '').replace(new RegExp('__MC_API_URL__', 'g'), trimTrailingSlash(options.env.mcApiUrl)).replace(new RegExp('__APPLICATION_ENVIRONMENT__', 'g'), "<script>window.app = ".concat(sanitizeAppEnvironment(options.env), ";</script>")).replace(new RegExp('__LOADING_SCREEN_JS__', 'g'), "<script>".concat(htmlScripts.loadingScreen, "</script>")).replace(new RegExp('__LOADING_SCREEN_CSS__', 'g'), "<style>".concat(htmlStyles.loadingScreen, "</style>"));
-};
+const replaceHtmlPlaceholders = (indexHtmlContent, options) => indexHtmlContent.replace(new RegExp('__CSP__', 'g'), options.headers?.['Content-Security-Policy'] ?? '').replace(new RegExp('__CDN_URL__', 'g'), options.env.cdnUrl ?
+// Ensure there is a trailing slash
+`${trimTrailingSlash(options.env.cdnUrl)}/` : '').replace(new RegExp('__MC_API_URL__', 'g'), trimTrailingSlash(options.env.mcApiUrl)).replace(new RegExp('__APPLICATION_ENVIRONMENT__', 'g'), `<script>window.app = ${sanitizeAppEnvironment(options.env)};</script>`).replace(new RegExp('__LOADING_SCREEN_JS__', 'g'), `<script>${htmlScripts.loadingScreen}</script>`).replace(new RegExp('__LOADING_SCREEN_CSS__', 'g'), `<style>${htmlStyles.loadingScreen}</style>`);
 
 async function compileHtml(indexHtmlTemplatePath) {
   const applicationConfig = processConfig();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@commercetools-frontend/mc-html-template",
-  "version": "22.30.3",
+  "version": "22.32.0",
   "description": "Everything related to render the index.html for a MC application",
   "bugs": "https://github.com/commercetools/merchant-center-application-kit/issues",
   "repository": {
@@ -38,8 +38,8 @@
   "dependencies": {
     "@babel/runtime": "^7.22.15",
     "@babel/runtime-corejs3": "^7.22.15",
-    "@commercetools-frontend/application-config": "22.30.3",
-    "@commercetools-frontend/constants": "22.30.3",
+    "@commercetools-frontend/application-config": "22.32.0",
+    "@commercetools-frontend/constants": "22.32.0",
     "serialize-javascript": "6.0.2",
     "uglify-js": "3.18.0",
     "uglifycss": "0.0.29"

package/webpack-html-template/dist/commercetools-frontend-mc-html-template-webpack-html-template.cjs.dev.js

@@ -31,8 +31,8 @@ function webpackHtmlTemplate(templateParams) {
   // Trim leading slash, the CDN_URL will ensure to have a trailing slash
   // (see `replaceHtmlPlaceholders`)
   fileName.replace(/^\//, ''));
-  const cssImports = _mapInstanceProperty__default["default"](cssChunks).call(cssChunks, chunkPath => "<link href=\"__CDN_URL__".concat(chunkPath, "\" rel='stylesheet' type='text/css'>"));
-  const scriptImports = _mapInstanceProperty__default["default"](scriptChunks).call(scriptChunks, chunkPath => "<script src=\"__CDN_URL__".concat(chunkPath, "\"></script>"));
+  const cssImports = _mapInstanceProperty__default["default"](cssChunks).call(cssChunks, chunkPath => `<link href="__CDN_URL__${chunkPath}" rel='stylesheet' type='text/css'>`);
+  const scriptImports = _mapInstanceProperty__default["default"](scriptChunks).call(scriptChunks, chunkPath => `<script src="__CDN_URL__${chunkPath}"></script>`);
   return generateTemplate.generateTemplate({
     cssImports,
     scriptImports

package/webpack-html-template/dist/commercetools-frontend-mc-html-template-webpack-html-template.cjs.prod.js

@@ -31,8 +31,8 @@ function webpackHtmlTemplate(templateParams) {
   // Trim leading slash, the CDN_URL will ensure to have a trailing slash
   // (see `replaceHtmlPlaceholders`)
   fileName.replace(/^\//, ''));
-  const cssImports = _mapInstanceProperty__default["default"](cssChunks).call(cssChunks, chunkPath => "<link href=\"__CDN_URL__".concat(chunkPath, "\" rel='stylesheet' type='text/css'>"));
-  const scriptImports = _mapInstanceProperty__default["default"](scriptChunks).call(scriptChunks, chunkPath => "<script src=\"__CDN_URL__".concat(chunkPath, "\"></script>"));
+  const cssImports = _mapInstanceProperty__default["default"](cssChunks).call(cssChunks, chunkPath => `<link href="__CDN_URL__${chunkPath}" rel='stylesheet' type='text/css'>`);
+  const scriptImports = _mapInstanceProperty__default["default"](scriptChunks).call(scriptChunks, chunkPath => `<script src="__CDN_URL__${chunkPath}"></script>`);
   return generateTemplate.generateTemplate({
     cssImports,
     scriptImports

package/webpack-html-template/dist/commercetools-frontend-mc-html-template-webpack-html-template.esm.js

@@ -20,8 +20,8 @@ function webpackHtmlTemplate(templateParams) {
   // Trim leading slash, the CDN_URL will ensure to have a trailing slash
   // (see `replaceHtmlPlaceholders`)
   fileName.replace(/^\//, ''));
-  const cssImports = _mapInstanceProperty(cssChunks).call(cssChunks, chunkPath => "<link href=\"__CDN_URL__".concat(chunkPath, "\" rel='stylesheet' type='text/css'>"));
-  const scriptImports = _mapInstanceProperty(scriptChunks).call(scriptChunks, chunkPath => "<script src=\"__CDN_URL__".concat(chunkPath, "\"></script>"));
+  const cssImports = _mapInstanceProperty(cssChunks).call(cssChunks, chunkPath => `<link href="__CDN_URL__${chunkPath}" rel='stylesheet' type='text/css'>`);
+  const scriptImports = _mapInstanceProperty(scriptChunks).call(scriptChunks, chunkPath => `<script src="__CDN_URL__${chunkPath}"></script>`);
   return generateTemplate({
     cssImports,
     scriptImports