@dargmuesli/nuxt-vio 8.3.4 → 8.4.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. package/nuxt.config.ts +36 -18
  2. package/package.json +1 -2
  3. package/server/api/healthcheck.get.ts +0 -2
  4. package/server/middleware/headers.ts +0 -4
  5. package/server/utils/util.ts +2 -0
package/nuxt.config.ts CHANGED
@@ -49,6 +49,7 @@ export default defineNuxtConfig(
49
49
  '@nuxtjs/html-validator',
50
50
  '@nuxtjs/i18n',
51
51
  '@nuxtjs/tailwindcss',
52
+ '@nuxtseo/module',
52
53
  '@pinia/nuxt',
53
54
  // nuxt-security: remove invalid `'none'`s
54
55
  (_options, nuxt) => {
@@ -74,16 +75,18 @@ export default defineNuxtConfig(
74
75
  string,
75
76
  any
76
77
  >
77
- )[key] = valueFiltered
78
+ )[key] = [...new Set(valueFiltered)]
78
79
  }
79
80
  }
80
81
  }
81
82
  },
82
83
  'nuxt-security',
83
- '@nuxtseo/module',
84
84
  ],
85
85
  nitro: {
86
86
  compressPublicAssets: true,
87
+ experimental: {
88
+ openAPI: process.env.NODE_ENV === 'development',
89
+ },
87
90
  },
88
91
  runtimeConfig: {
89
92
  public: {
@@ -177,7 +180,7 @@ export default defineNuxtConfig(
177
180
  // Cloudflare
178
181
  ...(process.env.NODE_ENV === 'production'
179
182
  ? {
180
- 'connect-src': [`${SITE_URL}/cdn-cgi/rum`],
183
+ 'connect-src': ["'self'"], // `${SITE_URL}/cdn-cgi/rum`
181
184
  'script-src-elem': [
182
185
  'https://static.cloudflareinsights.com',
183
186
  ],
@@ -199,6 +202,7 @@ export default defineNuxtConfig(
199
202
  },
200
203
  {
201
204
  // vio
205
+ 'connect-src': ["'self'"], // `${SITE_URL}/api/healthcheck`
202
206
  'manifest-src': [`${SITE_URL}/site.webmanifest`],
203
207
  'script-src-elem': [
204
208
  'https://polyfill.io/v3/polyfill.min.js', // ESLint plugin compat
@@ -206,19 +210,21 @@ export default defineNuxtConfig(
206
210
  },
207
211
  {
208
212
  // @nuxt/devtools
209
- 'frame-src': [
210
- ...(process.env.NODE_ENV === 'development'
211
- ? ['http://localhost:3000/__nuxt_devtools__/client/']
212
- : []),
213
- ],
213
+ ...(process.env.NODE_ENV === 'development'
214
+ ? {
215
+ 'frame-src': [
216
+ 'http://localhost:3000/__nuxt_devtools__/client/',
217
+ ],
218
+ }
219
+ : {}),
214
220
  },
215
221
  {
216
222
  // nuxt-link-checker
217
- 'connect-src': [
218
- ...(process.env.NODE_ENV === 'development'
219
- ? ['http://localhost:3000/api/__link_checker__/inspect']
220
- : []),
221
- ],
223
+ ...(process.env.NODE_ENV === 'development'
224
+ ? {
225
+ 'connect-src': ["'self'"], // 'http://localhost:3000/api/__link_checker__/inspect'
226
+ }
227
+ : {}),
222
228
  },
223
229
  {
224
230
  // nuxt-og-image
@@ -244,12 +250,12 @@ export default defineNuxtConfig(
244
250
  'connect-src': [
245
251
  ...(process.env.NODE_ENV === 'development'
246
252
  ? [
247
- 'http://localhost:3000/_nuxt/', // Nuxt development
248
- 'https://localhost:3000/_nuxt/', // Nuxt development
249
- 'ws://localhost:3000/_nuxt/', // Nuxt development
250
- 'wss://localhost:3000/_nuxt/', // Nuxt development
253
+ 'http://localhost:3000/_nuxt/', // hot reload
254
+ 'https://localhost:3000/_nuxt/', // hot reload
255
+ 'ws://localhost:3000/_nuxt/', // hot reload
256
+ 'wss://localhost:3000/_nuxt/', // hot reload
251
257
  ]
252
- : ["'self'"]), // Nuxt build metadata and payloads
258
+ : ["'self'"]), // build metadata and payloads
253
259
  ],
254
260
  'img-src': [
255
261
  "'self'", // TODO: replace with `"'nonce-{{nonce}}'",`
@@ -262,6 +268,18 @@ export default defineNuxtConfig(
262
268
  "'unsafe-inline'", // TODO: replace with `"'nonce-{{nonce}}'",` (https://github.com/vitejs/vite/pull/11864)
263
269
  ],
264
270
  },
271
+ {
272
+ // nitro
273
+ 'connect-src': ["'self'"] /* swagger
274
+ 'http://localhost:3000/_nitro/openapi.json',
275
+ 'http://localhost:3000/_nitro/swagger', */,
276
+ 'script-src-elem': [
277
+ 'https://cdn.jsdelivr.net/npm/', // swagger // TODO: increase precision (https://github.com/unjs/nitro/issues/1757)
278
+ ],
279
+ 'style-src': [
280
+ 'https://cdn.jsdelivr.net/npm/', // swagger // TODO: increase precision (https://github.com/unjs/nitro/issues/1757)
281
+ ],
282
+ },
265
283
  {
266
284
  // base
267
285
  'base-uri': ["'none'"], // does not fallback to `default-src`
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@dargmuesli/nuxt-vio",
3
- "version": "8.3.4",
3
+ "version": "8.4.0",
4
4
  "repository": {
5
5
  "type": "git",
6
6
  "url": "git+https://github.com/dargmuesli/vio.git"
@@ -105,7 +105,6 @@
105
105
  "eslint-plugin-prettier": "5.0.1",
106
106
  "eslint-plugin-yml": "1.10.0",
107
107
  "h3": "1.8.2",
108
- "is-https": "4.0.0",
109
108
  "jiti": "1.20.0",
110
109
  "jose": "4.15.4",
111
110
  "lint-staged": "15.0.2",
package/server/api/healthcheck.get.ts CHANGED
@@ -1,5 +1,3 @@
1
- import { defineEventHandler } from 'h3'
2
-
3
1
  export default defineEventHandler((event) => {
4
2
  const { res } = event.node
5
3
  res.setHeader('Content-Type', 'text/plain')
package/server/middleware/headers.ts CHANGED
@@ -1,10 +1,6 @@
1
- import { appendHeader, defineEventHandler } from 'h3'
2
1
  import type { H3Event } from 'h3'
3
2
  import type { AppConfig } from 'nuxt/schema'
4
3
 
5
- import { TIMEZONE_HEADER_KEY } from '../../utils/constants'
6
- import { getTimezone } from '../../utils/networking'
7
-
8
4
  export default defineEventHandler(async (event) => {
9
5
  setRequestHeader(event, TIMEZONE_HEADER_KEY, await getTimezone(event))
10
6
  setResponseHeaders(event)
package/server/utils/util.ts ADDED
@@ -0,0 +1,2 @@
1
+ export { TIMEZONE_HEADER_KEY } from '../../utils/constants'
2
+ export { getTimezone } from '../../utils/networking'