@inizioevoke/evosynth 2.2.0 → 2.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/package.json +1 -1
  2. package/readme.md +77 -0
  3. package/samples/.evosynth.env.ts +3 -8
  4. package/samples/.evosynth.ts +9 -4
  5. package/samples/csp.csv +7 -0
  6. package/samples/csp.ts +23 -3
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@inizioevoke/evosynth",
3
- "version": "2.2.0",
3
+ "version": "2.2.1",
4
4
  "author": "",
5
5
  "license": "ISC",
6
6
  "description": "",
package/readme.md CHANGED
@@ -154,6 +154,83 @@ export async function uat(): Promise<WebStaticServerlessAppConfig> {
154
154
  }
155
155
  ```
156
156
 
157
+ ### Content Security Policy Headers
158
+
159
+ You can configure Content Security Policy (CSP) headers through the `cloudfront.cspHeaders` option. CSP headers can be defined as either an object or a string format.
160
+
161
+ #### Inline CSP Headers (Object Format)
162
+
163
+ Define CSP directives as an object where each key is a directive and values are arrays of policies:
164
+
165
+ ```typescript
166
+ cloudfront: {
167
+ cspHeaders: {
168
+ 'default-src': ["'self'"],
169
+ 'script-src': ["'self'", "'unsafe-inline'", 'https://trusted.com'],
170
+ 'style-src': ["'self'", "'unsafe-inline'"],
171
+ 'img-src': ["'self'", 'data:', 'https:']
172
+ }
173
+ }
174
+ ```
175
+
176
+ #### Inline CSP Headers (String Format)
177
+
178
+ Alternatively, define CSP as a single string:
179
+
180
+ ```typescript
181
+ cloudfront: {
182
+ cspHeaders: "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline';"
183
+ }
184
+ ```
185
+
186
+ #### Import from TypeScript/JavaScript File
187
+
188
+ Create a separate file with your CSP configuration and import it:
189
+
190
+ ```typescript
191
+ // csp.ts
192
+ export default {
193
+ 'default-src': ["'self'"],
194
+ 'script-src': ["'self'", "'unsafe-inline'"]
195
+ };
196
+
197
+ // .evosynth.dev.ts
198
+ import cspHeaders from './csp';
199
+
200
+ export default async function(): Promise<WebStaticServerlessAppConfig> {
201
+ return {
202
+ // ... other config
203
+ cloudfront: {
204
+ cspHeaders
205
+ }
206
+ }
207
+ }
208
+ ```
209
+
210
+ #### Import from CSV File
211
+
212
+ You can also load CSP headers from a CSV file. See [samples/csp.csv](samples/csp.csv) for the expected format:
213
+
214
+ ```typescript
215
+ // .evosynth.dev.ts
216
+ import { readFile } from 'node:fs/promises';
217
+ import { join } from 'node:path';
218
+
219
+ export default async function(): Promise<WebStaticServerlessAppConfig> {
220
+ const cspHeaders = await readFile(
221
+ join(import.meta.dirname, 'csp.csv'),
222
+ 'utf8'
223
+ );
224
+
225
+ return {
226
+ // ... other config
227
+ cloudfront: {
228
+ cspHeaders
229
+ }
230
+ }
231
+ }
232
+ ```
233
+
157
234
  ## CDK App
158
235
 
159
236
  Use evosynth in a traditional CDK app script by instantiating a stage or stack. Use individual constructs for custom apps.
package/samples/.evosynth.env.ts CHANGED
@@ -19,20 +19,15 @@ export default async function(): Promise<WebStaticServerlessAppConfig> {
19
19
  basicAuthParam: '/evosynth/web/security/basicauth',
20
20
  webAclParam: '/evosynth/web/security/webacl'
21
21
  },
22
- // cloudfront: {
23
- // redirects: {
24
- // paths: {
25
- // '/hello': '/world',
26
- // '/redirect': ['/here', 302]
27
- // }
28
- // }
29
- // },
30
22
  pipeline: {
31
23
  source: {
32
24
  codestarConnectionParam: '/evosynth/provider/codeconnection',
33
25
  owner: 'orgname',
34
26
  repo: 'myproject-v1',
35
27
  branch: 'develop'
28
+ },
29
+ build: {
30
+ buildImageNodeJS: 24
36
31
  }
37
32
  }
38
33
  }
package/samples/.evosynth.ts CHANGED
@@ -1,5 +1,12 @@
1
1
  import type { WebStaticServerlessAppConfig } from '@inizioevoke/evosynth';
2
2
 
3
+ // import CSP headers from an external typescript/javascript file
4
+ // import cspHeaders from './csp';
5
+ // OR import from a CSV file
6
+ // import { readFile } from 'node:fs/promises';
7
+ // import { join } from 'node:path';
8
+ // const cspHeaders = await readFile(join(import.meta.dirname, 'csp.csv'), 'utf8');
9
+
3
10
  const config: Omit<WebStaticServerlessAppConfig, 'dns'> = {
4
11
  type: 'web-static-serverless',
5
12
  name: 'my-project',
@@ -19,11 +26,9 @@ const config: Omit<WebStaticServerlessAppConfig, 'dns'> = {
19
26
  cspHeaders: {
20
27
  'default-src': [
21
28
  "'self'"
22
- ],
23
- 'script-src': [
24
- "'self'"
25
29
  ]
26
- }
30
+ },
31
+ // cspHeaders: "default-src 'self';"
27
32
  },
28
33
  security: {
29
34
  basicAuthParam: '/evosynth/web/security/basicauth',
package/samples/csp.csv ADDED
@@ -0,0 +1,7 @@
1
+ source,default-src,connect-src,font-src,frame-src,img-src,media-src,object-src,script-src,style-src
2
+ 'self',x,x,x,,x,,,x,x
3
+ 'unsafe-inline',,,,,,,,,x
4
+ data:,,,x,,,,,,
5
+ p.typekit.net,,,,,x,,,,x
6
+ performance.typekit.net,,x,,,,,,,
7
+ use.typekit.net,,,x,,,,,x,x
package/samples/csp.ts CHANGED
@@ -4,9 +4,29 @@ const cspHeaders: CspHeaders = {
4
4
  'default-src': [
5
5
  "'self'"
6
6
  ],
7
+ 'connect-src': [
8
+ "'self'",
9
+ 'performance.typekit.net',
10
+ ],
11
+ 'font-src': [
12
+ "'self'",
13
+ 'data:',
14
+ 'use.typekit.net'
15
+ ],
16
+ 'img-src': [
17
+ "'self'",
18
+ 'p.typekit.net'
19
+ ],
7
20
  'script-src': [
8
- "'self'"
21
+ "'self'",
22
+ 'use.typekit.net',
23
+ ],
24
+ 'style-src': [
25
+ "'self'",
26
+ "'unsafe-inline'",
27
+ 'p.typekit.net',
28
+ 'use.typekit.net'
9
29
  ]
10
- }
30
+ };
11
31
 
12
- export default cspHeaders;
32
+ export default cspHeaders;