@netlify/plugin-csp-nonce 1.0.1 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/index.js +14 -5
- package/manifest.yml +11 -0
- package/package.json +2 -2
package/index.js
CHANGED
|
@@ -1,25 +1,34 @@
|
|
|
1
1
|
import fs, { copyFileSync } from "fs";
|
|
2
2
|
|
|
3
|
+
const SITE_ID = "321a7119-6008-49a8-9d2f-e20602b1b349";
|
|
4
|
+
|
|
3
5
|
/* eslint-disable no-console */
|
|
4
6
|
export const onPreBuild = async ({ inputs, netlifyConfig, utils }) => {
|
|
5
7
|
console.log(` Current working directory: ${process.cwd()}`);
|
|
6
8
|
const config = JSON.stringify(inputs, null, 2);
|
|
9
|
+
const { build } = netlifyConfig;
|
|
10
|
+
const basePath =
|
|
11
|
+
build.environment.SITE_ID === SITE_ID
|
|
12
|
+
? "./src"
|
|
13
|
+
: "./node_modules/@netlify/plugin-csp-nonce/src";
|
|
7
14
|
|
|
8
|
-
const functionsDir =
|
|
15
|
+
const functionsDir = build.functions || "./netlify/functions";
|
|
9
16
|
// make the directory in case it actually doesn't exist yet
|
|
10
17
|
await utils.run.command(`mkdir -p ${functionsDir}`);
|
|
11
18
|
console.log(` Copying function to ${functionsDir}...`);
|
|
12
19
|
copyFileSync(
|
|
13
|
-
|
|
20
|
+
`${basePath}/__csp-violations.ts`,
|
|
14
21
|
`${functionsDir}/__csp-violations.ts`
|
|
15
22
|
);
|
|
16
23
|
|
|
17
|
-
const edgeFunctionsDir =
|
|
18
|
-
netlifyConfig.build.edge_functions || "./netlify/edge-functions";
|
|
24
|
+
const edgeFunctionsDir = build.edge_functions || "./netlify/edge-functions";
|
|
19
25
|
// make the directory in case it actually doesn't exist yet
|
|
20
26
|
await utils.run.command(`mkdir -p ${edgeFunctionsDir}`);
|
|
21
27
|
console.log(` Copying edge function to ${edgeFunctionsDir}...`);
|
|
22
|
-
copyFileSync(
|
|
28
|
+
copyFileSync(
|
|
29
|
+
`${basePath}/__csp-nonce.ts`,
|
|
30
|
+
`${edgeFunctionsDir}/__csp-nonce.ts`
|
|
31
|
+
);
|
|
23
32
|
console.log(` Copying config inputs to ${edgeFunctionsDir}...`);
|
|
24
33
|
fs.writeFileSync(`${edgeFunctionsDir}/__csp-nonce-inputs.json`, config);
|
|
25
34
|
|
package/manifest.yml
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
name: netlify-build-plugin-csp-nonce
|
|
2
|
+
inputs:
|
|
3
|
+
- name: reportOnly
|
|
4
|
+
description: When true, uses the Content-Security-Policy-Report-Only header instead of the Content-Security-Policy header.
|
|
5
|
+
default: true
|
|
6
|
+
- name: path
|
|
7
|
+
description: The glob expressions of path(s) that should invoke the CSP nonce edge function. Can be a string or array of strings.
|
|
8
|
+
default: "/*"
|
|
9
|
+
- name: excludedPath
|
|
10
|
+
description: The glob expressions of path(s) that *should not* invoke the CSP nonce edge function. Must be an array of strings. This value gets spread with common non-html filetype extensions (*.css, *.js, *.svg, etc)
|
|
11
|
+
default: []
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@netlify/plugin-csp-nonce",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.3",
|
|
4
4
|
"description": "Use a nonce for the script-src and style-src directives of your Content Security Policy.",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"repository": {
|
|
@@ -12,7 +12,7 @@
|
|
|
12
12
|
"type": "module",
|
|
13
13
|
"files": [
|
|
14
14
|
"index.js",
|
|
15
|
-
"manifest.
|
|
15
|
+
"manifest.yml",
|
|
16
16
|
"src/*"
|
|
17
17
|
],
|
|
18
18
|
"devDependencies": {
|