@networkpro/web 1.5.6 → 1.6.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE.md +3 -0
- package/README.md +72 -16
- package/cspell.json +10 -1
- package/jsconfig.json +2 -1
- package/netlify-functions/cspReport.js +68 -0
- package/netlify.toml +17 -8
- package/package.json +10 -7
- package/playwright.config.js +20 -19
- package/scripts/checkNode.js +7 -1
- package/src/app.d.ts +7 -4
- package/src/app.html +6 -49
- package/src/hooks.client.ts +15 -7
- package/src/hooks.server.js +91 -0
- package/src/lib/components/foss/FossFeatures.svelte +57 -4
- package/src/lib/components/foss/FossItemContent.svelte +1 -1
- package/src/lib/components/layout/Footer.svelte +1 -1
- package/src/lib/components/layout/HeaderDefault.svelte +1 -1
- package/src/lib/components/layout/HeaderHome.svelte +1 -1
- package/src/lib/data/fossData.js +271 -68
- package/src/lib/images.js +6 -0
- package/src/lib/img/posts/eauth.png +0 -0
- package/src/lib/img/posts/eauth.webp +0 -0
- package/src/lib/meta.js +0 -1
- package/src/lib/pages/FossContent.svelte +1 -1
- package/src/lib/registerServiceWorker.js +32 -31
- package/src/routes/+layout.js +6 -1
- package/src/routes/+layout.svelte +7 -6
- package/src/routes/api/mock-csp/+server.js +22 -0
- package/src/service-worker.js +55 -28
- package/static/disableSw.js +12 -0
- package/stylelint.config.js +2 -6
- package/tests/e2e/app.spec.js +58 -21
- package/tests/e2e/mobile.spec.js +49 -29
- package/tests/unit/cspReport.test.js +81 -0
- package/_headers +0 -9
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
/* ==========================================================================
|
|
2
|
+
tests/unit/cspReport.test.js
|
|
3
|
+
|
|
4
|
+
Copyright © 2025 Network Pro Strategies (Network Pro™)
|
|
5
|
+
SPDX-License-Identifier: CC-BY-4.0 OR GPL-3.0-or-later
|
|
6
|
+
This file is part of Network Pro.
|
|
7
|
+
========================================================================== */
|
|
8
|
+
|
|
9
|
+
/** @file Unit tests for netlify-functions/cspReport.js using Vitest */
|
|
10
|
+
/** @typedef {import('vitest').TestContext} TestContext */
|
|
11
|
+
|
|
12
|
+
import { beforeEach, describe, expect, it, vi } from "vitest";
|
|
13
|
+
import { handler } from "../../netlify-functions/cspReport.js";
|
|
14
|
+
|
|
15
|
+
// 🧪 Force test mode
|
|
16
|
+
process.env.NODE_ENV = "test";
|
|
17
|
+
process.env.MAIL_ENABLED = "true"; // Still ignored due to NODE_ENV === test
|
|
18
|
+
|
|
19
|
+
// 🧪 Mock nodemailer to prevent real email sending
|
|
20
|
+
vi.mock("nodemailer", async () => {
|
|
21
|
+
return {
|
|
22
|
+
default: {
|
|
23
|
+
createTransport: () => ({
|
|
24
|
+
sendMail: vi.fn().mockResolvedValue({}),
|
|
25
|
+
}),
|
|
26
|
+
},
|
|
27
|
+
};
|
|
28
|
+
});
|
|
29
|
+
|
|
30
|
+
describe("cspReport.js", () => {
|
|
31
|
+
beforeEach(() => {
|
|
32
|
+
vi.clearAllMocks(); // reset mocks if needed
|
|
33
|
+
});
|
|
34
|
+
|
|
35
|
+
it("should handle valid CSP report", async () => {
|
|
36
|
+
/** @type {import('netlify/functions').HandlerEvent} */
|
|
37
|
+
const event = {
|
|
38
|
+
httpMethod: "POST",
|
|
39
|
+
body: JSON.stringify({
|
|
40
|
+
"csp-report": {
|
|
41
|
+
"document-uri": "https://example.com",
|
|
42
|
+
"violated-directive": "script-src",
|
|
43
|
+
},
|
|
44
|
+
}),
|
|
45
|
+
};
|
|
46
|
+
|
|
47
|
+
const response = await handler(event);
|
|
48
|
+
expect(response.statusCode).toBe(204);
|
|
49
|
+
});
|
|
50
|
+
|
|
51
|
+
it("should reject GET requests", async () => {
|
|
52
|
+
/** @type {import('netlify/functions').HandlerEvent} */
|
|
53
|
+
const event = { httpMethod: "GET" };
|
|
54
|
+
const response = await handler(event);
|
|
55
|
+
expect(response.statusCode).toBe(405);
|
|
56
|
+
expect(response.body).toContain("Method Not Allowed");
|
|
57
|
+
});
|
|
58
|
+
|
|
59
|
+
it("should handle malformed JSON", async () => {
|
|
60
|
+
/** @type {import('netlify/functions').HandlerEvent} */
|
|
61
|
+
const event = {
|
|
62
|
+
httpMethod: "POST",
|
|
63
|
+
body: "{ bad json }",
|
|
64
|
+
};
|
|
65
|
+
|
|
66
|
+
const response = await handler(event);
|
|
67
|
+
expect(response.statusCode).toBe(400);
|
|
68
|
+
expect(response.body).toContain("Invalid JSON");
|
|
69
|
+
});
|
|
70
|
+
|
|
71
|
+
it("should handle missing body", async () => {
|
|
72
|
+
/** @type {import('netlify/functions').HandlerEvent} */
|
|
73
|
+
const event = {
|
|
74
|
+
httpMethod: "POST",
|
|
75
|
+
};
|
|
76
|
+
|
|
77
|
+
const response = await handler(event);
|
|
78
|
+
expect(response.statusCode).toBe(400);
|
|
79
|
+
expect(response.body).toContain("No body provided");
|
|
80
|
+
});
|
|
81
|
+
});
|
package/_headers
DELETED
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
/*
|
|
2
|
-
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-inline' https://snap.licdn.com; img-src 'self' https://px.ads.linkedin.com; connect-src 'self' https://px.ads.linkedin.com https://snap.licdn.com; style-src 'self' 'unsafe-inline'; form-action 'self'; base-uri 'self'; object-src 'none'; frame-ancestors 'none'; upgrade-insecure-requests;
|
|
3
|
-
X-Content-Type-Options: nosniff
|
|
4
|
-
X-Frame-Options: DENY
|
|
5
|
-
Referrer-Policy: strict-origin-when-cross-origin
|
|
6
|
-
Permissions-Policy: geolocation=(), camera=(), microphone=()
|
|
7
|
-
Cross-Origin-Embedder-Policy: require-corp
|
|
8
|
-
Cross-Origin-Opener-Policy: same-origin
|
|
9
|
-
Cross-Origin-Resource-Policy: same-origin
|