@okendo/shopify-hydrogen 2.2.3 → 2.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +79 -66
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -587,76 +587,89 @@ Append `OkendoProvider` to `body`, and pass it the promise — or the data — r
587
587
 
588
588
  > This is only necessary if Content Security Policy is active in your project.
589
589
 
590
- Locate the call to `createContentSecurityPolicy`, and add:
591
-
592
- - `https://d3hw6dc1ow8pp2.cloudfront.net`, `https://d3g5hqndtiniji.cloudfront.net`, and `data:` to `defaultSrc`
593
- - `https://d3hw6dc1ow8pp2.cloudfront.net` to `styleSrc`
594
- - `https://api.okendo.io` to `connectSrc`
595
-
590
+ Locate the call to `createContentSecurityPolicy`, and ensure your configuration includes the entries below:
596
591
  Note that it's necessary to to add the default values (`'self'`, etc.) when [extending the CSP](https://shopify.dev/docs/custom-storefronts/hydrogen/content-security-policy). The call to `createContentSecurityPolicy` should now look like the following:
597
592
 
598
593
  ```ts
599
594
  const { nonce, header, NonceProvider } = createContentSecurityPolicy({
600
- defaultSrc: [
601
- "'self'",
602
- "localhost:*",
603
- "https://cdn.shopify.com",
604
- "https://d3hw6dc1ow8pp2.cloudfront.net",
605
- "https://d3g5hqndtiniji.cloudfront.net",
606
- "https://cdn-static.okendo.io",
607
- "https://surveys.okendo.io",
608
- "data:",
609
- ],
610
- imgSrc: [
611
- "'self'",
612
- "https://cdn.shopify.com",
613
- "data:",
614
- "https://d3hw6dc1ow8pp2.cloudfront.net",
615
- "https://d3g5hqndtiniji.cloudfront.net",
616
- "https://cdn-static.okendo.io",
617
- "https://surveys.okendo.io",
618
- ],
619
- mediaSrc: [
620
- "'self'",
621
- "https://d3hw6dc1ow8pp2.cloudfront.net",
622
- "https://d3g5hqndtiniji.cloudfront.net",
623
- "https://cdn-static.okendo.io",
624
- ],
625
- styleSrcElem: [
626
- "'self'",
627
- "'unsafe-inline'",
628
- "https://cdn.shopify.com",
629
- "https://fonts.googleapis.com",
630
- "https://fonts.gstatic.com",
631
- "https://d3hw6dc1ow8pp2.cloudfront.net",
632
- "https://cdn-static.okendo.io",
633
- "https://surveys.okendo.io",
634
- ],
635
- scriptSrc: [
636
- "'self'",
637
- "https://cdn.shopify.com",
638
- "https://d3hw6dc1ow8pp2.cloudfront.net",
639
- "https://cdn-static.okendo.io",
640
- "https://surveys.okendo.io",
641
- ],
642
- fontSrc: [
643
- "'self'",
644
- "https://fonts.gstatic.com",
645
- "https://d3hw6dc1ow8pp2.cloudfront.net",
646
- "https://cdn.shopify.com",
647
- "https://cdn-static.okendo.io",
648
- "https://surveys.okendo.io",
649
- ],
650
- connectSrc: [
651
- "'self'",
652
- "https://monorail-edge.shopifysvc.com",
653
- "localhost:*",
654
- "ws://localhost:*",
655
- "ws://127.0.0.1:*",
656
- "https://api.okendo.io",
657
- "https://cdn-static.okendo.io",
658
- "https://surveys.okendo.io",
659
- ],
595
+ defaultSrc: [
596
+ "'self'",
597
+ "localhost:*",
598
+ "https://cdn.shopify.com",
599
+ "https://www.google.com",
600
+ "https://www.gstatic.com",
601
+ "https://d3hw6dc1ow8pp2.cloudfront.net",
602
+ "https://d3g5hqndtiniji.cloudfront.net",
603
+ "https://dov7r31oq5dkj.cloudfront.net",
604
+ "https://cdn-static.okendo.io",
605
+ "https://surveys.okendo.io",
606
+ "https://api.okendo.io",
607
+ "data:",
608
+ ],
609
+ imgSrc: [
610
+ "'self'",
611
+ "https://cdn.shopify.com",
612
+ "data:",
613
+ "https://d3hw6dc1ow8pp2.cloudfront.net",
614
+ "https://d3g5hqndtiniji.cloudfront.net",
615
+ "https://dov7r31oq5dkj.cloudfront.net",
616
+ "https://cdn-static.okendo.io",
617
+ "https://surveys.okendo.io"
618
+ ],
619
+ mediaSrc: [
620
+ "'self'",
621
+ "https://d3hw6dc1ow8pp2.cloudfront.net",
622
+ "https://d3g5hqndtiniji.cloudfront.net",
623
+ "https://dov7r31oq5dkj.cloudfront.net",
624
+ "https://cdn-static.okendo.io"
625
+ ],
626
+ styleSrcElem: [
627
+ "'self'",
628
+ "'unsafe-inline'",
629
+ "https://cdn.shopify.com",
630
+ "https://fonts.googleapis.com",
631
+ "https://fonts.gstatic.com",
632
+ "https://d3hw6dc1ow8pp2.cloudfront.net",
633
+ "https://cdn-static.okendo.io",
634
+ "https://surveys.okendo.io"
635
+ ],
636
+ scriptSrc: [
637
+ "'self'",
638
+ "https://cdn.shopify.com",
639
+ "https://d3hw6dc1ow8pp2.cloudfront.net",
640
+ "https://dov7r31oq5dkj.cloudfront.net",
641
+ "https://cdn-static.okendo.io",
642
+ "https://surveys.okendo.io",
643
+ "https://api.okendo.io",
644
+ "https://www.google.com",
645
+ "https://www.gstatic.com"
646
+ ],
647
+ fontSrc: [
648
+ "'self'",
649
+ "https://fonts.gstatic.com",
650
+ "https://d3hw6dc1ow8pp2.cloudfront.net",
651
+ "https://dov7r31oq5dkj.cloudfront.net",
652
+ "https://cdn.shopify.com",
653
+ "https://cdn-static.okendo.io",
654
+ "https://surveys.okendo.io"
655
+ ],
656
+ connectSrc: [
657
+ "'self'",
658
+ "https://monorail-edge.shopifysvc.com",
659
+ "localhost:*",
660
+ "ws://localhost:*",
661
+ "ws://127.0.0.1:*",
662
+ "https://api.okendo.io",
663
+ "https://cdn-static.okendo.io",
664
+ "https://surveys.okendo.io",
665
+ "https://api.raygun.com",
666
+ "https://www.google.com",
667
+ "https://www.gstatic.com",
668
+ ],
669
+ frameSrc: [
670
+ "https://www.google.com",
671
+ "https://www.gstatic.com"
672
+ ]
660
673
  });
661
674
  ```
662
675
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@okendo/shopify-hydrogen",
3
- "version": "2.2.3",
3
+ "version": "2.2.4",
4
4
  "description": "Okendo React components for Shopify Hydrogen 2 (Remix)",
5
5
  "author": "Okendo",
6
6
  "license": "SEE LICENSE IN LICENSE.txt",