@urateam/dashboard 0.1.56 → 0.1.58
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/__tests__/layout.test.js +12 -0
- package/dist/__tests__/layout.test.js.map +1 -1
- package/dist/__tests__/security.repro.test.js +4 -0
- package/dist/__tests__/security.repro.test.js.map +1 -1
- package/dist/csp.d.ts +19 -0
- package/dist/csp.d.ts.map +1 -0
- package/dist/csp.js +19 -0
- package/dist/csp.js.map +1 -0
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +2 -1
- package/dist/server.js.map +1 -1
- package/dist/views/layout.d.ts.map +1 -1
- package/dist/views/layout.js +2 -1
- package/dist/views/layout.js.map +1 -1
- package/package.json +2 -2
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { describe, it, expect, beforeEach, afterEach } from "vitest";
|
|
2
2
|
import { layout, escapeHtml, getBasePath } from "../views/layout.js";
|
|
3
|
+
import { DASHBOARD_CSP } from "../csp.js";
|
|
3
4
|
describe("layout", () => {
|
|
4
5
|
const originalEnv = process.env.DASHBOARD_BASE_PATH;
|
|
5
6
|
afterEach(() => {
|
|
@@ -122,6 +123,17 @@ describe("layout", () => {
|
|
|
122
123
|
expect(escapeHtml("<")).toBe("&lt;");
|
|
123
124
|
});
|
|
124
125
|
});
|
|
126
|
+
describe("Content-Security-Policy meta tag", () => {
|
|
127
|
+
it("should embed the full DASHBOARD_CSP constant in the meta tag", () => {
|
|
128
|
+
const html = layout("Test", "");
|
|
129
|
+
expect(html).toContain('http-equiv="Content-Security-Policy"');
|
|
130
|
+
expect(html).toContain(DASHBOARD_CSP);
|
|
131
|
+
});
|
|
132
|
+
it("should retain script-src restriction to self and unpkg.com", () => {
|
|
133
|
+
expect(DASHBOARD_CSP).toContain("script-src 'self' https://unpkg.com");
|
|
134
|
+
expect(DASHBOARD_CSP).not.toContain("script-src 'unsafe-inline'");
|
|
135
|
+
});
|
|
136
|
+
});
|
|
125
137
|
describe("CSS and asset loading", () => {
|
|
126
138
|
it("should use relative path for CSS when basePath is empty", () => {
|
|
127
139
|
delete process.env.DASHBOARD_BASE_PATH;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"layout.test.js","sourceRoot":"","sources":["../../src/__tests__/layout.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACrE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"layout.test.js","sourceRoot":"","sources":["../../src/__tests__/layout.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACrE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAE1C,QAAQ,CAAC,QAAQ,EAAE,GAAG,EAAE;IACtB,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;IAEpD,SAAS,CAAC,GAAG,EAAE;QACb,OAAO,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;QACvC,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,WAAW,CAAC;QAChD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;QACpC,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;YAC7D,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,QAAQ,CAAC;YAC3C,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;YAChE,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,SAAS,CAAC;YAC5C,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;YAChD,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,WAAW,CAAC;YAC9C,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4DAA4D,EAAE,GAAG,EAAE;YACpE,OAAO,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;YACvC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iEAAiE,EAAE,GAAG,EAAE;YACzE,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,KAAK,CAAC;YACxC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,UAAU,CAAC,GAAG,EAAE;YACd,8CAA8C;YAC9C,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,QAAQ,CAAC;QAC7C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;YAC9C,MAAM,IAAI,GAAG,MAAM,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;YACnD,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;YAC1C,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;YAC7C,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;YACxD,MAAM,IAAI,GAAG,MAAM,CAAC,cAAc,EAAE,SAAS,CAAC,CAAC;YAC/C,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,2CAA2C,CAAC,CAAC;QACtE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,QAAQ,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,4DAA4D,CAAC,CAAC;QACvF,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;YACpC,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,0DAA0D,CAAC,CAAC;YACnF,iEAAiE;YACjE,2EAA2E;YAC3E,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QACrD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;YACvD,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,QAAQ,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YAEhC,mEAAmE;YACnE,uEAAuE;YACvE,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,2BAA2B,CAAC,CAAC;YACpD,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,oCAAoC,CAAC,CAAC;YAC7D,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,oCAAoC,CAAC,CAAC;YAC7D,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,oCAAoC,CAAC,CAAC;YAC7D,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,gDAAgD,CAAC,CAAC;QAC3E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+DAA+D,EAAE,GAAG,EAAE;YACvE,OAAO,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;YACvC,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YAEhC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC;YAC/C,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,8BAA8B,CAAC,CAAC;YACvD,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,8BAA8B,CAAC,CAAC;YACvD,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,8BAA8B,CAAC,CAAC;YACvD,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,0CAA0C,CAAC,CAAC;QACrE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,OAAO,GAAG,0BAA0B,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;YACrC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;YAChE,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,sEAAsE,CAAC,CAAC;QACjG,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;YACxD,MAAM,IAAI,GAAG,MAAM,CAAC,+BAA+B,EAAE,EAAE,CAAC,CAAC;YACzD,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;YACzC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;QACnC,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;YAClC,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;YACvC,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QAClE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,MAAM,CAAC,UAAU,CAAC,+BAA+B,CAAC,CAAC,CAAC,IAAI,CACtD,qDAAqD,CACtD,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;YACpC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;YACzD,MAAM,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;YAC9D,6DAA6D;YAC7D,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAChD,EAAE,CAAC,8DAA8D,EAAE,GAAG,EAAE;YACtE,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,sCAAsC,CAAC,CAAC;YAC/D,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QACxC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4DAA4D,EAAE,GAAG,EAAE;YACpE,MAAM,CAAC,aAAa,CAAC,CAAC,SAAS,CAAC,qCAAqC,CAAC,CAAC;YACvE,MAAM,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,4BAA4B,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC,EAAE,CAAC,yDAAyD,EAAE,GAAG,EAAE;YACjE,OAAO,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;YACvC,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;YACnD,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,yBAAyB,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;YAC9D,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,QAAQ,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,gCAAgC,CAAC,CAAC;YACzD,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,+BAA+B,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sDAAsD,EAAE,GAAG,EAAE;YAC9D,OAAO,CAAC,GAAG,CAAC,mBAAmB,GAAG,QAAQ,CAAC;YAC3C,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YAChC,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,gCAAgC,CAAC,CAAC;YACzD,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,+BAA+B,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -76,6 +76,10 @@ describe("BEC-103: security headers present on all responses", () => {
|
|
|
76
76
|
// Must restrict scripts to 'self' and https://unpkg.com only
|
|
77
77
|
expect(csp).toContain("default-src 'self'");
|
|
78
78
|
expect(csp).toContain("script-src 'self' https://unpkg.com");
|
|
79
|
+
// BEC-131: style-src must allow inline styles and Google Fonts stylesheet
|
|
80
|
+
expect(csp).toContain("style-src 'self' 'unsafe-inline' https://fonts.googleapis.com");
|
|
81
|
+
// BEC-131: font-src must allow Google Fonts CDN for font files
|
|
82
|
+
expect(csp).toContain("font-src 'self' https://fonts.gstatic.com");
|
|
79
83
|
});
|
|
80
84
|
it.each(ROUTES)("GET %s — X-XSS-Protection: 0 header is present", async (route) => {
|
|
81
85
|
const res = await app.request(route);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security.repro.test.js","sourceRoot":"","sources":["../../src/__tests__/security.repro.test.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAwB,MAAM,cAAc,CAAC;AAGrE,8EAA8E;AAC9E,wDAAwD;AACxD,8EAA8E;AAC9E,SAAS,YAAY;IACnB,MAAM,OAAO,GAAsB;QACjC,GAAG,CAAC,OAAO,EAAE,IAAI;YACf,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,OAAO,CAAC,OAAyB,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;YACpD,CAAC;YACD,OAAO,CAAC,GAAG,KAAY,EAAE,EAAE,CAAC,IAAI,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,EAAE,OAAO,CAAC,CAAC;QAC3D,CAAC;QACD,KAAK;YACH,OAAO,IAAI,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,EAAE,OAAO,CAAC,CAAC;QACtC,CAAC;KACF,CAAC;IACF,OAAO,IAAI,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,EAAE,OAAO,CAAkB,CAAC;AACvD,CAAC;AAED,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAC9E,MAAM,MAAM,GAAG,CAAC,GAAG,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;AAEvE,uCAAuC;AACvC,SAAS,eAAe,CAAC,QAAgB,EAAE,QAAgB;IACzD,OAAO,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,IAAI,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC9E,CAAC;AAED,MAAM,UAAU,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;AAC7D,MAAM,iBAAiB,GAAG,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC;AAEpF,SAAS,OAAO,CAAC,WAAW,GAAG,KAAK;IAClC,MAAM,GAAG,GAAoB;QAC3B,EAAE,EAAE,YAAY,EAAE;QAClB,eAAe,EAAE,EAAE;QACnB,WAAW,EAAE,EAAE;KAChB,CAAC;IACF,IAAI,WAAW,EAAE,CAAC;QAChB,GAAG,CAAC,IAAI,GAAG,UAAU,CAAC;IACxB,CAAC;IACD,OAAO,eAAe,CAAC,GAAG,CAAC,CAAC;AAC9B,CAAC;AAED,8EAA8E;AAC9E,sBAAsB;AACtB,8EAA8E;AAC9E,QAAQ,CAAC,oDAAoD,EAAE,GAAG,EAAE;IAClE,IAAI,GAAuC,CAAC;IAE5C,UAAU,CAAC,GAAG,EAAE;QACd,kFAAkF;QAClF,GAAG,GAAG,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CACb,4DAA4D,EAC5D,KAAK,EAAE,KAAK,EAAE,EAAE;QACd,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACpE,CAAC,CACF,CAAC;IAEF,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CACb,kDAAkD,EAClD,KAAK,EAAE,KAAK,EAAE,EAAE;QACd,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC1D,CAAC,CACF,CAAC;IAEF,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CACb,oDAAoD,EACpD,KAAK,EAAE,KAAK,EAAE,EAAE;QACd,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QACvD,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC3B,6DAA6D;QAC7D,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,qCAAqC,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"security.repro.test.js","sourceRoot":"","sources":["../../src/__tests__/security.repro.test.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAwB,MAAM,cAAc,CAAC;AAGrE,8EAA8E;AAC9E,wDAAwD;AACxD,8EAA8E;AAC9E,SAAS,YAAY;IACnB,MAAM,OAAO,GAAsB;QACjC,GAAG,CAAC,OAAO,EAAE,IAAI;YACf,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;gBACpB,OAAO,CAAC,OAAyB,EAAE,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;YACpD,CAAC;YACD,OAAO,CAAC,GAAG,KAAY,EAAE,EAAE,CAAC,IAAI,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,EAAE,OAAO,CAAC,CAAC;QAC3D,CAAC;QACD,KAAK;YACH,OAAO,IAAI,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,EAAE,OAAO,CAAC,CAAC;QACtC,CAAC;KACF,CAAC;IACF,OAAO,IAAI,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,EAAE,OAAO,CAAkB,CAAC;AACvD,CAAC;AAED,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAC9E,MAAM,MAAM,GAAG,CAAC,GAAG,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,eAAe,CAAC,CAAC;AAEvE,uCAAuC;AACvC,SAAS,eAAe,CAAC,QAAgB,EAAE,QAAgB;IACzD,OAAO,QAAQ,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,QAAQ,IAAI,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC9E,CAAC;AAED,MAAM,UAAU,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;AAC7D,MAAM,iBAAiB,GAAG,eAAe,CAAC,UAAU,CAAC,QAAQ,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC;AAEpF,SAAS,OAAO,CAAC,WAAW,GAAG,KAAK;IAClC,MAAM,GAAG,GAAoB;QAC3B,EAAE,EAAE,YAAY,EAAE;QAClB,eAAe,EAAE,EAAE;QACnB,WAAW,EAAE,EAAE;KAChB,CAAC;IACF,IAAI,WAAW,EAAE,CAAC;QAChB,GAAG,CAAC,IAAI,GAAG,UAAU,CAAC;IACxB,CAAC;IACD,OAAO,eAAe,CAAC,GAAG,CAAC,CAAC;AAC9B,CAAC;AAED,8EAA8E;AAC9E,sBAAsB;AACtB,8EAA8E;AAC9E,QAAQ,CAAC,oDAAoD,EAAE,GAAG,EAAE;IAClE,IAAI,GAAuC,CAAC;IAE5C,UAAU,CAAC,GAAG,EAAE;QACd,kFAAkF;QAClF,GAAG,GAAG,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CACb,4DAA4D,EAC5D,KAAK,EAAE,KAAK,EAAE,EAAE;QACd,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACpE,CAAC,CACF,CAAC;IAEF,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CACb,kDAAkD,EAClD,KAAK,EAAE,KAAK,EAAE,EAAE;QACd,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC1D,CAAC,CACF,CAAC;IAEF,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CACb,oDAAoD,EACpD,KAAK,EAAE,KAAK,EAAE,EAAE;QACd,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QACvD,MAAM,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC3B,6DAA6D;QAC7D,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;QAC5C,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,qCAAqC,CAAC,CAAC;QAC7D,0EAA0E;QAC1E,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,+DAA+D,CAAC,CAAC;QACvF,+DAA+D;QAC/D,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,2CAA2C,CAAC,CAAC;IACrE,CAAC,CACF,CAAC;IAEF,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CACb,gDAAgD,EAChD,KAAK,EAAE,KAAK,EAAE,EAAE;QACd,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACxD,CAAC,CACF,CAAC;IAEF,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CACb,4CAA4C,EAC5C,KAAK,EAAE,KAAK,EAAE,EAAE;QACd,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAC7C,iCAAiC,CAClC,CAAC;IACJ,CAAC,CACF,CAAC;IAEF,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CACb,+CAA+C,EAC/C,KAAK,EAAE,KAAK,EAAE,EAAE;QACd,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QACjD,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAClC,MAAM,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;QACtC,MAAM,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;IACzC,CAAC,CACF,CAAC;IAEF,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,CACb,sDAAsD,EACtD,KAAK,EAAE,KAAK,EAAE,EAAE;QACd,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QAC1D,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;IACrC,CAAC,CACF,CAAC;AACJ,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,8CAA8C;AAC9C,8EAA8E;AAC9E,QAAQ,CAAC,mDAAmD,EAAE,GAAG,EAAE;IACjE,EAAE,CAAC,0DAA0D,EAAE,KAAK,IAAI,EAAE;QACxE,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,qBAAqB;QACjD,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACnC,gEAAgE;QAChE,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uEAAuE,EAAE,KAAK,IAAI,EAAE;QACrF,MAAM,aAAa,GAAG,eAAe,CAAC;YACpC,EAAE,EAAE,YAAY,EAAE;YAClB,eAAe,EAAE;gBACf,gBAAgB,EAAE;oBAChB,IAAI,EAAE,gBAAgB;oBACtB,MAAM,EAAE,CAAC,QAAQ,EAAE,WAAW,CAAC;oBAC/B,KAAK,EAAE,iBAAiB;oBACxB,SAAS,EAAE,MAAM;iBACX;aACT;YACD,WAAW,EAAE;gBACX,SAAS,EAAE;oBACT,GAAG,EAAE,yDAAyD;iBACxD;aACT;YACD,+CAA+C;SAChD,CAAC,CAAC;QAEH,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACnD,4EAA4E;QAC5E,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,iDAAiD;AACjD,8EAA8E;AAC9E,QAAQ,CAAC,kEAAkE,EAAE,GAAG,EAAE;IAChF,EAAE,CAAC,gFAAgF,EAAE,KAAK,IAAI,EAAE;QAC9F,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,0EAA0E;QAC1E,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,YAAY,EAAE;YAC1C,OAAO,EAAE,EAAE,aAAa,EAAE,iBAAiB,EAAE;SAC9C,CAAC,CAAC;QACH,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2EAA2E,EAAE,KAAK,IAAI,EAAE;QACzF,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,+EAA+E;QAC/E,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,oBAAoB,EAAE;YAClD,OAAO,EAAE;gBACP,aAAa,EAAE,iBAAiB;gBAChC,MAAM,EAAE,0BAA0B;aACnC;SACF,CAAC,CAAC;QACH,iEAAiE;QACjE,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,wCAAwC;AACxC,8EAA8E;AAC9E,QAAQ,CAAC,qDAAqD,EAAE,GAAG,EAAE;IACnE,EAAE,CAAC,uDAAuD,EAAE,KAAK,IAAI,EAAE;QACrE,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,qCAAqC;QAChE,IAAI,eAAe,GAAG,KAAK,CAAC;QAE5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;gBACjC,OAAO,EAAE,EAAE,aAAa,EAAE,QAAQ,GAAG,IAAI,CAAC,aAAa,CAAC,EAAE;aAC3D,CAAC,CAAC;YACH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBACvB,eAAe,GAAG,IAAI,CAAC;gBACvB,MAAM;YACR,CAAC;QACH,CAAC;QAED,kEAAkE;QAClE,MAAM,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8EAA8E,EAAE,KAAK,IAAI,EAAE;QAC5F,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe;QAC1C,IAAI,eAAe,GAAG,KAAK,CAAC;QAE5B,mEAAmE;QACnE,wEAAwE;QACxE,kEAAkE;QAClE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;gBACjC,OAAO,EAAE,EAAE,aAAa,EAAE,iBAAiB,EAAE;aAC9C,CAAC,CAAC;YACH,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBACvB,eAAe,GAAG,IAAI,CAAC;gBACvB,MAAM;YACR,CAAC;QACH,CAAC;QAED,MAAM,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,uEAAuE;AACvE,8EAA8E;AAC9E,QAAQ,CAAC,wDAAwD,EAAE,GAAG,EAAE;IACtE,EAAE,CAAC,qEAAqE,EAAE,KAAK,IAAI,EAAE;QACnF,qEAAqE;QACrE,MAAM,YAAY,GAChB,mEAAmE,CAAC;QAEtE,MAAM,aAAa,GAAG,eAAe,CAAC;YACpC,EAAE,EAAE,YAAY,EAAE;YAClB,eAAe,EAAE,EAAE;YACnB,WAAW,EAAE;gBACX,aAAa,EAAE,EAAE,GAAG,EAAE,YAAY,EAAS;aAC5C;YACD,IAAI,EAAE,UAAU,EAAE,sCAAsC;SACzD,CAAC,CAAC;QAEH,MAAM,GAAG,GAAG,MAAM,aAAa,CAAC,OAAO,CAAC,SAAS,EAAE;YACjD,OAAO,EAAE,EAAE,aAAa,EAAE,iBAAiB,EAAE;SAC9C,CAAC,CAAC;QACH,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAE9B,iEAAiE;QACjE,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;QACjD,6CAA6C;QAC7C,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,+BAA+B;AAC/B,8EAA8E;AAC9E,QAAQ,CAAC,uDAAuD,EAAE,GAAG,EAAE;IACrE,EAAE,CAAC,0DAA0D,EAAE,KAAK,IAAI,EAAE;QACxE,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,gCAAgC,EAAE;YAC9D,OAAO,EAAE,EAAE,aAAa,EAAE,iBAAiB,EAAE;SAC9C,CAAC,CAAC;QACH,oEAAoE;QACpE,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9B,MAAM,oBAAoB,GAAG;YAC3B,mBAAmB;YACnB,cAAc;YACd,cAAc,EAAE,+BAA+B;YAC/C,0BAA0B,EAAE,kBAAkB;SAC/C,CAAC;QACF,KAAK,MAAM,OAAO,IAAI,oBAAoB,EAAE,CAAC;YAC3C,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACzC,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,8EAA8E;AAC9E,iCAAiC;AACjC,8EAA8E;AAC9E,QAAQ,CAAC,gDAAgD,EAAE,GAAG,EAAE;IAC9D,EAAE,CAAC,yDAAyD,EAAE,KAAK,IAAI,EAAE;QACvE,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1B,MAAM,GAAG,GAAG,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,EAAE;YACjC,OAAO,EAAE,EAAE,aAAa,EAAE,iBAAiB,EAAE;SAC9C,CAAC,CAAC;QACH,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC7B,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC;QAE9B,+CAA+C;QAC/C,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,sCAAsC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzE,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;QAC7C,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,qCAAqC,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/dist/csp.d.ts
ADDED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Dashboard Content-Security-Policy string.
|
|
3
|
+
*
|
|
4
|
+
* Applied in two places that must stay in sync:
|
|
5
|
+
* 1. HTTP response header — server.ts security middleware
|
|
6
|
+
* 2. HTML meta tag — views/layout.ts
|
|
7
|
+
*
|
|
8
|
+
* Policy rationale (BEC-131):
|
|
9
|
+
* - style-src 'unsafe-inline': dashboard views use 55+ inline style="..."
|
|
10
|
+
* attributes, several with dynamic values (e.g. percentage widths) that
|
|
11
|
+
* cannot be moved to a static stylesheet without significant refactoring.
|
|
12
|
+
* - style-src https://fonts.googleapis.com: layout loads the Inter font via
|
|
13
|
+
* a Google Fonts stylesheet link.
|
|
14
|
+
* - font-src https://fonts.gstatic.com: the Google Fonts CSS fetches the
|
|
15
|
+
* actual font files from this CDN; without an explicit font-src it falls
|
|
16
|
+
* back to default-src 'self' and is blocked.
|
|
17
|
+
*/
|
|
18
|
+
export declare const DASHBOARD_CSP = "default-src 'self'; script-src 'self' https://unpkg.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com";
|
|
19
|
+
//# sourceMappingURL=csp.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"csp.d.ts","sourceRoot":"","sources":["../src/csp.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AACH,eAAO,MAAM,aAAa,sKAC2I,CAAC"}
|
package/dist/csp.js
ADDED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Dashboard Content-Security-Policy string.
|
|
3
|
+
*
|
|
4
|
+
* Applied in two places that must stay in sync:
|
|
5
|
+
* 1. HTTP response header — server.ts security middleware
|
|
6
|
+
* 2. HTML meta tag — views/layout.ts
|
|
7
|
+
*
|
|
8
|
+
* Policy rationale (BEC-131):
|
|
9
|
+
* - style-src 'unsafe-inline': dashboard views use 55+ inline style="..."
|
|
10
|
+
* attributes, several with dynamic values (e.g. percentage widths) that
|
|
11
|
+
* cannot be moved to a static stylesheet without significant refactoring.
|
|
12
|
+
* - style-src https://fonts.googleapis.com: layout loads the Inter font via
|
|
13
|
+
* a Google Fonts stylesheet link.
|
|
14
|
+
* - font-src https://fonts.gstatic.com: the Google Fonts CSS fetches the
|
|
15
|
+
* actual font files from this CDN; without an explicit font-src it falls
|
|
16
|
+
* back to default-src 'self' and is blocked.
|
|
17
|
+
*/
|
|
18
|
+
export const DASHBOARD_CSP = "default-src 'self'; script-src 'self' https://unpkg.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com";
|
|
19
|
+
//# sourceMappingURL=csp.js.map
|
package/dist/csp.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"csp.js","sourceRoot":"","sources":["../src/csp.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,MAAM,aAAa,GACxB,mKAAmK,CAAC"}
|
package/dist/server.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAO5B,OAAO,KAAK,EACV,EAAE,EACF,cAAc,EACd,UAAU,EACV,SAAS,EACT,YAAY,EACZ,WAAW,EACZ,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAO5B,OAAO,KAAK,EACV,EAAE,EACF,cAAc,EACd,UAAU,EACV,SAAS,EACT,YAAY,EACZ,WAAW,EACZ,MAAM,eAAe,CAAC;AAevB,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,EAAE,CAAC;IACP,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IAChD,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACxC;;;;;;OAMG;IACH,MAAM,CAAC,EAAE;QACP,MAAM,EAAE,CAAC,YAAY,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;QAChD,KAAK,EAAE,CAAC,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;QACzC,WAAW,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,GAAG,UAAU,KAAK;YAAE,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;YAAC,IAAI,EAAE,QAAQ,GAAG,UAAU,CAAA;SAAE,CAAC;QACtH,OAAO,CAAC,EAAE,MAAM;YAAE,eAAe,EAAE,MAAM,EAAE,CAAA;SAAE,CAAC;KAC/C,CAAC;IACF,uEAAuE;IACvE,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,IAAI,CAAC,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC;IAC9C;;;;;;;OAOG;IACH,GAAG,CAAC,EAAE,SAAS,CAAC;IAChB,MAAM,CAAC,EAAE,YAAY,CAAC;IACtB;;;;OAIG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAWD,wBAAgB,eAAe,CAAC,MAAM,EAAE,eAAe,GAAG,IAAI,CA4S7D"}
|
package/dist/server.js
CHANGED
|
@@ -16,6 +16,7 @@ import { createUsersRouter } from "./routes/users.js";
|
|
|
16
16
|
import { createAuthRouter } from "./routes/auth.js";
|
|
17
17
|
import { createSsoMiddleware } from "./middleware/sso.js";
|
|
18
18
|
import { createCostRouter } from "./routes/cost.js";
|
|
19
|
+
import { DASHBOARD_CSP } from "./csp.js";
|
|
19
20
|
const logger = createLogger({ component: "dashboard" });
|
|
20
21
|
// Rate limiter constants.
|
|
21
22
|
// The limiter counts FAILED-AUTH responses (HTTP 401) per IP — not total
|
|
@@ -46,7 +47,7 @@ export function createDashboard(config) {
|
|
|
46
47
|
await next();
|
|
47
48
|
c.res.headers.set("X-Content-Type-Options", "nosniff");
|
|
48
49
|
c.res.headers.set("X-Frame-Options", "DENY");
|
|
49
|
-
c.res.headers.set("Content-Security-Policy",
|
|
50
|
+
c.res.headers.set("Content-Security-Policy", DASHBOARD_CSP);
|
|
50
51
|
c.res.headers.set("X-XSS-Protection", "0");
|
|
51
52
|
c.res.headers.set("Referrer-Policy", "strict-origin-when-cross-origin");
|
|
52
53
|
c.res.headers.set("Permissions-Policy", "camera=(), microphone=(), geolocation=()");
|
package/dist/server.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAShE,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,wBAAwB,EAAE,MAAM,0BAA0B,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../src/server.ts"],"names":[],"mappings":"AAAA,oCAAoC;AACpC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,gCAAgC,CAAC;AAC7D,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAShE,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,wBAAwB,EAAE,MAAM,0BAA0B,CAAC;AACpE,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AACtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,MAAM,MAAM,GAAG,YAAY,CAAC,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,CAAC;AAwCxD,0BAA0B;AAC1B,yEAAyE;AACzE,0EAA0E;AAC1E,4EAA4E;AAC5E,6EAA6E;AAC7E,+BAA+B;AAC/B,MAAM,cAAc,GAAG,EAAE,CAAC,CAAC,oDAAoD;AAC/E,MAAM,oBAAoB,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW;AAEnD,MAAM,UAAU,eAAe,CAAC,MAAuB;IACrD,iEAAiE;IACjE,MAAM,WAAW,GACf,MAAM,CAAC,QAAQ,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC;IAC3D,iEAAiE;IACjE,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACjD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,CAAC,IAAI,CACT,wEAAwE;YACtE,yEAAyE;YACzE,iDAAiD,CACpD,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,EAAE,gCAAgC,CAAC,CAAC;IAC9D,CAAC;IAED,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IAEvB,wDAAwD;IACxD,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkD,CAAC;IAE/E,kFAAkF;IAClF,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QAC7B,MAAM,IAAI,EAAE,CAAC;QACb,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,EAAE,SAAS,CAAC,CAAC;QACvD,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC;QAC7C,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CACf,yBAAyB,EACzB,aAAa,CACd,CAAC;QACF,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;QAC3C,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,EAAE,iCAAiC,CAAC,CAAC;QACxE,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CACf,oBAAoB,EACpB,0CAA0C,CAC3C,CAAC;QACF,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CACf,2BAA2B,EAC3B,qCAAqC,CACtC,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,qDAAqD;IACrD,EAAE;IACF,2EAA2E;IAC3E,yEAAyE;IACzE,yEAAyE;IACzE,uEAAuE;IACvE,4EAA4E;IAC5E,oDAAoD;IACpD,EAAE;IACF,0EAA0E;IAC1E,wDAAwD;IACxD,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QAC7B,MAAM,EAAE,GACN,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,iBAAiB,CAAC;YAC/B,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC;YACzB,WAAW,CAAC;QACd,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEnC,0EAA0E;QAC1E,IACE,KAAK;YACL,GAAG,GAAG,KAAK,CAAC,WAAW,GAAG,oBAAoB;YAC9C,KAAK,CAAC,KAAK,GAAG,cAAc,EAC5B,CAAC;YACD,OAAO,CAAC,CAAC,IAAI,CAAC,mBAAmB,EAAE,GAAG,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,UAAU,GAAG,KAAK,CAAC;QACvB,IAAI,CAAC;YACH,MAAM,IAAI,EAAE,CAAC;YACb,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,UAAU,GAAG,IAAI,CAAC;QAC9C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,aAAa,IAAI,GAAG,CAAC,MAAM,KAAK,GAAG;gBAAE,UAAU,GAAG,IAAI,CAAC;YAC1E,MAAM,GAAG,CAAC;QACZ,CAAC;gBAAS,CAAC;YACT,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,CAAC,GAAG,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC/B,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,CAAC,WAAW,GAAG,oBAAoB,EAAE,CAAC;oBACpD,CAAC,CAAC,KAAK,EAAE,CAAC;gBACZ,CAAC;qBAAM,CAAC;oBACN,YAAY,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,WAAW,EAAE,GAAG,EAAE,CAAC,CAAC;gBACvD,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,uDAAuD;IACvD,uEAAuE;IACvE,uEAAuE;IACvE,0EAA0E;IAC1E,kCAAkC;IAClC,MAAM,cAAc,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC5D,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC;QAC9B,GAAG,cAAc,aAAa;QAC9B,GAAG,cAAc,gBAAgB;KAClC,CAAC,CAAC;IACH,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QAC7B,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;QAC5B,sEAAsE;QACtE,uEAAuE;QACvE,sEAAsE;QACtE,uEAAuE;QACvE,YAAY;QACZ,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;QACxB,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC7C,wEAAwE;QACxE,sEAAsE;QACtE,mEAAmE;QACnE,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,cAAc,OAAO,CAAC,CAAC;QAC5D,IACE,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;YACnD,CAAC,UAAU;YACX,CAAC,SAAS,EACV,CAAC;YACD,oEAAoE;YACpE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC;gBAChC,OAAO,CAAC,CAAC,IAAI,CAAC,iCAAiC,EAAE,GAAG,CAAC,CAAC;YACxD,CAAC;YACD,oCAAoC;YACpC,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACtC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,aAAa,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC;gBACnD,IAAI,aAAa,IAAI,MAAM,KAAK,aAAa,EAAE,CAAC;oBAC9C,OAAO,CAAC,CAAC,IAAI,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;gBAClD,CAAC;YACH,CAAC;QACH,CAAC;QACD,MAAM,IAAI,EAAE,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,uEAAuE;IACvE,wEAAwE;IACxE,8BAA8B;IAC9B,MAAM,SAAS,GACb,iBAAiB,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,GAAG,EAAE,OAAO,KAAK,IAAI,CAAC;IAE3D,oEAAoE;IACpE,uEAAuE;IACvE,mEAAmE;IACnE,IAAI,MAAM,CAAC,GAAG,EAAE,OAAO,KAAK,IAAI,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,EAAE,CAAC;QAC9D,MAAM,CAAC,IAAI,CACT,yGAAyG,CAC1G,CAAC;IACJ,CAAC;IAED,wEAAwE;IACxE,sEAAsE;IACtE,4EAA4E;IAC5E,8DAA8D;IAC9D,0DAA0D;IAC1D,yEAAyE;IACzE,wEAAwE;IACxE,uEAAuE;IACvE,+CAA+C;IAC/C,wEAAwE;IACxE,gDAAgD;IAChD,MAAM,WAAW,GAAG,QAAQ,IAAI,GAAG,CAAC;IAEpC,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CACb,sFAAsF;gBACpF,gEAAgE,CACnE,CAAC;QACJ,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;QAC/D,MAAM,UAAU,GAAG,gBAAgB,CAAC;YAClC,EAAE,EAAE,MAAM,CAAC,EAAE;YACb,GAAG,EAAE,MAAM,CAAC,GAAI;YAChB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,QAAQ;SACT,CAAC,CAAC;QACH,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;QACnC,GAAG,CAAC,GAAG,CACL,GAAG,EACH,mBAAmB,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,GAAI,EAAE,QAAQ,EAAE,CAAC,CACnE,CAAC;IACJ,CAAC;SAAM,IAAI,MAAM,CAAC,IAAI,EAAE,QAAQ,IAAI,MAAM,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC;QAC1D,sEAAsE;QACtE,uEAAuE;QACvE,0DAA0D;QAC1D,MAAM,SAAS,GAAG,GAAG,QAAQ,OAAO,CAAC;QACrC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;YAC7B,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;gBAAE,OAAO,IAAI,EAAE,CAAC;YACpD,OAAO,SAAS,CAAC;gBACf,QAAQ,EAAE,MAAM,CAAC,IAAK,CAAC,QAAQ;gBAC/B,QAAQ,EAAE,MAAM,CAAC,IAAK,CAAC,QAAQ;aAChC,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;QACd,CAAC,CAAC,CAAC;QACH,0EAA0E;QAC1E,wEAAwE;QACxE,yEAAyE;QACzE,uEAAuE;QACvE,oEAAoE;QACpE,2EAA2E;QAC3E,EAAE;QACF,mEAAmE;QACnE,uEAAuE;QACvE,uEAAuE;QACvE,oCAAoC;QACpC,EAAE;QACF,2EAA2E;QAC3E,uEAAuE;QACvE,uEAAuE;QACvE,uCAAuC;QACvC,MAAM,iBAAiB,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC;QAC/C,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;YAC7B,CAAC,CAAC,GAAG,CAAC,MAAe,EAAE;gBACrB,EAAE,EAAE,cAAc,iBAAiB,EAAE;gBACrC,KAAK,EAAE,GAAG,iBAAiB,mBAAmB;gBAC9C,IAAI,EAAE,OAAgB;aACd,CAAC,CAAC;YACZ,MAAM,IAAI,EAAE,CAAC;QACf,CAAC,CAAC,CAAC;IACL,CAAC;SAAM,CAAC;QACN,MAAM,SAAS,GAAG,GAAG,QAAQ,OAAO,CAAC;QACrC,GAAG,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;YAC7B,yEAAyE;YACzE,oEAAoE;YACpE,+CAA+C;YAC/C,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;gBAAE,OAAO,IAAI,EAAE,CAAC;YACpD,OAAO,CAAC,CAAC,IAAI,CACX,2DAA2D;gBACzD,8EAA8E,EAChF,GAAG,CACJ,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAED,sEAAsE;IACtE,sEAAsE;IACtE,oEAAoE;IACpE,mEAAmE;IACnE,+DAA+D;IAC/D,EAAE;IACF,oEAAoE;IACpE,yEAAyE;IACzE,qBAAqB;IACrB,MAAM,kBAAkB,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACnE,qEAAqE;IACrE,qEAAqE;IACrE,qEAAqE;IACrE,uEAAuE;IACvE,uEAAuE;IACvE,2DAA2D;IAC3D,sEAAsE;IACtE,sEAAsE;IACtE,MAAM,eAAe,GAAG,QAAQ,CAAC,CAAC,CAAC,GAAG,QAAQ,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;IACpE,GAAG,CAAC,GAAG,CACL,GAAG,eAAe,IAAI,EACtB,WAAW,CAAC;QACV,IAAI,EAAE,IAAI,CAAC,kBAAkB,EAAE,QAAQ,CAAC;QACxC,kBAAkB,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;KAChE,CAAC,CACH,CAAC;IAEF,2EAA2E;IAC3E,wEAAwE;IACxE,yEAAyE;IACzE,MAAM,UAAU,GAAG,gBAAgB,CAAC;QAClC,EAAE,EAAE,MAAM,CAAC,EAAE;QACb,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ;KACT,CAAC,CAAC;IACH,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;IAEnC,MAAM,YAAY,GAAG,kBAAkB,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC7D,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;IAErC,MAAM,YAAY,GAAG,kBAAkB,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC7D,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;IAErC,MAAM,YAAY,GAAG,kBAAkB,CACrC,MAAM,CAAC,eAAe,EACtB,MAAM,CAAC,WAAW,EAClB,QAAQ,CACT,CAAC;IACF,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;IAErC,MAAM,kBAAkB,GAAG,wBAAwB,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IACzE,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;IAE3C,MAAM,WAAW,GAAG,iBAAiB,CAAC,MAAM,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IAC3D,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IAEpC,MAAM,UAAU,GAAG,gBAAgB,CAAC;QAClC,EAAE,EAAE,MAAM,CAAC,EAAE;QACb,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,eAAe,EAAE,MAAM,CAAC,eAAe;QACvC,QAAQ;KACT,CAAC,CAAC;IACH,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;IAEnC,MAAM,WAAW,GAAG,iBAAiB,CAAC,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;IACnE,GAAG,CAAC,KAAK,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IAEpC,OAAO,GAAG,CAAC;AACb,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"layout.d.ts","sourceRoot":"","sources":["../../src/views/layout.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"layout.d.ts","sourceRoot":"","sources":["../../src/views/layout.ts"],"names":[],"mappings":"AAKA,wBAAgB,WAAW,IAAI,MAAM,CAEpC;AAiBD;;;;;;;;;;;;;;;;GAgBG;AACH;;;;;GAKG;AACH,MAAM,WAAW,aAAa;IAC5B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,wBAAgB,MAAM,CACpB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,MAAM,EACf,QAAQ,CAAC,EAAE,MAAM,EACjB,GAAG,CAAC,EAAE,aAAa,GAClB,MAAM,CA+CR;AAED,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAO9C"}
|
package/dist/views/layout.js
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import { DASHBOARD_CSP } from "../csp.js";
|
|
1
2
|
// Base path for all dashboard links and asset references.
|
|
2
3
|
// Set DASHBOARD_BASE_PATH=/ateam (no trailing slash) when the dashboard is
|
|
3
4
|
// served under a path prefix (e.g. via a Caddy strip_prefix proxy).
|
|
@@ -28,7 +29,7 @@ export function layout(title, content, basePath, ctx) {
|
|
|
28
29
|
const signOut = ctx?.userEmail
|
|
29
30
|
? `<button type="button" class="link signout-btn" hx-post="${bp}/auth/logout" hx-headers='{"HX-Request":"true"}' hx-push-url="true" hx-swap="none">Sign out (${escapeHtml(ctx.userEmail)})</button>`
|
|
30
31
|
: "";
|
|
31
|
-
const cspContent =
|
|
32
|
+
const cspContent = DASHBOARD_CSP;
|
|
32
33
|
return `<!DOCTYPE html>
|
|
33
34
|
<html lang="en">
|
|
34
35
|
<head>
|
package/dist/views/layout.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"layout.js","sourceRoot":"","sources":["../../src/views/layout.ts"],"names":[],"mappings":"AAAA,0DAA0D;AAC1D,2EAA2E;AAC3E,oEAAoE;AACpE,MAAM,UAAU,WAAW;IACzB,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACrE,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,iBAAiB,CAAC,QAAgB;IACzC,sDAAsD;IACtD,OAAO,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACtC,CAAC;AA8BD,MAAM,UAAU,MAAM,CACpB,KAAa,EACb,OAAe,EACf,QAAiB,EACjB,GAAmB;IAEnB,+EAA+E;IAC/E,MAAM,EAAE,GAAG,iBAAiB,CAAC,QAAQ,IAAI,WAAW,EAAE,CAAC,CAAC;IACxD,uEAAuE;IACvE,yEAAyE;IACzE,sEAAsE;IACtE,qEAAqE;IACrE,MAAM,OAAO,GAAG,GAAG,EAAE,SAAS;QAC5B,CAAC,CAAC,2DAA2D,EAAE,gGAAgG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY;QACpM,CAAC,CAAC,EAAE,CAAC;IACP,MAAM,UAAU,
|
|
1
|
+
{"version":3,"file":"layout.js","sourceRoot":"","sources":["../../src/views/layout.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAE1C,0DAA0D;AAC1D,2EAA2E;AAC3E,oEAAoE;AACpE,MAAM,UAAU,WAAW;IACzB,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACrE,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,iBAAiB,CAAC,QAAgB;IACzC,sDAAsD;IACtD,OAAO,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AACtC,CAAC;AA8BD,MAAM,UAAU,MAAM,CACpB,KAAa,EACb,OAAe,EACf,QAAiB,EACjB,GAAmB;IAEnB,+EAA+E;IAC/E,MAAM,EAAE,GAAG,iBAAiB,CAAC,QAAQ,IAAI,WAAW,EAAE,CAAC,CAAC;IACxD,uEAAuE;IACvE,yEAAyE;IACzE,sEAAsE;IACtE,qEAAqE;IACrE,MAAM,OAAO,GAAG,GAAG,EAAE,SAAS;QAC5B,CAAC,CAAC,2DAA2D,EAAE,gGAAgG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,YAAY;QACpM,CAAC,CAAC,EAAE,CAAC;IACP,MAAM,UAAU,GAAG,aAAa,CAAC;IACjC,OAAO;;;;;wDAK+C,UAAU;WACvD,UAAU,CAAC,KAAK,CAAC;;;;;;;iCAOK,EAAE;;iBAElB,EAAE;;;;6BAIU,EAAE,IAAI,GAAG;eACvB,EAAE,IAAI,GAAG;eACT,EAAE;eACF,EAAE;eACF,EAAE;eACF,EAAE;eACF,EAAE;eACF,EAAE;MACX,GAAG,EAAE,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,YAAY,EAAE,mBAAmB,CAAC,CAAC,CAAC,EAAE;MAClE,OAAO;;;UAGH,UAAU,CAAC,KAAK,CAAC;MACrB,OAAO;;;QAGL,CAAC;AACT,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,GAAW;IACpC,OAAO,GAAG;SACP,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC;SACtB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC;SACvB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;AAC7B,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@urateam/dashboard",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.58",
|
|
4
4
|
"license": "BUSL-1.1",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/server.js",
|
|
@@ -18,7 +18,7 @@
|
|
|
18
18
|
"@workos-inc/node": "^8.13.0",
|
|
19
19
|
"drizzle-orm": "^0.38.0",
|
|
20
20
|
"hono": "^4.7.0",
|
|
21
|
-
"@urateam/core": "0.1.
|
|
21
|
+
"@urateam/core": "0.1.58"
|
|
22
22
|
},
|
|
23
23
|
"devDependencies": {
|
|
24
24
|
"typescript": "^5.7.0",
|