neoagent 2.1.18-beta.82 → 2.1.18-beta.84

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/package.json +1 -1
  2. package/server/http/middleware.js +12 -7
  3. package/server/public/flutter_bootstrap.js +1 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "neoagent",
3
- "version": "2.1.18-beta.82",
3
+ "version": "2.1.18-beta.84",
4
4
  "description": "Proactive personal AI agent with no limits",
5
5
  "license": "MIT",
6
6
  "main": "server/index.js",
package/server/http/middleware.js CHANGED
@@ -68,12 +68,14 @@ ensureSessionStoreSchema(sessionsDb);
68
68
 
69
69
  function buildHelmetOptions({ secureCookies }) {
70
70
  const wsConnectSrc = secureCookies ? ['wss:'] : ['ws:', 'wss:'];
71
- const allowUnsafeEval = boolEnv('NEOAGENT_CSP_ALLOW_UNSAFE_EVAL', false);
72
- const allowExternalScriptCdn = boolEnv('NEOAGENT_CSP_ALLOW_EXTERNAL_SCRIPT_CDN', false);
73
- const allowExternalConnect = boolEnv('NEOAGENT_CSP_ALLOW_EXTERNAL_CONNECT', false);
71
+ const allowUnsafeEval = boolEnv('NEOAGENT_CSP_ALLOW_UNSAFE_EVAL', true);
72
+ const allowExternalScriptCdn = boolEnv('NEOAGENT_CSP_ALLOW_EXTERNAL_SCRIPT_CDN', true);
73
+ const allowExternalConnect = boolEnv('NEOAGENT_CSP_ALLOW_EXTERNAL_CONNECT', true);
74
74
 
75
75
  const scriptSrc = ["'self'", "'unsafe-inline'", 'blob:'];
76
- if (allowUnsafeEval) scriptSrc.push("'unsafe-eval'");
76
+ if (allowUnsafeEval) {
77
+ scriptSrc.push("'unsafe-eval'", "'wasm-unsafe-eval'");
78
+ }
77
79
  if (allowExternalScriptCdn) {
78
80
  scriptSrc.push('https://cdn.jsdelivr.net', 'https://www.gstatic.com');
79
81
  }
@@ -173,10 +175,13 @@ function applyHttpMiddleware(app, { secureCookies, trustProxy, sessionMiddleware
173
175
  origin(origin, originCallback) {
174
176
  const allowBrowserExtensionOrigin = isBrowserExtensionCorsPath(requestPath);
175
177
  const allowSocketIoMissingOrigin = isSocketIoCorsPath(requestPath);
176
- return validateOrigin(origin, originCallback, {
178
+ const originOptions = {
177
179
  allowChromeExtension: allowBrowserExtensionOrigin,
178
- allowMissingOrigin: allowBrowserExtensionOrigin || allowSocketIoMissingOrigin,
179
- });
180
+ };
181
+ if (allowBrowserExtensionOrigin || allowSocketIoMissingOrigin) {
182
+ originOptions.allowMissingOrigin = true;
183
+ }
184
+ return validateOrigin(origin, originCallback, originOptions);
180
185
  },
181
186
  credentials: true,
182
187
  });
package/server/public/flutter_bootstrap.js CHANGED
@@ -37,6 +37,6 @@ _flutter.buildConfig = {"engineRevision":"59aa584fdf100e6c78c785d8a5b565d1de4b48
37
37
 
38
38
  _flutter.loader.load({
39
39
  serviceWorkerSettings: {
40
- serviceWorkerVersion: "2313546935" /* Flutter's service worker is deprecated and will be removed in a future Flutter release. */
40
+ serviceWorkerVersion: "2461298807" /* Flutter's service worker is deprecated and will be removed in a future Flutter release. */
41
41
  }
42
42
  });