shopify-nuxt 0.0.7 → 0.0.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/module.json +1 -1
  2. package/dist/module.mjs +4 -7
  3. package/dist/runtime/server/plugins/add-response-headers.d.ts +11 -0
  4. package/dist/runtime/server/plugins/add-response-headers.js +31 -0
  5. package/dist/runtime/server/plugins/shopify-defaults.d.ts +1 -1
  6. package/dist/runtime/server/plugins/shopify-defaults.js +1 -0
  7. package/package.json +1 -1
package/dist/module.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "shopify-nuxt",
3
3
  "configKey": "shopify",
4
- "version": "0.0.7",
4
+ "version": "0.0.8",
5
5
  "builder": {
6
6
  "@nuxt/module-builder": "1.0.2",
7
7
  "unbuild": "unknown"
package/dist/module.mjs CHANGED
@@ -45,13 +45,7 @@ const module$1 = defineNuxtModule({
45
45
  });
46
46
  nuxt.hook("app:resolve", () => {
47
47
  nuxt.options.app.head = nuxt.options.app.head || {};
48
- nuxt.options.app.head.meta = [
49
- {
50
- name: "content-security-policy",
51
- content: "frame-ancestors 'self' *.myshopify.com *.shopify.com *.trycloudflare.com"
52
- },
53
- ...nuxt.options.app.head.meta || []
54
- ];
48
+ nuxt.options.app.head.meta = [...nuxt.options.app.head.meta || []];
55
49
  nuxt.options.app.head.script = [
56
50
  // 1. Inline script to create the meta tag imperatively — guarantees it
57
51
  // exists in the DOM before the CDN script executes.
@@ -134,6 +128,9 @@ export {}
134
128
  nitroConfig.plugins.push(
135
129
  resolver.resolve("./runtime/server/plugins/shopify-defaults")
136
130
  );
131
+ nitroConfig.plugins.push(
132
+ resolver.resolve("./runtime/server/plugins/add-response-headers")
133
+ );
137
134
  });
138
135
  nuxt.options.build.transpile.push(resolver.resolve("./runtime"));
139
136
  nuxt.hook("nitro:config", (nitroConfig) => {
package/dist/runtime/server/plugins/add-response-headers.d.ts ADDED
@@ -0,0 +1,11 @@
1
+ /**
2
+ * Nitro plugin that adds Shopify-required response headers to every document request.
3
+ *
4
+ * Mirrors the behaviour of Shopify's official `addDocumentResponseHeaders`:
5
+ * - `Content-Security-Policy`: frame-ancestors scoped to the requesting shop
6
+ * - `Link`: preconnect / preload hints for App Bridge + Polaris CDN assets
7
+ *
8
+ * @see https://github.com/Shopify/shopify-app-js/blob/main/packages/apps/shopify-app-react-router/src/server/authenticate/helpers/add-response-headers.ts
9
+ */
10
+ declare const _default: import("nitropack/types").NitroAppPlugin;
11
+ export default _default;
package/dist/runtime/server/plugins/add-response-headers.js ADDED
@@ -0,0 +1,31 @@
1
+ import { defineNitroPlugin } from "nitropack/runtime";
2
+ import { getQuery, setResponseHeader } from "h3";
3
+ const APP_BRIDGE_URL = "https://cdn.shopify.com/shopifycloud/app-bridge.js";
4
+ const POLARIS_URL = "https://cdn.shopify.com/shopifycloud/polaris.js";
5
+ const CDN_URL = "https://cdn.shopify.com";
6
+ export default defineNitroPlugin((nitroApp) => {
7
+ nitroApp.hooks.hook("request", (event) => {
8
+ const query = getQuery(event);
9
+ const shop = typeof query.shop === "string" ? query.shop : void 0;
10
+ if (shop) {
11
+ setResponseHeader(
12
+ event,
13
+ "Link",
14
+ `<${CDN_URL}>; rel="preconnect", <${APP_BRIDGE_URL}>; rel="preload"; as="script", <${POLARIS_URL}>; rel="preload"; as="script"`
15
+ );
16
+ }
17
+ if (shop) {
18
+ setResponseHeader(
19
+ event,
20
+ "Content-Security-Policy",
21
+ `frame-ancestors https://${shop} https://admin.shopify.com https://*.spin.dev https://admin.myshopify.io https://admin.shop.dev;`
22
+ );
23
+ } else {
24
+ setResponseHeader(
25
+ event,
26
+ "Content-Security-Policy",
27
+ `frame-ancestors https://*.myshopify.com https://admin.shopify.com https://*.spin.dev https://admin.myshopify.io https://admin.shop.dev;`
28
+ );
29
+ }
30
+ });
31
+ });
package/dist/runtime/server/plugins/shopify-defaults.d.ts CHANGED
@@ -4,5 +4,5 @@
4
4
  * If the user calls `configureShopify()` in their own server plugin,
5
5
  * it will override these defaults (configureShopify resets cached singletons).
6
6
  */
7
- declare const _default: any;
7
+ declare const _default: import("nitropack/types").NitroAppPlugin;
8
8
  export default _default;
package/dist/runtime/server/plugins/shopify-defaults.js CHANGED
@@ -1,3 +1,4 @@
1
+ import { defineNitroPlugin } from "nitropack/runtime";
1
2
  import { MemorySessionStorage } from "@shopify/shopify-app-session-storage-memory";
2
3
  import { configureShopify, getResolvedConfig } from "../services/shopify.js";
3
4
  export default defineNitroPlugin(() => {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "shopify-nuxt",
3
- "version": "0.0.7",
3
+ "version": "0.0.8",
4
4
  "description": "Shopify app integration for Nuxt - authentication, webhooks, billing, and App Bridge",
5
5
  "repository": "kiriminaja/shopify-nuxt",
6
6
  "license": "MIT",