Skip to content
This repository has been archived by the owner on Apr 5, 2024. It is now read-only.

Commit

Permalink
fix: csp config
Browse files Browse the repository at this point in the history
  • Loading branch information
@maxgfr
maxgfr committed Mar 18, 2022
1 parent 4a8a518 commit 3d1959c
Show file tree
Hide file tree
Showing 11 changed files with 58 additions and 24 deletions.
13 changes: 13 additions & 0 deletions csp.config.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
const ContentSecurityPolicy = `
default-src 'self' *.fabrique.social.gouv.fr;
img-src 'self' data: *.fabrique.social.gouv.fr https://dummyimage.com/;
script-src 'self' *.fabrique.social.gouv.fr ${
process.env.NODE_ENV !== "production" && "'unsafe-eval'"
};
frame-src 'self' *.fabrique.social.gouv.fr;
style-src 'self' 'unsafe-inline';
font-src 'self' data: blob:;
prefetch-src 'self' *.fabrique.social.gouv.fr;
`;

module.exports = ContentSecurityPolicy;
16 changes: 16 additions & 0 deletions next-seo.config.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
import ContentSecurityPolicy from "./csp.config";

export default {
additionalLinkTags: [
{
rel: "icon",
href: "/favicon.ico",
},
],
additionalMetaTags: [
{
httpEquiv: "Content-Security-Policy",
content: ContentSecurityPolicy.replace(/\n/g, " ").trim(),
},
],
};
12 changes: 1 addition & 11 deletions next.config.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,17 +2,7 @@ const { withSentryConfig } = require("@sentry/nextjs");

const { version } = require("./package.json");

const ContentSecurityPolicy = `
default-src 'self' *.fabrique.social.gouv.fr;
img-src 'self' data: *.fabrique.social.gouv.fr https://dummyimage.com/;
script-src 'self' *.fabrique.social.gouv.fr ${
process.env.NODE_ENV !== "production" && "'unsafe-eval'"
};
frame-src 'self' *.fabrique.social.gouv.fr;
style-src 'self' 'unsafe-inline';
font-src 'self' data: blob:;
prefetch-src 'self' *.fabrique.social.gouv.fr;
`;
const ContentSecurityPolicy = require("./csp.config");

/** @type {import('next').NextConfig} */
const moduleExports = {
Expand Down
1 change: 1 addition & 0 deletions src/pages/_app.tsx
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import "@gouvfr/dsfr/dist/dsfr/dsfr.min.css";
import "../../next-seo.config";
import type { AppProps } from "next/app";
import { Layout } from "@components";
import {
Expand Down
18 changes: 16 additions & 2 deletions src/pages/cgu.tsx
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
import { MentionPart } from "@components";
import type { NextPage } from "next";
import { NextSeo } from "next-seo";
import { DefaultSeo } from "next-seo";
import React from "react";

const Cgu: NextPage = () => {
return (
<>
<NextSeo
<DefaultSeo
title="Template | Conditions générales d'utilisation"
description="Conditions générales d'utilisation de l'application template."
additionalLinkTags={[
Expand All @@ -15,6 +15,20 @@ const Cgu: NextPage = () => {
href: "/favicon.ico",
},
]}
additionalMetaTags={[
{
property: "dc:creator",
content: "Jane Doe",
},
{
name: "application-name",
content: "DefaultSeo",
},
{
httpEquiv: "x-ua-compatible",
content: "IE=edge; chrome=1",
},
]}
/>
<div className="fr-container fr-my-6w">
<h1>Conditions générales d&apos;utilisation</h1>
Expand Down
4 changes: 2 additions & 2 deletions src/pages/healthz.tsx
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
import type { NextPage } from "next";
import { NextSeo } from "next-seo";
import { DefaultSeo } from "next-seo";
import React from "react";

const HealthZ: NextPage = () => {
return (
<>
<NextSeo
<DefaultSeo
title="Template | HealthZ"
description="Page healthZ de l'application Template."
additionalLinkTags={[
Expand Down
4 changes: 2 additions & 2 deletions src/pages/index.tsx
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,12 @@
import { Head, Testimonial, Tile } from "@components";
import { Row } from "@dataesr/react-dsfr";
import type { NextPage } from "next";
import { NextSeo } from "next-seo";
import { DefaultSeo } from "next-seo";

const Index: NextPage = () => {
return (
<>
<NextSeo
<DefaultSeo
title="Template"
description="Template de la fabrique des ministères sociaux."
additionalLinkTags={[
Expand Down
4 changes: 2 additions & 2 deletions src/pages/mention-legales.tsx
View file
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
import { MentionPart } from "@components";
import { Title } from "@dataesr/react-dsfr";
import type { NextPage } from "next";
import { NextSeo } from "next-seo";
import { DefaultSeo } from "next-seo";
import React from "react";

const LegalMention: NextPage = () => {
return (
<>
<NextSeo
<DefaultSeo
title="Template | Mention légales"
description="Mentions légales de l'application template."
additionalLinkTags={[
Expand Down
4 changes: 2 additions & 2 deletions src/pages/politique-confidentialite.tsx
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
import { Table } from "@dataesr/react-dsfr";
import type { NextPage } from "next";
import { NextSeo } from "next-seo";
import { DefaultSeo } from "next-seo";
import React from "react";

const URL = [
Expand All @@ -13,7 +13,7 @@ const URL = [
const Confidentiality: NextPage = () => {
return (
<>
<NextSeo
<DefaultSeo
title="Template | Politique de confidentialité"
description="Politique de confidentialité de l'application template."
additionalLinkTags={[
Expand Down
4 changes: 2 additions & 2 deletions src/pages/stats.tsx
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import { StatsTile } from "@components";
import { fetchMatomoData, MatomoResult } from "@lib";
import type { NextPage } from "next";
import { NextSeo } from "next-seo";
import { DefaultSeo } from "next-seo";
import React, { useEffect } from "react";

const Stats: NextPage = () => {
Expand All @@ -19,7 +19,7 @@ const Stats: NextPage = () => {
}, []);
return (
<>
<NextSeo
<DefaultSeo
title="Template | Statistiques d'utilisation"
description="Statistiques d'utilisation de l'application template."
additionalLinkTags={[
Expand Down
2 changes: 1 addition & 1 deletion tsconfig.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
"@lib": ["./src/lib"]
}
},
"include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", "jest-setup.ts"],
"include": ["next-env.d.ts", "**/*.ts", "**/*.tsx"],
"exclude": [
"node_modules",
"next-sitemap.js",
Expand Down

0 comments on commit 3d1959c

Please sign in to comment.