Skip to content

Commit

Permalink
fix: CSP causing scripts not to load correctly
Browse files Browse the repository at this point in the history
  • Loading branch information
@ruchernchong
ruchernchong committed Dec 1, 2024
1 parent 068684b commit c4f07b0
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 4 deletions.
5 changes: 3 additions & 2 deletions config/index.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,9 @@ export interface NavLink {
href: string;
}

export const BASE_URL: string =
process.env.NEXT_PUBLIC_BASE_URL || "https://ruchern.dev";
export const DOMAIN_NAME = "ruchern.dev";
export const BASE_URL =
process.env.NEXT_PUBLIC_BASE_URL || `https://${DOMAIN_NAME}`;

export const navLinks: NavLink[] = [
// { title: "Blog", href: "/blog" },
Expand Down
5 changes: 3 additions & 2 deletions middleware.ts
View file
Original file line number Diff line number Diff line change
@@ -1,12 +1,13 @@
import { NextRequest, NextResponse } from "next/server";
import { DOMAIN_NAME } from "@/config";

export const middleware = (request: NextRequest) => {
const nonce = Buffer.from(crypto.randomUUID()).toString("base64");

const cspHeader = `
default-src 'self';
script-src 'self' 'nonce-${nonce}' 'strict-dynamic';
style-src 'self' 'nonce-${nonce}';
script-src 'self' 'unsafe-inline' *.${DOMAIN_NAME} *.vercel-scripts.com *.googletagmanager.com;
style-src 'self' 'unsafe-inline';
img-src 'self' blob: data:;
font-src 'self';
object-src 'none';
Expand Down

0 comments on commit c4f07b0

Please sign in to comment.