chore: Allow more sources in CSP headers (#1463)

codemod-com · Jan 24, 2025 · f154b33 · f154b33
1 parent 72894c0
commit f154b33
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 5 deletions.
diff --git a/apps/frontend/middleware.ts b/apps/frontend/middleware.ts
@@ -48,8 +48,11 @@ export async function middleware(request: NextRequest) {
     return res;
   }
 
-  const codehikeUrl =
-    "https://lighter.codehike.org/grammars/tsx.json https://lighter.codehike.org/grammars/json.json";
+  const codehikeUrls =
+    "https://lighter.codehike.org/grammars/tsx.json https://lighter.codehike.org/grammars/json.json https://lighter.codehike.org/themes/github-dark.json https://lighter.codehike.org/themes/github-light.json";
+
+  const analyticsUrls =
+    "https://*.google-analytics.com https://*.googletagmanager.com https://*.doubleclick.net https://www.google.com https://googleads.g.doubleclick.net https://td.doubleclick.net";
 
   if (
     !request.nextUrl.pathname.startsWith("/api") &&
@@ -61,9 +64,9 @@ export async function middleware(request: NextRequest) {
     const nonce = Buffer.from(crypto.randomUUID()).toString("base64");
     const cspHeader = `
         default-src 'self';
-        script-src 'self' 'unsafe-eval' 'unsafe-inline' https://summary-walrus-25.clerk.accounts.dev https://clerk.codemod.com https://vercel.live https://cdn.jsdelivr.net https://www.googletagmanager.com https://challenges.cloudflare.com/;
-		    frame-src https://challenges.cloudflare.com/ https://vercel.live ${codehikeUrl};
-        connect-src *.google-analytics.com https://clerk.codemod.com https://api.short.io https://backend.codemod.com https://codemod.com https://vitals.vercel-insights.com https://summary-walrus-25.clerk.accounts.dev https://*.vercel.app https://vercel.live wss://backend.codemod.com wss://*.api.sanity.io ${codehikeUrl};
+        script-src 'self' 'unsafe-eval' 'unsafe-inline' https://summary-walrus-25.clerk.accounts.dev https://clerk.codemod.com https://vercel.live https://cdn.jsdelivr.net https://www.googletagmanager.com https://challenges.cloudflare.com/ https://*.doubleclick.net https://googleads.g.doubleclick.net;
+        frame-src https://challenges.cloudflare.com/ https://vercel.live ${codehikeUrls} https://*.doubleclick.net https://www.googletagmanager.com;
+        connect-src *.google-analytics.com https://clerk.codemod.com https://api.short.io https://backend.codemod.com https://codemod.com https://vitals.vercel-insights.com https://summary-walrus-25.clerk.accounts.dev https://*.vercel.app https://vercel.live wss://backend.codemod.com wss://*.api.sanity.io ${codehikeUrls} ${analyticsUrls};
         style-src 'self' 'unsafe-inline' https://vercel.live;
         img-src 'self' blob: data: https://*.google-analytics.com https://*.googletagmanager.com https://img.clerk.com https://cdn.sanity.io https://image.mux.com https://vercel.com;
         font-src 'self';

diff --git a/apps/frontend/next.config.mjs b/apps/frontend/next.config.mjs
@@ -44,6 +44,7 @@ const config = {
       },
     };
   },
+  productionBrowserSourceMaps: true,
   images: {
     remotePatterns: [{ hostname: "cdn.sanity.io" }],
   },
-Original file line number
+Diff line change
@@ Expand Up / @@ -44,6 +44,7 @@ const config = { @@
           },
         };
       },
+      productionBrowserSourceMaps: true,
       images: {
         remotePatterns: [{ hostname: "cdn.sanity.io" }],
       },
@@ Expand Down @@