Commit 7a1031f4d3dbd2c1cf4ca8a0054447b2e88c2e3b
1 parent
c15bd7d4
chore: add "VITE_CONTENT_SECURITY_POLICY" configure feild to usage switch http or https protocol
Showing
5 changed files
with
11 additions
and
2 deletions
| @@ -35,3 +35,6 @@ VITE_GLOB_API_URL_PREFIX=/yt | @@ -35,3 +35,6 @@ VITE_GLOB_API_URL_PREFIX=/yt | ||
| 35 | #configuration | 35 | #configuration |
| 36 | VITE_GLOB_CONFIGURATION = /thingskit-drawio | 36 | VITE_GLOB_CONFIGURATION = /thingskit-drawio |
| 37 | 37 | ||
| 38 | +# Content Security Policy | ||
| 39 | +VITE_CONTENT_SECURITY_POLICY = true | ||
| 40 | + |
| @@ -43,3 +43,5 @@ VITE_WEB_SOCKET = wss://dev.thingskit.com/api/ws/plugins/telemetry?token= | @@ -43,3 +43,5 @@ VITE_WEB_SOCKET = wss://dev.thingskit.com/api/ws/plugins/telemetry?token= | ||
| 43 | #configuration | 43 | #configuration |
| 44 | VITE_GLOB_CONFIGURATION = http://localhost:3000 | 44 | VITE_GLOB_CONFIGURATION = http://localhost:3000 |
| 45 | 45 | ||
| 46 | +# Content Security Policy | ||
| 47 | +VITE_CONTENT_SECURITY_POLICY = true |
| @@ -10,7 +10,7 @@ import pkg from '../../../package.json'; | @@ -10,7 +10,7 @@ import pkg from '../../../package.json'; | ||
| 10 | import { GLOB_CONFIG_FILE_NAME } from '../../constant'; | 10 | import { GLOB_CONFIG_FILE_NAME } from '../../constant'; |
| 11 | 11 | ||
| 12 | export function configHtmlPlugin(env: ViteEnv, isBuild: boolean) { | 12 | export function configHtmlPlugin(env: ViteEnv, isBuild: boolean) { |
| 13 | - const { VITE_GLOB_APP_TITLE, VITE_PUBLIC_PATH } = env; | 13 | + const { VITE_GLOB_APP_TITLE, VITE_PUBLIC_PATH, VITE_CONTENT_SECURITY_POLICY } = env; |
| 14 | 14 | ||
| 15 | const path = VITE_PUBLIC_PATH.endsWith('/') ? VITE_PUBLIC_PATH : `${VITE_PUBLIC_PATH}/`; | 15 | const path = VITE_PUBLIC_PATH.endsWith('/') ? VITE_PUBLIC_PATH : `${VITE_PUBLIC_PATH}/`; |
| 16 | 16 | ||
| @@ -24,6 +24,9 @@ export function configHtmlPlugin(env: ViteEnv, isBuild: boolean) { | @@ -24,6 +24,9 @@ export function configHtmlPlugin(env: ViteEnv, isBuild: boolean) { | ||
| 24 | // Inject data into ejs template | 24 | // Inject data into ejs template |
| 25 | injectData: { | 25 | injectData: { |
| 26 | title: VITE_GLOB_APP_TITLE, | 26 | title: VITE_GLOB_APP_TITLE, |
| 27 | + contentSecurityPolicy: VITE_CONTENT_SECURITY_POLICY | ||
| 28 | + ? `<meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests" />` | ||
| 29 | + : '', | ||
| 27 | }, | 30 | }, |
| 28 | // Embed the generated app.config.js file | 31 | // Embed the generated app.config.js file |
| 29 | tags: isBuild | 32 | tags: isBuild |
| 1 | <!DOCTYPE html> | 1 | <!DOCTYPE html> |
| 2 | <html lang="en" id="htmlRoot"> | 2 | <html lang="en" id="htmlRoot"> |
| 3 | <head> | 3 | <head> |
| 4 | - <meta http-equiv="Content-Security-Policy" content="upgrade-insecure-requests" /> | 4 | + <%- contentSecurityPolicy %> |
| 5 | <meta charset="UTF-8" /> | 5 | <meta charset="UTF-8" /> |
| 6 | <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> | 6 | <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" /> |
| 7 | <meta name="renderer" content="webkit" /> | 7 | <meta name="renderer" content="webkit" /> |
| @@ -71,6 +71,7 @@ declare global { | @@ -71,6 +71,7 @@ declare global { | ||
| 71 | VITE_LEGACY: boolean; | 71 | VITE_LEGACY: boolean; |
| 72 | VITE_USE_IMAGEMIN: boolean; | 72 | VITE_USE_IMAGEMIN: boolean; |
| 73 | VITE_GENERATE_UI: string; | 73 | VITE_GENERATE_UI: string; |
| 74 | + VITE_CONTENT_SECURITY_POLICY: boolean; | ||
| 74 | } | 75 | } |
| 75 | 76 | ||
| 76 | declare function parseInt(s: string | number, radix?: number): number; | 77 | declare function parseInt(s: string | number, radix?: number): number; |