-
Notifications
You must be signed in to change notification settings - Fork 18
/
Copy pathnext.config.js
116 lines (110 loc) · 2.89 KB
/
next.config.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
/** @type {import('next').NextConfig} */
const nextTranslate = require('next-translate-plugin')
const dev = process.env.NODE_ENV !== 'production'
const plausible = 'https://plausible.io'
const connectSrc = dev
? `'self' ${plausible} ws://localhost:3000`
: `'self' ${plausible}`
const scriptSrc = dev
? `'self' 'unsafe-inline' 'unsafe-eval' ${plausible}`
: `'self' 'unsafe-eval' ${plausible}`
const cspHeaders = [
{
key: 'Access-Control-Allow-Origin',
value:
'https://string.test https://staging.string.is https://www.string.is',
},
{
key: 'Content-Security-Policy',
value:
`base-uri 'none'; ` +
`connect-src ${connectSrc}; ` +
`default-src 'none'; ` +
`font-src 'none'; ` +
`form-action 'none'; ` +
`frame-ancestors 'none'; ` +
`img-src 'self'; ` +
`manifest-src 'self'; ` +
`script-src ${scriptSrc}; ` +
`script-src-elem ${scriptSrc} ${plausible}; ` +
`style-src 'self' 'unsafe-inline';`,
},
{
key: 'Permissions-Policy',
value:
'autoplay=(), camera=(), fullscreen=(self), geolocation=(), microphone=(), payment=(), usb=()',
},
{
key: 'Strict-Transport-Security',
value: 'max-age=15768000; includeSubDomains',
},
{
key: 'Referrer-Policy',
value: 'same-origin',
},
{
key: 'X-Content-Type-Options',
value: 'nosniff',
},
{
key: 'X-Download-Options',
value: 'noopen',
},
{
key: 'X-Frame-Options',
value: 'DENY',
},
{
key: 'X-Permitted-Cross-Domain-Policies',
value: 'none',
},
{
key: 'X-XSS-Protection',
value: '1; mode=block',
},
]
const headers = async () => {
return [
{
headers: cspHeaders,
source: '/',
},
{
headers: cspHeaders,
source: '/(.*?)',
},
{
headers: [
{
key: 'Cache-Control',
value: 'public, max-age=600, must-revalidate',
},
],
source: '/:all*(svg|jpg|png)',
},
]
}
module.exports = nextTranslate({
env: {
CONTACT_EMAIL: '[email protected]',
},
// 'outputStandalone' is needed for docker support. The 'OUTPUT_STANDALONE'
// env-var is set in the Dockerfile.
// See https://github.com/vercel/next.js/tree/canary/examples/with-docker
experimental: process.env.OUTPUT_STANDALONE
? { outputStandalone: true }
: undefined,
headers,
reactStrictMode: true,
webpack: (config, { isServer, webpack }) => {
config.module.rules.push({
test: /\.tsx?$/,
use: ['@compiled/webpack-loader'],
})
return config
},
// To deploy a Next.js application under a sub-path of a domain you can use the basePath config option.
// See https://nextjs.org/docs/app/api-reference/next-config-js/basePath
// Note: basePath must be set at build time and cannot be changed without re-building as the value is inlined in the client-side bundles.
basePath: process.env.NEXT_PUBLIC_BASE_PATH || '',
})