You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
61 lines
1.2 KiB
61 lines
1.2 KiB
/** @type {import('next').NextConfig} */
|
|
|
|
const { version } = require('./package.json')
|
|
|
|
const isDev = process.env.NODE_ENV !== 'production'
|
|
|
|
const securityHeaders = [
|
|
{
|
|
key: 'X-XSS-Protection',
|
|
value: '1; mode=block',
|
|
},
|
|
{
|
|
key: 'X-Frame-Options',
|
|
value: 'DENY',
|
|
},
|
|
{
|
|
key: 'X-Content-Type-Options',
|
|
value: 'nosniff',
|
|
},
|
|
{
|
|
key: 'Referrer-Policy',
|
|
value: 'strict-origin-when-cross-origin',
|
|
},
|
|
// Note, causes a problem for firefox: https://github.com/MetaMask/metamask-extension/issues/3133
|
|
{
|
|
key: 'Content-Security-Policy',
|
|
value: `default-src 'self'; script-src 'self'${
|
|
isDev ? " 'unsafe-eval'" : ''
|
|
}; connect-src *; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; base-uri 'self'; form-action 'self'`,
|
|
},
|
|
]
|
|
|
|
const nextConfig = {
|
|
async headers() {
|
|
return [
|
|
{
|
|
source: '/(.*)',
|
|
headers: securityHeaders,
|
|
},
|
|
]
|
|
},
|
|
|
|
// TODO consider restricting image sources
|
|
images: {
|
|
remotePatterns: [
|
|
{
|
|
protocol: "https",
|
|
hostname: "**",
|
|
},
|
|
],
|
|
},
|
|
|
|
env: {
|
|
NEXT_PUBLIC_VERSION: version,
|
|
},
|
|
|
|
reactStrictMode: true,
|
|
swcMinify: true,
|
|
}
|
|
|
|
module.exports = nextConfig |