regalijan/car-crushers-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove CSP

Browse Source
This commit is contained in:
regalijan 2023-10-19 16:49:35 -04:00
parent ee68c1b13d
commit c97029e510
Signed by: regalijan
GPG Key ID: 5D4196DA269EF520
4 changed files with 7 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
app/createEmotionCache.ts
View File

@ -1,10 +1,10 @@
import createCache from "@emotion/cache"; import createCache from "@emotion/cache";
export default function createEmotionCache(nonce?: string) { export default function createEmotionCache() {
// The browser throws when calling .default, but the server throws if we don't call .default // The browser throws when calling .default, but the server throws if we don't call .default
// Of course! // Of course!
return typeof document === "undefined" return typeof document === "undefined"
? createCache.default({ key: "cha", nonce }) ? createCache.default({ key: "cha" })
: // @ts-expect-error : // @ts-expect-error
createCache({ key: "cha", nonce }); createCache({ key: "cha" });
} }

8
app/entry.client.tsx
View File

@ -16,14 +16,10 @@ Sentry.init({
}); });
function ClientCacheProvider({ children }: { children: ReactNode }) { function ClientCacheProvider({ children }: { children: ReactNode }) {
const nonce = const [cache, setCache] = useState(createEmotionCache());
document
.querySelector("meta[name='style-nonce']")
?.getAttribute("content") || undefined;
const [cache, setCache] = useState(createEmotionCache(nonce));
function reset() { function reset() {
setCache(createEmotionCache(nonce)); setCache(createEmotionCache());
} }
return ( return (

4
app/entry.server.tsx
View File

@ -10,9 +10,9 @@ export default function handleRequest(
request: Request, request: Request,
responseStatusCode: number, responseStatusCode: number,
responseHeaders: Headers, responseHeaders: Headers,
remixContext: EntryContext & RequestContext remixContext: EntryContext
) { ) {
const cache = createEmotionCache(remixContext.data.nonce); const cache = createEmotionCache();
const { extractCriticalToChunks } = createEmotionServer(cache); const { extractCriticalToChunks } = createEmotionServer(cache);
const html = renderToString( const html = renderToString(
<ServerStyleContext.Provider value={null}> <ServerStyleContext.Provider value={null}>

23
functions/_middleware.ts
View File

@ -78,8 +78,6 @@ async function setBody(context: RequestContext) {
} }
async function setHeaders(context: RequestContext) { async function setHeaders(context: RequestContext) {
const nonce = crypto.randomUUID().replace(/-/g, "");
context.data.nonce = nonce;
const response = await context.next(); const response = await context.next();
const rtvValues = [ const rtvValues = [
@ -101,27 +99,6 @@ async function setHeaders(context: RequestContext) {
); );
response.headers.set("X-XSS-Protection", "1; mode=block"); response.headers.set("X-XSS-Protection", "1; mode=block");
const policies = {
"connect-src": ["https://*.ingest.sentry.io", "'self'"],
"default-src": ["'self'"],
"frame-src": ["https://challenges.cloudflare.com"],
"img-src": [
"https://cdn.discordapp.com/avatars/*",
"https://tr.rbxcdn.com",
"'self'",
],
"media-src": ["https://mediaproxy.carcrushers.cc"],
"script-src": ["https://challenges.cloudflare.com", "'self'"],
"style-src": [`nonce-${nonce}`, "'self'"],
};
const directives = [];
for (const [k, v] of Object.entries(policies))
directives.push(`${k} ${v.join(" ")}`);
response.headers.set("Content-Security-Policy", directives.join("; "));
return response; return response;
} }