diff --git a/.gitignore b/.gitignore index c877d7bbea..0f42fa2c37 100644 --- a/.gitignore +++ b/.gitignore @@ -53,4 +53,5 @@ yarn-error.log* /playwright/envs.js /playwright/affected-tests.txt -**.dec** \ No newline at end of file +**.dec** +.idea diff --git a/middleware.ts b/middleware.ts index 17648c82f8..e785f29b46 100644 --- a/middleware.ts +++ b/middleware.ts @@ -1,10 +1,10 @@ import type { NextRequest } from 'next/server'; import { NextResponse } from 'next/server'; -import generateCspPolicy from 'nextjs/csp/generateCspPolicy'; +// import generateCspPolicy from 'nextjs/csp/generateCspPolicy'; import * as middlewares from 'nextjs/middlewares/index'; -const cspPolicy = generateCspPolicy(); +// const cspPolicy = generateCspPolicy(); export function middleware(req: NextRequest) { const isPageRequest = req.headers.get('accept')?.includes('text/html'); @@ -21,7 +21,7 @@ export function middleware(req: NextRequest) { const end = Date.now(); const res = NextResponse.next(); - res.headers.append('Content-Security-Policy', cspPolicy); + // res.headers.append('Content-Security-Policy', cspPolicy); res.headers.append('Server-Timing', `middleware;dur=${ end - start }`); res.headers.append('Docker-ID', process.env.HOSTNAME || ''); diff --git a/nextjs/csp/generateCspPolicy.ts b/nextjs/csp/generateCspPolicy.ts index bf7b1236ef..b1f659bfd9 100644 --- a/nextjs/csp/generateCspPolicy.ts +++ b/nextjs/csp/generateCspPolicy.ts @@ -15,6 +15,7 @@ function generateCspPolicy() { descriptors.safe(), descriptors.sentry(), descriptors.walletConnect(), + descriptors.vercel(), ); return makePolicyString(policyDescriptor); diff --git a/nextjs/csp/policies/index.ts b/nextjs/csp/policies/index.ts index af8e24b2db..886a710e66 100644 --- a/nextjs/csp/policies/index.ts +++ b/nextjs/csp/policies/index.ts @@ -10,3 +10,4 @@ export { monaco } from './monaco'; export { safe } from './safe'; export { sentry } from './sentry'; export { walletConnect } from './walletConnect'; +export { vercel } from './vercel'; diff --git a/nextjs/csp/policies/vercel.ts b/nextjs/csp/policies/vercel.ts new file mode 100644 index 0000000000..7dd6907dba --- /dev/null +++ b/nextjs/csp/policies/vercel.ts @@ -0,0 +1,11 @@ +import type CspDev from 'csp-dev'; + +export function vercel(): CspDev.DirectiveDescriptor { + return { + 'script-src': [ 'https://vercel.live', 'https://vercel.com', 'https://va.vercel-scripts.com' ], + 'font-src': [ 'https://assets.vercel.com' ], + 'img-src': [ 'https://*.vercel.com', 'https://vercel.com' ], + 'connect-src': [ 'https://vitals.vercel-insights.com', 'https://vercel.live' ], + 'frame-src': [ 'https://vercel.live' ], + }; +} diff --git a/package.json b/package.json index 1d4db0acbd..840bf7a1db 100644 --- a/package.json +++ b/package.json @@ -4,13 +4,13 @@ "private": false, "homepage": "https://github.com/blockscout/frontend#readme", "engines": { - "node": "20.11.0", + "node": "20.x", "npm": "10.2.4" }, "scripts": { "dev": "./tools/scripts/dev.sh", "dev:preset": "./tools/scripts/dev.preset.sh", - "build": "next build", + "build": "./tools/scripts/build-fix.sh", "build:docker": "docker build --build-arg GIT_COMMIT_SHA=$(git rev-parse --short HEAD) --build-arg GIT_TAG=$(git describe --tags --abbrev=0) -t blockscout-frontend:local ./", "start": "next start", "start:docker:local": "docker run -p 3000:3000 --env-file .env.local blockscout-frontend:local", diff --git a/tools/scripts/build-fix.sh b/tools/scripts/build-fix.sh new file mode 100755 index 0000000000..e624c2ea34 --- /dev/null +++ b/tools/scripts/build-fix.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +# download assets for the running instance +dotenv \ + -e .env.development.local \ + -e .env.local \ + -e .env.development \ + -e .env \ + -- bash -c './deploy/scripts/download_assets.sh ./public/assets' + +yarn svg:build-sprite +echo "" + +# generate envs.js file and run the app +dotenv \ + -v NEXT_PUBLIC_GIT_COMMIT_SHA=1b10d15f \ + -v NEXT_PUBLIC_GIT_TAG=v1.25.0-alpha.2 \ + -e .env.secrets \ + -e .env.development.local \ + -e .env.local \ + -e .env.development \ + -e .env \ + -- bash -c './deploy/scripts/make_envs_script.sh && next build' | +pino-pretty