Zengtudor/Nuxt
1
0
Fork 0
mirror of https://github.com/nuxt/nuxt.git synced 2024-11-11 08:33:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

minor improvements for #2608

Browse Source
This commit is contained in:
Pooya Parsa 2018-01-16 18:41:17 +03:30
parent 5ebf60f2a1
commit 95c85bba62
3 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/common/options.js
View File

@ -306,7 +306,9 @@ Options.defaults = {
weak: false
},
csp: {
allowedSouces: []
enabled: false,
hashAlgorithm: 'sha256',
allowedSources: []
}
},
watchers: {

7
lib/core/middleware/nuxt.js
View File

@ -67,11 +67,12 @@ module.exports = async function nuxtMiddleware(req, res, next) {
res.setHeader('Link', pushAssets.join(','))
}
if (this.options.render.csp.hashAlgorithm) {
let allowedSources = cspScriptSrcHashes.concat(this.options.render.csp.allowedSources)
if (this.options.render.csp && this.options.render.csp.enabled) {
const allowedSources = cspScriptSrcHashes.concat(this.options.render.csp.allowedSources)
res.setHeader(
'Content-Security-Policy',
`script-src 'self' ${(allowedSources || []).join(' ')}`
`script-src 'self' ${(allowedSources).join(' ')}`
)
}

7
lib/core/renderer.js
View File

@ -357,11 +357,12 @@ module.exports = class Renderer {
HEAD += context.renderResourceHints()
}
let serializedSession = `window.__NUXT__=${serialize(context.nuxt, {
const serializedSession = `window.__NUXT__=${serialize(context.nuxt, {
isJSON: true
})};`
let cspScriptSrcHashes = []
if (this.options.render.csp.hashAlgorithm) {
const cspScriptSrcHashes = []
if (this.options.render.csp && this.options.render.csp.enabled) {
let hash = crypto.createHash(this.options.render.csp.hashAlgorithm)
hash.update(serializedSession)
cspScriptSrcHashes.push(