Zengtudor
/
Nuxt
mirror of https://github.com/nuxt/nuxt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(webpack): use non-eval sourcemap with csp and `unsafe-eval` script policy (#7305)

This commit is contained in:
Xin Du (Clark) 2020-05-03 20:10:09 +01:00 committed by GitHub
parent 2bd2c3853d
commit c2c7081dc2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
packages/webpack/src/config/client.js
View File

@ -20,7 +20,14 @@ export default class WebpackClientConfig extends WebpackBaseConfig {
}
get devtool () {
return this.dev ? 'cheap-module-eval-source-map' : false
if (!this.dev) {
return false
}
const scriptPolicy = this.getCspScriptPolicy()
const noUnsafeEval = scriptPolicy && !scriptPolicy.includes('\'unsafe-eval\'')
return noUnsafeEval
? 'cheap-module-source-map'
: 'cheap-module-eval-source-map'
}
getCspScriptPolicy () {