diff options
| author | Serghei Iakovlev <egrep@protonmail.ch> | 2022-07-09 12:15:15 +0200 |
|---|---|---|
| committer | Serghei Iakovlev <egrep@protonmail.ch> | 2022-07-09 13:23:25 +0200 |
| commit | b3c39de2e5265cb81d0268d08c0cd4cb47a93f0d (patch) | |
| tree | 26582d034e4e3449c403fe5e0b9a80283dec2948 | |
| parent | d13879fd26c04fe6bc5c871d79dc3fee11d4a7a2 (diff) | |
| download | gohugo-theme-ed-b3c39de2e5265cb81d0268d08c0cd4cb47a93f0d.tar.gz | |
Update headers for Netlify preview mode
| -rwxr-xr-x | netlify-update-csp-headers.rb | 42 | ||||
| -rw-r--r-- | netlify.toml | 4 |
2 files changed, 44 insertions, 2 deletions
diff --git a/netlify-update-csp-headers.rb b/netlify-update-csp-headers.rb new file mode 100755 index 0000000..5f89c46 --- /dev/null +++ b/netlify-update-csp-headers.rb @@ -0,0 +1,42 @@ +#!/usr/bin/env ruby + +NETLIFY_CONFIG = 'netlify.toml' + +text = File.read(NETLIFY_CONFIG) + +# => default-src 'self'; +# <= default-src 'self' blob:; +text = text.gsub( + /(default-src) ('self')(;)/, + "\\1 \\2 blob:\\3" +) + +# => style-src 'self'; +# <= style-src 'self' 'unsafe-inline'; +text = text.gsub( + /(style-src) ('self')(;)/, + "\\1 \\2 'unsafe-inline'\\3" +) + +# => media-src 'self'; +# <= media-src 'self' blob: https://app.netlify.com; +text = text.gsub( + /(media-src) ('self')(;)/, + "\\1 'self' blob: https://app.netlify.com\\3" +) + +# => frame-src 'none'; +# <= frame-src app.netlify.com; +text = text.gsub( + /(frame-src) ('none')(;)/, + "\\1 app.netlify.com\\3" +) + +# => script-src 'self' *.googletagmanager.com; +# <= script-src 'self' *.googletagmanager.com netlify-cdp-loader.netlify.app; +text = text.gsub( + /(script-src) ('self' \*.googletagmanager.com)(;)/, + "\\1 \\2 netlify-cdp-loader.netlify.app\\3" +) + +File.open(NETLIFY_CONFIG, "w") { |file| file << text } diff --git a/netlify.toml b/netlify.toml index afa9e75..a819a2d 100644 --- a/netlify.toml +++ b/netlify.toml @@ -27,7 +27,7 @@ # Deploy Preview context: all deploys generated from # a pull/merge request will inherit these settings. [context.deploy-preview] - command = 'hugo --source=exampleSite --buildDrafts --buildFuture --baseURL ${DEPLOY_PRIME_URL} --destination ../public' + command = './netlify-update-csp-headers.rb; hugo --source=exampleSite --buildDrafts --buildFuture --baseURL ${DEPLOY_PRIME_URL} --destination ../public' [context.deploy-preview.environment] HUGO_ENV = 'development' @@ -89,7 +89,7 @@ # (including inline scripts and event-handling HTML attributes). Content-Security-Policy = """ default-src 'self'; - script-src 'self' *.netlify.app *.netlify.com *.googletagmanager.com; + script-src 'self' *.googletagmanager.com; style-src 'self'; img-src 'self' data: *.google-analytics.com *.googletagmanager.com *.gstatic.com; font-src 'self'; |