diff options
| -rw-r--r-- | .editorconfig | 2 | ||||
| -rw-r--r-- | .gitattributes | 1 | ||||
| -rw-r--r-- | assets/sass/_mixins.scss | 2 | ||||
| -rw-r--r-- | netlify-pr.go | 66 | ||||
| -rwxr-xr-x | netlify-update-csp-headers.rb | 42 | ||||
| -rw-r--r-- | netlify.toml | 2 |
6 files changed, 70 insertions, 45 deletions
diff --git a/.editorconfig b/.editorconfig index 61dcef4..92e59d5 100644 --- a/.editorconfig +++ b/.editorconfig @@ -18,6 +18,6 @@ indent_size = 2 [layouts/**.{svg}] insert_final_newline = false -[go.{mod,sum}] +[{go.mod,go.sum,*.go}] indent_style = tab indent_size = 4 diff --git a/.gitattributes b/.gitattributes index a4ff553..b5ce235 100644 --- a/.gitattributes +++ b/.gitattributes @@ -71,3 +71,4 @@ netlify.toml text eol=lf .gitmodules export-ignore /.github export-ignore netlify.toml export-ignore +netlify-pr.go export-ignore diff --git a/assets/sass/_mixins.scss b/assets/sass/_mixins.scss index e41e01f..a57f010 100644 --- a/assets/sass/_mixins.scss +++ b/assets/sass/_mixins.scss @@ -218,7 +218,7 @@ $break-desktop: 1600px; $clip-list: join($clip-list, null, space); -webkit-clip-path: $clip-list; - -moz-clip-path: $clip-list; + -moz-clip-path: $clip-list; // editorconfig-checker-disable-line -ms-clip-path: $clip-list; clip-path: $clip-list; } diff --git a/netlify-pr.go b/netlify-pr.go new file mode 100644 index 0000000..afdd292 --- /dev/null +++ b/netlify-pr.go @@ -0,0 +1,66 @@ +package main + +// Path netlify.toml file for Netlify Deploy Preview to allow some +// violation for CSP header. + +import ( + "fmt" + "io/ioutil" + "log" + "regexp" + "strings" +) + +const netlifyConfig = "netlify.toml" + +func main() { + input, err := ioutil.ReadFile(netlifyConfig) + if err != nil { + log.Fatalln(err) + } + + lines := strings.Split(string(input), "\n") + for i, line := range lines { + newStr := line + + // -> default-src 'self'; + // <- default-src 'self' blob:; + reStr := regexp.MustCompile("(default-src) ('self')(;)") + repStr := "${1} ${2} blob:${3}" + newStr = reStr.ReplaceAllString(newStr, repStr) + + // -> style-src 'self'; + // <- style-src 'self' 'unsafe-inline'; + reStr = regexp.MustCompile("(style-src) ('self')(;)") + repStr = "${1} ${2} 'unsafe-inline'${3}" + newStr = reStr.ReplaceAllString(newStr, repStr) + + // -> media-src 'self'; + // <- media-src 'self' blob: https://app.netlify.com; + reStr = regexp.MustCompile("(media-src) ('self')(;)") + repStr = "${1} ${2} blob: https://app.netlify.com${3}" + newStr = reStr.ReplaceAllString(newStr, repStr) + + // -> frame-src 'none'; + // <- frame-src app.netlify.com; + reStr = regexp.MustCompile("(frame-src) ('none')(;)") + repStr = "${1} app.netlify.com${3}" + newStr = reStr.ReplaceAllString(newStr, repStr) + + // -> script-src 'self' *.googletagmanager.com; + // <- script-src 'self' *.googletagmanager.com netlify-cdp-loader.netlify.app; + reStr = regexp.MustCompile(`(script-src) ('self' \*\.googletagmanager.com)(;)`) + repStr = "${1} ${2} netlify-cdp-loader.netlify.app${3}" + newStr = reStr.ReplaceAllString(newStr, repStr) + + lines[i] = newStr + } + + output := strings.Join(lines, "\n") + err = ioutil.WriteFile(netlifyConfig, []byte(output), 0644) + if err != nil { + log.Fatalln(err) + } + + fmt.Println("Done") +} diff --git a/netlify-update-csp-headers.rb b/netlify-update-csp-headers.rb deleted file mode 100755 index 5f89c46..0000000 --- a/netlify-update-csp-headers.rb +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/env ruby - -NETLIFY_CONFIG = 'netlify.toml' - -text = File.read(NETLIFY_CONFIG) - -# => default-src 'self'; -# <= default-src 'self' blob:; -text = text.gsub( - /(default-src) ('self')(;)/, - "\\1 \\2 blob:\\3" -) - -# => style-src 'self'; -# <= style-src 'self' 'unsafe-inline'; -text = text.gsub( - /(style-src) ('self')(;)/, - "\\1 \\2 'unsafe-inline'\\3" -) - -# => media-src 'self'; -# <= media-src 'self' blob: https://app.netlify.com; -text = text.gsub( - /(media-src) ('self')(;)/, - "\\1 'self' blob: https://app.netlify.com\\3" -) - -# => frame-src 'none'; -# <= frame-src app.netlify.com; -text = text.gsub( - /(frame-src) ('none')(;)/, - "\\1 app.netlify.com\\3" -) - -# => script-src 'self' *.googletagmanager.com; -# <= script-src 'self' *.googletagmanager.com netlify-cdp-loader.netlify.app; -text = text.gsub( - /(script-src) ('self' \*.googletagmanager.com)(;)/, - "\\1 \\2 netlify-cdp-loader.netlify.app\\3" -) - -File.open(NETLIFY_CONFIG, "w") { |file| file << text } diff --git a/netlify.toml b/netlify.toml index ad12e64..4f5521d 100644 --- a/netlify.toml +++ b/netlify.toml @@ -27,7 +27,7 @@ # Deploy Preview context: all deploys generated from # a pull/merge request will inherit these settings. [context.deploy-preview] - command = './netlify-update-csp-headers.rb; hugo --source=exampleSite --buildDrafts --buildFuture --baseURL ${DEPLOY_PRIME_URL} --destination ../public' + command = 'go run netlify-pr.go; hugo --source=exampleSite --buildDrafts --buildFuture --baseURL ${DEPLOY_PRIME_URL} --destination ../public' [context.deploy-preview.environment] HUGO_ENV = 'development' |