@@ -1067,6 +1067,51 @@ const config = {
10671067 unoptimized : true ,
10681068 } ,
10691069 transpilePackages : [ "@nymproject/contract-clients" ] ,
1070+ async headers ( ) {
1071+ const isDev = process . env . NODE_ENV === "development" ;
1072+ const csp = isDev
1073+ ? `
1074+ default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *;
1075+ script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob: *;
1076+ font-src 'self' data: blob: *;
1077+ style-src 'self' 'unsafe-inline' data: blob: *;
1078+ img-src 'self' data: blob: *;
1079+ object-src 'self' data: blob: *;
1080+ base-uri 'self';
1081+ form-action 'self';
1082+ frame-ancestors 'self';
1083+ upgrade-insecure-requests;
1084+ connect-src 'self' data: blob: *;
1085+ frame-src 'self' data: blob: *;
1086+ worker-src 'self' blob: *;
1087+ `
1088+ : `
1089+ default-src 'self';
1090+ script-src 'self' 'unsafe-inline' 'unsafe-eval' https://vercel.live *.nymtech.net *.nymvpn.com *.vercel.app *.nymte.ch *.nyx.network *.nym.com https://nym.com nymvpn.com https://nymvpn.com *.nymtech.cc;
1091+ font-src 'self' data:;
1092+ style-src 'self' 'unsafe-inline';
1093+ img-src 'self';
1094+ object-src 'none';
1095+ base-uri 'self';
1096+ form-action 'self';
1097+ frame-ancestors 'none';
1098+ upgrade-insecure-requests;
1099+ connect-src 'self' https://github.com *.vercel.app *.nymtech.net *.nymvpn.com *.nymte.ch *.nyx.network *.nym.com https://nym.com nymvpn.com https://nymvpn.com *.nymtech.cc;
1100+ frame-src 'self' https://vercel.live *.vercel.app *.nym.com https://nym.com;
1101+ worker-src 'self' blob: https://vercel.live *.vercel.app *.nym.com https://nym.com;
1102+ ` ;
1103+ return [
1104+ {
1105+ source : '/(.*)' ,
1106+ headers : [
1107+ {
1108+ key : 'Content-Security-Policy' ,
1109+ value : csp . replace ( / \s { 2 , } / g, " " ) . trim ( ) ,
1110+ }
1111+ ]
1112+ }
1113+ ]
1114+ }
10701115} ;
10711116
10721117module . exports = config ;
0 commit comments