Files
Webserver/next.config.ts

63 lines
1.5 KiB
TypeScript
Raw Normal View History

2026-02-06 14:10:59 -05:00
import type { NextConfig } from "next";
2026-05-25 09:49:40 -04:00
const isDev = process.env.NODE_ENV === "development";
const contentSecurityPolicy = [
"default-src 'self'",
`script-src 'self' 'unsafe-inline'${isDev ? " 'unsafe-eval'" : ""}`,
"style-src 'self' 'unsafe-inline'",
"img-src 'self' blob: data:",
"font-src 'self' data:",
"connect-src 'self'",
"object-src 'none'",
"frame-src 'none'",
"frame-ancestors 'none'",
"form-action 'self'",
"base-uri 'self'",
"upgrade-insecure-requests",
].join("; ");
2026-02-06 14:10:59 -05:00
const nextConfig: NextConfig = {
2026-02-07 20:17:46 -05:00
output: "standalone",
2026-05-25 09:49:40 -04:00
poweredByHeader: false,
serverExternalPackages: ['better-sqlite3'],
2026-02-07 20:17:46 -05:00
headers: async () => {
return [
{
source: '/:path*',
headers: [
{
key: 'X-Frame-Options',
value: 'DENY',
},
{
key: 'Content-Security-Policy',
2026-05-25 09:49:40 -04:00
value: contentSecurityPolicy,
2026-02-07 20:17:46 -05:00
},
{
key: 'X-Content-Type-Options',
value: 'nosniff',
},
{
key: 'Referrer-Policy',
value: 'strict-origin-when-cross-origin',
},
2026-05-25 09:49:40 -04:00
{
key: 'Permissions-Policy',
value: 'camera=(), microphone=(), geolocation=(), interest-cohort=()',
},
{
key: 'Cross-Origin-Opener-Policy',
value: 'same-origin',
},
{
key: 'X-DNS-Prefetch-Control',
value: 'off',
},
2026-02-07 20:17:46 -05:00
],
},
];
},
2026-02-06 14:10:59 -05:00
};
export default nextConfig;