sentry, hooks, CSP update

2024-03-20 16:09:11 +01:00 · 2024-03-20 16:09:11 +01:00 · 15e7a32263
parent f6a2a7558e
commit 15e7a32263
3 changed files with 14 additions and 6 deletions
--- a/src/cspDirectives.ts
+++ b/src/cspDirectives.ts
@ -12,7 +12,7 @@ export const rootDomain = PUBLIC_DOMAIN; // or your server IP for dev

 const directives = {
 	'base-uri': ["'self'"],
-	'child-src': ["'self'"],
+	'child-src': ["'self'", 'blob:'],
 	// 'connect-src': ["'self'", 'ws://localhost:*'],
 	'connect-src': [
 		"'self'",
--- a/src/hooks.server.ts
+++ b/src/hooks.server.ts
@ -25,7 +25,7 @@ export const cspHandle: Handle = async ({ event, resolve }) => {
  const headers = {
    'X-Frame-Options': 'SAMEORIGIN',
    'Referrer-Policy': 'no-referrer',
-    'Permissions-Policy': `accelerometer=(), autoplay=(), camera=(), document-domain=(), encrypted-media=(), fullscreen=(self ${rootDomain}), gyroscope=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), geolocation=()`,
+    'Permissions-Policy': `accelerometer=(), autoplay=(), camera=(), document-domain=(self, 'js-profiling'), encrypted-media=(), fullscreen=(self ${rootDomain}), gyroscope=(), interest-cohort=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), sync-xhr=(), usb=(), xr-spatial-tracking=(), geolocation=()`,
    'X-Content-Type-Options': 'nosniff',
    // 'Content-Security-Policy-Report-Only': csp,
    'Content-Security-Policy': csp,
--- a/vite.config.ts
+++ b/vite.config.ts
@ -12,15 +12,23 @@ export default defineConfig({
 	envPrefix: "PUBLIC_",
 	plugins: [sentrySvelteKit({
        sourceMapsUploadOptions: {
-            org: "none-b0c3fadae",
-            project: "javascript-sveltekit"
+            org: "mattmor",
+            project: "kkosmetickysalon",
+			
+			//telemetry off
+			telemetry: false,
        }
-    }), sveltekit(), purgeCss({
+    }), 
+	sveltekit(), 
+	purgeCss({
        safelist: {
            // any selectors that begin with "hljs-" will not be purged
            greedy: [/^hljs-/],
    },
-})],
+	})],
+	define: {
+		'process.env.VITE_BUILD_TIME': JSON.stringify(new Date().toISOString()),
+	},
 	test: {
 		include: ['src/**/*.{test,spec}.{js,ts}']
 	},