buster/web/next.config.mjs

import path from 'path';
import { fileURLToPath } from 'url';
import { dirname } from 'path';

const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename);

/** @type {import('next').NextConfig} */
const nextConfig = {
  reactStrictMode: false,
  sassOptions: {
    includePaths: [path.join(__dirname, 'styles')],
    silenceDeprecations: ['legacy-js-api']
  },
  experimental: {
    serverComponentsExternalPackages: [],
    instrumentationHook: false,
    serverActions: {
      bodySizeLimit: '2mb'
    }
  },
  async headers() {
    return [
      {
        source: '/:path*',
        headers: [
          {
            key: 'Content-Security-Policy',
            value: defaultCspHeader
          }
        ]
      },
      {
        source: '/embed/:path*',
        headers: [
          {
            key: 'Content-Security-Policy',
            value: embedCspHeader
          }
        ]
      }
    ];
  }
};

export default nextConfig;

const defaultCspHeader = [
  // Default directives
  "default-src 'self'",
  // Scripts
  "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://vercel.live https://*.vercel.app",
  // Styles
  "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com",
  // Images
  "img-src 'self' blob: data: https://*.vercel.app https://*.supabase.co",
  // Fonts
  "font-src 'self' https://fonts.gstatic.com",
  // Frame ancestors - no embedding for non-embed routes
  "frame-ancestors 'none'",
  // Connect sources for API calls
  "connect-src 'self' http://127.0.0.1:* ws://127.0.0.1:* https://*.vercel.app https://*.supabase.co wss://*.supabase.co",
  // Media
  "media-src 'self'",
  // Object
  "object-src 'none'",
  // Form actions
  "form-action 'self'",
  // Base URI
  "base-uri 'self'",
  // Manifest
  "manifest-src 'self'"
].join('; ');

const embedCspHeader = [
  // Default directives
  "default-src 'self'",
  // Scripts
  "script-src 'self' 'unsafe-inline' 'unsafe-eval' https://vercel.live https://*.vercel.app",
  // Styles
  "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com",
  // Images
  "img-src 'self' blob: data: https://*.vercel.app https://*.supabase.co",
  // Fonts
  "font-src 'self' https://fonts.gstatic.com",
  // Frame ancestors - allow embedding from any domain for /embed routes
  `frame-ancestors 'self' *`,
  // Connect sources for API calls
  "connect-src 'self' http://127.0.0.1:* ws://127.0.0.1:* https://*.vercel.app https://*.supabase.co wss://*.supabase.co",
  // Media
  "media-src 'self'",
  // Object
  "object-src 'none'",
  // Form actions
  "form-action 'self'",
  // Base URI
  "base-uri 'self'",
  // Manifest
  "manifest-src 'self'"
].join('; ');
Initial web commit 🤙 Initial commit for all files and folder related to the web project 2025-01-07 02:29:29 +08:00			`import path from 'path';`
			`import { fileURLToPath } from 'url';`
			`import { dirname } from 'path';`

			`const __filename = fileURLToPath(import.meta.url);`
			`const __dirname = dirname(__filename);`

Nate/change supabase auth (#177) * attempt to make some static routes * update appproviders * update on request * make some pages forced static * update profile page * solid buster route update * make more stable * make good tests for create route helpers * update some error handling * global error component ripped * minor updates to middleware * Update middleware.ts * save supabase contexts * chnage middle ware * update middleware * better passing axios instance * Update next.config.mjs * remove console errors * update how we interact with the middleware * get layout is not a promise * private pages experiment completed 2025-03-28 03:27:30 +08:00			`/** @type {import('next').NextConfig} */`
Initial web commit 🤙 Initial commit for all files and folder related to the web project 2025-01-07 02:29:29 +08:00			`const nextConfig = {`
			`reactStrictMode: false,`
			`sassOptions: {`
Nate/change supabase auth (#177) * attempt to make some static routes * update appproviders * update on request * make some pages forced static * update profile page * solid buster route update * make more stable * make good tests for create route helpers * update some error handling * global error component ripped * minor updates to middleware * Update middleware.ts * save supabase contexts * chnage middle ware * update middleware * better passing axios instance * Update next.config.mjs * remove console errors * update how we interact with the middleware * get layout is not a promise * private pages experiment completed 2025-03-28 03:27:30 +08:00			`includePaths: [path.join(__dirname, 'styles')],`
			`silenceDeprecations: ['legacy-js-api']`
			`},`
			`experimental: {`
			`serverComponentsExternalPackages: [],`
			`instrumentationHook: false,`
			`serverActions: {`
			`bodySizeLimit: '2mb'`
			`}`
			`},`
			`async headers() {`
			`return [`
			`{`
			`source: '/:path*',`
			`headers: [`
			`{`
			`key: 'Content-Security-Policy',`
			`value: defaultCspHeader`
			`}`
			`]`
			`},`
			`{`
			`source: '/embed/:path*',`
			`headers: [`
			`{`
			`key: 'Content-Security-Policy',`
			`value: embedCspHeader`
			`}`
			`]`
			`}`
			`];`
Initial web commit 🤙 Initial commit for all files and folder related to the web project 2025-01-07 02:29:29 +08:00			`}`
			`};`

nate big ol refactor 2025-03-08 07:02:56 +08:00			`export default nextConfig;`
Nate/change supabase auth (#177) * attempt to make some static routes * update appproviders * update on request * make some pages forced static * update profile page * solid buster route update * make more stable * make good tests for create route helpers * update some error handling * global error component ripped * minor updates to middleware * Update middleware.ts * save supabase contexts * chnage middle ware * update middleware * better passing axios instance * Update next.config.mjs * remove console errors * update how we interact with the middleware * get layout is not a promise * private pages experiment completed 2025-03-28 03:27:30 +08:00
			`const defaultCspHeader = [`
			`// Default directives`
			`"default-src 'self'",`
			`// Scripts`
			`"script-src 'self' 'unsafe-inline' 'unsafe-eval' https://vercel.live https://*.vercel.app",`
			`// Styles`
			`"style-src 'self' 'unsafe-inline' https://fonts.googleapis.com",`
			`// Images`
			`"img-src 'self' blob: data: https://.vercel.app https://.supabase.co",`
			`// Fonts`
			`"font-src 'self' https://fonts.gstatic.com",`
			`// Frame ancestors - no embedding for non-embed routes`
			`"frame-ancestors 'none'",`
			`// Connect sources for API calls`
			`"connect-src 'self' http://127.0.0.1:* ws://127.0.0.1:* https://.vercel.app https://.supabase.co wss://*.supabase.co",`
			`// Media`
			`"media-src 'self'",`
			`// Object`
			`"object-src 'none'",`
			`// Form actions`
			`"form-action 'self'",`
			`// Base URI`
			`"base-uri 'self'",`
			`// Manifest`
			`"manifest-src 'self'"`
			`].join('; ');`

			`const embedCspHeader = [`
			`// Default directives`
			`"default-src 'self'",`
			`// Scripts`
			`"script-src 'self' 'unsafe-inline' 'unsafe-eval' https://vercel.live https://*.vercel.app",`
			`// Styles`
			`"style-src 'self' 'unsafe-inline' https://fonts.googleapis.com",`
			`// Images`
			`"img-src 'self' blob: data: https://.vercel.app https://.supabase.co",`
			`// Fonts`
			`"font-src 'self' https://fonts.gstatic.com",`
			`// Frame ancestors - allow embedding from any domain for /embed routes`
			`frame-ancestors 'self' *`,
			`// Connect sources for API calls`
			`"connect-src 'self' http://127.0.0.1:* ws://127.0.0.1:* https://.vercel.app https://.supabase.co wss://*.supabase.co",`
			`// Media`
			`"media-src 'self'",`
			`// Object`
			`"object-src 'none'",`
			`// Form actions`
			`"form-action 'self'",`
			`// Base URI`
			`"base-uri 'self'",`
			`// Manifest`
			`"manifest-src 'self'"`
			`].join('; ');`