Merge branch 'extend-ssg-csp' into demo-docs-security

nuxt-modules · Oct 31, 2023 · 5a901b2 · 5a901b2
2 parents 17c908b + 32a2b43
commit 5a901b2
Show file tree

Hide file tree

Showing 3 changed files with 5 additions and 3 deletions.
diff --git a/src/defaultConfig.ts b/src/defaultConfig.ts
@@ -1,4 +1,4 @@
-import { ModuleOptions } from './types'
+import type { ModuleOptions } from './types'
 
 const defaultThrowErrorValue = { throwError: true }
 
@@ -81,6 +81,7 @@ export const defaultSecurityConfig = (serverlUrl: string): ModuleOptions => ({
     exclude: [/node_modules/, /\.git/]
   },
   ssg: {
-    hashScripts: true
+    hashScripts: true,
+    hashStyles: false
   }
 })
diff --git a/src/runtime/nitro/plugins/02-cspSsg.ts b/src/runtime/nitro/plugins/02-cspSsg.ts
@@ -84,7 +84,7 @@ export default defineNitroPlugin((nitroApp) => {
       // Remove '""'
       tagPolicies['script-src'] = (tagPolicies['script-src'] ?? []).concat(scriptHashes)
     }
-    if (styleHashes.length > 0 && moduleOptions.ssg?.hashScripts) {
+    if (styleHashes.length > 0 && moduleOptions.ssg?.hashStyles) {
       // Remove '""'
       tagPolicies['style-src'] = (tagPolicies['style-src'] ?? []).concat(styleHashes)
     }

diff --git a/src/types/index.ts b/src/types/index.ts
@@ -6,6 +6,7 @@ import type { AllowedHTTPMethods, BasicAuth, CorsOptions, RateLimiter, RequestSi
 
 export type Ssg = {
   hashScripts?: boolean;
+  hashStyles?: boolean;
 };
 
 export interface ModuleOptions {