MHuiG/gulpfile.js

## gulpfile.js
const gulp = require('gulp');
const cleanCSS = require('gulp-clean-css');
const htmlmin = require('gulp-html-minifier-terser');
const htmlclean = require('gulp-htmlclean');
const terser = require('gulp-terser');
const sourcemaps = require('gulp-sourcemaps');
const babel = require('gulp-babel');

// 压缩css文件
const minify_css = () => (
  gulp.src(['./public/**/*.css', '!./public/{lib,lib/**}', '!./public/{libs,libs/**}', '!./public/{media,media/**}'])
    .pipe(sourcemaps.init())
    .pipe(cleanCSS({ compatibility: 'ie8' }))
    .pipe(sourcemaps.write('./maps'))
    .pipe(gulp.dest('./public'))
);

// 压缩html文件
const minify_html = () => (
  gulp.src(['./public/**/*.html', '!./public/{lib,lib/**}', '!./public/{libs,libs/**}', '!./public/{media,media/**}'])
    .pipe(htmlclean())
    .pipe(htmlmin({
      removeComments: true,
      minifyJS: true,
      minifyCSS: true,
      minifyURLs: true,
    }))
    .pipe(gulp.dest('./public'))
)

// 压缩js文件
const minify_js = () => (
  gulp.src(['./public/**/*.js', '!./public/**/*.min.js', '!./public/{lib,lib/**}', '!./public/{libs,libs/**}', '!./public/{media,media/**}'])
    .pipe(sourcemaps.init())
    .pipe(babel({
      presets: ['@babel/preset-env']
    }))
    .pipe(terser({
      ecma: 2015,
      ie8: true,
      safari10: true,
      output: { comments: false }
    }))
    .pipe(sourcemaps.write('./maps'))
    .pipe(gulp.dest('./public'))
)

gulp.task('minify', gulp.parallel(
  minify_html,
  minify_css,
  minify_js
))

// （CSP Level 3 ：Safari 15.4+ Chrome 59+ Firefox 58+ Edge 79+）
// CSP inline hash
const hashstream = require('inline-csp-hash');
const crypto = require('crypto');
const hash = (s) => crypto.createHash("sha256").update(s).digest('base64');

function getRandStr(len) {
  var str = '';
  for (var i = 0; i < len; i++) {
    str += String.fromCharCode(Math.floor(Math.random() * 26) + 97);
  }
  return str;
}
const nonce = getRandStr(15);

// script White list [scripts in event handlers (eg onclick)]. 包含压缩的 inline js
unsafe_script_list = [
  "this.media='all';this.onload=null",
  'this.media="all",this.onload=null',
  "errorImgAvatar(this)",
  "errorImgCover(this)",
  "return false;",
  "return!1",
  "history.back()",
  "history.forward()",
  "window.location.reload()",
  "VolantisApp.scrolltoElement(volantis.dom.bodyAnchor)",
  "volantis.rightmenu.jump('prev')",
  "volantis.rightmenu.jump('next')"
]
// script hash White list
unsafe_script_hash = ["'sha256-MXV1jvkHrZruEyFEOrQRjKs9WlPZC1V/3RLoKrkoDFQ='"]

unsafe_script_list.forEach(e => {
  unsafe_script_hash.push("'sha256-" + hash(e) + "'")
});

gulp.task('csp_hash', () => {
  return gulp.src(['./public/**/*.html', '!./public/{lib,lib/**}', '!./public/{libs,libs/**}', '!./public/{media,media/**}'])
    .pipe(hashstream({
      what: 'script:not([type="application/ld+json"])',
      replace_cb: (s, hashes) => {
        unsafe_script_hash.push.apply(unsafe_script_hash, hashes);
        unsafe_script_hash = Array.from(new Set(unsafe_script_hash))
        return s
      }
    }))
    ;
});

gulp.task('csp_replace', () => {
  return gulp.src(['./public/**/*.html', '!./public/{lib,lib/**}', '!./public/{libs,libs/**}', '!./public/{media,media/**}'])
    .pipe(hashstream({
      what: 'script:not([type="application/ld+json"])',
      replace_cb: (s, hashes) => {
        unsafe_script_hash = Array.from(new Set(unsafe_script_hash))
        s = s.replace(/<script.*?>/g, function (match) {
          return match.replace(/>/g, ` nonce='${nonce}'>`);
        });
        s = s.replace(/script-src 'self'[^;]*/, `script-src 'self' https: 'unsafe-hashes' 'nonce-${nonce}' 'strict-dynamic' ` + unsafe_script_hash.join(" "))
        return s
      }
    }))
    .pipe(gulp.dest('./public'))
    ;
});

gulp.task('csp', gulp.series('csp_hash', 'csp_replace'));

gulp.task('default', gulp.series('minify', 'csp'));
	const gulp = require('gulp');
	const cleanCSS = require('gulp-clean-css');
	const htmlmin = require('gulp-html-minifier-terser');
	const htmlclean = require('gulp-htmlclean');
	const terser = require('gulp-terser');
	const sourcemaps = require('gulp-sourcemaps');
	const babel = require('gulp-babel');

	// 压缩css文件
	const minify_css = () => (
	gulp.src(['./public/*/.css', '!./public/{lib,lib/}', '!./public/{libs,libs/}', '!./public/{media,media/**}'])
	.pipe(sourcemaps.init())
	.pipe(cleanCSS({ compatibility: 'ie8' }))
	.pipe(sourcemaps.write('./maps'))
	.pipe(gulp.dest('./public'))
	);

	// 压缩html文件
	const minify_html = () => (
	gulp.src(['./public/*/.html', '!./public/{lib,lib/}', '!./public/{libs,libs/}', '!./public/{media,media/**}'])
	.pipe(htmlclean())
	.pipe(htmlmin({
	removeComments: true,
	minifyJS: true,
	minifyCSS: true,
	minifyURLs: true,
	}))
	.pipe(gulp.dest('./public'))
	)

	// 压缩js文件
	const minify_js = () => (
	gulp.src(['./public/*/.js', '!./public/*/.min.js', '!./public/{lib,lib/}', '!./public/{libs,libs/}', '!./public/{media,media/**}'])
	.pipe(sourcemaps.init())
	.pipe(babel({
	presets: ['@babel/preset-env']
	}))
	.pipe(terser({
	ecma: 2015,
	ie8: true,
	safari10: true,
	output: { comments: false }
	}))
	.pipe(sourcemaps.write('./maps'))
	.pipe(gulp.dest('./public'))
	)

	gulp.task('minify', gulp.parallel(
	minify_html,
	minify_css,
	minify_js
	))

	// （CSP Level 3 ：Safari 15.4+ Chrome 59+ Firefox 58+ Edge 79+）
	// CSP inline hash
	const hashstream = require('inline-csp-hash');
	const crypto = require('crypto');
	const hash = (s) => crypto.createHash("sha256").update(s).digest('base64');

	function getRandStr(len) {
	var str = '';
	for (var i = 0; i < len; i++) {
	str += String.fromCharCode(Math.floor(Math.random() * 26) + 97);
	}
	return str;
	}
	const nonce = getRandStr(15);

	// script White list [scripts in event handlers (eg onclick)]. 包含压缩的 inline js
	unsafe_script_list = [
	"this.media='all';this.onload=null",
	'this.media="all",this.onload=null',
	"errorImgAvatar(this)",
	"errorImgCover(this)",
	"return false;",
	"return!1",
	"history.back()",
	"history.forward()",
	"window.location.reload()",
	"VolantisApp.scrolltoElement(volantis.dom.bodyAnchor)",
	"volantis.rightmenu.jump('prev')",
	"volantis.rightmenu.jump('next')"
	]
	// script hash White list
	unsafe_script_hash = ["'sha256-MXV1jvkHrZruEyFEOrQRjKs9WlPZC1V/3RLoKrkoDFQ='"]

	unsafe_script_list.forEach(e => {
	unsafe_script_hash.push("'sha256-" + hash(e) + "'")
	});

	gulp.task('csp_hash', () => {
	return gulp.src(['./public/*/.html', '!./public/{lib,lib/}', '!./public/{libs,libs/}', '!./public/{media,media/**}'])
	.pipe(hashstream({
	what: 'script:not([type="application/ld+json"])',
	replace_cb: (s, hashes) => {
	unsafe_script_hash.push.apply(unsafe_script_hash, hashes);
	unsafe_script_hash = Array.from(new Set(unsafe_script_hash))
	return s
	}
	}))
	;
	});

	gulp.task('csp_replace', () => {
	return gulp.src(['./public/*/.html', '!./public/{lib,lib/}', '!./public/{libs,libs/}', '!./public/{media,media/**}'])
	.pipe(hashstream({
	what: 'script:not([type="application/ld+json"])',
	replace_cb: (s, hashes) => {
	unsafe_script_hash = Array.from(new Set(unsafe_script_hash))
	s = s.replace(/<script.*?>/g, function (match) {
	return match.replace(/>/g, ` nonce='${nonce}'>`);
	});
	s = s.replace(/script-src 'self'[^;]*/, `script-src 'self' https: 'unsafe-hashes' 'nonce-${nonce}' 'strict-dynamic' ` + unsafe_script_hash.join(" "))
	return s
	}
	}))
	.pipe(gulp.dest('./public'))
	;
	});

	gulp.task('csp', gulp.series('csp_hash', 'csp_replace'));

	gulp.task('default', gulp.series('minify', 'csp'));