Skip to content

Instantly share code, notes, and snippets.

View oslavdev's full-sized avatar
👽
-__-

Jaroslaw oslavdev

👽
-__-
47 followers · 23 following
View GitHub Profile
@oslavdev
oslavdev / webpack-security-headers.js
Last active December 11, 2020 15:47
Next.js security headers
const SriPlugin = require("webpack-subresource-integrity");
const { createSecureHeaders } = require("next-secure-headers");
module.exports = {
async headers() {
return [
{
source: "/(.*)",
headers: createSecureHeaders({
contentSecurityPolicy: {
@oslavdev
oslavdev / webpack-subresource-integrity.js
Created December 7, 2020 09:58
Webpack subresource integrity in Next.js example
webpack(config) {
config.output.crossOriginLoading = "anonymous";
config.plugins.push(
new SriPlugin({
hashFuncNames: ["sha256", "sha384"],
enabled: true,
})
);
@oslavdev
oslavdev / gist:5a034435cedf2937c5af38c51721596a
Last active December 12, 2021 12:04
Content Security Policy
const { createSecureHeaders } = require("next-secure-headers");
module.exports ={
async headers() {
return [
{
source: "/(.*)",
headers: createSecureHeaders({
contentSecurityPolicy: {