From 8113b63b1c2ab0ddb4d120f4cb14d482c267506e Mon Sep 17 00:00:00 2001 From: Ana Maksimovskikh Date: Thu, 31 Oct 2024 14:47:49 +0000 Subject: [PATCH] Add subresource integrity to embed --- apps/embed-iframe-mainnet/package.json | 1 + apps/embed-iframe-mainnet/src/vite-env.d.ts | 3 +++ apps/embed-iframe-mainnet/vite.config.ts | 2 ++ apps/embed-iframe/package.json | 1 + apps/embed-iframe/src/vite-env.d.ts | 3 +++ apps/embed-iframe/vite.config.ts | 2 ++ pnpm-lock.yaml | 3 +++ 7 files changed, 15 insertions(+) create mode 100644 apps/embed-iframe-mainnet/src/vite-env.d.ts create mode 100644 apps/embed-iframe/src/vite-env.d.ts diff --git a/apps/embed-iframe-mainnet/package.json b/apps/embed-iframe-mainnet/package.json index 0bf629c310..68f46f139e 100644 --- a/apps/embed-iframe-mainnet/package.json +++ b/apps/embed-iframe-mainnet/package.json @@ -28,6 +28,7 @@ "typescript": "5.5.4", "vite": "^5.4.8", "vite-plugin-node-polyfills": "^0.17.0", + "vite-plugin-sri": "^0.0.2", "vite-plugin-svgr": "^4.2.0" } } diff --git a/apps/embed-iframe-mainnet/src/vite-env.d.ts b/apps/embed-iframe-mainnet/src/vite-env.d.ts new file mode 100644 index 0000000000..b646c840eb --- /dev/null +++ b/apps/embed-iframe-mainnet/src/vite-env.d.ts @@ -0,0 +1,3 @@ +/// +/// +/// diff --git a/apps/embed-iframe-mainnet/vite.config.ts b/apps/embed-iframe-mainnet/vite.config.ts index 18aee309d2..30bffd985f 100644 --- a/apps/embed-iframe-mainnet/vite.config.ts +++ b/apps/embed-iframe-mainnet/vite.config.ts @@ -3,6 +3,7 @@ import { defineConfig } from "vite"; import { nodePolyfills } from "vite-plugin-node-polyfills"; import svgr from "vite-plugin-svgr"; import path from "path"; +import sri from "vite-plugin-sri"; export default defineConfig({ base: "./", @@ -15,6 +16,7 @@ export default defineConfig({ Buffer: true, }, }), + sri({ algorithm: "sha384" }), ], optimizeDeps: { esbuildOptions: { diff --git a/apps/embed-iframe/package.json b/apps/embed-iframe/package.json index 4123fadec0..e62843b4fb 100644 --- a/apps/embed-iframe/package.json +++ b/apps/embed-iframe/package.json @@ -57,6 +57,7 @@ "typescript": "5.5.4", "vite": "^5.4.8", "vite-plugin-node-polyfills": "^0.17.0", + "vite-plugin-sri": "^0.0.2", "vite-plugin-svgr": "^4.2.0" } } diff --git a/apps/embed-iframe/src/vite-env.d.ts b/apps/embed-iframe/src/vite-env.d.ts new file mode 100644 index 0000000000..b646c840eb --- /dev/null +++ b/apps/embed-iframe/src/vite-env.d.ts @@ -0,0 +1,3 @@ +/// +/// +/// diff --git a/apps/embed-iframe/vite.config.ts b/apps/embed-iframe/vite.config.ts index 7596b95953..5b7e4e8cdb 100644 --- a/apps/embed-iframe/vite.config.ts +++ b/apps/embed-iframe/vite.config.ts @@ -2,6 +2,7 @@ import react from "@vitejs/plugin-react"; import { defineConfig } from "vite"; import { nodePolyfills } from "vite-plugin-node-polyfills"; import svgr from "vite-plugin-svgr"; +import sri from "vite-plugin-sri"; export default defineConfig({ base: "./", @@ -14,6 +15,7 @@ export default defineConfig({ Buffer: true, }, }), + sri({ algorithm: "sha384" }), ], optimizeDeps: { esbuildOptions: { diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 7cb2d7e20e..54f03b08d0 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -637,6 +637,9 @@ importers: vite-plugin-node-polyfills: specifier: ^0.17.0 version: 0.17.0(rollup@4.21.0)(vite@5.4.8(@types/node@22.1.0)(sass@1.79.4)) + vite-plugin-sri: + specifier: ^0.0.2 + version: 0.0.2(encoding@0.1.13) vite-plugin-svgr: specifier: ^4.2.0 version: 4.2.0(rollup@4.21.0)(typescript@5.5.4)(vite@5.4.8(@types/node@22.1.0)(sass@1.79.4))