66 lines
No EOL
2.3 KiB
JavaScript
66 lines
No EOL
2.3 KiB
JavaScript
import adapter from '@sveltejs/adapter-node';
|
|
import { vitePreprocess } from '@sveltejs/vite-plugin-svelte';
|
|
|
|
/** @type {import('@sveltejs/kit').Config} */
|
|
const config = {
|
|
preprocess: vitePreprocess(),
|
|
|
|
kit: {
|
|
adapter: adapter({
|
|
out: 'build',
|
|
precompress: false
|
|
}),
|
|
|
|
csp: {
|
|
mode: 'auto',
|
|
directives: {
|
|
'default-src': ["'self'"],
|
|
'script-src': ["'self'", 'https://www.youtube.com'],
|
|
// Note: 'unsafe-inline' required because Svelte uses inline styles for transitions and dynamic bindings
|
|
'style-src': ["'self'", "'unsafe-inline'", 'https://cdnjs.cloudflare.com'],
|
|
'img-src': ["'self'", 'data:', 'blob:', 'https://img.youtube.com', 'https://i.ytimg.com'],
|
|
'font-src': ["'self'", 'data:', 'https://cdnjs.cloudflare.com'],
|
|
'connect-src': [
|
|
"'self'",
|
|
'ws://localhost:*',
|
|
'wss://localhost:*',
|
|
'http://localhost:*',
|
|
'ws://127.0.0.1:*',
|
|
'wss://127.0.0.1:*',
|
|
'http://127.0.0.1:*',
|
|
'https://www.youtube.com'
|
|
],
|
|
'media-src': ["'self'", 'blob:', 'http://localhost:*'],
|
|
'frame-src': ["'self'", 'blob:', 'https://www.youtube.com'],
|
|
'object-src': ["'none'"],
|
|
'frame-ancestors': ["'none'"],
|
|
'form-action': ["'self'"],
|
|
'base-uri': ["'self'"]
|
|
}
|
|
},
|
|
|
|
// Enable CSRF protection (default is true)
|
|
csrf: {
|
|
checkOrigin: true
|
|
},
|
|
|
|
// Environment variable configuration
|
|
env: {
|
|
publicPrefix: 'VITE_' // This is already correct
|
|
},
|
|
|
|
// Ensure default appDir is used (don't override)
|
|
// appDir: '_app' // This is the default, no need to set
|
|
|
|
// Performance: prerender error pages
|
|
prerender: {
|
|
entries: ['/'],
|
|
handleHttpError: ({ path, referrer, message }) => {
|
|
// Log errors but don't fail build
|
|
console.warn(`${path} (${referrer}) - ${message}`);
|
|
}
|
|
}
|
|
}
|
|
};
|
|
|
|
export default config; |