mirror of
https://github.com/koala73/worldmonitor.git
synced 2026-04-25 17:14:57 +02:00
d101c03009
* fix: unblock geolocation and fix stale CSP hash for SW nuke script Permissions-Policy had geolocation=() which blocked navigator.geolocation used by user-location.ts. Changed to geolocation=(self). CSP script-src had a stale SHA-256 hash (903UI9my...) that didn't match the current SW nuke script content. The script was silently blocked in production, preventing recovery from stale service workers after deploys. Replaced with the correct hash (4Z2xtr1B...) in both vercel.json and index.html meta tag. * test: update permissions-policy test for geolocation=(self) Move geolocation from "disabled" list to "delegated" assertions since it now allows self-origin access for user-location.ts.
136 lines
5.8 KiB
JSON
136 lines
5.8 KiB
JSON
{
|
|
"ignoreCommand": "bash scripts/vercel-ignore.sh",
|
|
"crons": [],
|
|
"rewrites": [
|
|
{ "source": "/docs", "destination": "https://worldmonitor.mintlify.dev/docs" },
|
|
{ "source": "/docs/:match*", "destination": "https://worldmonitor.mintlify.dev/docs/:match*" },
|
|
{ "source": "/pro", "destination": "/pro/index.html" },
|
|
{ "source": "/((?!api|assets|blog|docs|favico|map-styles|data|textures|pro|sw\\.js|workbox-[a-f0-9]+\\.js|manifest\\.webmanifest|offline\\.html|robots\\.txt|sitemap\\.xml|llms\\.txt|llms-full\\.txt|\\.well-known).*)", "destination": "/index.html" }
|
|
],
|
|
"headers": [
|
|
{
|
|
"source": "/api/(.*)",
|
|
"headers": [
|
|
{ "key": "Access-Control-Allow-Origin", "value": "*" },
|
|
{ "key": "Access-Control-Allow-Methods", "value": "GET, POST, OPTIONS" },
|
|
{ "key": "Access-Control-Allow-Headers", "value": "Content-Type, Authorization, X-WorldMonitor-Key" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/docs/:path*",
|
|
"headers": [
|
|
{ "key": "X-Content-Type-Options", "value": "nosniff" },
|
|
{ "key": "Strict-Transport-Security", "value": "max-age=63072000; includeSubDomains; preload" },
|
|
{ "key": "Referrer-Policy", "value": "strict-origin-when-cross-origin" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/(.*)",
|
|
"headers": [
|
|
{ "key": "X-Content-Type-Options", "value": "nosniff" },
|
|
{ "key": "X-Frame-Options", "value": "SAMEORIGIN" },
|
|
{ "key": "Strict-Transport-Security", "value": "max-age=63072000; includeSubDomains; preload" },
|
|
{ "key": "Referrer-Policy", "value": "strict-origin-when-cross-origin" },
|
|
{ "key": "Permissions-Policy", "value": "camera=(), microphone=(), geolocation=(self), accelerometer=(), autoplay=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), bluetooth=(), display-capture=(), encrypted-media=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), picture-in-picture=(self \"https://www.youtube.com\" \"https://www.youtube-nocookie.com\"), screen-wake-lock=(), serial=(), usb=(), xr-spatial-tracking=()" },
|
|
{ "key": "Content-Security-Policy", "value": "default-src 'self'; connect-src 'self' https: wss: blob: data:; img-src 'self' data: blob: https:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; script-src 'self' 'sha256-LnMFPWZxTgVOr2VYwIh9mhQ3l/l3+a3SfNOLERnuHfY=' 'sha256-4Z2xtr1B9QQugoojE/nbpOViG+8l2B7CZVlKgC78AeQ=' 'wasm-unsafe-eval' https://www.youtube.com https://static.cloudflareinsights.com https://vercel.live https://challenges.cloudflare.com; worker-src 'self' blob:; font-src 'self' data: https:; media-src 'self' data: blob: https:; frame-src 'self' https://worldmonitor.app https://tech.worldmonitor.app https://finance.worldmonitor.app https://commodity.worldmonitor.app https://happy.worldmonitor.app https://www.youtube.com https://www.youtube-nocookie.com https://webcams.windy.com https://challenges.cloudflare.com; frame-ancestors 'self' https://www.worldmonitor.app https://tech.worldmonitor.app https://finance.worldmonitor.app https://commodity.worldmonitor.app https://happy.worldmonitor.app https://worldmonitor.app; base-uri 'self'; object-src 'none'; form-action 'self'" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "no-cache, no-store, must-revalidate" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/index.html",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "no-cache, no-store, must-revalidate" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/((?!api|assets|blog|docs|favico|map-styles|data|textures|pro|sw\\.js|workbox-[a-f0-9]+\\.js|manifest\\.webmanifest|offline\\.html|robots\\.txt|sitemap\\.xml|llms\\.txt|llms-full\\.txt|\\.well-known).*)",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "no-cache, no-store, must-revalidate" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/assets/(.*)",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "public, max-age=31536000, immutable" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/blog/_astro/(.*)",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "public, max-age=31536000, immutable" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/pro/assets/(.*)",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "public, max-age=31536000, immutable" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/pro/:path*",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "no-cache, no-store, must-revalidate" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/pro",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "no-cache, no-store, must-revalidate" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/favico/(.*)",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "public, max-age=604800" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/map-styles/(.*)",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "public, max-age=31536000, immutable" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/data/(.*)",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "public, max-age=31536000, immutable" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/textures/(.*)",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "public, max-age=31536000, immutable" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/offline.html",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "public, max-age=86400" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/workbox-:hash.js",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "public, max-age=31536000, immutable" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/sw.js",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "public, max-age=0, must-revalidate" }
|
|
]
|
|
},
|
|
{
|
|
"source": "/manifest.webmanifest",
|
|
"headers": [
|
|
{ "key": "Cache-Control", "value": "public, max-age=86400" }
|
|
]
|
|
}
|
|
]
|
|
}
|