-
Notifications
You must be signed in to change notification settings - Fork 0
/
next.config.mjs
76 lines (73 loc) · 2.3 KB
/
next.config.mjs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
// @ts-check
/**
* Run `build` or `dev` with `SKIP_ENVIRONMENT_VALIDATION` to skip environment
* validation. This is especially useful for Docker builds.
*/
!process.env.SKIP_ENVIRONMENT_VALIDATION &&
(await import("./src/environment/server.mjs"));
/** @type {import("next").NextConfig} */
const nextConfig = {
experimental: {
legacyBrowsers: false,
},
headers: async () => [
{
/** @see https://nextjs.org/docs/advanced-features/security-headers */
headers: [
/** @see https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP */
{
key: "Content-Security-Policy",
value: `
child-src 'none';
default-src 'self';
frame-ancestors 'none';
img-src 'self' data:;
media-src 'none';
script-src 'self' 'unsafe-eval' 'unsafe-inline';
style-src 'self' 'unsafe-inline';
`
.replace(/\s{2,}/g, " ")
.trim(),
},
/** @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Feature-Policy */
{
key: "Permissions-Policy",
value: "camera=(), geolocation=(), microphone=()",
},
/** @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy */
{
key: "Referrer-Policy",
value: "strict-origin-when-cross-origin",
},
/** @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security */
{
key: "Strict-Transport-Security",
value: "includeSubDomains; max-age=31536000; preload",
},
/** @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options */
{
key: "X-Content-Type-Options",
value: "nosniff",
},
/** @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-DNS-Prefetch-Control */
{
key: "X-DNS-Prefetch-Control",
value: "on",
},
/** @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options */
{
key: "X-Frame-Options",
value: "DENY",
},
],
source: "/(.*)",
},
],
i18n: {
defaultLocale: "en",
locales: ["en"],
},
poweredByHeader: false,
reactStrictMode: true,
};
export default nextConfig;