Skip to content

chore: Update next.config.mjs to enhance security headers#29

Merged
digitaldrreamer merged 1 commit intomainfrom
demo-dockerfile-fixes
Feb 2, 2026
Merged

chore: Update next.config.mjs to enhance security headers#29
digitaldrreamer merged 1 commit intomainfrom
demo-dockerfile-fixes

Conversation

@digitaldrreamer
Copy link
Copy Markdown
Owner

@digitaldrreamer digitaldrreamer commented Feb 2, 2026
edited by coderabbitai bot
Loading

  • Modify Content-Security-Policy to allow wallet connections and improve RPC support
  • Add headers for wallet popups, child sources, and adjust existing policies for better compatibility

Summary by CodeRabbit

  • New Features

    • Added support for wallet connections and operations, enabling users to integrate their wallets directly into the application for seamless asset management and transactions.

  • Chores

    • Updated security policies and application configurations to support wallet integration, including wallet popups, frame loading, and secure resource handling to ensure compatibility and security.

@digitaldrreamer
chore: Update next.config.mjs to enhance security headers
a98c534 
- Modify Content-Security-Policy to allow wallet connections and improve RPC support
- Add headers for wallet popups, child sources, and adjust existing policies for better compatibility
@digitaldrreamer digitaldrreamer self-assigned this Feb 2, 2026
@vercel
Copy link
Copy Markdown

vercel bot commented Feb 2, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
veiled-demo Error Error Feb 2, 2026 9:24am
veiled-web Building Building Preview, Comment Feb 2, 2026 9:24am

@digitaldrreamer digitaldrreamer merged commit 5cbbbe9 into main Feb 2, 2026
1 of 5 checks passed
@coderabbitai
Copy link
Copy Markdown

coderabbitai bot commented Feb 2, 2026
edited
Loading

Caution

Review failed

The pull request is closed.

📝 Walkthrough

Walkthrough

Modified Content-Security-Policy headers in Next.js configuration to expand allowed sources for wallet functionality, including blob URLs, HTTPS, WebSocket, and HTTP schemes, with new policies for frames and child elements to support wallet popups and connections.

Changes

Cohort / File(s) Summary
CSP Header Configuration
apps/demo/next.config.mjs		 Extended Content-Security-Policy directives to permit wallet connections and interactions. Updated connect-src to allow blob, https, wss, http, and websocket schemes with local host patterns. Added script-src for wallet scripts with unsafe-eval/unsafe-inline. Expanded img-src, introduced frame-src and child-src policies for wallet popups and iframes.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 Hops through the security gates we go,
Wallets now welcome, policies aglow,
Blobs, https, and websockets unite,
A broader path for wallets to take flight! 🌐✨

✨ Finishing touches
  • 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch demo-dockerfile-fixes

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@digitaldrreamer digitaldrreamer

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@digitaldrreamer