-
Notifications
You must be signed in to change notification settings - Fork 2
/
index.js
75 lines (66 loc) · 2.36 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
/* eslint-disable no-console */
import fs, { copyFileSync } from "fs";
const SITE_ID = "321a7119-6008-49a8-9d2f-e20602b1b349";
export const onPreBuild = async ({
inputs,
netlifyConfig,
utils,
constants,
}) => {
const config = JSON.stringify(inputs, null, 2);
const { build } = netlifyConfig;
const { INTERNAL_EDGE_FUNCTIONS_SRC, INTERNAL_FUNCTIONS_SRC } = constants;
// DISABLE_CSP_NONCE is undocumented (deprecated), but still supported
// -> superseded by CSP_NONCE_DISTRIBUTION
if (build.environment.DISABLE_CSP_NONCE === "true") {
console.log(` DISABLE_CSP_NONCE environment variable is true, skipping.`);
return;
}
// CSP_NONCE_DISTRIBUTION is a number from 0 to 1,
// but 0 to 100 is also supported, along with a trailing %
const distribution = build.environment.CSP_NONCE_DISTRIBUTION;
if (!!distribution) {
const threshold =
distribution.endsWith("%") || parseFloat(distribution) > 1
? Math.max(parseFloat(distribution) / 100, 0)
: Math.max(parseFloat(distribution), 0);
console.log(` CSP_NONCE_DISTRIBUTION is set to ${threshold * 100}%`);
if (threshold === 0) {
console.log(` Skipping.`);
return;
}
}
console.log(` Current working directory: ${process.cwd()}`);
const basePath =
build.environment.SITE_ID === SITE_ID
? "./src"
: "./node_modules/@netlify/plugin-csp-nonce/src";
// make the directory in case it actually doesn't exist yet
await utils.run.command(`mkdir -p ${INTERNAL_EDGE_FUNCTIONS_SRC}`);
console.log(
` Writing nonce edge function to ${INTERNAL_EDGE_FUNCTIONS_SRC}...`,
);
copyFileSync(
`${basePath}/__csp-nonce.ts`,
`${INTERNAL_EDGE_FUNCTIONS_SRC}/__csp-nonce.ts`,
);
fs.writeFileSync(
`${INTERNAL_EDGE_FUNCTIONS_SRC}/__csp-nonce-inputs.json`,
config,
);
// if no reportUri in config input, deploy function on site's behalf
if (!inputs.reportUri) {
// make the directory in case it actually doesn't exist yet
await utils.run.command(`mkdir -p ${INTERNAL_FUNCTIONS_SRC}`);
console.log(
` Writing violations logging function to ${INTERNAL_FUNCTIONS_SRC}...`,
);
copyFileSync(
`${basePath}/__csp-violations.ts`,
`${INTERNAL_FUNCTIONS_SRC}/__csp-violations.ts`,
);
} else {
console.log(` Using ${inputs.reportUri} as report-uri directive...`);
}
console.log(` Done.`);
};