fix(csp): add wss and tauri to conf template (#1974)

nothingismagick · lucasfernog · web-flow · commit 463fd00d0624 · 2021-06-15T13:37:24.000-03:00
* fix(csp): add wss and tauri to conf template

* add change file, update examples/docs

Co-authored-by: Lucas Nogueira &lt;lucas@tauri.studio&gt;
diff --git a/.changes/template-csp-change.md b/.changes/template-csp-change.md
@@ -0,0 +1,5 @@
+---
+"cli.rs": patch
+---
+
+Change the `csp` value on the template to include `wss:` and `tauri:` to the `default-src` attribute.
diff --git a/core/tauri/test/fixture/src-tauri/tauri.conf.json b/core/tauri/test/fixture/src-tauri/tauri.conf.json
@@ -17,7 +17,7 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
     },
     "updater": {
       "active": false
diff --git a/docs/api/config.md b/docs/api/config.md
@@ -358,7 +358,7 @@ Instead of launching the app directly, we configure the bundled app to run a scr
     "fullscreen": false
   }],
   "security": {
-    "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline'"
+    "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
   }
 }
 ```
diff --git a/docs/usage/development/integration.md b/docs/usage/development/integration.md
@@ -107,7 +107,7 @@ App directory structure
 App
   tauri.rs - 1.0.0-beta.1
   build-type - bundle
-  CSP - default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self' img-src: 'self'
+  CSP - default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self' img-src: 'self'
   distDir - ../public
   devPath - ../public
   framework - Svelte
diff --git a/examples/api/src-tauri/tauri.conf.json b/examples/api/src-tauri/tauri.conf.json
@@ -78,10 +78,10 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self' img-src: 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self' img-src: 'self'"
     },
     "systemTray": {
       "iconPath": "../../.icons/icon.png"
     }
   }
-}
+}
diff --git a/examples/commands/src-tauri/tauri.conf.json b/examples/commands/src-tauri/tauri.conf.json
@@ -1,7 +1,11 @@
 {
   "build": {
-    "distDir": ["../index.html"],
-    "devPath": ["../index.html"],
+    "distDir": [
+      "../index.html"
+    ],
+    "devPath": [
+      "../index.html"
+    ],
     "beforeDevCommand": "",
     "beforeBuildCommand": ""
   },
@@ -47,10 +51,10 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
     },
     "updater": {
       "active": false
     }
   }
-}
+}
diff --git a/examples/helloworld/src-tauri/tauri.conf.json b/examples/helloworld/src-tauri/tauri.conf.json
@@ -1,7 +1,11 @@
 {
   "build": {
-    "distDir": ["../index.html"],
-    "devPath": ["../index.html"],
+    "distDir": [
+      "../index.html"
+    ],
+    "devPath": [
+      "../index.html"
+    ],
     "beforeDevCommand": "",
     "beforeBuildCommand": ""
   },
@@ -47,10 +51,10 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
     },
     "updater": {
       "active": false
     }
   }
-}
+}
diff --git a/examples/multiwindow/src-tauri/tauri.conf.json b/examples/multiwindow/src-tauri/tauri.conf.json
@@ -1,7 +1,11 @@
 {
   "build": {
-    "distDir": ["../index.html"],
-    "devPath": ["../index.html"],
+    "distDir": [
+      "../index.html"
+    ],
+    "devPath": [
+      "../index.html"
+    ],
     "withGlobalTauri": true
   },
   "tauri": {
@@ -39,7 +43,7 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
     },
     "updater": {
       "active": false
diff --git a/examples/navigation/src-tauri/tauri.conf.json b/examples/navigation/src-tauri/tauri.conf.json
@@ -48,10 +48,10 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
     },
     "updater": {
       "active": false
     }
   }
-}
+}
diff --git a/examples/params/src-tauri/tauri.conf.json b/examples/params/src-tauri/tauri.conf.json
@@ -1,7 +1,11 @@
 {
   "build": {
-    "distDir": ["../index.html"],
-    "devPath": ["../index.html"],
+    "distDir": [
+      "../index.html"
+    ],
+    "devPath": [
+      "../index.html"
+    ],
     "beforeDevCommand": "",
     "beforeBuildCommand": ""
   },
@@ -47,10 +51,10 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
     },
     "updater": {
       "active": false
     }
   }
-}
+}
diff --git a/examples/splashscreen/src-tauri/tauri.conf.json b/examples/splashscreen/src-tauri/tauri.conf.json
@@ -42,10 +42,10 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'  img-src: 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'  img-src: 'self'"
     },
     "updater": {
       "active": false
     }
   }
-}
+}
diff --git a/examples/state/src-tauri/tauri.conf.json b/examples/state/src-tauri/tauri.conf.json
@@ -1,7 +1,11 @@
 {
   "build": {
-    "distDir": ["../index.html"],
-    "devPath": ["../index.html"],
+    "distDir": [
+      "../index.html"
+    ],
+    "devPath": [
+      "../index.html"
+    ],
     "beforeDevCommand": "",
     "beforeBuildCommand": ""
   },
@@ -47,10 +51,10 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
     },
     "updater": {
       "active": false
     }
   }
-}
+}
diff --git a/examples/updater/src-tauri/tauri.conf.json b/examples/updater/src-tauri/tauri.conf.json
@@ -1,7 +1,11 @@
 {
   "build": {
-    "distDir": ["../index.html"],
-    "devPath": ["../index.html"],
+    "distDir": [
+      "../index.html"
+    ],
+    "devPath": [
+      "../index.html"
+    ],
     "beforeDevCommand": "",
     "beforeBuildCommand": ""
   },
@@ -47,7 +51,7 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
     },
     "updater": {
       "active": true,
@@ -58,4 +62,4 @@
       ]
     }
   }
-}
+}
diff --git a/tooling/bench/tests/cpu_intensive/src-tauri/tauri.conf.json b/tooling/bench/tests/cpu_intensive/src-tauri/tauri.conf.json
@@ -47,10 +47,10 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
     },
     "updater": {
       "active": false
     }
   }
-}
+}
diff --git a/tooling/bench/tests/files_transfer/src-tauri/tauri.conf.json b/tooling/bench/tests/files_transfer/src-tauri/tauri.conf.json
@@ -47,10 +47,10 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
     },
     "updater": {
       "active": false
     }
   }
-}
+}
diff --git a/tooling/bench/tests/helloworld/src-tauri/tauri.conf.json b/tooling/bench/tests/helloworld/src-tauri/tauri.conf.json
@@ -47,10 +47,10 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"
     },
     "updater": {
       "active": false
     }
   }
-}
+}
diff --git a/tooling/cli.rs/templates/src-tauri/tauri.conf.json b/tooling/cli.rs/templates/src-tauri/tauri.conf.json
@@ -61,7 +61,7 @@
       }
     ],
     "security": {
-      "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self' img-src: 'self'"
+      "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self' img-src: 'self'"
     }
   }
 }

-Original file line number
+Diff line change
@@ @@ -0,0 +1,5 @@ @@
 +---
 +"cli.rs": patch
 +---
++
 +Change the `csp` value on the template to include `wss:` and `tauri:` to the `default-src` attribute.
Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@`
`17`	`17`	`}`
`18`	`18`	`],`
`19`	`19`	`"security": {`
`20`		`- "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"`
	`20`	`+ "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"`
`21`	`21`	`},`
`22`	`22`	`"updater": {`
`23`	`23`	`"active": false`
Original file line number	Diff line number	Diff line change
`@@ -358,7 +358,7 @@ Instead of launching the app directly, we configure the bundled app to run a scr`
`358`	`358`	`"fullscreen": false`
`359`	`359`	`}],`
`360`	`360`	`"security": {`
`361`		`- "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline'"`
	`361`	`+ "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"`
`362`	`362`	`}`
`363`	`363`	`}`
`364`	`364`	```
Original file line number	Diff line number	Diff line change
`@@ -78,10 +78,10 @@`
`78`	`78`	`}`
`79`	`79`	`],`
`80`	`80`	`"security": {`
`81`		`- "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self' img-src: 'self'"`
	`81`	`+ "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self' img-src: 'self'"`
`82`	`82`	`},`
`83`	`83`	`"systemTray": {`
`84`	`84`	`"iconPath": "../../.icons/icon.png"`
`85`	`85`	`}`
`86`	`86`	`}`
`87`		`-}`
	`87`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -48,10 +48,10 @@`
`48`	`48`	`}`
`49`	`49`	`],`
`50`	`50`	`"security": {`
`51`		`- "csp": "default-src blob: data: filesystem: ws: http: https: 'unsafe-eval' 'unsafe-inline' 'self'"`
	`51`	`+ "csp": "default-src blob: data: filesystem: ws: wss: http: https: tauri: 'unsafe-eval' 'unsafe-inline' 'self'"`
`52`	`52`	`},`
`53`	`53`	`"updater": {`
`54`	`54`	`"active": false`
`55`	`55`	`}`
`56`	`56`	`}`
`57`		`-}`
	`57`	`+}`