Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Remove CSP
  • Loading branch information
regalijan committed Oct 19, 2023
1 parent ee68c1b commit c97029e
Show file tree
Hide file tree
Showing 4 changed files with 7 additions and 34 deletions.
6 changes: 3 additions & 3 deletions app/createEmotionCache.ts
@@ -1,10 +1,10 @@
import createCache from "@emotion/cache";

export default function createEmotionCache(nonce?: string) {
export default function createEmotionCache() {
// The browser throws when calling .default, but the server throws if we don't call .default
// Of course!
return typeof document === "undefined"
? createCache.default({ key: "cha", nonce })
? createCache.default({ key: "cha" })
: // @ts-expect-error
createCache({ key: "cha", nonce });
createCache({ key: "cha" });
}
8 changes: 2 additions & 6 deletions app/entry.client.tsx
Expand Up @@ -16,14 +16,10 @@ Sentry.init({
});

function ClientCacheProvider({ children }: { children: ReactNode }) {
const nonce =
document
.querySelector("meta[name='style-nonce']")
?.getAttribute("content") || undefined;
const [cache, setCache] = useState(createEmotionCache(nonce));
const [cache, setCache] = useState(createEmotionCache());

function reset() {
setCache(createEmotionCache(nonce));
setCache(createEmotionCache());
}

return (
Expand Down
4 changes: 2 additions & 2 deletions app/entry.server.tsx
Expand Up @@ -10,9 +10,9 @@ export default function handleRequest(
request: Request,
responseStatusCode: number,
responseHeaders: Headers,
remixContext: EntryContext & RequestContext
remixContext: EntryContext
) {
const cache = createEmotionCache(remixContext.data.nonce);
const cache = createEmotionCache();
const { extractCriticalToChunks } = createEmotionServer(cache);
const html = renderToString(
<ServerStyleContext.Provider value={null}>
Expand Down
23 changes: 0 additions & 23 deletions functions/_middleware.ts
Expand Up @@ -78,8 +78,6 @@ async function setBody(context: RequestContext) {
}

async function setHeaders(context: RequestContext) {
const nonce = crypto.randomUUID().replace(/-/g, "");
context.data.nonce = nonce;
const response = await context.next();

const rtvValues = [
Expand All @@ -101,27 +99,6 @@ async function setHeaders(context: RequestContext) {
);
response.headers.set("X-XSS-Protection", "1; mode=block");

const policies = {
"connect-src": ["https://*.ingest.sentry.io", "'self'"],
"default-src": ["'self'"],
"frame-src": ["https://challenges.cloudflare.com"],
"img-src": [
"https://cdn.discordapp.com/avatars/*",
"https://tr.rbxcdn.com",
"'self'",
],
"media-src": ["https://mediaproxy.carcrushers.cc"],
"script-src": ["https://challenges.cloudflare.com", "'self'"],
"style-src": [`nonce-${nonce}`, "'self'"],
};

const directives = [];

for (const [k, v] of Object.entries(policies))
directives.push(`${k} ${v.join(" ")}`);

response.headers.set("Content-Security-Policy", directives.join("; "));

return response;
}

Expand Down

0 comments on commit c97029e

Please sign in to comment.