File tree Expand file tree Collapse file tree 2 files changed +35
-1
lines changed
Expand file tree Collapse file tree 2 files changed +35
-1
lines changed Original file line number Diff line number Diff line change @@ -3,4 +3,4 @@ NEXT_PUBLIC_EVENTS_WS_URL="wss://<SERVER_ADDR>:<SERVER_PORT>"
33
44# BlockVision Pro API key for Monad mainnet contract metadata lookups
55# Get your API key from https://docs.blockvision.org/
6- BLOCKVISION_API_KEY = " your-api-key-here"
6+ BLOCKVISION_API_KEY = " your-api-key-here"
Original file line number Diff line number Diff line change 11import type { NextConfig } from 'next'
22
3+ const isDev = process . env . NODE_ENV === 'development'
4+
35const nextConfig : NextConfig = {
46 images : {
57 remotePatterns : [
@@ -10,6 +12,38 @@ const nextConfig: NextConfig = {
1012 } ,
1113 ] ,
1214 } ,
15+ async headers ( ) {
16+ return [
17+ {
18+ source : '/(.*)' ,
19+ headers : [
20+ { key : 'X-Content-Type-Options' , value : 'nosniff' } ,
21+ { key : 'Referrer-Policy' , value : 'strict-origin-when-cross-origin' } ,
22+ {
23+ key : 'Permissions-Policy' ,
24+ value : 'geolocation=(), microphone=(), camera=()' ,
25+ } ,
26+ { key : 'X-Frame-Options' , value : 'DENY' } ,
27+ {
28+ key : 'Content-Security-Policy' ,
29+ value : [
30+ "default-src 'self'" ,
31+ `script-src 'self' 'unsafe-inline' https://va.vercel-scripts.com${ isDev ? " 'unsafe-eval'" : '' } ,
32+ "style-src 'self' 'unsafe-inline'" ,
33+ "img-src 'self' data: https://raw.githubusercontent.com" ,
34+ "font-src 'self'" ,
35+ "connect-src 'self' wss://monode-mainnet.monadinfra.com wss://execution-events-backend-example.molandak.org" ,
36+ "frame-ancestors 'none'" ,
37+ "object-src 'none'" ,
38+ "base-uri 'self'" ,
39+ "form-action 'self'" ,
40+ 'upgrade-insecure-requests' ,
41+ ] . join ( '; ' ) ,
42+ } ,
43+ ] ,
44+ } ,
45+ ]
46+ } ,
1347}
1448
1549export default nextConfig
You can’t perform that action at this time.
0 commit comments