From 8d798e3b7a69f33f865df891a7ed6a641f5c20b5 Mon Sep 17 00:00:00 2001 From: Pieter Vander Vennet Date: Sat, 1 Mar 2025 02:43:57 +0100 Subject: [PATCH] Chore: move csp-report-header to caddyfile --- Docs/ServerConfig/hetzner/Caddyfile | 8 +++++ scripts/generateLayouts.ts | 51 ++++++++++++++--------------- 2 files changed, 33 insertions(+), 26 deletions(-) diff --git a/Docs/ServerConfig/hetzner/Caddyfile b/Docs/ServerConfig/hetzner/Caddyfile index ed205e98c5..616aff8345 100644 --- a/Docs/ServerConfig/hetzner/Caddyfile +++ b/Docs/ServerConfig/hetzner/Caddyfile @@ -3,6 +3,7 @@ builds.mapcomplete.org { file_server browse header { +Permissions-Policy "interest-cohort=()" + Report-To "{\"group\":\"csp-endpoint\", \"max_age\":86400, \"endpoints\":[{\"url\":\"https://report.mapcomplete.org/csp\"}], \"include_subdomains\":true}" } } @@ -12,6 +13,7 @@ mapcomplete.org, www.mapcomplete.org { file_server header { +Permissions-Policy "interest-cohort=()" + Report-To "{\"group\":\"csp-endpoint\", \"max_age\":86400, \"endpoints\":[{\"url\":\"https://report.mapcomplete.org/csp\"}], \"include_subdomains\":true}" } handle_errors { @404 { @@ -28,6 +30,7 @@ dev.mapcomplete.org { file_server header { +Permissions-Policy "interest-cohort=()" + header Report-To "{\"group\":\"csp-endpoint\", \"max_age\":86400, \"endpoints\":[{\"url\":\"https://report.mapcomplete.org/csp\"}], \"include_subdomains\":true}" } handle_errors { @404 { @@ -43,6 +46,7 @@ single.mapcomplete.org { file_server browse header { +Permissions-Policy "interest-cohort=()" + Report-To "{\"group\":\"csp-endpoint\", \"max_age\":86400, \"endpoints\":[{\"url\":\"https://report.mapcomplete.org/csp\"}], \"include_subdomains\":true}" } } @@ -59,6 +63,7 @@ velopark.mapcomplete.org { file_server header { +Permissions-Policy "interest-cohort=()" + Report-To "{\"group\":\"csp-endpoint\", \"max_age\":86400, \"endpoints\":[{\"url\":\"https://report.mapcomplete.org/csp\"}], \"include_subdomains\":true}" } } @@ -86,6 +91,9 @@ report.mapcomplete.org { studio.mapcomplete.org { reverse_proxy http://127.0.0.1:1235 + header { + Report-To "{\"group\":\"csp-endpoint\", \"max_age\":86400, \"endpoints\":[{\"url\":\"https://report.mapcomplete.org/csp\"}], \"include_subdomains\":true}" + } } lod.mapcomplete.org { diff --git a/scripts/generateLayouts.ts b/scripts/generateLayouts.ts index 02033237b1..b6aa9c0979 100644 --- a/scripts/generateLayouts.ts +++ b/scripts/generateLayouts.ts @@ -107,9 +107,9 @@ class GenerateLayouts extends Script { if (!layout.icon.endsWith(".svg")) { console.warn( "Not creating a social image for " + - layout.id + - " as it is _not_ a .svg: " + - layout.icon + layout.id + + " as it is _not_ a .svg: " + + layout.icon ) return undefined } @@ -142,9 +142,9 @@ class GenerateLayouts extends Script { id: "icon", transform: `translate(${cx - r},${cy - r}) scale(${ (r * 2) / Number(width) - }) `, + }) ` }, - g: [svg], + g: [svg] } }, (mightBeTokenToReplace) => { @@ -205,19 +205,19 @@ class GenerateLayouts extends Script { icons.push({ src: name, sizes: size + "x" + size, - type: "image/png", + type: "image/png" }) } icons.push({ src: path, sizes: "513x513", - type: "image/svg", + type: "image/svg" }) } else if (icon.endsWith(".png")) { icons.push({ src: icon, sizes: "513x513", - type: "image/png", + type: "image/png" }) } else { console.log(icon) @@ -236,11 +236,11 @@ class GenerateLayouts extends Script { description: ogDescr, orientation: "portrait-primary, landscape-primary", icons: icons, - categories: ["map", "navigation"], + categories: ["map", "navigation"] } return { manifest, - whiteIcons, + whiteIcons } } @@ -251,7 +251,7 @@ class GenerateLayouts extends Script { if (lang === "_context") { continue } - let display = ' style="display: none"' + let display = " style=\"display: none\"" if (!defaultSet) { display = "" defaultSet = true @@ -272,7 +272,7 @@ class GenerateLayouts extends Script { ...eli.features, bing, ...eli_global.map((properties) => ({ properties })), - ...layers_global.layers.map((properties) => ({ properties })), + ...layers_global.layers.map((properties) => ({ properties })) ] for (const feature of rasterLayers) { const f = feature @@ -293,7 +293,7 @@ class GenerateLayouts extends Script { url = url.substring("pmtiles://".length) } const styleSpec = await Utils.downloadJsonCached(url, 1000 * 120, { - Origin: "https://mapcomplete.org", + Origin: "https://mapcomplete.org" }) urls.push(...(f.properties["connect-src"] ?? [])) for (const key of Object.keys(styleSpec?.["sources"] ?? {})) { @@ -309,7 +309,7 @@ class GenerateLayouts extends Script { urls.push(url) if (urlClipped.endsWith(".json")) { const tileInfo = await Utils.downloadJsonCached(url, 1000 * 120, { - Origin: "https://mapcomplete.org", + Origin: "https://mapcomplete.org" }) urls.push(tileInfo["tiles"] ?? []) } @@ -338,7 +338,7 @@ class GenerateLayouts extends Script { "https://api.panoramax.xyz", "https://panoramax.mapcomplete.org", "https://data.velopark.be", - "https://data.mapcomplete.org", + "https://data.mapcomplete.org" ].concat(...(await this.eliUrls())) SpecialVisualizations.specialVisualizations.forEach((sv) => { @@ -427,23 +427,22 @@ class GenerateLayouts extends Script { "default-src": "'self'", "child-src": "'self' blob: ", "img-src": "* data:", // maplibre depends on 'data:' to load - "connect-src": "'self' " + connectSrc.join(" "), "report-to": "https://report.mapcomplete.org/csp", "worker-src": "'self' blob:", // Vite somehow loads the worker via a 'blob' "style-src": "'self' 'unsafe-inline'", // unsafe-inline is needed to change the default background pin colours "script-src": [ "'self'", "https://gc.zgo.at/count.js", - ...(options?.scriptSrcs?.map((s) => "'" + s + "'") ?? []), + ...(options?.scriptSrcs?.map((s) => "'" + s + "'") ?? []) ].join(" "), + "connect-src": "'self' " + connectSrc.join(" ") } const content = Object.keys(csp) .map((k) => k + " " + csp[k]) .join(" ; ") return [ - ``, - ``, + `` ].join("\n") } @@ -455,12 +454,12 @@ class GenerateLayouts extends Script { ) { Locale.language.setData(layout.language[0]) const targetLanguage = layout.language[0] - const ogTitle = Translations.T(layout.title).textFor(targetLanguage).replace(/"/g, '\\"') + const ogTitle = Translations.T(layout.title).textFor(targetLanguage).replace(/"/g, "\\\"") const ogDescr = Translations.T( layout.shortDescription ?? "Easily add and edit geodata with OpenStreetMap" ) .textFor(targetLanguage) - .replace(/"/g, '\\"') + .replace(/"/g, "\\\"") let ogImage = layout.socialImage let twitterImage = ogImage if (ogImage === ThemeConfig.defaultSocialImage && layout.official) { @@ -531,7 +530,7 @@ class GenerateLayouts extends Script { og, customCss, ``, - ...apple_icons, + ...apple_icons ].join("\n") let branchname = await this.getBranchName() @@ -554,7 +553,7 @@ class GenerateLayouts extends Script { .replace( //, await this.generateCsp(layout, layoutJson, { - scriptSrcs: [this.removeOtherLanguagesHash], + scriptSrcs: [this.removeOtherLanguagesHash] }) ) .replace( @@ -585,7 +584,7 @@ class GenerateLayouts extends Script { const imports = [ `import theme from "./public/assets/generated/themes/${theme.id}.json"`, - `import { ThemeMetaTagging } from "./src/assets/generated/metatagging/${theme.id}"`, + `import { ThemeMetaTagging } from "./src/assets/generated/metatagging/${theme.id}"` ] for (const layerName of Constants.added_by_default) { imports.push( @@ -632,7 +631,7 @@ class GenerateLayouts extends Script { "account", "openstreetmap", "custom", - "theme", + "theme" ] const args = process.argv const theme = args[2] @@ -683,7 +682,7 @@ class GenerateLayouts extends Script { startLon: 0, startZoom: 0, title: { en: "MapComplete" }, - description: { en: "A thematic map viewer and editor based on OpenStreetMap" }, + description: { en: "A thematic map viewer and editor based on OpenStreetMap" } }), alreadyWritten )