From 940ac543651c1c245a2fa165b2b88070f0d2bae1 Mon Sep 17 00:00:00 2001 From: Michael Robinson Date: Fri, 25 Aug 2023 16:03:04 -0400 Subject: [PATCH] remove unsafe-eval from script-src directive in csp plugin config Signed-off-by: Michael Robinson --- gatsby-config.ts | 4 +- schema.json | 278 ++++++++++++++++++++++++++++++----------------- 2 files changed, 179 insertions(+), 103 deletions(-) diff --git a/gatsby-config.ts b/gatsby-config.ts index 7738320..33f04b7 100644 --- a/gatsby-config.ts +++ b/gatsby-config.ts @@ -87,13 +87,13 @@ const plugins = [ { resolve: `gatsby-plugin-csp`, options: { - disableOnDev: false, + disableOnDev: true, reportOnly: false, mergeScriptHashes: true, mergeStyleHashes: true, mergeDefaultDirectives: true, directives: { - "script-src": "'self' 'unsafe-eval' https://plausible.io/js/script.outbound-links.js", + "script-src": "'self' https://plausible.io/js/script.outbound-links.js", "script-src-elem": "'self' 'unsafe-hashes' 'sha256-KhYL36Znfb6uiZ++0CIZ4ktnvanqe889TzXlpltU5o0=' 'sha256-jd1C8gAt3KiQo8RJ8fB5lxwhuFWo8UXLGvHAehvxeVk=' 'sha256-iKkBKEi9og8215U4DjZbF+TYC1aw/Q4XtA+Yz8JiSh4=' 'sha256-OzUnmjMIVuS+lOnNyveodXW96iw8WIDsfo02bVyJTKE=' 'sha256-r1R1bJHQ2LX3ekmreqx7Y+aSiGGrpPYACbCKNP9s82Q=' 'sha256-egpbluqkD8NT0bY3bWy7raM9tRIMkfUWboq0Y8KqsFk=' https://plausible.io/js/script.outbound-links.js https://www.googletagmanager.com", "style-src": "'self' 'unsafe-hashes' 'sha256-+94JOX1HQRANuLOsn1gpzNE3I3JLzO0wrP9KspQf0cM=' 'sha256-iahNazrr5t3BQXcVfXbYSR8Bd2AOXPifwVTBbIKb/bE=' 'sha256-7buiYDizqbiAS404WOu2AY5NZDzyVesjpBU80D6Nno4=' 'sha256-f7qc12gYVX0xoX9jAoOIxHvtXcfppKYwcBr7sE0GLR4=' 'sha256-o4LYhp5wtluJ8/NWUV2vi+r5AxmP8X2zEvYHCpji+kI=' 'sha256-MtxTLcyxVEJFNLEIqbVTaqR4WWr0+lYSZ78AzGmNsuA=' https://fonts.googleapis.com", "style-src-elem": "'self' 'unsafe-hashes' 'sha256-LuLD83XjKEDeQE2JbDqHgDbq4FVgc43d4S4wUyGCjEs=' 'sha256-mLiecSDCbxU+GwpOjEW11Ddlsg09pqoF9VA2VJ8XAK4=' 'sha256-UrOiXfLZp9TdAD7NY9X+JKYQ8F+C7AsCo9loq6bNNX8=' 'sha256-27nLLCfJPKzC4cpzFwNqY3YTXYmR0/qs1ExOGhQCw/c=' 'sha256-cLHlYu9WwZQgD1K6YlWPqFYXJEuD9YpxdlDktBDedco=' https://fonts.googleapis.com", diff --git a/schema.json b/schema.json index 629cb46..f624c39 100644 --- a/schema.json +++ b/schema.json @@ -2221,6 +2221,30 @@ "isDeprecated": false, "deprecationReason": null }, + { + "name": "port", + "description": null, + "args": [], + "type": { + "kind": "SCALAR", + "name": "Int", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "host", + "description": null, + "args": [], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + }, { "name": "polyfill", "description": null, @@ -3489,22 +3513,6 @@ "isDeprecated": false, "deprecationReason": null }, - { - "name": "postCssPlugins", - "description": null, - "args": [], - "type": { - "kind": "LIST", - "name": null, - "ofType": { - "kind": "OBJECT", - "name": "SitePluginPluginOptionsPostCssPlugins", - "ofType": null - } - }, - "isDeprecated": false, - "deprecationReason": null - }, { "name": "trackingIds", "description": null, @@ -3604,26 +3612,19 @@ }, "isDeprecated": false, "deprecationReason": null - } - ], - "inputFields": null, - "interfaces": [], - "enumValues": null, - "possibleTypes": null - }, - { - "kind": "OBJECT", - "name": "SitePluginPluginOptionsPostCssPlugins", - "description": null, - "fields": [ + }, { - "name": "postcssPlugin", + "name": "postCssPlugins", "description": null, "args": [], "type": { - "kind": "SCALAR", - "name": "String", - "ofType": null + "kind": "LIST", + "name": null, + "ofType": { + "kind": "OBJECT", + "name": "SitePluginPluginOptionsPostCssPlugins", + "ofType": null + } }, "isDeprecated": false, "deprecationReason": null @@ -3717,6 +3718,29 @@ "enumValues": null, "possibleTypes": null }, + { + "kind": "OBJECT", + "name": "SitePluginPluginOptionsPostCssPlugins", + "description": null, + "fields": [ + { + "name": "postcssPlugin", + "description": null, + "args": [], + "type": { + "kind": "SCALAR", + "name": "String", + "ofType": null + }, + "isDeprecated": false, + "deprecationReason": null + } + ], + "inputFields": null, + "interfaces": [], + "enumValues": null, + "possibleTypes": null + }, { "kind": "OBJECT", "name": "SitePluginPackageJson", @@ -7743,6 +7767,26 @@ }, "defaultValue": null }, + { + "name": "port", + "description": null, + "type": { + "kind": "INPUT_OBJECT", + "name": "IntQueryOperatorInput", + "ofType": null + }, + "defaultValue": null + }, + { + "name": "host", + "description": null, + "type": { + "kind": "INPUT_OBJECT", + "name": "StringQueryOperatorInput", + "ofType": null + }, + "defaultValue": null + }, { "name": "polyfill", "description": null, @@ -17529,6 +17573,18 @@ "isDeprecated": false, "deprecationReason": null }, + { + "name": "port", + "description": null, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "host", + "description": null, + "isDeprecated": false, + "deprecationReason": null + }, { "name": "polyfill", "description": null, @@ -18384,6 +18440,26 @@ }, "defaultValue": null }, + { + "name": "port", + "description": null, + "type": { + "kind": "INPUT_OBJECT", + "name": "IntQueryOperatorInput", + "ofType": null + }, + "defaultValue": null + }, + { + "name": "host", + "description": null, + "type": { + "kind": "INPUT_OBJECT", + "name": "StringQueryOperatorInput", + "ofType": null + }, + "defaultValue": null + }, { "name": "polyfill", "description": null, @@ -20184,16 +20260,6 @@ }, "defaultValue": null }, - { - "name": "postCssPlugins", - "description": null, - "type": { - "kind": "INPUT_OBJECT", - "name": "SitePluginPluginOptionsPostCssPluginsFilterListInput", - "ofType": null - }, - "defaultValue": null - }, { "name": "trackingIds", "description": null, @@ -20273,45 +20339,13 @@ "ofType": null }, "defaultValue": null - } - ], - "interfaces": null, - "enumValues": null, - "possibleTypes": null - }, - { - "kind": "INPUT_OBJECT", - "name": "SitePluginPluginOptionsPostCssPluginsFilterListInput", - "description": null, - "fields": null, - "inputFields": [ - { - "name": "elemMatch", - "description": null, - "type": { - "kind": "INPUT_OBJECT", - "name": "SitePluginPluginOptionsPostCssPluginsFilterInput", - "ofType": null - }, - "defaultValue": null - } - ], - "interfaces": null, - "enumValues": null, - "possibleTypes": null - }, - { - "kind": "INPUT_OBJECT", - "name": "SitePluginPluginOptionsPostCssPluginsFilterInput", - "description": null, - "fields": null, - "inputFields": [ + }, { - "name": "postcssPlugin", + "name": "postCssPlugins", "description": null, "type": { "kind": "INPUT_OBJECT", - "name": "StringQueryOperatorInput", + "name": "SitePluginPluginOptionsPostCssPluginsFilterListInput", "ofType": null }, "defaultValue": null @@ -20392,6 +20426,48 @@ "enumValues": null, "possibleTypes": null }, + { + "kind": "INPUT_OBJECT", + "name": "SitePluginPluginOptionsPostCssPluginsFilterListInput", + "description": null, + "fields": null, + "inputFields": [ + { + "name": "elemMatch", + "description": null, + "type": { + "kind": "INPUT_OBJECT", + "name": "SitePluginPluginOptionsPostCssPluginsFilterInput", + "ofType": null + }, + "defaultValue": null + } + ], + "interfaces": null, + "enumValues": null, + "possibleTypes": null + }, + { + "kind": "INPUT_OBJECT", + "name": "SitePluginPluginOptionsPostCssPluginsFilterInput", + "description": null, + "fields": null, + "inputFields": [ + { + "name": "postcssPlugin", + "description": null, + "type": { + "kind": "INPUT_OBJECT", + "name": "StringQueryOperatorInput", + "ofType": null + }, + "defaultValue": null + } + ], + "interfaces": null, + "enumValues": null, + "possibleTypes": null + }, { "kind": "INPUT_OBJECT", "name": "SitePluginPackageJsonFilterInput", @@ -21696,18 +21772,6 @@ "isDeprecated": false, "deprecationReason": null }, - { - "name": "pluginCreator___pluginOptions___postCssPlugins", - "description": null, - "isDeprecated": false, - "deprecationReason": null - }, - { - "name": "pluginCreator___pluginOptions___postCssPlugins___postcssPlugin", - "description": null, - "isDeprecated": false, - "deprecationReason": null - }, { "name": "pluginCreator___pluginOptions___trackingIds", "description": null, @@ -21786,6 +21850,18 @@ "isDeprecated": false, "deprecationReason": null }, + { + "name": "pluginCreator___pluginOptions___postCssPlugins", + "description": null, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "pluginCreator___pluginOptions___postCssPlugins___postcssPlugin", + "description": null, + "isDeprecated": false, + "deprecationReason": null + }, { "name": "pluginCreator___packageJson___name", "description": null, @@ -23052,18 +23128,6 @@ "isDeprecated": false, "deprecationReason": null }, - { - "name": "pluginOptions___postCssPlugins", - "description": null, - "isDeprecated": false, - "deprecationReason": null - }, - { - "name": "pluginOptions___postCssPlugins___postcssPlugin", - "description": null, - "isDeprecated": false, - "deprecationReason": null - }, { "name": "pluginOptions___trackingIds", "description": null, @@ -23142,6 +23206,18 @@ "isDeprecated": false, "deprecationReason": null }, + { + "name": "pluginOptions___postCssPlugins", + "description": null, + "isDeprecated": false, + "deprecationReason": null + }, + { + "name": "pluginOptions___postCssPlugins___postcssPlugin", + "description": null, + "isDeprecated": false, + "deprecationReason": null + }, { "name": "packageJson___name", "description": null,