diff --git a/examples/next/app-router/next.config.js b/examples/next/app-router/next.config.js index 5e3410933..550780bfe 100644 --- a/examples/next/app-router/next.config.js +++ b/examples/next/app-router/next.config.js @@ -1,4 +1,11 @@ import { withFaust } from '@faustwp/core'; +import { createSecureHeaders } from 'next-secure-headers'; /** @type {import('next').NextConfig} */ -export default withFaust(); +export default withFaust({ + async headers() { + return [{ source: '/:path*', headers: createSecureHeaders({ + xssProtection: false + }) }]; + }, +}); diff --git a/examples/next/app-router/package.json b/examples/next/app-router/package.json index 6552ac88e..bcee824ad 100644 --- a/examples/next/app-router/package.json +++ b/examples/next/app-router/package.json @@ -28,6 +28,7 @@ "@types/node": "^20.6.3", "@types/react": "^18.2.36", "@types/react-dom": "^18.2.14", - "typescript": "^5.2.2" + "typescript": "^5.2.2", + "next-secure-headers": "^2.2.0" } } diff --git a/examples/next/block-support/next.config.js b/examples/next/block-support/next.config.js index 671f1eca0..b886fe7ab 100644 --- a/examples/next/block-support/next.config.js +++ b/examples/next/block-support/next.config.js @@ -1,4 +1,5 @@ const { withFaust, getWpHostname } = require('@faustwp/core'); +const { createSecureHeaders } = require('next-secure-headers'); /** * @type {import('next').NextConfig} @@ -15,4 +16,9 @@ module.exports = withFaust({ locales: ['en'], defaultLocale: 'en', }, + async headers() { + return [{ source: '/:path*', headers: createSecureHeaders({ + xssProtection: false + }) }]; + }, }); diff --git a/examples/next/block-support/package.json b/examples/next/block-support/package.json index 1d0963a9a..e732d2369 100644 --- a/examples/next/block-support/package.json +++ b/examples/next/block-support/package.json @@ -26,7 +26,8 @@ "@wordpress/scripts": "26.18.0", "@faustwp/block-editor-utils": "0.2.0", "@wordpress/base-styles": "^4.41.0", - "@wordpress/block-library": "^8.27.0" + "@wordpress/block-library": "^8.27.0", + "next-secure-headers": "^2.2.0" }, "engines": { "node": ">=18", diff --git a/examples/next/faustwp-getting-started/next.config.js b/examples/next/faustwp-getting-started/next.config.js index 671f1eca0..b886fe7ab 100644 --- a/examples/next/faustwp-getting-started/next.config.js +++ b/examples/next/faustwp-getting-started/next.config.js @@ -1,4 +1,5 @@ const { withFaust, getWpHostname } = require('@faustwp/core'); +const { createSecureHeaders } = require('next-secure-headers'); /** * @type {import('next').NextConfig} @@ -15,4 +16,9 @@ module.exports = withFaust({ locales: ['en'], defaultLocale: 'en', }, + async headers() { + return [{ source: '/:path*', headers: createSecureHeaders({ + xssProtection: false + }) }]; + }, }); diff --git a/examples/next/faustwp-getting-started/package.json b/examples/next/faustwp-getting-started/package.json index 00dd0a86c..948c8aa2c 100644 --- a/examples/next/faustwp-getting-started/package.json +++ b/examples/next/faustwp-getting-started/package.json @@ -22,6 +22,9 @@ "react-dom": "^17.0.2", "sass": "^1.54.9" }, + "devDependencies": { + "next-secure-headers": "^2.2.0" + }, "engines": { "node": ">=18", "npm": ">=8" diff --git a/package-lock.json b/package-lock.json index 54426a21b..31b6840d5 100644 --- a/package-lock.json +++ b/package-lock.json @@ -63,6 +63,7 @@ "@types/node": "^20.6.3", "@types/react": "^18.2.36", "@types/react-dom": "^18.2.14", + "next-secure-headers": "^2.2.0", "typescript": "^5.2.2" }, "engines": { @@ -341,7 +342,8 @@ "@faustwp/block-editor-utils": "0.1.0", "@wordpress/base-styles": "^4.41.0", "@wordpress/block-library": "^8.27.0", - "@wordpress/scripts": "26.18.0" + "@wordpress/scripts": "26.18.0", + "next-secure-headers": "^2.2.0" }, "engines": { "node": ">=18", @@ -2438,6 +2440,9 @@ "react-dom": "^17.0.2", "sass": "^1.54.9" }, + "devDependencies": { + "next-secure-headers": "^2.2.0" + }, "engines": { "node": ">=18", "npm": ">=8" @@ -6589,22 +6594,6 @@ "url": "https://github.com/sponsors/sindresorhus" } }, - "node_modules/@playwright/test": { - "version": "1.40.1", - "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.40.1.tgz", - "integrity": "sha512-EaaawMTOeEItCRvfmkI9v6rBkF1svM8wjl/YPRrg2N2Wmp+4qJYkWtJsbew1szfKKDm6fPLy4YAanBhIlf9dWw==", - "dev": true, - "peer": true, - "dependencies": { - "playwright": "1.40.1" - }, - "bin": { - "playwright": "cli.js" - }, - "engines": { - "node": ">=16" - } - }, "node_modules/@pmmmwh/react-refresh-webpack-plugin": { "version": "0.5.11", "resolved": "https://registry.npmjs.org/@pmmmwh/react-refresh-webpack-plugin/-/react-refresh-webpack-plugin-0.5.11.tgz", @@ -16646,10 +16635,23 @@ "loose-envify": "^1.0.0" } }, - "node_modules/ip": { - "version": "1.1.9", - "resolved": "https://registry.npmjs.org/ip/-/ip-1.1.9.tgz", - "integrity": "sha512-cyRxvOEpNHNtchU3Ln9KC/auJgup87llfQpQ+t5ghoC/UhL16SWzbueiCsdTnWmqAWl7LadfuwhlqmtOaqMHdQ==", + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "dev": true, + "dependencies": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "engines": { + "node": ">= 12" + } + }, + "node_modules/ip-address/node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", "dev": true }, "node_modules/ipaddr.js": { @@ -19890,6 +19892,12 @@ "js-yaml": "bin/js-yaml.js" } }, + "node_modules/jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true + }, "node_modules/jsdoc-type-pratt-parser": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/jsdoc-type-pratt-parser/-/jsdoc-type-pratt-parser-4.0.0.tgz", @@ -21475,6 +21483,15 @@ } } }, + "node_modules/next-secure-headers": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/next-secure-headers/-/next-secure-headers-2.2.0.tgz", + "integrity": "sha512-C7OfZ9JdSJyYMz2ZBMI/WwNbt0qNjlFWX9afUp8nEUzbz6ez3JbeopdyxSZJZJAzVLIAfyk6n73rFpd4e22jRg==", + "dev": true, + "engines": { + "node": ">=10.0.0" + } + }, "node_modules/next/node_modules/@next/swc-darwin-arm64": { "version": "12.3.4", "resolved": "https://registry.npmjs.org/@next/swc-darwin-arm64/-/swc-darwin-arm64-12.3.4.tgz", @@ -22419,13 +22436,12 @@ } }, "node_modules/pac-resolver": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/pac-resolver/-/pac-resolver-7.0.0.tgz", - "integrity": "sha512-Fd9lT9vJbHYRACT8OhCbZBbxr6KRSawSovFpy8nDGshaK99S/EBhVIHp9+crhxrsZOuvLpgL1n23iyPg6Rl2hg==", + "version": "7.0.1", + "resolved": "https://registry.npmjs.org/pac-resolver/-/pac-resolver-7.0.1.tgz", + "integrity": "sha512-5NPgf87AT2STgwa2ntRMr45jTKrYBGkVU36yT0ig/n/GMAa3oPqhZfIQ2kMEimReg0+t9kZViDVZ83qfVUlckg==", "dev": true, "dependencies": { "degenerator": "^5.0.0", - "ip": "^1.1.8", "netmask": "^2.0.2" }, "engines": { @@ -22648,25 +22664,6 @@ "node": ">=8" } }, - "node_modules/playwright": { - "version": "1.40.1", - "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.40.1.tgz", - "integrity": "sha512-2eHI7IioIpQ0bS1Ovg/HszsN/XKNwEG1kbzSDDmADpclKc7CyqkHw7Mg2JCz/bbCxg25QUPcjksoMW7JcIFQmw==", - "dev": true, - "peer": true, - "dependencies": { - "playwright-core": "1.40.1" - }, - "bin": { - "playwright": "cli.js" - }, - "engines": { - "node": ">=16" - }, - "optionalDependencies": { - "fsevents": "2.3.2" - } - }, "node_modules/playwright-core": { "version": "1.39.0", "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.39.0.tgz", @@ -22679,34 +22676,6 @@ "node": ">=16" } }, - "node_modules/playwright/node_modules/fsevents": { - "version": "2.3.2", - "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", - "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", - "dev": true, - "hasInstallScript": true, - "optional": true, - "os": [ - "darwin" - ], - "peer": true, - "engines": { - "node": "^8.16.0 || ^10.6.0 || >=11.0.0" - } - }, - "node_modules/playwright/node_modules/playwright-core": { - "version": "1.40.1", - "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.40.1.tgz", - "integrity": "sha512-+hkOycxPiV534c4HhpfX6yrlawqVUzITRKwHAmYfmsVreltEl6fAZJ3DPfLMOODw0H3s1Itd6MDCWmP1fl/QvQ==", - "dev": true, - "peer": true, - "bin": { - "playwright-core": "cli.js" - }, - "engines": { - "node": ">=16" - } - }, "node_modules/plur": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/plur/-/plur-4.0.0.tgz", @@ -23919,16 +23888,6 @@ "version": "16.13.1", "license": "MIT" }, - "node_modules/react-refresh": { - "version": "0.10.0", - "resolved": "https://registry.npmjs.org/react-refresh/-/react-refresh-0.10.0.tgz", - "integrity": "sha512-PgidR3wST3dDYKr6b4pJoqQFpPGNKDSCDx4cZoshjXipw3LzO7mG1My2pwEzz2JVkF+inx3xRpDeQLFQGH/hsQ==", - "dev": true, - "peer": true, - "engines": { - "node": ">=0.10.0" - } - }, "node_modules/react-remove-scroll": { "version": "2.5.5", "license": "MIT", @@ -25517,16 +25476,16 @@ } }, "node_modules/socks": { - "version": "2.7.1", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.7.1.tgz", - "integrity": "sha512-7maUZy1N7uo6+WVEX6psASxtNlKaNVMlGQKkG/63nEDdLOWNbiUMoLK7X4uYoLhQstau72mLgfEWcXcwsaHbYQ==", + "version": "2.7.3", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.7.3.tgz", + "integrity": "sha512-vfuYK48HXCTFD03G/1/zkIls3Ebr2YNa4qU9gHDZdblHLiqhJrJGkY3+0Nx0JpN9qBhJbVObc1CNciT1bIZJxw==", "dev": true, "dependencies": { - "ip": "^2.0.0", + "ip-address": "^9.0.5", "smart-buffer": "^4.2.0" }, "engines": { - "node": ">= 10.13.0", + "node": ">= 10.0.0", "npm": ">= 3.0.0" } }, @@ -25556,12 +25515,6 @@ "node": ">= 14" } }, - "node_modules/socks/node_modules/ip": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/ip/-/ip-2.0.1.tgz", - "integrity": "sha512-lJUL9imLTNi1ZfXT+DU6rBBdbiKGBuay9B6xGSPVjUeQwaH1RIGqef8RZkUtHioLmSNpPR5M4HVKJGm1j8FWVQ==", - "dev": true - }, "node_modules/source-map": { "version": "0.6.1", "license": "BSD-3-Clause",