c6ef857d57
<!-- Thanks for opening a PR! Your contribution is much appreciated. In order to make sure your PR is handled as smoothly as possible we request that you follow the checklist sections below. Choose the right checklist for the change that you're making: --> This serves to add support for [Subresource Integrity](https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity) hashes for scripts added from the new app directory. This also has support for utilizing nonce values passed from request headers (expected to be generated per request in middleware) in the bootstrapping scripts via the `Content-Security-Policy` header as such: ``` Content-Security-Policy: script-src 'nonce-2726c7f26c' ``` Which results in the inline scripts having a new `nonce` attribute hash added. These features combined support for setting an aggressive Content Security Policy on scripts loaded. ## Bug - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added - [ ] Errors have helpful link attached, see `contributing.md` ## Feature - [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR. - [ ] Related issues linked using `fixes #number` - [ ] Integration tests added - [ ] Documentation added - [ ] Telemetry added. In case of a feature if it's used or not. - [x] Errors have helpful link attached, see `contributing.md` ## Documentation / Examples - [x] Make sure the linting passes by running `pnpm lint` - [x] The examples guidelines are followed from [our contributing doc](https://github.com/vercel/next.js/blob/canary/contributing.md#adding-examples) Co-authored-by: Steven <steven@ceriously.com>
132 lines
3.6 KiB
TypeScript
132 lines
3.6 KiB
TypeScript
import { getModuleBuildInfo } from '../get-module-build-info'
|
|
import { stringifyRequest } from '../../stringify-request'
|
|
|
|
export type EdgeSSRLoaderQuery = {
|
|
absolute500Path: string
|
|
absoluteAppPath: string
|
|
absoluteDocumentPath: string
|
|
absoluteErrorPath: string
|
|
absolutePagePath: string
|
|
buildId: string
|
|
dev: boolean
|
|
isServerComponent: boolean
|
|
page: string
|
|
stringifiedConfig: string
|
|
appDirLoader?: string
|
|
pagesType?: 'app' | 'pages' | 'root'
|
|
sriEnabled: boolean
|
|
}
|
|
|
|
export default async function edgeSSRLoader(this: any) {
|
|
const {
|
|
dev,
|
|
page,
|
|
buildId,
|
|
absolutePagePath,
|
|
absoluteAppPath,
|
|
absoluteDocumentPath,
|
|
absolute500Path,
|
|
absoluteErrorPath,
|
|
isServerComponent,
|
|
stringifiedConfig,
|
|
appDirLoader: appDirLoaderBase64,
|
|
pagesType,
|
|
sriEnabled,
|
|
} = this.getOptions()
|
|
|
|
const appDirLoader = Buffer.from(
|
|
appDirLoaderBase64 || '',
|
|
'base64'
|
|
).toString()
|
|
const isAppDir = pagesType === 'app'
|
|
|
|
const buildInfo = getModuleBuildInfo(this._module)
|
|
buildInfo.nextEdgeSSR = {
|
|
isServerComponent: isServerComponent === 'true',
|
|
page: page,
|
|
isAppDir,
|
|
}
|
|
buildInfo.route = {
|
|
page,
|
|
absolutePagePath,
|
|
}
|
|
|
|
const stringifiedPagePath = stringifyRequest(this, absolutePagePath)
|
|
const stringifiedAppPath = stringifyRequest(this, absoluteAppPath)
|
|
const stringifiedErrorPath = stringifyRequest(this, absoluteErrorPath)
|
|
const stringifiedDocumentPath = stringifyRequest(this, absoluteDocumentPath)
|
|
const stringified500Path = absolute500Path
|
|
? stringifyRequest(this, absolute500Path)
|
|
: null
|
|
|
|
const pageModPath = `${appDirLoader}${stringifiedPagePath.substring(
|
|
1,
|
|
stringifiedPagePath.length - 1
|
|
)}`
|
|
|
|
const transformed = `
|
|
import { adapter, enhanceGlobals } from 'next/dist/server/web/adapter'
|
|
import { getRender } from 'next/dist/build/webpack/loaders/next-edge-ssr-loader/render'
|
|
|
|
import Document from ${stringifiedDocumentPath}
|
|
|
|
enhanceGlobals()
|
|
|
|
${
|
|
isAppDir
|
|
? `
|
|
const appRenderToHTML = require('next/dist/server/app-render').renderToHTMLOrFlight
|
|
const pagesRenderToHTML = null
|
|
const pageMod = require(${JSON.stringify(pageModPath)})
|
|
`
|
|
: `
|
|
const appRenderToHTML = null
|
|
const pagesRenderToHTML = require('next/dist/server/render').renderToHTML
|
|
const pageMod = require(${stringifiedPagePath})
|
|
`
|
|
}
|
|
|
|
const appMod = require(${stringifiedAppPath})
|
|
const errorMod = require(${stringifiedErrorPath})
|
|
const error500Mod = ${
|
|
stringified500Path ? `require(${stringified500Path})` : 'null'
|
|
}
|
|
|
|
const buildManifest = self.__BUILD_MANIFEST
|
|
const reactLoadableManifest = self.__REACT_LOADABLE_MANIFEST
|
|
const rscManifest = self.__RSC_MANIFEST
|
|
const rscCssManifest = self.__RSC_CSS_MANIFEST
|
|
const subresourceIntegrityManifest = ${
|
|
sriEnabled ? 'self.__SUBRESOURCE_INTEGRITY_MANIFEST' : 'undefined'
|
|
}
|
|
|
|
const render = getRender({
|
|
dev: ${dev},
|
|
page: ${JSON.stringify(page)},
|
|
appMod,
|
|
pageMod,
|
|
errorMod,
|
|
error500Mod,
|
|
Document,
|
|
buildManifest,
|
|
appRenderToHTML,
|
|
pagesRenderToHTML,
|
|
reactLoadableManifest,
|
|
serverComponentManifest: ${isServerComponent} ? rscManifest : null,
|
|
serverCSSManifest: ${isServerComponent} ? rscCssManifest : null,
|
|
subresourceIntegrityManifest,
|
|
config: ${stringifiedConfig},
|
|
buildId: ${JSON.stringify(buildId)},
|
|
})
|
|
|
|
export const ComponentMod = pageMod
|
|
|
|
export default function(opts) {
|
|
return adapter({
|
|
...opts,
|
|
handler: render
|
|
})
|
|
}`
|
|
|
|
return transformed
|
|
}
|