300 строки
6.7 KiB
JavaScript
300 строки
6.7 KiB
JavaScript
// CONFIG defaults (aka PRODUCTION)
|
|
// WARNING: No test/stage/dev/development config should
|
|
// live here.
|
|
|
|
import path from 'path';
|
|
|
|
import { amoProdCDN, apiProdHost, sentryHost } from './lib/shared';
|
|
|
|
const appName = process.env.NODE_APP_INSTANCE || null;
|
|
const validAppNames = [
|
|
'amo',
|
|
'disco',
|
|
];
|
|
|
|
// Throw if the appName supplied is not valid.
|
|
if (appName && !validAppNames.includes(appName)) {
|
|
throw new Error(
|
|
`App "${appName}" is not enabled; valid app names: ${validAppNames}`);
|
|
}
|
|
|
|
|
|
module.exports = {
|
|
appName,
|
|
basePath: path.resolve(__dirname, '../'),
|
|
|
|
// These are reversed in src/core/client/config.js.
|
|
client: false,
|
|
server: true,
|
|
|
|
// Disables the server side render, handy for debugging.
|
|
disableSSR: false,
|
|
|
|
// 2592000 is 30 days in seconds.
|
|
cookieMaxAge: 2592000,
|
|
cookieName: 'frontend_auth_token',
|
|
cookieSecure: true,
|
|
|
|
enableClientConsole: false,
|
|
|
|
// If true node will serve the static files.
|
|
enableNodeStatics: false,
|
|
|
|
isDeployed: true,
|
|
isDevelopment: false,
|
|
|
|
// For all Firefox 57+ (Quantum) UAs, send the `appversion` in all API
|
|
// search requests. This will return only compatible add-ons, which is
|
|
// good for UX (it prevents a lot of incompatible old add-ons).
|
|
// Disable this in development when working with stage data, which is
|
|
// very out-of-date and mostly not 57+ compatible.
|
|
restrictSearchResultsToAppVersion: true,
|
|
|
|
// The canonical list of enabled apps.
|
|
validAppNames,
|
|
|
|
// The node server host and port.
|
|
serverHost: '127.0.0.1',
|
|
serverPort: 4000,
|
|
|
|
// By default, sending stats to DataDog is enabled but the host setting
|
|
// must also be non-empty.
|
|
useDatadog: true,
|
|
// These are set with environment variables.
|
|
datadogHost: null,
|
|
datadogPort: null,
|
|
|
|
// The CDN host for AMO.
|
|
amoCDN: amoProdCDN,
|
|
staticHost: amoProdCDN,
|
|
apiHost: apiProdHost,
|
|
apiPath: '/api/v3',
|
|
|
|
// The version for the favicon.
|
|
// This should be changed when a new favicon is pushed to the CDN to prevent
|
|
// client caching.
|
|
faviconVersion: 2,
|
|
|
|
// The keys listed here will be exposed on the client.
|
|
// Since by definition client-side code is public these config keys
|
|
// must not contain sensitive data.
|
|
//
|
|
// NOTE: when you update this, you may also have to update
|
|
// config/default-disco.js:clientConfigKeys
|
|
//
|
|
clientConfigKeys: [
|
|
'allowErrorSimulation',
|
|
'authTokenValidFor',
|
|
'amoCDN',
|
|
'apiHost',
|
|
'apiPath',
|
|
'appName',
|
|
'restrictSearchResultsToAppVersion',
|
|
'cookieMaxAge',
|
|
'cookieName',
|
|
'cookieSecure',
|
|
'defaultLang',
|
|
'enableClientConsole',
|
|
'enableNewCollectionsUI',
|
|
'enableUserProfile',
|
|
'enableAddonRecommendations',
|
|
'enableStaticThemes',
|
|
'fxaConfig',
|
|
'isDeployed',
|
|
'isDevelopment',
|
|
'langs',
|
|
'langMap',
|
|
'publicSentryDsn',
|
|
'rtlLangs',
|
|
'trackingEnabled',
|
|
'trackingId',
|
|
'trackingSendInitPageView',
|
|
'validClientApplications',
|
|
'validLocaleUrlExceptions',
|
|
'validClientAppUrlExceptions',
|
|
'validTrailingSlashUrlExceptions',
|
|
],
|
|
|
|
// Content Security Policy.
|
|
// NOTE: This config should be overridden on a per app basis
|
|
// if you're not updating the config for all apps.
|
|
// NOTE: if a config contains a var, consider importing it
|
|
// from ./lib/shared.js
|
|
CSP: {
|
|
directives: {
|
|
defaultSrc: ["'none'"],
|
|
baseUri: ["'self'"],
|
|
childSrc: ["'none'"],
|
|
connectSrc: [apiProdHost, sentryHost],
|
|
formAction: ["'none'"],
|
|
frameSrc: ["'none'"],
|
|
imgSrc: [
|
|
// Favicons are normally served
|
|
// from the document host.
|
|
"'self'",
|
|
amoProdCDN,
|
|
'data:',
|
|
],
|
|
mediaSrc: ["'none'"],
|
|
objectSrc: ["'none'"],
|
|
scriptSrc: [amoProdCDN],
|
|
styleSrc: [amoProdCDN],
|
|
reportUri: '/__cspreport__',
|
|
},
|
|
|
|
// Set to true if you only want browsers to report errors, not block them
|
|
reportOnly: false,
|
|
|
|
// Set to true if you want to blindly set all headers: Content-Security-Policy,
|
|
// X-WebKit-CSP, and X-Content-Security-Policy.
|
|
setAllHeaders: false,
|
|
|
|
// Set to true if you want to disable CSP on Android where it can be buggy.
|
|
disableAndroid: false,
|
|
},
|
|
|
|
frameGuard: {
|
|
action: 'deny',
|
|
},
|
|
|
|
// Supported languages.
|
|
langs: [
|
|
'af',
|
|
'ar',
|
|
'ast',
|
|
'bg',
|
|
'bn-BD',
|
|
'bs',
|
|
'ca',
|
|
'cak',
|
|
'cs',
|
|
'da',
|
|
'de',
|
|
'dbl',
|
|
'dbr',
|
|
'dsb',
|
|
'el',
|
|
'en-GB',
|
|
'en-US',
|
|
'es',
|
|
'eu',
|
|
'fa',
|
|
'fi',
|
|
'fr',
|
|
'fy-NL',
|
|
'ga-IE',
|
|
'he',
|
|
'hsb',
|
|
'hu',
|
|
'id',
|
|
'it',
|
|
'ja',
|
|
'ka',
|
|
'kab',
|
|
'ko',
|
|
'mk',
|
|
'mn',
|
|
'ms',
|
|
'nl',
|
|
'nb-NO',
|
|
'nn-NO',
|
|
'pl',
|
|
'pt-BR',
|
|
'pt-PT',
|
|
'ro',
|
|
'ru',
|
|
'sk',
|
|
'sl',
|
|
'sq',
|
|
'sv-SE',
|
|
'te',
|
|
'th',
|
|
'tr',
|
|
'uk',
|
|
'ur',
|
|
'vi',
|
|
'zh-CN',
|
|
'zh-TW',
|
|
],
|
|
// Map of short langs to longer ones.
|
|
langMap: {
|
|
en: 'en-US',
|
|
ga: 'ga-IE',
|
|
pt: 'pt-PT',
|
|
sv: 'sv-SE',
|
|
zh: 'zh-CN',
|
|
},
|
|
rtlLangs: ['ar', 'dbr', 'fa', 'he', 'ur'],
|
|
defaultLang: 'en-US',
|
|
|
|
po2jsonFuzzyOutput: false,
|
|
|
|
enablePrefixMiddleware: true,
|
|
enableTrailingSlashesMiddleware: false,
|
|
|
|
localeDir: path.resolve(path.join(__dirname, '../locale')),
|
|
|
|
// This is off by default
|
|
// and enabled on a per-app basis.
|
|
trackingEnabled: false,
|
|
trackingId: null,
|
|
// send a page view on initialization.
|
|
trackingSendInitPageView: true,
|
|
|
|
enablePostCssLoader: true,
|
|
|
|
// The list of valid client application names.
|
|
// These are derived from UA strings when not supplied in the URL.
|
|
validClientApplications: [
|
|
'android',
|
|
'firefox',
|
|
],
|
|
|
|
validLocaleUrlExceptions: [],
|
|
validClientAppUrlExceptions: [],
|
|
validTrailingSlashUrlExceptions: [],
|
|
clientAppRoutes: [],
|
|
|
|
// The default app used in the URL.
|
|
defaultClientApp: 'firefox',
|
|
|
|
fxaConfig: null,
|
|
|
|
proxyEnabled: false,
|
|
|
|
// If true, enable a route that explicitly triggers a server error
|
|
// to test our internal error handler.
|
|
allowErrorSimulation: false,
|
|
|
|
sentryDsn: process.env.SENTRY_DSN || null,
|
|
publicSentryDsn: null,
|
|
|
|
// The amount of time (in seconds) that an auth token lives for. This is
|
|
// currently only used in AMO.
|
|
authTokenValidFor: null,
|
|
|
|
// The number of seconds the client should cache all responses for.
|
|
// If null, no caching headers will be sent.
|
|
// This setting is intended to simulate the Discopane's nginx cache
|
|
// header for development purposes.
|
|
cacheAllResponsesFor: null,
|
|
|
|
// See the Discopane config for how this is currently used.
|
|
discoParamsToUse: [],
|
|
|
|
|
|
// Feature flags.
|
|
|
|
// Expose the new screen for editing a collection.
|
|
enableNewCollectionsUI: false,
|
|
|
|
// Enable the new user profile pages.
|
|
enableUserProfile: true,
|
|
|
|
// Enable the TAAR Lite A/B test.
|
|
enableAddonRecommendations: false,
|
|
|
|
// Enable static themes.
|
|
enableStaticThemes: false,
|
|
};
|