213 строки
5.9 KiB
JavaScript
213 строки
5.9 KiB
JavaScript
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
/* eslint @typescript-eslint/no-var-requires: "off" */
|
|
import { withSentryConfig } from "@sentry/nextjs";
|
|
|
|
/** @type {import('next').NextConfig} */
|
|
const nextConfig = {
|
|
productionBrowserSourceMaps: true,
|
|
images: {
|
|
remotePatterns: [
|
|
{
|
|
protocol: "http",
|
|
hostname: "localhost",
|
|
port: "6060",
|
|
},
|
|
{
|
|
protocol: "https",
|
|
hostname: "fx-breach-alerts.herokuapp.com/",
|
|
},
|
|
{
|
|
protocol: "https",
|
|
hostname: "stage.firefoxmonitor.nonprod.cloudops.mozgcp.net",
|
|
},
|
|
{
|
|
protocol: "https",
|
|
hostname: "monitor.firefox.com",
|
|
},
|
|
{
|
|
protocol: "https",
|
|
hostname: "monitor.mozilla.org",
|
|
},
|
|
{
|
|
protocol: "https",
|
|
hostname: "firefoxusercontent.com",
|
|
},
|
|
{
|
|
protocol: "https",
|
|
hostname: "profile.stage.mozaws.net",
|
|
},
|
|
{
|
|
protocol: "https",
|
|
hostname: "profile.accounts.firefox.com",
|
|
},
|
|
// Stores breached companies' logos
|
|
{
|
|
protocol: "https",
|
|
hostname: "s3.amazonaws.com",
|
|
},
|
|
],
|
|
},
|
|
/** @type {import('next').NextConfig['headers']} */
|
|
async headers() {
|
|
const headers = [
|
|
{
|
|
source: "/:path*",
|
|
headers: [
|
|
// Note: the Content-Security-Policy gets set in /src/middleware.ts
|
|
// (because it needs a dynamically-generated nonce).
|
|
{
|
|
key: "Cross-Origin-Opener-Policy",
|
|
value: "same-origin",
|
|
},
|
|
{
|
|
key: "Cross-Origin-Resource-Policy",
|
|
value: "cross-origin",
|
|
},
|
|
{
|
|
key: "Referrer-Policy",
|
|
value: "no-referrer, strict-origin-when-cross-origin",
|
|
},
|
|
{
|
|
key: "Origin-Agent-Cluster",
|
|
value: "?1",
|
|
},
|
|
{
|
|
key: "Strict-Transport-Security",
|
|
value: "max-age=15552000; includeSubDomains",
|
|
},
|
|
{
|
|
key: "X-Content-Type-Options",
|
|
value: "nosniff",
|
|
},
|
|
{
|
|
key: "X-DNS-Prefetch-Control",
|
|
value: "off",
|
|
},
|
|
{
|
|
key: "X-Download-Options",
|
|
value: "noopen",
|
|
},
|
|
{
|
|
key: "X-Frame-Options",
|
|
value: "SAMEORIGIN",
|
|
},
|
|
{
|
|
key: "X-Permitted-Cross-Domain-Policies",
|
|
value: "none",
|
|
},
|
|
{
|
|
key: "X-XSS-Protection",
|
|
value: "0",
|
|
},
|
|
],
|
|
},
|
|
];
|
|
|
|
const noindexEnvs = ["dev", "development", "heroku", "stage"];
|
|
const noSearchEngineIndex = noindexEnvs.includes(process.env.NODE_ENV);
|
|
if (noSearchEngineIndex) {
|
|
headers.push({
|
|
source: "/:path*",
|
|
headers: [
|
|
{
|
|
key: "X-Robots-Tag",
|
|
value: "noindex",
|
|
},
|
|
],
|
|
});
|
|
}
|
|
|
|
return headers;
|
|
},
|
|
async redirects() {
|
|
return [
|
|
// Before we redesigned the website, the dashboard would be reachable
|
|
// via /user/breaches:
|
|
{
|
|
source: "/user/breaches",
|
|
destination: "/user/dashboard",
|
|
permanent: true,
|
|
},
|
|
// While we were implementing a redesign, we made it available at the
|
|
// /redesign subpath. In case we still have lingering links to there
|
|
// anywhere, this redirect should have people end up at the right place:
|
|
{
|
|
source: "/redesign/:path*",
|
|
destination: "/:path*",
|
|
permanent: true,
|
|
},
|
|
{
|
|
source: "/user/dashboard/fix/data-broker-profiles/welcome-to-premium",
|
|
destination: "/user/dashboard/fix/data-broker-profiles/welcome-to-plus",
|
|
permanent: true,
|
|
},
|
|
// We used to have a page with security tips;
|
|
// if folks get sent there via old lnks, redirect them to the most
|
|
// relevant page on SuMo:
|
|
{
|
|
source: "/security-tips",
|
|
destination: "https://support.mozilla.org/kb/how-stay-safe-web",
|
|
permanent: false,
|
|
},
|
|
// Some subset of users still find their way to the old login
|
|
// link, which redirects to a now-404 endpoint. Add a redirect
|
|
// to the new endpoint while we are investigating.
|
|
{
|
|
source: "/oauth/confirmed",
|
|
destination: "/api/auth/callback/fxa",
|
|
permanent: false,
|
|
},
|
|
];
|
|
},
|
|
webpack: (config, _options) => {
|
|
config.module.rules.push({
|
|
test: /\.ftl/,
|
|
type: "asset/source",
|
|
});
|
|
|
|
config.externals ??= {};
|
|
config.externals.push({
|
|
knex: "commonjs knex",
|
|
});
|
|
|
|
return config;
|
|
},
|
|
experimental: {
|
|
// Without this setting, Next.js has Webpack trying and failing to load
|
|
// uglify-js when compiling MJML email templates to HTML in `renderEmail.ts`:
|
|
serverComponentsExternalPackages: ["mjml"],
|
|
// Sentry 8.x requires `instrumentation.ts` vs. it's previous custom approach.
|
|
instrumentationHook: true,
|
|
},
|
|
};
|
|
|
|
const sentryOptions = {
|
|
// Additional config options for the Sentry Webpack plugin. Keep in mind that
|
|
// the following options are set automatically, and overriding them is not
|
|
// recommended:
|
|
// release, url, authToken, configFile, stripPrefix,
|
|
// urlPrefix, include, ignore
|
|
|
|
org: "mozilla",
|
|
project: "firefox-monitor",
|
|
silent: false, // Suppresses all logs
|
|
authToken: process.env.SENTRY_AUTH_TOKEN,
|
|
|
|
// For all available options, see:
|
|
// https://github.com/getsentry/sentry-webpack-plugin#options.
|
|
|
|
// Upload additional client files (increases upload size)
|
|
// https://docs.sentry.io/platforms/javascript/guides/nextjs/manual-setup/#widen-the-upload-scope
|
|
widenClientFileUpload: true,
|
|
hideSourceMaps: false,
|
|
|
|
sourcemaps: {
|
|
disable: process.env.UPLOAD_SENTRY_SOURCEMAPS !== "true",
|
|
},
|
|
};
|
|
|
|
export default withSentryConfig(nextConfig, sentryOptions);
|