Browse Source

refactor how cookieYes script is loaded

pull/759/head
Dan Ditomaso 11 months ago
parent
commit
fe8bb60191
  1. 2
      bun.lock
  2. 3
      packages/web/index.html
  3. 2
      packages/web/package.json
  4. 2
      packages/web/tsconfig.json
  5. 18
      packages/web/vercel.json
  6. 10
      packages/web/vite-env.d.ts
  7. 113
      packages/web/vite.config.ts

2
bun.lock

@ -105,6 +105,7 @@
"react-map-gl": "8.0.4",
"react-qrcode-logo": "^3.0.0",
"rfc4648": "^1.5.4",
"vite": "^7.0.4",
"vite-plugin-html": "^3.2.2",
"zod": "^4.0.5",
"zustand": "5.0.6",
@ -132,7 +133,6 @@
"tar": "^7.4.3",
"testing-library": "^0.0.2",
"typescript": "^5.8.3",
"vite": "^7.0.4",
"vitest": "^3.2.4",
},
},

3
packages/web/index.html

@ -1,6 +1,9 @@
<!DOCTYPE html>
<html lang="en" data-theme="system">
<head>
<!-- CookieYes banner -->
<%- cookieYesScript %>
<!-- End of CookieYes banner -->
<meta charset="utf-8" />
<link rel="icon" type="image/svg+xml" href="/icon.svg" />
<link rel="icon" href="/favicon.ico" />

2
packages/web/package.json

@ -79,6 +79,7 @@
"react-qrcode-logo": "^3.0.0",
"rfc4648": "^1.5.4",
"vite-plugin-html": "^3.2.2",
"vite": "^7.0.4",
"zod": "^4.0.5",
"zustand": "5.0.6"
},
@ -105,7 +106,6 @@
"tar": "^7.4.3",
"testing-library": "^0.0.2",
"typescript": "^5.8.3",
"vite": "^7.0.4",
"vitest": "^3.2.4"
}
}

2
packages/web/tsconfig.json

@ -22,7 +22,7 @@
"@layouts/*": ["./src/layouts/*"]
}
},
"include": ["src", "./vite-env.d.ts"],
"include": ["src", ".d.ts"],
"exclude": [
"routeTree.gen.ts",
"node_modules",

18
packages/web/vercel.json

@ -10,13 +10,25 @@
{
"source": "/",
"headers": [
{
"key": "Cross-Origin-Opener-Policy",
"value": "same-origin"
},
{
"key": "Cross-Origin-Embedder-Policy",
"value": "require-corp"
"value": "credentialless"
},
{
"key": "Cross-Origin-Opener-Policy",
"value": "same-origin"
"key": "X-Content-Type-Options",
"value": "nosniff"
},
{
"key": "Strict-Transport-Security",
"value": "max-age=63072000; includeSubDomains; preload"
},
{
"key": "Referrer-Policy",
"value": "strict-origin-when-cross-origin"
}
]
}

10
packages/web/vite-env.d.ts

@ -1,10 +1,12 @@
/// <reference types="vite/client" />
interface ViteTypeOptions {
strictImportMetaEnv: unknown;
}
interface ImportMetaEnv {
readonly env: {
readonly VITE_COMMIT_HASH: string;
readonly VITE_VERSION: string;
};
readonly VITE_COMMIT_HASH: string;
readonly VITE_VERSION: string;
}
interface ImportMeta {

113
packages/web/vite.config.ts

@ -3,7 +3,7 @@ import path from "node:path";
import process from "node:process";
import tailwindcss from "@tailwindcss/vite";
import react from "@vitejs/plugin-react";
import { defineConfig } from "vite";
import { defineConfig, loadEnv } from "vite";
import { createHtmlPlugin } from "vite-plugin-html";
let hash = "";
@ -24,60 +24,69 @@ try {
}
const CONTENT_SECURITY_POLICY =
"script-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net; style-src 'self' 'unsafe-inline' data: https://rsms.me https://cdn.jsdelivr.net; img-src 'self' data:; font-src 'self' data: https://rsms.me https://cdn.jsdelivr.net; worker-src 'self' blob:; object-src 'none'; base-uri 'self';";
"script-src 'self' 'unsafe-inline' https://cdn.jsdelivr.net https://cdn-cookieyes.com; style-src 'self' 'unsafe-inline' data: https://rsms.me https://cdn.jsdelivr.net; img-src 'self' data:; font-src 'self' data: https://rsms.me https://cdn.jsdelivr.net; worker-src 'self' blob:; object-src 'none'; base-uri 'self';";
export default defineConfig({
plugins: [
react(),
tailwindcss(),
// adding CookieYes script if VITE_COOKIEYES_CLIENT_ID is set (it only runs while in Vercel) for GDPR/CCPA compliance
createHtmlPlugin({
inject: {
data: {
cookieScript: process.env.VITE_COOKIEYES_CLIENT_ID
? `<script async src="https://cdn-cookieyes.com/client_data/${process.env.VITE_COOKIEYES_CLIENT_ID}/script.js"></script>`
: "",
export default defineConfig(({ mode }) => {
const env = loadEnv(mode, process.cwd());
return {
plugins: [
react(),
tailwindcss(),
// This is for GDPR/CCPA compliance
createHtmlPlugin({
inject: {
data: {
cookieYesScript:
mode === "production" && env.VITE_COOKIEYES_CLIENT_ID
? `<script async src="https://cdn-cookieyes.com/client_data/${env.VITE_COOKIEYES_CLIENT_ID}/script.js"></script>`
: "",
},
},
}),
// VitePWA({
// registerType: "autoUpdate",
// strategies: "generateSW",
// devOptions: {
// enabled: true,
// },
// workbox: {
// cleanupOutdatedCaches: true,
// sourcemap: true,
// },
// }),
],
optimizeDeps: {
include: ["react/jsx-runtime"],
},
define: {
"import.meta.env.VITE_COMMIT_HASH": JSON.stringify(hash),
"import.meta.env.VITE_VERSION": JSON.stringify(version),
},
build: {
emptyOutDir: true,
assetsDir: "./",
},
resolve: {
alias: {
"@app": path.resolve(process.cwd(), "./src"),
"@pages": path.resolve(process.cwd(), "./src/pages"),
"@components": path.resolve(process.cwd(), "./src/components"),
"@core": path.resolve(process.cwd(), "./src/core"),
"@layouts": path.resolve(process.cwd(), "./src/layouts"),
},
}),
// VitePWA({
// registerType: "autoUpdate",
// strategies: "generateSW",
// devOptions: {
// enabled: true,
// },
// workbox: {
// cleanupOutdatedCaches: true,
// sourcemap: true,
// },
// }),
],
optimizeDeps: {
include: ["react/jsx-runtime"],
},
define: {
"import.meta.env.VITE_COMMIT_HASH": JSON.stringify(hash),
"import.meta.env.VITE_VERSION": JSON.stringify(version),
},
build: {
emptyOutDir: true,
assetsDir: "./",
},
resolve: {
alias: {
"@app": path.resolve(process.cwd(), "./src"),
"@pages": path.resolve(process.cwd(), "./src/pages"),
"@components": path.resolve(process.cwd(), "./src/components"),
"@core": path.resolve(process.cwd(), "./src/core"),
"@layouts": path.resolve(process.cwd(), "./src/layouts"),
},
},
server: {
port: 3000,
headers: {
"content-security-policy": CONTENT_SECURITY_POLICY,
"Cross-Origin-Opener-Policy": "same-origin",
"Cross-Origin-Embedder-Policy": "require-corp",
server: {
port: 3000,
headers: {
"content-security-policy": CONTENT_SECURITY_POLICY,
"Cross-Origin-Opener-Policy": "same-origin",
"Cross-Origin-Embedder-Policy": "credentialless",
"X-Content-Type-Options": "nosniff",
"Strict-Transport-Security":
"max-age=63072000; includeSubDomains; preload",
"Referrer-Policy": "strict-origin-when-cross-origin",
},
},
},
};
});

Loading…
Cancel
Save