UNPKG

nuxt-security

Version:

🛡️ Security Module for Nuxt based on HTTP Headers and Middleware

nuxt-security.vercel.app

42 lines (41 loc) 1.72 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
import { defineNitroPlugin, getResponseHeaders, setResponseHeaders, useStorage } from "#imports"; import { resolveSecurityRules } from "../context/index.js"; export default defineNitroPlugin(async (nitroApp) => { if (import.meta.prerender) { const prerenderedHeaders = {}; nitroApp.hooks.hook("render:html", (_, { event }) => { const rules = resolveSecurityRules(event); if (rules.enabled && rules.ssg && rules.ssg.nitroHeaders) { const headers = getResponseHeaders(event); const path = event.path.split("?")[0]; prerenderedHeaders[path] = headers; } }); nitroApp.hooks.hook("close", async () => { const headers = Object.fromEntries( Object.entries(prerenderedHeaders).map(([path, headers2]) => { const headersEntries = Object.entries(headers2).filter(([header]) => header !== "x-nitro-prerender").map(([header, value]) => { if (Array.isArray(value)) { return [header, value.join(";")]; } else { return [header, value]; } }); return [path, Object.fromEntries(headersEntries)]; }) ); await useStorage("build:nuxt-security").setItem("headers.json", headers); }); } else { const prerenderedHeaders = await useStorage("assets:nuxt-security").getItem("headers.json") || {}; nitroApp.hooks.hook("beforeResponse", (event) => { const rules = resolveSecurityRules(event); if (rules.enabled && rules.ssg && rules.ssg.nitroHeaders) { const path = event.path.split("?")[0]; if (prerenderedHeaders[path]) { setResponseHeaders(event, prerenderedHeaders[path]); } } }); } });