react-csp/lib/utils.js

A npm package/plugin that generate Content Security Policy for create-react-app without eject or rewired.

"use strict";
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
    return new (P || (P = Promise))(function (resolve, reject) {
        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
        function step(result) { result.done ? resolve(result.value) : new P(function (resolve) { resolve(result.value); }).then(fulfilled, rejected); }
        step((generator = generator.apply(thisArg, _arguments || [])).next());
    });
};
var __generator = (this && this.__generator) || function (thisArg, body) {
    var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
    return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function() { return this; }), g;
    function verb(n) { return function (v) { return step([n, v]); }; }
    function step(op) {
        if (f) throw new TypeError("Generator is already executing.");
        while (_) try {
            if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
            if (y = 0, t) op = [op[0] & 2, t.value];
            switch (op[0]) {
                case 0: case 1: t = op; break;
                case 4: _.label++; return { value: op[1], done: false };
                case 5: _.label++; y = op[1]; op = [0]; continue;
                case 7: op = _.ops.pop(); _.trys.pop(); continue;
                default:
                    if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }
                    if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }
                    if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }
                    if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }
                    if (t[2]) _.ops.pop();
                    _.trys.pop(); continue;
            }
            op = body.call(thisArg, _);
        } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }
        if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };
    }
};
var __importStar = (this && this.__importStar) || function (mod) {
    if (mod && mod.__esModule) return mod;
    var result = {};
    if (mod != null) for (var k in mod) if (Object.hasOwnProperty.call(mod, k)) result[k] = mod[k];
    result["default"] = mod;
    return result;
};
var __importDefault = (this && this.__importDefault) || function (mod) {
    return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
var util = __importStar(require("util"));
var fs = __importStar(require("fs"));
var chalk_1 = __importDefault(require("chalk"));
var constants_1 = require("./constants");
var env = "prod";
var args = process.argv.slice(2);
if (Array.isArray(args) && args[0] !== undefined) {
    env = args[0];
    console.log("Using " + chalk_1.default.cyan(env) + " as the environment");
}
else {
    console.log("No env found, using " + chalk_1.default.cyan("prod") + " as the default");
}
var readFile = util.promisify(fs.readFile);
exports.readFile = readFile;
var writeFile = util.promisify(fs.writeFile);
exports.writeFile = writeFile;
var patterns = {
    configName: new RegExp("(^|\\W)" + "(csp*?.(js|json))" + "($|\\W)", "gi"),
    configExtenstion: /(?:\.([^.]+))?$/,
};
function getConfig() {
    return __awaiter(this, void 0, void 0, function () {
        var allFiles, fileName, fileExtenstions, fileExtension, config, _a, _b;
        return __generator(this, function (_c) {
            switch (_c.label) {
                case 0:
                    allFiles = fs.readdirSync(constants_1.baseDir);
                    fileName = allFiles.find(function (fileName) {
                        return Array.isArray(fileName.match(patterns.configName));
                    });
                    console.log("Reading config from " + constants_1.baseDir + " for " + chalk_1.default.cyan("csp.js") + " or " + chalk_1.default.cyan("csp.json"));
                    if (!fileName) {
                        throw new Error("No csp config found, should be either csp.json or csp.js");
                    }
                    fileExtenstions = patterns.configExtenstion.exec(fileName);
                    if (!fileExtenstions ||
                        (fileExtenstions[1] !== "json" && fileExtenstions[1] !== "js")) {
                        throw new Error("csp should have either js or json as the extension");
                    }
                    fileExtension = fileExtenstions[1];
                    config = null;
                    if (!(fileExtension === "json")) return [3 /*break*/, 2];
                    _b = (_a = JSON).parse;
                    return [4 /*yield*/, readFile(constants_1.configPath(fileExtension), "utf8")];
                case 1:
                    config = _b.apply(_a, [_c.sent()]);
                    _c.label = 2;
                case 2:
                    if (fileExtension === "js") {
                        config = require(constants_1.configPath(fileExtension));
                    }
                    if (!config[env]) {
                        throw new Error("Environment " + env + " is not found at the config as a key, please refer to the documentation");
                    }
                    return [2 /*return*/, config[env]];
            }
        });
    });
}
exports.getConfig = getConfig;
function loadHTML() {
    return __awaiter(this, void 0, void 0, function () {
        var html;
        return __generator(this, function (_a) {
            switch (_a.label) {
                case 0:
                    console.log("NEW Loading existing from " + chalk_1.default.red(constants_1.htmlPath));
                    return [4 /*yield*/, readFile(constants_1.htmlPath, "utf8")];
                case 1:
                    html = _a.sent();
                    console.log(chalk_1.default.green("HTML") + " is loaded");
                    return [2 /*return*/, html];
            }
        });
    });
}
exports.loadHTML = loadHTML;
function writeToHtml(html) {
    return __awaiter(this, void 0, void 0, function () {
        var e_1;
        return __generator(this, function (_a) {
            switch (_a.label) {
                case 0:
                    console.log("Writing to HTML with the " + chalk_1.default.greenBright("new") + " CSP policy");
                    _a.label = 1;
                case 1:
                    _a.trys.push([1, 3, , 4]);
                    return [4 /*yield*/, writeFile(constants_1.htmlPath, html, "utf8")];
                case 2:
                    _a.sent();
                    console.log(chalk_1.default.blue("Successfully generated CSP in " + constants_1.filename));
                    return [3 /*break*/, 4];
                case 3:
                    e_1 = _a.sent();
                    console.log(chalk_1.default.red("Fail to generate CSP policy..."));
                    throw e_1;
                case 4: return [2 /*return*/];
            }
        });
    });
}
exports.writeToHtml = writeToHtml;
function formatCSP(config) {
    var content = "";
    for (var key in config) {
        var strs = config[key];
        content += key + " ";
        if (Array.isArray(strs)) {
            content += strs.join(" ");
        }
        else {
            content += strs;
        }
        content += "; ";
    }
    return "<meta http-equiv=\"Content-Security-Policy\" content=\"" + content + "\" />";
}
exports.formatCSP = formatCSP;
//# sourceMappingURL=utils.js.map