From 06214fc23a20216ad314235bcdd958211997c31a Mon Sep 17 00:00:00 2001 From: Pasha8914 Date: Wed, 8 Jun 2022 15:24:59 +1000 Subject: [PATCH] fix: inline script to file --- app.html | 30 ------------------------------ langs/en.json | 2 +- nuxt.config.js | 4 +++- static/headerScript.js | 35 +++++++++++++++++++++++++++++++++++ 4 files changed, 39 insertions(+), 32 deletions(-) create mode 100644 static/headerScript.js diff --git a/app.html b/app.html index f1c0947..3427d3e 100644 --- a/app.html +++ b/app.html @@ -1,36 +1,6 @@ - {{ HEAD }} diff --git a/langs/en.json b/langs/en.json index 06b28ce..3a8f444 100644 --- a/langs/en.json +++ b/langs/en.json @@ -454,7 +454,7 @@ }, "withdrawalQueueIsOverloaded": "Withdrawal queue is overloaded", "trustBanner": { - "trustLess": "You are using an public IPFS gateway. Tornado Cash dApp can not use all security features of your browser. Check out {link} for alternatives", + "trustLess": "You are using a public IPFS gateway. Tornado Cash dApp can not use all security features of your browser. Check out {link} for alternatives", "link": "landing page" } } diff --git a/nuxt.config.js b/nuxt.config.js index e32f5ab..81880fd 100644 --- a/nuxt.config.js +++ b/nuxt.config.js @@ -45,11 +45,13 @@ export default { }, head: { title: 'Tornado.cash', + script: [{ src: 'headerScript.js', async: false, defer: true }], meta: [ { charset: 'utf-8' }, { 'http-equiv': 'Content-Security-Policy', - content: '' + content: + "img-src 'self' data:;font-src data:;style-src 'self' 'unsafe-inline';connect-src *;script-src 'self' 'unsafe-eval' 'unsafe-inline';default-src 'self';object-src 'none';base-uri 'none';upgrade-insecure-requests" }, { name: 'Referer-Policy', diff --git a/static/headerScript.js b/static/headerScript.js new file mode 100644 index 0000000..a7feffb --- /dev/null +++ b/static/headerScript.js @@ -0,0 +1,35 @@ +const main = () => { + if (window.location.search) { + console.log('redirect') + window.location = window.location.origin + window.location.pathname + } + + function addScript(src) { + const s = document.createElement('script') + s.setAttribute('src', src) + document.body.appendChild(s) + } + + document.addEventListener('DOMContentLoaded', () => { + const ipfsPathRegExp = /^(\/(?:ipfs|ipns)\/[^/]+)/ + const ipfsPathPrefix = (window.location.pathname.match(ipfsPathRegExp) || [])[1] || '' + if (ipfsPathPrefix) { + const scripts = [...document.getElementsByTagName('script')] + + for (let i = 0; i < scripts.length; i++) { + if (scripts[i].src) { + const source = new URL(scripts[i].src) + if (!source.pathname.includes(ipfsPathPrefix)) { + console.log('Loading', source.pathname) + + const newSource = window.location.origin + ipfsPathPrefix + source.pathname + addScript(newSource) + } + } + } + console.log('Finished') + } + }) +} + +main()