msfjarvis/msfjarvis.dev
1
0
Fork 0
mirror of https://github.com/msfjarvis/msfjarvis.dev.git synced 2024-06-03 04:18:56 +05:30
Code Issues Packages Projects Releases Wiki Activity
5d5eaac47a
msfjarvis.dev/workers-site/src/handler.ts
Harsh Shandilya 5d5eaac47a workers-site: update CSP [staging] 
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
2020-12-19 12:00:06 +05:30

77 lines
3.3 KiB
TypeScript
Raw Blame History

import { getAssetFromKV } from '@cloudflare/kv-asset-handler'
const GITHUB_USERNAME = 'msfjarvis'
const APS_SLUG = 'Android-Password-Store/Android-Password-Store'
const GITHUB_URL = `https://github.com/${GITHUB_USERNAME}`
const APS_GITHUB_URL = `https://github.com/${APS_SLUG}`
const CSP_POLICY = "base-uri 'self'; connect-src 'self'; default-src 'self'; frame-ancestors 'none'; frame-src asciinema.org github.com platform.twitter.com; font-src 'self' fonts.gstatic.com; img-src 'self' data: gfycat.com imgur.com *.imgur.com syndication.twitter.com; object-src 'none'; script-src 'self' asciinema.org cdn.jsdelivr.net platform.twitter.com unpkg.com; style-src 'self' cdn.jsdelivr.net fonts.googleapis.com 'sha256-T5xaPlQfl1etSoFCqKdmLNHpv3NOQn2KQJoj6Pduxg4=';";
const FEATURE_POLICY = "accelerometer 'none'; autoplay 'none';camera 'none';encrypted-media 'none'; geolocation 'none';gyroscope 'none';magnetometer 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';sync-xhr 'none';usb 'none'"
const PERMISSIONS_POLICY = "accelerometer=() autoplay=() camera=() encrypted-media=() geolocation=() gyroscope=() magnetometer=() microphone=() midi=() payment=() picture-in-picture=() sync-xhr=() usb=()"
export async function handleRequest(event: FetchEvent): Promise<Response> {
return redirectGitHub(event)
}
async function getPageFromKV(event: FetchEvent): Promise<Response> {
const options = {}
try {
const page = await getAssetFromKV(event, options)
const response = new Response(page.body, page)
response.headers.set('X-XSS-Protection', '1; mode=block')
response.headers.set('X-Content-Type-Options', 'nosniff')
response.headers.set('X-Frame-Options', 'DENY')
response.headers.set('Referrer-Policy', 'no-referrer-when-downgrade')
response.headers.set('Content-Security-Policy', CSP_POLICY)
response.headers.set('Feature-Policy', FEATURE_POLICY)
response.headers.set('Permissions-Policy', PERMISSIONS_POLICY)
return response
} catch (e) {
try {
let notFoundResponse = await getAssetFromKV(event, {
mapRequestToAsset: (req) =>
new Request(`${new URL(req.url).origin}/404.html`, req),
})
return new Response(notFoundResponse.body, {
...notFoundResponse,
status: 404,
})
} catch (e) {}
return new Response(e.message || e.toString(), { status: 500 })
}
}
async function redirectGitHub(event: FetchEvent): Promise<Response> {
const urlParts = event.request.url.replace(BASE_URL, '').split('/')
switch (urlParts[0]) {
case 'g':
switch (urlParts.length) {
case 1:
return Response.redirect(GITHUB_URL, 301)
case 2:
return Response.redirect(`${GITHUB_URL}/${urlParts[1]}`, 301)
case 3:
return Response.redirect(
`${GITHUB_URL}/${urlParts[1]}/commit/${urlParts[2]}`,
301,
)
}
case 'aps':
switch (urlParts.length) {
case 1:
return Response.redirect(APS_GITHUB_URL, 301)
case 2:
return Response.redirect(
`${APS_GITHUB_URL}/commit/${urlParts[1]}`,
301,
)
case 3:
return Response.redirect(
`${APS_GITHUB_URL}/issues/${urlParts[2]}`,
301,
)
}
default:
return getPageFromKV(event)
}
}
Reference in New Issue View Git Blame Copy Permalink