archetecture security fix
This commit is contained in:
@@ -0,0 +1,220 @@
|
||||
{
|
||||
"version": 3,
|
||||
"pages404": true,
|
||||
"appType": "app",
|
||||
"caseSensitive": false,
|
||||
"basePath": "/admin",
|
||||
"redirects": [
|
||||
{
|
||||
"source": "/admin/",
|
||||
"destination": "/admin",
|
||||
"basePath": false,
|
||||
"internal": true,
|
||||
"priority": true,
|
||||
"statusCode": 308,
|
||||
"regex": "^/admin/$"
|
||||
},
|
||||
{
|
||||
"source": "/:path+/",
|
||||
"destination": "/:path+",
|
||||
"internal": true,
|
||||
"priority": true,
|
||||
"statusCode": 308,
|
||||
"regex": "^(?:/((?:[^/]+?)(?:/(?:[^/]+?))*))/$"
|
||||
}
|
||||
],
|
||||
"headers": [
|
||||
{
|
||||
"source": "/admin/:path*",
|
||||
"headers": [
|
||||
{
|
||||
"key": "Strict-Transport-Security",
|
||||
"value": "max-age=31536000; includeSubDomains"
|
||||
},
|
||||
{
|
||||
"key": "X-Content-Type-Options",
|
||||
"value": "nosniff"
|
||||
},
|
||||
{
|
||||
"key": "X-Frame-Options",
|
||||
"value": "DENY"
|
||||
},
|
||||
{
|
||||
"key": "Referrer-Policy",
|
||||
"value": "strict-origin-when-cross-origin"
|
||||
},
|
||||
{
|
||||
"key": "Permissions-Policy",
|
||||
"value": "camera=(), microphone=(), geolocation=()"
|
||||
},
|
||||
{
|
||||
"key": "Content-Security-Policy",
|
||||
"value": "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; font-src 'self' data:; connect-src 'self' https: wss:; frame-ancestors 'none'; base-uri 'self'; form-action 'self'; object-src 'none'"
|
||||
}
|
||||
],
|
||||
"regex": "^/admin(?:/((?:[^/]+?)(?:/(?:[^/]+?))*))?(?:/)?$"
|
||||
}
|
||||
],
|
||||
"onMatchHeaders": [],
|
||||
"rewrites": {
|
||||
"beforeFiles": [],
|
||||
"afterFiles": [
|
||||
{
|
||||
"source": "/admin/api/:path*",
|
||||
"destination": "http://localhost:4000/api/:path*",
|
||||
"regex": "^/admin/api(?:/((?:[^/]+?)(?:/(?:[^/]+?))*))?(?:/)?$"
|
||||
}
|
||||
],
|
||||
"fallback": []
|
||||
},
|
||||
"dynamicRoutes": [
|
||||
{
|
||||
"page": "/dashboard/companies/[id]",
|
||||
"regex": "^/dashboard/companies/([^/]+?)(?:/)?$",
|
||||
"routeKeys": {
|
||||
"nxtPid": "nxtPid"
|
||||
},
|
||||
"namedRegex": "^/dashboard/companies/(?<nxtPid>[^/]+?)(?:/)?$"
|
||||
}
|
||||
],
|
||||
"staticRoutes": [
|
||||
{
|
||||
"page": "/",
|
||||
"regex": "^/(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/_global-error",
|
||||
"regex": "^/_global\\-error(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/_global\\-error(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/_not-found",
|
||||
"regex": "^/_not\\-found(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/_not\\-found(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/auth-redirect",
|
||||
"regex": "^/auth\\-redirect(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/auth\\-redirect(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/dashboard",
|
||||
"regex": "^/dashboard(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/dashboard(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/dashboard/admin-users",
|
||||
"regex": "^/dashboard/admin\\-users(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/dashboard/admin\\-users(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/dashboard/audit-logs",
|
||||
"regex": "^/dashboard/audit\\-logs(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/dashboard/audit\\-logs(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/dashboard/billing",
|
||||
"regex": "^/dashboard/billing(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/dashboard/billing(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/dashboard/companies",
|
||||
"regex": "^/dashboard/companies(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/dashboard/companies(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/dashboard/containers",
|
||||
"regex": "^/dashboard/containers(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/dashboard/containers(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/dashboard/menu-management",
|
||||
"regex": "^/dashboard/menu\\-management(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/dashboard/menu\\-management(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/dashboard/notifications",
|
||||
"regex": "^/dashboard/notifications(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/dashboard/notifications(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/dashboard/pricing",
|
||||
"regex": "^/dashboard/pricing(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/dashboard/pricing(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/dashboard/renters",
|
||||
"regex": "^/dashboard/renters(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/dashboard/renters(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/dashboard/site-config",
|
||||
"regex": "^/dashboard/site\\-config(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/dashboard/site\\-config(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/favicon.ico",
|
||||
"regex": "^/favicon\\.ico(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/favicon\\.ico(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/forgot-password",
|
||||
"regex": "^/forgot\\-password(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/forgot\\-password(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/icon",
|
||||
"regex": "^/icon(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/icon(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/login",
|
||||
"regex": "^/login(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/login(?:/)?$"
|
||||
},
|
||||
{
|
||||
"page": "/reset-password",
|
||||
"regex": "^/reset\\-password(?:/)?$",
|
||||
"routeKeys": {},
|
||||
"namedRegex": "^/reset\\-password(?:/)?$"
|
||||
}
|
||||
],
|
||||
"dataRoutes": [],
|
||||
"rsc": {
|
||||
"header": "rsc",
|
||||
"varyHeader": "rsc, next-router-state-tree, next-router-prefetch, next-router-segment-prefetch",
|
||||
"prefetchHeader": "next-router-prefetch",
|
||||
"didPostponeHeader": "x-nextjs-postponed",
|
||||
"contentTypeHeader": "text/x-component",
|
||||
"suffix": ".rsc",
|
||||
"prefetchSegmentHeader": "next-router-segment-prefetch",
|
||||
"prefetchSegmentSuffix": ".segment.rsc",
|
||||
"prefetchSegmentDirSuffix": ".segments",
|
||||
"clientParamParsing": false,
|
||||
"dynamicRSCPrerender": false
|
||||
},
|
||||
"rewriteHeaders": {
|
||||
"pathHeader": "x-nextjs-rewritten-path",
|
||||
"queryHeader": "x-nextjs-rewritten-query"
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user