init

2025-11-25 09:56:15 +03:00
commit 68c8f0e80d
23717 changed files with 3200521 additions and 0 deletions
--- a/mc_test/csp-config.json
+++ b/mc_test/csp-config.json
@ -0,0 +1,122 @@
+{
+  "_comment": "IMPORTANT: Update production domains to match .env file (VITE_PROD_DOMAIN, VITE_TEST_DOMAIN)",
+  "development": {
+    "description": "Relaxed CSP for development environment with Vite HMR",
+    "csp": {
+      "default-src": ["'self'"],
+      "script-src": [
+        "'self'", 
+        "'unsafe-inline'", 
+        "'unsafe-eval'", 
+        "http://localhost:*",
+        "ws://localhost:*"
+      ],
+      "style-src": [
+        "'self'", 
+        "'unsafe-inline'", 
+        "http://localhost:*"
+      ],
+      "img-src": [
+        "'self'", 
+        "data:", 
+        "blob:", 
+        "http://localhost:*"
+      ],
+      "font-src": [
+        "'self'", 
+        "data:", 
+        "http://localhost:*"
+      ],
+      "connect-src": [
+        "'self'",
+        "http://localhost:*",
+        "https://localhost:*",
+        "ws://localhost:*",
+        "wss://localhost:*"
+      ],
+      "frame-src": [
+        "'self'",
+        "http://localhost:8080",
+        "https://localhost:8080"
+      ],
+      "object-src": ["'none'"],
+      "base-uri": ["'self'"],
+      "form-action": ["'self'"],
+      "frame-ancestors": ["'none'"]
+    }
+  },
+  "production": {
+    "description": "Strict CSP for production environment",
+    "csp": {
+      "default-src": ["'self'"],
+      "script-src": ["'self'"],
+      "style-src": [
+        "'self'", 
+        "'unsafe-inline'"
+      ],
+      "img-src": [
+        "'self'", 
+        "data:", 
+        "blob:"
+      ],
+      "font-src": [
+        "'self'", 
+        "data:"
+      ],
+      "connect-src": [
+        "'self'",
+        "https://mc.exbytestudios.com",
+        "wss://mc.exbytestudios.com",
+        "https://test.exbytestudios.com",
+        "wss://test.exbytestudios.com"
+      ],
+      "frame-src": [
+        "'self'",
+        "https://mc.exbytestudios.com",
+        "https://test.exbytestudios.com"
+      ],
+      "object-src": ["'none'"],
+      "base-uri": ["'self'"],
+      "form-action": ["'self'"],
+      "frame-ancestors": ["'none'"],
+      "upgrade-insecure-requests": []
+    }
+  },
+  "testing": {
+    "description": "CSP for testing environment",
+    "csp": {
+      "default-src": ["'self'"],
+      "script-src": [
+        "'self'", 
+        "'unsafe-inline'",
+        "'unsafe-eval'"
+      ],
+      "style-src": [
+        "'self'", 
+        "'unsafe-inline'"
+      ],
+      "img-src": [
+        "'self'", 
+        "data:", 
+        "blob:"
+      ],
+      "font-src": [
+        "'self'", 
+        "data:"
+      ],
+      "connect-src": [
+        "'self'",
+        "http://localhost:*",
+        "https://localhost:*"
+      ],
+      "frame-src": [
+        "'self'",
+        "http://localhost:*"
+      ],
+      "object-src": ["'none'"],
+      "base-uri": ["'self'"],
+      "form-action": ["'self'"],
+      "frame-ancestors": ["'none'"]
+    }
+  }
+}