Merge pull request #2965 from peter-kuhmann/add-cors-header-for-tracker-script

Add "Access-Control-Allow-Origin" header for tracker script.
2025-02-05 17:05:46 +01:00 · 2024-10-26 11:34:11 -07:00 · 2024-10-26 11:34:11 -07:00 · 1f52b49ea9
commit 1f52b49ea9
parent b2a1b172c6 fec0701a48
1 changed files with 42 additions and 21 deletions
--- a/next.config.js
+++ b/next.config.js
@ -24,7 +24,7 @@ const contentSecurityPolicy = [
  `frame-ancestors 'self' ${frameAncestors}`,
 ];

-const headers = [
+const defaultHeaders = [
  {
    key: 'X-DNS-Prefetch-Control',
    value: 'on',
@ -39,12 +39,30 @@ const headers = [
 ];

 if (forceSSL) {
-  headers.push({
+  defaultHeaders.push({
    key: 'Strict-Transport-Security',
    value: 'max-age=63072000; includeSubDomains; preload',
  });
 }

+const trackerHeaders = [
+  {
+    key: 'Access-Control-Allow-Origin',
+    value: '*',
+  },
+];
+
+const headers = [
+  {
+    source: '/:path*',
+    headers: defaultHeaders,
+  },
+  {
+    source: '/script.js',
+    headers: trackerHeaders,
+  },
+];
+
 const rewrites = [];

 if (collectApiEndpoint) {
@ -54,19 +72,6 @@ if (collectApiEndpoint) {
  });
 }

-if (trackerScriptName) {
-  const names = trackerScriptName?.split(',').map(name => name.trim());
-
-  if (names) {
-    names.forEach(name => {
-      rewrites.push({
-        source: `/${name.replace(/^\/+/, '')}`,
-        destination: '/tracker.js',
-      });
-    });
-  }
-}
-
 const redirects = [
  {
    source: '/settings',
@ -85,6 +90,27 @@ const redirects = [
  },
 ];

+// Adding rewrites + headers for all alternative tracker script names.
+if (trackerScriptName) {
+  const names = trackerScriptName?.split(',').map(name => name.trim());
+
+  if (names) {
+    names.forEach(name => {
+      const normalizedSource = `/${name.replace(/^\/+/, '')}`;
+
+      rewrites.push({
+        source: normalizedSource,
+        destination: '/script.js',
+      });
+
+      headers.push({
+        source: normalizedSource,
+        headers: trackerHeaders,
+      });
+    });
+  }
+}
+
 if (cloudMode && cloudUrl) {
  redirects.push({
    source: '/settings/:path*',
@ -153,12 +179,7 @@ const config = {
    return config;
  },
  async headers() {
-    return [
-      {
-        source: '/:path*',
-        headers,
-      },
-    ];
+    return headers;
  },
  async rewrites() {
    return [