LoginSignup

Why not login to Qiita and try out its useful features?

We'll deliver articles that match you.

You can read useful information later.

LoginSign up
9
5

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 5 years have passed since last update.

@koki_cheese

Nuxt.jsでCSPを有効にする

Posted at

CSPとは

Content Security Policyの略
ブラウザ側でポリシーに従って読み込みリソースや実行するスクリプトを制限することができる機能です。

nuxtでもCSPのサポートがされているけど、nuxtのドキュメントに載ってなかったのでとりあえずメモ

nuxt.config.jsの設定

nuxt.config.js
const isDev = process.env.NODE_ENV !== 'production'

module.exports = {
    render: {
        csp: {
            enabled: !isDev,
            policies: {
                'default-src': ['self'],
                'script-src': [
                    'https://www.google-analytics.com',
                ],
                'child-src': [
                    'https://www.youtube.com',
                ],
                'report-to': ['/report']
            }
        }
    }
}

ポリシーについてはMozillaのドキュメントを見てみてください

9
5
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin

Qiita Conference 2025 will be held!: 4/23(wed) - 4/25(Fri)

Qiita Conference is the largest tech conference in Qiita!

Keynote Speaker

ymrl、Masanobu Naruse, Takeshi Kano, Junichi Ito, uhyo, Hiroshi Tokumaru, MinoDriven, Minorun, Hiroyuki Sakuraba, tenntenn, drken, konifar

View event details
9
5

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?