Merge pull request #564 from arcana-network/testnet

Gasless release
arcana-network · Jan 17, 2024 · 1d2d259 · 1d2d259
2 parents 0382ee4 + 0afe4b8
commit 1d2d259
Show file tree

Hide file tree

Showing 105 changed files with 56,271 additions and 23,558 deletions.
diff --git a/.env.example b/.env.example
@@ -15,3 +15,5 @@ VUE_APP_TRANSAK_API_KEY=
 VUE_APP_TRANSAK_ENV=
 VUE_APP_RAMP_API_KEY=
 VUE_APP_RAMP_ENV=
+VUE_APP_DKG_RPC_URL=
+VUE_APP_DKG_CONTRACT_ADDRESS=
diff --git a/.gitignore b/.gitignore
@@ -23,3 +23,6 @@ pnpm-debug.log*
 *.njsproj
 *.sln
 *.sw?
+
+# Local Netlify folder
+.netlify
diff --git a/netlify.toml b/netlify.toml
@@ -2,28 +2,20 @@
   from = "/*"
   to = "/index.html"
   status = 200
+
 [[headers]]
   for = "/*"
   [headers.values]
     X-XSS-Protection = "1; mode=block"
     X-Content-Type-Options = "nosniff"
-    Content-Security-Policy = '''
-      font-src 'self' https://*.cloudfront.net data:;
-      img-src 'self' data: https:;
-      script-src 'self' 'unsafe-inline' https://*.cloudfront.net *.google-analytics.com *.googletagmanager.com;
-      style-src 'self' 'unsafe-inline' https://*.cloudfront.net;
-      frame-src *.arcana.network *.transak.com *.ramp.network;
-    '''
+
 [[headers]]
   for = "/assets/*"
   [headers.values]
     cache-control = "max-age=31536000, immutable"
     X-XSS-Protection = "1; mode=block"
     X-Content-Type-Options = "nosniff"
-    Content-Security-Policy = '''
-      font-src 'self' https://*.cloudfront.net data:;
-      img-src 'self' data: https:;
-      script-src 'self' 'unsafe-inline' https://*.cloudfront.net *.google-analytics.com *.googletagmanager.com;
-      style-src 'self' 'unsafe-inline' https://*.cloudfront.net;
-      frame-src *.arcana.network *.transak.com *.ramp.network;
-    '''
+
+[[edge_functions]]
+  function = "csp"
+  path = "/*"
diff --git a/netlify/edge-functions/csp.js b/netlify/edge-functions/csp.js
@@ -0,0 +1,73 @@
+/* eslint-disable import/no-anonymous-default-export */
+
+// eslint-disable-next-line import/exports-last
+export default async (req, context) => {
+  const res = await context.next()
+
+  try {
+    const appId = getAppId(req.url)
+
+    let header = getHeader('')
+
+    if (!appId) {
+      throw new Error('Invalid AppId')
+    }
+
+    if (!(appId == 'assets' || appId == 'global-redirect')) {
+      const domain = await fetchDomain(appId)
+      header = getHeader(domain)
+    }
+    res.headers.set('Content-Security-Policy', header)
+
+    return res
+  } catch (e) {
+    console.log({ e })
+
+    const response = JSON.stringify({ message: 'Not allowed' })
+
+    return new Response(response, { status: 403 })
+  }
+}
+
+const PATTERN = new URLPattern({
+  pathname: '/:appId/*',
+})
+
+const getAppId = (path) => {
+  const r = PATTERN.exec(path)
+
+  if (r) {
+    return r.pathname.groups.appId
+  }
+
+  return null
+}
+
+const fetchDomain = async (appId) => {
+  const gatewayUrl = Netlify.env.get('VUE_APP_WALLET_GATEWAY')
+
+  const url = new URL('/api/v1/get-app-config/', gatewayUrl)
+
+  url.searchParams.set('id', appId)
+
+  const res = await fetch(url.href)
+
+  if (res.status < 400) {
+    const data = await res.json()
+    return data.wallet_domain
+  } else {
+    throw new Error('Invalid AppId')
+  }
+}
+
+const getHeader = (domain = '') =>
+  "font-src 'self' https://*.cloudfront.net data:;" +
+  "img-src 'self' data: https:;" +
+  "script-src 'self' 'unsafe-inline' https://*.cloudfront.net *.google-analytics.com *.googletagmanager.com;" +
+  "style-src 'self' 'unsafe-inline' https://*.cloudfront.net;" +
+  'frame-src *.arcana.network *.transak.com *.ramp.network;' +
+  (domain.length > 0
+    ? `frame-ancestors ${Netlify.env.get(
+        'VUE_APP_WALLET_AUTH_URL'
+      )} *.arcana.network http://localhost http://localhost:* ${domain};`
+    : '')