diana.dolgolyova
a587736dd3
- Mobile responsiveness improvements across admin and public sections - Admin: bookings modal, open-day page, team page, layout polish - Added rate limiting, CSRF hardening, auth-edge improvements - Scroll reveal, floating contact, back-to-top, Yandex map fixes - Schedule filters refactor, team profile/info component updates - New useTrainerPhotos hook - Added class, team, master-class, and news images
28 lines
777 B
TypeScript
28 lines
777 B
TypeScript
import type { NextConfig } from "next";
|
|
|
|
const securityHeaders = [
|
|
{ key: "X-Content-Type-Options", value: "nosniff" },
|
|
{ key: "X-Frame-Options", value: "DENY" },
|
|
{ key: "Referrer-Policy", value: "strict-origin-when-cross-origin" },
|
|
{ key: "Permissions-Policy", value: "camera=(), microphone=(), geolocation=()" },
|
|
...(process.env.NODE_ENV === "production"
|
|
? [{ key: "Strict-Transport-Security", value: "max-age=63072000; includeSubDomains; preload" }]
|
|
: []),
|
|
];
|
|
|
|
const nextConfig: NextConfig = {
|
|
serverExternalPackages: ["better-sqlite3"],
|
|
allowedDevOrigins: [
|
|
"black-heart.dolgolyov-family.by",
|
|
"192.168.2.56",
|
|
],
|
|
headers: async () => [
|
|
{
|
|
source: "/(.*)",
|
|
headers: securityHeaders,
|
|
},
|
|
],
|
|
};
|
|
|
|
export default nextConfig;
|