From 347d6e9d60fba0a36bbf7ba20d9f1f1d6a361b8d Mon Sep 17 00:00:00 2001 From: Luca Forstner Date: Thu, 12 May 2022 10:07:12 +0000 Subject: [PATCH] fix(ember): Export sha hashes of injected scripts Enables users to use the Sentry Ember SDK in combination with CSP. --- packages/ember/index.js | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/packages/ember/index.js b/packages/ember/index.js index c51410e9348c..130d5f33ed5f 100644 --- a/packages/ember/index.js +++ b/packages/ember/index.js @@ -1,10 +1,21 @@ 'use strict'; const fs = require('fs'); +const crypto = require('crypto'); function readSnippet(fileName) { - return ``; + return fs.readFileSync(`${__dirname}/vendor/${fileName}`, 'utf8'); } +function hashSha256base64(string) { + return crypto.createHash('sha256').update(string).digest('base64'); +} + +const initialLoadHeadSnippet = readSnippet('initial-load-head.js'); +const initialLoadBodySnippet = readSnippet('initial-load-body.js'); + +const initialLoadHeadSnippetHash = hashSha256base64(initialLoadHeadSnippet); +const initialLoadBodySnippetHash = hashSha256base64(initialLoadBodySnippet); + module.exports = { name: require('./package').name, options: { @@ -24,16 +35,18 @@ module.exports = { contentFor(type, config) { const addonConfig = config['@sentry/ember'] || {}; - const { disablePerformance, disableInitialLoadInstrumentation } = addonConfig; + if (disablePerformance || disableInitialLoadInstrumentation) { return; } + if (type === 'head') { - return readSnippet('initial-load-head.js'); - } - if (type === 'body-footer') { - return readSnippet('initial-load-body.js'); + return ``; + } else if (type === 'body-footer') { + return ``; } }, + + injectedScriptHashes: [initialLoadHeadSnippetHash, initialLoadBodySnippetHash], };