const isDev = process.env.NODE_ENV === 'development' /** @type {import('next').NextConfig} */ const nextConfig = { output: 'standalone', basePath: '/shop', env: { NEXT_PUBLIC_BASE_PATH: '/shop', }, images: { remotePatterns: [ { protocol: 'https', hostname: 'items-images-production.s3.us-west-2.amazonaws.com' }, { protocol: 'https', hostname: 'items-images-sandbox.s3.us-west-2.amazonaws.com' }, { protocol: 'https', hostname: 'square-web-sdk-production.squarecdn.com' }, { protocol: 'https', hostname: 'square-web-sdk-sandbox.squarecdn.com' }, ], }, async headers() { return [ { source: '/(.*)', headers: [ { key: 'X-Content-Type-Options', value: 'nosniff' }, { key: 'X-Frame-Options', value: 'DENY' }, { key: 'X-XSS-Protection', value: '1; mode=block' }, { key: 'Referrer-Policy', value: 'strict-origin-when-cross-origin' }, { key: 'Permissions-Policy', value: 'camera=(), microphone=(), geolocation=()' }, { key: 'Content-Security-Policy', value: [ "default-src 'self'", `script-src 'self' 'unsafe-inline'${isDev ? " 'unsafe-eval'" : ''} https://web.squarecdn.com https://sandbox.web.squarecdn.com https://cdnjs.cloudflare.com`, "style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdnjs.cloudflare.com https://web.squarecdn.com https://sandbox.web.squarecdn.com", "font-src 'self' https://fonts.gstatic.com https://cdnjs.cloudflare.com https://cash-f.squarecdn.com", "img-src 'self' data: https://items-images-production.s3.us-west-2.amazonaws.com https://items-images-sandbox.s3.us-west-2.amazonaws.com https://*.squarecdn.com", "connect-src 'self' https://web.squarecdn.com https://sandbox.web.squarecdn.com https://pci-connect.squareup.com https://pci-connect.squareupsandbox.com", "frame-src https://web.squarecdn.com https://sandbox.web.squarecdn.com", ].join('; '), }, ], }, ] }, } export default nextConfig