From bc7705925c5a8fa8ac162f6937a5719a6f0fee18 Mon Sep 17 00:00:00 2001
From: Tiago Ribeiro <tiago.err@outlook.com>
Date: Mon, 16 Oct 2023 11:29:28 +0100
Subject: [PATCH] I am not sure anymore

---
 src/middleware.ts | 54 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 src/middleware.ts

diff --git a/src/middleware.ts b/src/middleware.ts
new file mode 100644
index 0000000..b3399a0
--- /dev/null
+++ b/src/middleware.ts
@@ -0,0 +1,54 @@
+import {NextRequest, NextResponse} from "next/server";
+
+export function middleware(request: NextRequest) {
+	const nonce = Buffer.from(crypto.randomUUID()).toString("base64");
+	const cspHeader = `
+    default-src 'self' *.stripe.com;
+    script-src 'self' 'nonce-${nonce}' 'strict-dynamic' *.stripe.com;
+    style-src 'self' 'nonce-${nonce}' *.stripe.com;
+    img-src 'self' blob: data: *.stripe.com;
+    font-src 'self' *.stripe.com;
+    object-src 'none' *.stripe.com;
+    base-uri 'self' *.stripe.com;
+    form-action 'self' *.stripe.com;
+    frame-ancestors 'none' *.stripe.com;
+    block-all-mixed-content;
+    upgrade-insecure-requests;
+`;
+
+	const requestHeaders = new Headers(request.headers);
+
+	// Setting request headers
+	requestHeaders.set("x-nonce", nonce);
+	requestHeaders.set(
+		"Content-Security-Policy",
+		// Replace newline characters and spaces
+		cspHeader.replace(/\s{2,}/g, " ").trim(),
+	);
+
+	return NextResponse.next({
+		headers: requestHeaders,
+		request: {
+			headers: requestHeaders,
+		},
+	});
+}
+
+export const config = {
+	matcher: [
+		/*
+		 * Match all request paths except for the ones starting with:
+		 * - api (API routes)
+		 * - _next/static (static files)
+		 * - _next/image (image optimization files)
+		 * - favicon.ico (favicon file)
+		 */
+		{
+			source: "/((?!api|_next/static|_next/image|favicon.ico).*)",
+			missing: [
+				{type: "header", key: "next-router-prefetch"},
+				{type: "header", key: "purpose", value: "prefetch"},
+			],
+		},
+	],
+};