{"version":3,"file":"register.mjs","sources":["../../server/src/register.ts"],"sourcesContent":["/**\n * This file ensures that the Strapi security middleware's Content Security Policy (CSP)\n * allows images and media from both the default sources (\"'self'\", 'data:', 'blob:')\n * and the required S3 domains for AI features. It checks for existing 'img-src' and 'media-src'\n * directives and adds the S3 domains if not present. If no directives exist but useDefaults is true,\n * it adds the defaults plus the S3 domains. This guarantees that all required sources are allowed\n * without overwriting user configuration.\n */\nexport default async () => {\n  const s3Domains = [\n    'strapi-ai-staging.s3.us-east-1.amazonaws.com',\n    'strapi-ai-production.s3.us-east-1.amazonaws.com',\n  ];\n  const defaults = [\"'self'\", 'data:', 'blob:'];\n  const middlewares = strapi.config.get('middlewares') as (\n    | string\n    | { name?: string; config?: any }\n  )[];\n\n  const configuredMiddlewares = middlewares.map((m) => {\n    // Handle case where middleware is a string 'strapi::security'\n    if (typeof m === 'string' && m === 'strapi::security') {\n      return {\n        name: 'strapi::security',\n        config: {\n          contentSecurityPolicy: {\n            useDefaults: true,\n            directives: {\n              'img-src': Array.from(new Set([...defaults, ...s3Domains])),\n              'media-src': Array.from(new Set([...defaults, ...s3Domains])),\n            },\n          },\n        },\n      };\n    }\n    // Handle case where middleware is an object with name 'strapi::security'\n    if (typeof m === 'object' && m.name === 'strapi::security') {\n      const config = m.config || {};\n      const csp = config.contentSecurityPolicy || {};\n      const directives = csp.directives || {};\n      // img-src\n      let imgSrc = directives['img-src'];\n      if (!imgSrc && csp.useDefaults) {\n        imgSrc = [...defaults];\n      }\n      if (!imgSrc) {\n        imgSrc = [];\n      }\n      imgSrc = Array.from(new Set([...imgSrc, ...s3Domains]));\n      // media-src\n      let mediaSrc = directives['media-src'];\n      if (!mediaSrc && csp.useDefaults) {\n        mediaSrc = [...defaults];\n      }\n      if (!mediaSrc) {\n        mediaSrc = [];\n      }\n      mediaSrc = Array.from(new Set([...mediaSrc, ...s3Domains]));\n      // Set back\n      return {\n        ...m,\n        config: {\n          ...config,\n          contentSecurityPolicy: {\n            ...csp,\n            directives: {\n              ...directives,\n              'img-src': imgSrc,\n              'media-src': mediaSrc,\n            },\n          },\n        },\n      };\n    }\n    return m;\n  });\n\n  strapi.config.set('middlewares', configuredMiddlewares);\n};\n"],"names":["s3Domains","defaults","middlewares","strapi","config","get","configuredMiddlewares","map","m","name","contentSecurityPolicy","useDefaults","directives","Array","from","Set","csp","imgSrc","mediaSrc","set"],"mappings":"AAAA;;;;;;;AAOC,IACD,eAAe,CAAA,UAAA;AACb,IAAA,MAAMA,SAAY,GAAA;AAChB,QAAA,8CAAA;AACA,QAAA;AACD,KAAA;AACD,IAAA,MAAMC,QAAW,GAAA;AAAC,QAAA,QAAA;AAAU,QAAA,OAAA;AAAS,QAAA;AAAQ,KAAA;AAC7C,IAAA,MAAMC,WAAcC,GAAAA,MAAAA,CAAOC,MAAM,CAACC,GAAG,CAAC,aAAA,CAAA;AAKtC,IAAA,MAAMC,qBAAwBJ,GAAAA,WAAAA,CAAYK,GAAG,CAAC,CAACC,CAAAA,GAAAA;;AAE7C,QAAA,IAAI,OAAOA,CAAAA,KAAM,QAAYA,IAAAA,CAAAA,KAAM,kBAAoB,EAAA;YACrD,OAAO;gBACLC,IAAM,EAAA,kBAAA;gBACNL,MAAQ,EAAA;oBACNM,qBAAuB,EAAA;wBACrBC,WAAa,EAAA,IAAA;wBACbC,UAAY,EAAA;AACV,4BAAA,SAAA,EAAWC,KAAMC,CAAAA,IAAI,CAAC,IAAIC,GAAI,CAAA;AAAId,gCAAAA,GAAAA,QAAAA;AAAaD,gCAAAA,GAAAA;AAAU,6BAAA,CAAA,CAAA;AACzD,4BAAA,WAAA,EAAaa,KAAMC,CAAAA,IAAI,CAAC,IAAIC,GAAI,CAAA;AAAId,gCAAAA,GAAAA,QAAAA;AAAaD,gCAAAA,GAAAA;AAAU,6BAAA,CAAA;AAC7D;AACF;AACF;AACF,aAAA;AACF;;AAEA,QAAA,IAAI,OAAOQ,CAAM,KAAA,QAAA,IAAYA,CAAEC,CAAAA,IAAI,KAAK,kBAAoB,EAAA;AAC1D,YAAA,MAAML,MAASI,GAAAA,CAAAA,CAAEJ,MAAM,IAAI,EAAC;AAC5B,YAAA,MAAMY,GAAMZ,GAAAA,MAAAA,CAAOM,qBAAqB,IAAI,EAAC;AAC7C,YAAA,MAAME,UAAaI,GAAAA,GAAAA,CAAIJ,UAAU,IAAI,EAAC;;YAEtC,IAAIK,MAAAA,GAASL,UAAU,CAAC,SAAU,CAAA;AAClC,YAAA,IAAI,CAACK,MAAAA,IAAUD,GAAIL,CAAAA,WAAW,EAAE;gBAC9BM,MAAS,GAAA;AAAIhB,oBAAAA,GAAAA;AAAS,iBAAA;AACxB;AACA,YAAA,IAAI,CAACgB,MAAQ,EAAA;AACXA,gBAAAA,MAAAA,GAAS,EAAE;AACb;AACAA,YAAAA,MAAAA,GAASJ,KAAMC,CAAAA,IAAI,CAAC,IAAIC,GAAI,CAAA;AAAIE,gBAAAA,GAAAA,MAAAA;AAAWjB,gBAAAA,GAAAA;AAAU,aAAA,CAAA,CAAA;;YAErD,IAAIkB,QAAAA,GAAWN,UAAU,CAAC,WAAY,CAAA;AACtC,YAAA,IAAI,CAACM,QAAAA,IAAYF,GAAIL,CAAAA,WAAW,EAAE;gBAChCO,QAAW,GAAA;AAAIjB,oBAAAA,GAAAA;AAAS,iBAAA;AAC1B;AACA,YAAA,IAAI,CAACiB,QAAU,EAAA;AACbA,gBAAAA,QAAAA,GAAW,EAAE;AACf;AACAA,YAAAA,QAAAA,GAAWL,KAAMC,CAAAA,IAAI,CAAC,IAAIC,GAAI,CAAA;AAAIG,gBAAAA,GAAAA,QAAAA;AAAalB,gBAAAA,GAAAA;AAAU,aAAA,CAAA,CAAA;;YAEzD,OAAO;AACL,gBAAA,GAAGQ,CAAC;gBACJJ,MAAQ,EAAA;AACN,oBAAA,GAAGA,MAAM;oBACTM,qBAAuB,EAAA;AACrB,wBAAA,GAAGM,GAAG;wBACNJ,UAAY,EAAA;AACV,4BAAA,GAAGA,UAAU;4BACb,SAAWK,EAAAA,MAAAA;4BACX,WAAaC,EAAAA;AACf;AACF;AACF;AACF,aAAA;AACF;QACA,OAAOV,CAAAA;AACT,KAAA,CAAA;AAEAL,IAAAA,MAAAA,CAAOC,MAAM,CAACe,GAAG,CAAC,aAAeb,EAAAA,qBAAAA,CAAAA;AACnC,CAAA;;;;"}