viktor/wrongmove
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Harden frontend assets: disable source maps, add JS obfuscation, env var config

Browse source 
- Disable source maps in production builds (vite.config.ts: sourcemap: false)
- Add vite-plugin-obfuscator for JS obfuscation (hex identifiers, base64 string encoding)
- Move OIDC config behind VITE_* env vars with dev fallbacks (auth/config.ts)
- Add server_tokens off to nginx.conf to stop advertising nginx version
- Add type declaration for vite-plugin-obfuscator
This commit is contained in:
Viktor Barzin 2026-02-08 20:06:33 +00:00
parent 492921424e
commit 162d9a886d
No known key found for this signature in database
GPG key ID: 0EB088298288D958
8 changed files with 1267 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

1
frontend/src/constants/index.ts
View file

@ -17,6 +17,7 @@ export const API_ENDPOINTS = {
// Map configuration
export const MAP_CONFIG = {
// Dev fallback token — production builds must set VITE_MAPBOX_TOKEN
MAPBOX_TOKEN: import.meta.env.VITE_MAPBOX_TOKEN || 'pk.eyJ1IjoiZGktdG8iLCJhIjoiY2o0bnBoYXcxMW1mNzJ3bDhmc2xiNWttaiJ9.ZccatVk_4shzoAsEUXXecA',
DEFAULT_CENTER: [13.38032, 49.994210] as [number, number],
DEFAULT_ZOOM: 5,