Merge branch 'main' into patch-1

.gitignore

@@ -1,4 +1,5 @@
 _vendor/
+prebuild/
 public/
 resources/
 node_modules/

config/_default/hugo.toml

@@ -26,19 +26,47 @@ defaultContentLanguage = "en"
 defaultContentLanguageInSubdir = false
 # toml-docs-end language
 
+# toml-docs-start headers
+[outputFormats]
+ [outputFormats.server]
+ mediaType = "application/toml"
+ baseName = "server"
+ isPlainText = true
+ notAlternative = true
+ permalinkable = true
+ root = true
+ [outputFormats.netlify]
+ mediaType = "application/toml"
+ baseName = "netlify"
+ isPlainText = true
+ notAlternative = true
+ permalinkable = true
+ root = true
+# toml-docs-end headers
+
+ [outputFormats.XML]
+ isPlainText = false
+ mediaType = "application/xml"
+ isHtml = false
+ noUgly = true
+ permalinkable = false
+ name = "xml"
+
 # toml-docs-start redirect
-[outputFormats.REDIR]
-mediaType = "text/netlify"
-baseName = "_redirects"
-isPlainText = true
-notAlternative = true
+ [outputFormats.REDIR]
+ mediaType = "text/netlify"
+ baseName = "_redirects"
+ isPlainText = true
+ notAlternative = true
 
 [mediaTypes."text/netlify"]
 delimiter = ""
+# toml-docs-end redirect
 
+# toml-docs-start outputs
 [outputs]
-home = ["HTML", "RSS", "REDIR"]
-# toml-docs-end redirect
+home = ["HTML", "RSS", "REDIR", "netlify", "server"]
+# toml-docs-end outputs
 
 # toml-docs-start build
 [build]
@@ -77,15 +105,6 @@ home = ["HTML", "RSS", "REDIR"]
  [services.googleAnalytics]
  # ID = "G-xxxxxxxxxx"
 
-[outputFormats]
- [outputFormats.XML]
- isPlainText = false
- mediaType = "application/xml"
- isHtml = false
- noUgly = true
- permalinkable = false
- name = "xml"
-
 [minify]
  [minify.tdewolff.js]
  keepVarNames = true
@@ -126,6 +145,8 @@ home = ["HTML", "RSS", "REDIR"]
 # toml-docs-start modules
  [[module.imports]]
  path = "github.com/gethinode/mod-bootstrap"
+ [[module.imports]]
+ path = "github.com/gethinode/mod-csp"
  [[module.imports]]
  path = "github.com/gethinode/mod-flexsearch/v2"
  [[module.imports]]
@@ -143,3 +164,11 @@ home = ["HTML", "RSS", "REDIR"]
  [[module.imports]]
  path = "github.com/gethinode/mod-utils/v2"
 # toml-docs-end modules
+
+# toml-docs-start segments
+[segments]
+ [segments.headers]
+ [[segments.headers.includes]]
+ kind = '{home}'
+ output = '{netlify,server}'
+# toml-docs-end segments

config/_default/params.toml

@@ -204,3 +204,29 @@
 
 [links]
  hinode = "https://gethinode.com"
+
+# toml-docs-start headers
+[headers]
+ [headers.netlify]
+ source = "netlify.toml"
+# toml-docs-end headers
+
+# toml-docs-start csp
+[modules.hinode.csp]
+ style-src = ["www.youtube.com"]
+ font-src = ["fonts.gstatic.com"]
+ frame-src = [
+ "player.cloudinary.com",
+ "player.vimeo.com",
+ "www.youtube-nocookie.com",
+ "www.youtube.com"
+ ]
+ img-src = [
+ "data:",
+ "*.imgix.net",
+ "*.imagekit.io",
+ "*.cloudinary.com",
+ "i.vimeocdn.com",
+ "i.ytimg.com"
+ ]
+# toml-docs-end csp

config/_default/server.toml

@@ -1,41 +1,29 @@
-# toml-docs-start server-config
+# Auto-generated file - do not modify
+
 [[headers]]
-for = '/**'
-[headers.values]
- Strict-Transport-Security = "max-age=31536000; includeSubDomains; preload"
- X-Content-Type-Options = "nosniff"
- X-XSS-Protection = "1; mode=block"
- Content-Security-Policy = """\
- default-src 'self'; \
- script-src 'self' https://*.google-analytics.com https://*.googletagmanager.com; \
- style-src 'self' https://fonts.googleapis.com https://www.youtube.com; \
- object-src 'none'; \
+ for = '/**'
+
+ [headers.values]
+ Access-Control-Allow-Origin = '*'
+ Content-Security-Policy = """
  base-uri 'self'; \
- connect-src 'self'
- https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com; \
- font-src 'self' https://fonts.gstatic.com; \
- frame-src 'self' https://player.cloudinary.com https://player.vimeo.com https://www.youtube-nocookie.com https://www.youtube.com; \
- img-src 'self' data: https://*.imgix.net https://*.imagekit.io https://*.cloudinary.com https://i.vimeocdn.com https://i.ytimg.com https://*.google-analytics.com https://*.googletagmanager.com https://tile.openstreetmap.org; \
+ connect-src 'self' *.google-analytics.com *.analytics.google.com *.googletagmanager.com; \
+ default-src 'none' 'self'; \
+ font-src 'self' fonts.gstatic.com; \
+ form-action 'self'; \
+ frame-src player.cloudinary.com player.vimeo.com www.youtube-nocookie.com www.youtube.com; \
+ img-src 'self' *.google-analytics.com *.googletagmanager.com data: *.imgix.net *.imagekit.io *.cloudinary.com i.vimeocdn.com i.ytimg.com tile.openstreetmap.org; \
  manifest-src 'self'; \
- media-src 'self' \
- """
- X-Frame-Options = "SAMEORIGIN"
- Referrer-Policy = "strict-origin"
- Permissions-Policy = """\
- geolocation=(), \
- midi=(), \
- sync-xhr=(), \
- microphone=(), \
- camera=(), \
- magnetometer=(), \
- gyroscope=(), \
- payment=() \
- """
- cache-control = """\
- max-age=0, \
- no-cache, \
- no-store, \
- must-revalidate \
+ media-src 'self'; \
+ object-src 'none'; \
+ script-src 'self' *.google-analytics.com *.googletagmanager.com; \
+ style-src 'self' www.youtube.com; \
  """
- Access-Control-Allow-Origin = "*"
-# toml-docs-end server-config
+ Permissions-Policy = 'geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), fullscreen=(), payment=() '
+ Referrer-Policy = 'strict-origin'
+ Strict-Transport-Security = 'max-age=31536000; includeSubDomains; preload'
+ X-Content-Type-Options = 'nosniff'
+ X-Frame-Options = 'SAMEORIGIN'
+ X-XSS-Protection = '1; mode=block'
+ cache-control = 'max-age=0, no-cache, no-store, must-revalidate '
+

data/netlify.toml

@@ -0,0 +1,35 @@
+# toml-docs-start netlify
+[build]
+ publish = "exampleSite/public"
+ command = "npm run build:example"
+
+[build.environment]
+ DART_SASS_VERSION = "1.78.0"
+ HUGO_VERSION = "0.134.1"
+ HUGO_ENV = "production"
+ HUGO_ENABLEGITINFO = "true"
+ NODE_VERSION = "20.17.0"
+ NPM_VERSION = "10.8.2"
+# toml-docs-end netlify
+
+[context.deploy-preview]
+ command = "npm run build:example -- -b $DEPLOY_PRIME_URL"
+
+[context.branch-deploy]
+ command = "npm run build:example -- -b $DEPLOY_PRIME_URL"
+
+[dev]
+ framework = "#custom"
+ command = "npm run start:example"
+ targetPort = 1313
+ port = 8888
+ publish = "public"
+ autoLaunch = false
+
+# toml-docs-start plugins
+[[plugins]]
+ package = "@gethinode/netlify-plugin-dartsass"
+
+[[plugins]]
+ package = "netlify-plugin-hugo-cache-resources"
+# toml-docs-end plugins

data/server.toml

@@ -0,0 +1,41 @@
+# toml-docs-start server-config
+[[headers]]
+ for = "/**"
+ [headers.values]
+ Strict-Transport-Security = "max-age=31536000; includeSubDomains; preload"
+ X-Content-Type-Options = "nosniff"
+ X-XSS-Protection = "1; mode=block"
+ X-Frame-Options = "SAMEORIGIN"
+ Referrer-Policy = "strict-origin"
+ Permissions-Policy = """\
+ geolocation=(), \
+ midi=(), \
+ sync-xhr=(), \
+ microphone=(), \
+ camera=(), \
+ magnetometer=(), \
+ gyroscope=(), \
+ fullscreen=(), \
+ payment=() \
+ """
+ cache-control = """\
+ max-age=0, \
+ no-cache, \
+ no-store, \
+ must-revalidate \
+ """
+ Access-Control-Allow-Origin = "*"
+ Content-Security-Policy = """\
+ default-src 'none'; \
+ script-src 'self'; \
+ font-src 'self'; \
+ connect-src 'self'; \
+ img-src 'self'; \
+ style-src 'self'; \
+ base-uri 'self'; \
+ object-src 'none'; \
+ form-action 'self'; \
+ manifest-src 'self'; \
+ media-src 'self' \
+ """
+# toml-docs-end server-config

exampleSite/config/_default/hugo.toml

@@ -20,17 +20,39 @@ languageCode = "en-us"
 defaultContentLanguage = "en"
 defaultContentLanguageInSubdir = true
 
-[outputFormats.REDIR]
-mediaType = "text/netlify"
-baseName = "_redirects"
-isPlainText = true
-notAlternative = true
+[outputFormats]
+ [outputFormats.netlify]
+ mediaType = "application/toml"
+ baseName = "netlify"
+ isPlainText = true
+ notAlternative = true
+ permalinkable = true
+ root = true
+ [outputFormats.server]
+ mediaType = "application/toml"
+ baseName = "server"
+ isPlainText = true
+ notAlternative = true
+ permalinkable = true
+ root = true
+ [outputFormats.XML]
+ isPlainText = false
+ mediaType = "application/xml"
+ isHtml = false
+ noUgly = true
+ permalinkable = false
+ name = "xml"
+ [outputFormats.REDIR]
+ mediaType = "text/netlify"
+ baseName = "_redirects"
+ isPlainText = true
+ notAlternative = true
 
 [mediaTypes."text/netlify"]
 delimiter = ""
 
 [outputs]
-home = ["HTML", "RSS", "REDIR"]
+home = ["HTML", "RSS", "REDIR", "netlify", "server"]
 
 [build]
  writeStats = true
@@ -67,15 +89,6 @@ home = ["HTML", "RSS", "REDIR"]
  [services.googleAnalytics]
  ID = "G-T85PPZ36GN"
 
-[outputFormats]
- [outputFormats.XML]
- isPlainText = false
- mediaType = "application/xml"
- isHtml = false
- noUgly = true
- permalinkable = false
- name = "xml"
-
 [minify]
  [minify.tdewolff.js]
  keepVarNames = true
@@ -84,6 +97,12 @@ home = ["HTML", "RSS", "REDIR"]
  [minify.tdewolff.html]
  keepWhitespace = true
 
+[segments]
+ [segments.headers]
+ [[segments.headers.includes]]
+ kind = '{home}'
+ output = '{netlify,server}'
+
 [module]
  # Build and serve using local hinode clone declared in the named Hugo workspace:
  workspace = "hinode.work"
@@ -93,6 +112,8 @@ home = ["HTML", "RSS", "REDIR"]
  path = "github.com/gethinode/hinode"
  [[module.imports]]
  path = "github.com/gethinode/mod-bootstrap"
+ [[module.imports]]
+ path = "github.com/gethinode/mod-csp"
  [[module.imports]]
  path = "github.com/gethinode/mod-flexsearch/v2"
  [[module.imports]]