{"version":3,"file":"add-response-headers.mjs","sources":["../../../../../../src/server/authenticate/helpers/add-response-headers.ts"],"sourcesContent":["import type {BasicParams} from '../../types';\nimport {AppDistribution} from '../../types';\nimport {APP_BRIDGE_URL, CDN_URL, POLARIS_URL} from '../const';\n\nexport type AddDocumentResponseHeadersFunction = (\n  request: Request,\n  headers: Headers,\n) => void;\n\nexport function addDocumentResponseHeadersFactory(\n  params: BasicParams,\n): AddDocumentResponseHeadersFunction {\n  const {api, config} = params;\n\n  return function (request: Request, headers: Headers) {\n    const {searchParams} = new URL(request.url);\n    const shop = api.utils.sanitizeShop(searchParams.get('shop')!);\n\n    const isEmbeddedApp = config.distribution !== AppDistribution.ShopifyAdmin;\n    addDocumentResponseHeaders(headers, isEmbeddedApp, shop);\n  };\n}\n\nexport function addDocumentResponseHeaders(\n  headers: Headers,\n  isEmbeddedApp: boolean,\n  shop: string | null | undefined,\n) {\n  if (shop) {\n    headers.set(\n      'Link',\n      `<${CDN_URL}>; rel=\"preconnect\", <${APP_BRIDGE_URL}>; rel=\"preload\"; as=\"script\", <${POLARIS_URL}>; rel=\"preload\"; as=\"script\"`,\n    );\n  }\n\n  if (isEmbeddedApp) {\n    if (shop) {\n      headers.set(\n        'Content-Security-Policy',\n        `frame-ancestors https://${shop} https://admin.shopify.com https://*.spin.dev https://admin.myshopify.io https://admin.shop.dev;`,\n      );\n    }\n  } else {\n    headers.set('Content-Security-Policy', `frame-ancestors 'none';`);\n  }\n}\n"],"names":[],"mappings":";;;AASM,SAAU,iCAAiC,CAC/C,MAAmB,EAAA;AAEnB,IAAA,MAAM,EAAC,GAAG,EAAE,MAAM,EAAC,GAAG,MAAM;IAE5B,OAAO,UAAU,OAAgB,EAAE,OAAgB,EAAA;QACjD,MAAM,EAAC,YAAY,EAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC;AAC3C,QAAA,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,YAAY,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAE,CAAC;QAE9D,MAAM,aAAa,GAAG,MAAM,CAAC,YAAY,KAAK,eAAe,CAAC,YAAY;AAC1E,QAAA,0BAA0B,CAAC,OAAO,EAAE,aAAa,EAAE,IAAI,CAAC;AAC1D,IAAA,CAAC;AACH;SAEgB,0BAA0B,CACxC,OAAgB,EAChB,aAAsB,EACtB,IAA+B,EAAA;IAE/B,IAAI,IAAI,EAAE;AACR,QAAA,OAAO,CAAC,GAAG,CACT,MAAM,EACN,CAAA,CAAA,EAAI,OAAO,CAAA,sBAAA,EAAyB,cAAc,CAAA,gCAAA,EAAmC,WAAW,CAAA,6BAAA,CAA+B,CAChI;IACH;IAEA,IAAI,aAAa,EAAE;QACjB,IAAI,IAAI,EAAE;YACR,OAAO,CAAC,GAAG,CACT,yBAAyB,EACzB,CAAA,wBAAA,EAA2B,IAAI,CAAA,gGAAA,CAAkG,CAClI;QACH;IACF;SAAO;AACL,QAAA,OAAO,CAAC,GAAG,CAAC,yBAAyB,EAAE,CAAA,uBAAA,CAAyB,CAAC;IACnE;AACF;;;;"}