diff --git a/client/web-app/build.gradle.kts b/client/web-app/build.gradle.kts index d7eb92a4..bdf878b6 100644 --- a/client/web-app/build.gradle.kts +++ b/client/web-app/build.gradle.kts @@ -11,11 +11,16 @@ kotlin { js(IR) { browser { commonWebpackConfig { +// devServer = devServer?.copy( +// port = 8080, +// static = mutableListOf("src/jsMain/resources") +// ) devServer = devServer?.copy( port = 8080, - static = mutableListOf("src/jsMain/resources") + static = mutableListOf(project.projectDir.resolve("src/jsMain/resources").path) ) + // Webpack optimization settings configDirectory = project.projectDir.resolve("webpack.config.d") } diff --git a/client/web-app/src/jsMain/resources/index.html b/client/web-app/src/jsMain/resources/index.html index ca2186b2..43f683b0 100644 --- a/client/web-app/src/jsMain/resources/index.html +++ b/client/web-app/src/jsMain/resources/index.html @@ -19,5 +19,6 @@
+ diff --git a/client/web-app/webpack.config.d/csp.js b/client/web-app/webpack.config.d/csp.js index da1ce6df..5499fd68 100644 --- a/client/web-app/webpack.config.d/csp.js +++ b/client/web-app/webpack.config.d/csp.js @@ -1,14 +1,5 @@ // Content Security Policy configuration for development -// More relaxed CSP suitable for development environment config.devServer = config.devServer || {}; config.devServer.headers = config.devServer.headers || {}; config.devServer.headers['Content-Security-Policy'] = - "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob:; " + - "script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob:; " + - "style-src 'self' 'unsafe-inline' data: blob:; " + - "img-src 'self' data: blob: http: https:; " + - "font-src 'self' data: blob: http: https:; " + - "connect-src 'self' ws: wss: http: https:; " + - "frame-src 'self' data: blob:; " + - "object-src 'none'; " + - "base-uri 'self';"; + "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src *; img-src 'self' data:; font-src 'self' data:; frame-src 'self';"; diff --git a/client/web-app/webpack.config.d/csp.js.disabled b/client/web-app/webpack.config.d/csp.js.disabled new file mode 100644 index 00000000..da1ce6df --- /dev/null +++ b/client/web-app/webpack.config.d/csp.js.disabled @@ -0,0 +1,14 @@ +// Content Security Policy configuration for development +// More relaxed CSP suitable for development environment +config.devServer = config.devServer || {}; +config.devServer.headers = config.devServer.headers || {}; +config.devServer.headers['Content-Security-Policy'] = + "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob:; " + + "script-src 'self' 'unsafe-inline' 'unsafe-eval' data: blob:; " + + "style-src 'self' 'unsafe-inline' data: blob:; " + + "img-src 'self' data: blob: http: https:; " + + "font-src 'self' data: blob: http: https:; " + + "connect-src 'self' ws: wss: http: https:; " + + "frame-src 'self' data: blob:; " + + "object-src 'none'; " + + "base-uri 'self';"; diff --git a/client/web-app/webpack.config.d/optimization.js b/client/web-app/webpack.config.d/optimization.js index 1e1a0b61..b3e9ea80 100644 --- a/client/web-app/webpack.config.d/optimization.js +++ b/client/web-app/webpack.config.d/optimization.js @@ -83,8 +83,8 @@ config.optimization = { // Performance budget adjusted for Kotlin/JS applications // Note: Kotlin/JS apps require all dependencies loaded initially, so larger budgets are realistic config.performance = { - maxAssetSize: 400000, // 400KB per asset (realistic for Kotlin libs) - maxEntrypointSize: 2000000, // 2MB total entry point (realistic for Kotlin/JS + Compose) + maxAssetSize: 1000000, // 1MB per asset (realistic for large Kotlin/Compose libs) + maxEntrypointSize: 7000000, // 7MB total entry point (realistic for Kotlin/JS + Compose) hints: 'warning', assetFilter: function(assetFilename) { // Only check JS files for performance