Josh Knapp
265b365f0b
- Enable restrictive Content Security Policy in tauri.conf.json instead of null (disabled), restricting scripts/connects to self + Tauri IPC - Fix shell injection in entrypoint.sh by replacing su -c with direct git config --file writes, preventing names with quotes (e.g. O'Brien) from breaking startup or enabling code execution Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
41 lines
1.0 KiB
JSON
41 lines
1.0 KiB
JSON
{
|
|
"$schema": "https://raw.githubusercontent.com/tauri-apps/tauri/dev/crates/tauri-cli/schema.json",
|
|
"productName": "Triple-C",
|
|
"version": "0.1.0",
|
|
"identifier": "com.triple-c.app",
|
|
"build": {
|
|
"beforeDevCommand": "npm run dev",
|
|
"devUrl": "http://localhost:1420",
|
|
"beforeBuildCommand": "npm run build",
|
|
"frontendDist": "../dist"
|
|
},
|
|
"app": {
|
|
"windows": [
|
|
{
|
|
"title": "Triple-C",
|
|
"width": 1200,
|
|
"height": 800,
|
|
"resizable": true,
|
|
"fullscreen": false,
|
|
"minWidth": 800,
|
|
"minHeight": 600
|
|
}
|
|
],
|
|
"security": {
|
|
"csp": "default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' asset: https://asset.localhost; font-src 'self' data:; connect-src 'self' ipc: http://ipc.localhost"
|
|
}
|
|
},
|
|
"bundle": {
|
|
"active": true,
|
|
"targets": "all",
|
|
"icon": [
|
|
"icons/32x32.png",
|
|
"icons/128x128.png",
|
|
"icons/128x128@2x.png",
|
|
"icons/icon.ico",
|
|
"icons/icon.png"
|
|
]
|
|
},
|
|
"plugins": {}
|
|
}
|