Add documentation

Vincent Dubois · Vincent Dubois · commit 01466a0ec476 · 2025-11-14T13:28:47.000+01:00
diff --git a/README.md b/README.md
@@ -176,7 +176,7 @@ export default defineConfig({
    - Replace the `html.cspNonce` from the vite.config.ts with the generated nonce
    - Replace `nonce-{RANDOM}` in CSP rules with `nonce-[generated-nonce]`
 
-> ⚠️ `html.cspNonce` from the vite.config.ts will be overridden by the public in development mode
+> ⚠️ `html.cspNonce` from the vite.config.ts will be overridden by the plugin in development mode
 
 This ensures that the same nonce is used for both the CSP headers and the HTML attributes, allowing specific inline scripts and styles to be executed while maintaining security.
 
diff --git a/src/lib/csp-configuration-generation/CspConfigurationFileGeneration.ts b/src/lib/csp-configuration-generation/CspConfigurationFileGeneration.ts
@@ -42,7 +42,7 @@ export const generateCspConfigurationFileForEnvironment = async <Environment ext
   rules: CspPolicies<Environment>,
   environment: Environment,
 ): Promise<void> => {
-  const directive: string = computeCspDirectiveForEnvironment(rules, environment);
+  const directive: string = computeCspDirectiveForEnvironment<Environment>(rules, environment);
 
   try {
     await mkdir('content-security-policy/configurations', { recursive: true });
diff --git a/src/lib/csp/ComputeOriginForEnvironment.ts b/src/lib/csp/ComputeOriginForEnvironment.ts
@@ -21,7 +21,7 @@ export const computeOriginForEnvironment = <Environment extends string = never>(
 
 /**
  * Generates a Content Security Policy (CSP) directive string based on provided
- * policies and the specified environment.
+ * policies and the specified environment. If no environment is provided, the default directive is used.
  *
  * @template Environment - The type representing the environment. Defaults to `never`.
  * @param {CspPolicies<Environment>} policies - An object defining CSP policies, mapping
@@ -37,7 +37,7 @@ export const computeCspDirectiveForEnvironment = <Environment extends string = n
   return Object
     .entries(policies)
     .map(([directive, value]: [string, AuthorisedOrigins<Environment>]) => {
-      const allowedOrigin: string = computeOriginForEnvironment(value, environment);
+      const allowedOrigin: string = computeOriginForEnvironment<Environment>(value, environment);
       return `${directive} ${allowedOrigin}`;
     })
     .join('; ');
diff --git a/src/lib/plugins/CspProxyPlugin.ts b/src/lib/plugins/CspProxyPlugin.ts
@@ -53,7 +53,7 @@ export const cspProxyPlugin = <Environment extends string = never>(
       // Nonce configuration must be enabled in vite and in the plugin in order to work
       if ((!htmlNonce && !!noncesConfiguration) || (!!htmlNonce && !noncesConfiguration)) {
         console.error(
-          'Configure the html.cspNonce value in vite.config.ts to enable the nonce template replacement in the HTML template. ',
+          'Configure the html.cspNonce value in vite.config.ts to enable the nonce template replacement in the HTML template.',
         );
       }
 

Original file line number	Diff line number	Diff line change
`@@ -53,7 +53,7 @@ export const cspProxyPlugin = <Environment extends string = never>(`
`53`	`53`	`// Nonce configuration must be enabled in vite and in the plugin in order to work`
`54`	`54`	`if ((!htmlNonce && !!noncesConfiguration) \|\| (!!htmlNonce && !noncesConfiguration)) {`
`55`	`55`	`console.error(`
`56`		`- 'Configure the html.cspNonce value in vite.config.ts to enable the nonce template replacement in the HTML template. ',`
	`56`	`+ 'Configure the html.cspNonce value in vite.config.ts to enable the nonce template replacement in the HTML template.',`
`57`	`57`	`);`
`58`	`58`	`}`
`59`	`59`