node.js - SvelteKit 和适配器节点 -> 生产
问题描述
很好奇其他人正在使用 SvelteKit 适配器节点构建以将它们投入生产。
例如...
- 提供预压缩文件
- 设置缓存 TTL
- 也许像
helmet
为适配器定义一个入口点是否更好,例如实现 polka/express/connect 的 server.js...
// src/server.js
import { assetsMiddleware, prerenderedMiddleware, kitMiddleware } from '../build/middlewares.js'
import polka from 'polka'
import compression from 'compression'
import helmet from 'helmet'
const app = polka()
app.use(helmet())
app.use(assetsMiddleware, prerenderedMiddleware, kitMiddleware)
app.use(compression())
app.listen(3000)
还是在 hooks.js 的 handler() 方法中实现类似的功能更好?
有兴趣了解人们从通过适配器节点构建到生产的过程。
解决方案
在检查了适配器节点在构建文件夹中生成的内容后,我决定在 svelte.config.js 中为适配器的选项设置entryPoint属性,并将其添加到构建中。hooks.js/ts 中的handle()方法不允许对静态内容进行任何控制。./src/server.mjs
在下面的代码中,我为非 https 设置了重定向,并使用头盔来增强安全性。
// /src/server.mjs
import polka from 'polka'
import helmet from 'helmet'
import { assetsMiddleware, prerenderedMiddleware, kitMiddleware } from '../build/middlewares.js'
const { PORT = 3000, DOMAIN } = process.env
const isHttpPerHeroku = (req) =>
req.headers['x-forwarded-proto'] &&
req.headers['x-forwarded-proto'] !== 'https'
polka()
// On Heroku (only), redirect http to https
.use((req, res, next) => {
if (isHttpPerHeroku(req)) {
let url = `${DOMAIN}${req.url}`
let str = `Redirecting to ${url}`
res.writeHead(302, {
Location: url,
'Content-Type': 'text/plain',
'Content-Length': str.length
})
res.end(str)
} else next()
})
// Apply all but two helmet protections
.use(helmet({
contentSecurityPolicy: false, // override below
referrerPolicy: false // breaks "Sign in with Gooogle"
}))
// Set the Content Security Policy on top of defaults
.use(helmet.contentSecurityPolicy({
useDefaults: true,
directives: {
scriptSrc: [
"'self'",
`'unsafe-inline'`,
'https://accounts.google.com/gsi/',
'https://assets.braintreegateway.com/web/',
'https://platform.twitter.com/',
'https://www.google-analytics.com/',
'https://www.google.com/recaptcha/',
'https://www.googletagmanager.com/',
'https://www.gstatic.com/recaptcha/'
],
connectSrc: [
"'self'",
'https://accounts.google.com/gsi/',
'https://api.sandbox.braintreegateway.com/merchants/',
'https://api.braintreegateway.com/merchants/',
'https://origin-analytics-sand.sandbox.braintree-api.com/',
'https://payments.sandbox.braintree-api.com/',
'https://payments.braintree-api.com/',
'https://stats.g.doubleclick.net/',
'https://www.google-analytics.com/',
'https://platform.twitter.com/',
'https://assets.braintreegateway.com/web/',
'https://www.googletagmanager.com/',
'https://www.google.com/recaptcha/',
'https://www.gstatic.com/recaptcha/',
'https://fonts.gstatic.com/',
'https://client-analytics.braintreegateway.com/'
],
childSrc: [
"'self'",
'https://accounts.google.com/gsi/',
'https://assets.braintreegateway.com/web/',
'https://platform.twitter.com/',
'https://syndication.twitter.com/i/jot',
'https://www.google.com/maps/',
'https://www.google.com/recaptcha/'
],
fontSrc: [
"'self'",
'https:',
'data:',
'https://fonts.gstatic.com'
],
imgSrc: [
"'self'",
'data:',
'https://www.google-analytics.com/',
'https://www.googletagmanager.com/',
'www.w3.org/2000/svg',
],
frameSrc: [
'https://accounts.google.com/gsi/',
'https://www.google.com/recaptcha/',
'https://platform.twitter.com/',
'https://assets.braintreegateway.com/web/',
'https://www.google.com/maps/',
'https://syndication.twitter.com/i/jot'
],
workerSrc: [
"'self'"
]
}
}))
// Load the SvelteKit build
.use(assetsMiddleware, prerenderedMiddleware, kitMiddleware)
// Listen on the appropriate port
.listen(PORT)
推荐阅读
- ssh - 在我几乎无法控制服务器的情况下,如何通过 SSH 连接轻松编辑文件?
- django - 在 Django 上进行 Post 预览的最有效方法是什么?
- javascript - 如何使其多部分选择过滤角度
- python - Scipy 最小化迭代过去的界限
- r - 如何遍历列表并使用前一个元素?
- sql - 如果外键是另一个表的主键,为什么它可以为空?
- visual-c++ - 出现错误 LNK2019:使用 MSVC 在 Windows 中编译 SDL2 代码时出现无法解析的外部符号
- c - Why `pow(sum,1/2)` is not giving me the same result as `sqrt(sum))`?
- firebase - Flutter/Firebase 实时数据库:如何使用 equalsTo?
- listview - TListView 项目详细字体到等宽字体