npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@nlo/nuxt-common-base-application

v1.4.0

Published

Nuxt3 layer for creating NLO Lottery websites

Downloads

329

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

petertabanganpetertabanganzowievangeest-nlozowievangeest-nlobasvanbovene-nlobasvanbovene-nloelposelposrogier_nlorogier_nlokimyiukimyiugerarddorstgerarddorstbartdekoningbartdekoningmelvinnlomelvinnlotdekoning-nlotdekoning-nlobrandondv-nlobrandondv-nlo

Keywords

Readme

NLO Nuxt common base application

This base nuxt application contains shared setup for creating and maintaining NLO lottery website applications in Nuxt.

This should only be included directly by lottery websites, so we can update @nlo/nuxt-common independently of this package.

Features:

  • Dictate nuxt version for verticals
  • Add security headers

Include in vertical

To include this nuxt layer into your own application, add it to the layers array in nuxt.config.ts, like so:

export default defineNuxtConfig({
	extends: ['@nlo/nuxt-common-base-application'],
});

Npm commands:

  • npm run lint to run prettier and typescript checks
  • npm run test to run unit tests
  • npm run dev to run the nuxt application

Environment variables

  • NUXT_REDIS_OPTIONS_BASE The prefix of the key of the cache entries
  • NUXT_REDIS_OPTIONS_URL The url to the redis instance
  • NUXT_REDIS_OPTIONS_TTL The time to live of the cache entries
  • NUXT_ENABLE_REDIS_CACHE Boolean indicating if redis should be enabled for page caching
  • NUXT_LRU_OPTIONS_MAX Maximum number of LRU cache entries
  • NUXT_ENABLE_LRU_CACHE Boolean indicating if LRU cache should be enabled for page caching

Security headers

For applying the best practices around security headers, we use https://nuxt-security.vercel.app. Using a library forces us to work in a security-by-default way of working. Information about required security headers can be found here: https://loterij.atlassian.net/wiki/spaces/NLDT/pages/3571253310/Required+http+headers+security

These security headers are applied by default, but need to be adjusted per vertical. Primarily specifying which resource-type is allowed from what domain is required.

Example configuration to allow every type of resource from the Portal domain:

nuxt.config.ts

security: {
	headers: {
		contentSecurityPolicy: {
			'default-src': ['https://www.nederlandseloterij.nl'],
		},
	},
},

If you want to allow all resources from all domains, use the following example:

nuxt.config.ts

security: {
	headers: {
		contentSecurityPolicy: {
			'default-src': ['*'],
		},
	},
},

Note that these configurations are built-time only. If you want to have run-time configuration (such as limit which domains are allowed), use the NUXT_SECURITY_HEADERS_CONTENT_SECURITY_POLICY_DEFAULT_SRC environment variable with the specified format:

[\"https://my-allowed-website.nl\",\"\'unsafe-inline\'\",\"\'unsafe-eval\'\",\"wss:\"]

This format is basically a string-array in escaped json format. but the single-quotes around unsafe-inline and unsafe-eval are required.

Note: For now we haven't added per-resource exclusion from nuxt-common since that would introduce a lot of configuration in every website.

For more details, see the website of the library.