Demo of @next-safe/middleware
Easy Strict Content-Security-Policy for Next.js hybrid apps.
With stable root-level middleware of Next 12.2
https://demo-next-safe-middleware.vercel.app
A little demo project to showcase the usage and the hybrid strict-dynamic CSP support of the @next-safe/middleware package.
Strict-dynamic CSPs can't be evaluated with Next.js development builds. Serve a local production build with yarn build && yarn start to see the strict CSP in action.
Or deploy to Vercel to see how it behaves in their edge network.