Enable cleartext HTTP in release APK, add network security config, and set connect-src CSP. Add CORS on Worker API for cross-origin fetches from packaged apps. Co-authored-by: Cursor <cursoragent@cursor.com>
48 lines
1.3 KiB
JSON
48 lines
1.3 KiB
JSON
{
|
|
"$schema": "https://schema.tauri.app/config/2",
|
|
"productName": "Web2App",
|
|
"mainBinaryName": "Web2App",
|
|
"version": "1.0.0",
|
|
"identifier": "com.web2app.app",
|
|
"build": {
|
|
"beforeDevCommand": "",
|
|
"beforeBuildCommand": "",
|
|
"frontendDist": "../dist"
|
|
},
|
|
"app": {
|
|
"withGlobalTauri": true,
|
|
"windows": [
|
|
{
|
|
"label": "main",
|
|
"title": "Web2App",
|
|
"width": 1024,
|
|
"height": 768,
|
|
"resizable": true
|
|
}
|
|
],
|
|
"security": {
|
|
"csp": {
|
|
"default-src": "'self' asset: tauri: https: http: data: blob: file:",
|
|
"connect-src": "'self' asset: tauri: https: http: ws: wss: data: blob: file:",
|
|
"img-src": "'self' asset: tauri: https: http: data: blob: file:",
|
|
"media-src": "'self' asset: tauri: https: http: data: blob: file:",
|
|
"style-src": "'self' 'unsafe-inline' asset: tauri: https: http:",
|
|
"script-src": "'self' 'unsafe-inline' 'unsafe-eval' asset: tauri: https: http:",
|
|
"frame-src": "'self' asset: tauri: https: http: data: blob:",
|
|
"worker-src": "'self' blob: data:"
|
|
}
|
|
}
|
|
},
|
|
"bundle": {
|
|
"active": true,
|
|
"targets": ["nsis"],
|
|
"icon": [
|
|
"icons/32x32.png",
|
|
"icons/128x128.png",
|
|
"icons/128x128@2x.png",
|
|
"icons/icon.icns",
|
|
"icons/icon.ico"
|
|
]
|
|
}
|
|
}
|