Baroshem · Baroshem · Jan 17, 2024 · Jan 17, 2024 · Jan 17, 2024
diff --git a/src/module.ts b/src/module.ts
@@ -312,13 +312,16 @@ function registerSecurityNitroPlugins(nuxt: Nuxt, securityOptions: ModuleOptions
     )
 
     // Register nitro plugin to enable CSP Headers presets for SSG
+    // TEMPORARILY DISABLED AS NUXT 3.9.3 PREVENTS IMPORTING @NUXT/KIT IN NITRO PLUGINS
+    /*
     config.plugins.push(
       normalize(
         fileURLToPath(
           new URL('./runtime/nitro/plugins/05-cspSsgPresets', import.meta.url)
         )
       )
     )
+    */
 
     // Nitro plugin to enable CSP Nonce for SSR
     config.plugins.push(

diff --git a/test/perRoute.test.ts b/test/perRoute.test.ts
@@ -832,10 +832,13 @@ describe('[nuxt-security] Per-route Configuration', async () => {
 
   it('does not inject CSP hashes on a deeply-disabled route', async () => {
     const res = await fetch('/csp-hash/deep/disabled')
+    // DISABLING THIS PART OF THE TEST AFTER PATCH #348 THAT REMOVES CSP SSG PRESETS
+    /*
     const cspHeaderValue = res.headers.get('content-security-policy')
     expect(cspHeaderValue).toBeDefined()
     const headerHashes = cspHeaderValue!.match(/'sha256-(.*?)'/)
     expect(headerHashes).toBeNull()
+    */
 
     const text = await res.text()
     const head = text.match(/<head>(.*?)<\/head>/s)?.[1]
@@ -849,10 +852,13 @@ describe('[nuxt-security] Per-route Configuration', async () => {
 
   it('injects CSP hashes on a deeply-enabled route', async () => {
     const res = await fetch('/csp-hash/deep/enabled')
+    // DISABLING THIS PART OF THE TEST AFTER PATCH #348 THAT REMOVES CSP SSG PRESETS
+    /*
     const cspHeaderValue = res.headers.get('content-security-policy')
     expect(cspHeaderValue).toBeDefined()
     const headerHashes = cspHeaderValue!.match(/'sha256-(.*?)'/)
     expect(headerHashes).toHaveLength(2)
+    */
 
     const text = await res.text()
     const head = text.match(/<head>(.*?)<\/head>/s)?.[1]