import { session } from 'electron';
import { injectable } from 'inversify';
import { isDev } from '../../core/dev';
import { ISession } from './i-session';

@injectable()
export class Session implements ISession {
  public setHeaders(): void {
    // these headers only work on web requests, file:// protocol is handled via meta tags in the html
    session.defaultSession.webRequest.onHeadersReceived((details, callback) => {
      callback({
        responseHeaders: {
          ...details.responseHeaders,
          'Content-Security-Policy': isDev()
            ? [
                'default-src devtools:;' +
                  "script-src 'unsafe-eval';" +
                  "script-src-elem devtools: 'sha256-hl04hLzKBpmsfWF2wIA/0Vs6ZNV5T9ZNFY//3uXrgSk=';" +
                  "style-src devtools: 'unsafe-inline';" +
                  'connect-src devtools: data:',
              ]
            : ["default-src 'none'"],
        },
      });
    });
  }
}