fix: Add html config for production

Automatically upgrade insecure requests

package.json

@@ -85,6 +85,7 @@
     "ts-jest": "^29.0.3",
     "typescript": "^4.6.4",
     "vite": "^3.1.0",
+    "vite-plugin-html-config": "^1.0.11",
     "vite-plugin-svgr": "^2.4.0"
   },
   "browserslist": [

vite.config.ts

@@ -1,5 +1,6 @@
 import * as path from "path"
 import {defineConfig} from "vite"
+import htmlPlugin from "vite-plugin-html-config"
 import viteSvgr from "vite-plugin-svgr"
 
 import {viteCommonjs} from "@originjs/vite-plugin-commonjs"
@@ -7,7 +8,19 @@ import react from "@vitejs/plugin-react"
 
 // https://vitejs.dev/config/
 export default defineConfig({
-	plugins: [viteCommonjs(), react(), viteSvgr()],
+	plugins: [
+		viteCommonjs(),
+		react(),
+		viteSvgr(),
+		htmlPlugin({
+			metas: [
+				{
+					"http-equiv": "Content-Security-Policy",
+					content: "upgrade-insecure-requests",
+				},
+			],
+		}),
+	],
 	resolve: {
 		alias: {
 			"~": path.resolve(__dirname, "src"),

yarn.lock

@@ -5412,6 +5412,11 @@ v8-to-istanbul@^9.0.1:
     "@types/istanbul-lib-coverage" "^2.0.1"
     convert-source-map "^1.6.0"
 
+vite-plugin-html-config@^1.0.11:
+  version "1.0.11"
+  resolved "https://registry.npmjs.org/vite-plugin-html-config/-/vite-plugin-html-config-1.0.11.tgz#7018fb41d17ced527d79f76361e9a9cf587f80bc"
+  integrity sha512-hUybhgI+/LQQ5q6xoMMsTvI4PBuQD/Wv6Z1vtDPVWjanS8weCIexXuLLYNGD/93f0v8W2hpNfXpmxgpZMahJ0g==
+
 vite-plugin-svgr@^2.4.0:
   version "2.4.0"
   resolved "https://registry.npmjs.org/vite-plugin-svgr/-/vite-plugin-svgr-2.4.0.tgz#9b14953955e79893ea7718089b9777a494e38fc6"