search

trezy / next-safe

https://trezy.gitbook.io/next-safe/
BSD 3-Clause "New" or "Revised" License
167 stars 20 forks source link

Google location permission does not enable, could not able to fetch even google map #54

Open codealongwith opened 9 months ago

codealongwith commented 9 months ago

Describe the bug

Hello Team / Everyone,

I am facing an issue after I incorporated next-safe code script in next.config js

Objective is -> post image & files to aws s3, fetch image & files from aws s3, using googles geocode api, geolocation api, directions api, showing google maps in frontend, using redis , using mongodb getting all issues in production website @ aws EC2

issues -> location permission auto disabled though location is working fine. All geocode , geolocation related functions are giving error and navigator.geolocation.getCurrentPosition does not provide correct latitude and longitude

Code as below

const nextSafe = require('next-safe')

const isDev = process.env.NODE_ENV !== 'production'

async headers() { return [ { source: '/(.)', headers: nextSafe({ contentTypeOptions: "nosniff", contentSecurityPolicy: { "base-uri": "'none'", "child-src": "'none'", "connect-src": ["'self'","googleapis.com","google.com","gstatic.com","webpack://"], "default-src": "'self'", "font-src": ["'self'","fonts.gstatic.com"], "form-action": "'self'", "frame-ancestors": "'none'", "frame-src": "'none'", "img-src": ["'self'","amazonaws.com","cloudinary.com", "googleapis.com","gstatic.com","google.com","googleusercontent.com"], "manifest-src": "'self'", "media-src": ["'self'","amazonaws.com"], "object-src": "'none'", "prefetch-src": "'self'", "script-src": ["'self'","unsafe-eval","googleapis.com","gstatic.com","google.com","ggpht.com","googleusercontent.com"], "style-src": ["'self'","fonts.googleapis.com","'unsafe-inline'"], "worker-src": "'self'", mergeDefaultDirectives: false, reportOnly: false, }, frameOptions: "DENY", permissionsPolicy: {}, permissionsPolicyDirectiveSupport: ["proposed", "standard","experimental","legacy"], isDev: false, referrerPolicy: "no-referrer", xssProtection: "1; mode=block",

   })

},

Steps To Reproduce

  1. Create new Next.js app
  2. Setup next-safe: 
    code example
  3. Start app
  4. See error

Version

v3.x.x

Relevant log output

log output-> Finally tried to find errors in local console after turning isDev to true.

API resolved without sending a response for /api/geocoding/geo-location?lat=&lon=, this may result in stalled requests.
OperationalError: Status is INVALID_REQUEST. Invalid request. Invalid 'latlng' parameter.
    at D:\Projects\cyain\node_modules\node-geocoder\lib\geocoder\googlegeocoder.js:325:11
From previous event:
    at Geocoder.<anonymous> (D:\cyain\slchain\node_modules\node-geocoder\lib\geocoder.js:46:23)
    at process.processImmediate (node:internal/timers:476:21)
From previous event:

Code of Conduct

sambauers commented 6 months ago

This looks like a problem with your implementation of the Google library you are using.

Invalid request. Invalid 'latlng' parameter.