/** @type {import('next').NextConfig} */
const nextConfig = {
  images: {
    remotePatterns: [
      { protocol: 'https', hostname: 'images.pexels.com' },
      { protocol: 'https', hostname: 'images.unsplash.com' },
      // Supabase storage — user-uploaded images via the Replace Image chip
      { protocol: 'https', hostname: '**.supabase.co' },
      // Medusa product images served from local dev backend
      { protocol: 'http', hostname: 'localhost' },
      { protocol: 'https', hostname: 'localhost' },
    ],
  },
  // Silence Next.js 14+ cross-origin warning when the preview iframe is served
  // from sandbox.vulai.co.za but /_next/* assets are fetched from the same origin.
  allowedDevOrigins: ['sandbox.vulai.co.za', 'localhost:3100', '*.vulai.co.za'],
  // Allow Vula IDE to embed this preview in an iframe.
  async headers() {
    return [
      {
        source: '/(.*)',
        headers: [{ key: 'X-Frame-Options', value: 'ALLOWALL' }],
      },
    ]
  },
}

module.exports = nextConfig