@forge/csp
Advanced tools
@forge/csp - npm Package Compare versions
Comparing version 0.1.1 to 0.1.2-next.0
| # @forge/csp | ||
| ## 0.1.2-next.0 | ||
| ### Patch Changes | ||
| - 1b3bfe1: Add local tunnel Custom UI CSP reported server | ||
| ## 0.1.1 | ||
@@ -4,0 +10,0 @@ |
@@ -6,4 +6,4 @@ import type { LambdaEnvironment } from '@forge/cli-shared'; | ||
| private getForgeGlobalCSP; | ||
| getInjectableCSP: (existingCspDetails: CSPDetails, env: LambdaEnvironment) => string[]; | ||
| getInjectableCSP: (existingCspDetails: CSPDetails, env: LambdaEnvironment, tunnelCspReporterUri?: string | undefined) => string[]; | ||
| } | ||
| //# sourceMappingURL=csp-injection-service.d.ts.map |
@@ -12,4 +12,4 @@ "use strict"; | ||
| constructor() { | ||
| this.getInjectableCSP = (existingCspDetails, env) => { | ||
| const reportUri = this.getCSPReportUri(env); | ||
| this.getInjectableCSP = (existingCspDetails, env, tunnelCspReporterUri) => { | ||
| const reportUri = this.getCSPReportUri(env, tunnelCspReporterUri); | ||
| const defaultSrc = `'self'`; | ||
@@ -32,3 +32,5 @@ const imgSrc = ["'self'", 'data:', 'blob:', gravatarUrl, ...avatarCdnHosts[env]].join(' '); | ||
| } | ||
| getCSPReportUri(env) { | ||
| getCSPReportUri(env, tunnelCspReporterUri) { | ||
| if (tunnelCspReporterUri) | ||
| return tunnelCspReporterUri; | ||
| if (env === 'prod') | ||
@@ -35,0 +37,0 @@ return 'https://web-security-reports.services.atlassian.com/csp-report/forge-cdn'; |
| { | ||
| "name": "@forge/csp", | ||
| "version": "0.1.1", | ||
| "version": "0.1.2-next.0", | ||
| "description": "Contains the CSP configuration for Custom UI resources in Forge", | ||
@@ -14,3 +14,3 @@ "main": "out/index.js", | ||
| "devDependencies": { | ||
| "@forge/cli-shared": "^0.14.0", | ||
| "@forge/cli-shared": "^0.15.0-next.3", | ||
| "@types/jest": "^26.0.0" | ||
@@ -17,0 +17,0 @@ }, |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3.79%
8043
- Lines of code
- increased by1.56%
130