csp-by-app
Advanced tools
Comparing version 0.0.1 to 0.0.2
{ | ||
"name": "csp-by-app", | ||
"version": "0.0.1", | ||
"version": "0.0.2", | ||
"description": "Manage Certificate Security Policy (CSP) by specifying third party APIs by name", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -10,2 +10,4 @@ CSP By App significantly cuts down on CSP policy management by specifying common APIs by name. | ||
var cspByApp = require('csp-by-app') | ||
var basePolicy = { | ||
@@ -23,3 +25,3 @@ defaultSrc: [CSP_SELF], | ||
var policy = simpleCSP(basePolicy, ['twitter', 'mixpanel', 'googleFonts', 'stripe', 'typekit', 'ractive']) | ||
var policy = cspByApp(basePolicy, ['twitter', 'mixpanel', 'googleFonts', 'stripe', 'typekit', 'ractive']) | ||
@@ -26,0 +28,0 @@ Then use that policy with an existing node CSP implementation like [Helmet](https://www.npmjs.com/package/helmet) or [express-csp](https://github.com/yahoo/express-csp). |
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
9591
87
1