csp-by-app
Advanced tools
Comparing version 0.0.1 to 0.0.2
| { | ||
| "name": "csp-by-app", | ||
| "version": "0.0.1", | ||
| "version": "0.0.2", | ||
| "description": "Manage Certificate Security Policy (CSP) by specifying third party APIs by name", | ||
@@ -5,0 +5,0 @@ "main": "index.js", |
@@ -10,2 +10,4 @@ CSP By App significantly cuts down on CSP policy management by specifying common APIs by name. | ||
| var cspByApp = require('csp-by-app') | ||
| var basePolicy = { | ||
@@ -23,3 +25,3 @@ defaultSrc: [CSP_SELF], | ||
| var policy = simpleCSP(basePolicy, ['twitter', 'mixpanel', 'googleFonts', 'stripe', 'typekit', 'ractive']) | ||
| var policy = cspByApp(basePolicy, ['twitter', 'mixpanel', 'googleFonts', 'stripe', 'typekit', 'ractive']) | ||
@@ -26,0 +28,0 @@ Then use that policy with an existing node CSP implementation like [Helmet](https://www.npmjs.com/package/helmet) or [express-csp](https://github.com/yahoo/express-csp). |
New alerts
Deprecated
MaintenanceThe maintainer of the package marked it as deprecated. This could indicate that a single version should not be used, or that the package is no longer maintained and any new vulnerabilities will not be fixed.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.4%
9591
- Number of lines in readme file
- increased by2.35%
87
Worsened metrics
- Number of high maintenance alerts
- increased byInfinity%
1
No dependency changes