		@@ -0,1 +1,2 @@
		'use strict';
		const allowedPolicies = [
		@@ -33,5 +34,5 @@ 'base-uri',
		*/
		function buildCSPString(policies, reportUri){
		function buildCSPString(policies, reportUri) {
		let cspString = Object.keys(policies).map(policyName => {
		if(policies[policyName] === true \|\| policies[policyName].length === 0){
		if (policies[policyName] === true \|\| policies[policyName].length === 0) {
		return policyName;
		@@ -42,3 +43,3 @@ }

		if(typeof reportUri === 'string'){
		if (typeof reportUri === 'string') {
		cspString += `; report-uri ${reportUri}`;
		@@ -50,5 +51,5 @@ }

		function csp(params){
		function csp(params) {
		// params should be an object
		if(typeof params !== 'object'){
		if (typeof params !== 'object') {
		return;
		@@ -67,4 +68,4 @@ }
		let policies = Object.keys(params.policies).reduce((policies, policyName) => {
		if(allowedPolicies.indexOf(policyName) > -1){
		if(params.policies[policyName] !== false){
		if (allowedPolicies.indexOf(policyName) > -1) {
		if (params.policies[policyName] !== false) {
		policies[policyName] = params.policies[policyName];
		@@ -107,5 +108,4 @@ }
		return presetName;
		} else {
		return `csp-preset-${presetName}`;
		}
		return `csp-preset-${presetName}`;
		}
		@@ -116,3 +116,3 @@
		return require(resolvePreset(presetName));
		} catch(err) {
		} catch (err) {
		throw new Error(`CSP preset ${presetName} is not found`);
		@@ -128,3 +128,3 @@ }
		*/
		function extendPolicies(original, extension){
		function extendPolicies(original, extension) {
		const extended = Object.assign(original);
		@@ -138,5 +138,5 @@
		extended[policyName] = extPolicy;
		} else if(Array.isArray(extPolicy) && extPolicy.length > 0 && Array.isArray(origPolicy)){
		} else if (Array.isArray(extPolicy) && extPolicy.length > 0 && Array.isArray(origPolicy)) {
		extPolicy.forEach(rule => {
		if(typeof rule === 'string' && origPolicy.indexOf(rule) === -1){
		if (typeof rule === 'string' && origPolicy.indexOf(rule) === -1) {
		extended[policyName].push(rule);
		@@ -158,3 +158,3 @@ }
		*/
		csp.nonce = function(nonceId){
		csp.nonce = function (nonceId) {
		return `'nonce-${nonceId}'`;
		@@ -170,2 +170,2 @@ };

		module.exports = csp;
		module.exports = csp;

package.json

		{
		"name": "csp-header",
		"version": "1.0.0",
		"version": "1.0.1",
		"description": "Content-Security-Policy header generator",
		@@ -5,0 +5,0 @@ "main": "index.js",

test/index.test.js

		@@ -19,4 +19,4 @@ import test from 'ava';
		policies: {
		'script-src': [ 'test.com', csp.SELF ],
		'foo-bar-src': [ 'foo', 'bar' ]
		'script-src': ['test.com', csp.SELF],
		'foo-bar-src': ['foo', 'bar']
		}
		@@ -31,6 +31,6 @@ });
		policies: {
		'script-src': [ csp.SELF ]
		'script-src': [csp.SELF]
		},
		'report-uri': 'https://test.com/cspreport'
		})
		});
		const expected = "script-src 'self'; report-uri https://test.com/cspreport;";
		@@ -85,6 +85,6 @@ t.is(actual, expected);
		policies: {
		'script-src': [ 'myhost.com' ]
		'script-src': ['myhost.com']
		},
		extend: {
		'script-src': [ 'additional.host.com' ]
		'script-src': ['additional.host.com']
		}
		@@ -99,6 +99,6 @@ });
		policies: {
		'script-src': [ 'myhost.com' ]
		'script-src': ['myhost.com']
		},
		extend: {
		'script-src': [ 'myhost.com' ]
		'script-src': ['myhost.com']
		}
		@@ -113,6 +113,6 @@ });
		policies: {
		'script-src': [ 'myhost.com' ]
		'script-src': ['myhost.com']
		},
		extend: {
		'style-src': [ 'newhost.com' ]
		'style-src': ['newhost.com']
		}
		@@ -126,3 +126,3 @@ });
		const actual = csp.nonce('vg3eer#E4gEbw34gwq3fgqGQWBWQh');
		const expected = "'nonce-vg3eer#E4gEbw34gwq3fgqGQWBWQh'"
		const expected = "'nonce-vg3eer#E4gEbw34gwq3fgqGQWBWQh'";
		t.is(actual, expected);
		@@ -136,2 +136,2 @@ });
		t.is(csp.NONE, "'none'");
		});
		});

csp-header - npm Package Compare versions

Fixed alerts

Improved metrics