Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
csp-header
Advanced tools
csp-header - npm Package Compare versions
Comparing version 5.0.0 to 5.1.0
@@ -8,2 +8,6 @@ export declare const ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION = "allow-downloads-without-user-activation"; | ||
| export declare const ALLOW_POPUPS = "allow-popups"; | ||
| export declare const ALLOW_POPUPS_TO_ESCAPE_SANDBOX = "allow-popups-to-escape-sandbox"; | ||
| /** | ||
| * @deprecated | ||
| */ | ||
| export declare const ALLOW_POPUPS_TO_ESACPE_SANDBOX = "allow-popups-to-escape-sandbox"; | ||
@@ -10,0 +14,0 @@ export declare const ALLOW_PRESENTATION = "allow-presentation"; |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.NO_REFERER = exports.INLINE = exports.HASHES = exports.EVAL = exports.UNSAFE_URL = exports.UNSAFE_INLINE = exports.UNSAFE_HASHES = exports.UNSAFE_EVAL = exports.STRICT_DYNAMIC = exports.SELF = exports.SCRIPT = exports.ORIGIN_WHEN_CROSS_ORIGIN = exports.ORIGIN = exports.NONE_WHEN_DOWNGRADE = exports.NONE = exports.NO_REFERRER = exports.DATA = exports.BLOB = exports.ALLOW_TOP_NAVIGATION_BY_USER_ACTIVATION = exports.ALLOW_TOP_NAVIGATION = exports.ALLOW_SCRIPTS = exports.ALLOW_STORAGE_ACCESS_BY_USER_ACTIVATION = exports.ALLOW_SAME_ORIGIN = exports.ALLOW_PRESENTATION = exports.ALLOW_POPUPS_TO_ESACPE_SANDBOX = exports.ALLOW_POPUPS = exports.ALLOW_POINTER_LOCK = exports.ALLOW_ORIENTATION_LOCK = exports.ALLOW_MODALS = exports.ALLOW_FORMS = exports.ALLOW_DUPLICATES = exports.ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION = void 0; | ||
| exports.NO_REFERER = exports.INLINE = exports.HASHES = exports.EVAL = exports.UNSAFE_URL = exports.UNSAFE_INLINE = exports.UNSAFE_HASHES = exports.UNSAFE_EVAL = exports.STRICT_DYNAMIC = exports.SELF = exports.SCRIPT = exports.ORIGIN_WHEN_CROSS_ORIGIN = exports.ORIGIN = exports.NONE_WHEN_DOWNGRADE = exports.NONE = exports.NO_REFERRER = exports.DATA = exports.BLOB = exports.ALLOW_TOP_NAVIGATION_BY_USER_ACTIVATION = exports.ALLOW_TOP_NAVIGATION = exports.ALLOW_SCRIPTS = exports.ALLOW_STORAGE_ACCESS_BY_USER_ACTIVATION = exports.ALLOW_SAME_ORIGIN = exports.ALLOW_PRESENTATION = exports.ALLOW_POPUPS_TO_ESACPE_SANDBOX = exports.ALLOW_POPUPS_TO_ESCAPE_SANDBOX = exports.ALLOW_POPUPS = exports.ALLOW_POINTER_LOCK = exports.ALLOW_ORIENTATION_LOCK = exports.ALLOW_MODALS = exports.ALLOW_FORMS = exports.ALLOW_DUPLICATES = exports.ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION = void 0; | ||
| exports.ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION = "allow-downloads-without-user-activation"; | ||
@@ -11,3 +11,7 @@ exports.ALLOW_DUPLICATES = "'allow-duplicates'"; | ||
| exports.ALLOW_POPUPS = "allow-popups"; | ||
| exports.ALLOW_POPUPS_TO_ESACPE_SANDBOX = "allow-popups-to-escape-sandbox"; | ||
| exports.ALLOW_POPUPS_TO_ESCAPE_SANDBOX = "allow-popups-to-escape-sandbox"; | ||
| /** | ||
| * @deprecated | ||
| */ | ||
| exports.ALLOW_POPUPS_TO_ESACPE_SANDBOX = exports.ALLOW_POPUPS_TO_ESCAPE_SANDBOX; | ||
| exports.ALLOW_PRESENTATION = "allow-presentation"; | ||
@@ -14,0 +18,0 @@ exports.ALLOW_SAME_ORIGIN = "allow-same-origin"; |
@@ -1,2 +0,2 @@ | ||
| import { ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION, ALLOW_DUPLICATES, ALLOW_FORMS, ALLOW_MODALS, ALLOW_ORIENTATION_LOCK, ALLOW_POINTER_LOCK, ALLOW_POPUPS, ALLOW_POPUPS_TO_ESACPE_SANDBOX, ALLOW_PRESENTATION, ALLOW_SAME_ORIGIN, ALLOW_STORAGE_ACCESS_BY_USER_ACTIVATION, ALLOW_SCRIPTS, ALLOW_TOP_NAVIGATION, ALLOW_TOP_NAVIGATION_BY_USER_ACTIVATION, NO_REFERRER, NONE, NONE_WHEN_DOWNGRADE, ORIGIN, ORIGIN_WHEN_CROSS_ORIGIN, SCRIPT, SELF, STRICT_DYNAMIC, UNSAFE_EVAL, UNSAFE_HASHES, UNSAFE_INLINE, UNSAFE_URL } from './constants/values'; | ||
| import { ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION, ALLOW_DUPLICATES, ALLOW_FORMS, ALLOW_MODALS, ALLOW_ORIENTATION_LOCK, ALLOW_POINTER_LOCK, ALLOW_POPUPS, ALLOW_POPUPS_TO_ESCAPE_SANDBOX, ALLOW_PRESENTATION, ALLOW_SAME_ORIGIN, ALLOW_STORAGE_ACCESS_BY_USER_ACTIVATION, ALLOW_SCRIPTS, ALLOW_TOP_NAVIGATION, ALLOW_TOP_NAVIGATION_BY_USER_ACTIVATION, NO_REFERRER, NONE, NONE_WHEN_DOWNGRADE, ORIGIN, ORIGIN_WHEN_CROSS_ORIGIN, SCRIPT, SELF, STRICT_DYNAMIC, UNSAFE_EVAL, UNSAFE_HASHES, UNSAFE_INLINE, UNSAFE_URL } from './constants/values'; | ||
| export interface CSPHeaderParams { | ||
@@ -25,3 +25,3 @@ directives?: Partial<CSPDirectives>; | ||
| declare type TNonce = `nonce-${string}`; | ||
| declare type THash = `sha-${string}`; | ||
| declare type THash = `sha${'256' | '384' | '512'}-${string}`; | ||
| declare type TMimeType = `${string}/${string}`; | ||
@@ -53,3 +53,3 @@ declare type TFetchDirective = TSource | TNonce | THash | typeof NONE | typeof SELF | typeof UNSAFE_EVAL | typeof UNSAFE_HASHES | typeof UNSAFE_INLINE; | ||
| 'require-trusted-types-for': typeof SCRIPT; | ||
| 'sandbox': (typeof ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION | typeof ALLOW_FORMS | typeof ALLOW_MODALS | typeof ALLOW_ORIENTATION_LOCK | typeof ALLOW_POINTER_LOCK | typeof ALLOW_POPUPS | typeof ALLOW_POPUPS_TO_ESACPE_SANDBOX | typeof ALLOW_PRESENTATION | typeof ALLOW_SAME_ORIGIN | typeof ALLOW_SCRIPTS | typeof ALLOW_STORAGE_ACCESS_BY_USER_ACTIVATION | typeof ALLOW_TOP_NAVIGATION | typeof ALLOW_TOP_NAVIGATION_BY_USER_ACTIVATION)[]; | ||
| 'sandbox': (typeof ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION | typeof ALLOW_FORMS | typeof ALLOW_MODALS | typeof ALLOW_ORIENTATION_LOCK | typeof ALLOW_POINTER_LOCK | typeof ALLOW_POPUPS | typeof ALLOW_POPUPS_TO_ESCAPE_SANDBOX | typeof ALLOW_PRESENTATION | typeof ALLOW_SAME_ORIGIN | typeof ALLOW_SCRIPTS | typeof ALLOW_STORAGE_ACCESS_BY_USER_ACTIVATION | typeof ALLOW_TOP_NAVIGATION | typeof ALLOW_TOP_NAVIGATION_BY_USER_ACTIVATION)[]; | ||
| 'script-src': (TFetchDirective | typeof STRICT_DYNAMIC)[]; | ||
@@ -56,0 +56,0 @@ 'script-src-attr': (TFetchDirective | typeof STRICT_DYNAMIC)[]; |
| { | ||
| "name": "csp-header", | ||
| "version": "5.0.0", | ||
| "version": "5.1.0", | ||
| "description": "Content-Security-Policy header generator", | ||
@@ -5,0 +5,0 @@ "main": "dist/index.js", |
@@ -8,3 +8,7 @@ export const ALLOW_DOWNLOADS_WITHOUT_USER_ACTIVATION = "allow-downloads-without-user-activation"; | ||
| export const ALLOW_POPUPS = "allow-popups"; | ||
| export const ALLOW_POPUPS_TO_ESACPE_SANDBOX = "allow-popups-to-escape-sandbox"; | ||
| export const ALLOW_POPUPS_TO_ESCAPE_SANDBOX = "allow-popups-to-escape-sandbox"; | ||
| /** | ||
| * @deprecated | ||
| */ | ||
| export const ALLOW_POPUPS_TO_ESACPE_SANDBOX = ALLOW_POPUPS_TO_ESCAPE_SANDBOX; | ||
| export const ALLOW_PRESENTATION = "allow-presentation"; | ||
@@ -11,0 +15,0 @@ export const ALLOW_SAME_ORIGIN = "allow-same-origin"; |
@@ -9,3 +9,3 @@ import { | ||
| ALLOW_POPUPS, | ||
| ALLOW_POPUPS_TO_ESACPE_SANDBOX, | ||
| ALLOW_POPUPS_TO_ESCAPE_SANDBOX, | ||
| ALLOW_PRESENTATION, | ||
@@ -52,3 +52,3 @@ ALLOW_SAME_ORIGIN, | ||
| type TNonce = `nonce-${string}`; | ||
| type THash = `sha-${string}`; | ||
| type THash = `sha${'256' | '384' | '512'}-${string}`; | ||
| type TMimeType = `${string}/${string}`; | ||
@@ -116,3 +116,3 @@ | ||
| typeof ALLOW_POPUPS | | ||
| typeof ALLOW_POPUPS_TO_ESACPE_SANDBOX | | ||
| typeof ALLOW_POPUPS_TO_ESCAPE_SANDBOX | | ||
| typeof ALLOW_PRESENTATION | | ||
@@ -119,0 +119,0 @@ typeof ALLOW_SAME_ORIGIN | |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.04%
43949
- Lines of code
- increased by1.26%
961
No dependency changes