Skip to content

Releases: mdarrik/netlify-plugin-csp-headers

Fix: Removes Quotes from CSP header urls

04 Aug 06:22
@mdarrik mdarrik
v0.0.1.alpha.08
622678d
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Fix: Removes Quotes from CSP header urls Pre-release
Pre-release

Removes quotes around urls in the CSP rules. Quoted urls don't work.

Loading

Add Option for CloudFront urls

03 Aug 20:17
@mdarrik mdarrik
v0.0.1.alpha.07
c52891e
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Add Option for CloudFront urls Pre-release
Pre-release

Adds options for supporting Cloudfront urls as a default src. These are generated by Netlify's Optimization steps.

Loading

Add Report URL Input

03 Aug 01:40
@mdarrik mdarrik
v0.0.1.alpha.06
9c4028b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Add Report URL Input Pre-release
Pre-release

Adds support for sending CSP Reports based on either an input or an environment variable.

Loading

Add Option for "Unsafe-Inline" Script tags.

01 Aug 20:11
@mdarrik mdarrik
v0.0.1.alpha.05
1786975
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Add Option for "Unsafe-Inline" Script tags. Pre-release
Pre-release

Adds configuration options for unsafe-inline script tags. This should help get around the problems created by Netlify optimizing fonts and other assets, even if only "pretty urls" is turned on.

Loading

Feat: Adds "strict-dynamic" CSP header to scripts.

18 Jul 07:00
@mdarrik mdarrik
v0.0.1.alpha.04
1bc96b8
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Feat: Adds "strict-dynamic" CSP header to scripts. Pre-release
Pre-release 
v0.0.1.alpha.04

bumps version to alpha.04
Loading

Fix: Fixes non-dynamic sources by adding quotes

18 Jul 04:47
@mdarrik mdarrik
v0.0.1.alpha.03
e0320f0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
Fix: Fixes non-dynamic sources by adding quotes Pre-release
Pre-release

The fallback sources were broken in the last release. This fixes them.

e.g. default-src self was fixed to default-src 'self'

Loading

fix: uses base64 instead of hex

18 Jul 03:20
@mdarrik mdarrik
v0.0.1.alpha.02
8d2f3d4

Choose a tag to compare

View all tags
fix: uses base64 instead of hex Pre-release
Pre-release

Fixes the encoding for the hashes. Use base64 instead of hex.

Loading

Add Quotes to CSP Values

18 Jul 00:16
@mdarrik mdarrik
v0.0.1.alpha.01
55bb0de

Choose a tag to compare

View all tags
Add Quotes to CSP Values Pre-release
Pre-release

Adds quotes to CSP Values.

Loading