Astro integration to enhance your website's security with SubResource Integrity hashes, Content-Security-Policy headers, and other techniques.
MIT License
Full Changelog: https://github.com/kindspells/astro-shield/compare/1.3.5...1.3.6
Published by castarco 7 months ago
Full Changelog: https://github.com/kindspells/astro-shield/compare/1.3.4...1.3.5
Published by castarco 7 months ago
Full Changelog: https://github.com/kindspells/astro-shield/compare/1.3.3...1.3.4
Published by castarco 7 months ago
Full Changelog: https://github.com/kindspells/astro-shield/compare/1.3.2...1.3.3
Published by castarco 7 months ago
Full Changelog: https://github.com/kindspells/astro-shield/compare/1.3.1...1.3.2
Published by castarco 7 months ago
README.md
file to https://astro-shield.kindspells.dev
Full Changelog: https://github.com/kindspells/astro-shield/compare/1.3.0...1.3.1
Published by castarco 7 months ago
If you were using Astro-Shield 1.2.0, it is quite relevant to upgrade to this new 1.3.0 version.
In this release we introduce many mitigations to some risks that were accidentally introduced in the past release with the new CSP headers generation for SSR content.
Full Changelog: https://github.com/KindSpells/astro-shield/compare/1.2.0...1.3.0
Published by castarco 7 months ago
Full Changelog: https://github.com/KindSpells/astro-shield/compare/1.1.0...1.2.0
Published by castarco 8 months ago
Full Changelog: https://github.com/KindSpells/astro-shield/compare/1.0.1...1.1.0
Published by castarco 8 months ago
Full Changelog: https://github.com/KindSpells/astro-shield/compare/1.0.0...1.0.1
Published by castarco 8 months ago
astro-shield
to install a middleware that adds SRI hashes to dynamically generated pages, and not just static pages as until today.astro-shield
has to perform when generating SRI hashes for cross-origin resources.Full Changelog: https://github.com/KindSpells/astro-shield/compare/0.5.1...1.0.0
Published by castarco 8 months ago
Full Changelog: https://github.com/KindSpells/astro-shield/compare/0.5.0...0.5.1
Published by castarco 8 months ago
@kindspells/astro-shield
@kindspells/astro-shield
Full Changelog: https://github.com/KindSpells/astro-shield/compare/0.4.2...0.5.0
Published by castarco 8 months ago
This release only improves how we release new versions of this package. From now on, all releases will be done from our Github Actions pipelines.
This will ensure that we are able to establish the provenance of that release, said in other words: this allows us to guarantee that the published package comes from a specific commit of this repository, without any alteration.
This guarantee is key for code supply chains security, and it will help with regulations and certifications compliance.
Full Changelog: https://github.com/KindSpells/astro-sri-csp/compare/0.4.1...0.4.2
Published by castarco 8 months ago
This release only improves how we release new versions of this package. From now on, all releases will be done from our Github Actions pipelines.
This will ensure that we are able to establish the provenance of that release, said in other words: this allows us to guarantee that the published package comes from a specific commit of this repository, without any alteration.
This guarantee is key for code supply chains security, and it will help with regulations and certifications compliance.
Full Changelog: https://github.com/KindSpells/astro-sri-csp/compare/0.4.1...0.4.2
Published by castarco 9 months ago
crossorigin="anonymous"
attribute for <script>
, <style>
, and <link rel="stylesheet">
elements when they refer to external cross-origin resources, to avoid credentials leaks.Published by castarco 9 months ago
<script>
matchers to cover more uncommon cases<style>
matchers to cover more uncommon cases<link rel="stylesheet">
matches to cover more uncommon casesPublished by castarco 9 months ago
Published by castarco 9 months ago
dist
path to the integration functionPublished by castarco 9 months ago