easily add CSP and other security headers to your web application.
Bot releases are visible (Hide)
Published by github-actions[bot] about 1 month ago
Published by github-actions[bot] about 1 month ago
9b7cc24: feat: filter out falsy values from csp
// before
createContentSecurityPolicy({
"connect-src": [undefined, "'self'", undefined].filter((x): x is string => !!x),
});
// => `"connect-src 'self'"`
// after
createContentSecurityPolicy({
"connect-src": [undefined, "'self'", null],
});
// => `"connect-src 'self'"`
9b7cc24: apply upgrade-insecure-requests
when using kebab case to set it
previously was only applying the upgrade-insecure-requests
directive when using camelCase (upgradeInsecureRequests)
Published by github-actions[bot] 7 months ago
c4b0b6a: allow using kebab case keys for csp
let secureHeaders = createSecureHeaders({
"Content-Security-Policy": {
"default-src": ["'self'"],
"img-src": ["'self'", "data:"],
},
});
1cee380: allow setting Content-Security-Policy-Report-Only
let secureHeaders = createSecureHeaders({
"Content-Security-Policy-Report-Only": {
"default-src": ["'self'"],
"img-src": ["'self'", "data:"],
},
});
Published by github-actions[bot] 9 months ago
Published by github-actions[bot] 10 months ago
Published by github-actions[bot] 10 months ago
strictTransportSecurity
in favor of renamed createStrictTransportSecurity
@remix-run/web-fetch
Published by github-actions[bot] 12 months ago
@mcansh/remix-secure-headers
Published by github-actions[bot] 12 months ago
b9372b6: chore: add support for more headers, add check to ensure we set them
may or may not have not actually been setting COEP, COOP, CORP, X-Content-Type-Options, X-DNS-Prefetch-Control headers 😬
Updated dependencies [b9372b6]
Published by github-actions[bot] 12 months ago
b9372b6: chore: add support for more headers, add check to ensure we set them
may or may not have not actually been setting COEP, COOP, CORP, X-Content-Type-Options, X-DNS-Prefetch-Control headers 😬
Published by github-actions[bot] about 1 year ago
7d28c52: rename repo, publish with provenance
rename github repo, add repository property to package's package.json
publish with npm provenance
update example in README
Updated dependencies [7d28c52]
Published by github-actions[bot] about 1 year ago
7d28c52: rename repo, publish with provenance
rename github repo, add repository property to package's package.json
publish with npm provenance
update example in README
Published by github-actions[bot] about 1 year ago
Published by github-actions[bot] about 1 year ago
Published by github-actions[bot] over 1 year ago
c54871b: feat: add support for X-XSS-Protection
x-ref: https://github.com/mcansh/remix-secure-headers/commit/3550e1142f32eb36cf5ba5eff1e42dbd1fbabcf1
c54871b: chore: update X-Frame-Options description so <frame>
, <iframe>
, <embed>
and <object>
are properly rendered
x-ref: https://github.com/mcansh/remix-secure-headers/commit/5d6e5a0453dede0e067253b41dba76c318acbb71
Published by mcansh over 1 year ago
Full Changelog: https://github.com/mcansh/remix-secure-headers/compare/0.7.0...v0.7.1
Published by mcansh over 1 year ago
Published by mcansh over 2 years ago
Full Changelog: https://github.com/mcansh/remix-secure-headers/compare/0.6.1...0.6.2
Published by mcansh over 2 years ago
Published by mcansh over 2 years ago
Full Changelog: https://github.com/mcansh/remix-secure-headers/compare/0.5.0...0.6.0
Published by mcansh over 2 years ago
Full Changelog: https://github.com/mcansh/remix-secure-headers/compare/0.4.0...0.5.0