1.2.6 • Published 10 months ago
koa-csp v1.2.6
This is a koa2 middleware used to set response header Content-Security-Policy
.
Usage
import Koa from 'koa';
import csp from 'koa-csp';
const app = new Koa();
app.use(csp());
// It is equivalent to
app.use(csp({
enableWarn: true,
policy: { 'default-src': ['self'] },
}));
// Add you can add more policy
app.use(csp({
enableWarn: true,
policy: {
'img-src': ['self', 'img.example.com'],
'script-src': ['script.example.com', '*.script.example.com'],
},
}));
// some key words will be auto add single quotes
app.use(csp({
policy: {
'default-src': ['self', 'none', 'unsafe-inline', 'unsafe-eval', 'example.com'],
// you can alse add single quotes manually
'img-src': ["'self'"],
},
}));
// OUTPUT: Content-Security-Policy: default-src 'self' 'none' 'unsafe-inline' 'unsafe-eval' example.com; img-src 'self'
// CamelCase Support
app.use(csp({
policy: {
defaultSrc: ['self', 'none', 'unsafe-inline', 'unsafe-eval', 'example.com'],
// you can alse add single quotes manually
imgSrc: ["'self'"],
},
}));
// OUTPUT: Content-Security-Policy: default-src 'self' 'none' 'unsafe-inline' 'unsafe-eval' example.com; img-src 'self'
Contributing & Development
If there is any doubt, it is very welcome to discuss the issue together. Please read Contributor Covenant Code of Conduct and CONTRIBUTING.
1.2.6
10 months ago
1.2.4
10 months ago
1.2.3
1 year ago
1.2.2
1 year ago
1.2.1
2 years ago
1.2.0
3 years ago
1.1.1
4 years ago
1.1.0
6 years ago
1.0.14
7 years ago
1.0.13
7 years ago
1.0.12
7 years ago
1.0.11
8 years ago
1.0.10
8 years ago
1.0.9
8 years ago
1.0.8
8 years ago
1.0.7
8 years ago
1.0.6
8 years ago
1.0.5
8 years ago
1.0.4
8 years ago
1.0.3
8 years ago
1.0.2
8 years ago
1.0.1
8 years ago