dansmaculotte / nuxt-security Goto Github PK
View Code? Open in Web Editor NEWModule for Nuxt.js to configure security headers and more
License: MIT License
Module for Nuxt.js to configure security headers and more
License: MIT License
I saw the deprecation mark, but didn't find a reason for it. Could you explain? npm support cannot be contacted that easily.
I cannot find a similar package as https://www.npmjs.com/package/nuxt-security is for Nuxt 3 only as it seems.
If not could we mark this as the Nuxt 2 module? There is another module for Nuxt 3.
Just making sure. Thanks.
I started using PWA Workbox on my Nuxt project but I cannot get rid of the Content Security Policy for https://cdn.jsdelivr.net/npm/[email protected]/workbox/workbox-sw.js
It is correctly set in the scriptSrc
like this: 'cdn.jsdelivr.net'
but it seems to ignore it.
Am I missing something with this? Thanks
Hi, I just saw that the Feature Policy is now renamed to Permission Policy. When will this reflect in nuxt-security ? because in the configuration, it is still using the feature-policy and prompting a warning in the console. "error with feature-policy header unrecognized feature 'notifications'". Thank you
Thanks for this module! Its helped a lot.
Do you have any plans to add the cache-control header?
I set the nuxt.config.js
file with the following settings:
modules: [
'@nuxtjs/axios',
'@nuxtjs/pwa',
[
'@dansmaculotte/nuxt-security',
{
dev: false,
csp: {
directives: {
defaultSrc: ["'self'"],
scriptSrc: ["'self'"],
connectSrc: ["'self'"],
imgSrc: ["'self'"],
styleSrc: ["'self'"]
},
loose: false,
reportOnly: false,
setAllHeaders: false,
disableAndroid: false,
browserSniff: true
},
}
]
],
The CSP headers still load when I use the npm run dev
command.
How to make YouTube embed work with this module?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.