dansmaculotte / nuxt-security Goto Github PK
View Code? Open in Web Editor NEWModule for Nuxt.js to configure security headers and more
License: MIT License
nuxt-security's Issues
Deprecated, why?
I saw the deprecation mark, but didn't find a reason for it. Could you explain? npm support cannot be contacted that easily.
I cannot find a similar package as https://www.npmjs.com/package/nuxt-security is for Nuxt 3 only as it seems.
Will this work on Nuxt 3?
If not could we mark this as the Nuxt 2 module? There is another module for Nuxt 3.
Just making sure. Thanks.
Workbox constantly blocked
I started using PWA Workbox on my Nuxt project but I cannot get rid of the Content Security Policy for https://cdn.jsdelivr.net/npm/[email protected]/workbox/workbox-sw.js
It is correctly set in the scriptSrc like this: 'cdn.jsdelivr.net' but it seems to ignore it.
Am I missing something with this? Thanks
-
Feature Policy to Permission Policy
Hi, I just saw that the Feature Policy is now renamed to Permission Policy. When will this reflect in nuxt-security ? because in the configuration, it is still using the feature-policy and prompting a warning in the console. "error with feature-policy header unrecognized feature 'notifications'". Thank you
Add cache-control header
Thanks for this module! Its helped a lot.
Do you have any plans to add the cache-control header?
The module still runs when dev is set to false.
I set the nuxt.config.js file with the following settings:
modules: [
'@nuxtjs/axios',
'@nuxtjs/pwa',
[
'@dansmaculotte/nuxt-security',
{
dev: false,
csp: {
directives: {
defaultSrc: ["'self'"],
scriptSrc: ["'self'"],
connectSrc: ["'self'"],
imgSrc: ["'self'"],
styleSrc: ["'self'"]
},
loose: false,
reportOnly: false,
setAllHeaders: false,
disableAndroid: false,
browserSniff: true
},
}
]
],The CSP headers still load when I use the npm run dev command.
YouTube embed
How to make YouTube embed work with this module?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.