jagaapple / next-secure-headers

Sets secure response headers for Next.js.
MIT License
317 stars 13 forks source link

[Add] Support for Feature-Policy header #43

Closed guilhem-fry closed 3 years ago

guilhem-fry commented 3 years ago

New Features

Changes and Fixes

None

Refactors

None

Header options

Options are typed, which means all the directives will be suggested by IntelliSense. Configuration options are of the following structure:

const featurePolicyOptions = {
     directiveName: {
           none: boolean,
           all: boolean,
           self: boolean,
           origins: string[],
}

Example:

const featurePolicyOptions = {
    autoplay: {
        none: true,
    },
    camera: {
       self: true,
       origins: [
            "sub-domain1.com",
            "sub-domain2.com",
      ]
   }
}
codecov[bot] commented 3 years ago

Codecov Report

Merging #43 (689486f) into master (87f6129) will not change coverage. The diff coverage is 100.00%.

Impacted file tree graph

@@            Coverage Diff            @@
##            master       #43   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files           13        14    +1     
  Lines          208       234   +26     
  Branches        85        95   +10     
=========================================
+ Hits           208       234   +26     
Impacted Files Coverage Δ
src/index.ts 100.00% <ø> (ø)
src/rules/feature-policy.ts 100.00% <100.00%> (ø)
src/rules/index.ts 100.00% <100.00%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 87f6129...689486f. Read the comment docs.