issues
search
kindspells
/
astro-shield
Astro integration to enhance your website's security with SubResource Integrity hashes, Content-Security-Policy headers, and other techniques.
https://astro-shield.kindspells.dev
MIT License
38
stars
0
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Allow List Not Working
#86
elevationathletics
opened
3 weeks ago
0
generateSRIHashesModule function generates invalid strings on windows
#84
felixcicatt
opened
2 months ago
0
Documentation on using CSP for statically generated sites
#83
SeanPollock
opened
2 months ago
1
Relative protocol notation not supported
#82
cedmax
opened
2 months ago
0
Compatibility with @playform/compress
#81
thwonghin
opened
3 months ago
0
Unable to obtain SRI hash for local resource
#80
mvantschip
opened
4 months ago
0
fix: csp headers generation
#79
castarco
closed
4 months ago
3
chore: upgrade deps
#78
castarco
closed
4 months ago
2
simplify CSP directive generation
#76
danielszuk
closed
4 months ago
4
chore: upgrade pnpm
#75
castarco
closed
4 months ago
0
docs: add missing license headers
#74
castarco
closed
4 months ago
0
security: limit postinstall scripts
#73
castarco
closed
4 months ago
0
ci: add OSSAR static analysis workflow
#72
castarco
closed
5 months ago
2
Fix code scanning alert - Polynomial regular expression used on uncontrolled data
#71
castarco
closed
5 months ago
1
Fix code scanning alert - Polynomial regular expression used on uncontrolled data
#70
castarco
closed
5 months ago
1
Fix code scanning alert - Bad HTML filtering regexp
#69
castarco
closed
5 months ago
1
fix: capture a wider range of malicious input
#68
castarco
closed
5 months ago
1
Add option in SSG for outputting SRI hashes as JSON
#67
Bwc9876
opened
5 months ago
2
Support CSP headers generation for static content on AWS via SST/Ion
#66
castarco
opened
5 months ago
0
Support CSP headers generation for static content on Netlify
#65
castarco
opened
5 months ago
0
Support CSP headers generation for static content on Vercel
#64
castarco
opened
5 months ago
0
Support CSP headers generation for static content on Cloudflare
#63
castarco
opened
5 months ago
0
chore: optimise docs site local build
#62
castarco
closed
5 months ago
0
docs: enable sri in docs site
#61
castarco
closed
5 months ago
0
fix: vite warning
#60
castarco
closed
5 months ago
1
fix: do not trust integrity attribute when undeserved
#59
castarco
closed
5 months ago
1
fix: ensure that allowed scripts are in hashes module
#58
castarco
closed
5 months ago
0
document corner case where cross-origin resources are statically imported instead of just included
#57
castarco
opened
5 months ago
0
allow-listed resources are not always added to the "hashes module"
#56
castarco
closed
5 months ago
0
avoid setting `crossorigin="anonymous"` twice
#55
castarco
opened
5 months ago
0
Add 'self' to CSP script-src directive only when strictly necessary
#54
castarco
opened
5 months ago
0
docs: create starlight docs site
#53
castarco
closed
5 months ago
1
Allow deleting script/style/link elements when they cannot be marked with the `integrity` attribute
#52
castarco
closed
5 months ago
1
Implement `sriHashesStrategy` for `CSPOptions`
#51
castarco
opened
5 months ago
0
Setup monorepo
#50
castarco
closed
5 months ago
3
refactor: create pnpm workspace
#49
castarco
closed
5 months ago
1
docs: fix spacing problems in README
#48
castarco
closed
5 months ago
0
docs: create a documentation site
#47
castarco
closed
5 months ago
1
refactor: port to TypeScript
#46
castarco
opened
5 months ago
0
security: fix for major vulnerabilities
#45
castarco
closed
5 months ago
3
docs: fix info box
#44
castarco
closed
5 months ago
0
feat: support for CSP headers on SSR mode
#43
castarco
closed
5 months ago
1
test: minor test improvements
#42
castarco
closed
5 months ago
1
docs: gh sponsors
#41
castarco
closed
5 months ago
0
feat: create provisional hashes module
#40
castarco
closed
5 months ago
3
chore: minor corrections
#39
castarco
closed
5 months ago
1
feat: allow optional CSP headers injection for dynamic pages
#38
castarco
closed
5 months ago
1
devex: avoid the need for building twice when the only static resources are the ones from /public/
#37
castarco
closed
5 months ago
0
feat: optional mitigation for frontend prototype pollution
#36
castarco
opened
5 months ago
0
fix: show warn msg when manual workaround needed
#35
castarco
closed
5 months ago
1
Next