kindspells astro-shield issues

kindspells / astro-shield

Astro integration to enhance your website's security with SubResource Integrity hashes, Content-Security-Policy headers, and other techniques.

https://astro-shield.kindspells.dev

MIT License

58 stars 6 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Support CSP headers generation for static content on Cloudflare

#63 castarco opened 8 months ago
1
chore: optimise docs site local build

#62 castarco closed 8 months ago
0
docs: enable sri in docs site

#61 castarco closed 8 months ago
0
fix: vite warning

#60 castarco closed 8 months ago
1
fix: do not trust integrity attribute when undeserved

#59 castarco closed 8 months ago
1
fix: ensure that allowed scripts are in hashes module

#58 castarco closed 8 months ago
0
document corner case where cross-origin resources are statically imported instead of just included

#57 castarco closed 1 month ago
1
allow-listed resources are not always added to the "hashes module"

#56 castarco closed 8 months ago
0
avoid setting `crossorigin="anonymous"` twice

#55 castarco closed 2 months ago
0
Add 'self' to CSP script-src directive only when strictly necessary

#54 castarco opened 8 months ago
0
docs: create starlight docs site

#53 castarco closed 8 months ago
1
Allow deleting script/style/link elements when they cannot be marked with the `integrity` attribute

#52 castarco closed 8 months ago
1
Implement `sriHashesStrategy` for `CSPOptions`

#51 castarco opened 8 months ago
0
Setup monorepo

#50 castarco closed 8 months ago
3
refactor: create pnpm workspace

#49 castarco closed 8 months ago
1
docs: fix spacing problems in README

#48 castarco closed 8 months ago
0
docs: create a documentation site

#47 castarco closed 8 months ago
1
refactor: port to TypeScript

#46 castarco closed 2 months ago
1
security: fix for major vulnerabilities

#45 castarco closed 8 months ago
3
docs: fix info box

#44 castarco closed 8 months ago
0
feat: support for CSP headers on SSR mode

#43 castarco closed 8 months ago
1
test: minor test improvements

#42 castarco closed 8 months ago
1
docs: gh sponsors

#41 castarco closed 8 months ago
0
feat: create provisional hashes module

#40 castarco closed 8 months ago
3
chore: minor corrections

#39 castarco closed 8 months ago
1
feat: allow optional CSP headers injection for dynamic pages

#38 castarco closed 8 months ago
1
devex: avoid the need for building twice when the only static resources are the ones from /public/

#37 castarco closed 8 months ago
0
feat: optional mitigation for frontend prototype pollution

#36 castarco opened 8 months ago
0
fix: show warn msg when manual workaround needed

#35 castarco closed 8 months ago
1
test: improve e2e coverage

#34 castarco closed 8 months ago
1
ci: re-enable e2e tests in ci

#33 castarco closed 8 months ago
0
perf: improve static builds cache

#32 castarco closed 8 months ago
0
docs: add Socket badge

#31 castarco closed 8 months ago
0
fix: release scripts

#30 castarco closed 8 months ago
1
feat!: big refactor, tests & features

#29 castarco closed 8 months ago
1
feat: optional mitigation for backend prototype pollution

#28 castarco opened 9 months ago
0
docs: fix astro-shield refs

#27 castarco closed 9 months ago
0
ci: set --access public for pnpm publish

#26 castarco closed 9 months ago
0
feat!: per-page sri hashes

#25 castarco closed 9 months ago
1
perf: cache cross-origin scripts (or their hashes) for sri computation

#24 castarco closed 8 months ago
1
meta-issue: middleware support

#23 castarco closed 8 months ago
1
feat: generate per-page SRI metadata

#22 castarco closed 9 months ago
0
feat: allow marking some cross-origin scripts as dynamic

#21 castarco closed 8 months ago
1
test: increase tests coverage

#20 castarco closed 9 months ago
0
ci: configure codecov

#19 castarco closed 9 months ago
0
docs: add spdx license annotations

#18 castarco closed 9 months ago
0
fix: add missing install step in release workflow

#17 castarco closed 9 months ago
0
ci: workaround to allow pnpm publish from tag

#16 castarco closed 9 months ago
0
security: configure ci/cd builds & provenance

#15 castarco closed 9 months ago
0
feat: set crossorigin="anonymous" when possible

#14 castarco closed 9 months ago
0

Previous Next