Adds a new security header for Content-Security-Policy.

luckyframework / lucky

A full-featured Crystal web framework that catches bugs for you, runs incredibly fast, and helps you write code that lasts.

https://luckyframework.org

MIT License

2.59k stars 156 forks source link

Closed jwoertink closed 2 years ago

jwoertink commented 2 years ago

Fixes #1664

This PR adds a new Security module to set the Content-Security-Policy header.

/cc. @bararchy

[x] - An issue already exists detailing the issue/or feature request that this PR fixes
[x] - All specs are formatted with crystal tool format spec src
[x] - Inline documentation has been added and/or updated
[x] - Lucky builds on docker with ./script/setup
[x] - All builds and specs pass on docker with ./script/test

jwoertink commented 2 years ago

hmmm :thinking: Part of me feels like this could be added by users individually since we've never had it before... but I also kind of feel like we could add it and it would fix https://github.com/crystal-loot/exception_page/issues/17 ? maybe also related https://github.com/luckyframework/lucky/issues/1324