Closed dungsil closed 1 month ago
vercel[bot]
commented
2 months ago The latest updates on your projects. Learn more about Vercel for Git ↗︎
| Name | Status | Preview | Comments | Updated (UTC) |
|---|---|---|---|---|
| nuxt-security | ✅ Ready (Inspect) | Visit Preview | 💬 Add feedback | Sep 30, 2024 10:31am |
Baroshem
commented
1 month ago Hey @dungsil
Thanks for this PR. @vejja do you think we could change that to allow DevTools to work in Strict? DevTools will work only in development so the code proposed by @dungsil shouldn't affect the production env in any way.
dungsil
commented
1 month ago For strict mode, I think it might be a good idea to provide documentation the same as v1.0. Like adding this to the Advanced > Strict CSP document:
vejja
commented
1 month ago Hi
Yes this change is ok
By the way we should probably think about refactoring the Advanced > Strict CSP section because it is now a source of confusion: the strict default config has no relationship with Strict CSP.
That section was initially intended as a user guide when we didn't have reasonable defaults that allowed CSP to work in all setups. We have much less issues and questions raised now.
Baroshem
commented
1 month ago Thanks @dungsil @vejja I have merged this PR to 2.1.0 branch that will be used to release a new major version :)
dargmuesli
commented
1 month ago I think major would be a 3.x.x, 2.1.x should be a "feature" level release. This being a fix could've translated into a quick 2.0.1 also 😁
Baroshem
commented
1 month ago I think major would be a 3.x.x, 2.1.x should be a "feature" level release. This being a fix could've translated into a quick 2.0.1 also 😁
Correct, I meant minor 2.1.0. Thanks for correcting! :)
Types of changes
Description
Fix devtools being blocked when strict mode is enabled
88dbb4c4f7d10e05a01336d6bf409e1434aaabd5 the existing documentation has been removed, so it should work the same in strict mode as in none-strict mode
ref: #487
Checklist: