Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

config.csp override sveltekit CSP directives #7

Closed
IslamZaoui opened this issue Sep 29, 2024 · 0 comments · Fixed by #8
Closed

config.csp override sveltekit CSP directives #7

IslamZaoui opened this issue Sep 29, 2024 · 0 comments · Fixed by #8
Assignees
@IslamZaoui
Labels
good first issue Good for newcomers

Comments

@IslamZaoui
Copy link
Owner

sveltekit has CSP in svelte.config.js, this library overrides it and does not use the nonce value in the declared CSP directives
@IslamZaoui IslamZaoui added the good first issue Good for newcomers label Sep 29, 2024
@IslamZaoui IslamZaoui self-assigned this Sep 29, 2024
IslamZaoui added a commit that referenced this issue Sep 29, 2024
@IslamZaoui
Fix CSP override issue and integrate with SvelteKit's nonce (#7)
7e4bad5 
This commit addresses issue #7, where the library was overriding SvelteKit's
CSP directives without using the nonce value. The changes include:

- Modified securityHeaders.ts to integrate with SvelteKit's CSP
- Updated types and utilities to support nonce integration
- Adjusted demo app configuration to demonstrate proper CSP usage
- Renamed and reorganized files for better structure
@IslamZaoui IslamZaoui mentioned this issue Sep 29, 2024
Merged
@github-actions github-actions bot mentioned this issue Sep 29, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@IslamZaoui IslamZaoui

Labels
good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

merge dev into main IslamZaoui/securekit
1 participant
@IslamZaoui