jagaapple/next-secure-headers

Issues

• Support for Content-Security-Policy: upgrade-insecure-requests;

  #57 opened 2 years ago by dariolongo
  1

• Support for setting dynamic frameAncestors URLs

  #62 opened a year ago by LouiseEH
  0

• Using i18n in next.config.js will cause secure headers to disappear

  #55 opened 2 years ago by websaid
  2

• Export types for contentSecurityPolicy and directives

  #56 opened 2 years ago by emilfjellstrom
  0

• Add Content-Security-Policy Default directives as found in Helmet

  #53 opened 3 years ago by offgriddev
  1

• Google Analytics & Adsense errors

  #51 opened 3 years ago by BernardA
  0

• Content-Security-Policy reportURI cannot be relative

  #52 opened 3 years ago by 1aerostorm
  0

• Feature/Permission policy

  #42 opened 3 years ago by guilhem-fry
  2

• Nonce & Hash support for CSP Level 2

  #50 opened 3 years ago by moshie
  3

• X-XSS-Protection: header should be disabled by default

  #49 opened 3 years ago by markdascher
  0

• Add how to set unsupported headers to readme

  #48 opened 3 years ago by jagaapple
  0

• Support for frame-ancestors

  #45 opened 3 years ago by mattdell
  2

• Support spec names of CSP directives

  #30 opened 4 years ago by dbo
  1

• Minor typo in root readme

  #28 opened 4 years ago by nk1tz
  1

• yarn install: warning next-secure-headers@2.0.0: Invalid bin field for "next-secure-headers".

  #32 opened 4 years ago by dbo
  1

• Modify `source` value in sample codes

  #33 opened 4 years ago by jagaapple
  1

• Missing support for `report-to` resp. `resportTo`.

  #31 opened 4 years ago by dbo
  1

• ESLint - no extraneous dependencies

  #29 opened 4 years ago by BernardA
  4

• Typo in README file, `soruce` instead of `source`

  #26 opened 4 years ago by omieliekh
  1

• Add support for Next.js 9.5 and static pages

  #19 opened 4 years ago by jagaapple
  1

• Warning: You have opted-out of Automatic Static Optimization due to `getInitialProps` in `pages/_app`

  #11 opened 4 years ago by PabloSzx
  1