nibtime/next-safe-middleware

Issues

• Remove Unnecessary 'unsafe-hashes' from style-src in CSP

  #100 opened 6 months ago by lanzosuarez
  1

• Middleware broken since Next.JS > 13.4.12

  #98 opened 8 months ago by fritterhoff
  2

• TypeError: Cannot read properties of null (reading 'textContent')

  #83 opened 2 years ago by pipech
  5

• Empty CSP HTTP Header

  #90 opened 9 months ago by danfsd
  3

• NextJS 13.4.4 Internal server error

  #96 opened a year ago by DubuWaMaji
  2

• report-only headers don't work with SSR

  #97 opened 10 months ago by fabiommmoreira
  0

• Setup with MUI

  #79 opened 2 years ago by MariaSolOs
  4

• Middleware error

  #87 opened a year ago by pinktonio
  5

• next/dynamic error

  #88 opened a year ago by baktiaditya
  1

• Unexpected token < in JSON when using `strictDynamic` or `strictInlineStyles` in production build

  #84 opened a year ago by hongkiulam
  3

• No script is having nonce generated

  #74 opened 2 years ago by VayneValerius
  5

• Include nonce for script-src but exclude nonce for style-src

  #85 opened a year ago by fdev
  2

• csp-manifest.json in wrong directory

  #86 opened a year ago by Cirelion
  2

• Problems appending directives

  #82 opened 2 years ago by CarstenHoyer
  0

• Pass in arbitrary script hashes?

  #81 opened 2 years ago by fymmot
  0

• Fix npm install command in README

  #78 opened 2 years ago by grempe
  0

• Routing & Nonce Required

  #77 opened 2 years ago by fritterhoff
  1

• require-trusted-types-for is broken

  #75 opened 2 years ago by dragonbear-os
  0

• Compatibility with next.config.js

  #73 opened 2 years ago by tinleym
  1

• Optimised font isn't listed in CSP

  #68 opened 2 years ago by Shamilik
  5

• Including hash values in directive breaks development

  #71 opened 2 years ago by benhodgson87
  1

• How to handle Emotion and Google Fonts inlined styles

  #34 opened 2 years ago by alexturpin
  20

• ws: and wss: are not listed in SchemeSource

  #67 opened 2 years ago by Shamilik
  1

• Split up the lib into multiple packages

  #66 opened 2 years ago by nibtime
  0

• isomorphic component (Browser + SSR) for HTML sanitization paired with CSP

  #41 opened 2 years ago by nibtime
  5

• How to import global CSS files (dynamic tailwind CSS and other static files) from packages?

  #61 opened 2 years ago by renet
  5

• Static CSP manifest

  #40 opened 2 years ago by nibtime
  1

• Hash-based Strict CSP by inline proxy loader (to support Firefox and Safari)

  #63 opened 2 years ago by nibtime
  0

• TS + MUI + Emotion + Next-safe-middleware

  #50 opened 2 years ago by oauramos
  5

• e2e test automation

  #42 opened 2 years ago by nibtime
  0

• Type error if Head contains children

  #46 opened 2 years ago by muskela
  3

• Issue with styles when running application in development mode

  #49 opened 2 years ago by benhodgson87
  4

• Issues when using Next.js with basePath

  #48 opened 2 years ago by renet
  3

• strict-dynamic not working on Next 12.2

  #37 opened 2 years ago by DuCanhGH
  6

• `TypeError: (intermediate value).getPreNextScripts(...).map is not a function` when doing a production build (dev works fine)

  #23 opened 2 years ago by Neki
  5

• provide nice documentation

  #30 opened 2 years ago by nibtime
  0

• excessive CPU usage warning from Vercel for middleware

  #45 opened 2 years ago by nibtime
  1

• presets for CSP directives

  #43 opened 2 years ago by nibtime
  0

• How to handle Scripts that are coming from Google Tag Manager

  #31 opened 2 years ago by themudassarhassan
  9

• Next.js 12.2 Nested Middleware is not allowed

  #35 opened 2 years ago by malithmcr
  3

• offer reporting data conversion: report-To -> report-uri (required for Sentry)

  #28 opened 2 years ago by nibtime
  0

• improve noncing/hashing with cheerio in `initialProps.html`

  #29 opened 2 years ago by nibtime
  0

• support inline style attributes in strict CSP

  #22 opened 2 years ago by nibtime
  0

• provide hashes or nonce for strict style-src

  #6 opened 2 years ago by nibtime
  0

• Hash-based strict CSP is broken on Firefox

  #5 opened 2 years ago by nibtime
  0

• support reporting with Reporting API

  #7 opened 2 years ago by nibtime
  0