Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Content-Security-Policy header usage explanation #33833

Merged
merged 4 commits into from Jan 31, 2022
Merged

Update Content-Security-Policy header usage explanation #33833

merged 4 commits into from Jan 31, 2022

Conversation

amandeepmittal
Copy link
Contributor

@amandeepmittal amandeepmittal commented Jan 31, 2022
edited

This PR improves the Content-Security-Policy header usage explanation in the next.config.js file.

Bug

Feature

  • Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR.
  • Related issues linked using fixes #number
  • Integration tests added
  • Documentation added
  • Telemetry added. In case of a feature if it's used or not.
  • Errors have helpful link attached, see contributing.md

Documentation / Examples

  • Make sure the linting passes by running yarn lint

@amandeepmittal
Update Content-Security-Policy header usage explanation
c889b2c 
This PR add more context on how to define and use Content-Security-Policy header in `next.config.js` file and fixes vercel#33598
amandeepmittal and others added 2 commits January 31, 2022 22:57
@amandeepmittal @kachkaev
Update docs/advanced-features/security-headers.md
fb23c55 
Co-authored-by: Alexander Kachkaev <alexander@kachkaev.ru>
@amandeepmittal
Update Content-Security-Policy header usage explanation; address newl…
71e50f2 
…ine when applying regex
styfle
styfle approved these changes Jan 31, 2022
View reviewed changes
Copy link
Member

@styfle styfle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would usually have an array of directives and then use arr.join('; ') but this works too, thanks!

@kodiakhq kodiakhq bot merged commit ad79c04 into vercel:canary Jan 31, 2022
@amandeepmittal amandeepmittal deleted the update-content-security-policy-usage branch February 1, 2022 02:49
natew pushed a commit to natew/next.js that referenced this pull request Feb 16, 2022
@amandeepmittal @natew
Update Content-Security-Policy header usage explanation (vercel#33833)
9695780 
This PR improves the Content-Security-Policy header usage explanation in the `next.config.js` file.



## Bug

- [x] Related issues linked using fixes vercel#33598 
- [ ] Integration tests added
- [ ] Errors have helpful link attached, see `contributing.md`

## Feature

- [ ] Implements an existing feature request or RFC. Make sure the feature request has been accepted for implementation before opening a PR.
- [ ] Related issues linked using `fixes #number`
- [ ] Integration tests added
- [x] Documentation added
- [ ] Telemetry added. In case of a feature if it's used or not.
- [ ] Errors have helpful link attached, see `contributing.md`

## Documentation / Examples

- [x] Make sure the linting passes by running `yarn lint`
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Mar 3, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@kachkaev kachkaev kachkaev left review comments

@styfle styfle styfle approved these changes

@huozhi huozhi Awaiting requested review from huozhi

@ijjk ijjk Awaiting requested review from ijjk

@leerob leerob Awaiting requested review from leerob

@padmaia padmaia Awaiting requested review from padmaia

@shuding shuding Awaiting requested review from shuding

@timneutkens timneutkens Awaiting requested review from timneutkens

@molebox molebox Awaiting requested review from molebox

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Improve Content-Security-Policy usage explanation
4 participants
@amandeepmittal @styfle @kachkaev @ijjk