github Baroshem/nuxt-security v1.1.0
1.1.0
on GitHub

latest releases: v2.6.0, v2.5.1, v2.5.0...
2 years ago

1.1.0 🎉

1.1.0 is the first minor release for a stable 1.0.0 version

The biggest feature of this version is a support for runtime config by @huang-julien ❤️ Take a look at below instructions to understand how to use it in your app.

If you need to change the headers configuration at runtime, it is possible to do it through nuxt-security:headers hook.

Enabling the option

This feature is optional, you can enable it with 

export default defineNuxtConfig({
    modules: ['nuxt-security'],
    security: {
        runtimeHooks: true
    }
})

Within your nitro plugin. You can override the previous configuration of a route with nuxt-security:headers. 

export default defineNitroPlugin((nitroApp) => {
    nitroApp.hooks.hook('nuxt-security:ready', () => {
        nitroApp.hooks.callHook('nuxt-security:headers', '/**' ,{
            contentSecurityPolicy: {
                "script-src": ["'self'", "'unsafe-inline'"],
            },
            xFrameOptions: false
        })
    })
})

And also, huge kudos to all contributors 🎉

🗞️ Next steps

We are already planning a release 1.2.0 with additional cool features. Stay tuned! 🚀

👉 Changelog
compare changes

🚀 Enhancements

  • allow configuring headers in runtime
  • improving performance for SSG apps by cheerio optimizations

🩹 Fixes

  • disable 05-cspSsgPresets

📖 Documentation

  • correct default for crossOriginEmbedderPolicy
  • add new video and introduction page
  • add favicon fix

🏡 Chore

🤖 CI

❤️ Contributors

What's Changed

New Contributors

Check out latest releases or
releases around Baroshem/nuxt-security v1.1.0

Don't miss a new nuxt-security release

NewReleases is sending notifications on new releases.

Get notifications