@dwp/govuk-casa 8.15.0 → 8.15.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/middleware/pre.js +2 -2
- package/dist/middleware/pre.js.map +1 -1
- package/package.json +16 -16
- package/src/middleware/pre.js +2 -2
package/dist/middleware/pre.js
CHANGED
|
@@ -72,12 +72,12 @@ exports.default = ({ helmetConfigurator = (config) => (config), } = {}) => [
|
|
|
72
72
|
directives: {
|
|
73
73
|
'default-src': ["'none'"],
|
|
74
74
|
'script-src': ["'self'", GA_DOMAIN, GTM_DOMAIN, GTM_PREVIEW_DOMAIN, casaCspNonce],
|
|
75
|
-
'img-src': ["'self'", GA_DOMAIN, GA_ANALYTICS_DOMAIN, GTM_DOMAIN, 'https://ssl.gstatic.com', 'https://www.gstatic.com'],
|
|
75
|
+
'img-src': ["'self'", GA_DOMAIN, GA_ANALYTICS_DOMAIN, GTM_DOMAIN, 'https://ssl.gstatic.com', 'https://www.gstatic.com', 'https://fonts.gstatic.com'],
|
|
76
76
|
'connect-src': ["'self'", GA_DOMAIN, GA_ANALYTICS_DOMAIN, GTM_DOMAIN],
|
|
77
77
|
'frame-src': ["'self'", GTM_DOMAIN],
|
|
78
78
|
'frame-ancestors': ["'self'"],
|
|
79
79
|
'form-action': ["'self'"],
|
|
80
|
-
'style-src': ["'self'", 'https://fonts.googleapis.com', GTM_PREVIEW_DOMAIN, casaCspNonce],
|
|
80
|
+
'style-src': ["'self'", 'https://fonts.googleapis.com', GTM_PREVIEW_DOMAIN, GTM_DOMAIN, casaCspNonce, "'sha256-xWGOGGMGQQ+IV0Om4xzgbDHXUh/+L1c375p0Pb6vF9A='", "'sha256-9HGruJg4WccHXas5I1NmLn7tI1TDh6N26o6+/dy8sm4='", "'sha256-oM0kKtU+nugIwjuYHkXXVoKGVNhC/DCUnIVdSVBMkaQ='"],
|
|
81
81
|
'font-src': ["'self'", 'data:', 'https://fonts.gstatic.com'],
|
|
82
82
|
},
|
|
83
83
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pre.js","sourceRoot":"","sources":["../../src/middleware/pre.js"],"names":[],"mappings":";;;;;AAAA,mCAAqC;AACrC,oDAA4B;AAE5B;;;GAGG;AAEH,MAAM,SAAS,GAAG,wBAAwB,CAAC;AAC3C,MAAM,mBAAmB,GAAG,wBAAwB,CAAC;AACrD,MAAM,UAAU,GAAG,wBAAwB,CAAC;AAC5C,MAAM,kBAAkB,GAAG,+BAA+B,CAAC;AAE3D;;;;;;;;;;;GAWG;AACH,SAAS,YAAY,CAAC,GAAG,EAAE,GAAG;IAC5B,OAAO,UAAU,GAAG,CAAC,MAAM,CAAC,QAAQ,GAAG,CAAC;AAC1C,CAAC;AAED;;;;;;GAMG;AACH,kBAAe,CAAC,EACd,kBAAkB,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,GAC1C,GAAG,EAAE,EAAE,EAAE,CAAC;IACT,qCAAqC;IACrC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACjB,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAClD,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,+BAA+B,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;YACzF,GAAG,CAAC,IAAI,GAAG,2BAA2B,CAAC;YACvC,IAAI,CAAC,GAAG,CAAC,CAAC;QACZ,CAAC;aAAM,CAAC;YACN,IAAI,EAAE,CAAC;QACT,CAAC;IACH,CAAC;IAED,wEAAwE;IACxE,2BAA2B;IAC3B,4EAA4E;IAC5E,mCAAmC;IACnC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACjB,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,8CAA8C,CAAC,CAAC;QACzE,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAC9B,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QACtB,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,mBAAmB,CAAC,CAAC;QAC7C,IAAI,EAAE,CAAC;IACT,CAAC;IAED,sEAAsE;IACtE,yEAAyE;IACzE,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACjB,GAAG,CAAC,MAAM,CAAC,QAAQ,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,EAAE,CAAC;IACT,CAAC;IAED,0BAA0B;IAC1B,IAAA,gBAAM,EAAC,kBAAkB,CAAC;QACxB,qEAAqE;QACrE,qBAAqB,EAAE;YACrB,WAAW,EAAE,IAAI;YACjB,UAAU,EAAE;gBACV,aAAa,EAAE,CAAC,QAAQ,CAAC;gBACzB,YAAY,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,kBAAkB,EAAE,YAAY,CAAC;gBACjF,SAAS,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,mBAAmB,EAAE,UAAU,EAAE,yBAAyB,EAAE,yBAAyB,CAAC;
|
|
1
|
+
{"version":3,"file":"pre.js","sourceRoot":"","sources":["../../src/middleware/pre.js"],"names":[],"mappings":";;;;;AAAA,mCAAqC;AACrC,oDAA4B;AAE5B;;;GAGG;AAEH,MAAM,SAAS,GAAG,wBAAwB,CAAC;AAC3C,MAAM,mBAAmB,GAAG,wBAAwB,CAAC;AACrD,MAAM,UAAU,GAAG,wBAAwB,CAAC;AAC5C,MAAM,kBAAkB,GAAG,+BAA+B,CAAC;AAE3D;;;;;;;;;;;GAWG;AACH,SAAS,YAAY,CAAC,GAAG,EAAE,GAAG;IAC5B,OAAO,UAAU,GAAG,CAAC,MAAM,CAAC,QAAQ,GAAG,CAAC;AAC1C,CAAC;AAED;;;;;;GAMG;AACH,kBAAe,CAAC,EACd,kBAAkB,GAAG,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,GAC1C,GAAG,EAAE,EAAE,EAAE,CAAC;IACT,qCAAqC;IACrC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACjB,IAAI,GAAG,CAAC,MAAM,KAAK,KAAK,IAAI,GAAG,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAClD,MAAM,GAAG,GAAG,IAAI,KAAK,CAAC,+BAA+B,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;YACzF,GAAG,CAAC,IAAI,GAAG,2BAA2B,CAAC;YACvC,IAAI,CAAC,GAAG,CAAC,CAAC;QACZ,CAAC;aAAM,CAAC;YACN,IAAI,EAAE,CAAC;QACT,CAAC;IACH,CAAC;IAED,wEAAwE;IACxE,2BAA2B;IAC3B,4EAA4E;IAC5E,mCAAmC;IACnC,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACjB,GAAG,CAAC,GAAG,CAAC,eAAe,EAAE,8CAA8C,CAAC,CAAC;QACzE,GAAG,CAAC,GAAG,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAC9B,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QACtB,GAAG,CAAC,GAAG,CAAC,cAAc,EAAE,mBAAmB,CAAC,CAAC;QAC7C,IAAI,EAAE,CAAC;IACT,CAAC;IAED,sEAAsE;IACtE,yEAAyE;IACzE,CAAC,GAAG,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;QACjB,GAAG,CAAC,MAAM,CAAC,QAAQ,GAAG,IAAA,oBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACtD,IAAI,EAAE,CAAC;IACT,CAAC;IAED,0BAA0B;IAC1B,IAAA,gBAAM,EAAC,kBAAkB,CAAC;QACxB,qEAAqE;QACrE,qBAAqB,EAAE;YACrB,WAAW,EAAE,IAAI;YACjB,UAAU,EAAE;gBACV,aAAa,EAAE,CAAC,QAAQ,CAAC;gBACzB,YAAY,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,kBAAkB,EAAE,YAAY,CAAC;gBACjF,SAAS,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,mBAAmB,EAAE,UAAU,EAAE,yBAAyB,EAAE,yBAAyB,EAAE,2BAA2B,CAAC;gBACpJ,aAAa,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,mBAAmB,EAAE,UAAU,CAAC;gBACrE,WAAW,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;gBACnC,iBAAiB,EAAE,CAAC,QAAQ,CAAC;gBAC7B,aAAa,EAAE,CAAC,QAAQ,CAAC;gBACzB,WAAW,EAAE,CAAC,QAAQ,EAAE,8BAA8B,EAAE,kBAAkB,EAAE,UAAU,EAAE,YAAY,EAAE,uDAAuD,EAAE,uDAAuD,EAAE,uDAAuD,CAAC;gBAChR,UAAU,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,2BAA2B,CAAC;aAC7D;SACF;QAED,wCAAwC;QACxC,8CAA8C;KAC/C,CAAC,CAAC;CACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@dwp/govuk-casa",
|
|
3
|
-
"version": "8.15.
|
|
3
|
+
"version": "8.15.2",
|
|
4
4
|
"description": "A framework for building GOVUK Collect-And-Submit-Applications",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -48,17 +48,17 @@
|
|
|
48
48
|
"license": "ISC",
|
|
49
49
|
"type": "module",
|
|
50
50
|
"dependencies": {
|
|
51
|
-
"@dagrejs/graphlib": "2.1
|
|
51
|
+
"@dagrejs/graphlib": "2.2.1",
|
|
52
52
|
"bytes": "3.1.2",
|
|
53
53
|
"cookie-parser": "1.4.6",
|
|
54
54
|
"csrf-sync": "4.0.3",
|
|
55
55
|
"debug": "4.3.4",
|
|
56
56
|
"deepmerge": "4.3.1",
|
|
57
|
-
"express": "4.
|
|
57
|
+
"express": "4.19.2",
|
|
58
58
|
"express-session": "1.18.0",
|
|
59
59
|
"govuk-frontend": "4.8.0",
|
|
60
60
|
"helmet": "7.1.0",
|
|
61
|
-
"i18next": "23.
|
|
61
|
+
"i18next": "23.10.1",
|
|
62
62
|
"i18next-http-middleware": "3.5.0",
|
|
63
63
|
"js-yaml": "4.1.0",
|
|
64
64
|
"lodash": "4.17.21",
|
|
@@ -68,37 +68,37 @@
|
|
|
68
68
|
"validator": "13.11.0"
|
|
69
69
|
},
|
|
70
70
|
"devDependencies": {
|
|
71
|
-
"@babel/core": "7.
|
|
72
|
-
"@babel/eslint-parser": "7.
|
|
73
|
-
"@babel/preset-env": "7.
|
|
74
|
-
"@ckeditor/jsdoc-plugins": "39.
|
|
71
|
+
"@babel/core": "7.24.4",
|
|
72
|
+
"@babel/eslint-parser": "7.24.1",
|
|
73
|
+
"@babel/preset-env": "7.24.4",
|
|
74
|
+
"@ckeditor/jsdoc-plugins": "39.6.3",
|
|
75
75
|
"@commitlint/config-conventional": "18.4.3",
|
|
76
76
|
"@dwp/casa-spiderplan": "3.1.3",
|
|
77
77
|
"@dwp/casa-spiderplan-a11y-plugin": "0.1.14",
|
|
78
78
|
"@dwp/casa-spiderplan-zap-plugin": "0.1.10",
|
|
79
79
|
"@dwp/eslint-config-base": "7.0.0",
|
|
80
80
|
"@types/express": "4.17.21",
|
|
81
|
-
"@types/node": "20.
|
|
81
|
+
"@types/node": "20.12.4",
|
|
82
82
|
"@types/nunjucks": "3.2.6",
|
|
83
83
|
"c8": "8.0.1",
|
|
84
84
|
"chai": "4.3.10",
|
|
85
85
|
"cheerio": "1.0.0-rc.12",
|
|
86
86
|
"commitlint": "18.4.3",
|
|
87
87
|
"docdash": "2.0.2",
|
|
88
|
-
"eslint": "8.
|
|
88
|
+
"eslint": "8.57.0",
|
|
89
89
|
"eslint-plugin-import": "2.29.1",
|
|
90
90
|
"eslint-plugin-jsdoc": "46.9.1",
|
|
91
91
|
"eslint-plugin-no-unsafe-regex": "1.0.0",
|
|
92
92
|
"eslint-plugin-security": "1.7.1",
|
|
93
|
-
"eslint-plugin-sonarjs": "0.
|
|
94
|
-
"fast-check": "3.
|
|
93
|
+
"eslint-plugin-sonarjs": "0.25.1",
|
|
94
|
+
"fast-check": "3.17.1",
|
|
95
95
|
"jsdoc": "4.0.2",
|
|
96
96
|
"jsdoc-tsimport-plugin": "1.0.5",
|
|
97
|
-
"mocha": "10.
|
|
98
|
-
"sass": "1.
|
|
97
|
+
"mocha": "10.4.0",
|
|
98
|
+
"sass": "1.74.1",
|
|
99
99
|
"sinon": "17.0.1",
|
|
100
100
|
"sinon-chai": "3.7.0",
|
|
101
|
-
"supertest": "6.3.
|
|
102
|
-
"typescript": "5.
|
|
101
|
+
"supertest": "6.3.4",
|
|
102
|
+
"typescript": "5.4.3"
|
|
103
103
|
}
|
|
104
104
|
}
|
package/src/middleware/pre.js
CHANGED
|
@@ -75,12 +75,12 @@ export default ({
|
|
|
75
75
|
directives: {
|
|
76
76
|
'default-src': ["'none'"],
|
|
77
77
|
'script-src': ["'self'", GA_DOMAIN, GTM_DOMAIN, GTM_PREVIEW_DOMAIN, casaCspNonce],
|
|
78
|
-
'img-src': ["'self'", GA_DOMAIN, GA_ANALYTICS_DOMAIN, GTM_DOMAIN, 'https://ssl.gstatic.com', 'https://www.gstatic.com'],
|
|
78
|
+
'img-src': ["'self'", GA_DOMAIN, GA_ANALYTICS_DOMAIN, GTM_DOMAIN, 'https://ssl.gstatic.com', 'https://www.gstatic.com', 'https://fonts.gstatic.com'],
|
|
79
79
|
'connect-src': ["'self'", GA_DOMAIN, GA_ANALYTICS_DOMAIN, GTM_DOMAIN],
|
|
80
80
|
'frame-src': ["'self'", GTM_DOMAIN],
|
|
81
81
|
'frame-ancestors': ["'self'"],
|
|
82
82
|
'form-action': ["'self'"],
|
|
83
|
-
'style-src': ["'self'", 'https://fonts.googleapis.com', GTM_PREVIEW_DOMAIN, casaCspNonce],
|
|
83
|
+
'style-src': ["'self'", 'https://fonts.googleapis.com', GTM_PREVIEW_DOMAIN, GTM_DOMAIN, casaCspNonce, "'sha256-xWGOGGMGQQ+IV0Om4xzgbDHXUh/+L1c375p0Pb6vF9A='", "'sha256-9HGruJg4WccHXas5I1NmLn7tI1TDh6N26o6+/dy8sm4='", "'sha256-oM0kKtU+nugIwjuYHkXXVoKGVNhC/DCUnIVdSVBMkaQ='"],
|
|
84
84
|
'font-src': ["'self'", 'data:', 'https://fonts.gstatic.com'],
|
|
85
85
|
},
|
|
86
86
|
},
|