@taujs/server 0.2.5 → 0.2.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/build.js +4 -4
  2. package/dist/index.js +4 -4
  3. package/dist/security/csp.js +3 -3
  4. package/package.json +1 -1
package/dist/build.js CHANGED
@@ -251,10 +251,10 @@ var cspHook = (options = {}) => (req, reply, done) => {
251
251
  done();
252
252
  };
253
253
  var applyCSP = (security, reply) => {
254
- if (!security?.csp) return;
255
254
  const nonce = generateNonce();
256
- const { directives = {}, generateCSP = defaultGenerateCSP } = security.csp;
257
- const header = generateCSP(directives, nonce);
255
+ const directives = security?.csp?.directives ?? DEV_CSP_DIRECTIVES;
256
+ const generate = security?.csp?.generateCSP ?? defaultGenerateCSP;
257
+ const header = generate(directives, nonce);
258
258
  reply.header("Content-Security-Policy", header);
259
259
  reply.request.nonce = nonce;
260
260
  return nonce;
@@ -475,7 +475,7 @@ var SSRServer = (0, import_fastify_plugin.default)(
475
475
  app.addHook(
476
476
  "onRequest",
477
477
  cspHook({
478
- directives: opts.security?.csp?.directives ?? DEV_CSP_DIRECTIVES,
478
+ directives: opts.security?.csp?.directives,
479
479
  generateCSP: opts.security?.csp?.generateCSP
480
480
  })
481
481
  );
package/dist/index.js CHANGED
@@ -246,10 +246,10 @@ var cspHook = (options = {}) => (req, reply, done) => {
246
246
  done();
247
247
  };
248
248
  var applyCSP = (security, reply) => {
249
- if (!security?.csp) return;
250
249
  const nonce = generateNonce();
251
- const { directives = {}, generateCSP = defaultGenerateCSP } = security.csp;
252
- const header = generateCSP(directives, nonce);
250
+ const directives = security?.csp?.directives ?? DEV_CSP_DIRECTIVES;
251
+ const generate = security?.csp?.generateCSP ?? defaultGenerateCSP;
252
+ const header = generate(directives, nonce);
253
253
  reply.header("Content-Security-Policy", header);
254
254
  reply.request.nonce = nonce;
255
255
  return nonce;
@@ -470,7 +470,7 @@ var SSRServer = (0, import_fastify_plugin.default)(
470
470
  app.addHook(
471
471
  "onRequest",
472
472
  cspHook({
473
- directives: opts.security?.csp?.directives ?? DEV_CSP_DIRECTIVES,
473
+ directives: opts.security?.csp?.directives,
474
474
  generateCSP: opts.security?.csp?.generateCSP
475
475
  })
476
476
  );
package/dist/security/csp.js CHANGED
@@ -41,10 +41,10 @@ var cspHook = (options = {}) => (req, reply, done) => {
41
41
  };
42
42
  var getRequestNonce = (req) => req.nonce;
43
43
  var applyCSP = (security, reply) => {
44
- if (!security?.csp) return;
45
44
  const nonce = generateNonce();
46
- const { directives = {}, generateCSP = defaultGenerateCSP } = security.csp;
47
- const header = generateCSP(directives, nonce);
45
+ const directives = security?.csp?.directives ?? DEV_CSP_DIRECTIVES;
46
+ const generate = security?.csp?.generateCSP ?? defaultGenerateCSP;
47
+ const header = generate(directives, nonce);
48
48
  reply.header("Content-Security-Policy", header);
49
49
  reply.request.nonce = nonce;
50
50
  return nonce;
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@taujs/server",
3
- "version": "0.2.5",
3
+ "version": "0.2.6",
4
4
  "description": "taujs | τjs",
5
5
  "author": "Aoede <taujs@aoede.uk.net> (https://www.aoede.uk.net)",
6
6
  "license": "MIT",