dotenv-diff 2.3.3 → 2.3.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cspDetector.d.ts","sourceRoot":"","sources":["../../../src/core/cspDetector.ts"],"names":[],"mappings":"AASA;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,
|
|
1
|
+
{"version":3,"file":"cspDetector.d.ts","sourceRoot":"","sources":["../../../src/core/cspDetector.ts"],"names":[],"mappings":"AASA;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAyBtD"}
|
|
@@ -8,15 +8,31 @@ const HELMET_CSP_PATTERN = /\bcontentSecurityPolicy\b/;
|
|
|
8
8
|
* in a realistic pattern, we treat CSP as present.
|
|
9
9
|
*/
|
|
10
10
|
export function hasCspInSource(source) {
|
|
11
|
+
// 1. META tag
|
|
11
12
|
if (META_CSP_PATTERN.test(source))
|
|
12
13
|
return true;
|
|
14
|
+
// 2. Node header setters
|
|
13
15
|
if (HEADER_CSP_PATTERN.test(source))
|
|
14
16
|
return true;
|
|
17
|
+
// 3. Helmet or similar middleware
|
|
15
18
|
if (HELMET_CSP_PATTERN.test(source))
|
|
16
19
|
return true;
|
|
17
|
-
//
|
|
20
|
+
// 4. Plain fallback
|
|
18
21
|
if (/Content-Security-Policy/i.test(source))
|
|
19
22
|
return true;
|
|
23
|
+
// 5. SvelteKit kit.csp
|
|
24
|
+
if (/kit\s*:\s*{[^}]*csp\s*:/s.test(source))
|
|
25
|
+
return true;
|
|
26
|
+
// 6. A variable named <something>Csp or cspConfig or sharedCsp
|
|
27
|
+
if (/\b(shared|global|site|app)[A-Z]?Csp\b/.test(source))
|
|
28
|
+
return true;
|
|
29
|
+
if (/\bcspConfig\b/i.test(source))
|
|
30
|
+
return true;
|
|
31
|
+
if (/\bcsp\s*:\s*{[^}]*['"]default-src['"]:/i.test(source))
|
|
32
|
+
return true;
|
|
33
|
+
// 7. Directives object pattern (strong indicator)
|
|
34
|
+
if (/directives\s*:\s*{[^}]*['"]default-src['"]:/is.test(source))
|
|
35
|
+
return true;
|
|
20
36
|
return false;
|
|
21
37
|
}
|
|
22
38
|
//# sourceMappingURL=cspDetector.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cspDetector.js","sourceRoot":"","sources":["../../../src/core/cspDetector.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,MAAM,gBAAgB,GACpB,6DAA6D,CAAC;AAEhE,MAAM,kBAAkB,GACtB,gEAAgE,CAAC;AAEnE,MAAM,kBAAkB,GAAG,2BAA2B,CAAC;AAEvD;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,MAAc;IAC3C,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"cspDetector.js","sourceRoot":"","sources":["../../../src/core/cspDetector.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,MAAM,gBAAgB,GACpB,6DAA6D,CAAC;AAEhE,MAAM,kBAAkB,GACtB,gEAAgE,CAAC;AAEnE,MAAM,kBAAkB,GAAG,2BAA2B,CAAC;AAEvD;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,MAAc;IAC3C,cAAc;IACd,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAE/C,yBAAyB;IACzB,IAAI,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjD,kCAAkC;IAClC,IAAI,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjD,oBAAoB;IACpB,IAAI,0BAA0B,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzD,uBAAuB;IACvB,IAAI,0BAA0B,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzD,+DAA+D;IAC/D,IAAI,uCAAuC,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IACtE,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAC/C,IAAI,yCAAyC,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAExE,kDAAkD;IAClD,IAAI,+CAA+C,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAE9E,OAAO,KAAK,CAAC;AACf,CAAC"}
|