UNPKG

csprefabricate

Version:

Generate valid and secure Content Security Policies (CSP) with TypeScript.

github.com/jamestoohey/csprefabricate

jamestoohey/csprefabricate

59 lines (58 loc) 2.43 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
declare enum Directive { DEFAULT_SRC = "default-src", SCRIPT_SRC = "script-src", STYLE_SRC = "style-src", IMG_SRC = "img-src", CONNECT_SRC = "connect-src", FONT_SRC = "font-src", OBJECT_SRC = "object-src", MEDIA_SRC = "media-src", FRAME_SRC = "frame-src", SANDBOX = "sandbox", REPORT_URI = "report-uri", CHILD_SRC = "child-src", FORM_ACTION = "form-action", FRAME_ANCESTORS = "frame-ancestors", PLUGIN_TYPES = "plugin-types", BASE_URI = "base-uri", REPORT_TO = "report-to", WORKER_SRC = "worker-src", MANIFEST_SRC = "manifest-src", PREFETCH_SRC = "prefetch-src", NAVIGATE_TO = "navigate-to", REQUIRE_TRUSTED_TYPES_FOR = "require-trusted-types-for", TRUSTED_TYPES = "trusted-types", UPGRADE_INSECURE_REQUESTS = "upgrade-insecure-requests", BLOCK_ALL_MIXED_CONTENT = "block-all-mixed-content" } type BasicDirectiveRule = Array<string | Record<string, Array<string>>>; type BlankDirectiveRule = null; type Rules = BasicDirectiveRule | BlankDirectiveRule; interface ContentSecurityPolicy { [Directive.DEFAULT_SRC]?: BasicDirectiveRule; [Directive.SCRIPT_SRC]?: BasicDirectiveRule; [Directive.STYLE_SRC]?: BasicDirectiveRule; [Directive.IMG_SRC]?: BasicDirectiveRule; [Directive.CONNECT_SRC]?: BasicDirectiveRule; [Directive.FONT_SRC]?: BasicDirectiveRule; [Directive.OBJECT_SRC]?: BasicDirectiveRule; [Directive.MEDIA_SRC]?: BasicDirectiveRule; [Directive.FRAME_SRC]?: BasicDirectiveRule; [Directive.SANDBOX]?: BasicDirectiveRule; [Directive.REPORT_URI]?: BasicDirectiveRule; [Directive.CHILD_SRC]?: BasicDirectiveRule; [Directive.FORM_ACTION]?: BasicDirectiveRule; [Directive.FRAME_ANCESTORS]?: BasicDirectiveRule; [Directive.PLUGIN_TYPES]?: BasicDirectiveRule; [Directive.BASE_URI]?: BasicDirectiveRule; [Directive.REPORT_TO]?: BasicDirectiveRule; [Directive.WORKER_SRC]?: BasicDirectiveRule; [Directive.MANIFEST_SRC]?: BasicDirectiveRule; [Directive.PREFETCH_SRC]?: BasicDirectiveRule; [Directive.NAVIGATE_TO]?: BasicDirectiveRule; [Directive.REQUIRE_TRUSTED_TYPES_FOR]?: BasicDirectiveRule; [Directive.TRUSTED_TYPES]?: BasicDirectiveRule; [Directive.UPGRADE_INSECURE_REQUESTS]?: BlankDirectiveRule; [Directive.BLOCK_ALL_MIXED_CONTENT]?: BlankDirectiveRule; } export { ContentSecurityPolicy, Rules, Directive, BasicDirectiveRule };