UNPKG

ember-cli-content-security-policy

Version:

This addon adds the Content-Security-Policy header to response sent from the Ember CLI Express server.

github.com/rwjblue/ember-cli-content-security-policy

rwjblue/ember-cli-content-security-policy

16 lines (10 loc) 1.15 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# Deprecations ## Until 3.0 ### Configuration is moved to config/content-security-policy.js Configuration has been moved from `config/environment.js` to `config/content-security-policy.js`. The configuration keys have been changed as well. Please follow these steps for migrating your existing configuration: - Create `config/content-security-policy.js` file with default configuration as [shown in readme](https://github.com/rwjblue/ember-cli-content-security-policy#configuration). - If existing config defines a custom policy object under `contentSecurityPolicy` key, copy that one to `policy` key in newly created config file. The application's policy object is not merged with default policy object anymore. Therefore you should add missing keys from default policy object to your application specific policy directives. - If existing config contains `contentSecurityPolicyHeader = "Content-Security-Policy"`, include `reportOnly: false`. - If existing config contains `contentSecurityPolicyMeta = true`, include `delivery: ['header', 'meta']`. Please refer to [documentation in readme](README.md) for details on new configuration syntax.