koa-csp
Version:
Used to set respose header: Content-Security-Policy
20 lines (19 loc) • 643 B
JavaScript
import directives from './directives.js';
import * as log from './log.js';
import toCamelCase from './to-camel-case.js';
const directivesWithCamelCase = directives.concat(directives.map(toCamelCase));
export default function (policy) {
const keys = Object.keys(policy);
let valid = true;
if (!keys.length) {
log.warn('Empty Policy');
valid = false;
}
const invalidDirectives = keys
.filter((key) => !directivesWithCamelCase.includes(key));
if (invalidDirectives.length) {
log.warn(`Invalid Policy Name: ${invalidDirectives.join(', ')}`);
valid = false;
}
return valid;
}