jagaapple / next-secure-headers

Sets secure response headers for Next.js.

jagaapple/next-secure-headers Issues

Support for Content-Security-Policy: upgrade-insecure-requests;
Updated 8 months ago1
Support for setting dynamic frameAncestors URLs
Updated a year ago
Using i18n in next.config.js will cause secure headers to disappear
Updated 2 years ago2
Export types for contentSecurityPolicy and directives
Updated 2 years ago
Add Content-Security-Policy Default directives as found in Helmet
Updated 3 years ago1
Google Analytics & Adsense errors
Updated 3 years ago
Content-Security-Policy reportURI cannot be relative
Updated 3 years ago
Feature/Permission policy
Updated 3 years ago2
Nonce & Hash support for CSP Level 2
Updated 3 years ago3
X-XSS-Protection: header should be disabled by default
Updated 3 years ago
Add how to set unsupported headers to readme
Updated 3 years ago
Support for frame-ancestors
Closed 3 years ago2
Support spec names of CSP directives
Closed 4 years ago1
Minor typo in root readme
Closed 4 years ago1
yarn install: warning next-secure-headers@2.0.0: Invalid bin field for "next-secure-headers".
Closed 4 years ago1
Modify `source` value in sample codes
Closed 4 years ago1
Missing support for `report-to` resp. `resportTo`.
Closed 4 years ago1
ESLint - no extraneous dependencies
Closed 4 years ago4
Typo in README file, `soruce` instead of `source`
Closed 4 years ago1
Add support for Next.js 9.5 and static pages
Closed 4 years ago1
Warning: You have opted-out of Automatic Static Optimization due to `getInitialProps` in `pages/_app`
Closed 4 years ago1