Skip to content

feat(vue-renderer): add csp option for csp v1 compatibility#5975

Merged
clarkdo merged 1 commit intonuxt:devfrom
williamchong:dev
Jun 26, 2019
Merged

feat(vue-renderer): add csp option for csp v1 compatibility#5975
clarkdo merged 1 commit intonuxt:devfrom
williamchong:dev

Conversation

@williamchong
Copy link

@williamchong williamchong commented Jun 24, 2019
edited
Loading

Fixes CSP compatibility mentioned in #5627

Types of changes

  • Bug fix (a non-breaking change which fixes an issue)
  • New feature (a non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Description

Add a csp option unsafeInlineCompatiblity which allows 'unsafe-inline' and hash based rules to appear together.
Not sure if the option name can be shorter.
Resolves: #5627

Checklist:

  • My change requires a change to the documentation.
  • I have updated the documentation accordingly. (PR: #)
  • I have added tests to cover my changes (if not applicable, please state why)
  • All new and existing tests are passing.

TheAlexLichter
TheAlexLichter approved these changes Jun 24, 2019
View reviewed changes
Copy link
Member

@TheAlexLichter TheAlexLichter left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM ☺️

@TheAlexLichter TheAlexLichter requested a review from a team June 24, 2019 10:27
@clarkdo clarkdo merged commit cf39c75 into nuxt:dev Jun 26, 2019
@clarkdo
Copy link
Member

clarkdo commented Jun 26, 2019

@williamchong007 A pr for updating doc will be great.

@williamchong williamchong mentioned this pull request Jun 26, 2019
Merged
@pi0 pi0 mentioned this pull request Jun 28, 2019
Merged
atinux pushed a commit that referenced this pull request Jul 30, 2019
@williamchong @atinux
feat(vue-renderer): add csp option for csp v1 compatibility (#5975)
6eb9fea
pi0 pushed a commit that referenced this pull request Aug 20, 2019
@williamchong @pi0
feat(vue-renderer): add csp option for csp v1 compatibility (#5975)
55f6b17
@snyk-bot snyk-bot mentioned this pull request Nov 12, 2019
Open
@snyk-bot snyk-bot mentioned this pull request Nov 25, 2019
Open
This was referenced Apr 15, 2020
Open
Open
@koehn
Copy link

koehn commented May 31, 2020

This would have been better had you spelled compatability correctly…

@pi0
Copy link
Member

pi0 commented May 31, 2020

@koehn It is already fixed with #6583 can you spot typo in docs?

@koehn
Copy link

koehn commented May 31, 2020

Not sure if this is what you mean; AFAICT it's still in use as of 2.12.2. Am I looking in the wrong place?

https://nuxtjs.org/api/configuration-render/

@pi0
Copy link
Member

pi0 commented May 31, 2020
edited
Loading

Patch is available since 2.10.2. You can use unsafeInlineCompatibility

@danielroe danielroe added the 2.x label Jan 18, 2023
@coderabbitai coderabbitai bot mentioned this pull request Jun 3, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TheAlexLichter TheAlexLichter TheAlexLichter approved these changes

+1 more reviewer

@clarkdo clarkdo clarkdo approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

2.x

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Cannot define both SHA hash and unsafe-inline in CSP for best compatibility

6 participants

@williamchong @clarkdo @koehn @pi0 @TheAlexLichter @danielroe