yesod-csp 0.2.4.0 → 0.2.5.0
raw patch · 3 files changed
+7/−2 lines, 3 filesPVP: major bump suggested
API removals or changes: PVP suggests a major version bump
API changes (from Hackage documentation)
- Yesod.Csp: cspPolicy :: (MonadHandler m) => DirectiveList -> m ()
+ Yesod.Csp: cspPolicy :: MonadHandler m => DirectiveList -> m ()
- Yesod.Csp.Example: type Handler = HandlerT Example IO
+ Yesod.Csp.Example: type Handler = HandlerFor Example
- Yesod.Csp.Example: type Widget = WidgetT Example IO ()
+ Yesod.Csp.Example: type Widget = WidgetFor Example ()
Files
- src/Yesod/Csp/TH.hs +1/−1
- test/Test.hs +5/−0
- yesod-csp.cabal +1/−1
src/Yesod/Csp/TH.hs view
@@ -154,5 +154,5 @@ where comma = string ";" directive :: Parser DirectiveList-directive = sepBy d separator <* endOfInput+directive = sepBy (spaces *> d) separator <* (spaces *> endOfInput) where d = withSourceList <|> reportUri <|> sandbox
test/Test.hs view
@@ -99,6 +99,11 @@ assertEq "with th" [csp|img-src 'self' https:; script-src https://foo.com|] result let url = fromJust $ escapeAndParseURI "https://foo.com" assertEq "with antiquoting" [csp|img-src 'self' https:; script-src $url|] result+ yit "works with th and newlines" $ do+ let attempt = [csp|+ default-src 'self'+ |]+ assertEq "with th and newlines" attempt [DefaultSrc (Self :| [])] middlewareTest :: Spec middlewareTest = yesodSpecApp Test getApp $ do
yesod-csp.cabal view
@@ -2,7 +2,7 @@ -- documentation, see http://haskell.org/cabal/users-guide/ name: yesod-csp-version: 0.2.4.0+version: 0.2.5.0 synopsis: Add CSP headers to Yesod apps description: Add CSP headers to Yesod apps. This helps reduce exposure to XSS attacks and bad assets. license: MIT