yesod-csp 0.2.5.0 → 0.2.6.0
raw patch · 3 files changed
+27/−21 lines, 3 filesdep ~attoparsecdep ~case-insensitivedep ~mono-traversablenew-uploaderPVP ok
version bump matches the API change (PVP)
Dependency ranges changed: attoparsec, case-insensitive, mono-traversable, network-uri, semigroups, syb, template-haskell, text, wai, yesod, yesod-core
API changes (from Hackage documentation)
Files
- CHANGELOG.md +5/−0
- src/Yesod/Csp.hs +7/−7
- yesod-csp.cabal +15/−14
+ CHANGELOG.md view
@@ -0,0 +1,5 @@+# Changelog++## Version 0.2.6.0+++ Fixes compilation failure with ghc-9.0.2 or newer (see https://github.com/bobjflong/yesod-csp/issues/8)
src/Yesod/Csp.hs view
@@ -21,7 +21,7 @@ import qualified Data.CaseInsensitive as CI import Data.Data (Data) import Data.List.NonEmpty-import Data.Text+import Data.Text (Text) import qualified Data.Text as T import qualified Data.Text.Encoding as TE import Data.Typeable (Typeable)@@ -82,7 +82,7 @@ -- | Escapes ';' '\'' and ' ', and parses to URI escapeAndParseURI :: Text -> Maybe EscapedURI-escapeAndParseURI = fmap EscapedURI . parseURI . escapeURIString notEscapable . unpack+escapeAndParseURI = fmap EscapedURI . parseURI . escapeURIString notEscapable . T.unpack -- | Escapes Text to be a valid nonce value escapedTextForNonce :: String -> EscapedText@@ -90,10 +90,10 @@ -- | Escapes a Text value, returning a valid Nonce nonce :: Text -> Source-nonce = Nonce . escapedTextForNonce . unpack+nonce = Nonce . escapedTextForNonce . T.unpack directiveListToHeader :: DirectiveList -> Text-directiveListToHeader = intercalate "; " . fmap textDirective+directiveListToHeader = T.intercalate "; " . fmap textDirective w :: Text -> SourceList -> Text w = wrap@@ -132,13 +132,13 @@ textSource None = "'none'" textSource Self = "'self'" textSource DataScheme = "data:"-textSource (Host x) = (pack . show) x+textSource (Host x) = (T.pack . show) x textSource Https = "https:" textSource UnsafeInline = "'unsafe-inline'" textSource UnsafeEval = "'unsafe-eval'" textSource StrictDynamic = "'strict-dynamic'" textSource (MetaSource _) = ""-textSource (Nonce x) = (pack . show) x+textSource (Nonce x) = (T.pack . show) x -- | A list of restrictions to apply. type DirectiveList = [Directive]@@ -176,7 +176,7 @@ textDirective (MediaSrc x) = w "media-src" x textDirective (FrameSrc x) = w "frame-src" x textDirective (FrameAncestors x) = w "frame-ancestors" x-textDirective (ReportUri t) = mconcat ["report-uri ", (pack . show) t]+textDirective (ReportUri t) = mconcat ["report-uri ", (T.pack . show) t] textDirective (Sandbox []) = "sandbox" textDirective (Sandbox s) = mconcat ["sandbox ", T.unwords . fmap textSandbox $ s] where textSandbox AllowForms = "allow-forms"
yesod-csp.cabal view
@@ -2,20 +2,21 @@ -- documentation, see http://haskell.org/cabal/users-guide/ name: yesod-csp-version: 0.2.5.0+version: 0.2.6.0 synopsis: Add CSP headers to Yesod apps description: Add CSP headers to Yesod apps. This helps reduce exposure to XSS attacks and bad assets. license: MIT license-file: LICENSE author: Bob Long-maintainer: robertjflong@gmail.com+maintainer: Pascal Wittmann <mail@pascal-wittmann.de> category: Web build-type: Simple cabal-version: >=1.10+extra-source-files: ./CHANGELOG.md source-repository head type: git- location: https://github.com/bobjflong/yesod-csp.git+ location: https://github.com/pSub/yesod-csp.git library exposed-modules: Yesod.Csp@@ -23,17 +24,17 @@ , Yesod.Csp.TH -- other-extensions: build-depends: base < 5- , text- , yesod-core- , semigroups- , network-uri- , yesod- , mono-traversable- , attoparsec- , template-haskell- , syb- , wai- , case-insensitive+ , text >= 2.0.2 && < 2.2+ , yesod-core >= 1.6.25 && < 1.7+ , semigroups >= 0.20 && < 0.21+ , network-uri >= 2.6.4 && < 2.7+ , yesod >= 1.6.2 && < 1.7+ , mono-traversable >= 1.0.15 && < 1.1+ , attoparsec >= 0.14.4 && < 0.15+ , template-haskell >= 2.19.0 && < 2.22+ , syb >= 0.7.2 && < 0.8+ , wai >= 3.2.3 && < 3.3+ , case-insensitive >= 1.2.1 && < 1.3 hs-source-dirs: src default-language: Haskell2010 ghc-options: -Wall