Releases: adonisjs/shield
Releases · adonisjs/shield
Remove X-Download-Options and X-XSS-Protection headers
- One must use CSP instead of using the
X-XSS-Protection
X-Download-Options
header is not required, since it was for IE8 and no one uses IE8
Commits
Drop Node 12, bug fixes and small improvements
- chore: use the next tag for release 15acfa0
- refactor: extract CSRF exception to its own class 9835df1
- style: reformat source files 64fbf6d
- chore: remove npm-audit in favor of synk a2ec0b0
- chore: update dependencies 3c8c757
- fix: upgrade @poppinss/utils from 2.5.9 to 2.5.10 (#26) 0e67062
- chore(deps): bump highlight.js from 10.4.0 to 10.5.0 (#25) 5e629ef
- fix: upgrade helmet-csp from 3.2.0 to 3.3.1 (#24) 8497ba0
- refactor(xsrf-token): rename cookie name to all caps XSRF-TOKEN 789fd0d
- fix: upgrade ms from 2.1.2 to 2.1.3 (#21) a06d66e
- chore(deps): bump ini from 1.3.5 to 1.3.7 (#20) 937f668
update dependencies
- chore: update dependencies fa69c4e
Publish under alpha tag
update dependencies
get package ready for beta version of core
- refactor: get package ready for beta version of core 3771e85
Fix for v3.0.7
ExceptRoutes property can now use function to enable/disable CSRF per route
Fix for v3.0.5
- fix: import Env module in config file d6a8d67