From 27f21a802054d448905f3d0fa935373d53f6f17a Mon Sep 17 00:00:00 2001 From: Islam Zaoui <98623858+IslamZaoui@users.noreply.github.com> Date: Sun, 29 Sep 2024 21:11:38 +0100 Subject: [PATCH] update readme & demo csp for vercel --- README.md | 9 ++++++--- apps/demo/src/app.html | 2 +- apps/demo/src/hooks.server.ts | 8 ++++---- 3 files changed, 11 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index 1f90a64..e047b0f 100644 --- a/README.md +++ b/README.md @@ -62,7 +62,7 @@ export const handle = sequence( headers: { ... } - }), + }).handle, yourOtherHandle ); ``` @@ -78,9 +78,9 @@ import { securityHeaders } from '@islamzaoui/securekit'; export const handle = securityHeaders({ headers: { 'Access-Control-Allow-Origin': 'https://yoursite.com', - 'x-sveltekit-page': null, // this will be deleted + 'x-sveltekit-page': null, // this will be deleted from response haeders }, -}); +}).handle; ``` ## Content Security Policy header @@ -98,6 +98,9 @@ your can use `csp` option in `securityHeaders` to set the `Content-Security-Poli import { securityHeaders } from '@islamzaoui/securekit'; export const handle = securityHeaders({ + headers:{ + ... + }, csp: { directives: { 'script-src': ["'self'",'https://example.com'], diff --git a/apps/demo/src/app.html b/apps/demo/src/app.html index 8b66c36..7893425 100644 --- a/apps/demo/src/app.html +++ b/apps/demo/src/app.html @@ -8,6 +8,6 @@ %sveltekit.head%
-