-
Notifications
You must be signed in to change notification settings - Fork 4
/
manifest.yml
16 lines (16 loc) · 1.01 KB
/
manifest.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
name: netlify-build-plugin-csp-nonce
inputs:
- name: reportOnly
description: When true, uses the Content-Security-Policy-Report-Only header instead of the Content-Security-Policy header.
default: true
- name: reportUri
description: The relative or absolute URL to report any violations. If not defined, violations are reported to the __csp-violations function, which this plugin deploys.
- name: unsafeEval
description: When true, adds 'unsafe-eval' to CSP for easier adoption. Set to false to have a safer policy if your code and code dependencies does not use eval().
default: true
- name: path
description: The glob expressions of path(s) that should invoke the CSP nonce edge function. Can be a string or array of strings.
default: "/*"
- name: excludedPath
description: The glob expressions of path(s) that *should not* invoke the CSP nonce edge function. Must be an array of strings. This value gets spread with common non-html filetype extensions (*.css, *.js, *.svg, etc)
default: []