Changelog
Discover the latest updates.
What's Changed
- docs: fix typo by @lanluartes in #139
- fix(docs): default value for Permissions-Policy by @tmlmt in #148
- Install options by @Droutin in #143
- feat: basic auth exclude routes option by @alexbidenko1998 in #145
- fix: add compatibility for modern module resolutions by @kyranet in #157
New Contributors
- @lanluartes made their first contribution in #139
- @tmlmt made their first contribution in #148
- @Droutin made their first contribution in #143
- @alexbidenko1998 made their first contribution in #145
- @kyranet made their first contribution in #157
Full Changelog: https://github.com/Baroshem/nuxt-security/compare/v0.13.0...v0.13.1
🚨 Breaking Changes
This Release introduces a new approach to registering security headers and middlewares by using the routeRules. I tried my best to provide backward compatibility but you may experience issues in your projects.
Basically, the configuration provided in security object in nuxt.config.ts is now used as a global configuration while any per-route configuration is now handled by routeRules.
Check out the docs to see the changes: https://nuxt-security.vercel.app/getting-started/configuration
What's Changed
- fix: basic auth by @Baroshem in #126
- feat: #109 routeRules support by @Baroshem in #129
- feat: #116 add vitest tests by @Baroshem in #131
- 0.13.0 by @Baroshem in #130
Full Changelog: https://github.com/Baroshem/nuxt-security/compare/v0.12.0...v0.13.0
What's Changed
- documentation Fixed typo for "anti-trojan-source" by @mubaidr in #99
- Fix incorrect auth condition in basic-auth by @Tristan971 in #102
- chore: bump nuxt to 3.2.0 by @Baroshem in #105
- docs: rewrite by @Baroshem in #110
- feat: csrf by @Baroshem in #111
- docs: use security checklists by @Baroshem in #113
- feat: enable CSP for SSG by @tresko in #112
- chore: small corrections before release by @Baroshem in #115
New Contributors
- @mubaidr made their first contribution in #99
- @Tristan971 made their first contribution in #102
- @tresko made their first contribution in #112
Full Changelog: https://github.com/Baroshem/nuxt-security/compare/v0.10.2...v0.11.0
What's Changed
- Fix Module Options by @runyasak in #88
- docs: add stackblitz to repo by @Baroshem in #91
- Docs/add stackblitz to repo by @Baroshem in #92
- fix: nuxt 3.1.X x-powered-by by @Baroshem in #94
New Contributors
Full Changelog: https://github.com/Baroshem/nuxt-security/compare/v0.10.1...v0.10.2
What's Changed
- fix: use custom merger for options to avoid array values concatenation by @Qrzy in #80
- docs: add video tutorial by @Baroshem in #76
- feat: optional throw error by @Baroshem in #75
- feat: add enabled config option by @Baroshem in #72
Full Changelog: https://github.com/Baroshem/nuxt-security/compare/v0.9.0...v0.10.0
What's Changed
- chore: replace
npmwithyarnin readme by @DamianGlowala in #63 - refactor: minor improvements in
rateLimiterby @DamianGlowala in #62 - chore: lint files by @DamianGlowala in #61
- feat: improve headers config and types by @Qrzy in #65
- fix: xss protection header should be a string by @danielroe in #68
New Contributors
- @DamianGlowala made their first contribution in #63
- @danielroe made their first contribution in #68
Full Changelog: https://github.com/Baroshem/nuxt-security/compare/v0.8.0...v0.9.0
What's Changed
- docs: correct headers default config in docs by @Qrzy in #49
- Chore/0.7.0 by @Baroshem in #53
- Added new good practices docs
- Bump to Nuxt 3.0.0-rc.13
- Fixed some type issus
- Found a reason for failing on Windows - now investigating further but also found a workaround
New Contributors
Full Changelog: https://github.com/Baroshem/nuxt-security/compare/v0.6.0...v0.7.0
- Fixed issues with the module on Windows
- Fixed issues in npm page
- Added new docs about Security Good Practices
- Fixed completely hiding 'X-Powered-By' header
What's Changed
Full Changelog: https://github.com/Baroshem/nuxt-security/compare/v0.5.0...v0.6.0
What's Changed
- feat: hide powered by by @Baroshem in #36
- docs: add Good Practices section by @Baroshem in #37
- feat: add allowedMethodsRestricter by @Baroshem in #39
Full Changelog: https://github.com/Baroshem/nuxt-security/compare/v0.4.0...v0.5.0
With this version we have refactored the security header middlewares into recently released routeRoules that should be faster and easier to override by the user.
Breaking Change (potential)
If you have added a custom headers that were supposed to ovveride the the default ones.
Previously security header middleware routes were '' empty strings and it was causing the middleware to be global.
Right now, with routeRoules, the route should be /** to make it global.
What's Changed
- Docs/docus and templates by @Baroshem in #15
- docs: add Stackblitz demo by @Baroshem in #19
- feat: switched to unstorage by @Intevel in #29
- Chore/0.4.0 by @Baroshem in #33
New Contributors
Full Changelog: https://github.com/Baroshem/nuxt-security/compare/v0.3.0...v0.4.0