From 2d5708eb387c02e185c5cc1662a4a292e1fbedb6 Mon Sep 17 00:00:00 2001 From: jsip Date: Tue, 5 Dec 2023 15:23:11 -0500 Subject: [PATCH 1/3] feat: Enable useStrictCSP for cssInjectedByJsPlugin --- vite.config.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vite.config.js b/vite.config.js index c4d7bd1..249c938 100644 --- a/vite.config.js +++ b/vite.config.js @@ -19,5 +19,5 @@ export default { VERSION: JSON.stringify(VERSION), }, - plugins: [cssInjectedByJsPlugin()], + plugins: [cssInjectedByJsPlugin({useStrictCSP: true})], }; From 37feca29acb4e4a9c5bbce6a62dc313de4bd2a08 Mon Sep 17 00:00:00 2001 From: jsip Date: Tue, 5 Dec 2023 15:58:53 -0500 Subject: [PATCH 2/3] docs: Update README.md concerning CSP (nonce) --- README.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.md b/README.md index 032b294..f564bb4 100644 --- a/README.md +++ b/README.md @@ -80,6 +80,10 @@ This Tool returns `data` in the following format } ``` +## CSP support + +If you're using Content Security Policy (CSP) pass a `nonce` via [``](https://github.com/marco-prontera/vite-plugin-css-injected-by-js#usestrictcsp-boolean) in your document head. + # Support maintenance 🎖 If you're using this tool and editor.js in your business, please consider supporting their maintenance and evolution. From 7395053dd2bc0da15252da713f74b56866558deb Mon Sep 17 00:00:00 2001 From: jsip Date: Wed, 6 Dec 2023 10:35:45 -0500 Subject: [PATCH 3/3] chore: Bump from 2.3.0 to 2.3.1 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 0969f8b..13fc359 100644 --- a/package.json +++ b/package.json @@ -1,7 +1,7 @@ { "name": "@editorjs/table", "description": "Table for Editor.js", - "version": "2.3.0", + "version": "2.3.1", "license": "MIT", "repository": "https://github.com/editor-js/table", "files": [