Skip to content

Release v1.7.0
Compare
Choose a tag to compare
@github-actions github-actions released this 13 Apr 11:10
· 1 commit to master since this release
v1.7.0
c2098d5
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

New Features

  • Added validations for cross-origin isolation headers (COEP & COOP)
  • Added two new validations value-any-of and value-one-of
  • Added the option to validate named cookies
  • Added the option to define a fallback referrer policy
  • Added the option to specify a custom severity in the rules file

Bug Fixes

  • CSP validations will now validate non-key-value directives
  • YAML keys in the rules file are no longer case sensitive
  • Value validation will now enforce an exact match against the entire value
  • X-Content-Type-Options will now only permit a single value

Other

  • Simplified the rules file. The enforce and delimiter keys has been removed
  • Condensed the report when multiple errors are reported for the same rule
  • Case is preserved in the report when returning expected values, anomalies etc.
  • Improved matching mechanism for validations to reduce false positives and false negatives
  • Updated documentation and Docstring
  • General refactoring
Assets 4
Loading