From 29bf2f57a6255fbe1f36e35f1ebbefb5d2e67c49 Mon Sep 17 00:00:00 2001 From: Andrew Lock Date: Thu, 31 Oct 2024 22:25:41 +0000 Subject: [PATCH] Update version (#207) --- CHANGELOG.md | 15 +++++++++++++++ README.md | 10 +++++----- releasenotes.props | 20 +++++++------------- version.props | 2 +- 4 files changed, 28 insertions(+), 19 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index b7ede73..190fc21 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,20 @@ # Changelog +## [v1.0.0-preview.2] + +Features: + +* Allow accessing an `IServiceProvider` when configuring a `SecurityHeaderPolicyBuilder` #200 + +Fixes: + +* Fix incorrect dependency on obsolete Microsoft.AspNetCore.Mvc.Razor package #205 (Thanks [trejjam](https://github.com/trejjam)) + +Breaking Changes: + +* Remove ambient-light-sensor=() from `DefaultSecureDirectives()` for permissions policy #203 (Thanks [damienbod](https://github.com/damienbod)!) +* Update COOP, COEP, and CORP for `AddDefaultSecurityHeaders()` and `AddDefaultApiSecurityHeaders()` #204 (Thanks [damienbod](https://github.com/damienbod)!) + ## [v1.0.0-preview.01] Features: diff --git a/README.md b/README.md index 845cd66..a0c01e6 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ PM> Install-Package NetEscapades.AspNetCore.SecurityHeaders Or using the `dotnet` CLI ```bash -dotnet add package NetEscapades.AspNetCore.SecurityHeaders --version 1.0.0-preview.1 +dotnet add package NetEscapades.AspNetCore.SecurityHeaders --version 1.0.0-preview.2 ``` ## Usage @@ -33,7 +33,7 @@ When you install the package, it should be added to your `.csproj`. Alternativel - + @@ -549,7 +549,7 @@ To use a nonce or an auto-generated hash with your ASP.NET Core application, use For example: ```bash -dotnet package add Install-Package NetEscapades.AspNetCore.SecurityHeaders.TagHelpers --version 1.0.0-preview.1 +dotnet package add Install-Package NetEscapades.AspNetCore.SecurityHeaders.TagHelpers --version 1.0.0-preview.2 ``` This adds the package to your _.csproj_ file: @@ -562,8 +562,8 @@ This adds the package to your _.csproj_ file: - - + + diff --git a/releasenotes.props b/releasenotes.props index 1b7553b..1e72c83 100644 --- a/releasenotes.props +++ b/releasenotes.props @@ -5,22 +5,16 @@ Features: -* Allow configuring "named" policies, and applying different policies to different endpoints #172, #173, #185 -* Allow customizing the `HeaderPolicyCollection` just before it is applied, customizing per request #174, #185 -* Make adding directives to `Content-Security-Policy` idempotent to avoid duplicates #169 -* Add `AddDefaultApiSecurityHeaders()` for adding default headers to APIs #183, #184 -* Add `AddPermissionsPolicyWithRecommendedDirectives()` and `PermissionsPolicyBuilder.AddDefaultSecureDirectives()` for adding secure `Permissions-Policy` directives in bulk #183, #184 -* NetEscapades.AspNetCore.SecurityHeaders now has an icon, thanks @khalidabuhakmeh! #195 +* Allow accessing an `IServiceProvider` when configuring a `SecurityHeaderPolicyBuilder` #200 + +Fixes: + +* Fix incorrect dependency on obsolete Microsoft.AspNetCore.Mvc.Razor package #205 (Thanks trejjam!) Breaking Changes: -* Drop support for .NET Standard 2.0, raises minimum framework to .NET Core 3.1 #167, #171 -* Removed "document header" functionality, in favour of always adding all headers #186 -* Remove `X-XSS-Protection` from default headers and mark obsolete #168 -* Add `cross-origin-opener-policy: same-origin` to default headers #184 -* Mark `Feature-Policy` as obsolete #187 -* Mark `Expect-CT` as obsolete #197 -* Make nonce generation lazy on call to `HttpContext.GetNonce()` #198 +* Remove ambient-light-sensor=() from `DefaultSecureDirectives()` for permissions policy #203 (Thanks damienbod!) +* Update COOP, COEP, and CORP for `AddDefaultSecurityHeaders()` and `AddDefaultApiSecurityHeaders()` #204 (Thanks damienbod!) ]]> diff --git a/version.props b/version.props index a71303f..491f2bf 100644 --- a/version.props +++ b/version.props @@ -1,6 +1,6 @@ 1.0.0 - preview.1 + preview.2 \ No newline at end of file