Skip to content

Refactors, Features, and some small Breaking Changes

Pre-release
Pre-release
Compare
Choose a tag to compare
@AnujRNair AnujRNair released this 03 Jan 18:12
· 79 commits to master since this release
v3.0.0-beta.1
b6d8fca

Breaking Changes:

  • disableCspPlugin in HtmlWebpackPlugin options has been removed, and replaced by cspPlugin.enabled to be more inline with the enabled flag on the CspHtmlWebpackPlugin
  • Disabling the plugin in any way will now not touch the original HTML. Previously we were attempting to look for an empty CSP policy meta tag and remove that, but this will no longer be done.

New Features:

  • Policies can now be defined in the HtmlWebpackPlugin instance via cspPlugin.policy to allow individual policies to be created per HtmlWebpackPlugin
  • Nonce attrs will now be added onto externally loaded scripts
  • If no csp meta tag is defined, one will be added as the very first tag in the head of the document.
  • strict-dynamic is now backwards compatible with CSP2 by ensuring it's the last defined source in a particular policy
  • Basic policy validations are now in place to ensure that all static sources are properly quoted
Assets 2
Loading