helmet: Allow referrerPolicy.policy to be an array of strings#44235
helmet: Allow referrerPolicy.policy to be an array of strings#44235elibarzilay merged 2 commits intoDefinitelyTyped:masterfrom TDurrr1:master
Conversation
…ill result in a comma-separated list of policies, where the last policy understood by the browser would be the one applied. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy, "Specifying a fallback policy".
|
👋 Hi there! I’ve run some quick measurements against master and your PR. These metrics should help the humans reviewing this PR gauge whether it might negatively affect compile times or editor responsiveness for users who install these typings. Let’s review the numbers, shall we? Comparison details 📊
It looks like nothing changed too much. I won’t post performance data again unless it gets worse. |
typescript-bot
added
Perf: Same
|
@TDurrr1 Thank you for submitting this PR! 🔔 @cyrilschumacher @EvanHahn @BlueHatbRit @chdanielmueller - please review this PR in the next few days. Be sure to explicitly select If no reviewer appears after a week, a DefinitelyTyped maintainer will review the PR instead. |
typescript-bot
added
Owner Approved
|
A definition owner has approved this PR ⭐️. A maintainer will merge this PR shortly. If it shouldn't be merged yet, please leave a comment saying so and we'll wait. Thank you for your contribution to DefinitelyTyped! |
|
I just published |
…telyTyped#44235) * Setting a referrer policy as an array of strings is permitted. This will result in a comma-separated list of policies, where the last policy understood by the browser would be the one applied. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy, "Specifying a fallback policy". * Added a test for when referrerPolicy.policy is an array of strings.
4 participants
(Let me know if I’ve broken any rules with the way I’ve done this. I’m still pretty new to it all 😁)
Setting a referrer policy as an array of strings is permitted. This will result in a comma-separated list of policies, where the last policy understood by the browser would be the one applied. See MDN on the Referrer-Policy header as well as Helmet’s documentation (near the bottom).
This is a setup I’ve been using on monicajean.photography successfully, so I can confirm that it works in the wild as well.
npm test.)npm run prettier -- --write types/helmet/**/*.ts, but it changed quite a few lines of code that weren’t mine, and that didn’t seem like a good idea, so I went without. Also, it recommends usingReadonlyArrayoverstring[]when the array’s parameters won’t be written to; I went for style consistency and usedstring[]so it would match the rest of the file.npm run lint package-name(ortscif notslint.jsonis present).Select one of these and delete the others:
If changing an existing definition:
Referrer-Policyheader fallbacksReferrer-Policystrings near the bottomtslint.jsoncontaining{ "extends": "dtslint/dt.json" }. If for reason the any rule need to be disabled, disable it for that line using// tslint:disable-next-line [ruleName]and not for whole package so that the need for disabling can be reviewed. (This change is pretty minor.)