deps: serve-static@1.14.1

2025-12-06 12:19:51 +01:00 · 2019-05-11 19:29:33 -04:00 · 2019-05-11 19:29:33 -04:00 · 88f9733ffa
commit 88f9733ffa
parent 8267c4b724
3 changed files with 5 additions and 4 deletions
--- a/History.md
+++ b/History.md
@ -35,9 +35,10 @@ unreleased
    - deps: range-parser@~1.2.1
    - deps: statuses@~1.5.0
    - perf: remove redundant `path.normalize` call
-  * deps: serve-static@1.14.0
+  * deps: serve-static@1.14.1
+    - Set stricter CSP header in redirect response
    - deps: parseurl@~1.3.3
-    - deps: send@0.17.0
+    - deps: send@0.17.1
  * deps: setprototypeof@1.1.1
  * deps: statuses@~1.5.0
    - Add `103 Early Hints`
--- a/package.json
+++ b/package.json
@ -51,7 +51,7 @@
    "range-parser": "~1.2.0",
    "safe-buffer": "5.1.2",
    "send": "0.17.1",
-    "serve-static": "1.14.0",
+    "serve-static": "1.14.1",
    "setprototypeof": "1.1.1",
    "statuses": "~1.5.0",
    "type-is": "~1.6.18",
--- a/test/express.static.js
+++ b/test/express.static.js
@ -513,7 +513,7 @@ describe('express.static()', function () {
    it('should respond with default Content-Security-Policy', function (done) {
      request(this.app)
        .get('/users')
-        .expect('Content-Security-Policy', "default-src 'self'")
+        .expect('Content-Security-Policy', "default-src 'none'")
        .expect(301, done)
    })