Merge pull request #31 from AnnaKudriasheva/update-version

Update package version
verygoodsecurity · Sep 13, 2021 · 74fde75 · 74fde75
2 parents f8f1c2f + ea5a4b1
commit 74fde75
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -120,6 +120,14 @@ VGSCollect.init(state => { console.log(state); });
 
 Full abilities of VGS Collect.js and integration details you can find in our [documentation](https://www.verygoodsecurity.com/docs/vgs-collect/js/integration).
 
+## CSP directives
+
+We strongly recommend to add the CSP to your application. Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. Please create CSP directives for the following domains:
+
+`connect-src https://js.verygoodvault.com https://js3.verygoodvault.com`
+`frame-src https://js.verygoodvault.com https://js3.verygoodvault.com`
+`script-src https://js.verygoodvault.com https://js3.verygoodvault.com`
+
 ## Examples
 
 - [VGS Collect + React](https://stackblitz.com/edit/vgs-collect-js-react?file=src/App.js)

diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@vgs/collect-js",
-  "version": "0.4.0",
+  "version": "0.5.0",
   "description": "VGS Collect.js script loading module",
   "license": "MIT",
   "main": "dist/index.js",