minimal examples: update for CSP best practices

1) update the logos to svg 2) add svg icon for strict security policy where used 3) define new vhost option flag to enforce sending CSP headers with the result code 4) add vhost option flag to minimal examples to enforce sending CSP where applicable 5) Go through all the affecting examples confirming they still work 6) add LWS_RECOMMENDED_MIN_HEADER_SPACE constant (currently 2048) to clarify when we need a buffer to hold headers... with CSP the headers have become potentially a lot larger.
author: Andy Green <andy@warmcat.com> 2018-11-19 07:40:47 +0800
committer: Andy Green <andy@warmcat.com> 2018-11-21 17:03:29 +0800
commit: d9f982a055f24651d9a2249b38feb74e5e6032e9 (patch)
tree: 39fc43aac5f2275a3e840f1f560a890e7de66a8f /changelog
parent: ac032544bf2c09ba8935128b8cbd6a669a1b91df (diff)
download: libwebsockets-d9f982a055f24651d9a2249b38feb74e5e6032e9.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/changelog b/changelog
index e3ce5f2c..42b8fd2c 100644
--- a/changelog
+++ b/changelog
@@ -12,6 +12,11 @@ v3.1.0
  - CHANGE: CMAKE:
      - LWS_WITH_HTTP2:         now defaults ON
 
+ - CHANGE: Minimal examples updated to use Content Security Policy best
+   practices, using
+   `LWS_SERVER_OPTION_HTTP_HEADERS_SECURITY_BEST_PRACTICES_ENFORCE` vhost
+   option flag and disabling of inline style and scripts.
+
  - NEW: CMAKE
      - LWS_FOR_GITOHASHI: sets various cmake options suitable for gitohashi
      - LWS_WITH_ASAN: for Linux, enable build with ASAN
author	Andy Green <andy@warmcat.com>	2018-11-19 07:40:47 +0800
committer	Andy Green <andy@warmcat.com>	2018-11-21 17:03:29 +0800
commit	d9f982a055f24651d9a2249b38feb74e5e6032e9 (patch)
tree	39fc43aac5f2275a3e840f1f560a890e7de66a8f /changelog
parent	ac032544bf2c09ba8935128b8cbd6a669a1b91df (diff)
download	libwebsockets-d9f982a055f24651d9a2249b38feb74e5e6032e9.tar.gz