blockade
TypeScript icon, indicating that this package has built-in type declarations

1.0.4 • Public • Published

Blockade

version Types License Style

Blockade ⚓️ is a lightweight package that adds optional security headers and cookie attributes for Node.js web frameworks.

Security HTTP headers and cookie attributes help enhance the security of your web application by enabling built-in browser security mechanisms.

Supported Node.js web frameworks:

AdonisJs, Express, Fastify, hapi, Koa, Meteor, Nest, Polka, restify, Sails, Total.js

Install

$ npm i blockade

After installing Blockade:

const blockade = require("blockade");
 
const secureHeaders = new blockade.SecureHeaders();
const secureCookie = new blockade.SecureCookie();
 

Secure Headers

### Example secureHeaders.framework(response);

Default HTTP response headers:

Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Cache-control: no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Expires: 0

Secure Cookie

Example

secureCookie.framework(response, "foo", "bar");

Default Set-Cookie HTTP response header:

Set-Cookie: foo=bar; Path=/; secure; HttpOnly; SameSite=lax

Documentation

Please see the full set of documentation at https://blockadejs.readthedocs.io

Resources

/blockade/

    Package Sidebar

    Install

    npm i blockade

    Weekly Downloads

    8

    Version

    1.0.4

    License

    MIT

    Unpacked Size

    45.2 kB

    Total Files

    17

    Last publish

    Collaborators

    • cakinney