Novelty Polygonal Mathematics

npm

log inorsign up
Share your code. npm Orgs help your team discover, share, and reuse code. Create a free org »

fastify-helmet

2.1.0 • Public • Published

fastify-helmet

js-standard-style Build Status Greenkeeper badge

Important security headers for Fastify. It is a port from express of helmet

Install

npm i fastify-helmet --save

Usage

Simply require this plugin, and the basic security headers will be set.

const fastify = require('fastify')()
const helmet = require('fastify-helmet')
 
fastify.register(
  helmet,
  // Example of passing an option to x-powered-by middleware
  { hidePoweredBy: { setTo: 'PHP 4.2.0' } }
)
 
fastify.listen(3000, err => {
  if (err) throw err
  console.log('Server listenting on localhost:', fastify.server.address().port)
})

How it works

fastify-helmet is a collection of 12 smaller middleware functions that set HTTP headers. Running fastify.register(helmet) will not include all of these middleware functions by default.

Module Default?
contentSecurityPolicy for setting Content Security Policy
expectCt for handling Certificate Transparency
dnsPrefetchControl controls browser DNS prefetching
frameguard to prevent clickjacking
hidePoweredBy to remove the X-Powered-By header
hpkp for HTTP Public Key Pinning
hsts for HTTP Strict Transport Security
ieNoOpen sets X-Download-Options for IE8+
noCache to disable client-side caching
noSniff to keep clients from sniffing the MIME type
referrerPolicy to hide the Referer header
xssFilter adds some small XSS protections

fastify-helmet accept the same options of Helmet, and you can see more in the helmet documentation.

License

MIT

Keywords

install

npm i fastify-helmet

Downloadsweekly downloads

1,272

version

2.1.0

license

MIT

homepage

github.com

repository

Gitgithub

last publish

collaborators

  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar
  • avatar

Test with RunKit

Report a vulnerability