Get unlimited public & private packages + package-based permissions with npm Pro.Get started »

felid-helmet

1.0.0 • Public • Published

felid-helmet

npm version Build Status JavaScript Style Guide

Using Helmet middlewares in your Felid app to help improving security.

Install

npm install felid-helmet

or

yarn add felid-helmet

Usage

const Felid = require('felid')
const helmet = require('felid-helmet')
 
const app = new Felid()
app.plugin(helmet, options)

The following table displays all middlewares in Helmet, and the default ones. (Data comes from Helmet's doc)

Module Default?
contentSecurityPolicy for setting Content Security Policy
crossdomain for handling Adobe products' crossdomain requests
dnsPrefetchControl controls browser DNS prefetching
expectCt for handling Certificate Transparency
featurePolicy to limit your site's features
frameguard to prevent clickjacking
hidePoweredBy to remove the X-Powered-By header
hpkp for HTTP Public Key Pinning
hsts for HTTP Strict Transport Security
ieNoOpen sets X-Download-Options for IE8+
noCache to disable client-side caching
noSniff to keep clients from sniffing the MIME type
referrerPolicy to hide the Referer header
xssFilter adds some small XSS protections

Pass an option to the middleware:

app.use(helmet, {
  xssFilter: { mode: null }
})

Disable a default middleware:

app.use(helmet, { xssFilter: false })

To enable a middleware, you can set the property to true (and use the default option), or just pass the option to it.

app.use(helmet, {
  expectCt: { maxAge: 123 },
  hpkp: true
})

For more information, please check the official documentation of Helmet.

License

MIT

Install

npm i felid-helmet

DownloadsWeekly Downloads

1

Version

1.0.0

License

MIT

Unpacked Size

54.3 kB

Total Files

16

Last publish

Collaborators

  • avatar