X-Download-Options middleware

This middleware sets the X-Download-Options header to noopen to prevent Internet Explorer users from executing downloads in your site's context.

const ienoopen = require("ienoopen");
app.use(ienoopen());

Some web applications will serve untrusted HTML for download. By default, some versions of IE will allow you to open those HTML files in the context of your site, which means that an untrusted HTML page could start doing bad things in the context of your pages. For more, see this MSDN blog post.

This is pretty obscure, fixing a small bug on IE only. No real drawbacks other than performance/bandwidth of setting the headers, though.

Version	Downloads (Last 7 Days)	Tag
1.1.1	7,331	latest

Version

Downloads (Last 7 Days)

Tag

1.1.1

7,331

latest

Version	Downloads (Last 7 Days)	Published
1.1.1	7,331	4 years ago
1.1.0	100,310	6 years ago
1.0.0	24,937	9 years ago
0.1.0	883	10 years ago

Version

Downloads (Last 7 Days)

Published

1.1.1

7,331

4 years ago

1.1.0

100,310

6 years ago

1.0.0

24,937

9 years ago

0.1.0

883

10 years ago

ienoopen

X-Download-Options middleware

Versions

Current Tags

Version History

Package Sidebar

Install

Repository

Homepage

Weekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

ienoopen

X-Download-Options middleware

Versions

Current Tags

Version History

Package Sidebar

Install

Repository

Homepage

DownloadsWeekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

Weekly Downloads