Press n or j to go to the next uncovered block, b, p or k for the previous block.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 | 27x 27x 27x 27x 79x 79x 79x 79x 79x | const modern = require('../../src/modern');
const csurf = require('csurf');
const helmet = require('helmet');
module.exports = {
name: 'security',
options: {
csrf: {
env: 'SECURITY_CSRF',
default: {},
type: Object
},
contentSecurityPolicy: {
env: 'SECURITY_CONTENTSECURITYPOLICY'
},
expectCt: {
env: 'SECURITY_EXPECTCT'
},
dnsPrefetchControl: {
env: 'SECURITY_DNSPREFETCHCONTROL'
},
frameguard: {
env: 'SECURITY_FRAMEGUARD'
},
hidePoweredBy: {
env: 'SECURITY_HIDEPOWEREDBY'
},
hpkp: {
env: 'SECURITY_HPKP'
},
hsts: {
env: 'SECURITY_HSTS'
},
ieNoOpen: {
env: 'SECURITY_IENOOPEN'
},
noCache: {
env: 'SECURITY_NOCACHE'
},
noSniff: {
env: 'SECURITY_NOSNIFF'
},
referrerPolicy: {
env: 'SECURITY_REFERRERPOLICY'
},
xssFilter: {
env: 'SECURITY_XSSFILTER'
}
},
before: [
ctx => ctx.options.security && ctx.options.security.csrf
? modern(csurf(ctx.options.security.csrf))(ctx)
: false,
ctx => {
// Set the csrf for render(): https://expressjs.com/en/api.html#res.locals
Eif (ctx.req.csrfToken) {
ctx.csrf = ctx.req.csrfToken();
ctx.res.locals.csrf = ctx.csrf;
}
},
ctx => ctx.options.security ? modern(helmet(ctx.options.security))(ctx) : false
]
};
|