1. Advisor
  2. koa-helmet
  3. functions
  4. koa-helmet.csp
View all koa-helmet analysis

How to use the koa-helmet.csp function in koa-helmet

To help you get started, we’ve selected a few koa-helmet examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github hekike / scrumban / server / server.js View on Github external
app.use(serverUtils.conditionalMw(/^\/[images|css|scripts]/, serveMW))
app.use(serverUtils.conditionalMw(/mqtt.js$/, serveMqttMW))

// routers
app.use(routes.public.middleware())
app.use(routes.secured.middleware())

// views
app.use(function * (next) {
  if (this.accepts('html', 'text/*', 'text/html')) {
    yield* sendfile.call(this, indexFile)
  }
})

app.use(helmet.csp({
  defaultSrc: ['\'self\'', 'herokuapp.com'],
  scriptSrc: ['\'self\'', '\'unsafe-inline\''],
  styleSrc: ['\'self\'', '\'unsafe-inline\''],
  fontSrc: ['\'self\''],
  imgSrc: ['\'self\'', 'data:']
}))

app.use(helmet.xssFilter())
app.use(helmet.nosniff())
app.use(helmet.hsts({
  maxAge: NINETY_DAYS_IN_MS
}))

// kick off server
if (!module.parent) {
  let server = http.createServer(app.callback())
github marmelab / ZeroDollarHomePage / src / api / server.js View on Github external
const errorDetails = {
        status: ctx.status,
        error: err.message,
        stack: err.stack,
        err: err,
    };

    httpLogger.log('error', typeof ctx.request !== 'undefined' ? ctx.request.url : '', errorDetails);
});

// XmlHttpRequest shim for IE
app.use(xdomainRoute);

// Security headers
app.use(koaHelmet());
app.use(koaHelmet.csp({ directives: { defaultSrc: ["'self'"] } }));
app.use(koaHelmet.frameguard('deny'));
app.use(koaMount('/', koaCors({
    credentials: true,
    headers: [
        'Authorization',
        'Content-Disposition',
        'Content-Type',
        'X-Entities',
    ],
    methods: [
        'DELETE',
        'GET',
        'POST',
        'PUT',
    ],
    origin: (request) => {
github marmelab / javascript-boilerplate / src / api / server.js View on Github external
const errorDetails = {
        status: ctx.status,
        error: err.message,
        stack: err.stack,
        err: err,
    };

    httpLogger.log('error', typeof ctx.request !== 'undefined' ? ctx.request.url : '', errorDetails);
});

// XmlHttpRequest shim for IE
app.use(xdomainRoute);

// Security headers
app.use(koaHelmet());
app.use(koaHelmet.csp({ directives: { defaultSrc: ["'self'"] } }));
app.use(koaHelmet.frameguard('deny'));
app.use(koaMount('/', koaCors({
    credentials: true,
    headers: [
        'Authorization',
        'Content-Disposition',
        'Content-Type',
        'X-Entities',
    ],
    methods: [
        'DELETE',
        'GET',
        'POST',
        'PUT',
    ],
    origin: (request) => {

koa-helmet

Security header middleware collection for koa

GitHub
MIT
Latest version published 1 day ago

Package Health Score

71 / 100
Full package analysis

Popular koa-helmet functions

Similar packages