How to use the koa-helmet.xssFilter function in koa-helmet
To help you get started, we’ve selected a few koa-helmet examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
llambda / agilegps / src / server / lib / app.js View on Github 
})
);
}
app.use(ResponseTime());
app.use(Conditional());
app.use(Etag());
// app.use(Morgan('combined'));
const koaBunyanLogger = require("koa-bunyan-logger");
app.use(koaBunyanLogger());
app.use(koaBunyanLogger.requestIdContext());
app.use(koaBunyanLogger.requestLogger());
app.use(helmet.frameguard());
app.use(helmet.xssFilter());
app.use(helmet.ieNoOpen());
app.use(Compress());
app.keys = config.cookieKeys;
// Signed-cookies session support
// app.use(session({
// maxage: null
// }, app));
app.use(BodyParser());
// turn errors into a JSON structure
app.use(async (ctx, next) => {
try {// views
app.use(function * (next) {
if (this.accepts('html', 'text/*', 'text/html')) {
yield* sendfile.call(this, indexFile)
}
})
app.use(helmet.csp({
defaultSrc: ['\'self\'', 'herokuapp.com'],
scriptSrc: ['\'self\'', '\'unsafe-inline\''],
styleSrc: ['\'self\'', '\'unsafe-inline\''],
fontSrc: ['\'self\''],
imgSrc: ['\'self\'', 'data:']
}))
app.use(helmet.xssFilter())
app.use(helmet.nosniff())
app.use(helmet.hsts({
maxAge: NINETY_DAYS_IN_MS
}))
// kick off server
if (!module.parent) {
let server = http.createServer(app.callback())
mqttBroker.attachHttpServer(server)
server.listen(config.port, function (err) {
if (err) {
return logger.error(err)
}
logger.info('app is listening on ' + config.port)koa-helmet
Security header middleware collection for koa
