abrendan_dev/MicDropMessages
1
0
Fork 0
mirror of https://github.com/abrendan/MicDropMessages.git synced 2025-08-25 22:12:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
abrendan
2023-11-30 14:15:19 +00:00
commit e4599df811
5457 changed files with 500139 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
node_modules/hide-powered-by/README.md generated vendored Normal file
View File

@@ -0,0 +1,24 @@
Hide X-Powered-By
=================
[![Build Status](https://travis-ci.org/helmetjs/hide-powered-by.svg?branch=master)](https://travis-ci.org/helmetjs/hide-powered-by)
Simple middleware to remove the `X-Powered-By` HTTP header if it's set.
Hackers can exploit known vulnerabilities in Express/Node if they see that your site is powered by Express (or whichever framework you use). For example, `X-Powered-By: Express` is sent in every HTTP request coming from Express, by default. This won't provide much security benefit ([as discussed here](https://github.com/expressjs/express/pull/2813#issuecomment-159270428)), but might help a tiny bit. It will also improve performance by reducing the number of bytes sent.
```javascript
const hidePoweredBy = require('hide-powered-by')
app.use(hidePoweredBy())
```
You can also explicitly set the header to something else, if you want. This could throw people off:
```javascript
app.use(hidePoweredBy({ setTo: 'PHP 4.2.0' }))
```
Note: if you're using Express, you don't need this middleware and can just do this:
```javascript
app.disable('x-powered-by')
```