mirror of
https://github.com/abrendan/MicDropMessages.git
synced 2025-06-17 13:15:00 +02:00
64 lines
1.4 KiB
JavaScript
64 lines
1.4 KiB
JavaScript
const modern = require('../../src/modern');
|
|
const csurf = require('csurf');
|
|
const helmet = require('helmet');
|
|
|
|
module.exports = {
|
|
name: 'security',
|
|
options: {
|
|
csrf: {
|
|
env: 'SECURITY_CSRF',
|
|
default: {},
|
|
type: Object
|
|
},
|
|
contentSecurityPolicy: {
|
|
env: 'SECURITY_CONTENTSECURITYPOLICY'
|
|
},
|
|
expectCt: {
|
|
env: 'SECURITY_EXPECTCT'
|
|
},
|
|
dnsPrefetchControl: {
|
|
env: 'SECURITY_DNSPREFETCHCONTROL'
|
|
},
|
|
frameguard: {
|
|
env: 'SECURITY_FRAMEGUARD'
|
|
},
|
|
hidePoweredBy: {
|
|
env: 'SECURITY_HIDEPOWEREDBY'
|
|
},
|
|
hpkp: {
|
|
env: 'SECURITY_HPKP'
|
|
},
|
|
hsts: {
|
|
env: 'SECURITY_HSTS'
|
|
},
|
|
ieNoOpen: {
|
|
env: 'SECURITY_IENOOPEN'
|
|
},
|
|
noCache: {
|
|
env: 'SECURITY_NOCACHE'
|
|
},
|
|
noSniff: {
|
|
env: 'SECURITY_NOSNIFF'
|
|
},
|
|
referrerPolicy: {
|
|
env: 'SECURITY_REFERRERPOLICY'
|
|
},
|
|
xssFilter: {
|
|
env: 'SECURITY_XSSFILTER'
|
|
}
|
|
},
|
|
before: [
|
|
ctx => ctx.options.security && ctx.options.security.csrf
|
|
? modern(csurf(ctx.options.security.csrf))(ctx)
|
|
: false,
|
|
ctx => {
|
|
// Set the csrf for render(): https://expressjs.com/en/api.html#res.locals
|
|
if (ctx.req.csrfToken) {
|
|
ctx.csrf = ctx.req.csrfToken();
|
|
ctx.res.locals.csrf = ctx.csrf;
|
|
}
|
|
},
|
|
ctx => ctx.options.security ? modern(helmet(ctx.options.security))(ctx) : false
|
|
]
|
|
};
|