Skip to content

Commit c12cb53

Browse files
abameabame
authored
Enabling security via helmet module (#2)
* Enabling security via helmet module Implementing security via helmet module by disabling sensitive headers, taking care of CORS and XSS, enabling CSP and more.
1 parent d2a8767 commit c12cb53

File tree

3 files changed

+12
-3
lines changed

3 files changed

+12
-3
lines changed

package.json

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,10 +12,12 @@
1212
"dependencies": {
1313
"dotenv": "16.3.1",
1414
"express": "4.18.2",
15+
"helmet": "7.0.0",
1516
"nunjucks": "3.2.4"
1617
},
1718
"devDependencies": {
1819
"@types/express": "4.17.17",
20+
"@types/node": "20.3.3",
1921
"@types/nunjucks": "3.2.3",
2022
"eslint": "8.44.0",
2123
"nodemon": "2.0.22",

src/app.ts

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,16 @@
11
import dotenv from 'dotenv'
2-
32
import express from 'express'
43
import nunjucks from 'nunjucks'
4+
import helmet from 'helmet'
55
import routes from './routes'
66

77
dotenv.config()
88

99
const port = process.env.PORT ?? 3000
1010
const app = express()
1111

12+
app.use(helmet())
13+
1214
nunjucks.configure('src/views', {
1315
autoescape: true,
1416
express: app

yarn.lock

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -174,7 +174,7 @@
174174
resolved "https://registry.yarnpkg.com/@types/mime/-/mime-1.3.2.tgz#93e25bf9ee75fe0fd80b594bc4feb0e862111b5a"
175175
integrity sha512-YATxVxgRqNH6nHEIsvg6k2Boc1JHI9ZbH5iWFFv/MTkchz3b1ieGDa5T0a9RznNdI0KhVbdbWSN+KWWrQZRxTw==
176176

177-
"@types/node@*":
177+
"@types/node@*", "@types/node@20.3.3":
178178
version "20.3.3"
179179
resolved "https://registry.yarnpkg.com/@types/node/-/node-20.3.3.tgz#329842940042d2b280897150e023e604d11657d6"
180180
integrity sha512-wheIYdr4NYML61AjC8MKj/2jrR/kDQri/CIpVoZwldwhnIrD/j9jIU5bJ8yBKuB2VhpFV7Ab6G2XkBjv9r9Zzw==
@@ -484,7 +484,7 @@ doctrine@^3.0.0:
484484
dependencies:
485485
esutils "^2.0.2"
486486

487-
dotenv@^16.3.1:
487+
dotenv@16.3.1:
488488
version "16.3.1"
489489
resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-16.3.1.tgz#369034de7d7e5b120972693352a3bf112172cc3e"
490490
integrity sha512-IPzF4w4/Rd94bA9imS68tZBaYyBWSCE47V1RGuMrB94iyTOIEwRmVL2x/4An+6mETpLrKJ5hQkB8W4kFAadeIQ==
@@ -812,6 +812,11 @@ has@^1.0.3:
812812
dependencies:
813813
function-bind "^1.1.1"
814814

815+
helmet@7.0.0:
816+
version "7.0.0"
817+
resolved "https://registry.yarnpkg.com/helmet/-/helmet-7.0.0.tgz#ac3011ba82fa2467f58075afa58a49427ba6212d"
818+
integrity sha512-MsIgYmdBh460ZZ8cJC81q4XJknjG567wzEmv46WOBblDb6TUd3z8/GhgmsM9pn8g2B80tAJ4m5/d3Bi1KrSUBQ==
819+
815820
http-errors@2.0.0:
816821
version "2.0.0"
817822
resolved "https://registry.yarnpkg.com/http-errors/-/http-errors-2.0.0.tgz#b7774a1486ef73cf7667ac9ae0858c012c57b9d3"

0 commit comments

Comments
 (0)