UNPKG

@nosecone/sveltekit

Version:

Protect your SvelteKit application with secure headers

arcjet.com

arcjet/arcjet-js

93 lines (70 loc) 3.15 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
<a href="https://nosecone.com" target="_arcjet-home"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://arcjet.com/logo/arcjet-dark-lockup-voyage-horizontal.svg"> <img src="https://arcjet.com/logo/arcjet-light-lockup-voyage-horizontal.svg" alt="Arcjet Logo" height="128" width="auto"> </picture> </a> # `@nosecone/sveltekit` <p> <a href="https://www.npmjs.com/package/@nosecone/sveltekit"> <picture> <source media="(prefers-color-scheme: dark)" srcset="https://img.shields.io/npm/v/%40nosecone%2Fsveltekit?style=flat-square&label=%E2%9C%A6Aj&labelColor=000000&color=5C5866"> <img alt="npm badge" src="https://img.shields.io/npm/v/%40nosecone%2Fsveltekit?style=flat-square&label=%E2%9C%A6Aj&labelColor=ECE6F0&color=ECE6F0"> </picture> </a> </p> Protect your SvelteKit application with secure headers. - [npm package (`@nosecone/sveltekit`)](https://www.npmjs.com/package/@nosecone/sveltekit) - [GitHub source code (`nosecone-sveltekit/` in `arcjet/arcjet-js`)](https://github.com/arcjet/arcjet-js/tree/main/nosecone-sveltekit) ## What is this? This is our adapter to integrate Nosecone into SvelteKit. Nosecone makes it easy to add and configure security headers. This package exists so that we can provide the best possible experience to SvelteKit users. ## When should I use this? You can use this package with or without Arcjet to protect your app if you are using SvelteKit. Use [`@nosecone/next`][github-nosecone-next] if you use Next.js and use [`nosecone`][github-nosecone] itself if you use a different framework. ## Install This package is ESM only. Install with npm in Node.js: ```sh npm install @nosecone/sveltekit ``` ## Example Configure `csp` from Nosecone in `svelte.config.js`: ```diff +import { csp } from "@nosecone/sveltekit" import adapter from "@sveltejs/adapter-auto"; import { vitePreprocess } from "@sveltejs/vite-plugin-svelte"; /** @type {import('@sveltejs/kit').Config} */ const config = { kit: { // adapter-auto only supports some environments, see https://kit.svelte.dev/docs/adapter-auto for a list. // If your environment is not supported, or you settled on a specific environment, switch out the adapter. // See https://kit.svelte.dev/docs/adapters for more information about adapters. adapter: adapter(), + csp: csp(), }, // Consult https://kit.svelte.dev/docs/integrations#preprocessors // for more information about preprocessors preprocess: vitePreprocess(), }; export default config; ``` …then use `createHook` from Nosecone in a `src/hooks.server.ts` file: ```ts import { createHook } from "@nosecone/sveltekit"; import { sequence } from "@sveltejs/kit/hooks"; export const handle = sequence( createHook(), // ... other hooks can go here ); ``` ## License [Apache License, Version 2.0][apache-license] © [Arcjet Labs, Inc.][arcjet] [apache-license]: http://www.apache.org/licenses/LICENSE-2.0 [arcjet]: https://arcjet.com [github-nosecone-next]: https://github.com/arcjet/arcjet-js/tree/main/nosecone-next [github-nosecone]: https://github.com/arcjet/arcjet-js/tree/main/nosecone