UNPKG

alepha

Version:

Alepha is a convention-driven TypeScript framework for building robust, end-to-end type-safe applications, from serverless APIs to full-stack React apps.

github.com/feunard/alepha

feunard/alepha

69 lines (68 loc) 2.42 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
import * as _alepha_core1 from "alepha"; import { Alepha } from "alepha"; //#region src/providers/ServerHelmetProvider.d.ts type CspDirective = string | string[]; interface CspDirectives { "default-src"?: CspDirective; "script-src"?: CspDirective; "style-src"?: CspDirective; "img-src"?: CspDirective; "connect-src"?: CspDirective; "font-src"?: CspDirective; "object-src"?: CspDirective; "media-src"?: CspDirective; "frame-src"?: CspDirective; sandbox?: CspDirective | boolean; "report-uri"?: string; "child-src"?: CspDirective; "form-action"?: CspDirective; "frame-ancestors"?: CspDirective; "plugin-types"?: CspDirective; "base-uri"?: CspDirective; [key: string]: CspDirective | undefined | boolean; } interface CspOptions { directives: CspDirectives; } interface HstsOptions { maxAge?: number; includeSubDomains?: boolean; preload?: boolean; } interface HelmetOptions { isSecure?: boolean; strictTransportSecurity?: HstsOptions | false; xContentTypeOptions?: false; xFrameOptions?: "DENY" | "SAMEORIGIN" | false; xXssProtection?: false; contentSecurityPolicy?: CspOptions | false | "default"; referrerPolicy?: "no-referrer" | "no-referrer-when-downgrade" | "origin" | "origin-when-cross-origin" | "same-origin" | "strict-origin" | "strict-origin-when-cross-origin" | "unsafe-url" | false; } /** * Provides a configurable way to apply essential HTTP security headers * to every server response, without external dependencies. */ declare class ServerHelmetProvider { protected readonly alepha: Alepha; /** * The configuration options. These can be overridden during * the application's configuration phase using `alepha.configure()`. */ options: HelmetOptions; protected defaultCspDirectives(): CspDirectives; protected buildHeaders(): Record<string, string>; protected readonly onResponse: _alepha_core1.HookDescriptor<"server:onResponse">; } //#endregion //#region src/index.d.ts /** * Automatically adds important HTTP security headers to every response * to help protect your application from common web vulnerabilities. * * @see {@link ServerHelmetProvider} * @module alepha.server.helmet */ declare const AlephaServerHelmet: _alepha_core1.Service<_alepha_core1.Module>; //#endregion export { AlephaServerHelmet, CspDirectives, CspOptions, HelmetOptions, HstsOptions, ServerHelmetProvider }; //# sourceMappingURL=index.d.ts.map