UNPKG

micro-helmet

Version:

security headers for micro

github.com/goto-bus-stop/micro-helmet

goto-bus-stop/micro-helmet

63 lines (53 loc) 1.67 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
var tape = require('tape') var fetch = require('node-fetch') var micro = require('micro') var helmet = require('.') tape('adds security headers', function (t) { t.plan(3) var server = micro(helmet(function () { return { ok: true } })) t.on('end', server.close.bind(server)) server.listen(function () { var url = 'http://0.0.0.0:' + server.address().port fetch(url).then(function (res) { t.strictEqual(res.headers.get('X-DNS-Prefetch-Control'), 'off') t.strictEqual(res.headers.get('X-Frame-Options'), 'SAMEORIGIN') t.strictEqual(res.headers.get('X-Download-Options'), 'noopen') }) }) }) tape('supports options', function (t) { t.plan(1) var server = micro(helmet(function () { return { ok: true } }, { frameguard: { action: 'deny' } })) t.on('end', server.close.bind(server)) server.listen(function () { var url = 'http://0.0.0.0:' + server.address().port fetch(url).then(function (res) { t.strictEqual(res.headers.get('X-Frame-Options'), 'DENY') }) }) }) tape('use as utility', function (t) { t.plan(3) var server = micro(function (req, res) { return helmet.addHeaders(req, res, { frameguard: { action: 'deny' } }).then(function () { return { ok: true } }) }) t.on('end', server.close.bind(server)) server.listen(function () { var url = 'http://0.0.0.0:' + server.address().port fetch(url).then(function (res) { t.strictEqual(res.headers.get('X-DNS-Prefetch-Control'), 'off') t.strictEqual(res.headers.get('X-Frame-Options'), 'DENY') t.strictEqual(res.headers.get('X-Download-Options'), 'noopen') }) }) })