UNPKG

myex-cli

Version:

Opinionated Express.js framework with CLI tools

34 lines (33 loc) 904 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
import helmet from 'helmet'; /** * Configure Helmet middleware for Express * @param {import('express').Application} app - Express application */ export const configureHelmet = (app) => { // Apply helmet with customized settings app.use( helmet({ contentSecurityPolicy: { directives: { defaultSrc: ["'self'"], scriptSrc: ["'self'", "'unsafe-inline'"], styleSrc: ["'self'", "'unsafe-inline'"], imgSrc: ["'self'", 'data:'], connectSrc: ["'self'"], fontSrc: ["'self'"], objectSrc: ["'none'"], mediaSrc: ["'self'"], frameSrc: ["'none'"], }, }, xssFilter: true, noSniff: true, referrerPolicy: { policy: 'no-referrer' }, hsts: { maxAge: 15552000, // 180 days in seconds includeSubDomains: true, preload: true, }, }) ); };