nestjs-security-module/src/security/security.config.ts

A plug-and-play NestJS security module with CORS, Helmet, rate limiting, audit logging, CSP, XSS sanitization, and more.

export interface SecurityModuleOptions {
  helmet?: boolean;
  cors?: boolean | Record<string, any>;
  rateLimit?: {
    windowMs: number;
    max: number;
  };
  auditLog?: boolean;
  csp?: boolean | Record<string, any>; // ✅ CSP eklendi
  sanitize?: boolean; // ✅ yeni eklendi
  // ✅ Yeni gelişmiş güvenlik başlıkları
  referrerPolicy?: boolean | Record<string, any>;
  xFrameOptions?: boolean | 'DENY' | 'SAMEORIGIN';
  hsts?: boolean | Record<string, any>;
  xContentTypeOptions?: boolean;
  expectCt?: boolean | Record<string, any>;
  permissionsPolicy?: boolean | Record<string, string[]>;
  crossOriginEmbedderPolicy?: boolean | Record<string, any>;
}