UNPKG

next-secure-headers

Version:

Sets secure response headers for Next.js.

github.com/jagaapple/next-secure-headers

jagaapple/next-secure-headers

27 lines (26 loc) 1.1 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.createXSSProtectionHeader = exports.createXXSSProtectionHeaderValue = void 0; const shared_1 = require("./shared"); const headerName = "X-XSS-Protection"; const createXXSSProtectionHeaderValue = (option, strictURIEncoder = shared_1.encodeStrictURI) => { if (option == undefined) return "1"; if (option === false) return "0"; if (option === "sanitize") return "1"; if (option === "block-rendering") return "1; mode=block"; if (Array.isArray(option)) { if (option[0] === "report") return `1; report=${strictURIEncoder(option[1].uri)}`; } throw new Error(`Invalid value for ${headerName}: ${option}`); }; exports.createXXSSProtectionHeaderValue = createXXSSProtectionHeaderValue; const createXSSProtectionHeader = (option, headerValueCreator = exports.createXXSSProtectionHeaderValue) => { const value = headerValueCreator(option); return { name: headerName, value }; }; exports.createXSSProtectionHeader = createXSSProtectionHeader;