UNPKG

nuxt-security

Version:

🛡️ Security Module for Nuxt based on HTTP Headers and Middleware

nuxt-security.vercel.app

26 lines (25 loc) 1.17 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
import { defineNitroPlugin, setResponseHeader, removeResponseHeader, getRouteRules, getResponseHeader } from "#imports"; import { resolveSecurityRules } from "../context/index.js"; import { getNameFromKey, headerStringFromObject } from "../../../utils/headers"; export default defineNitroPlugin((nitroApp) => { nitroApp.hooks.hook("render:response", (response, { event }) => { const rules = resolveSecurityRules(event); if (rules.enabled && rules.headers) { const headers = rules.headers; Object.entries(headers).forEach(([header, value]) => { const headerName = getNameFromKey(header); if (value === false) { const { headers: standardHeaders } = getRouteRules(event); const standardHeaderValue = standardHeaders?.[headerName]; const currentHeaderValue = getResponseHeader(event, headerName); if (standardHeaderValue === currentHeaderValue) { removeResponseHeader(event, headerName); } } else { const headerValue = headerStringFromObject(header, value); setResponseHeader(event, headerName, headerValue); } }); } }); });