tl-shared-security/dist/frontend/helmetConfig.js

Enterprise-grade security module for frontend and backend applications with comprehensive protection against XSS, CSRF, SQL injection, and other security vulnerabilities

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.applyFrontendSecurityHeaders = void 0;
const applyFrontendSecurityHeaders = (helmet) => {
    return helmet({
        contentSecurityPolicy: {
            useDefaults: true,
            directives: {
                defaultSrc: ["'self'"],
                scriptSrc: ["'self'"],
                styleSrc: ["'self'", "'unsafe-inline'"],
                imgSrc: ["'self'", "data:"],
                connectSrc: ["'self'"],
            }
        },
        referrerPolicy: { policy: 'no-referrer' }
    });
};
exports.applyFrontendSecurityHeaders = applyFrontendSecurityHeaders;
//# sourceMappingURL=helmetConfig.js.map