@middy/http-security-headers
Advanced tools
Applies best practice security headers to responses. It's a simplified port of HelmetJS
HTTP security headers middleware for the middy framework, the stylish Node.js middleware engine for AWS Lambda
Applies best practice security headers to responses. It's a simplified port of [HelmetJS](https://helmetjs.github.io/). See HelmetJS documentation for more details.
Applies best practice security headers to responses. It's a simplified port of HelmetJS. See HelmetJS documentation for more details.
To install this middleware you can use NPM:
npm install --save @middy/http-security-headers
dnsPrefetchControl controls browser DNS prefetchingexpectCt for handling Certificate Transparency (Future Feature)frameguard to prevent clickjackinghidePoweredBy to remove the Server/X-Powered-By headerhsts for HTTP Strict Transport SecurityieNoOpen sets X-Download-Options for IE8+noSniff to keep clients from sniffing the MIME typereferrerPolicy to hide the Referer headerxssFilter adds some small XSS protectionsconst middy = require('@middy/core')
const httpSecurityHeaders = require('@middy/http-security-headers')
const handler = middy((event, context, cb) => {
cb(null, {})
})
handler
.use(httpSecurityHeaders())
For more documentation and examples, refers to the main Middy monorepo on GitHub or Middy official website.
Everyone is very welcome to contribute to this repository. Feel free to raise issues or to submit Pull Requests.
Licensed under MIT License. Copyright (c) 2017-2018 Luciano Mammino and the Middy team.
FAQs
Applies best practice security headers to responses. It's a simplified port of HelmetJS
The npm package @middy/http-security-headers receives a total of 66,276 weekly downloads. As such, @middy/http-security-headers popularity was classified as popular.
We found that @middy/http-security-headers demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.