Product
Socket Now Supports uv.lock Files
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
By Trevor Norris - Jan 09, 2025
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@middy/http-security-headers
Advanced tools
@middy/http-security-headers
Applies best practice security headers to responses. It's a simplified port of HelmetJS
Middy http-security-headers middleware
HTTP security headers middleware for the middy framework, the stylish Node.js middleware engine for AWS Lambda
Applies best practice security headers to responses. It's a simplified port of [HelmetJS](https://helmetjs.github.io/). See HelmetJS documentation for more details.
Applies best practice security headers to responses. It's a simplified port of HelmetJS. See HelmetJS documentation for more details.
Install
To install this middleware you can use NPM:
npm install --save @middy/http-security-headers
Options
dnsPrefetchControlcontrols browser DNS prefetchingexpectCtfor handling Certificate Transparency (Future Feature)frameguardto prevent clickjackinghidePoweredByto remove the Server/X-Powered-By headerhstsfor HTTP Strict Transport SecurityieNoOpensets X-Download-Options for IE8+noSniffto keep clients from sniffing the MIME typereferrerPolicyto hide the Referer headerxssFilteradds some small XSS protections
Sample usage
import middy from '@middy/core'
import httpSecurityHeaders from '@middy/http-security-headers'
const handler = middy((event, context) => {
return {}
})
handler
.use(httpSecurityHeaders())
Middy documentation and examples
For more documentation and examples, refers to the main Middy monorepo on GitHub or Middy official website.
Contributing
Everyone is very welcome to contribute to this repository. Feel free to raise issues or to submit Pull Requests.
License
Licensed under MIT License. Copyright (c) 2017-2021 Luciano Mammino, will Farrell, and the Middy team.
FAQs
Applies best practice security headers to responses. It's a simplified port of HelmetJS
The npm package @middy/http-security-headers receives a total of 26,406 weekly downloads. As such, @middy/http-security-headers popularity was classified as popular.
We found that @middy/http-security-headers demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 26 Apr 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Gmail For Exfiltration: Malicious npm Packages Target Solana Private Keys and Drain Victims' Wallets
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.
By Kirill Boychenko - Jan 08, 2025
Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
By Sarah Gooding - Jan 07, 2025