@nosecone/next

@nosecone/next

Protect your Next.js application with secure headers.

• npm package (@nosecone/next)
• GitHub source code (nosecone-next/ in arcjet/arcjet-js)

What is this?

This is our adapter to integrate Nosecone into Next.js. Nosecone makes it easy to add and configure security headers. This package exists so that we can provide the best possible experience to Next users.

When should I use this?

You can use this package with or without Arcjet to protect your app if you are using Next.js. Use @nosecone/sveltekit if you use Sveltekit and use nosecone itself if you use a different framework.

Install

This package is ESM only. Install with npm in Node.js:

npm install @nosecone/next

Use

Configure Nosecone in a middleware.ts file:

import { createMiddleware } from "@nosecone/next";

export const config = {
  // matcher tells Next.js to run middleware on all routes
  matcher: ["/(.*)"],
};

export default createMiddleware();

…then use connection from next/server in app/layout.tsx:

+import { connection } from "next/server";

 export default async function RootLayout({
   children,
 }: {
   children: React.ReactNode;
 }) {
+  // Opt-out of static generation for every page so the CSP nonce can be applied
+  await connection()

   return (
     <html lang="en">
       <body className={inter.className}>{children}</body>
     </html>
   );
 }

License

Apache License, Version 2.0 © Arcjet Labs, Inc.