Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
helmet - npm Package Compare versions
Comparing version 0.0.1 to 0.0.2
@@ -5,3 +5,3 @@ { | ||
| "description": "Security header middleware collection for express", | ||
| "version": "0.0.1", | ||
| "version": "0.0.2", | ||
| "repository": { | ||
@@ -8,0 +8,0 @@ "url": "git://github.com/andyet/helmet.git" |
@@ -7,3 +7,10 @@ Express / Connect middleware that implement various security headers. [with sane defaults where applicable] | ||
| - xframe (X-FRAME-OPTIONS) | ||
| - iexss (X-XSS-PROTECTION for IE8+) | ||
| ## Installation | ||
| ``` | ||
| npm install helmet | ||
| ``` | ||
| ## Basic Express Usage | ||
@@ -100,6 +107,14 @@ | ||
| ## X-XSS-PROTECTION | ||
| The following example sets the X-XSS-PROTECTION: 1; mode=block header | ||
| ```javascript | ||
| helmet.iexss(); | ||
| ``` | ||
| ## To Be Implemented | ||
| - HTTP Strict Transport Security | ||
| - X-XSS-Protection for IE | ||
| - Warn when self, unsafe-inline or unsafe-eval are not single quoted | ||
@@ -106,0 +121,0 @@ - Warn when unsafe-inline or unsafe-eval are used |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.29%
9564
- Lines of code
- increased by1.26%
161
- Number of lines in readme file
- increased by13.89%
123
No dependency changes