Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

nitro-helmet

Package Overview
Dependencies
Maintainers
1
Versions
5
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

nitro-helmet - npm Package Compare versions

Comparing version 0.4.0 to 0.5.0

dist/onResponseHelmetMiddleware.d.ts

4

dist/defineHelmetEventHandler.d.ts
/*****************************************************************************************************************/
/*****************************************************************************************************************/
import { type EventHandler } from 'h3';
import { type EventHandler, type EventHandlerRequest } from 'h3';
import { type H3HelmetOptions } from './internals/types';

@@ -8,3 +8,3 @@ /*****************************************************************************************************************/

/*****************************************************************************************************************/
export declare const defineHelmetEventHandler: <T extends unknown>(handler: EventHandler<T>, options?: H3HelmetOptions) => EventHandler<T>;
export declare const defineHelmetEventHandler: <TRequest extends EventHandlerRequest, TResponse extends unknown>(handler: EventHandler<TRequest, TResponse>, options?: H3HelmetOptions) => EventHandler<EventHandlerRequest, TResponse>;
/*****************************************************************************************************************/

4

dist/helmetEventHandler.d.ts
/*****************************************************************************************************************/
/*****************************************************************************************************************/
import { type EventHandler } from 'h3';
import { type EventHandler, type EventHandlerRequest } from 'h3';
import { type H3HelmetOptions } from './internals/types';
/*****************************************************************************************************************/
export declare const helmetEventHandler: <T>(handler: EventHandler<T>, options?: H3HelmetOptions) => EventHandler<T>;
export declare const helmetEventHandler: <TRequest extends EventHandlerRequest, TResponse extends unknown>(handler: EventHandler<TRequest, TResponse>, options?: H3HelmetOptions) => EventHandler<EventHandlerRequest, TResponse>;
/*****************************************************************************************************************/

142

dist/nitro-helmet.es.js

@@ -1,4 +0,5 @@

class S extends Error {
constructor() {
super(...arguments), this.statusCode = 500, this.fatal = !1, this.unhandled = !1, this.statusMessage = void 0;
var p = Object.defineProperty, y = (t, e, r) => e in t ? p(t, e, { enumerable: !0, configurable: !0, writable: !0, value: r }) : t[e] = r, s = (t, e, r) => (y(t, typeof e != "symbol" ? e + "" : e, r), r);
class X extends Error {
constructor(e, r = {}) {
super(e, r), s(this, "statusCode", 500), s(this, "fatal", !1), s(this, "unhandled", !1), s(this, "statusMessage"), s(this, "data"), s(this, "cause"), r.cause && !this.cause && (this.cause = r.cause);
}

@@ -8,97 +9,118 @@ toJSON() {

message: this.message,
statusCode: h(this.statusCode, 500)
statusCode: x(this.statusCode, 500)
};
return this.statusMessage && (e.statusMessage = X(this.statusMessage)), this.data !== void 0 && (e.data = this.data), e;
return this.statusMessage && (e.statusMessage = D(this.statusMessage)), this.data !== void 0 && (e.data = this.data), e;
}
}
S.__h3_error__ = !0;
const C = /[^\u0009\u0020-\u007E]/g;
function X(t = "") {
return t.replace(C, "");
s(X, "__h3_error__", !0);
const R = /[^\u0009\u0020-\u007E]/g;
function D(t = "") {
return t.replace(R, "");
}
function h(t, e = 200) {
function x(t, e = 200) {
return !t || (typeof t == "string" && (t = Number.parseInt(t, 10)), t < 100 || t > 999) ? e : t;
}
function p(t, e, r) {
function E(t, e, r) {
t.node.res.setHeader(e, r);
}
const n = p;
function D(t) {
return t.__is_handler__ = !0, t;
const n = E;
function A(t) {
if (typeof t == "function")
return Object.assign(t, { __is_handler__: !0 });
const e = {
onRequest: h(t.onRequest),
onBeforeResponse: h(t.onBeforeResponse)
};
return Object.assign((o) => T(o, t.handler, e), { __is_handler__: !0 });
}
function h(t) {
return t ? Array.isArray(t) ? t : [t] : void 0;
}
async function T(t, e, r) {
if (r.onRequest) {
for (const i of r.onRequest)
if (await i(t), t.handled)
return;
}
const _ = { body: await e(t) };
if (r.onBeforeResponse)
for (const i of r.onBeforeResponse)
await i(t, _);
return _.body;
}
// @license Copyright © 2021-2023 observerly
const s = " default-src 'self';base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests ".trim().replace(/\s/g, ""), y = (t, e = s) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && e && (e = s), n(t, "Content-Security-Policy", e));
const a = " default-src 'self';base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests ".trim().replace(/\s/g, ""), H = (t, e = a) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && e && (e = a), n(t, "Content-Security-Policy", e));
};
// @license Copyright © 2021-2023 observerly
const i = "require-corp", x = (t, e = i) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = i), n(t, "Cross-Origin-Embedder-Policy", e));
const f = "require-corp", w = (t, e = f) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = f), n(t, "Cross-Origin-Embedder-Policy", e));
};
// @license Copyright © 2021-2023 observerly
const a = "same-origin", E = (t, e = a) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = a), n(t, "Cross-Origin-Opener-Policy", e));
const u = "same-origin", N = (t, e = u) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = u), n(t, "Cross-Origin-Opener-Policy", e));
};
// @license Copyright © 2021-2023 observerly
const f = "same-origin", T = (t, e = f) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = f), n(t, "Cross-Origin-Resource-Policy", e));
const c = "same-origin", q = (t, e = c) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = c), n(t, "Cross-Origin-Resource-Policy", e));
};
// @license Copyright © 2021-2023 observerly
const u = "?1", _ = (t, e = u) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = u), n(t, "Origin-Agent-Cluster", e));
const d = "?1", F = (t, e = d) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = d), n(t, "Origin-Agent-Cluster", e));
};
// @license Copyright © 2021-2023 observerly
const c = "no-referrer", R = (t, e = c) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = c), n(t, "Referrer-Policy", e));
const l = "no-referrer", I = (t, e = l) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = l), n(t, "Referrer-Policy", e));
};
// @license Copyright © 2021-2023 observerly
const d = "max-age=15552000; includeSubDomains", A = (t, e = d) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = d), n(t, "Strict-Transport-Security", e));
const P = "max-age=15552000; includeSubDomains", M = (t, e = P) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = P), n(t, "Strict-Transport-Security", e));
};
// @license Copyright © 2021-2023 observerly
const l = "nosniff", H = (t, e = l) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = l), n(t, "X-Content-Type-Options", e));
const b = "nosniff", B = (t, e = b) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = b), n(t, "X-Content-Type-Options", e));
};
// @license Copyright © 2021-2023 observerly
const P = "off", N = (t, e = P) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = P), n(t, "X-DNS-Prefetch-Control", e));
const O = "off", j = (t, e = O) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = O), n(t, "X-DNS-Prefetch-Control", e));
};
// @license Copyright © 2021-2023 observerly
const O = "noopen", I = (t, e = O) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = O), n(t, "X-Download-Options", e));
const g = "noopen", z = (t, e = g) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = g), n(t, "X-Download-Options", e));
};
// @license Copyright © 2021-2023 observerly
const g = "SAMEORIGIN", M = (t, e = g) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = g), n(t, "X-Frame-Options", e));
const m = "SAMEORIGIN", $ = (t, e = m) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = m), n(t, "X-Frame-Options", e));
};
// @license Copyright © 2021-2023 observerly
const m = "none", w = (t, e = m) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = m), n(t, "X-Permitted-Cross-Domain-Policies", e));
const S = "none", L = (t, e = S) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = S), n(t, "X-Permitted-Cross-Domain-Policies", e));
};
// @license Copyright © 2021-2023 observerly
const b = "1; mode=block", F = (t, e = b) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = b), n(t, "X-XSS-Protection", e));
}, j = {
contentSecurityPolicy: s,
crossOriginEmbedderPolicy: i,
crossOriginOpenerPolicy: a,
crossOriginResourcePolicy: f,
originAgentCluster: u,
referrerPolicy: c,
strictTransportSecurity: d,
xContentTypeOptions: l,
xDNSPrefetchControl: P,
xDownloadOptions: O,
xFrameOptions: g,
xPermittedCrossDomainPolicies: m,
xXSSProtection: b
const C = "1; mode=block", G = (t, e = C) => {
typeof e == "boolean" && !e || (typeof e == "boolean" && (e = C), n(t, "X-XSS-Protection", e));
}, J = {
contentSecurityPolicy: a,
crossOriginEmbedderPolicy: f,
crossOriginOpenerPolicy: u,
crossOriginResourcePolicy: c,
originAgentCluster: d,
referrerPolicy: l,
strictTransportSecurity: P,
xContentTypeOptions: b,
xDNSPrefetchControl: O,
xDownloadOptions: g,
xFrameOptions: m,
xPermittedCrossDomainPolicies: S,
xXSSProtection: C
};
// @license Copyright © 2021-2023 observerly
const q = (t, e) => D(async (r) => {
const o = { ...j, ...e };
return y(r, o.contentSecurityPolicy), x(r, o.crossOriginEmbedderPolicy), E(r, o.crossOriginOpenerPolicy), T(r, o.crossOriginResourcePolicy), _(r, o.originAgentCluster), R(r, o.referrerPolicy), A(r, o.strictTransportSecurity), H(r, o.xContentTypeOptions), N(r, o.xDNSPrefetchControl), I(r, o.xDownloadOptions), M(r, o.xFrameOptions), w(r, o.xPermittedCrossDomainPolicies), F(r, o.xXSSProtection), t(r);
}), z = (t, e) => q(t, e);
const U = (t, e) => A((r) => {
const o = { ...J, ...e };
return H(r, o.contentSecurityPolicy), w(r, o.crossOriginEmbedderPolicy), N(r, o.crossOriginOpenerPolicy), q(r, o.crossOriginResourcePolicy), F(r, o.originAgentCluster), I(r, o.referrerPolicy), M(r, o.strictTransportSecurity), B(r, o.xContentTypeOptions), j(r, o.xDNSPrefetchControl), z(r, o.xDownloadOptions), $(r, o.xFrameOptions), L(r, o.xPermittedCrossDomainPolicies), G(r, o.xXSSProtection), t(r);
}), W = (t, e) => U(t, e);
export {
q as defineHelmetEventHandler,
z as helmetEventHandler
U as defineHelmetEventHandler,
W as helmetEventHandler
};
//# sourceMappingURL=nitro-helmet.es.js.map

30

dist/nitro-helmet.umd.js

@@ -1,16 +0,16 @@

(function(s,i){typeof exports=="object"&&typeof module<"u"?i(exports):typeof define=="function"&&define.amd?define(["exports"],i):(s=typeof globalThis<"u"?globalThis:s||self,i(s["@observerly/nitro-helmet"]={}))})(this,function(s){"use strict";class i extends Error{constructor(){super(...arguments),this.statusCode=500,this.fatal=!1,this.unhandled=!1,this.statusMessage=void 0}toJSON(){const e={message:this.message,statusCode:y(this.statusCode,500)};return this.statusMessage&&(e.statusMessage=X(this.statusMessage)),this.data!==void 0&&(e.data=this.data),e}}i.__h3_error__=!0;const p=/[^\u0009\u0020-\u007E]/g;function X(t=""){return t.replace(p,"")}function y(t,e=200){return!t||(typeof t=="string"&&(t=Number.parseInt(t,10)),t<100||t>999)?e:t}typeof setImmediate<"u"&&setImmediate;function D(t,e,r){t.node.res.setHeader(e,r)}const n=D;function x(t){return t.__is_handler__=!0,t}// @license Copyright © 2021-2023 observerly
const f=" default-src 'self';base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests ".trim().replace(/\s/g,""),E=(t,e=f)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&e&&(e=f),n(t,"Content-Security-Policy",e))};// @license Copyright © 2021-2023 observerly
const a="require-corp",T=(t,e=a)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=a),n(t,"Cross-Origin-Embedder-Policy",e))};// @license Copyright © 2021-2023 observerly
const u="same-origin",H=(t,e=u)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=u),n(t,"Cross-Origin-Opener-Policy",e))};// @license Copyright © 2021-2023 observerly
const c="same-origin",_=(t,e=c)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=c),n(t,"Cross-Origin-Resource-Policy",e))};// @license Copyright © 2021-2023 observerly
const d="?1",R=(t,e=d)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=d),n(t,"Origin-Agent-Cluster",e))};// @license Copyright © 2021-2023 observerly
const l="no-referrer",A=(t,e=l)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=l),n(t,"Referrer-Policy",e))};// @license Copyright © 2021-2023 observerly
const P="max-age=15552000; includeSubDomains",N=(t,e=P)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=P),n(t,"Strict-Transport-Security",e))};// @license Copyright © 2021-2023 observerly
const m="nosniff",M=(t,e=m)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=m),n(t,"X-Content-Type-Options",e))};// @license Copyright © 2021-2023 observerly
const g="off",I=(t,e=g)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=g),n(t,"X-DNS-Prefetch-Control",e))};// @license Copyright © 2021-2023 observerly
const O="noopen",w=(t,e=O)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=O),n(t,"X-Download-Options",e))};// @license Copyright © 2021-2023 observerly
const b="SAMEORIGIN",F=(t,e=b)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=b),n(t,"X-Frame-Options",e))};// @license Copyright © 2021-2023 observerly
const S="none",j=(t,e=S)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=S),n(t,"X-Permitted-Cross-Domain-Policies",e))};// @license Copyright © 2021-2023 observerly
const C="1; mode=block",q=(t,e=C)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=C),n(t,"X-XSS-Protection",e))},z={contentSecurityPolicy:f,crossOriginEmbedderPolicy:a,crossOriginOpenerPolicy:u,crossOriginResourcePolicy:c,originAgentCluster:d,referrerPolicy:l,strictTransportSecurity:P,xContentTypeOptions:m,xDNSPrefetchControl:g,xDownloadOptions:O,xFrameOptions:b,xPermittedCrossDomainPolicies:S,xXSSProtection:C};// @license Copyright © 2021-2023 observerly
const h=(t,e)=>x(async r=>{const o={...z,...e};return E(r,o.contentSecurityPolicy),T(r,o.crossOriginEmbedderPolicy),H(r,o.crossOriginOpenerPolicy),_(r,o.crossOriginResourcePolicy),R(r,o.originAgentCluster),A(r,o.referrerPolicy),N(r,o.strictTransportSecurity),M(r,o.xContentTypeOptions),I(r,o.xDNSPrefetchControl),w(r,o.xDownloadOptions),F(r,o.xFrameOptions),j(r,o.xPermittedCrossDomainPolicies),q(r,o.xXSSProtection),t(r)}),L=(t,e)=>h(t,e);s.defineHelmetEventHandler=h,s.helmetEventHandler=L,Object.defineProperty(s,Symbol.toStringTag,{value:"Module"})});
(function(s,f){typeof exports=="object"&&typeof module<"u"?f(exports):typeof define=="function"&&define.amd?define(["exports"],f):(s=typeof globalThis<"u"?globalThis:s||self,f(s["@observerly/nitro-helmet"]={}))})(this,function(s){"use strict";var f=Object.defineProperty,R=(t,e,r)=>e in t?f(t,e,{enumerable:!0,configurable:!0,writable:!0,value:r}):t[e]=r,i=(t,e,r)=>(R(t,typeof e!="symbol"?e+"":e,r),r);class D extends Error{constructor(e,r={}){super(e,r),i(this,"statusCode",500),i(this,"fatal",!1),i(this,"unhandled",!1),i(this,"statusMessage"),i(this,"data"),i(this,"cause"),r.cause&&!this.cause&&(this.cause=r.cause)}toJSON(){const e={message:this.message,statusCode:T(this.statusCode,500)};return this.statusMessage&&(e.statusMessage=E(this.statusMessage)),this.data!==void 0&&(e.data=this.data),e}}i(D,"__h3_error__",!0);const x=/[^\u0009\u0020-\u007E]/g;function E(t=""){return t.replace(x,"")}function T(t,e=200){return!t||(typeof t=="string"&&(t=Number.parseInt(t,10)),t<100||t>999)?e:t}typeof setImmediate>"u"||setImmediate;function H(t,e,r){t.node.res.setHeader(e,r)}const n=H;function A(t){if(typeof t=="function")return Object.assign(t,{__is_handler__:!0});const e={onRequest:y(t.onRequest),onBeforeResponse:y(t.onBeforeResponse)};return Object.assign(o=>w(o,t.handler,e),{__is_handler__:!0})}function y(t){return t?Array.isArray(t)?t:[t]:void 0}async function w(t,e,r){if(r.onRequest){for(const C of r.onRequest)if(await C(t),t.handled)return}const X={body:await e(t)};if(r.onBeforeResponse)for(const C of r.onBeforeResponse)await C(t,X);return X.body}// @license Copyright © 2021-2023 observerly
const a=" default-src 'self';base-uri 'self'; font-src 'self' https: data:; form-action 'self'; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests ".trim().replace(/\s/g,""),N=(t,e=a)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&e&&(e=a),n(t,"Content-Security-Policy",e))};// @license Copyright © 2021-2023 observerly
const u="require-corp",M=(t,e=u)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=u),n(t,"Cross-Origin-Embedder-Policy",e))};// @license Copyright © 2021-2023 observerly
const c="same-origin",q=(t,e=c)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=c),n(t,"Cross-Origin-Opener-Policy",e))};// @license Copyright © 2021-2023 observerly
const d="same-origin",F=(t,e=d)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=d),n(t,"Cross-Origin-Resource-Policy",e))};// @license Copyright © 2021-2023 observerly
const l="?1",I=(t,e=l)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=l),n(t,"Origin-Agent-Cluster",e))};// @license Copyright © 2021-2023 observerly
const b="no-referrer",j=(t,e=b)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=b),n(t,"Referrer-Policy",e))};// @license Copyright © 2021-2023 observerly
const P="max-age=15552000; includeSubDomains",B=(t,e=P)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=P),n(t,"Strict-Transport-Security",e))};// @license Copyright © 2021-2023 observerly
const m="nosniff",z=(t,e=m)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=m),n(t,"X-Content-Type-Options",e))};// @license Copyright © 2021-2023 observerly
const O="off",$=(t,e=O)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=O),n(t,"X-DNS-Prefetch-Control",e))};// @license Copyright © 2021-2023 observerly
const g="noopen",L=(t,e=g)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=g),n(t,"X-Download-Options",e))};// @license Copyright © 2021-2023 observerly
const S="SAMEORIGIN",G=(t,e=S)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=S),n(t,"X-Frame-Options",e))};// @license Copyright © 2021-2023 observerly
const h="none",J=(t,e=h)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=h),n(t,"X-Permitted-Cross-Domain-Policies",e))};// @license Copyright © 2021-2023 observerly
const p="1; mode=block",U=(t,e=p)=>{typeof e=="boolean"&&!e||(typeof e=="boolean"&&(e=p),n(t,"X-XSS-Protection",e))},W={contentSecurityPolicy:a,crossOriginEmbedderPolicy:u,crossOriginOpenerPolicy:c,crossOriginResourcePolicy:d,originAgentCluster:l,referrerPolicy:b,strictTransportSecurity:P,xContentTypeOptions:m,xDNSPrefetchControl:O,xDownloadOptions:g,xFrameOptions:S,xPermittedCrossDomainPolicies:h,xXSSProtection:p};// @license Copyright © 2021-2023 observerly
const _=(t,e)=>A(r=>{const o={...W,...e};return N(r,o.contentSecurityPolicy),M(r,o.crossOriginEmbedderPolicy),q(r,o.crossOriginOpenerPolicy),F(r,o.crossOriginResourcePolicy),I(r,o.originAgentCluster),j(r,o.referrerPolicy),B(r,o.strictTransportSecurity),z(r,o.xContentTypeOptions),$(r,o.xDNSPrefetchControl),L(r,o.xDownloadOptions),G(r,o.xFrameOptions),J(r,o.xPermittedCrossDomainPolicies),U(r,o.xXSSProtection),t(r)}),K=(t,e)=>_(t,e);s.defineHelmetEventHandler=_,s.helmetEventHandler=K,Object.defineProperty(s,Symbol.toStringTag,{value:"Module"})});
//# sourceMappingURL=nitro-helmet.umd.js.map

4

package.json
{
"name": "nitro-helmet",
"version": "0.4.0",
"version": "0.5.0",
"description": "observerly's Helemt (HTTP security headers) event handler for the Nitro web server",

@@ -41,3 +41,3 @@ "private": false,

"dependencies": {
"h3": "^1.6.6",
"h3": "^1.8.1",
"ufo": "^1.1.2"

@@ -44,0 +44,0 @@ },

23

README.md

@@ -27,2 +27,18 @@ # nitro Helmet-esque Security Headers

To get started, you can enable CORS on a specific event handler by using the object syntax definitions intorduced in nitro v2.6.0 and h3 v1.8.0 as follows:
```ts
import { helmet } from 'nitro-helmet'
export default eventHandler({
onResponse: helmet({
crossOriginResourcePolicy: 'cross-origin'
// ... add your options overrides here
}),
async handler(event) {
return 'Hello Helmet!'
}
})
```
nitro-helmet aims to provide a simple wrapper to define standard security headers for any event handler per nitro event handler, or per route. To use it, simply import the `defineHelmetEventHandler` function and wrap your event handler with it as follows:

@@ -84,1 +100,8 @@

- `options`: the options to pass to the cors handler of type `H3HelmetOptions`.
## Acknowledgements
This library would not be possible if it were not for standing on the shoulders of these giants:
- [h3](https://github.com/unjs)
- [helmet.js](https://helmetjs.github.io)
dist/nitro-helmet.es.js.map

Sorry, the diff of this file is not supported yet

dist/nitro-helmet.umd.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc