Secure headers
Wobe has a secure headers beforeHandler hook that allows you to set secure headers on your server. It can be considered as an equivalent of helmet for Express.
Example
ts
import { Wobe, secureHeaders } from 'wobe'
const app = new Wobe()
app.beforeHandler(
secureHeaders({
contentSecurityPolicy: {
'default-src': ["'self'"],
'report-to': 'endpoint-5',
},
}),
)
app.get('/', (req, res) => {
res.send('Hello World!')
})
app.listen(3000)Options
contentSecurityPolicy: An object that contains the content security policy directives. For more informationscrossOriginEmbedderPolicy(string) : The Cross-Origin-Embedder-Policy header value. For more informationscrossOriginOpenerPolicy(string) : The Cross-Origin-Opener-Policy header value. For more informationscrossOriginResourcePolicy(string) : The Cross-Origin-Resource-Policy header value. For more informationsreferrerPolicy(string) : The Referrer-Policy header value. For more informationsstrictTransportSecurity(string[]) : The Strict-Transport-Security header value. For more informationsxContentTypeOptions(string) : The X-Content-Type-Options header value. For more informationsxDownloadOptions(string) : The X-Download-Options header value.