You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

31 lines
846 B

  1. 'use strict'
  2. /**
  3. * Security Middleware
  4. *
  5. * @param {Express Request} req Express request object
  6. * @param {Express Response} res Express response object
  7. * @param {Function} next next callback function
  8. * @return {any} void
  9. */
  10. module.exports = function (req, res, next) {
  11. // -> Disable X-Powered-By
  12. req.app.disable('x-powered-by')
  13. // -> Disable Frame Embedding
  14. res.set('X-Frame-Options', 'deny')
  15. // -> Re-enable XSS Fitler if disabled
  16. res.set('X-XSS-Protection', '1; mode=block')
  17. // -> Disable MIME-sniffing
  18. res.set('X-Content-Type-Options', 'nosniff')
  19. // -> Disable IE Compatibility Mode
  20. res.set('X-UA-Compatible', 'IE=edge')
  21. // -> Disables referrer header when navigating to a different origin
  22. res.set('Referrer-Policy', 'same-origin')
  23. return next()
  24. }