Skip to content

Commit

Permalink
fix: helmet issues (#77)
Browse files Browse the repository at this point in the history
  • Loading branch information
@cfabianski
cfabianski authored May 30, 2023
1 parent d209594 commit dc066b8
Show file tree
Hide file tree
Showing 5 changed files with 92 additions and 0 deletions.
10 changes: 10 additions & 0 deletions javascript/express/helmet_missing.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,16 @@ auxiliary:
- id: javascript_express_helmet_express_init
patterns:
- express()
- |
const $<_>: Express = $<!>$<_>
- |
($<...>$<!>$<_>: Express$<...>) => {}
- |
function ($<...>$<!>$<_>: Express$<...>) {}
- |
function $<_>($<...>$<!>$<_>: Express$<...>) {}
- |
class $<_> $<...>{ $<_>($<...>$<!>$<_>: Express$<...>) {} }
- id: javascript_express_helmet_configuration
patterns:
- helmet()
Expand Down
2 changes: 2 additions & 0 deletions javascript/express/helmet_missing/.snapshots/index.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
{}

39 changes: 39 additions & 0 deletions javascript/express/helmet_missing/testdata/index.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
import helmet, {
contentSecurityPolicy,
crossOriginEmbedderPolicy,
crossOriginOpenerPolicy,
crossOriginResourcePolicy,
dnsPrefetchControl,
frameguard,
hidePoweredBy,
hsts,
ieNoOpen,
noSniff,
originAgentCluster,
permittedCrossDomainPolicies,
referrerPolicy,
xssFilter,
} from "helmet"

import { Express } from "express"
const expressApp = express()

export const addHelmet = (app: Express) => {
app.use(helmet())
app.use(contentSecurityPolicy())
app.use(crossOriginEmbedderPolicy())
app.use(crossOriginOpenerPolicy())
app.use(crossOriginResourcePolicy())
app.use(dnsPrefetchControl())
app.use(frameguard())
app.use(hidePoweredBy())
app.use(hsts())
app.use(ieNoOpen())
app.use(noSniff())
app.use(originAgentCluster())
app.use(permittedCrossDomainPolicies())
app.use(referrerPolicy())
app.use(xssFilter())
}

addHelmet(expressApp)
2 changes: 2 additions & 0 deletions javascript/express/reduce_fingerprint/.snapshots/index.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
{}

39 changes: 39 additions & 0 deletions javascript/express/reduce_fingerprint/testdata/index.ts
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
import helmet, {
contentSecurityPolicy,
crossOriginEmbedderPolicy,
crossOriginOpenerPolicy,
crossOriginResourcePolicy,
dnsPrefetchControl,
frameguard,
hidePoweredBy,
hsts,
ieNoOpen,
noSniff,
originAgentCluster,
permittedCrossDomainPolicies,
referrerPolicy,
xssFilter,
} from "helmet"

import { Express } from "express"
const expressApp = express()

export const addHelmet = (app: Express) => {
app.use(helmet())
app.use(contentSecurityPolicy())
app.use(crossOriginEmbedderPolicy())
app.use(crossOriginOpenerPolicy())
app.use(crossOriginResourcePolicy())
app.use(dnsPrefetchControl())
app.use(frameguard())
app.use(hidePoweredBy())
app.use(hsts())
app.use(ieNoOpen())
app.use(noSniff())
app.use(originAgentCluster())
app.use(permittedCrossDomainPolicies())
app.use(referrerPolicy())
app.use(xssFilter())
}

addHelmet(expressApp)

0 comments on commit dc066b8

Please sign in to comment.