#121 Added helmet for security HTTP headers
Keith Irwin
parent
e99bafa77d
commit
bbbbb7cc5a
|
|
@ -710,6 +710,11 @@
|
|||
"resolved": "https://registry.npmjs.org/camelcase/-/camelcase-1.2.1.tgz",
|
||||
"integrity": "sha1-m7UwTS4LVmmLLHWLCKPqqdqlijk="
|
||||
},
|
||||
"camelize": {
|
||||
"version": "1.0.0",
|
||||
"resolved": "https://registry.npmjs.org/camelize/-/camelize-1.0.0.tgz",
|
||||
"integrity": "sha1-FkpUg+Yw+kMh5a8HAg5TGDGyYJs="
|
||||
},
|
||||
"caniuse-api": {
|
||||
"version": "1.6.1",
|
||||
"resolved": "https://registry.npmjs.org/caniuse-api/-/caniuse-api-1.6.1.tgz",
|
||||
|
|
@ -1059,6 +1064,11 @@
|
|||
"resolved": "https://registry.npmjs.org/content-disposition/-/content-disposition-0.5.2.tgz",
|
||||
"integrity": "sha1-DPaLud318r55YcOoUXjLhdunjLQ="
|
||||
},
|
||||
"content-security-policy-builder": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/content-security-policy-builder/-/content-security-policy-builder-2.0.0.tgz",
|
||||
"integrity": "sha512-j+Nhmj1yfZAikJLImCvPJFE29x/UuBi+/MWqggGGc515JKaZrjuei2RhULJmy0MsstW3E3htl002bwmBNMKr7w=="
|
||||
},
|
||||
"content-type": {
|
||||
"version": "1.0.4",
|
||||
"resolved": "https://registry.npmjs.org/content-type/-/content-type-1.0.4.tgz",
|
||||
|
|
@ -1333,6 +1343,11 @@
|
|||
"assert-plus": "1.0.0"
|
||||
}
|
||||
},
|
||||
"dasherize": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/dasherize/-/dasherize-2.0.0.tgz",
|
||||
"integrity": "sha1-bYCcnNDPe7iVLYD8hPoT1H3bEwg="
|
||||
},
|
||||
"date-now": {
|
||||
"version": "0.1.4",
|
||||
"resolved": "https://registry.npmjs.org/date-now/-/date-now-0.1.4.tgz",
|
||||
|
|
@ -1466,6 +1481,11 @@
|
|||
"randombytes": "2.0.5"
|
||||
}
|
||||
},
|
||||
"dns-prefetch-control": {
|
||||
"version": "0.1.0",
|
||||
"resolved": "https://registry.npmjs.org/dns-prefetch-control/-/dns-prefetch-control-0.1.0.tgz",
|
||||
"integrity": "sha1-YN20V3dOF48flBXwyrsOhbCzALI="
|
||||
},
|
||||
"doctrine": {
|
||||
"version": "2.0.2",
|
||||
"resolved": "https://registry.npmjs.org/doctrine/-/doctrine-2.0.2.tgz",
|
||||
|
|
@ -1480,6 +1500,11 @@
|
|||
"resolved": "https://registry.npmjs.org/domain-browser/-/domain-browser-1.1.7.tgz",
|
||||
"integrity": "sha1-hnqksJP6oF8d4IwG9NeyH9+GmLw="
|
||||
},
|
||||
"dont-sniff-mimetype": {
|
||||
"version": "1.0.0",
|
||||
"resolved": "https://registry.npmjs.org/dont-sniff-mimetype/-/dont-sniff-mimetype-1.0.0.tgz",
|
||||
"integrity": "sha1-WTKJDcn04vGeXrAqIAJuXl78j1g="
|
||||
},
|
||||
"dot-prop": {
|
||||
"version": "4.2.0",
|
||||
"resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-4.2.0.tgz",
|
||||
|
|
@ -2043,6 +2068,11 @@
|
|||
"fill-range": "2.2.3"
|
||||
}
|
||||
},
|
||||
"expect-ct": {
|
||||
"version": "0.1.0",
|
||||
"resolved": "https://registry.npmjs.org/expect-ct/-/expect-ct-0.1.0.tgz",
|
||||
"integrity": "sha1-UnNWeN4YUwiQ2Ne5XwrGNkCVgJQ="
|
||||
},
|
||||
"express": {
|
||||
"version": "4.16.2",
|
||||
"resolved": "https://registry.npmjs.org/express/-/express-4.16.2.tgz",
|
||||
|
|
@ -2270,6 +2300,11 @@
|
|||
"resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz",
|
||||
"integrity": "sha1-mMI9qxF1ZXuMBXPozszZGw/xjIQ="
|
||||
},
|
||||
"frameguard": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/frameguard/-/frameguard-3.0.0.tgz",
|
||||
"integrity": "sha1-e8rUae57lukdEs6zlZx4I1qScuk="
|
||||
},
|
||||
"fresh": {
|
||||
"version": "0.5.2",
|
||||
"resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz",
|
||||
|
|
@ -3344,6 +3379,42 @@
|
|||
"integrity": "sha1-k0EP0hsAlzUVH4howvJx80J+I/0=",
|
||||
"dev": true
|
||||
},
|
||||
"helmet": {
|
||||
"version": "3.12.0",
|
||||
"resolved": "https://registry.npmjs.org/helmet/-/helmet-3.12.0.tgz",
|
||||
"integrity": "sha512-CgkctpvreQLL6X3EL2Igs/92+75ZFIsrob9/Rdwf2hQCBGH/DxLk4xFPxAAl6jYnnus/YXfFEVXHEJf8TJTwlA==",
|
||||
"requires": {
|
||||
"dns-prefetch-control": "0.1.0",
|
||||
"dont-sniff-mimetype": "1.0.0",
|
||||
"expect-ct": "0.1.0",
|
||||
"frameguard": "3.0.0",
|
||||
"helmet-csp": "2.7.0",
|
||||
"hide-powered-by": "1.0.0",
|
||||
"hpkp": "2.0.0",
|
||||
"hsts": "2.1.0",
|
||||
"ienoopen": "1.0.0",
|
||||
"nocache": "2.0.0",
|
||||
"referrer-policy": "1.1.0",
|
||||
"x-xss-protection": "1.1.0"
|
||||
}
|
||||
},
|
||||
"helmet-csp": {
|
||||
"version": "2.7.0",
|
||||
"resolved": "https://registry.npmjs.org/helmet-csp/-/helmet-csp-2.7.0.tgz",
|
||||
"integrity": "sha512-IGIAkWnxjRbgMXFA2/kmDqSIrIaSfZ6vhMHlSHw7jm7Gm9nVVXqwJ2B1YEpYrJsLrqY+w2Bbimk7snux9+sZAw==",
|
||||
"requires": {
|
||||
"camelize": "1.0.0",
|
||||
"content-security-policy-builder": "2.0.0",
|
||||
"dasherize": "2.0.0",
|
||||
"lodash.reduce": "4.6.0",
|
||||
"platform": "1.3.5"
|
||||
}
|
||||
},
|
||||
"hide-powered-by": {
|
||||
"version": "1.0.0",
|
||||
"resolved": "https://registry.npmjs.org/hide-powered-by/-/hide-powered-by-1.0.0.tgz",
|
||||
"integrity": "sha1-SoWtZYgfYoV/xwr3F0oRhNzM4ys="
|
||||
},
|
||||
"hmac-drbg": {
|
||||
"version": "1.0.1",
|
||||
"resolved": "https://registry.npmjs.org/hmac-drbg/-/hmac-drbg-1.0.1.tgz",
|
||||
|
|
@ -3393,6 +3464,16 @@
|
|||
"resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.5.0.tgz",
|
||||
"integrity": "sha512-pNgbURSuab90KbTqvRPsseaTxOJCZBD0a7t+haSN33piP9cCM4l0CqdzAif2hUqm716UovKB2ROmiabGAKVXyg=="
|
||||
},
|
||||
"hpkp": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/hpkp/-/hpkp-2.0.0.tgz",
|
||||
"integrity": "sha1-EOFCJk52IVpdMMROxD3mTe5tFnI="
|
||||
},
|
||||
"hsts": {
|
||||
"version": "2.1.0",
|
||||
"resolved": "https://registry.npmjs.org/hsts/-/hsts-2.1.0.tgz",
|
||||
"integrity": "sha512-zXhh/DqgrTXJ7erTN6Fh5k/xjMhDGXCqdYN3wvxUvGUQvnxcFfUd8E+6vLg/nk3ss1TYMb+DhRl25fYABioTvA=="
|
||||
},
|
||||
"html-comment-regex": {
|
||||
"version": "1.1.1",
|
||||
"resolved": "https://registry.npmjs.org/html-comment-regex/-/html-comment-regex-1.1.1.tgz",
|
||||
|
|
@ -3495,6 +3576,11 @@
|
|||
"resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.1.8.tgz",
|
||||
"integrity": "sha1-vjPUCsEO8ZJnAfbwii2G+/0a0+Q="
|
||||
},
|
||||
"ienoopen": {
|
||||
"version": "1.0.0",
|
||||
"resolved": "https://registry.npmjs.org/ienoopen/-/ienoopen-1.0.0.tgz",
|
||||
"integrity": "sha1-NGpCj0dKrI9QzzeE6i0PFvYr2ms="
|
||||
},
|
||||
"ignore": {
|
||||
"version": "3.3.7",
|
||||
"resolved": "https://registry.npmjs.org/ignore/-/ignore-3.3.7.tgz",
|
||||
|
|
@ -4097,6 +4183,11 @@
|
|||
"resolved": "https://registry.npmjs.org/lodash.memoize/-/lodash.memoize-4.1.2.tgz",
|
||||
"integrity": "sha1-vMbEmkKihA7Zl/Mj6tpezRguC/4="
|
||||
},
|
||||
"lodash.reduce": {
|
||||
"version": "4.6.0",
|
||||
"resolved": "https://registry.npmjs.org/lodash.reduce/-/lodash.reduce-4.6.0.tgz",
|
||||
"integrity": "sha1-8atrg5KZrUj3hKu/R2WW8DuRTTs="
|
||||
},
|
||||
"lodash.uniq": {
|
||||
"version": "4.5.0",
|
||||
"resolved": "https://registry.npmjs.org/lodash.uniq/-/lodash.uniq-4.5.0.tgz",
|
||||
|
|
@ -4494,6 +4585,11 @@
|
|||
"resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.1.tgz",
|
||||
"integrity": "sha1-KzJxhOiZIQEXeyhWP7XnECrNDKk="
|
||||
},
|
||||
"nocache": {
|
||||
"version": "2.0.0",
|
||||
"resolved": "https://registry.npmjs.org/nocache/-/nocache-2.0.0.tgz",
|
||||
"integrity": "sha1-ICtIAhoMTL3i34DeFaF0Q8i0OYA="
|
||||
},
|
||||
"node-libs-browser": {
|
||||
"version": "2.1.0",
|
||||
"resolved": "https://registry.npmjs.org/node-libs-browser/-/node-libs-browser-2.1.0.tgz",
|
||||
|
|
@ -5315,6 +5411,11 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
"platform": {
|
||||
"version": "1.3.5",
|
||||
"resolved": "https://registry.npmjs.org/platform/-/platform-1.3.5.tgz",
|
||||
"integrity": "sha512-TuvHS8AOIZNAlE77WUDiR4rySV/VMptyMfcfeoMgs4P8apaZM3JrnbzBiixKUv+XR6i+BXrQh8WAnjaSPFO65Q=="
|
||||
},
|
||||
"pluralize": {
|
||||
"version": "1.2.1",
|
||||
"resolved": "https://registry.npmjs.org/pluralize/-/pluralize-1.2.1.tgz",
|
||||
|
|
@ -6124,6 +6225,11 @@
|
|||
}
|
||||
}
|
||||
},
|
||||
"referrer-policy": {
|
||||
"version": "1.1.0",
|
||||
"resolved": "https://registry.npmjs.org/referrer-policy/-/referrer-policy-1.1.0.tgz",
|
||||
"integrity": "sha1-NXdOtzW/UPtsB46DM0tHI1AgfXk="
|
||||
},
|
||||
"regenerate": {
|
||||
"version": "1.3.3",
|
||||
"resolved": "https://registry.npmjs.org/regenerate/-/regenerate-1.3.3.tgz",
|
||||
|
|
@ -7590,6 +7696,11 @@
|
|||
"ultron": "1.1.1"
|
||||
}
|
||||
},
|
||||
"x-xss-protection": {
|
||||
"version": "1.1.0",
|
||||
"resolved": "https://registry.npmjs.org/x-xss-protection/-/x-xss-protection-1.1.0.tgz",
|
||||
"integrity": "sha512-rx3GzJlgEeZ08MIcDsU2vY2B1QEriUKJTSiNHHUIem6eg9pzVOr2TL3Y4Pd6TMAM5D5azGjcxqI62piITBDHVg=="
|
||||
},
|
||||
"xdg-basedir": {
|
||||
"version": "3.0.0",
|
||||
"resolved": "https://registry.npmjs.org/xdg-basedir/-/xdg-basedir-3.0.0.tgz",
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@
|
|||
"css-loader": "^0.28.7",
|
||||
"debug": "^2.6.9",
|
||||
"express": "^4.15.5",
|
||||
"helmet": "^3.12.0",
|
||||
"jquery": "^3.2.1",
|
||||
"load-google-maps-api": "^1.0.0",
|
||||
"minifier": "^0.8.1",
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
|
||||
/* IMPORTS */
|
||||
const express = require('express')
|
||||
const helmet = helmet = require('helmet')
|
||||
const bodyParser = require('body-parser')
|
||||
const cookieParser = require('cookie-parser')
|
||||
const cookieSession = require('cookie-session')
|
||||
|
|
@ -52,7 +53,8 @@ let ready_promise_list = []
|
|||
app.set('view engine', 'html')
|
||||
}
|
||||
|
||||
/* Session */ {
|
||||
/* Express session and settings */ {
|
||||
app.use(helmet())
|
||||
app.use(cookieParser(env.cookie))
|
||||
app.use(cookieSession({
|
||||
cookie: {maxAge: 60000},
|
||||
|
|
|
|||
Loading…
Reference in New Issue