We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Secure and harden the ExpressJS middleware. Third-party modules can be used. The following security features need to be covered.
Content-Security-Policy
Expect-CT
X-DNS-Prefetch-Control
X-Frame-Options
X-Powered-By
Public-Key-Pins
X-Download-Options
Cache-Control
Surrogate-Control
Pragma
Expires
X-Content-Type-Options
Referrer-Policy
X-XSS-Protection
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Secure and harden the ExpressJS middleware. Third-party modules can be used. The following security features need to be covered.
Content-Security-Policy
header for Cross-Site Scripting (XSS) attacksExpect-CT
header for Certificate TransparencyX-DNS-Prefetch-Control
header to control browser DNS prefetchingX-Frame-Options
header to prevent clickjacking attacksX-Powered-By
header to prevent hackers from exploiting vulnerabilities in Express and NodePublic-Key-Pins
header to prevent person-in-the-middle attacksX-Download-Options
header to prevent IE from opening untrusted HTML filesCache-Control
,Surrogate-Control
,Pragma
andExpires
headers to prevent users from getting cached versions of your filesX-Content-Type-Options
header to prevent browsers from trying to guess the MIME type, which can have security implicationsReferrer-Policy
header to prevent knowing where a user is referred fromX-XSS-Protection
header to prevent reflected XSS attacksThe text was updated successfully, but these errors were encountered: