We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Secure and harden the ExpressJS middleware. Third-party modules can be used. The following security features need to be covered.
Content-Security-Policy
Expect-CT
X-DNS-Prefetch-Control
X-Frame-Options
X-Powered-By
Public-Key-Pins
X-Download-Options
Cache-Control
Surrogate-Control
Pragma
Expires
X-Content-Type-Options
Referrer-Policy
X-XSS-Protection
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Secure and harden the ExpressJS middleware. Third-party modules can be used. The following security features need to be covered.
Content-Security-Policyheader for Cross-Site Scripting (XSS) attacksExpect-CTheader for Certificate TransparencyX-DNS-Prefetch-Controlheader to control browser DNS prefetchingX-Frame-Optionsheader to prevent clickjacking attacksX-Powered-Byheader to prevent hackers from exploiting vulnerabilities in Express and NodePublic-Key-Pinsheader to prevent person-in-the-middle attacksX-Download-Optionsheader to prevent IE from opening untrusted HTML filesCache-Control,Surrogate-Control,PragmaandExpiresheaders to prevent users from getting cached versions of your filesX-Content-Type-Optionsheader to prevent browsers from trying to guess the MIME type, which can have security implicationsReferrer-Policyheader to prevent knowing where a user is referred fromX-XSS-Protectionheader to prevent reflected XSS attacksThe text was updated successfully, but these errors were encountered: