mirror of
https://github.com/Unleash/unleash.git
synced 2024-12-28 00:06:53 +01:00
35 lines
960 B
JavaScript
35 lines
960 B
JavaScript
const helmet = require('helmet');
|
|
|
|
module.exports = function(config) {
|
|
if (config.enableHelmet) {
|
|
return helmet({
|
|
hsts: {
|
|
maxAge: 63072000,
|
|
includeSubDomains: true,
|
|
preload: true,
|
|
},
|
|
contentSecurityPolicy: {
|
|
directives: {
|
|
defaultSrc: [
|
|
"'self'",
|
|
'fonts.googleapis.com',
|
|
'fonts.gstatic.com',
|
|
'data:',
|
|
'gravatar.com',
|
|
],
|
|
styleSrc: [
|
|
"'self'",
|
|
"'unsafe-inline'",
|
|
'fonts.googleapis.com',
|
|
'fonts.gstatic.com',
|
|
'data:',
|
|
],
|
|
},
|
|
},
|
|
});
|
|
}
|
|
return (req, res, next) => {
|
|
next();
|
|
};
|
|
};
|