Skip to content

cak/blockade

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits

docs

docs

 
 

src

src

 
 

.gitignore

.gitignore

 
 

.npmignore

.npmignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

package.json

package.json

 
 

tsconfig.json

tsconfig.json

 
 

Repository files navigation

Blockade

version Types License Style

Blockade ⚓️ is a lightweight package that adds optional security headers and cookie attributes for Node.js web frameworks.

Security HTTP headers and cookie attributes help enhance the security of your web application by enabling built-in browser security mechanisms.

Supported Node.js web frameworks:

AdonisJs, Express, Fastify, hapi, Koa, Meteor, Nest, Polka, restify, Sails, Total.js

Install

$ npm i blockade

After installing Blockade:

const blockade = require("blockade");

const secureHeaders = new blockade.SecureHeaders();
const secureCookie = new blockade.SecureCookie();

Secure Headers

Example

secureHeaders.framework(response);

Default HTTP response headers:

Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer, strict-origin-when-cross-origin
Cache-control: no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Expires: 0

Secure Cookie

Example

secureCookie.framework(response, "foo", "bar");

Default Set-Cookie HTTP response header:

Set-Cookie: foo=bar; Path=/; secure; HttpOnly; SameSite=lax

Documentation

Please see the full set of documentation at https://blockadejs.readthedocs.io

Resources

About

Secure ⚓️ headers and cookies for Node.js web frameworks

blockadejs.rtfd.io

Resources

Readme

License

MIT license
Activity

Stars

62 stars

Watchers

5 watching

Forks

1 fork
Report repository

Releases 3

v.1.0.4 Latest
Jan 26, 2019
+ 2 releases

Packages

No packages published

Languages