Package Exports
- koa-helmet
- koa-helmet/lib/koa-helmet.js
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (koa-helmet) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
koa-helmet
koa-helmet is a wrapper for helmet to work with koa (v2 and v3). It provides important security headers to make your app more secure by default.
This package has zero direct dependencies, with peerDependencies of koa and helmet.
Installation
npm i koa-helmet helmet
# or:
yarn add koa-helmet helmetUsage
Usage is the same as helmet
Helmet offers 11 security middleware functions:
// This...
app.use(helmet());
// ...is equivalent to this:
app.use(helmet.contentSecurityPolicy());
app.use(helmet.dnsPrefetchControl());
app.use(helmet.expectCt());
app.use(helmet.frameguard());
app.use(helmet.hidePoweredBy());
app.use(helmet.hsts());
app.use(helmet.ieNoOpen());
app.use(helmet.noSniff());
app.use(helmet.permittedCrossDomainPolicies());
app.use(helmet.referrerPolicy());
app.use(helmet.xssFilter());You can see more in the documentation.
Example
import Koa from "koa";
import helmet from "koa-helmet";
const app = new Koa();
app.use(helmet());
app.use((ctx) => {
ctx.body = "Hello World";
});
app.listen(4000);Testing
To run the tests, simply run
npm testVersioning
- koa-helmet >=2.x (main branch) supports koa 2.x and 3.x
- koa-helmet 1.x (koa-1 branch) supports koa 0.x and koa 1.x