https://github.com/venables/koa-helmet
Important security headers for koa
https://github.com/venables/koa-helmet
headers helmet koa koa-helmet koa2 middleware secure secure-by-default
Last synced: 3 days ago
JSON representation
Important security headers for koa
- Host: GitHub
- URL: https://github.com/venables/koa-helmet
- Owner: venables
- License: mit
- Created: 2014-03-29T22:04:48.000Z (about 11 years ago)
- Default Branch: main
- Last Pushed: 2025-04-09T14:47:45.000Z (6 days ago)
- Last Synced: 2025-04-10T10:46:04.655Z (5 days ago)
- Topics: headers, helmet, koa, koa-helmet, koa2, middleware, secure, secure-by-default
- Language: TypeScript
- Homepage:
- Size: 945 KB
- Stars: 641
- Watchers: 7
- Forks: 41
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-humanscape - koa-helmet - 보안 헤더 제공 (Node.js, koa / Utilites)
- think-awesome - koa-helmet - helmet.svg)|  |  | helmet middleware | (Koa Middlewares)
- awesome-koa - koa-helmet - 提供重要的安全头header,使您的应用默认更安全。   (仓库 / 中间件)
README
# koa-helmet
[](https://www.npmjs.com/package/koa-helmet)
[](https://www.npmjs.com/package/koa-helmet)
koa-helmet is a wrapper for [helmet](https://github.com/helmetjs/helmet) to work with [koa](https://github.com/koajs/koa). It provides important security headers to make your app more secure by default.
## Installation
```sh
npm i koa-helmet helmet
# or:
yarn add koa-helmet helmet
```
## Usage
Usage is the same as [helmet](https://github.com/helmetjs/helmet)
Helmet offers 11 security middleware functions:
```js
// This...
app.use(helmet());
// ...is equivalent to this:
app.use(helmet.contentSecurityPolicy());
app.use(helmet.dnsPrefetchControl());
app.use(helmet.expectCt());
app.use(helmet.frameguard());
app.use(helmet.hidePoweredBy());
app.use(helmet.hsts());
app.use(helmet.ieNoOpen());
app.use(helmet.noSniff());
app.use(helmet.permittedCrossDomainPolicies());
app.use(helmet.referrerPolicy());
app.use(helmet.xssFilter());
```
You can see more in [the documentation](https://helmetjs.github.io).
## Example
```js
import Koa from "koa";
import helmet from "koa-helmet";
const app = new Koa();
app.use(helmet());
app.use((ctx) => {
ctx.body = "Hello World";
});
app.listen(4000);
```
## Testing
To run the tests, simply run
```
npm test
```
## Versioning
- koa-helmet >=2.x (master branch) supports koa 2.x
- koa-helmet 1.x ([koa-1](https://github.com/venables/koa-helmet/tree/koa-1) branch) supports koa 0.x and koa 1.x