Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/venables/koa-helmet

Important security headers for koa
https://github.com/venables/koa-helmet

headers helmet koa koa-helmet koa2 middleware secure secure-by-default

Last synced: 3 days ago
JSON representation

Important security headers for koa

Host: GitHub
URL: https://github.com/venables/koa-helmet
Owner: venables
License: mit
Created: 2014-03-29T22:04:48.000Z (almost 11 years ago)
Default Branch: main
Last Pushed: 2024-04-21T04:04:33.000Z (9 months ago)
Last Synced: 2024-10-29T14:54:47.491Z (3 months ago)
Topics: headers, helmet, koa, koa-helmet, koa2, middleware, secure, secure-by-default
Language: JavaScript
Homepage:
Size: 865 KB
Stars: 640
Watchers: 8
Forks: 39
Open Issues: 13
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-humanscape - koa-helmet - 보안 헤더 제공 (Node.js, koa / Utilites)
think-awesome - koa-helmet - helmet.svg)| ![status](https://travis-ci.org/venables/koa-helmet.svg) | ![downloads](https://img.shields.io/npm/dm/koa-helmet.svg) | helmet middleware | (Koa Middlewares)
awesome-koa - koa-helmet - 提供重要的安全头header，使您的应用默认更安全。 ![](https://img.shields.io/github/stars/venables/koa-helmet.svg?style=social&label=Star) ![](https://img.shields.io/npm/dm/koa-helmet.svg?style=flat-square) (仓库 / 中间件)

README

        # koa-helmet

[![Version](https://img.shields.io/npm/v/koa-helmet.svg)](https://www.npmjs.com/package/koa-helmet)

[![Downloads](https://img.shields.io/npm/dm/koa-helmet.svg)](https://www.npmjs.com/package/koa-helmet)

koa-helmet is a wrapper for [helmet](https://github.com/helmetjs/helmet) to work with [koa](https://github.com/koajs/koa). It provides important security headers to make your app more secure by default.

## Installation

```sh

npm i koa-helmet helmet

# or:

yarn add koa-helmet helmet

```

## Usage

Usage is the same as [helmet](https://github.com/helmetjs/helmet)

Helmet offers 11 security middleware functions:

```js

// This...

app.use(helmet());

// ...is equivalent to this:

app.use(helmet.contentSecurityPolicy());

app.use(helmet.dnsPrefetchControl());

app.use(helmet.expectCt());

app.use(helmet.frameguard());

app.use(helmet.hidePoweredBy());

app.use(helmet.hsts());

app.use(helmet.ieNoOpen());

app.use(helmet.noSniff());

app.use(helmet.permittedCrossDomainPolicies());

app.use(helmet.referrerPolicy());

app.use(helmet.xssFilter());

```

You can see more in [the documentation](https://helmetjs.github.io).

## Example

```js

import Koa from "koa";

import helmet from "koa-helmet";

const app = new Koa();

app.use(helmet());

app.use((ctx) => {

  ctx.body = "Hello World";

});

app.listen(4000);

```

## Testing

To run the tests, simply run

```

npm test

```

## Versioning

- koa-helmet >=2.x (master branch) supports koa 2.x

- koa-helmet 1.x ([koa-1](https://github.com/venables/koa-helmet/tree/koa-1) branch) supports koa 0.x and koa 1.x