-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consider using 'helmet' npm package in node server #22
Comments
Draft:
This might be enough! Although I don't know enough about |
Hi, is this still needed? If so, then would the default configuration options be good enough for now? |
Hey @caz-gh , yes, this is still on! |
@Martinsos, here are the HTTP header behaviors set when using the default helmet top-level wrapper (
I don't have much experience with using anything other than the default helmet settings, but I can definitely look into this further! So far, I've added helmet to my fork of Wasp and the defaults seem to be working when I look at the response headers I get with a newly created Wasp app. |
@caz-gh sounds good, and thanks for putting in the work! Please go for it and make a pull request -> if you get stuck or just slowed down at any point at all, let me know and I will help out. |
Hey @caz-gh , how is it going, are you still interested in taking care of this one? |
Hi @Martinsos , sorry I was a little busy recently but I'll be making the pull request in a bit! |
No prob, just checking in, looking forward to it :)! |
https://www.npmjs.com/package/helmet -> sets some reasonable default HTTPS response headers.
The text was updated successfully, but these errors were encountered: