fastify-fast-helmet-wrapper
v0.1.0
Published
Important security headers for Fastify
Downloads
5
Readme
fastify-fast-helmet
Important security headers for Fastify
Why?
You may know fastify-helmet as a helmet plugin for fastify. So why i made this plugin?
This plugin uses a set of helmet plugins for fastify instead of the helmet middlewares. You may find the reason in benchmark result and wish you like it. :)
Plugins
fastify-fast-helmet
is a collection of 12 smaller middleware functions that set HTTP headers.
| Module | Description | Default? | |---|---|---| | fastify-csp | for setting Content Security Policy | | | fastify-expect-ct | for handling Certificate Transparency | | | fastify-dns-prefetch-control | controls browser DNS prefetching | ✓ | | fastify-frame-guard | to prevent clickjacking | ✓ | | fastify-hide-powered-by | to remove the X-Powered-By header | ✓ | | fastify-hpkp | for HTTP Public Key Pinning | | | fastify-hsts | for HTTP Strict Transport Security | ✓ | | fastify-ie-no-open | sets X-Download-Options for IE8+ | ✓ | | fastify-no-cache | to disable client-side caching | | | fastify-no-sniff | to keep clients from sniffing the MIME type | ✓ | | fastify-referrer-policy | to hide the Referer header | |
Difference
The sub plugins use test cases from helmet middleware and their actions are almost same as helmet middlewares but a little difference in fastify-csp.
Install
Via npm:
npm i fastify-fast-helmet
Via yarn:
yarn add fastify-fast-helmet
Usage
const fastify = require('fastify');
const fastifyHelmet = require('fastify-fast-helmet');
const app = fastify();
app.register(fastifyHelmet, {
// Your options
});
app.listen(3000, err => {
if (err) throw err;
});
Changelog
- 0.1.0:
- Init version