add helmet

2022-06-29 17:14:05 +02:00 · 2022-06-29 17:14:05 +02:00 · 9b4eccd2a7
commit 9b4eccd2a7
parent adbc7e704f
3 changed files with 25 additions and 8 deletions
--- a/server/package-lock.json
+++ b/server/package-lock.json
@ -13,6 +13,7 @@
        "cors": "^2.8.5",
        "dotenv": "^16.0.1",
        "express": "^4.18.1",
+        "helmet": "^5.1.0",
        "sqlite3": "^5.0.8"
      },
      "devDependencies": {
@ -20,7 +21,7 @@
        "@types/express": "^4.17.13",
        "@types/node": "^18.0.0",
        "@types/sqlite3": "^3.1.8",
-        "nodemon": "^2.0.16",
+        "nodemon": "^2.0.18",
        "prisma": "^4.0.0",
        "supertest": "^6.2.3",
        "ts-node": "^10.8.1",
@ -1907,6 +1908,14 @@
        "node": ">=8"
      }
    },
+    "node_modules/helmet": {
+      "version": "5.1.0",
+      "resolved": "https://registry.npmjs.org/helmet/-/helmet-5.1.0.tgz",
+      "integrity": "sha512-klsunXs8rgNSZoaUrNeuCiWUxyc+wzucnEnFejUg3/A+CaF589k9qepLZZ1Jehnzig7YbD4hEuscGXuBY3fq+g==",
+      "engines": {
+        "node": ">=12.0.0"
+      }
+    },
    "node_modules/hexoid": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/hexoid/-/hexoid-1.0.0.tgz",
@ -2682,9 +2691,9 @@
      }
    },
    "node_modules/nodemon": {
-      "version": "2.0.16",
-      "resolved": "https://registry.npmjs.org/nodemon/-/nodemon-2.0.16.tgz",
-      "integrity": "sha512-zsrcaOfTWRuUzBn3P44RDliLlp263Z/76FPoHFr3cFFkOz0lTPAcIw8dCzfdVIx/t3AtDYCZRCDkoCojJqaG3w==",
+      "version": "2.0.18",
+      "resolved": "https://registry.npmjs.org/nodemon/-/nodemon-2.0.18.tgz",
+      "integrity": "sha512-uAvrKipi2zAz8E7nkSz4qW4F4zd5fs2wNGsTx+xXlP8KXqd9ucE0vY9wankOsPboeDyuUGN9vsXGV1pLn80l/A==",
      "dev": true,
      "hasInstallScript": true,
      "dependencies": {
@ -5442,6 +5451,11 @@
      "integrity": "sha512-UqBRqi4ju7T+TqGNdqAO0PaSVGsDGJUBQvk9eUWNGRY1CFGDzYhLWoM7JQEemnlvVcv/YEmc2wNW8BC24EnUsw==",
      "dev": true
    },
+    "helmet": {
+      "version": "5.1.0",
+      "resolved": "https://registry.npmjs.org/helmet/-/helmet-5.1.0.tgz",
+      "integrity": "sha512-klsunXs8rgNSZoaUrNeuCiWUxyc+wzucnEnFejUg3/A+CaF589k9qepLZZ1Jehnzig7YbD4hEuscGXuBY3fq+g=="
+    },
    "hexoid": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/hexoid/-/hexoid-1.0.0.tgz",
@ -6019,9 +6033,9 @@
      }
    },
    "nodemon": {
-      "version": "2.0.16",
-      "resolved": "https://registry.npmjs.org/nodemon/-/nodemon-2.0.16.tgz",
-      "integrity": "sha512-zsrcaOfTWRuUzBn3P44RDliLlp263Z/76FPoHFr3cFFkOz0lTPAcIw8dCzfdVIx/t3AtDYCZRCDkoCojJqaG3w==",
+      "version": "2.0.18",
+      "resolved": "https://registry.npmjs.org/nodemon/-/nodemon-2.0.18.tgz",
+      "integrity": "sha512-uAvrKipi2zAz8E7nkSz4qW4F4zd5fs2wNGsTx+xXlP8KXqd9ucE0vY9wankOsPboeDyuUGN9vsXGV1pLn80l/A==",
      "dev": true,
      "requires": {
        "chokidar": "^3.5.2",
--- a/server/package.json
+++ b/server/package.json
@ -15,6 +15,7 @@
    "cors": "^2.8.5",
    "dotenv": "^16.0.1",
    "express": "^4.18.1",
+    "helmet": "^5.1.0",
    "sqlite3": "^5.0.8"
  },
  "devDependencies": {
@ -22,7 +23,7 @@
    "@types/express": "^4.17.13",
    "@types/node": "^18.0.0",
    "@types/sqlite3": "^3.1.8",
-    "nodemon": "^2.0.16",
+    "nodemon": "^2.0.18",
    "prisma": "^4.0.0",
    "supertest": "^6.2.3",
    "ts-node": "^10.8.1",
--- a/server/server.ts
+++ b/server/server.ts
@ -3,12 +3,14 @@ import express, { Express, Request, Response } from "express";
 import cors from "cors";
 import { PrismaClient, EncryptedNote } from "@prisma/client";
 import { addDays } from "./util";
+import helmet from "helmet";

 // Initialize middleware clients
 const prisma = new PrismaClient();

 const app: Express = express();
 app.use(express.json());
+app.use(helmet());

 // Allow CORS in dev mode.
 if (process.env.ENVIRONMENT == "dev") {