|
contentSecurityPolicy?
|
boolean | Record<string, any>
|
Content Security Policy
|
src/plugins/middleware/security-headers.ts:8
|
|
crossOriginEmbedderPolicy?
|
boolean
|
Cross-Origin Embedder Policy
|
src/plugins/middleware/security-headers.ts:12
|
|
crossOriginOpenerPolicy?
|
boolean
|
Cross-Origin Opener Policy
|
src/plugins/middleware/security-headers.ts:16
|
|
crossOriginResourcePolicy?
|
boolean
|
Cross-Origin Resource Policy
|
src/plugins/middleware/security-headers.ts:20
|
|
dnsPrefetchControl?
|
boolean | { allow: boolean; }
|
DNS Prefetch Control
|
src/plugins/middleware/security-headers.ts:24
|
|
expectCt?
|
boolean | { enforce?: boolean; maxAge?: number; reportUri?: string; }
|
Expect CT
|
src/plugins/middleware/security-headers.ts:28
|
|
frameguard?
|
boolean | { action: "deny" | "sameorigin" | "allow-from"; domain?: string; }
|
Frameguard
|
src/plugins/middleware/security-headers.ts:32
|
|
hidePoweredBy?
|
boolean
|
Hide Powered By
|
src/plugins/middleware/security-headers.ts:36
|
|
hsts?
|
boolean | { includeSubDomains?: boolean; maxAge?: number; preload?: boolean; }
|
HTTP Strict Transport Security
|
src/plugins/middleware/security-headers.ts:40
|
|
ieNoOpen?
|
boolean
|
IE No Open
|
src/plugins/middleware/security-headers.ts:44
|
|
noSniff?
|
boolean
|
No Sniff
|
src/plugins/middleware/security-headers.ts:48
|
|
originAgentCluster?
|
boolean
|
Origin Agent Cluster
|
src/plugins/middleware/security-headers.ts:52
|
|
permittedCrossDomainPolicies?
|
boolean | { permittedPolicies: "none" | "all" | "master-only" | "by-content-type"; }
|
Permitted Cross Domain Policies
|
src/plugins/middleware/security-headers.ts:56
|
|
referrerPolicy?
|
boolean | { policy: string | string[]; }
|
Referrer Policy
|
src/plugins/middleware/security-headers.ts:60
|
|
xssFilter?
|
boolean
|
X-XSS-Protection
|
src/plugins/middleware/security-headers.ts:64
|