Skip to content
Shokupan

SecurityHeadersOptions

Defined in: src/plugins/middleware/security-headers.ts:4

Properties

Section titled “Properties”

contentSecurityPolicy?

Section titled “contentSecurityPolicy?”

optional contentSecurityPolicy: boolean | Record<string, any>

Defined in: src/plugins/middleware/security-headers.ts:8

Content Security Policy

crossOriginEmbedderPolicy?

Section titled “crossOriginEmbedderPolicy?”

optional crossOriginEmbedderPolicy: boolean

Defined in: src/plugins/middleware/security-headers.ts:12

Cross-Origin Embedder Policy

crossOriginOpenerPolicy?

Section titled “crossOriginOpenerPolicy?”

optional crossOriginOpenerPolicy: boolean

Defined in: src/plugins/middleware/security-headers.ts:16

Cross-Origin Opener Policy

crossOriginResourcePolicy?

Section titled “crossOriginResourcePolicy?”

optional crossOriginResourcePolicy: boolean

Defined in: src/plugins/middleware/security-headers.ts:20

Cross-Origin Resource Policy

dnsPrefetchControl?

Section titled “dnsPrefetchControl?”

optional dnsPrefetchControl: boolean | { allow: boolean; }

Defined in: src/plugins/middleware/security-headers.ts:24

DNS Prefetch Control

expectCt?

Section titled “expectCt?”

optional expectCt: boolean | { enforce?: boolean; maxAge?: number; reportUri?: string; }

Defined in: src/plugins/middleware/security-headers.ts:28

Expect CT

frameguard?

Section titled “frameguard?”

optional frameguard: boolean | { action: "deny" | "sameorigin" | "allow-from"; domain?: string; }

Defined in: src/plugins/middleware/security-headers.ts:32

Frameguard

hidePoweredBy?

Section titled “hidePoweredBy?”

optional hidePoweredBy: boolean

Defined in: src/plugins/middleware/security-headers.ts:36

Hide Powered By

hsts?

Section titled “hsts?”

optional hsts: boolean | { includeSubDomains?: boolean; maxAge?: number; preload?: boolean; }

Defined in: src/plugins/middleware/security-headers.ts:40

HTTP Strict Transport Security

ieNoOpen?

Section titled “ieNoOpen?”

optional ieNoOpen: boolean

Defined in: src/plugins/middleware/security-headers.ts:44

IE No Open

noSniff?

Section titled “noSniff?”

optional noSniff: boolean

Defined in: src/plugins/middleware/security-headers.ts:48

No Sniff

originAgentCluster?

Section titled “originAgentCluster?”

optional originAgentCluster: boolean

Defined in: src/plugins/middleware/security-headers.ts:52

Origin Agent Cluster

permittedCrossDomainPolicies?

Section titled “permittedCrossDomainPolicies?”

optional permittedCrossDomainPolicies: boolean | { permittedPolicies: "none" | "all" | "master-only" | "by-content-type"; }

Defined in: src/plugins/middleware/security-headers.ts:56

Permitted Cross Domain Policies

referrerPolicy?

Section titled “referrerPolicy?”

optional referrerPolicy: boolean | { policy: string | string[]; }

Defined in: src/plugins/middleware/security-headers.ts:60

Referrer Policy

xssFilter?

Section titled “xssFilter?”

optional xssFilter: boolean

Defined in: src/plugins/middleware/security-headers.ts:64

X-XSS-Protection