Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings
This repository was archived by the owner on Nov 8, 2022. It is now read-only.

Commit54dbf8b

Browse files
committed
feat(safe): add helmet to enhance safety
1 parente521703 commit54dbf8b

File tree

4 files changed

+100
-0
lines changed

4 files changed

+100
-0
lines changed

‎package-docker.json‎

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@
2828
"graphql":"^0.13.2",
2929
"graphql-request":"^1.6.0",
3030
"graphql-tag":"^2.6.1",
31+
"helmet":"^3.15.0",
3132
"intl":"^1.2.5",
3233
"isomorphic-fetch":"^2.2.1",
3334
"js-cookie":"^2.2.0",

‎package.json‎

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,7 @@
6868
"graphql":"^0.13.2",
6969
"graphql-request":"^1.6.0",
7070
"graphql-tag":"^2.6.1",
71+
"helmet":"^3.15.0",
7172
"intl":"^1.2.5",
7273
"isomorphic-fetch":"^2.2.1",
7374
"js-cookie":"^2.2.0",

‎server.js‎

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ const dev = process.env.NODE_ENV !== 'production'
44
constnext=require('next')
55
constexpress=require('express')
66
constLRUCache=require('lru-cache')
7+
consthelmet=require('helmet')
78
constmobxReact=require('mobx-react')
89
constR=require('ramda')
910

@@ -24,6 +25,7 @@ const HOME_PAGE = '/home/posts'
2425
app.prepare().then(()=>{
2526
constserver=express()
2627
server.use(express.static('static'))
28+
server.use(helmet())
2729

2830
server.get('/_next/:page?',(req,res)=>handle(req,res))
2931

‎yarn.lock‎

Lines changed: 96 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2316,6 +2316,10 @@ camelcase@^4.1.0:
23162316
version "4.1.0"
23172317
resolved "http://r.cnpmjs.org/camelcase/download/camelcase-4.1.0.tgz#d545635be1e33c542649c69173e5de6acfae34dd"
23182318

2319+
camelize@1.0.0:
2320+
version "1.0.0"
2321+
resolved "https://registry.npmjs.org/camelize/-/camelize-1.0.0.tgz#164a5483e630fa4321e5af07020e531831b2609b"
2322+
23192323
caniuse-lite@^1.0.30000884:
23202324
version "1.0.30000885"
23212325
resolved "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30000885.tgz#e889e9f8e7e50e769f2a49634c932b8aee622984"
@@ -2731,6 +2735,10 @@ content-disposition@0.5.2:
27312735
version "0.5.2"
27322736
resolved "http://r.cnpmjs.org/content-disposition/download/content-disposition-0.5.2.tgz#0cf68bb9ddf5f2be7961c3a85178cb85dba78cb4"
27332737

2738+
content-security-policy-builder@2.0.0:
2739+
version "2.0.0"
2740+
resolved "https://registry.npmjs.org/content-security-policy-builder/-/content-security-policy-builder-2.0.0.tgz#8749a1d542fcbe82237281ea9f716ce68b394dd2"
2741+
27342742
content-type-parser@^1.0.1:
27352743
version "1.0.1"
27362744
resolved "http://r.cnpmjs.org/content-type-parser/download/content-type-parser-1.0.1.tgz#c3e56988c53c65127fb46d4032a3a900246fdc94"
@@ -3201,6 +3209,10 @@ dashdash@^1.12.0:
32013209
dependencies:
32023210
assert-plus "^1.0.0"
32033211

3212+
dasherize@2.0.0:
3213+
version "2.0.0"
3214+
resolved "https://registry.npmjs.org/dasherize/-/dasherize-2.0.0.tgz#6d809c9cd0cf7bb8952d80fc84fa13d47ddb1308"
3215+
32043216
date-fns@^1.27.2:
32053217
version "1.28.5"
32063218
resolved "http://r.cnpmjs.org/date-fns/download/date-fns-1.28.5.tgz#257cfc45d322df45ef5658665967ee841cd73faf"
@@ -3400,6 +3412,10 @@ discontinuous-range@1.0.0:
34003412
version "1.0.0"
34013413
resolved "http://r.cnpmjs.org/discontinuous-range/download/discontinuous-range-1.0.0.tgz#e38331f0844bba49b9a9cb71c771585aab1bc65a"
34023414

3415+
dns-prefetch-control@0.1.0:
3416+
version "0.1.0"
3417+
resolved "https://registry.npmjs.org/dns-prefetch-control/-/dns-prefetch-control-0.1.0.tgz#60ddb457774e178f1f9415f0cabb0e85b0b300b2"
3418+
34033419
doctrine@1.5.0:
34043420
version "1.5.0"
34053421
resolved "http://r.cnpmjs.org/doctrine/download/doctrine-1.5.0.tgz#379dce730f6166f76cefa4e6707a159b02c5a6fa"
@@ -3478,6 +3494,10 @@ domutils@^1.5.1:
34783494
dom-serializer "0"
34793495
domelementtype "1"
34803496

3497+
dont-sniff-mimetype@1.0.0:
3498+
version "1.0.0"
3499+
resolved "https://registry.npmjs.org/dont-sniff-mimetype/-/dont-sniff-mimetype-1.0.0.tgz#5932890dc9f4e2f19e5eb02a20026e5e5efc8f58"
3500+
34813501
dot-case@^2.1.0:
34823502
version "2.1.1"
34833503
resolved "https://registry.npmjs.org/dot-case/-/dot-case-2.1.1.tgz#34dcf37f50a8e93c2b3bca8bb7fb9155c7da3bee"
@@ -4130,6 +4150,10 @@ expand-tilde@^2.0.2:
41304150
dependencies:
41314151
homedir-polyfill "^1.0.1"
41324152

4153+
expect-ct@0.1.1:
4154+
version "0.1.1"
4155+
resolved "https://registry.npmjs.org/expect-ct/-/expect-ct-0.1.1.tgz#de84476a2dbcb85000d5903737e9bc8a5ba7b897"
4156+
41334157
expect@^23.4.0:
41344158
version "23.4.0"
41354159
resolved "https://registry.npmjs.org/expect/-/expect-23.4.0.tgz#6da4ecc99c1471253e7288338983ad1ebadb60c3"
@@ -4357,6 +4381,10 @@ fd-slicer@~1.0.1:
43574381
dependencies:
43584382
pend "~1.2.0"
43594383

4384+
feature-policy@0.2.0:
4385+
version "0.2.0"
4386+
resolved "https://registry.npmjs.org/feature-policy/-/feature-policy-0.2.0.tgz#22096de49ab240176878ffe2bde2f6ff04d48c43"
4387+
43604388
fetch-jsonp@^1.1.3:
43614389
version "1.1.3"
43624390
resolved "https://registry.npmjs.org/fetch-jsonp/-/fetch-jsonp-1.1.3.tgz#9eb9e585ba08aaf700563538d17bbebbcd5a3db2"
@@ -4592,6 +4620,10 @@ fragment-cache@^0.2.1:
45924620
dependencies:
45934621
map-cache "^0.2.2"
45944622

4623+
frameguard@3.0.0:
4624+
version "3.0.0"
4625+
resolved "https://registry.npmjs.org/frameguard/-/frameguard-3.0.0.tgz#7bcad469ee7b96e91d12ceb3959c78235a9272e9"
4626+
45954627
fresh@0.5.2:
45964628
version "0.5.2"
45974629
resolved "http://r.cnpmjs.org/fresh/download/fresh-0.5.2.tgz#3d8cadd90d976569fa835ab1f8e4b23a105605a7"
@@ -5121,6 +5153,42 @@ header-case@^1.0.0:
51215153
no-case "^2.2.0"
51225154
upper-case "^1.1.3"
51235155

5156+
helmet-crossdomain@0.3.0:
5157+
version "0.3.0"
5158+
resolved "https://registry.npmjs.org/helmet-crossdomain/-/helmet-crossdomain-0.3.0.tgz#707e2df930f13ad61f76ed08e1bb51ab2b2e85fa"
5159+
5160+
helmet-csp@2.7.1:
5161+
version "2.7.1"
5162+
resolved "https://registry.npmjs.org/helmet-csp/-/helmet-csp-2.7.1.tgz#e8e0b5186ffd4db625cfcce523758adbfadb9dca"
5163+
dependencies:
5164+
camelize "1.0.0"
5165+
content-security-policy-builder "2.0.0"
5166+
dasherize "2.0.0"
5167+
platform "1.3.5"
5168+
5169+
helmet@^3.15.0:
5170+
version "3.15.0"
5171+
resolved "https://registry.npmjs.org/helmet/-/helmet-3.15.0.tgz#fe0bb80e05d9eec589e3cbecaf5384409a3a64c9"
5172+
dependencies:
5173+
dns-prefetch-control "0.1.0"
5174+
dont-sniff-mimetype "1.0.0"
5175+
expect-ct "0.1.1"
5176+
feature-policy "0.2.0"
5177+
frameguard "3.0.0"
5178+
helmet-crossdomain "0.3.0"
5179+
helmet-csp "2.7.1"
5180+
hide-powered-by "1.0.0"
5181+
hpkp "2.0.0"
5182+
hsts "2.1.0"
5183+
ienoopen "1.0.0"
5184+
nocache "2.0.0"
5185+
referrer-policy "1.1.0"
5186+
x-xss-protection "1.1.0"
5187+
5188+
hide-powered-by@1.0.0:
5189+
version "1.0.0"
5190+
resolved "https://registry.npmjs.org/hide-powered-by/-/hide-powered-by-1.0.0.tgz#4a85ad65881f62857fc70af7174a1184dccce32b"
5191+
51245192
hmac-drbg@^1.0.0:
51255193
version "1.0.1"
51265194
resolved "http://r.cnpmjs.org/hmac-drbg/download/hmac-drbg-1.0.1.tgz#d2745701025a6c775a6c545793ed502fc0c649a1"
@@ -5176,6 +5244,14 @@ hosted-git-info@^2.1.4:
51765244
version "2.5.0"
51775245
resolved "http://r.cnpmjs.org/hosted-git-info/download/hosted-git-info-2.5.0.tgz#6d60e34b3abbc8313062c3b798ef8d901a07af3c"
51785246

5247+
hpkp@2.0.0:
5248+
version "2.0.0"
5249+
resolved "https://registry.npmjs.org/hpkp/-/hpkp-2.0.0.tgz#10e142264e76215a5d30c44ec43de64dee6d1672"
5250+
5251+
hsts@2.1.0:
5252+
version "2.1.0"
5253+
resolved "https://registry.npmjs.org/hsts/-/hsts-2.1.0.tgz#cbd6c918a2385fee1dd5680bfb2b3a194c0121cc"
5254+
51795255
html-encoding-sniffer@^1.0.1:
51805256
version "1.0.1"
51815257
resolved "http://r.cnpmjs.org/html-encoding-sniffer/download/html-encoding-sniffer-1.0.1.tgz#79bf7a785ea495fe66165e734153f363ff5437da"
@@ -5288,6 +5364,10 @@ ieee754@^1.1.4:
52885364
version "1.1.8"
52895365
resolved "http://r.cnpmjs.org/ieee754/download/ieee754-1.1.8.tgz#be33d40ac10ef1926701f6f08a2d86fbfd1ad3e4"
52905366

5367+
ienoopen@1.0.0:
5368+
version "1.0.0"
5369+
resolved "https://registry.npmjs.org/ienoopen/-/ienoopen-1.0.0.tgz#346a428f474aac8f50cf3784ea2d0f16f62bda6b"
5370+
52915371
iferr@^0.1.5:
52925372
version "0.1.5"
52935373
resolved "https://registry.npmjs.org/iferr/-/iferr-0.1.5.tgz#c60eed69e6d8fdb6b3104a1fcbca1c192dc5b501"
@@ -7408,6 +7488,10 @@ no-case@^2.2.0, no-case@^2.3.2:
74087488
dependencies:
74097489
lower-case "^1.1.1"
74107490

7491+
nocache@2.0.0:
7492+
version "2.0.0"
7493+
resolved "https://registry.npmjs.org/nocache/-/nocache-2.0.0.tgz#202b48021a0c4cbde2df80de15a17443c8b43980"
7494+
74117495
node-fetch@1.6.3:
74127496
version "1.6.3"
74137497
resolved "http://registry.npm.taobao.org/node-fetch/download/node-fetch-1.6.3.tgz#dc234edd6489982d58e8f0db4f695029abcd8c04"
@@ -8142,6 +8226,10 @@ pkg-dir@^3.0.0:
81428226
dependencies:
81438227
find-up "^3.0.0"
81448228

8229+
platform@1.3.5:
8230+
version "1.3.5"
8231+
resolved "https://registry.npmjs.org/platform/-/platform-1.3.5.tgz#fb6958c696e07e2918d2eeda0f0bc9448d733444"
8232+
81458233
please-upgrade-node@^3.0.2:
81468234
version "3.0.2"
81478235
resolved "https://registry.npmjs.org/please-upgrade-node/-/please-upgrade-node-3.0.2.tgz#7b9eaeca35aa4a43d6ebdfd10616c042f9a83acc"
@@ -9218,6 +9306,10 @@ redent@^2.0.0:
92189306
indent-string "^3.0.0"
92199307
strip-indent "^2.0.0"
92209308

9309+
referrer-policy@1.1.0:
9310+
version "1.1.0"
9311+
resolved "https://registry.npmjs.org/referrer-policy/-/referrer-policy-1.1.0.tgz#35774eb735bf50fb6c078e83334b472350207d79"
9312+
92219313
reflect.ownkeys@^0.2.0:
92229314
version "0.2.0"
92239315
resolved "https://registry.npmjs.org/reflect.ownkeys/-/reflect.ownkeys-0.2.0.tgz#749aceec7f3fdf8b63f927a04809e90c5c0b3460"
@@ -11184,6 +11276,10 @@ ws@^6.0.0:
1118411276
dependencies:
1118511277
async-limiter "~1.0.0"
1118611278

11279+
x-xss-protection@1.1.0:
11280+
version "1.1.0"
11281+
resolved "https://registry.npmjs.org/x-xss-protection/-/x-xss-protection-1.1.0.tgz#4f1898c332deb1e7f2be1280efb3e2c53d69c1a7"
11282+
1118711283
xml-name-validator@^2.0.1:
1118811284
version "2.0.1"
1118911285
resolved "http://r.cnpmjs.org/xml-name-validator/download/xml-name-validator-2.0.1.tgz#4d8b8f1eccd3419aa362061becef515e1e559635"

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp