@arcis/node 1.2.0 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/index.d.mts +1 -1
- package/dist/core/index.d.ts +1 -1
- package/dist/{pii-DhNpl7M3.d.ts → encode-CrQCGlBq.d.mts} +48 -2
- package/dist/{pii-CXcHMlnX.d.mts → encode-jl9sOwmA.d.ts} +48 -2
- package/dist/{index-D_bdJcF0.d.ts → index-BAhgn9V2.d.ts} +1 -1
- package/dist/{index-Co5kPRZz.d.ts → index-BGNKspqH.d.ts} +1 -1
- package/dist/{index-A-m-pPeW.d.mts → index-Cd02z-0j.d.mts} +1 -1
- package/dist/{index-CgK94hY_.d.mts → index-DgJtWMSj.d.mts} +1 -1
- package/dist/index.d.mts +4 -4
- package/dist/index.d.ts +4 -4
- package/dist/index.js +94 -2
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +90 -3
- package/dist/index.mjs.map +1 -1
- package/dist/logging/index.d.mts +1 -1
- package/dist/logging/index.d.ts +1 -1
- package/dist/middleware/index.d.mts +2 -2
- package/dist/middleware/index.d.ts +2 -2
- package/dist/middleware/index.js +22 -2
- package/dist/middleware/index.js.map +1 -1
- package/dist/middleware/index.mjs +22 -2
- package/dist/middleware/index.mjs.map +1 -1
- package/dist/sanitizers/index.d.mts +2 -2
- package/dist/sanitizers/index.d.ts +2 -2
- package/dist/sanitizers/index.js +72 -0
- package/dist/sanitizers/index.js.map +1 -1
- package/dist/sanitizers/index.mjs +68 -1
- package/dist/sanitizers/index.mjs.map +1 -1
- package/dist/stores/index.d.mts +1 -1
- package/dist/stores/index.d.ts +1 -1
- package/dist/{types-CsOFHoD9.d.mts → types-BOkx5YJc.d.mts} +11 -1
- package/dist/{types-CsOFHoD9.d.ts → types-BOkx5YJc.d.ts} +11 -1
- package/dist/validation/index.d.mts +2 -2
- package/dist/validation/index.d.ts +2 -2
- package/package.json +1 -1
|
@@ -272,7 +272,12 @@ function createHeaders(options = {}) {
|
|
|
272
272
|
hsts = true,
|
|
273
273
|
referrerPolicy = HEADERS.REFERRER_POLICY,
|
|
274
274
|
permissionsPolicy = HEADERS.PERMISSIONS_POLICY,
|
|
275
|
-
cacheControl = true
|
|
275
|
+
cacheControl = true,
|
|
276
|
+
crossOriginOpenerPolicy = "same-origin",
|
|
277
|
+
crossOriginResourcePolicy = "same-origin",
|
|
278
|
+
crossOriginEmbedderPolicy = "require-corp",
|
|
279
|
+
originAgentCluster = true,
|
|
280
|
+
dnsPrefetchControl = true
|
|
276
281
|
} = options;
|
|
277
282
|
return (req, res, next) => {
|
|
278
283
|
if (contentSecurityPolicy) {
|
|
@@ -280,7 +285,7 @@ function createHeaders(options = {}) {
|
|
|
280
285
|
res.setHeader("Content-Security-Policy", csp);
|
|
281
286
|
}
|
|
282
287
|
if (xssFilter) {
|
|
283
|
-
res.setHeader("X-XSS-Protection", "
|
|
288
|
+
res.setHeader("X-XSS-Protection", "0");
|
|
284
289
|
}
|
|
285
290
|
if (noSniff) {
|
|
286
291
|
res.setHeader("X-Content-Type-Options", HEADERS.CONTENT_TYPE_OPTIONS);
|
|
@@ -307,6 +312,21 @@ function createHeaders(options = {}) {
|
|
|
307
312
|
if (permissionsPolicy) {
|
|
308
313
|
res.setHeader("Permissions-Policy", permissionsPolicy);
|
|
309
314
|
}
|
|
315
|
+
if (crossOriginOpenerPolicy) {
|
|
316
|
+
res.setHeader("Cross-Origin-Opener-Policy", crossOriginOpenerPolicy);
|
|
317
|
+
}
|
|
318
|
+
if (crossOriginResourcePolicy) {
|
|
319
|
+
res.setHeader("Cross-Origin-Resource-Policy", crossOriginResourcePolicy);
|
|
320
|
+
}
|
|
321
|
+
if (crossOriginEmbedderPolicy) {
|
|
322
|
+
res.setHeader("Cross-Origin-Embedder-Policy", crossOriginEmbedderPolicy);
|
|
323
|
+
}
|
|
324
|
+
if (originAgentCluster) {
|
|
325
|
+
res.setHeader("Origin-Agent-Cluster", "?1");
|
|
326
|
+
}
|
|
327
|
+
if (dnsPrefetchControl) {
|
|
328
|
+
res.setHeader("X-DNS-Prefetch-Control", "off");
|
|
329
|
+
}
|
|
310
330
|
res.setHeader("X-Permitted-Cross-Domain-Policies", "none");
|
|
311
331
|
if (cacheControl) {
|
|
312
332
|
const cacheControlValue = typeof cacheControl === "string" ? cacheControl : HEADERS.CACHE_CONTROL;
|