@ladjs/web 21.0.14 → 21.0.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/index.js +6 -0
  2. package/package.json +1 -1
package/index.js CHANGED
@@ -259,6 +259,12 @@ class Web {
259
259
  // (needs to come before i18n so HSTS header gets added)
260
260
  if (this.config.helmet) app.use(helmet(this.config.helmet));
261
261
 
262
+ // remove X-XSS-Protection header from Helmet
263
+ app.use((ctx, next) => {
264
+ ctx.remove('X-XSS-Protection');
265
+ return next();
266
+ });
267
+
262
268
  // i18n
263
269
  if (this.config.i18n) {
264
270
  // create new @ladjs/i18n instance
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@ladjs/web",
3
3
  "description": "Web server for Lad",
4
- "version": "21.0.14",
4
+ "version": "21.0.15",
5
5
  "author": "Nick Baugh <niftylettuce@gmail.com> (http://niftylettuce.com/)",
6
6
  "bugs": {
7
7
  "url": "https://github.com/ladjs/web/issues",