Skip to content
This repository was archived by the owner on Aug 30, 2021. It is now read-only.

Commit 72c813d

Browse files
memologmemolog
committed
keep enable Cache-Control
helmet.defaults() disabeles Cache-Control. I guess it's controversial to disable it.
1 parent afb0f97 commit 72c813d

File tree

1 file changed

+5
-1
lines changed

1 file changed

+5
-1
lines changed

config/express.js

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -99,7 +99,11 @@ module.exports = function(db) {
9999
// connect flash for flash messages
100100
app.use(flash());
101101

102-
app.use(helmet.defaults());
102+
app.use(helmet.xframe());
103+
app.use(helmet.iexss());
104+
app.use(helmet.contentTypeOptions());
105+
app.use(helmet.ienoopen());
106+
app.disable('x-powered-by');
103107

104108
// routes should be at the last
105109
app.use(app.router);

0 commit comments

Comments
 (0)