Skip to content

erdtman/strict-transport-security

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
examples
examples
 
 
lib
lib
 
 
test
test
 
 
.gitignore
.gitignore
 
 
.npmignore
.npmignore
 
 
.project
.project
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package.json
package.json
 
 

Repository files navigation

Build Status Coverage Status

strict-transport-security

Node.js middleware to add Strict-Transport-Security header according to RFC6797

Install

$ npm install strict-transport-security --save

Tests

$ npm install --dev
$ npm test

Usage

const sts = require('strict-transport-security');
const express = require('express');
const app = express();

const globalSTS = sts.getSTS({'max-age':{'days': 30}});
const localSTS = sts.getSTS({'max-age':{'days': 10}, 'includeSubDomains': true});

// This will apply this policy to all requests
app.use(globalSTS);

app.get('/', (req, res) => {
  res.send('Using global strict transport security policy!');
});

// This will apply the local policy just to this path, overriding the globla policy
app.get('/local', localSTS, (req, res) => {
  res.send('Using path local strict transport security policy!');
});

app.listen(3000, () => {
  console.log('Example app listening on port 3000!');
});

About

Node.js middleware to add Strict-Transport-Security header

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases 2

v0.3.0 Latest
Nov 5, 2020
+ 1 release

Packages

No packages published

Languages