issues
search
helmetjs
/
helmet
Help secure Express apps with various HTTP headers
https://helmetjs.github.io/
MIT License
10.18k
stars
367
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
typescript issues
#474
selfagency
opened
11 hours ago
1
Dynamic Content Security Policy (CSP) Update with Helmet
#473
siirius99
opened
5 days ago
1
is SSLPinning deprecated from latest versions?
#472
saranrajui
closed
2 weeks ago
3
error is always undefined
#471
singh-inder
closed
2 months ago
2
Request to add `Permissions-Policy` header
#470
AshGw
closed
2 months ago
2
Bump braces from 3.0.2 to 3.0.3
#469
dependabot[bot]
opened
3 months ago
0
Question: XSS
#468
olawalejuwonm
closed
3 months ago
3
[feature request] "simple allow everything" setting for development work?
#467
Pomax
closed
1 month ago
6
csp header lack `script-src-elem`
#466
Pomax
closed
3 months ago
4
`getDefaultDirectives` deep copy
#465
sohrb
closed
4 months ago
5
Strict transport security middleware error
#464
sohrb
closed
4 months ago
0
Content-Security-Policy `getDefaultDirectives` should return a deep copy
#463
EvanHahn
closed
4 months ago
3
Strict-Transport-Security middleware should throw, not warn, when misspelling "includeSubDomains" option
#462
EvanHahn
closed
4 months ago
2
helmet default directives doesnt match helmet-csp default directives
#461
NihilumPlays
closed
3 months ago
3
remove block-all-mixed-content from helmet-csp default directives
#460
NihilumPlays
opened
4 months ago
6
Increase default Strict-Transport-Security maxAge to 1 year
#459
sohrb
closed
4 months ago
1
Resolves #404, updates content-security-policy README
#458
webketje
closed
3 months ago
9
Increase default Strict-Transport-Security maxAge to 1 year
#457
webketje
closed
4 months ago
3
Getting Name of Blocked Script?
#456
VikR1000
closed
5 months ago
3
swagger
#455
FDiskas
closed
5 months ago
2
'self' and 'none' values lack quotes
#454
DougReeder
closed
4 months ago
4
v8.0.0
#453
EvanHahn
opened
7 months ago
0
Error "script-src-elem" is an invalid directive
#452
nck
closed
7 months ago
3
Disable HSTS headers by default on localhost
#451
wesleytodd
closed
7 months ago
9
update engine and changelog
#450
njmulsqb
closed
8 months ago
2
7.1.0 Rollup error
#449
khteh
closed
8 months ago
17
Typescript required versions
#448
danielfx90
closed
7 months ago
2
Support `unsafe-none` in COEP
#447
mxxk
closed
10 months ago
4
Support `unsafe-none` in `helmet.crossOriginEmbedderPolicy`?
#446
mxxk
closed
10 months ago
1
Bump actions/setup-node from 3 to 4
#445
dependabot[bot]
closed
10 months ago
0
Require Node 18+
#444
EvanHahn
closed
8 months ago
5
Bump @babel/traverse from 7.22.6 to 7.23.2
#443
dependabot[bot]
closed
11 months ago
2
helmet + sanitizeFilter
#442
mejrimo
closed
11 months ago
1
Getting Error Type 'typeof import("/home/quophyie/projects/helmet-issue/node_modules/helmet/index")' has no call signatures when running tests with jest, ts-jest when using ESM / ECMAScript Modules
#441
quophyie
closed
3 months ago
13
X-Powered-By is not being removed from the haeder in default mode
#440
vanimarcos
closed
11 months ago
2
Bump actions/checkout from 3 to 4
#439
dependabot[bot]
closed
11 months ago
0
Deployment on Vercel using .mjs
#438
Redoxahmii
opened
11 months ago
13
chore(doc): add note on readme
#437
mariomc
closed
1 year ago
3
Consider limiting helmet to document requests or add a note
#436
mariomc
closed
2 months ago
5
Jest: Cannot find module 'helmet' or its corresponding type declarations
#435
thorstenfleischmann
closed
1 year ago
3
Cannot extract type for ContentSecurityPolicyOptions
#434
judithhartmann
closed
11 months ago
3
Add explicit exports for options
#433
judithhartmann
closed
1 year ago
1
Error: Cross-Origin-Embedder-Policy does not support the "cross-origin" policy
#432
EvanHahn
closed
1 year ago
9
Helmet not handling thrown errors
#431
rubnogueira
closed
1 year ago
2
RFE: Static pre-computed headers
#430
glensc
closed
1 year ago
6
SSL error with Safari but not Chrome
#429
ezrichards
closed
1 year ago
8
`Unexpected token` when importing `*.d.cts` or `*.d.mts` files from helmet
#428
phun-ky
closed
1 year ago
1
Error while building on local and digital ocean space
#427
rashedulislam
closed
1 year ago
3
Wiki code sample mistake
#426
gricey432
closed
1 year ago
1
Export typings for individual middleware options
#425
billyjanitsch
closed
1 year ago
6
Next