-
Notifications
You must be signed in to change notification settings - Fork 121
/
index.js
76 lines (67 loc) · 3.26 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
/*───────────────────────────────────────────────────────────────────────────*\
│ Copyright (C) 2016 PayPal │
│ │
│hh ,'""`. │
│ / _ _ \ Licensed under the Apache License, Version 2.0 (the "License"); │
│ |(@)(@)| you may not use this file except in compliance with the License. │
│ ) __ ( You may obtain a copy of the License at │
│ /,'))((`.\ │
│(( (( )) )) http://www.apache.org/licenses/LICENSE-2.0 │
│ `\ `)(' /' │
│ │
│ Unless required by applicable law or agreed to in writing, software │
│ distributed under the License is distributed on an "AS IS" BASIS, │
│ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. │
│ See the License for the specific language governing permissions and │
│ limitations under the License. │
\*───────────────────────────────────────────────────────────────────────────*/
'use strict';
var crypto = require('crypto');
/**
* Outputs all security headers based on configuration
* @param {Object} options The configuration object.
*/
var lusca = module.exports = function (options) {
var headers = [];
var nonce;
if (options) {
Object.keys(lusca).forEach(function (key) {
var config = options[key];
if (key === "csp" && options[key] && (options[key]['styleNonce'] || options[key]['scriptNonce'])) {
nonce = true;
}
if (config) {
headers.push(lusca[key](config));
}
});
}
return function lusca(req, res, next) {
var chain = next;
if (nonce) {
Object.defineProperty(res.locals, 'nonce', {
value: crypto.pseudoRandomBytes(36).toString('base64'),
enumerable: true
});
}
headers.forEach(function (header) {
chain = (function (next) {
return function (err) {
if (err) {
next(err);
return;
}
return header(req, res, next);
};
}(chain));
});
chain();
};
};
lusca.csrf = require('./lib/csrf');
lusca.csp = require('./lib/csp');
lusca.hsts = require('./lib/hsts');
lusca.p3p = require('./lib/p3p');
lusca.xframe = require('./lib/xframes');
lusca.xssProtection = require('./lib/xssprotection');
lusca.nosniff = require('./lib/nosniff');
lusca.referrerPolicy = require('./lib/referrerpolicy');