Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-26 08:36:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: #7722, hsts deprecation warnings

Browse Source
This commit is contained in:
Julian Lam
2019-07-03 14:10:29 -04:00
parent cf9afa1974
commit 8b1dadb7f8
1 changed files with 9 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
src/webserver.js
View File

@@ -184,18 +184,16 @@ function setupExpressApp(app, callback) {
saveUninitialized: nconf.get('sessionSaveUninitialized') || false,
}));
var hsts_option = {
maxAge: meta.config['hsts-maxage'],
includeSubdomains: !!meta.config['hsts-subdomains'],
preload: !!meta.config['hsts-preload'],
setIf: function () {
return !!meta.config['hsts-enabled'];
},
};
app.use(helmet({
hsts: hsts_option,
}));
app.use(helmet());
app.use(helmet.referrerPolicy({ policy: 'strict-origin-when-cross-origin' }));
if (meta.config['hsts-enabled']) {
app.use(helmet.hsts({
maxAge: meta.config['hsts-maxage'],
includeSubDomains: !!meta.config['hsts-subdomains'],
preload: !!meta.config['hsts-preload'],
}));
}
app.use(middleware.addHeaders);
app.use(middleware.processRender);
auth.initialize(app, middleware);