How to use the helmet-csp function in helmet-csp

To help you get started, we’ve selected a few helmet-csp examples, based on popular ways it is used in public projects.

github bbc / simorgh / src / server / utilities / constructCspHeader / index.js View on Github external
const injectCspHeader = (req, res, next) => {
  const { isAmp } = getRouteProps(routes, req.url);
  const originHeader = req.headers['bbc-origin'];
  const { origin, isUK } = getOriginContext(originHeader);

  const isLive = origin === 'https://bbc.co.uk' || origin === 'https://bbc.com';

  const context = generateCspContext(isAmp, isUK, isLive);

  const middleware = csp(constructCspHeader(context));
  middleware(req, res, next);
};

helmet-csp

Content Security Policy middleware

MIT
Latest version published 1 year ago

Package Health Score

81 / 100
Full package analysis

Popular helmet-csp functions