Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
// Because of this https://github.com/angular/angular/issues/18199#issue-243593688
(global as any).XMLHttpRequest = require('xmlhttprequest').XMLHttpRequest;
const app = express();
const PORT = process.env.PORT || 4000;
const DIST_FOLDER = join(process.cwd(), 'dist');
const routes = [
{path: '/es/*', view: 'es/index', bundle: require(join(DIST_FOLDER, 'server', 'es', 'main'))},
{path: '/*', view: 'index', bundle: require(join(DIST_FOLDER, 'server', 'en', 'main'))}
];
app.use(helmet());
app.use(helmet.referrerPolicy({policy: 'same-origin'}));
app.use(helmet.noCache());
app.use(helmet.featurePolicy({
features: {
fullscreen: ['\'self\''],
payment: ['\'none\''],
syncXhr: ['\'none\'']
}
}));
app.use(helmet.contentSecurityPolicy({
directives: AppConfig.cspDirectives
}));
// Load your engine
app.engine('html', (filePath, options: any, callback) => {
options.engine(
filePath,
{req: options.req, res: options.res},
let users = [];
console.log('INFO: Redirect URL: ' + redirect_uri);
app.disable('x-powered-by');
app.use(function (req, res, next) {
res.set('Server', 'Yes');
next();
});
app.use(
csp({
directives: {
defaultSrc: ['"self"']
}
}),
helmet.featurePolicy({
features: {
fullscreen: ['"self"'],
vibrate: ['"none"'],
payment: ['"none"'],
syncXhr: ['"none"']
}
}),
helmet.referrerPolicy({ policy: 'same-origin' }),
helmet.frameguard({
action: 'deny'
}),
helmet.hsts({
maxAge: 15768000 //Six Months in Seconds
}),
helmet.xssFilter(),
helmet.noSniff(),
const redirect_uri = uriBack + '/callback';
const secTillDelete = 60;
let referer = '';
let rooms = [];
let users = [];
console.log('INFO: Redirect URL: ' + redirect_uri);
app.use(
csp({
directives: {
defaultSrc: ['https:', '"self"']
}
}),
helmet.featurePolicy({
features: {
fullscreen: ['"self"'],
vibrate: ['"none"'],
payment: ['"none"'],
syncXhr: ['"none"']
}
}),
helmet.referrerPolicy({ policy: 'same-origin' }),
helmet.frameguard({
action: 'deny'
}),
helmet.hsts({
maxAge: 15768000 //Six Months in Seconds
}),
helmet.xssFilter(),
helmet.noSniff(),
const helmet = require('helmet');
core.enableProdMode();
const app = express();
const PORT = process.env.PORT || 4000;
const DIST_FOLDER = path.join(process.cwd(), 'dist');
const routes = [
{path: '/es/*', view: 'es/index', bundle: require('./dist/server/es/main')},
{path: '/*', view: 'index', bundle: require('./dist/server/en/main')}
];
app.use(helmet());
app.use(helmet.referrerPolicy({policy: 'same-origin'}));
app.use(helmet.noCache());
app.use(helmet.featurePolicy({
features: {
fullscreen: ['\'self\''],
payment: ['\'none\''],
syncXhr: ['\'none\'']
}
}));
const defaultList = ['\'self\'',
'http://*.google-analytics.com',
'https://*.google.com',
'https://*.google-analytics.com',
'https://*.googletagmanager.com',
'https://*.gstatic.com',
'https://*.googleapis.com',
'https://authedmine.com',
'https://az743702.vo.msecnd.net',