File tree Expand file tree Collapse file tree 2 files changed +16
-1
lines changed Expand file tree Collapse file tree 2 files changed +16
-1
lines changed Original file line number Diff line number Diff line change @@ -16,19 +16,33 @@ const middleware = (app) => {
16
16
// Middleware for sending error responses with express response object. To be required above all middlewares
17
17
app . use ( boom ( ) )
18
18
19
+ // Initialise logging middleware
19
20
app . use ( morgan ( 'combined' , { stream : logger . stream } ) )
20
21
21
22
// Request parsing middlewares
22
23
app . use ( express . json ( ) )
23
24
app . use ( express . urlencoded ( { extended : false } ) )
24
25
app . use ( cookieParser ( ) )
25
- app . use ( helmet ( ) )
26
+
27
+ // Middleware to add security headers. Few headers have been disabled as it does not serve any purpose for the API.
28
+ app . use (
29
+ helmet ( {
30
+ contentSecurityPolicy : false ,
31
+ dnsPrefetchControl : false ,
32
+ ieNoOpen : false ,
33
+ referrerPolicy : false ,
34
+ xssFilter : false
35
+ } )
36
+ )
37
+
26
38
app . use ( cors ( {
27
39
origin : config . get ( 'cors.allowedOrigins' ) ,
28
40
credentials : true ,
29
41
optionsSuccessStatus : 200
30
42
} ) )
31
43
app . use ( contentTypeCheck )
44
+
45
+ // Initialise authentication middleware
32
46
app . use ( passport . initialize ( ) )
33
47
34
48
// Enable Swagger API docs in non-production environments
Original file line number Diff line number Diff line change 1
1
/**
2
2
* Middleware to attach Cache header.
3
3
* https://support.cloudflare.com/hc/en-us/articles/200172516-Understanding-Cloudflare-s-CDN
4
+ * @todo : Remove the middleware for all routes and modify cache max-age of each route individually as per required
4
5
*
5
6
* @param {object } req - Express request object
6
7
* @param {object } res - Express response object
You can’t perform that action at this time.
0 commit comments