partoschph68073
/
SmartMirror-Projektarbeit
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Software zum Installieren eines Smart-Mirror Frameworks , zum Nutzen von hochschulrelevanten Informationen, auf einem Raspberry-Pi.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
Tree: ee0f3f684f
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ee0f3f684f'
${ noResults }
SmartMirror-Projektarbeit/node_modules/helmet/dist/index.js

index.js 7.1KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177 
  1. "use strict"

  2. var __importDefault =

  3. 	(this && this.__importDefault) ||

  4. 	function (mod) {

  5. 		return mod && mod.__esModule ? mod : { default: mod }

  6. 	}

  7. const content_security_policy_1 = __importDefault(require("./middlewares/content-security-policy"))

  8. const cross_origin_embedder_policy_1 = __importDefault(require("./middlewares/cross-origin-embedder-policy"))

  9. const cross_origin_opener_policy_1 = __importDefault(require("./middlewares/cross-origin-opener-policy"))

  10. const cross_origin_resource_policy_1 = __importDefault(require("./middlewares/cross-origin-resource-policy"))

  11. const expect_ct_1 = __importDefault(require("./middlewares/expect-ct"))

  12. const origin_agent_cluster_1 = __importDefault(require("./middlewares/origin-agent-cluster"))

  13. const referrer_policy_1 = __importDefault(require("./middlewares/referrer-policy"))

  14. const strict_transport_security_1 = __importDefault(require("./middlewares/strict-transport-security"))

  15. const x_content_type_options_1 = __importDefault(require("./middlewares/x-content-type-options"))

  16. const x_dns_prefetch_control_1 = __importDefault(require("./middlewares/x-dns-prefetch-control"))

  17. const x_download_options_1 = __importDefault(require("./middlewares/x-download-options"))

  18. const x_frame_options_1 = __importDefault(require("./middlewares/x-frame-options"))

  19. const x_permitted_cross_domain_policies_1 = __importDefault(require("./middlewares/x-permitted-cross-domain-policies"))

  20. const x_powered_by_1 = __importDefault(require("./middlewares/x-powered-by"))

  21. const x_xss_protection_1 = __importDefault(require("./middlewares/x-xss-protection"))

  22. function getArgs(option, middlewareConfig = {}) {

  23. 	const { enabledByDefault = true } = middlewareConfig

  24. 	switch (option) {

  25. 		case undefined:

  26. 			return enabledByDefault ? [] : null

  27. 		case false:

  28. 			return null

  29. 		case true:

  30. 			return []

  31. 		default:

  32. 			if (middlewareConfig.takesOptions === false) {

  33. 				console.warn(`${middlewareConfig.name} does not take options. ${enabledByDefault ? "Remove the property" : "Set the property to `true`"} to silence this warning.`)

  34. 				return []

  35. 			} else {

  36. 				return [option]

  37. 			}

  38. 	}

  39. }

  40. function getMiddlewareFunctionsFromOptions(options) {

  41. 	const result = []

  42. 	const contentSecurityPolicyArgs = getArgs(options.contentSecurityPolicy)

  43. 	if (contentSecurityPolicyArgs) {

  44. 		result.push(content_security_policy_1.default(...contentSecurityPolicyArgs))

  45. 	}

  46. 	const crossOriginEmbedderPolicyArgs = getArgs(options.crossOriginEmbedderPolicy, {

  47. 		name: "crossOriginEmbedderPolicy",

  48. 		takesOptions: false,

  49. 		enabledByDefault: false

  50. 	})

  51. 	if (crossOriginEmbedderPolicyArgs) {

  52. 		result.push(cross_origin_embedder_policy_1.default())

  53. 	}

  54. 	const crossOriginOpenerPolicyArgs = getArgs(options.crossOriginOpenerPolicy, {

  55. 		enabledByDefault: false

  56. 	})

  57. 	if (crossOriginOpenerPolicyArgs) {

  58. 		result.push(cross_origin_opener_policy_1.default(...crossOriginOpenerPolicyArgs))

  59. 	}

  60. 	const crossOriginResourcePolicyArgs = getArgs(options.crossOriginResourcePolicy, { enabledByDefault: false })

  61. 	if (crossOriginResourcePolicyArgs) {

  62. 		result.push(cross_origin_resource_policy_1.default(...crossOriginResourcePolicyArgs))

  63. 	}

  64. 	const xDnsPrefetchControlArgs = getArgs(options.dnsPrefetchControl)

  65. 	if (xDnsPrefetchControlArgs) {

  66. 		result.push(x_dns_prefetch_control_1.default(...xDnsPrefetchControlArgs))

  67. 	}

  68. 	const expectCtArgs = getArgs(options.expectCt)

  69. 	if (expectCtArgs) {

  70. 		result.push(expect_ct_1.default(...expectCtArgs))

  71. 	}

  72. 	const xFrameOptionsArgs = getArgs(options.frameguard)

  73. 	if (xFrameOptionsArgs) {

  74. 		result.push(x_frame_options_1.default(...xFrameOptionsArgs))

  75. 	}

  76. 	const xPoweredByArgs = getArgs(options.hidePoweredBy, {

  77. 		name: "hidePoweredBy",

  78. 		takesOptions: false

  79. 	})

  80. 	if (xPoweredByArgs) {

  81. 		result.push(x_powered_by_1.default())

  82. 	}

  83. 	const strictTransportSecurityArgs = getArgs(options.hsts)

  84. 	if (strictTransportSecurityArgs) {

  85. 		result.push(strict_transport_security_1.default(...strictTransportSecurityArgs))

  86. 	}

  87. 	const xDownloadOptionsArgs = getArgs(options.ieNoOpen, {

  88. 		name: "ieNoOpen",

  89. 		takesOptions: false

  90. 	})

  91. 	if (xDownloadOptionsArgs) {

  92. 		result.push(x_download_options_1.default())

  93. 	}

  94. 	const xContentTypeOptionsArgs = getArgs(options.noSniff, {

  95. 		name: "noSniff",

  96. 		takesOptions: false

  97. 	})

  98. 	if (xContentTypeOptionsArgs) {

  99. 		result.push(x_content_type_options_1.default())

  100. 	}

  101. 	const originAgentClusterArgs = getArgs(options.originAgentCluster, {

  102. 		name: "originAgentCluster",

  103. 		takesOptions: false,

  104. 		enabledByDefault: false

  105. 	})

  106. 	if (originAgentClusterArgs) {

  107. 		result.push(origin_agent_cluster_1.default())

  108. 	}

  109. 	const xPermittedCrossDomainPoliciesArgs = getArgs(options.permittedCrossDomainPolicies)

  110. 	if (xPermittedCrossDomainPoliciesArgs) {

  111. 		result.push(x_permitted_cross_domain_policies_1.default(...xPermittedCrossDomainPoliciesArgs))

  112. 	}

  113. 	const referrerPolicyArgs = getArgs(options.referrerPolicy)

  114. 	if (referrerPolicyArgs) {

  115. 		result.push(referrer_policy_1.default(...referrerPolicyArgs))

  116. 	}

  117. 	const xXssProtectionArgs = getArgs(options.xssFilter, {

  118. 		name: "xssFilter",

  119. 		takesOptions: false

  120. 	})

  121. 	if (xXssProtectionArgs) {

  122. 		result.push(x_xss_protection_1.default())

  123. 	}

  124. 	return result

  125. }

  126. const helmet = Object.assign(

  127. 	function helmet(options = {}) {

  128. 		var _a

  129. 		if (((_a = options.constructor) === null || _a === void 0 ? void 0 : _a.name) === "IncomingMessage") {

  130. 			throw new Error("It appears you have done something like `app.use(helmet)`, but it should be `app.use(helmet())`.")

  131. 		}

  132. 		const middlewareFunctions = getMiddlewareFunctionsFromOptions(options)

  133. 		return function helmetMiddleware(req, res, next) {

  134. 			const iterator = middlewareFunctions[Symbol.iterator]()

  135. 			;(function internalNext(err) {

  136. 				if (err) {

  137. 					next(err)

  138. 					return

  139. 				}

  140. 				const iteration = iterator.next()

  141. 				if (iteration.done) {

  142. 					next()

  143. 				} else {

  144. 					const middlewareFunction = iteration.value

  145. 					middlewareFunction(req, res, internalNext)

  146. 				}

  147. 			})()

  148. 		}

  149. 	},

  150. 	{

  151. 		contentSecurityPolicy: content_security_policy_1.default,

  152. 		crossOriginEmbedderPolicy: cross_origin_embedder_policy_1.default,

  153. 		crossOriginOpenerPolicy: cross_origin_opener_policy_1.default,

  154. 		crossOriginResourcePolicy: cross_origin_resource_policy_1.default,

  155. 		dnsPrefetchControl: x_dns_prefetch_control_1.default,

  156. 		expectCt: expect_ct_1.default,

  157. 		frameguard: x_frame_options_1.default,

  158. 		hidePoweredBy: x_powered_by_1.default,

  159. 		hsts: strict_transport_security_1.default,

  160. 		ieNoOpen: x_download_options_1.default,

  161. 		noSniff: x_content_type_options_1.default,

  162. 		originAgentCluster: origin_agent_cluster_1.default,

  163. 		permittedCrossDomainPolicies: x_permitted_cross_domain_policies_1.default,

  164. 		referrerPolicy: referrer_policy_1.default,

  165. 		xssFilter: x_xss_protection_1.default,

  166. 		featurePolicy() {

  167. 			throw new Error("helmet.featurePolicy was removed because the Feature-Policy header is deprecated. If you still need this header, you can use the `feature-policy` module.")

  168. 		},

  169. 		hpkp() {

  170. 			throw new Error("helmet.hpkp was removed because the header has been deprecated. If you still need this header, you can use the `hpkp` module. For more, see <https://github.com/helmetjs/helmet/issues/180>.")

  171. 		},

  172. 		noCache() {

  173. 			throw new Error("helmet.noCache was removed. You can use the `nocache` module instead. For more, see <https://github.com/helmetjs/helmet/issues/215>.")

  174. 		}

  175. 	}

  176. )

  177. module.exports = helmet