-
Notifications
You must be signed in to change notification settings - Fork 368
How to use Helmet without Express
Evan Hahn edited this page Aug 3, 2020
·
2 revisions
Helmet is Connect-style middleware, which means it's compatible with web frameworks like Express.
People have ported Helmet to other frameworks like Koa and Fastify.
If you're not using Helmet with Express, you can pass an http.IncomingMessage, http.ServerResponse, and a callback function. For example, here's how to use Helmet with Node's built-in HTTP module:
const http = require("http");
const helmet = require("helmet");
const runHelmet = helmet();
const server = http.createServer((req, res) => {
runHelmet(req, res, (err) => {
if (err) {
res.statusCode = 500;
res.end(
"Helmet failed for some unexpected reason. Was it configured correctly?"
);
return;
}
res.end("Hello world!");
});
});
server.listen(3000);