Skip to content

Commit

Permalink
fix: security headers
Browse files Browse the repository at this point in the history
  • Loading branch information
@rubiin
rubiin committed Sep 18, 2023
1 parent 2d73fc6 commit e37f78d
Show file tree
Hide file tree
Showing 6 changed files with 118 additions and 111 deletions.
10 changes: 6 additions & 4 deletions docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,10 +116,12 @@ services:
- "traefik.http.middlewares.traefik-ratelimit.ratelimit.period=1m" # Set rate limit evaluation period to 1 minute
- "traefik.http.middlewares.traefik-retry.retry.attempts=4" # Allow up to 4 retry attempts
- "traefik.http.middlewares.traefik-retry.retry.initialinterval=100ms" # Set initial retry interval to 100 milliseconds
# - "traefik.http.middlewares.security-headers.headers.accesscontrolallowmethods=*" # Allow specified HTTP methods
# - "traefik.http.middlewares.security-headers.headers.accesscontrolalloworiginlist=*" # Allow specified HTTP methods
# - "traefik.http.middlewares.security-headers.headers.accesscontrolmaxage=100" # Set value for Access-Control-Max-Age header
# - "traefik.http.middlewares.security-headers.headers.addvaryheader=true" # Add Vary header to responses
# - "traefik.http.middlewares.security-headers.headers.accesscontrolallowmethods=GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS" # Allow specified HTTP methods
# - "traefik.http.middlewares.security-headers.headers.accesscontrolalloworiginlist=*" # Allow specified HTTP origin list
# - "traefik.http.middlewares.security-headers.headers.accessControlAllowCredentials=true" # Add control allow credentials header
# - "traefik.http.middlewares.security-headers.headers.accesscontrolallowheaders=*" # Add control allow credentials header
# - "traefik.http.middlewares.security-headers.headers.accesscontrolmaxage=3600" # Set value for Access-Control-Max-Age header
# - "traefik.http.middlewares.security-headers.headers.addvaryheader=true" # Add Vary header to responses
- "traefik.http.middlewares.security-headers.headers.framedeny=true" # Enable frame denial for clickjacking protection
- "traefik.http.middlewares.security-headers.headers.contenttypenosniff=true" # Enable Content-Type nosniff
- "traefik.http.middlewares.security-headers.headers.browserxssfilter=false" # Enable browser XSS filter
Expand Down
10 changes: 6 additions & 4 deletions env/.env.sample
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
# This is a sample file generated by sample-env
# app
APP_PORT=
APP_PREFIX=
APP_NAME=
Expand Down Expand Up @@ -56,20 +57,21 @@ RABBITMQ_EXCHANGE=
RABBITMQ_QUEUE=
RABBITMQ_DEFAULT_PREFETCH=

# sentry
#sentry
SENTRY_DSN=
SENTRY_ENVIRONMENT=

# google ouath
#google ouath
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
GOOGLE_CALLBACK_URL=

# facebook ouath
#facebook ouath
FACEBOOK_CLIENT_ID=
FACEBOOK_CLIENT_SECRET=
FACEBOOK_CALLBACK_URL=

# throttle
#throttle
THROTTLE_LIMIT=
THROTTLE_TTL=

6 changes: 3 additions & 3 deletions package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@
"build": "nest build",
"lint": "eslint '{src,test}/**/*.ts' --cache",
"lint:fix": "eslint '{src,test}/**/*.ts' --cache --fix",
"orm": "npx mikro-orm",
"prebuild": "rimraf dist",
"sample": "cd env; npx sample-env --env .env.dev",
"start": "nest start",
Expand All @@ -48,8 +49,7 @@
"test:watch": "jest --watch",
"test:cov": "jest --coverage",
"test:debug": "node --inspect-brk -r tsconfig-paths/register -r ts-node/register node_modules/.bin/jest --runInBand",
"test:e2e": "jest --config ./test/jest-e2e.json --runInBand --forceExit",
"orm": "npx mikro-orm"
"test:e2e": "jest --config ./test/jest-e2e.json --runInBand --forceExit"
},
"dependencies": {
"@aws-sdk/client-s3": "^3.414.0",
Expand Down Expand Up @@ -184,7 +184,7 @@
"jest": "29.7.0",
"lint-staged": "^14.0.1",
"run-script-webpack-plugin": "^0.2.0",
"sample-env": "^2.0.1",
"sample-env": "^2.0.4",
"supertest": "6.3.3",
"ts-loader": "9.4.4",
"ts-node": "10.9.1",
Expand Down
Loading

0 comments on commit e37f78d

Please sign in to comment.